hitch-1.4.4/0000755000175000017500000000000013026756721007631 500000000000000hitch-1.4.4/configure.ac0000644000175000017500000000515213026747004012034 00000000000000# -*- Autoconf -*- # Process this file with autoconf to produce a configure script. AC_PREREQ([2.59]) AC_INIT([hitch], [1.4.4], [opensource@varnish-software.com]) AC_CONFIG_SRCDIR([src/configuration.c]) AC_CONFIG_HEADERS([config.h]) AC_CONFIG_AUX_DIR([build-aux]) AM_INIT_AUTOMAKE([foreign color-tests parallel-tests subdir-objects]) # Checks for programs. AC_PROG_CC AC_PROG_INSTALL AC_PROG_MAKE_SET AC_PROG_YACC AC_PROG_LEX AC_ARG_WITH([rst2man], AS_HELP_STRING([--with-rst2man=PATH], [Location of rst2man (auto)]), [RST2MAN="$withval"], AC_CHECK_PROGS(RST2MAN, [rst2man rst2man.py], [no])) if test "x$RST2MAN" = "xno"; then AC_MSG_WARN([rst2man/rst2man.py were not found, Hitch will lack man pages. To fix this, please install python-docutils first and re-run configure.]) fi AM_CONDITIONAL([FOUND_RST2MAN], [test "x$RST2MAN" != xno]) AM_MAINTAINER_MODE([disable]) # Checks for libraries. PKG_CHECK_EXISTS([libev], [ PKG_CHECK_MODULES([EV], [libev])], [ AC_SEARCH_LIBS([ev_default_loop], [ev], [], AC_MSG_ERROR([Cannot find libev.])) ]) PKG_CHECK_MODULES([SSL], [libssl]) PKG_CHECK_MODULES([CRYPTO], [libcrypto]) AC_CHECK_MEMBERS([struct stat.st_mtim, struct stat.st_mtimespec]) AC_ARG_ENABLE(sessioncache, AC_HELP_STRING([--enable-sessioncache], [Enable TLS session cache. (default is off)]), [use_shctx="$withval"], [use_shctx=no]) if test x"$use_shctx" != xno; then if test ! -e 'src/ebtree/ebtree.h'; then AC_MSG_ERROR([Must clone https://github.com/haproxy/ebtree to src/ebtree/]) fi fi AM_CONDITIONAL(USE_SHCTX, test xno != x"$use_shctx") # Checks for header files. AC_CHECK_HEADERS([stdlib.h unistd.h]) # Checks for typedefs, structures, and compiler characteristics. AC_TYPE_UID_T AC_C_INLINE AC_TYPE_INT32_T AC_TYPE_PID_T AC_TYPE_SIZE_T AC_TYPE_SSIZE_T AC_TYPE_UINT32_T # Checks for library functions. AC_FUNC_FORK AC_FUNC_MMAP AC_CHECK_FUNCS([accept4]) AC_CACHE_CHECK([whether SO_REUSEPORT works], [ac_cv_so_reuseport_works], [AC_RUN_IFELSE( [AC_LANG_PROGRAM([[ #include #include ]], [[ int s = socket(AF_INET, SOCK_STREAM, 0); int i = 5; if (setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &i, sizeof i) < 0) return (1); return (0); ]])], [ac_cv_so_reuseport_works=yes], [ac_cv_so_reuseport_works=no]) ] ) if test "$ac_cv_so_reuseport_works" = yes; then AC_DEFINE([SO_REUSEPORT_WORKS], [1], [Define if SO_REUSEPORT works]) fi SH_TESTS="$(cd $srcdir/src && echo tests/test*.sh)" AC_SUBST(SH_TESTS) AC_CONFIG_FILES([Makefile]) AC_CONFIG_FILES([src/Makefile]) AC_CONFIG_FILES([src/util/Makefile]) AC_OUTPUT hitch-1.4.4/hitch.80000644000175000017500000001172713010325252010731 00000000000000.\" Man page generated from reStructuredText. . .TH HITCH 8 "" "" "" .SH NAME Hitch \- high performance TLS proxy . .nr rst2man-indent-level 0 . .de1 rstReportMargin \\$1 \\n[an-margin] level \\n[rst2man-indent-level] level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] - \\n[rst2man-indent0] \\n[rst2man-indent1] \\n[rst2man-indent2] .. .de1 INDENT .\" .rstReportMargin pre: . RS \\$1 . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] . nr rst2man-indent-level +1 .\" .rstReportMargin post: .. .de UNINDENT . RE .\" indent \\n[an-margin] .\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] .nr rst2man-indent-level -1 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. .SH SYNOPSIS .sp hitch [OPTIONS] [PEM] .SH DESCRIPTION .sp Hitch is a network proxy that terminates TLS/SSL connections and forwards the unencrypted traffic to some backend. It\(aqs designed to handle 10s of thousands of connections efficiently on multicore machines. .sp Hitch has very few features \-\- it\(aqs designed to be paired with an intelligent backend like Varnish Cache. It maintains a strict 1:1 connection pattern with this backend handler so that the backend can dictate throttling behavior, maximum connection behavior, availability of service, etc. .sp The only required argument is a path to a PEM file that contains the certificate (or a chain of certificates) and private key. It should also contain DH parameter if you wish to use Diffie\-Hellman cipher suites. .SH COMMAND LINE ARGUMENTS .INDENT 0.0 .INDENT 3.5 .INDENT 0.0 .TP .BI \-\-config\fB= FILE Load configuration from specified file. See \fIhitch.conf(5)\fP for details. .TP .B \-\-tls All TLS versions, no SSLv3 (deprecated). See config file setting \fBtls\-protos\fP\&. .TP .B \-\-ssl enable SSLv3 (deprecated). See config file setting \fBtls\-protos\fP\&. .TP .B \-c .INDENT 7.0 .TP .BI \-\-ciphers\fB= SUITE Sets allowed ciphers (Default: "") .UNINDENT .TP .B \-e .INDENT 7.0 .TP .BI \-\-ssl\-engine\fB= NAME Sets OpenSSL engine (Default: "") .UNINDENT .TP .B \-O .INDENT 7.0 .TP .B \-\-prefer\-server\-ciphers Prefer server list order .UNINDENT .TP .B \-\-client Enable client proxy mode .TP .B \-b \-\-backend=[HOST]:PORT Backend [connect] (default is "[127.0.0.1]:8000") .TP .B \-f \-\-frontend=[HOST]:PORT[+CERT] Frontend [bind] (default is "[*]:8443") (Note: brackets are mandatory in endpoint specifiers.) .TP .B \-n .INDENT 7.0 .TP .BI \-\-workers\fB= NUM Number of worker processes (Default: 1) .UNINDENT .TP .B \-B .INDENT 7.0 .TP .BI \-\-backlog\fB= NUM Set listen backlog size (Default: 100) .UNINDENT .TP .B \-k .INDENT 7.0 .TP .BI \-\-keepalive\fB= SECS TCP keepalive on client socket (Default: 3600) .UNINDENT .TP .B \-r .INDENT 7.0 .TP .BI \-\-chroot\fB= DIR Sets chroot directory (Default: "") .UNINDENT .TP .B \-u .INDENT 7.0 .TP .BI \-\-user\fB= USER Set uid/gid after binding the socket (Default: "") .UNINDENT .TP .B \-g .INDENT 7.0 .TP .BI \-\-group\fB= GROUP Set gid after binding the socket (Default: "") .UNINDENT .TP .B \-q .INDENT 7.0 .TP .B \-\-quiet Be quiet; emit only error messages .UNINDENT .TP .B \-s .INDENT 7.0 .TP .B \-\-syslog Send log message to syslog in addition to stderr/stdout .UNINDENT .TP .BI \-\-syslog\-facility\fB= FACILITY Syslog facility to use (Default: "daemon") .TP .B \-\-daemon Fork into background and become a daemon; this also sets the \-\-quiet option (Default: off) .TP .B \-\-write\-ip Write 1 octet with the IP family followed by the IP address in 4 (IPv4) or 16 (IPv6) octets little\-endian to backend before the actual data (Default: off) .TP .B \-\-write\-proxy\-v1 Write HaProxy\(aqs PROXY v1 (IPv4 or IPv6) protocol line before actual data (Default: off) .TP .B \-\-write\-proxy\-v2 Write HaProxy\(aqs PROXY v2 binary (IPv4 or IPv6) protocol line before actual data (Default: off) .TP .B \-\-write\-proxy Equivalent to \-\-write\-proxy\-v2. For PROXY version 1 use \-\-write\-proxy\-v1 explicitly .TP .B \-\-proxy\-proxy Proxy HaProxy\(aqs PROXY (IPv4 or IPv6) protocol line before actual data (PROXY v1 only) (Default: off) .TP .BI \-\-alpn\-protos\fB= LIST Sets the protocols for ALPN/NPN negotiation, given by a comma separated list. If this is not set explicitly, ALPN/NPN will not be used. Requires OpenSSL 1.0.1 for NPN and OpenSSL 1.0.2 for ALPN. .TP .B \-\-sni\-nomatch\-abort Abort handshake when client submits an unrecognized SNI server name (Default: off) .TP .BI \-\-ocsp\-dir\fB= DIR Set OCSP staple cache directory This enables automated retrieval and stapling of OCSP responses (Default: "") .TP .B \-t .INDENT 7.0 .TP .B \-\-test Test configuration and exit .UNINDENT .TP .B \-p .INDENT 7.0 .TP .BI \-\-pidfile\fB= FILE PID file .UNINDENT .TP .B \-V .INDENT 7.0 .TP .B \-\-version Print program version and exit .UNINDENT .TP .B \-h .INDENT 7.0 .TP .B \-\-help This help message .UNINDENT .UNINDENT .UNINDENT .UNINDENT .SH HISTORY .sp Hitch was originally called stud and was written by Jamie Turner at Bump.com. .\" Generated by docutils manpage writer. . hitch-1.4.4/LICENSE0000644000175000017500000000303513003667032010546 00000000000000Copyright 2015-2016 Varnish Software Copyright 2012 Bump Technologies, Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY BUMP TECHNOLOGIES, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BUMP TECHNOLOGIES, INC. OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. The views and conclusions contained in the software and documentation are those of the authors and should not be interpreted as representing official policies, either expressed or implied, of Bump Technologies, Inc. hitch-1.4.4/depcomp0000755000175000017500000005601613006223057011123 00000000000000#! /bin/sh # depcomp - compile a program generating dependencies as side-effects scriptversion=2013-05-30.07; # UTC # Copyright (C) 1999-2014 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Originally written by Alexandre Oliva . case $1 in '') echo "$0: No command. Try '$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: depcomp [--help] [--version] PROGRAM [ARGS] Run PROGRAMS ARGS to compile a file, generating dependencies as side-effects. Environment variables: depmode Dependency tracking mode. source Source file read by 'PROGRAMS ARGS'. object Object file output by 'PROGRAMS ARGS'. DEPDIR directory where to store dependencies. depfile Dependency file to output. tmpdepfile Temporary file to use when outputting dependencies. libtool Whether libtool is used (yes/no). Report bugs to . EOF exit $? ;; -v | --v*) echo "depcomp $scriptversion" exit $? ;; esac # Get the directory component of the given path, and save it in the # global variables '$dir'. Note that this directory component will # be either empty or ending with a '/' character. This is deliberate. set_dir_from () { case $1 in */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;; *) dir=;; esac } # Get the suffix-stripped basename of the given path, and save it the # global variable '$base'. set_base_from () { base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'` } # If no dependency file was actually created by the compiler invocation, # we still have to create a dummy depfile, to avoid errors with the # Makefile "include basename.Plo" scheme. make_dummy_depfile () { echo "#dummy" > "$depfile" } # Factor out some common post-processing of the generated depfile. # Requires the auxiliary global variable '$tmpdepfile' to be set. aix_post_process_depfile () { # If the compiler actually managed to produce a dependency file, # post-process it. if test -f "$tmpdepfile"; then # Each line is of the form 'foo.o: dependency.h'. # Do two passes, one to just change these to # $object: dependency.h # and one to simply output # dependency.h: # which is needed to avoid the deleted-header problem. { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile" sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile" } > "$depfile" rm -f "$tmpdepfile" else make_dummy_depfile fi } # A tabulation character. tab=' ' # A newline character. nl=' ' # Character ranges might be problematic outside the C locale. # These definitions help. upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ lower=abcdefghijklmnopqrstuvwxyz digits=0123456789 alpha=${upper}${lower} if test -z "$depmode" || test -z "$source" || test -z "$object"; then echo "depcomp: Variables source, object and depmode must be set" 1>&2 exit 1 fi # Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po. depfile=${depfile-`echo "$object" | sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`} tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} rm -f "$tmpdepfile" # Avoid interferences from the environment. gccflag= dashmflag= # Some modes work just like other modes, but use different flags. We # parameterize here, but still list the modes in the big case below, # to make depend.m4 easier to write. Note that we *cannot* use a case # here, because this file can only contain one case statement. if test "$depmode" = hp; then # HP compiler uses -M and no extra arg. gccflag=-M depmode=gcc fi if test "$depmode" = dashXmstdout; then # This is just like dashmstdout with a different argument. dashmflag=-xM depmode=dashmstdout fi cygpath_u="cygpath -u -f -" if test "$depmode" = msvcmsys; then # This is just like msvisualcpp but w/o cygpath translation. # Just convert the backslash-escaped backslashes to single forward # slashes to satisfy depend.m4 cygpath_u='sed s,\\\\,/,g' depmode=msvisualcpp fi if test "$depmode" = msvc7msys; then # This is just like msvc7 but w/o cygpath translation. # Just convert the backslash-escaped backslashes to single forward # slashes to satisfy depend.m4 cygpath_u='sed s,\\\\,/,g' depmode=msvc7 fi if test "$depmode" = xlc; then # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information. gccflag=-qmakedep=gcc,-MF depmode=gcc fi case "$depmode" in gcc3) ## gcc 3 implements dependency tracking that does exactly what ## we want. Yay! Note: for some reason libtool 1.4 doesn't like ## it if -MD -MP comes after the -MF stuff. Hmm. ## Unfortunately, FreeBSD c89 acceptance of flags depends upon ## the command line argument order; so add the flags where they ## appear in depend2.am. Note that the slowdown incurred here ## affects only configure: in makefiles, %FASTDEP% shortcuts this. for arg do case $arg in -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;; *) set fnord "$@" "$arg" ;; esac shift # fnord shift # $arg done "$@" stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi mv "$tmpdepfile" "$depfile" ;; gcc) ## Note that this doesn't just cater to obsosete pre-3.x GCC compilers. ## but also to in-use compilers like IMB xlc/xlC and the HP C compiler. ## (see the conditional assignment to $gccflag above). ## There are various ways to get dependency output from gcc. Here's ## why we pick this rather obscure method: ## - Don't want to use -MD because we'd like the dependencies to end ## up in a subdir. Having to rename by hand is ugly. ## (We might end up doing this anyway to support other compilers.) ## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like ## -MM, not -M (despite what the docs say). Also, it might not be ## supported by the other compilers which use the 'gcc' depmode. ## - Using -M directly means running the compiler twice (even worse ## than renaming). if test -z "$gccflag"; then gccflag=-MD, fi "$@" -Wp,"$gccflag$tmpdepfile" stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" echo "$object : \\" > "$depfile" # The second -e expression handles DOS-style file names with drive # letters. sed -e 's/^[^:]*: / /' \ -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" ## This next piece of magic avoids the "deleted header file" problem. ## The problem is that when a header file which appears in a .P file ## is deleted, the dependency causes make to die (because there is ## typically no way to rebuild the header). We avoid this by adding ## dummy dependencies for each header file. Too bad gcc doesn't do ## this for us directly. ## Some versions of gcc put a space before the ':'. On the theory ## that the space means something, we add a space to the output as ## well. hp depmode also adds that space, but also prefixes the VPATH ## to the object. Take care to not repeat it in the output. ## Some versions of the HPUX 10.20 sed can't process this invocation ## correctly. Breaking it into two sed invocations is a workaround. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; hp) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; sgi) if test "$libtool" = yes; then "$@" "-Wp,-MDupdate,$tmpdepfile" else "$@" -MDupdate "$tmpdepfile" fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files echo "$object : \\" > "$depfile" # Clip off the initial element (the dependent). Don't try to be # clever and replace this with sed code, as IRIX sed won't handle # lines with more than a fixed number of characters (4096 in # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; # the IRIX cc adds comments like '#:fec' to the end of the # dependency line. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \ | tr "$nl" ' ' >> "$depfile" echo >> "$depfile" # The second pass generates a dummy entry for each header file. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ >> "$depfile" else make_dummy_depfile fi rm -f "$tmpdepfile" ;; xlc) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; aix) # The C for AIX Compiler uses -M and outputs the dependencies # in a .u file. In older versions, this file always lives in the # current directory. Also, the AIX compiler puts '$object:' at the # start of each line; $object doesn't have directory information. # Version 6 uses the directory in both cases. set_dir_from "$object" set_base_from "$object" if test "$libtool" = yes; then tmpdepfile1=$dir$base.u tmpdepfile2=$base.u tmpdepfile3=$dir.libs/$base.u "$@" -Wc,-M else tmpdepfile1=$dir$base.u tmpdepfile2=$dir$base.u tmpdepfile3=$dir$base.u "$@" -M fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" exit $stat fi for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" do test -f "$tmpdepfile" && break done aix_post_process_depfile ;; tcc) # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26 # FIXME: That version still under development at the moment of writing. # Make that this statement remains true also for stable, released # versions. # It will wrap lines (doesn't matter whether long or short) with a # trailing '\', as in: # # foo.o : \ # foo.c \ # foo.h \ # # It will put a trailing '\' even on the last line, and will use leading # spaces rather than leading tabs (at least since its commit 0394caf7 # "Emit spaces for -MD"). "$@" -MD -MF "$tmpdepfile" stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'. # We have to change lines of the first kind to '$object: \'. sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile" # And for each line of the second kind, we have to emit a 'dep.h:' # dummy dependency, to avoid the deleted-header problem. sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile" rm -f "$tmpdepfile" ;; ## The order of this option in the case statement is important, since the ## shell code in configure will try each of these formats in the order ## listed in this file. A plain '-MD' option would be understood by many ## compilers, so we must ensure this comes after the gcc and icc options. pgcc) # Portland's C compiler understands '-MD'. # Will always output deps to 'file.d' where file is the root name of the # source file under compilation, even if file resides in a subdirectory. # The object file name does not affect the name of the '.d' file. # pgcc 10.2 will output # foo.o: sub/foo.c sub/foo.h # and will wrap long lines using '\' : # foo.o: sub/foo.c ... \ # sub/foo.h ... \ # ... set_dir_from "$object" # Use the source, not the object, to determine the base name, since # that's sadly what pgcc will do too. set_base_from "$source" tmpdepfile=$base.d # For projects that build the same source file twice into different object # files, the pgcc approach of using the *source* file root name can cause # problems in parallel builds. Use a locking strategy to avoid stomping on # the same $tmpdepfile. lockdir=$base.d-lock trap " echo '$0: caught signal, cleaning up...' >&2 rmdir '$lockdir' exit 1 " 1 2 13 15 numtries=100 i=$numtries while test $i -gt 0; do # mkdir is a portable test-and-set. if mkdir "$lockdir" 2>/dev/null; then # This process acquired the lock. "$@" -MD stat=$? # Release the lock. rmdir "$lockdir" break else # If the lock is being held by a different process, wait # until the winning process is done or we timeout. while test -d "$lockdir" && test $i -gt 0; do sleep 1 i=`expr $i - 1` done fi i=`expr $i - 1` done trap - 1 2 13 15 if test $i -le 0; then echo "$0: failed to acquire lock after $numtries attempts" >&2 echo "$0: check lockdir '$lockdir'" >&2 exit 1 fi if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" # Each line is of the form `foo.o: dependent.h', # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. # Do two passes, one to just change these to # `$object: dependent.h' and one to simply `dependent.h:'. sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process this invocation # correctly. Breaking it into two sed invocations is a workaround. sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; hp2) # The "hp" stanza above does not work with aCC (C++) and HP's ia64 # compilers, which have integrated preprocessors. The correct option # to use with these is +Maked; it writes dependencies to a file named # 'foo.d', which lands next to the object file, wherever that # happens to be. # Much of this is similar to the tru64 case; see comments there. set_dir_from "$object" set_base_from "$object" if test "$libtool" = yes; then tmpdepfile1=$dir$base.d tmpdepfile2=$dir.libs/$base.d "$@" -Wc,+Maked else tmpdepfile1=$dir$base.d tmpdepfile2=$dir$base.d "$@" +Maked fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" exit $stat fi for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" do test -f "$tmpdepfile" && break done if test -f "$tmpdepfile"; then sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile" # Add 'dependent.h:' lines. sed -ne '2,${ s/^ *// s/ \\*$// s/$/:/ p }' "$tmpdepfile" >> "$depfile" else make_dummy_depfile fi rm -f "$tmpdepfile" "$tmpdepfile2" ;; tru64) # The Tru64 compiler uses -MD to generate dependencies as a side # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'. # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put # dependencies in 'foo.d' instead, so we check for that too. # Subdirectories are respected. set_dir_from "$object" set_base_from "$object" if test "$libtool" = yes; then # Libtool generates 2 separate objects for the 2 libraries. These # two compilations output dependencies in $dir.libs/$base.o.d and # in $dir$base.o.d. We have to check for both files, because # one of the two compilations can be disabled. We should prefer # $dir$base.o.d over $dir.libs/$base.o.d because the latter is # automatically cleaned when .libs/ is deleted, while ignoring # the former would cause a distcleancheck panic. tmpdepfile1=$dir$base.o.d # libtool 1.5 tmpdepfile2=$dir.libs/$base.o.d # Likewise. tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504 "$@" -Wc,-MD else tmpdepfile1=$dir$base.d tmpdepfile2=$dir$base.d tmpdepfile3=$dir$base.d "$@" -MD fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" exit $stat fi for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" do test -f "$tmpdepfile" && break done # Same post-processing that is required for AIX mode. aix_post_process_depfile ;; msvc7) if test "$libtool" = yes; then showIncludes=-Wc,-showIncludes else showIncludes=-showIncludes fi "$@" $showIncludes > "$tmpdepfile" stat=$? grep -v '^Note: including file: ' "$tmpdepfile" if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" echo "$object : \\" > "$depfile" # The first sed program below extracts the file names and escapes # backslashes for cygpath. The second sed program outputs the file # name when reading, but also accumulates all include files in the # hold buffer in order to output them again at the end. This only # works with sed implementations that can handle large buffers. sed < "$tmpdepfile" -n ' /^Note: including file: *\(.*\)/ { s//\1/ s/\\/\\\\/g p }' | $cygpath_u | sort -u | sed -n ' s/ /\\ /g s/\(.*\)/'"$tab"'\1 \\/p s/.\(.*\) \\/\1:/ H $ { s/.*/'"$tab"'/ G p }' >> "$depfile" echo >> "$depfile" # make sure the fragment doesn't end with a backslash rm -f "$tmpdepfile" ;; msvc7msys) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; #nosideeffect) # This comment above is used by automake to tell side-effect # dependency tracking mechanisms from slower ones. dashmstdout) # Important note: in order to support this mode, a compiler *must* # always write the preprocessed file to stdout, regardless of -o. "$@" || exit $? # Remove the call to Libtool. if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi # Remove '-o $object'. IFS=" " for arg do case $arg in -o) shift ;; $object) shift ;; *) set fnord "$@" "$arg" shift # fnord shift # $arg ;; esac done test -z "$dashmflag" && dashmflag=-M # Require at least two characters before searching for ':' # in the target name. This is to cope with DOS-style filenames: # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise. "$@" $dashmflag | sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile" rm -f "$depfile" cat < "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process this sed invocation # correctly. Breaking it into two sed invocations is a workaround. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; dashXmstdout) # This case only exists to satisfy depend.m4. It is never actually # run, as this mode is specially recognized in the preamble. exit 1 ;; makedepend) "$@" || exit $? # Remove any Libtool call if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi # X makedepend shift cleared=no eat=no for arg do case $cleared in no) set ""; shift cleared=yes ;; esac if test $eat = yes; then eat=no continue fi case "$arg" in -D*|-I*) set fnord "$@" "$arg"; shift ;; # Strip any option that makedepend may not understand. Remove # the object too, otherwise makedepend will parse it as a source file. -arch) eat=yes ;; -*|$object) ;; *) set fnord "$@" "$arg"; shift ;; esac done obj_suffix=`echo "$object" | sed 's/^.*\././'` touch "$tmpdepfile" ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" rm -f "$depfile" # makedepend may prepend the VPATH from the source file name to the object. # No need to regex-escape $object, excess matching of '.' is harmless. sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process the last invocation # correctly. Breaking it into two sed invocations is a workaround. sed '1,2d' "$tmpdepfile" \ | tr ' ' "$nl" \ | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" "$tmpdepfile".bak ;; cpp) # Important note: in order to support this mode, a compiler *must* # always write the preprocessed file to stdout. "$@" || exit $? # Remove the call to Libtool. if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi # Remove '-o $object'. IFS=" " for arg do case $arg in -o) shift ;; $object) shift ;; *) set fnord "$@" "$arg" shift # fnord shift # $arg ;; esac done "$@" -E \ | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ | sed '$ s: \\$::' > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" cat < "$tmpdepfile" >> "$depfile" sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; msvisualcpp) # Important note: in order to support this mode, a compiler *must* # always write the preprocessed file to stdout. "$@" || exit $? # Remove the call to Libtool. if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi IFS=" " for arg do case "$arg" in -o) shift ;; $object) shift ;; "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") set fnord "$@" shift shift ;; *) set fnord "$@" "$arg" shift shift ;; esac done "$@" -E 2>/dev/null | sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile" echo "$tab" >> "$depfile" sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile" rm -f "$tmpdepfile" ;; msvcmsys) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; none) exec "$@" ;; *) echo "Unknown depmode $depmode" 1>&2 exit 1 ;; esac exit 0 # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/compile0000755000175000017500000001624513006223057011124 00000000000000#! /bin/sh # Wrapper for compilers which do not understand '-c -o'. scriptversion=2012-10-14.11; # UTC # Copyright (C) 1999-2014 Free Software Foundation, Inc. # Written by Tom Tromey . # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # This file is maintained in Automake, please report # bugs to or send patches to # . nl=' ' # We need space, tab and new line, in precisely that order. Quoting is # there to prevent tools from complaining about whitespace usage. IFS=" "" $nl" file_conv= # func_file_conv build_file lazy # Convert a $build file to $host form and store it in $file # Currently only supports Windows hosts. If the determined conversion # type is listed in (the comma separated) LAZY, no conversion will # take place. func_file_conv () { file=$1 case $file in / | /[!/]*) # absolute file, and not a UNC file if test -z "$file_conv"; then # lazily determine how to convert abs files case `uname -s` in MINGW*) file_conv=mingw ;; CYGWIN*) file_conv=cygwin ;; *) file_conv=wine ;; esac fi case $file_conv/,$2, in *,$file_conv,*) ;; mingw/*) file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` ;; cygwin/*) file=`cygpath -m "$file" || echo "$file"` ;; wine/*) file=`winepath -w "$file" || echo "$file"` ;; esac ;; esac } # func_cl_dashL linkdir # Make cl look for libraries in LINKDIR func_cl_dashL () { func_file_conv "$1" if test -z "$lib_path"; then lib_path=$file else lib_path="$lib_path;$file" fi linker_opts="$linker_opts -LIBPATH:$file" } # func_cl_dashl library # Do a library search-path lookup for cl func_cl_dashl () { lib=$1 found=no save_IFS=$IFS IFS=';' for dir in $lib_path $LIB do IFS=$save_IFS if $shared && test -f "$dir/$lib.dll.lib"; then found=yes lib=$dir/$lib.dll.lib break fi if test -f "$dir/$lib.lib"; then found=yes lib=$dir/$lib.lib break fi if test -f "$dir/lib$lib.a"; then found=yes lib=$dir/lib$lib.a break fi done IFS=$save_IFS if test "$found" != yes; then lib=$lib.lib fi } # func_cl_wrapper cl arg... # Adjust compile command to suit cl func_cl_wrapper () { # Assume a capable shell lib_path= shared=: linker_opts= for arg do if test -n "$eat"; then eat= else case $1 in -o) # configure might choose to run compile as 'compile cc -o foo foo.c'. eat=1 case $2 in *.o | *.[oO][bB][jJ]) func_file_conv "$2" set x "$@" -Fo"$file" shift ;; *) func_file_conv "$2" set x "$@" -Fe"$file" shift ;; esac ;; -I) eat=1 func_file_conv "$2" mingw set x "$@" -I"$file" shift ;; -I*) func_file_conv "${1#-I}" mingw set x "$@" -I"$file" shift ;; -l) eat=1 func_cl_dashl "$2" set x "$@" "$lib" shift ;; -l*) func_cl_dashl "${1#-l}" set x "$@" "$lib" shift ;; -L) eat=1 func_cl_dashL "$2" ;; -L*) func_cl_dashL "${1#-L}" ;; -static) shared=false ;; -Wl,*) arg=${1#-Wl,} save_ifs="$IFS"; IFS=',' for flag in $arg; do IFS="$save_ifs" linker_opts="$linker_opts $flag" done IFS="$save_ifs" ;; -Xlinker) eat=1 linker_opts="$linker_opts $2" ;; -*) set x "$@" "$1" shift ;; *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) func_file_conv "$1" set x "$@" -Tp"$file" shift ;; *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) func_file_conv "$1" mingw set x "$@" "$file" shift ;; *) set x "$@" "$1" shift ;; esac fi shift done if test -n "$linker_opts"; then linker_opts="-link$linker_opts" fi exec "$@" $linker_opts exit 1 } eat= case $1 in '') echo "$0: No command. Try '$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: compile [--help] [--version] PROGRAM [ARGS] Wrapper for compilers which do not understand '-c -o'. Remove '-o dest.o' from ARGS, run PROGRAM with the remaining arguments, and rename the output as expected. If you are trying to build a whole package this is not the right script to run: please start by reading the file 'INSTALL'. Report bugs to . EOF exit $? ;; -v | --v*) echo "compile $scriptversion" exit $? ;; cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) func_cl_wrapper "$@" # Doesn't return... ;; esac ofile= cfile= for arg do if test -n "$eat"; then eat= else case $1 in -o) # configure might choose to run compile as 'compile cc -o foo foo.c'. # So we strip '-o arg' only if arg is an object. eat=1 case $2 in *.o | *.obj) ofile=$2 ;; *) set x "$@" -o "$2" shift ;; esac ;; *.c) cfile=$1 set x "$@" "$1" shift ;; *) set x "$@" "$1" shift ;; esac fi shift done if test -z "$ofile" || test -z "$cfile"; then # If no '-o' option was seen then we might have been invoked from a # pattern rule where we don't need one. That is ok -- this is a # normal compilation that the losing compiler can handle. If no # '.c' file was seen then we are probably linking. That is also # ok. exec "$@" fi # Name of file we expect compiler to create. cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` # Create the lock directory. # Note: use '[/\\:.-]' here to ensure that we don't use the same name # that we are using for the .o file. Also, base the name on the expected # object file name, since that is what matters with a parallel build. lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d while true; do if mkdir "$lockdir" >/dev/null 2>&1; then break fi sleep 1 done # FIXME: race condition here if user kills between mkdir and trap. trap "rmdir '$lockdir'; exit 1" 1 2 15 # Run the compile. "$@" ret=$? if test -f "$cofile"; then test "$cofile" = "$ofile" || mv "$cofile" "$ofile" elif test -f "${cofile}bj"; then test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" fi rmdir "$lockdir" exit $ret # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/Makefile.in0000644000175000017500000007541113026747414011625 00000000000000# Makefile.in generated by automake 1.15 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2014 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(top_srcdir)/configure \ $(am__configure_deps) $(am__DIST_COMMON) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ configure.lineno config.status.lineno mkinstalldirs = $(install_sh) -d CONFIG_HEADER = config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ ctags-recursive dvi-recursive html-recursive info-recursive \ install-data-recursive install-dvi-recursive \ install-exec-recursive install-html-recursive \ install-info-recursive install-pdf-recursive \ install-ps-recursive install-recursive installcheck-recursive \ installdirs-recursive pdf-recursive ps-recursive \ tags-recursive uninstall-recursive am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; am__install_max = 40 am__nobase_strip_setup = \ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` am__nobase_strip = \ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" am__nobase_list = $(am__nobase_strip_setup); \ for p in $$list; do echo "$$p $$p"; done | \ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ if (++n[$$2] == $(am__install_max)) \ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ END { for (dir in files) print dir, files[dir] }' am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__uninstall_files_from_dir = { \ test -z "$$files" \ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ $(am__cd) "$$dir" && rm -f $$files; }; \ } man5dir = $(mandir)/man5 am__installdirs = "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" \ "$(DESTDIR)$(docdir)" man8dir = $(mandir)/man8 NROFF = nroff MANS = $(dist_man_MANS) DATA = $(doc_DATA) RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive am__recursive_targets = \ $(RECURSIVE_TARGETS) \ $(RECURSIVE_CLEAN_TARGETS) \ $(am__extra_recursive_targets) AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ cscope distdir dist dist-all distcheck am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \ $(LISP)config.h.in # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags CSCOPE = cscope DIST_SUBDIRS = $(SUBDIRS) am__DIST_COMMON = $(dist_man_MANS) $(srcdir)/Makefile.in \ $(srcdir)/config.h.in $(top_srcdir)/build-aux/compile \ $(top_srcdir)/build-aux/install-sh \ $(top_srcdir)/build-aux/missing build-aux/compile \ build-aux/depcomp build-aux/install-sh build-aux/missing \ build-aux/ylwrap compile depcomp install-sh missing ylwrap DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) am__remove_distdir = \ if test -d "$(distdir)"; then \ find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ && rm -rf "$(distdir)" \ || { sleep 5 && rm -rf "$(distdir)"; }; \ else :; fi am__post_remove_distdir = $(am__remove_distdir) am__relativize = \ dir0=`pwd`; \ sed_first='s,^\([^/]*\)/.*$$,\1,'; \ sed_rest='s,^[^/]*/*,,'; \ sed_last='s,^.*/\([^/]*\)$$,\1,'; \ sed_butlast='s,/*[^/]*$$,,'; \ while test -n "$$dir1"; do \ first=`echo "$$dir1" | sed -e "$$sed_first"`; \ if test "$$first" != "."; then \ if test "$$first" = ".."; then \ dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ else \ first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ if test "$$first2" = "$$first"; then \ dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ else \ dir2="../$$dir2"; \ fi; \ dir0="$$dir0"/"$$first"; \ fi; \ fi; \ dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ done; \ reldir="$$dir2" DIST_ARCHIVES = $(distdir).tar.gz GZIP_ENV = --best DIST_TARGETS = dist-gzip distuninstallcheck_listfiles = find . -type f -print am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \ | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$' distcleancheck_listfiles = find . -type f -print ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CRYPTO_CFLAGS = @CRYPTO_CFLAGS@ CRYPTO_LIBS = @CRYPTO_LIBS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EV_CFLAGS = @EV_CFLAGS@ EV_LIBS = @EV_LIBS@ EXEEXT = @EXEEXT@ GREP = @GREP@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ RST2MAN = @RST2MAN@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SH_TESTS = @SH_TESTS@ SSL_CFLAGS = @SSL_CFLAGS@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ build_alias = @build_alias@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host_alias = @host_alias@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ SUBDIRS = src src/util @FOUND_RST2MAN_TRUE@dist_man_MANS = hitch.8 hitch.conf.5 doc_DATA = hitch.conf.example CHANGES.rst README.md EXTRA_DIST = LICENSE README.md hitch.man.rst hitch.conf.man.rst hitch.conf.example CHANGES.rst docs CLEANFILES = hitch.conf.example all: config.h $(MAKE) $(AM_MAKEFLAGS) all-recursive .SUFFIXES: am--refresh: Makefile @: $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \ $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \ && exit 0; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ echo ' $(SHELL) ./config.status'; \ $(SHELL) ./config.status;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) $(SHELL) ./config.status --recheck $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) $(am__cd) $(srcdir) && $(AUTOCONF) $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) $(am__aclocal_m4_deps): config.h: stamp-h1 @test -f $@ || rm -f stamp-h1 @test -f $@ || $(MAKE) $(AM_MAKEFLAGS) stamp-h1 stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status @rm -f stamp-h1 cd $(top_builddir) && $(SHELL) ./config.status config.h $(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) rm -f stamp-h1 touch $@ distclean-hdr: -rm -f config.h stamp-h1 install-man5: $(dist_man_MANS) @$(NORMAL_INSTALL) @list1=''; \ list2='$(dist_man_MANS)'; \ test -n "$(man5dir)" \ && test -n "`echo $$list1$$list2`" \ || exit 0; \ echo " $(MKDIR_P) '$(DESTDIR)$(man5dir)'"; \ $(MKDIR_P) "$(DESTDIR)$(man5dir)" || exit 1; \ { for i in $$list1; do echo "$$i"; done; \ if test -n "$$list2"; then \ for i in $$list2; do echo "$$i"; done \ | sed -n '/\.5[a-z]*$$/p'; \ fi; \ } | while read p; do \ if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; echo "$$p"; \ done | \ sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ sed 'N;N;s,\n, ,g' | { \ list=; while read file base inst; do \ if test "$$base" = "$$inst"; then list="$$list $$file"; else \ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst" || exit $$?; \ fi; \ done; \ for i in $$list; do echo "$$i"; done | $(am__base_list) | \ while read files; do \ test -z "$$files" || { \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man5dir)'"; \ $(INSTALL_DATA) $$files "$(DESTDIR)$(man5dir)" || exit $$?; }; \ done; } uninstall-man5: @$(NORMAL_UNINSTALL) @list=''; test -n "$(man5dir)" || exit 0; \ files=`{ for i in $$list; do echo "$$i"; done; \ l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \ sed -n '/\.5[a-z]*$$/p'; \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) install-man8: $(dist_man_MANS) @$(NORMAL_INSTALL) @list1=''; \ list2='$(dist_man_MANS)'; \ test -n "$(man8dir)" \ && test -n "`echo $$list1$$list2`" \ || exit 0; \ echo " $(MKDIR_P) '$(DESTDIR)$(man8dir)'"; \ $(MKDIR_P) "$(DESTDIR)$(man8dir)" || exit 1; \ { for i in $$list1; do echo "$$i"; done; \ if test -n "$$list2"; then \ for i in $$list2; do echo "$$i"; done \ | sed -n '/\.8[a-z]*$$/p'; \ fi; \ } | while read p; do \ if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; echo "$$p"; \ done | \ sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ sed 'N;N;s,\n, ,g' | { \ list=; while read file base inst; do \ if test "$$base" = "$$inst"; then list="$$list $$file"; else \ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst" || exit $$?; \ fi; \ done; \ for i in $$list; do echo "$$i"; done | $(am__base_list) | \ while read files; do \ test -z "$$files" || { \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man8dir)'"; \ $(INSTALL_DATA) $$files "$(DESTDIR)$(man8dir)" || exit $$?; }; \ done; } uninstall-man8: @$(NORMAL_UNINSTALL) @list=''; test -n "$(man8dir)" || exit 0; \ files=`{ for i in $$list; do echo "$$i"; done; \ l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \ sed -n '/\.8[a-z]*$$/p'; \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) install-docDATA: $(doc_DATA) @$(NORMAL_INSTALL) @list='$(doc_DATA)'; test -n "$(docdir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(docdir)'"; \ $(MKDIR_P) "$(DESTDIR)$(docdir)" || exit 1; \ fi; \ for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; \ done | $(am__base_list) | \ while read files; do \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(docdir)'"; \ $(INSTALL_DATA) $$files "$(DESTDIR)$(docdir)" || exit $$?; \ done uninstall-docDATA: @$(NORMAL_UNINSTALL) @list='$(doc_DATA)'; test -n "$(docdir)" || list=; \ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ dir='$(DESTDIR)$(docdir)'; $(am__uninstall_files_from_dir) # This directory's subdirectories are mostly independent; you can cd # into them and run 'make' without going through this Makefile. # To change the values of 'make' variables: instead of editing Makefiles, # (1) if the variable is set in 'config.status', edit 'config.status' # (which will cause the Makefiles to be regenerated when you run 'make'); # (2) otherwise, pass the desired values on the 'make' command line. $(am__recursive_targets): @fail=; \ if $(am__make_keepgoing); then \ failcom='fail=yes'; \ else \ failcom='exit 1'; \ fi; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ case "$@" in \ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ *) list='$(SUBDIRS)' ;; \ esac; \ for subdir in $$list; do \ echo "Making $$target in $$subdir"; \ if test "$$subdir" = "."; then \ dot_seen=yes; \ local_target="$$target-am"; \ else \ local_target="$$target"; \ fi; \ ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-recursive TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ include_option=--etags-include; \ empty_fix=.; \ else \ include_option=--include; \ empty_fix=; \ fi; \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test ! -f $$subdir/TAGS || \ set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-recursive CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscope: cscope.files test ! -s cscope.files \ || $(CSCOPE) -b -q $(AM_CSCOPEFLAGS) $(CSCOPEFLAGS) -i cscope.files $(CSCOPE_ARGS) clean-cscope: -rm -f cscope.files cscope.files: clean-cscope cscopelist cscopelist: cscopelist-recursive cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags -rm -f cscope.out cscope.in.out cscope.po.out cscope.files distdir: $(DISTFILES) $(am__remove_distdir) test -d "$(distdir)" || mkdir "$(distdir)" @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ $(am__make_dryrun) \ || test -d "$(distdir)/$$subdir" \ || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ $(am__relativize); \ new_distdir=$$reldir; \ dir1=$$subdir; dir2="$(top_distdir)"; \ $(am__relativize); \ new_top_distdir=$$reldir; \ echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ ($(am__cd) $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ top_distdir="$$new_top_distdir" \ distdir="$$new_distdir" \ am__remove_distdir=: \ am__skip_length_check=: \ am__skip_mode_fix=: \ distdir) \ || exit 1; \ fi; \ done -test -n "$(am__skip_mode_fix)" \ || find "$(distdir)" -type d ! -perm -755 \ -exec chmod u+rwx,go+rx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ || chmod -R a+r "$(distdir)" dist-gzip: distdir tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz $(am__post_remove_distdir) dist-bzip2: distdir tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2 $(am__post_remove_distdir) dist-lzip: distdir tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz $(am__post_remove_distdir) dist-xz: distdir tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz $(am__post_remove_distdir) dist-tarZ: distdir @echo WARNING: "Support for distribution archives compressed with" \ "legacy program 'compress' is deprecated." >&2 @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z $(am__post_remove_distdir) dist-shar: distdir @echo WARNING: "Support for shar distribution archives is" \ "deprecated." >&2 @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz $(am__post_remove_distdir) dist-zip: distdir -rm -f $(distdir).zip zip -rq $(distdir).zip $(distdir) $(am__post_remove_distdir) dist dist-all: $(MAKE) $(AM_MAKEFLAGS) $(DIST_TARGETS) am__post_remove_distdir='@:' $(am__post_remove_distdir) # This target untars the dist file and tries a VPATH configuration. Then # it guarantees that the distribution is self-contained by making another # tarfile. distcheck: dist case '$(DIST_ARCHIVES)' in \ *.tar.gz*) \ GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\ *.tar.bz2*) \ bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ *.tar.lz*) \ lzip -dc $(distdir).tar.lz | $(am__untar) ;;\ *.tar.xz*) \ xz -dc $(distdir).tar.xz | $(am__untar) ;;\ *.tar.Z*) \ uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ *.shar.gz*) \ GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\ *.zip*) \ unzip $(distdir).zip ;;\ esac chmod -R a-w $(distdir) chmod u+w $(distdir) mkdir $(distdir)/_build $(distdir)/_build/sub $(distdir)/_inst chmod a-w $(distdir) test -d $(distdir)/_build || exit 0; \ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ && am__cwd=`pwd` \ && $(am__cd) $(distdir)/_build/sub \ && ../../configure \ $(AM_DISTCHECK_CONFIGURE_FLAGS) \ $(DISTCHECK_CONFIGURE_FLAGS) \ --srcdir=../.. --prefix="$$dc_install_base" \ && $(MAKE) $(AM_MAKEFLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) dvi \ && $(MAKE) $(AM_MAKEFLAGS) check \ && $(MAKE) $(AM_MAKEFLAGS) install \ && $(MAKE) $(AM_MAKEFLAGS) installcheck \ && $(MAKE) $(AM_MAKEFLAGS) uninstall \ && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \ distuninstallcheck \ && chmod -R a-w "$$dc_install_base" \ && ({ \ (cd ../.. && umask 077 && mkdir "$$dc_destdir") \ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \ distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \ } || { rm -rf "$$dc_destdir"; exit 1; }) \ && rm -rf "$$dc_destdir" \ && $(MAKE) $(AM_MAKEFLAGS) dist \ && rm -rf $(DIST_ARCHIVES) \ && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ && cd "$$am__cwd" \ || exit 1 $(am__post_remove_distdir) @(echo "$(distdir) archives ready for distribution: "; \ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' distuninstallcheck: @test -n '$(distuninstallcheck_dir)' || { \ echo 'ERROR: trying to run $@ with an empty' \ '$$(distuninstallcheck_dir)' >&2; \ exit 1; \ }; \ $(am__cd) '$(distuninstallcheck_dir)' || { \ echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \ exit 1; \ }; \ test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \ || { echo "ERROR: files left after uninstall:" ; \ if test -n "$(DESTDIR)"; then \ echo " (check DESTDIR support)"; \ fi ; \ $(distuninstallcheck_listfiles) ; \ exit 1; } >&2 distcleancheck: distclean @if test '$(srcdir)' = . ; then \ echo "ERROR: distcleancheck can only run from a VPATH build" ; \ exit 1 ; \ fi @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ || { echo "ERROR: files left in build directory after distclean:" ; \ $(distcleancheck_listfiles) ; \ exit 1; } >&2 check-am: all-am check: check-recursive all-am: Makefile $(MANS) $(DATA) config.h installdirs: installdirs-recursive installdirs-am: for dir in "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(docdir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-recursive install-exec: install-exec-recursive install-data: install-data-recursive uninstall: uninstall-recursive install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-recursive install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." clean: clean-recursive clean-am: clean-generic mostlyclean-am distclean: distclean-recursive -rm -f $(am__CONFIG_DISTCLEAN_FILES) -rm -f Makefile distclean-am: clean-am distclean-generic distclean-hdr distclean-tags dvi: dvi-recursive dvi-am: html: html-recursive html-am: info: info-recursive info-am: install-data-am: install-docDATA install-man install-dvi: install-dvi-recursive install-dvi-am: install-exec-am: install-html: install-html-recursive install-html-am: install-info: install-info-recursive install-info-am: install-man: install-man5 install-man8 install-pdf: install-pdf-recursive install-pdf-am: install-ps: install-ps-recursive install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-recursive -rm -f $(am__CONFIG_DISTCLEAN_FILES) -rm -rf $(top_srcdir)/autom4te.cache -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-recursive mostlyclean-am: mostlyclean-generic pdf: pdf-recursive pdf-am: ps: ps-recursive ps-am: uninstall-am: uninstall-docDATA uninstall-man uninstall-man: uninstall-man5 uninstall-man8 .MAKE: $(am__recursive_targets) all install-am install-strip .PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \ am--refresh check check-am clean clean-cscope clean-generic \ cscope cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \ dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \ distcheck distclean distclean-generic distclean-hdr \ distclean-tags distcleancheck distdir distuninstallcheck dvi \ dvi-am html html-am info info-am install install-am \ install-data install-data-am install-docDATA install-dvi \ install-dvi-am install-exec install-exec-am install-html \ install-html-am install-info install-info-am install-man \ install-man5 install-man8 install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs installdirs-am maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-generic pdf \ pdf-am ps ps-am tags tags-am uninstall uninstall-am \ uninstall-docDATA uninstall-man uninstall-man5 uninstall-man8 .PRECIOUS: Makefile @FOUND_RST2MAN_TRUE@hitch.8: hitch.man.rst @FOUND_RST2MAN_TRUE@ ${RST2MAN} --halt=2 $(srcdir)/hitch.man.rst $@ @FOUND_RST2MAN_TRUE@hitch.conf.5: hitch.conf.man.rst @FOUND_RST2MAN_TRUE@ ${RST2MAN} --halt=2 $(srcdir)/hitch.conf.man.rst $@ hitch.conf.example: hitch.conf.man.rst echo "# Run 'man hitch.conf' for a description of all options." > $@.tmp sed -e '1,/^.. example-start/d' \ -e '/.. example-end/,$$d' \ -e '/^[^ ]/d' \ -e 's/^ //' hitch.conf.man.rst >> $@.tmp mv $@.tmp $@ # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: hitch-1.4.4/configure0000755000175000017500000065156313026747413011476 00000000000000#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for hitch 1.4.4. # # Report bugs to . # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # Use a proper internal environment variable to ensure we don't fall # into an infinite loop, continuously re-executing ourselves. if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then _as_can_reexec=no; export _as_can_reexec; # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 as_fn_exit 255 fi # We don't want this to propagate to other subprocesses. { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST else case \`(set -o) 2>/dev/null\` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi " as_required="as_fn_return () { (exit \$1); } as_fn_success () { as_fn_return 0; } as_fn_failure () { as_fn_return 1; } as_fn_ret_success () { return 0; } as_fn_ret_failure () { return 1; } exitcode=0 as_fn_success || { exitcode=1; echo as_fn_success failed.; } as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : else exitcode=1; echo positional parameters were not saved. fi test x\$exitcode = x0 || exit 1 test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 test \$(( 1 + 1 )) = 2 || exit 1" if (eval "$as_required") 2>/dev/null; then : as_have_required=yes else as_have_required=no fi if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. as_found=: case $as_dir in #( /*) for as_base in sh bash ksh sh5; do # Try only shells that exist, to save several forks. as_shell=$as_dir/$as_base if { test -f "$as_shell" || test -f "$as_shell.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : CONFIG_SHELL=$as_shell as_have_required=yes if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : break 2 fi fi done;; esac as_found=false done $as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : CONFIG_SHELL=$SHELL as_have_required=yes fi; } IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : export CONFIG_SHELL # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi if test x$as_have_required = xno; then : $as_echo "$0: This script requires a shell more modern than all" $as_echo "$0: the shells that I found on your system." if test x${ZSH_VERSION+set} = xset ; then $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" $as_echo "$0: be upgraded to zsh 4.3.4 or later." else $as_echo "$0: Please tell bug-autoconf@gnu.org and $0: opensource@varnish-software.com about your system, $0: including any error possibly output before this $0: message. Then install a modern shell, or manually run $0: the script under such a shell if you do have one." fi exit 1 fi fi fi SHELL=${CONFIG_SHELL-/bin/sh} export SHELL # Unset more variables known to interfere with behavior of common tools. CLICOLOR_FORCE= GREP_OPTIONS= unset CLICOLOR_FORCE GREP_OPTIONS ## --------------------- ## ## M4sh Shell Functions. ## ## --------------------- ## # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits as_lineno_1=$LINENO as_lineno_1a=$LINENO as_lineno_2=$LINENO as_lineno_2a=$LINENO eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) sed -n ' p /[$]LINENO/= ' <$as_myself | sed ' s/[$]LINENO.*/&-/ t lineno b :lineno N :loop s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ t loop s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # If we had to re-execute with $CONFIG_SHELL, we're ensured to have # already done that, so ensure we don't try to do so again and fall # in an infinite loop. This has already happened in practice. _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). . "./$as_me.lineno" # Exit status is that of the last command. exit } ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. # hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` # # Initializations. # ac_default_prefix=/usr/local ac_clean_files= ac_config_libobj_dir=. LIBOBJS= cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='hitch' PACKAGE_TARNAME='hitch' PACKAGE_VERSION='1.4.4' PACKAGE_STRING='hitch 1.4.4' PACKAGE_BUGREPORT='opensource@varnish-software.com' PACKAGE_URL='' ac_unique_file="src/configuration.c" # Factoring default headers for most tests. ac_includes_default="\ #include #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_SYS_STAT_H # include #endif #ifdef STDC_HEADERS # include # include #else # ifdef HAVE_STDLIB_H # include # endif #endif #ifdef HAVE_STRING_H # if !defined STDC_HEADERS && defined HAVE_MEMORY_H # include # endif # include #endif #ifdef HAVE_STRINGS_H # include #endif #ifdef HAVE_INTTYPES_H # include #endif #ifdef HAVE_STDINT_H # include #endif #ifdef HAVE_UNISTD_H # include #endif" ac_header_list= ac_subst_vars='am__EXEEXT_FALSE am__EXEEXT_TRUE LTLIBOBJS LIBOBJS SH_TESTS USE_SHCTX_FALSE USE_SHCTX_TRUE EGREP GREP CPP CRYPTO_LIBS CRYPTO_CFLAGS SSL_LIBS SSL_CFLAGS EV_LIBS EV_CFLAGS PKG_CONFIG_LIBDIR PKG_CONFIG_PATH PKG_CONFIG MAINT MAINTAINER_MODE_FALSE MAINTAINER_MODE_TRUE FOUND_RST2MAN_FALSE FOUND_RST2MAN_TRUE RST2MAN LEXLIB LEX_OUTPUT_ROOT LEX YFLAGS YACC am__fastdepCC_FALSE am__fastdepCC_TRUE CCDEPMODE am__nodep AMDEPBACKSLASH AMDEP_FALSE AMDEP_TRUE am__quote am__include DEPDIR OBJEXT EXEEXT ac_ct_CC CPPFLAGS LDFLAGS CFLAGS CC AM_BACKSLASH AM_DEFAULT_VERBOSITY AM_DEFAULT_V AM_V am__untar am__tar AMTAR am__leading_dot SET_MAKE AWK mkdir_p MKDIR_P INSTALL_STRIP_PROGRAM STRIP install_sh MAKEINFO AUTOHEADER AUTOMAKE AUTOCONF ACLOCAL VERSION PACKAGE CYGPATH_W am__isrc INSTALL_DATA INSTALL_SCRIPT INSTALL_PROGRAM target_alias host_alias build_alias LIBS ECHO_T ECHO_N ECHO_C DEFS mandir localedir libdir psdir pdfdir dvidir htmldir infodir docdir oldincludedir includedir runstatedir localstatedir sharedstatedir sysconfdir datadir datarootdir libexecdir sbindir bindir program_transform_name prefix exec_prefix PACKAGE_URL PACKAGE_BUGREPORT PACKAGE_STRING PACKAGE_VERSION PACKAGE_TARNAME PACKAGE_NAME PATH_SEPARATOR SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking enable_silent_rules enable_dependency_tracking with_rst2man enable_maintainer_mode enable_sessioncache ' ac_precious_vars='build_alias host_alias target_alias CC CFLAGS LDFLAGS LIBS CPPFLAGS YACC YFLAGS PKG_CONFIG PKG_CONFIG_PATH PKG_CONFIG_LIBDIR EV_CFLAGS EV_LIBS SSL_CFLAGS SSL_LIBS CRYPTO_CFLAGS CRYPTO_LIBS CPP' # Initialize some variables set by options. ac_init_help= ac_init_version=false ac_unrecognized_opts= ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null exec_prefix=NONE no_create= no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= verbose= x_includes=NONE x_libraries=NONE # Installation directory options. # These are left unexpanded so users can "make install exec_prefix=/foo" # and all the variables that are supposed to be based on exec_prefix # by default will actually change. # Use braces instead of parens because sh, perl, etc. also accept them. # (The list follows the same order as the GNU Coding Standards.) bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datarootdir='${prefix}/share' datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' infodir='${datarootdir}/info' htmldir='${docdir}' dvidir='${docdir}' pdfdir='${docdir}' psdir='${docdir}' libdir='${exec_prefix}/lib' localedir='${datarootdir}/locale' mandir='${datarootdir}/man' ac_prev= ac_dashdash= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval $ac_prev=\$ac_option ac_prev= continue fi case $ac_option in *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; *=) ac_optarg= ;; *) ac_optarg=yes ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. case $ac_dashdash$ac_option in --) ac_dashdash=yes ;; -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir=$ac_optarg ;; -build | --build | --buil | --bui | --bu) ac_prev=build_alias ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build_alias=$ac_optarg ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file=$ac_optarg ;; --config-cache | -C) cache_file=config.cache ;; -datadir | --datadir | --datadi | --datad) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=*) datadir=$ac_optarg ;; -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ | --dataroo | --dataro | --datar) ac_prev=datarootdir ;; -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) datarootdir=$ac_optarg ;; -disable-* | --disable-*) ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) docdir=$ac_optarg ;; -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) ac_prev=dvidir ;; -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) dvidir=$ac_optarg ;; -enable-* | --enable-*) ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix=$ac_optarg ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he | -h) ac_init_help=long ;; -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) ac_init_help=recursive ;; -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) ac_init_help=short ;; -host | --host | --hos | --ho) ac_prev=host_alias ;; -host=* | --host=* | --hos=* | --ho=*) host_alias=$ac_optarg ;; -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) ac_prev=htmldir ;; -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ | --ht=*) htmldir=$ac_optarg ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir=$ac_optarg ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir=$ac_optarg ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir=$ac_optarg ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir=$ac_optarg ;; -localedir | --localedir | --localedi | --localed | --locale) ac_prev=localedir ;; -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) localedir=$ac_optarg ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst | --locals) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) localstatedir=$ac_optarg ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir=$ac_optarg ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir=$ac_optarg ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix=$ac_optarg ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix=$ac_optarg ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix=$ac_optarg ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name=$ac_optarg ;; -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) ac_prev=pdfdir ;; -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) pdfdir=$ac_optarg ;; -psdir | --psdir | --psdi | --psd | --ps) ac_prev=psdir ;; -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) psdir=$ac_optarg ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -runstatedir | --runstatedir | --runstatedi | --runstated \ | --runstate | --runstat | --runsta | --runst | --runs \ | --run | --ru | --r) ac_prev=runstatedir ;; -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ | --run=* | --ru=* | --r=*) runstatedir=$ac_optarg ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir=$ac_optarg ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir=$ac_optarg ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site=$ac_optarg ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir=$ac_optarg ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir=$ac_optarg ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target_alias ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target_alias=$ac_optarg ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers | -V) ac_init_version=: ;; -with-* | --with-*) ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes=$ac_optarg ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; -*) as_fn_error $? "unrecognized option: \`$ac_option' Try \`$0 --help' for more information" ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. case $ac_envvar in #( '' | [0-9]* | *[!_$as_cr_alnum]* ) as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; esac done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` as_fn_error $? "missing argument to $ac_option" fi if test -n "$ac_unrecognized_opts"; then case $enable_option_checking in no) ;; fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; esac fi # Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. case $ac_val in */ ) ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` eval $ac_var=\$ac_val;; esac # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias # FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi fi ac_tool_prefix= test -n "$host_alias" && ac_tool_prefix=$host_alias- test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. ac_confdir=`$as_dirname -- "$as_myself" || $as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_myself" : 'X\(//\)[^/]' \| \ X"$as_myself" : 'X\(//\)$' \| \ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` srcdir=$ac_confdir if test ! -r "$srcdir/$ac_unique_file"; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then srcdir=. fi # Remove unnecessary trailing slashes from srcdir. # Double slashes in file names in object file debugging info # mess up M-x gdb in Emacs. case $srcdir in */) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; esac for ac_var in $ac_precious_vars; do eval ac_env_${ac_var}_set=\${${ac_var}+set} eval ac_env_${ac_var}_value=\$${ac_var} eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} eval ac_cv_env_${ac_var}_value=\$${ac_var} done # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures hitch 1.4.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this help and exit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit -q, --quiet, --silent do not print \`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or \`..'] Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify an installation prefix other than \`$ac_default_prefix' using \`--prefix', for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] --datadir=DIR read-only architecture-independent data [DATAROOTDIR] --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] --docdir=DIR documentation root [DATAROOTDIR/doc/hitch] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF Program names: --program-prefix=PREFIX prepend PREFIX to installed program names --program-suffix=SUFFIX append SUFFIX to installed program names --program-transform-name=PROGRAM run sed PROGRAM on installed program names _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in short | recursive ) echo "Configuration of hitch 1.4.4:";; esac cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --enable-silent-rules less verbose build output (undo: "make V=1") --disable-silent-rules verbose build output (undo: "make V=0") --enable-dependency-tracking do not reject slow dependency extractors --disable-dependency-tracking speeds up one-time build --enable-maintainer-mode enable make rules and dependencies not useful (and sometimes confusing) to the casual installer --enable-sessioncache Enable TLS session cache. (default is off) Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-rst2man=PATH Location of rst2man (auto) Some influential environment variables: CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory YACC The `Yet Another Compiler Compiler' implementation to use. Defaults to the first program found out of: `bison -y', `byacc', `yacc'. YFLAGS The list of arguments that will be passed by default to $YACC. This script will default YFLAGS to the empty string to avoid a default value of `-d' given by some make applications. PKG_CONFIG path to pkg-config utility PKG_CONFIG_PATH directories to add to pkg-config's search path PKG_CONFIG_LIBDIR path overriding pkg-config's built-in search path EV_CFLAGS C compiler flags for EV, overriding pkg-config EV_LIBS linker flags for EV, overriding pkg-config SSL_CFLAGS C compiler flags for SSL, overriding pkg-config SSL_LIBS linker flags for SSL, overriding pkg-config CRYPTO_CFLAGS C compiler flags for CRYPTO, overriding pkg-config CRYPTO_LIBS linker flags for CRYPTO, overriding pkg-config CPP C preprocessor Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. Report bugs to . _ACEOF ac_status=$? fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue test -d "$ac_dir" || { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix cd "$ac_dir" || { ac_status=$?; continue; } # Check for guested configure. if test -f "$ac_srcdir/configure.gnu"; then echo && $SHELL "$ac_srcdir/configure.gnu" --help=recursive elif test -f "$ac_srcdir/configure"; then echo && $SHELL "$ac_srcdir/configure" --help=recursive else $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF hitch configure 1.4.4 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi ## ------------------------ ## ## Autoconf initialization. ## ## ------------------------ ## # ac_fn_c_try_compile LINENO # -------------------------- # Try to compile conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest.$ac_objext; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_compile # ac_fn_c_try_link LINENO # ----------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_link () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext conftest$ac_exeext if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || test -x conftest$ac_exeext }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would # interfere with the next link command; also delete a directory that is # left behind by Apple's compiler. We do this before executing the actions. rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_link # ac_fn_c_check_member LINENO AGGR MEMBER VAR INCLUDES # ---------------------------------------------------- # Tries to find if the field MEMBER exists in type AGGR, after including # INCLUDES, setting cache variable VAR accordingly. ac_fn_c_check_member () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2.$3" >&5 $as_echo_n "checking for $2.$3... " >&6; } if eval \${$4+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $5 int main () { static $2 ac_aggr; if (ac_aggr.$3) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$4=yes" else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $5 int main () { static $2 ac_aggr; if (sizeof ac_aggr.$3) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$4=yes" else eval "$4=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$4 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_member # ac_fn_c_try_cpp LINENO # ---------------------- # Try to preprocess conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_cpp () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_cpp conftest.$ac_ext" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } > conftest.i && { test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || test ! -s conftest.err }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_cpp # ac_fn_c_try_run LINENO # ---------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. Assumes # that executables *can* be run. ac_fn_c_try_run () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then : ac_retval=0 else $as_echo "$as_me: program exited with status $ac_status" >&5 $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=$ac_status fi rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_run # ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists and can be compiled using the include files in # INCLUDES, setting the cache variable VAR accordingly. ac_fn_c_check_header_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_compile # ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists, giving a warning if it cannot be compiled using # the include files in INCLUDES and setting the cache variable VAR # accordingly. ac_fn_c_check_header_mongrel () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if eval \${$3+:} false; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } else # Is the header compilable? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 $as_echo_n "checking $2 usability... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_header_compiler=yes else ac_header_compiler=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 $as_echo "$ac_header_compiler" >&6; } # Is the header present? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 $as_echo_n "checking $2 presence... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include <$2> _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : ac_header_preproc=yes else ac_header_preproc=no fi rm -f conftest.err conftest.i conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 $as_echo "$ac_header_preproc" >&6; } # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( yes:no: ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 $as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; no:yes:* ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 $as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 $as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 $as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 $as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ( $as_echo "## ---------------------------------------------- ## ## Report this to opensource@varnish-software.com ## ## ---------------------------------------------- ##" ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=\$ac_header_compiler" fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_mongrel # ac_fn_c_find_intX_t LINENO BITS VAR # ----------------------------------- # Finds a signed integer type with width BITS, setting cache variable VAR # accordingly. ac_fn_c_find_intX_t () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for int$2_t" >&5 $as_echo_n "checking for int$2_t... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=no" # Order is important - never check a type that is potentially smaller # than half of the expected target width. for ac_type in int$2_t 'int' 'long int' \ 'long long int' 'short int' 'signed char'; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default enum { N = $2 / 2 - 1 }; int main () { static int test_array [1 - 2 * !(0 < ($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 1))]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default enum { N = $2 / 2 - 1 }; int main () { static int test_array [1 - 2 * !(($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 1) < ($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 2))]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else case $ac_type in #( int$2_t) : eval "$3=yes" ;; #( *) : eval "$3=\$ac_type" ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if eval test \"x\$"$3"\" = x"no"; then : else break fi done fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_find_intX_t # ac_fn_c_check_type LINENO TYPE VAR INCLUDES # ------------------------------------------- # Tests whether TYPE exists after having included INCLUDES, setting cache # variable VAR accordingly. ac_fn_c_check_type () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=no" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { if (sizeof ($2)) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { if (sizeof (($2))) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else eval "$3=yes" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_type # ac_fn_c_find_uintX_t LINENO BITS VAR # ------------------------------------ # Finds an unsigned integer type with width BITS, setting cache variable VAR # accordingly. ac_fn_c_find_uintX_t () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uint$2_t" >&5 $as_echo_n "checking for uint$2_t... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=no" # Order is important - never check a type that is potentially smaller # than half of the expected target width. for ac_type in uint$2_t 'unsigned int' 'unsigned long int' \ 'unsigned long long int' 'unsigned short int' 'unsigned char'; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int main () { static int test_array [1 - 2 * !((($ac_type) -1 >> ($2 / 2 - 1)) >> ($2 / 2 - 1) == 3)]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : case $ac_type in #( uint$2_t) : eval "$3=yes" ;; #( *) : eval "$3=\$ac_type" ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if eval test \"x\$"$3"\" = x"no"; then : else break fi done fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_find_uintX_t # ac_fn_c_check_func LINENO FUNC VAR # ---------------------------------- # Tests whether FUNC exists, setting the cache variable VAR accordingly ac_fn_c_check_func () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Define $2 to an innocuous variant, in case declares $2. For example, HP-UX 11i declares gettimeofday. */ #define $2 innocuous_$2 /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $2 (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $2 /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char $2 (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined __stub_$2 || defined __stub___$2 choke me #endif int main () { return $2 (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_func cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by hitch $as_me 1.4.4, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { cat <<_ASUNAME ## --------- ## ## Platform. ## ## --------- ## hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` /bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` /bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` /usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` /bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` _ASUNAME as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. $as_echo "PATH: $as_dir" done IFS=$as_save_IFS } >&5 cat >&5 <<_ACEOF ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. # Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= ac_configure_args0= ac_configure_args1= ac_must_keep_next=false for ac_pass in 1 2 do for ac_arg do case $ac_arg in -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) continue ;; *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; 2) as_fn_append ac_configure_args1 " '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else case $ac_arg in *=* | --config-cache | -C | -disable-* | --disable-* \ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ | -with-* | --with-* | -without-* | --without-* | --x) case "$ac_configure_args0 " in "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; esac ;; -* ) ac_must_keep_next=true ;; esac fi as_fn_append ac_configure_args " '$ac_arg'" ;; esac done done { ac_configure_args0=; unset ac_configure_args0;} { ac_configure_args1=; unset ac_configure_args1;} # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there # would cause problems or look ugly. # WARNING: Use '\'' to represent an apostrophe within the trap. # WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. trap 'exit_status=$? # Save into config.log some information that might help in debugging. { echo $as_echo "## ---------------- ## ## Cache variables. ## ## ---------------- ##" echo # The following way of writing the cache mishandles newlines in values, ( for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( *${as_nl}ac_space=\ *) sed -n \ "s/'\''/'\''\\\\'\'''\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" ;; #( *) sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) echo $as_echo "## ----------------- ## ## Output variables. ## ## ----------------- ##" echo for ac_var in $ac_subst_vars do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo if test -n "$ac_subst_files"; then $as_echo "## ------------------- ## ## File substitutions. ## ## ------------------- ##" echo for ac_var in $ac_subst_files do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo fi if test -s confdefs.h; then $as_echo "## ----------- ## ## confdefs.h. ## ## ----------- ##" echo cat confdefs.h echo fi test "$ac_signal" != 0 && $as_echo "$as_me: caught signal $ac_signal" $as_echo "$as_me: exit $exit_status" } >&5 rm -f core *.core core.conftest.* && rm -f -r conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -f -r conftest* confdefs.h $as_echo "/* confdefs.h */" > confdefs.h # Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF #define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_VERSION "$PACKAGE_VERSION" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_STRING "$PACKAGE_STRING" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_URL "$PACKAGE_URL" _ACEOF # Let the site file select an alternate cache file if it wants to. # Prefer an explicitly selected file to automatically selected ones. ac_site_file1=NONE ac_site_file2=NONE if test -n "$CONFIG_SITE"; then # We do not want a PATH search for config.site. case $CONFIG_SITE in #(( -*) ac_site_file1=./$CONFIG_SITE;; */*) ac_site_file1=$CONFIG_SITE;; *) ac_site_file1=./$CONFIG_SITE;; esac elif test "x$prefix" != xNONE; then ac_site_file1=$prefix/share/config.site ac_site_file2=$prefix/etc/config.site else ac_site_file1=$ac_default_prefix/share/config.site ac_site_file2=$ac_default_prefix/etc/config.site fi for ac_site_file in "$ac_site_file1" "$ac_site_file2" do test "x$ac_site_file" = xNONE && continue if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 $as_echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" \ || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file See \`config.log' for more details" "$LINENO" 5; } fi done if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special files # actually), so we avoid doing that. DJGPP emulates it as a regular file. if test /dev/null != "$cache_file" && test -f "$cache_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 $as_echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . "$cache_file";; *) . "./$cache_file";; esac fi else { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 $as_echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi as_fn_append ac_header_list " stdlib.h" as_fn_append ac_header_list " unistd.h" as_fn_append ac_header_list " sys/param.h" # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false for ac_var in $ac_precious_vars; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val=\$ac_cv_env_${ac_var}_value eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then # differences in whitespace do not lead to failure. ac_old_val_w=`echo x $ac_old_val` ac_new_val_w=`echo x $ac_new_val` if test "$ac_old_val_w" != "$ac_new_val_w"; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 $as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} ac_cache_corrupted=: else { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 $as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} eval $ac_var=\$ac_old_val fi { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 $as_echo "$as_me: former value: \`$ac_old_val'" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 $as_echo "$as_me: current value: \`$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. *) as_fn_append ac_configure_args " '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 $as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 fi ## -------------------- ## ## Main body of script. ## ## -------------------- ## ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_config_headers="$ac_config_headers config.h" ac_aux_dir= for ac_dir in build-aux "$srcdir"/build-aux; do if test -f "$ac_dir/install-sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" break elif test -f "$ac_dir/install.sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install.sh -c" break elif test -f "$ac_dir/shtool"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/shtool install -c" break fi done if test -z "$ac_aux_dir"; then as_fn_error $? "cannot find install-sh, install.sh, or shtool in build-aux \"$srcdir\"/build-aux" "$LINENO" 5 fi # These three variables are undocumented and unsupported, # and are intended to be withdrawn in a future Autoconf release. # They can cause serious problems if a builder's source tree is in a directory # whose full name contains unusual characters. ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. am__api_version='1.15' # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install # SunOS /usr/etc/install # IRIX /sbin/install # AIX /bin/install # AmigaOS /C/install, which installs bootblocks on floppy discs # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. # Reject install programs that cannot install multiple files. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 $as_echo_n "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then if ${ac_cv_path_install+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. # Account for people who put trailing slashes in PATH elements. case $as_dir/ in #(( ./ | .// | /[cC]/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. # Don't use installbsd from OSF since it installs stuff as root # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : elif test $ac_prog = install && grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # program-specific install script used by HP pwplus--don't use. : else rm -rf conftest.one conftest.two conftest.dir echo one > conftest.one echo two > conftest.two mkdir conftest.dir if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && test -s conftest.one && test -s conftest.two && test -s conftest.dir/conftest.one && test -s conftest.dir/conftest.two then ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" break 3 fi fi fi done done ;; esac done IFS=$as_save_IFS rm -rf conftest.one conftest.two conftest.dir fi if test "${ac_cv_path_install+set}" = set; then INSTALL=$ac_cv_path_install else # As a last resort, use the slow shell script. Don't cache a # value for INSTALL within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. INSTALL=$ac_install_sh fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 $as_echo "$INSTALL" >&6; } # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 $as_echo_n "checking whether build environment is sane... " >&6; } # Reject unsafe characters in $srcdir or the absolute working directory # name. Accept space and tab only in the latter. am_lf=' ' case `pwd` in *[\\\"\#\$\&\'\`$am_lf]*) as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;; esac case $srcdir in *[\\\"\#\$\&\'\`$am_lf\ \ ]*) as_fn_error $? "unsafe srcdir value: '$srcdir'" "$LINENO" 5;; esac # Do 'set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( am_has_slept=no for am_try in 1 2; do echo "timestamp, slept: $am_has_slept" > conftest.file set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` if test "$*" = "X"; then # -L didn't work. set X `ls -t "$srcdir/configure" conftest.file` fi if test "$*" != "X $srcdir/configure conftest.file" \ && test "$*" != "X conftest.file $srcdir/configure"; then # If neither matched, then we have a broken ls. This can happen # if, for instance, CONFIG_SHELL is bash and it inherits a # broken ls alias from the environment. This has actually # happened. Such a system could not be considered "sane". as_fn_error $? "ls -t appears to fail. Make sure there is not a broken alias in your environment" "$LINENO" 5 fi if test "$2" = conftest.file || test $am_try -eq 2; then break fi # Just in case. sleep 1 am_has_slept=yes done test "$2" = conftest.file ) then # Ok. : else as_fn_error $? "newly created file is older than distributed files! Check your system clock" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } # If we didn't sleep, we still need to ensure time stamps of config.status and # generated files are strictly newer. am_sleep_pid= if grep 'slept: no' conftest.file >/dev/null 2>&1; then ( sleep 1 ) & am_sleep_pid=$! fi rm -f conftest.file test "$program_prefix" != NONE && program_transform_name="s&^&$program_prefix&;$program_transform_name" # Use a double $ so make ignores it. test "$program_suffix" != NONE && program_transform_name="s&\$&$program_suffix&;$program_transform_name" # Double any \ or $. # By default was `s,x,x', remove it if useless. ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"` # Expand $ac_aux_dir to an absolute path. am_aux_dir=`cd "$ac_aux_dir" && pwd` if test x"${MISSING+set}" != xset; then case $am_aux_dir in *\ * | *\ *) MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; *) MISSING="\${SHELL} $am_aux_dir/missing" ;; esac fi # Use eval to expand $SHELL if eval "$MISSING --is-lightweight"; then am_missing_run="$MISSING " else am_missing_run= { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5 $as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;} fi if test x"${install_sh+set}" != xset; then case $am_aux_dir in *\ * | *\ *) install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; *) install_sh="\${SHELL} $am_aux_dir/install-sh" esac fi # Installed binaries are usually stripped using 'strip' when the user # run "make install-strip". However 'strip' might not be the right # tool to use in cross-compilation environments, therefore Automake # will honor the 'STRIP' environment variable to overrule this program. if test "$cross_compiling" != no; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. set dummy ${ac_tool_prefix}strip; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_STRIP+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$STRIP"; then ac_cv_prog_STRIP="$STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi STRIP=$ac_cv_prog_STRIP if test -n "$STRIP"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 $as_echo "$STRIP" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_STRIP"; then ac_ct_STRIP=$STRIP # Extract the first word of "strip", so it can be a program name with args. set dummy strip; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_STRIP+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_STRIP"; then ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP if test -n "$ac_ct_STRIP"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 $as_echo "$ac_ct_STRIP" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_STRIP" = x; then STRIP=":" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac STRIP=$ac_ct_STRIP fi else STRIP="$ac_cv_prog_STRIP" fi fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 $as_echo_n "checking for a thread-safe mkdir -p... " >&6; } if test -z "$MKDIR_P"; then if ${ac_cv_path_mkdir+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in mkdir gmkdir; do for ac_exec_ext in '' $ac_executable_extensions; do as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( 'mkdir (GNU coreutils) '* | \ 'mkdir (coreutils) '* | \ 'mkdir (fileutils) '4.1*) ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext break 3;; esac done done done IFS=$as_save_IFS fi test -d ./--version && rmdir ./--version if test "${ac_cv_path_mkdir+set}" = set; then MKDIR_P="$ac_cv_path_mkdir -p" else # As a last resort, use the slow shell script. Don't cache a # value for MKDIR_P within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. MKDIR_P="$ac_install_sh -d" fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 $as_echo "$MKDIR_P" >&6; } for ac_prog in gawk mawk nawk awk do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_AWK+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$AWK"; then ac_cv_prog_AWK="$AWK" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AWK="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi AWK=$ac_cv_prog_AWK if test -n "$AWK"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 $as_echo "$AWK" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$AWK" && break done { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @echo '@@@%%%=$(MAKE)=@@@%%%' _ACEOF # GNU make sometimes prints "make[1]: Entering ...", which would confuse us. case `${MAKE-make} -f conftest.make 2>/dev/null` in *@@@%%%=?*=@@@%%%*) eval ac_cv_prog_make_${ac_make}_set=yes;; *) eval ac_cv_prog_make_${ac_make}_set=no;; esac rm -f conftest.make fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } SET_MAKE= else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } SET_MAKE="MAKE=${MAKE-make}" fi rm -rf .tst 2>/dev/null mkdir .tst 2>/dev/null if test -d .tst; then am__leading_dot=. else am__leading_dot=_ fi rmdir .tst 2>/dev/null # Check whether --enable-silent-rules was given. if test "${enable_silent_rules+set}" = set; then : enableval=$enable_silent_rules; fi case $enable_silent_rules in # ((( yes) AM_DEFAULT_VERBOSITY=0;; no) AM_DEFAULT_VERBOSITY=1;; *) AM_DEFAULT_VERBOSITY=1;; esac am_make=${MAKE-make} { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 $as_echo_n "checking whether $am_make supports nested variables... " >&6; } if ${am_cv_make_support_nested_variables+:} false; then : $as_echo_n "(cached) " >&6 else if $as_echo 'TRUE=$(BAR$(V)) BAR0=false BAR1=true V=1 am__doit: @$(TRUE) .PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then am_cv_make_support_nested_variables=yes else am_cv_make_support_nested_variables=no fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 $as_echo "$am_cv_make_support_nested_variables" >&6; } if test $am_cv_make_support_nested_variables = yes; then AM_V='$(V)' AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' else AM_V=$AM_DEFAULT_VERBOSITY AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY fi AM_BACKSLASH='\' if test "`cd $srcdir && pwd`" != "`pwd`"; then # Use -I$(srcdir) only when $(srcdir) != ., so that make's output # is not polluted with repeated "-I." am__isrc=' -I$(srcdir)' # test to see if srcdir already configured if test -f $srcdir/config.status; then as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 fi fi # test whether we have cygpath if test -z "$CYGPATH_W"; then if (cygpath --version) >/dev/null 2>/dev/null; then CYGPATH_W='cygpath -w' else CYGPATH_W=echo fi fi # Define the identity of the package. PACKAGE='hitch' VERSION='1.4.4' cat >>confdefs.h <<_ACEOF #define PACKAGE "$PACKAGE" _ACEOF cat >>confdefs.h <<_ACEOF #define VERSION "$VERSION" _ACEOF # Some tools Automake needs. ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"} AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"} AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"} AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} # For better backward compatibility. To be removed once Automake 1.9.x # dies out for good. For more background, see: # # mkdir_p='$(MKDIR_P)' # We need awk for the "check" target (and possibly the TAP driver). The # system "awk" is bad on some platforms. # Always define AMTAR for backward compatibility. Yes, it's still used # in the wild :-( We should find a proper way to deprecate it ... AMTAR='$${TAR-tar}' # We'll loop over all known methods to create a tar archive until one works. _am_tools='gnutar pax cpio none' am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -' # POSIX will say in a future version that running "rm -f" with no argument # is OK; and we want to be able to make that assumption in our Makefile # recipes. So use an aggressive probe to check that the usage we want is # actually supported "in the wild" to an acceptable degree. # See automake bug#10828. # To make any issue more visible, cause the running configure to be aborted # by default if the 'rm' program in use doesn't match our expectations; the # user can still override this though. if rm -f && rm -fr && rm -rf; then : OK; else cat >&2 <<'END' Oops! Your 'rm' program seems unable to run without file operands specified on the command line, even when the '-f' option is present. This is contrary to the behaviour of most rm programs out there, and not conforming with the upcoming POSIX standard: Please tell bug-automake@gnu.org about your system, including the value of your $PATH and any error possibly output before this message. This can help us improve future automake versions. END if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then echo 'Configuration will proceed anyway, since you have set the' >&2 echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 echo >&2 else cat >&2 <<'END' Aborting the configuration process, to ensure you take notice of the issue. You can download and install GNU coreutils to get an 'rm' implementation that behaves properly: . If you want to complete the configuration process using your problematic 'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM to "yes", and re-run configure. END as_fn_error $? "Your 'rm' program is bad, sorry." "$LINENO" 5 fi fi # Checks for programs. ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl.exe do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl.exe do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$ac_ct_CC" && break done if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi fi fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 for ac_option in --version -v -V -qversion; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then sed '10a\ ... rest of stderr output deleted ... 10q' conftest.err >conftest.er1 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 $as_echo_n "checking whether the C compiler works... " >&6; } ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` # The possible output files: ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" ac_rmfiles= for ac_file in $ac_files do case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; * ) ac_rmfiles="$ac_rmfiles $ac_file";; esac done rm -f $ac_rmfiles if { { ac_try="$ac_link_default" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link_default") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. # So ignore a value of `no', otherwise this would lead to `EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, # so that the user can short-circuit this test for compilers unknown to # Autoconf. for ac_file in $ac_files '' do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; then :; else ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi # We set ac_cv_exeext here because the later test for it is not # safe: cross compilers may not add the suffix if given an `-o' # argument, so we may need to know it at that point already. # Even if this section looks crufty: it has the advantage of # actually working. break;; * ) break;; esac done test "$ac_cv_exeext" = no && ac_cv_exeext= else ac_file='' fi if test -z "$ac_file"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables See \`config.log' for more details" "$LINENO" 5; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 $as_echo_n "checking for C compiler default output file name... " >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 $as_echo "$ac_file" >&6; } ac_exeext=$ac_cv_exeext rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 $as_echo_n "checking for suffix of executables... " >&6; } if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with # `rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` break;; * ) break;; esac done else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest conftest$ac_cv_exeext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 $as_echo "$ac_cv_exeext" >&6; } rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main () { FILE *f = fopen ("conftest.out", "w"); return ferror (f) || fclose (f) != 0; ; return 0; } _ACEOF ac_clean_files="$ac_clean_files conftest.out" # Check that the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 $as_echo_n "checking whether we are cross compiling... " >&6; } if test "$cross_compiling" != yes; then { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if { ac_try='./conftest$ac_cv_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details" "$LINENO" 5; } fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 $as_echo "$cross_compiling" >&6; } rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 $as_echo_n "checking for suffix of object files... " >&6; } if ${ac_cv_objext+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.o conftest.obj if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : for ac_file in conftest.o conftest.obj conftest.*; do test -f "$ac_file" || continue; case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 $as_echo "$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } if ${ac_cv_c_compiler_gnu+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_compiler_gnu=yes else ac_compiler_gnu=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 $as_echo "$ac_cv_c_compiler_gnu" >&6; } if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } if ${ac_cv_prog_cc_g+:} false; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes else CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 $as_echo "$ac_cv_prog_cc_g" >&6; } if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } if ${ac_cv_prog_cc_c89+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); static char *e (p, i) char **p; int i; { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not '\xHH' hex character constants. These don't provoke an error unfortunately, instead are silently treated as 'x'. The following induces an error, until -std is added to get proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an array size at least. It's necessary to write '\x00'==0 to get something that's true only with -std. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; /* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters inside strings and character constants. */ #define FOO(x) 'x' int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); int argc; char **argv; int main () { return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_c89=$ac_arg fi rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC fi # AC_CACHE_VAL case "x$ac_cv_prog_cc_c89" in x) { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 $as_echo "none needed" >&6; } ;; xno) { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 $as_echo "unsupported" >&6; } ;; *) CC="$CC $ac_cv_prog_cc_c89" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 $as_echo "$ac_cv_prog_cc_c89" >&6; } ;; esac if test "x$ac_cv_prog_cc_c89" != xno; then : fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 $as_echo_n "checking whether $CC understands -c and -o together... " >&6; } if ${am_cv_prog_cc_c_o+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF # Make sure it works both with $CC and with simple cc. # Following AC_PROG_CC_C_O, we do the test twice because some # compilers refuse to overwrite an existing .o file with -o, # though they will create one. am_cv_prog_cc_c_o=yes for am_i in 1 2; do if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5 ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } \ && test -f conftest2.$ac_objext; then : OK else am_cv_prog_cc_c_o=no break fi done rm -f core conftest* unset am_i fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 $as_echo "$am_cv_prog_cc_c_o" >&6; } if test "$am_cv_prog_cc_c_o" != yes; then # Losing compiler, so override with the script. # FIXME: It is wrong to rewrite CC. # But if we don't then we get into trouble of one sort or another. # A longer-term fix would be to have automake use am__CC in this case, # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" CC="$am_aux_dir/compile $CC" fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu DEPDIR="${am__leading_dot}deps" ac_config_commands="$ac_config_commands depfiles" am_make=${MAKE-make} cat > confinc << 'END' am__doit: @echo this is the am__doit target .PHONY: am__doit END # If we don't find an include directive, just comment out the code. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5 $as_echo_n "checking for style of include used by $am_make... " >&6; } am__include="#" am__quote= _am_result=none # First try GNU make style include. echo "include confinc" > confmf # Ignore all kinds of additional output from 'make'. case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=include am__quote= _am_result=GNU ;; esac # Now try BSD make style include. if test "$am__include" = "#"; then echo '.include "confinc"' > confmf case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=.include am__quote="\"" _am_result=BSD ;; esac fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5 $as_echo "$_am_result" >&6; } rm -f confinc confmf # Check whether --enable-dependency-tracking was given. if test "${enable_dependency_tracking+set}" = set; then : enableval=$enable_dependency_tracking; fi if test "x$enable_dependency_tracking" != xno; then am_depcomp="$ac_aux_dir/depcomp" AMDEPBACKSLASH='\' am__nodep='_no' fi if test "x$enable_dependency_tracking" != xno; then AMDEP_TRUE= AMDEP_FALSE='#' else AMDEP_TRUE='#' AMDEP_FALSE= fi depcc="$CC" am_compiler_list= { $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 $as_echo_n "checking dependency style of $depcc... " >&6; } if ${am_cv_CC_dependencies_compiler_type+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up # making a dummy file named 'D' -- because '-MD' means "put the output # in D". rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir # We will build objects and dependencies in a subdirectory because # it helps to detect inapplicable dependency modes. For instance # both Tru64's cc and ICC support -MD to output dependencies as a # side effect of compilation, but ICC will put the dependencies in # the current directory while Tru64 will put them in the object # directory. mkdir sub am_cv_CC_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` fi am__universal=false case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac for depmode in $am_compiler_list; do # Setup a source with many dependencies, because some compilers # like to wrap large dependency lists on column 80 (with \), and # we should not choose a depcomp mode which is confused by this. # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with # Solaris 10 /bin/sh. echo '/* dummy */' > sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf # We check with '-c' and '-o' for the sake of the "dashmstdout" # mode. It turns out that the SunPro C++ compiler does not properly # handle '-M -o', and we need to detect this. Also, some Intel # versions had trouble with output in subdirs. am__obj=sub/conftest.${OBJEXT-o} am__minus_obj="-o $am__obj" case $depmode in gcc) # This depmode causes a compiler race in universal mode. test "$am__universal" = false || continue ;; nosideeffect) # After this tag, mechanisms are not by side-effect, so they'll # only be used when explicitly requested. if test "x$enable_dependency_tracking" = xyes; then continue else break fi ;; msvc7 | msvc7msys | msvisualcpp | msvcmsys) # This compiler won't grok '-c -o', but also, the minuso test has # not run yet. These depmodes are late enough in the game, and # so weak that their functioning should not be impacted. am__obj=conftest.${OBJEXT-o} am__minus_obj= ;; none) break ;; esac if depmode=$depmode \ source=sub/conftest.c object=$am__obj \ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ >/dev/null 2>conftest.err && grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && grep $am__obj sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then # icc doesn't choke on unknown options, it will just issue warnings # or remarks (even with -Werror). So we grep stderr for any message # that says an option was ignored or not supported. # When given -MP, icc 7.0 and 7.1 complain thusly: # icc: Command line warning: ignoring option '-M'; no argument required # The diagnosis changed in icc 8.0: # icc: Command line remark: option '-MP' not supported if (grep 'ignoring option' conftest.err || grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else am_cv_CC_dependencies_compiler_type=$depmode break fi fi done cd .. rm -rf conftest.dir else am_cv_CC_dependencies_compiler_type=none fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 $as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type if test "x$enable_dependency_tracking" != xno \ && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then am__fastdepCC_TRUE= am__fastdepCC_FALSE='#' else am__fastdepCC_TRUE='#' am__fastdepCC_FALSE= fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @echo '@@@%%%=$(MAKE)=@@@%%%' _ACEOF # GNU make sometimes prints "make[1]: Entering ...", which would confuse us. case `${MAKE-make} -f conftest.make 2>/dev/null` in *@@@%%%=?*=@@@%%%*) eval ac_cv_prog_make_${ac_make}_set=yes;; *) eval ac_cv_prog_make_${ac_make}_set=no;; esac rm -f conftest.make fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } SET_MAKE= else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } SET_MAKE="MAKE=${MAKE-make}" fi for ac_prog in 'bison -y' byacc do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_YACC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$YACC"; then ac_cv_prog_YACC="$YACC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_YACC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi YACC=$ac_cv_prog_YACC if test -n "$YACC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $YACC" >&5 $as_echo "$YACC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$YACC" && break done test -n "$YACC" || YACC="yacc" for ac_prog in flex lex do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_LEX+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$LEX"; then ac_cv_prog_LEX="$LEX" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_LEX="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi LEX=$ac_cv_prog_LEX if test -n "$LEX"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LEX" >&5 $as_echo "$LEX" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$LEX" && break done test -n "$LEX" || LEX=":" if test "x$LEX" != "x:"; then cat >conftest.l <<_ACEOF %% a { ECHO; } b { REJECT; } c { yymore (); } d { yyless (1); } e { /* IRIX 6.5 flex 2.5.4 underquotes its yyless argument. */ yyless ((input () != 0)); } f { unput (yytext[0]); } . { BEGIN INITIAL; } %% #ifdef YYTEXT_POINTER extern char *yytext; #endif int main (void) { return ! yylex () + ! yywrap (); } _ACEOF { { ac_try="$LEX conftest.l" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$LEX conftest.l") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking lex output file root" >&5 $as_echo_n "checking lex output file root... " >&6; } if ${ac_cv_prog_lex_root+:} false; then : $as_echo_n "(cached) " >&6 else if test -f lex.yy.c; then ac_cv_prog_lex_root=lex.yy elif test -f lexyy.c; then ac_cv_prog_lex_root=lexyy else as_fn_error $? "cannot find output from $LEX; giving up" "$LINENO" 5 fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_lex_root" >&5 $as_echo "$ac_cv_prog_lex_root" >&6; } LEX_OUTPUT_ROOT=$ac_cv_prog_lex_root if test -z "${LEXLIB+set}"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking lex library" >&5 $as_echo_n "checking lex library... " >&6; } if ${ac_cv_lib_lex+:} false; then : $as_echo_n "(cached) " >&6 else ac_save_LIBS=$LIBS ac_cv_lib_lex='none needed' for ac_lib in '' -lfl -ll; do LIBS="$ac_lib $ac_save_LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ `cat $LEX_OUTPUT_ROOT.c` _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_lex=$ac_lib fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext test "$ac_cv_lib_lex" != 'none needed' && break done LIBS=$ac_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_lex" >&5 $as_echo "$ac_cv_lib_lex" >&6; } test "$ac_cv_lib_lex" != 'none needed' && LEXLIB=$ac_cv_lib_lex fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether yytext is a pointer" >&5 $as_echo_n "checking whether yytext is a pointer... " >&6; } if ${ac_cv_prog_lex_yytext_pointer+:} false; then : $as_echo_n "(cached) " >&6 else # POSIX says lex can declare yytext either as a pointer or an array; the # default is implementation-dependent. Figure out which it is, since # not all implementations provide the %pointer and %array declarations. ac_cv_prog_lex_yytext_pointer=no ac_save_LIBS=$LIBS LIBS="$LEXLIB $ac_save_LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #define YYTEXT_POINTER 1 `cat $LEX_OUTPUT_ROOT.c` _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_prog_lex_yytext_pointer=yes fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_lex_yytext_pointer" >&5 $as_echo "$ac_cv_prog_lex_yytext_pointer" >&6; } if test $ac_cv_prog_lex_yytext_pointer = yes; then $as_echo "#define YYTEXT_POINTER 1" >>confdefs.h fi rm -f conftest.l $LEX_OUTPUT_ROOT.c fi # Check whether --with-rst2man was given. if test "${with_rst2man+set}" = set; then : withval=$with_rst2man; RST2MAN="$withval" else for ac_prog in rst2man rst2man.py do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_RST2MAN+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$RST2MAN"; then ac_cv_prog_RST2MAN="$RST2MAN" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RST2MAN="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi RST2MAN=$ac_cv_prog_RST2MAN if test -n "$RST2MAN"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RST2MAN" >&5 $as_echo "$RST2MAN" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$RST2MAN" && break done test -n "$RST2MAN" || RST2MAN="no" fi if test "x$RST2MAN" = "xno"; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: rst2man/rst2man.py were not found, Hitch will lack man pages. To fix this, please install python-docutils first and re-run configure." >&5 $as_echo "$as_me: WARNING: rst2man/rst2man.py were not found, Hitch will lack man pages. To fix this, please install python-docutils first and re-run configure." >&2;} fi if test "x$RST2MAN" != xno; then FOUND_RST2MAN_TRUE= FOUND_RST2MAN_FALSE='#' else FOUND_RST2MAN_TRUE='#' FOUND_RST2MAN_FALSE= fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 $as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } # Check whether --enable-maintainer-mode was given. if test "${enable_maintainer_mode+set}" = set; then : enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval else USE_MAINTAINER_MODE=no fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5 $as_echo "$USE_MAINTAINER_MODE" >&6; } if test $USE_MAINTAINER_MODE = yes; then MAINTAINER_MODE_TRUE= MAINTAINER_MODE_FALSE='#' else MAINTAINER_MODE_TRUE='#' MAINTAINER_MODE_FALSE= fi MAINT=$MAINTAINER_MODE_TRUE # Checks for libraries. if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_path_PKG_CONFIG+:} false; then : $as_echo_n "(cached) " >&6 else case $PKG_CONFIG in [\\/]* | ?:[\\/]*) ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS ;; esac fi PKG_CONFIG=$ac_cv_path_PKG_CONFIG if test -n "$PKG_CONFIG"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5 $as_echo "$PKG_CONFIG" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_path_PKG_CONFIG"; then ac_pt_PKG_CONFIG=$PKG_CONFIG # Extract the first word of "pkg-config", so it can be a program name with args. set dummy pkg-config; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_path_ac_pt_PKG_CONFIG+:} false; then : $as_echo_n "(cached) " >&6 else case $ac_pt_PKG_CONFIG in [\\/]* | ?:[\\/]*) ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS ;; esac fi ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG if test -n "$ac_pt_PKG_CONFIG"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKG_CONFIG" >&5 $as_echo "$ac_pt_PKG_CONFIG" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_pt_PKG_CONFIG" = x; then PKG_CONFIG="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac PKG_CONFIG=$ac_pt_PKG_CONFIG fi else PKG_CONFIG="$ac_cv_path_PKG_CONFIG" fi fi if test -n "$PKG_CONFIG"; then _pkg_min_version=0.9.0 { $as_echo "$as_me:${as_lineno-$LINENO}: checking pkg-config is at least version $_pkg_min_version" >&5 $as_echo_n "checking pkg-config is at least version $_pkg_min_version... " >&6; } if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } PKG_CONFIG="" fi fi if test -n "$PKG_CONFIG" && \ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libev\""; } >&5 ($PKG_CONFIG --exists --print-errors "libev") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then pkg_failed=no { $as_echo "$as_me:${as_lineno-$LINENO}: checking for EV" >&5 $as_echo_n "checking for EV... " >&6; } if test -n "$EV_CFLAGS"; then pkg_cv_EV_CFLAGS="$EV_CFLAGS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libev\""; } >&5 ($PKG_CONFIG --exists --print-errors "libev") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then pkg_cv_EV_CFLAGS=`$PKG_CONFIG --cflags "libev" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes fi else pkg_failed=untried fi if test -n "$EV_LIBS"; then pkg_cv_EV_LIBS="$EV_LIBS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libev\""; } >&5 ($PKG_CONFIG --exists --print-errors "libev") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then pkg_cv_EV_LIBS=`$PKG_CONFIG --libs "libev" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes fi else pkg_failed=untried fi if test $pkg_failed = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then _pkg_short_errors_supported=yes else _pkg_short_errors_supported=no fi if test $_pkg_short_errors_supported = yes; then EV_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libev" 2>&1` else EV_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libev" 2>&1` fi # Put the nasty error message in config.log where it belongs echo "$EV_PKG_ERRORS" >&5 as_fn_error $? "Package requirements (libev) were not met: $EV_PKG_ERRORS Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables EV_CFLAGS and EV_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details." "$LINENO" 5 elif test $pkg_failed = untried; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. Alternatively, you may set the environment variables EV_CFLAGS and EV_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details. To get pkg-config, see . See \`config.log' for more details" "$LINENO" 5; } else EV_CFLAGS=$pkg_cv_EV_CFLAGS EV_LIBS=$pkg_cv_EV_LIBS { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi else { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing ev_default_loop" >&5 $as_echo_n "checking for library containing ev_default_loop... " >&6; } if ${ac_cv_search_ev_default_loop+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char ev_default_loop (); int main () { return ev_default_loop (); ; return 0; } _ACEOF for ac_lib in '' ev; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_ev_default_loop=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_ev_default_loop+:} false; then : break fi done if ${ac_cv_search_ev_default_loop+:} false; then : else ac_cv_search_ev_default_loop=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_ev_default_loop" >&5 $as_echo "$ac_cv_search_ev_default_loop" >&6; } ac_res=$ac_cv_search_ev_default_loop if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" else as_fn_error $? "Cannot find libev." "$LINENO" 5 fi fi pkg_failed=no { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SSL" >&5 $as_echo_n "checking for SSL... " >&6; } if test -n "$SSL_CFLAGS"; then pkg_cv_SSL_CFLAGS="$SSL_CFLAGS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libssl\""; } >&5 ($PKG_CONFIG --exists --print-errors "libssl") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then pkg_cv_SSL_CFLAGS=`$PKG_CONFIG --cflags "libssl" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes fi else pkg_failed=untried fi if test -n "$SSL_LIBS"; then pkg_cv_SSL_LIBS="$SSL_LIBS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libssl\""; } >&5 ($PKG_CONFIG --exists --print-errors "libssl") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then pkg_cv_SSL_LIBS=`$PKG_CONFIG --libs "libssl" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes fi else pkg_failed=untried fi if test $pkg_failed = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then _pkg_short_errors_supported=yes else _pkg_short_errors_supported=no fi if test $_pkg_short_errors_supported = yes; then SSL_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libssl" 2>&1` else SSL_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libssl" 2>&1` fi # Put the nasty error message in config.log where it belongs echo "$SSL_PKG_ERRORS" >&5 as_fn_error $? "Package requirements (libssl) were not met: $SSL_PKG_ERRORS Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables SSL_CFLAGS and SSL_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details." "$LINENO" 5 elif test $pkg_failed = untried; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. Alternatively, you may set the environment variables SSL_CFLAGS and SSL_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details. To get pkg-config, see . See \`config.log' for more details" "$LINENO" 5; } else SSL_CFLAGS=$pkg_cv_SSL_CFLAGS SSL_LIBS=$pkg_cv_SSL_LIBS { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi pkg_failed=no { $as_echo "$as_me:${as_lineno-$LINENO}: checking for CRYPTO" >&5 $as_echo_n "checking for CRYPTO... " >&6; } if test -n "$CRYPTO_CFLAGS"; then pkg_cv_CRYPTO_CFLAGS="$CRYPTO_CFLAGS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libcrypto\""; } >&5 ($PKG_CONFIG --exists --print-errors "libcrypto") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then pkg_cv_CRYPTO_CFLAGS=`$PKG_CONFIG --cflags "libcrypto" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes fi else pkg_failed=untried fi if test -n "$CRYPTO_LIBS"; then pkg_cv_CRYPTO_LIBS="$CRYPTO_LIBS" elif test -n "$PKG_CONFIG"; then if test -n "$PKG_CONFIG" && \ { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libcrypto\""; } >&5 ($PKG_CONFIG --exists --print-errors "libcrypto") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then pkg_cv_CRYPTO_LIBS=`$PKG_CONFIG --libs "libcrypto" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes else pkg_failed=yes fi else pkg_failed=untried fi if test $pkg_failed = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then _pkg_short_errors_supported=yes else _pkg_short_errors_supported=no fi if test $_pkg_short_errors_supported = yes; then CRYPTO_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libcrypto" 2>&1` else CRYPTO_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libcrypto" 2>&1` fi # Put the nasty error message in config.log where it belongs echo "$CRYPTO_PKG_ERRORS" >&5 as_fn_error $? "Package requirements (libcrypto) were not met: $CRYPTO_PKG_ERRORS Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. Alternatively, you may set the environment variables CRYPTO_CFLAGS and CRYPTO_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details." "$LINENO" 5 elif test $pkg_failed = untried; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. Alternatively, you may set the environment variables CRYPTO_CFLAGS and CRYPTO_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details. To get pkg-config, see . See \`config.log' for more details" "$LINENO" 5; } else CRYPTO_CFLAGS=$pkg_cv_CRYPTO_CFLAGS CRYPTO_LIBS=$pkg_cv_CRYPTO_LIBS { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 $as_echo_n "checking how to run the C preprocessor... " >&6; } # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if ${ac_cv_prog_CPP+:} false; then : $as_echo_n "(cached) " >&6 else # Double quotes because CPP needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" do ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : break fi done ac_cv_prog_CPP=$CPP fi CPP=$ac_cv_prog_CPP else ac_cv_prog_CPP=$CPP fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 $as_echo "$CPP" >&6; } ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details" "$LINENO" 5; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 $as_echo_n "checking for grep that handles long lines and -e... " >&6; } if ${ac_cv_path_GREP+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$GREP"; then ac_path_GREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in *GNU*) ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'GREP' >> "conftest.nl" "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_GREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_GREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_GREP"; then as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_GREP=$GREP fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 $as_echo "$ac_cv_path_GREP" >&6; } GREP="$ac_cv_path_GREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 $as_echo_n "checking for egrep... " >&6; } if ${ac_cv_path_EGREP+:} false; then : $as_echo_n "(cached) " >&6 else if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 then ac_cv_path_EGREP="$GREP -E" else if test -z "$EGREP"; then ac_path_EGREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in *GNU*) ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'EGREP' >> "conftest.nl" "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_EGREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_EGREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_EGREP"; then as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_EGREP=$EGREP fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 $as_echo "$ac_cv_path_EGREP" >&6; } EGREP="$ac_cv_path_EGREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } if ${ac_cv_header_stdc+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_stdc=yes else ac_cv_header_stdc=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) \ (('a' <= (c) && (c) <= 'i') \ || ('j' <= (c) && (c) <= 'r') \ || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) return 2; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : else ac_cv_header_stdc=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 $as_echo "$ac_cv_header_stdc" >&6; } if test $ac_cv_header_stdc = yes; then $as_echo "#define STDC_HEADERS 1" >>confdefs.h fi # On IRIX 5.3, sys/types and inttypes.h are conflicting. for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done ac_fn_c_check_member "$LINENO" "struct stat" "st_mtim" "ac_cv_member_struct_stat_st_mtim" "$ac_includes_default" if test "x$ac_cv_member_struct_stat_st_mtim" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_STAT_ST_MTIM 1 _ACEOF fi ac_fn_c_check_member "$LINENO" "struct stat" "st_mtimespec" "ac_cv_member_struct_stat_st_mtimespec" "$ac_includes_default" if test "x$ac_cv_member_struct_stat_st_mtimespec" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_STAT_ST_MTIMESPEC 1 _ACEOF fi # Check whether --enable-sessioncache was given. if test "${enable_sessioncache+set}" = set; then : enableval=$enable_sessioncache; use_shctx="$withval" else use_shctx=no fi if test x"$use_shctx" != xno; then if test ! -e 'src/ebtree/ebtree.h'; then as_fn_error $? "Must clone https://github.com/haproxy/ebtree to src/ebtree/" "$LINENO" 5 fi fi if test xno != x"$use_shctx"; then USE_SHCTX_TRUE= USE_SHCTX_FALSE='#' else USE_SHCTX_TRUE='#' USE_SHCTX_FALSE= fi # Checks for header files. for ac_header in stdlib.h unistd.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done # Checks for typedefs, structures, and compiler characteristics. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uid_t in sys/types.h" >&5 $as_echo_n "checking for uid_t in sys/types.h... " >&6; } if ${ac_cv_type_uid_t+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "uid_t" >/dev/null 2>&1; then : ac_cv_type_uid_t=yes else ac_cv_type_uid_t=no fi rm -f conftest* fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_uid_t" >&5 $as_echo "$ac_cv_type_uid_t" >&6; } if test $ac_cv_type_uid_t = no; then $as_echo "#define uid_t int" >>confdefs.h $as_echo "#define gid_t int" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 $as_echo_n "checking for inline... " >&6; } if ${ac_cv_c_inline+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_c_inline=no for ac_kw in inline __inline__ __inline; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifndef __cplusplus typedef int foo_t; static $ac_kw foo_t static_foo () {return 0; } $ac_kw foo_t foo () {return 0; } #endif _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_c_inline=$ac_kw fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext test "$ac_cv_c_inline" != no && break done fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 $as_echo "$ac_cv_c_inline" >&6; } case $ac_cv_c_inline in inline | yes) ;; *) case $ac_cv_c_inline in no) ac_val=;; *) ac_val=$ac_cv_c_inline;; esac cat >>confdefs.h <<_ACEOF #ifndef __cplusplus #define inline $ac_val #endif _ACEOF ;; esac ac_fn_c_find_intX_t "$LINENO" "32" "ac_cv_c_int32_t" case $ac_cv_c_int32_t in #( no|yes) ;; #( *) cat >>confdefs.h <<_ACEOF #define int32_t $ac_cv_c_int32_t _ACEOF ;; esac ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default" if test "x$ac_cv_type_pid_t" = xyes; then : else cat >>confdefs.h <<_ACEOF #define pid_t int _ACEOF fi ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" if test "x$ac_cv_type_size_t" = xyes; then : else cat >>confdefs.h <<_ACEOF #define size_t unsigned int _ACEOF fi ac_fn_c_check_type "$LINENO" "ssize_t" "ac_cv_type_ssize_t" "$ac_includes_default" if test "x$ac_cv_type_ssize_t" = xyes; then : else cat >>confdefs.h <<_ACEOF #define ssize_t int _ACEOF fi ac_fn_c_find_uintX_t "$LINENO" "32" "ac_cv_c_uint32_t" case $ac_cv_c_uint32_t in #( no|yes) ;; #( *) $as_echo "#define _UINT32_T 1" >>confdefs.h cat >>confdefs.h <<_ACEOF #define uint32_t $ac_cv_c_uint32_t _ACEOF ;; esac # Checks for library functions. for ac_header in vfork.h do : ac_fn_c_check_header_mongrel "$LINENO" "vfork.h" "ac_cv_header_vfork_h" "$ac_includes_default" if test "x$ac_cv_header_vfork_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_VFORK_H 1 _ACEOF fi done for ac_func in fork vfork do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done if test "x$ac_cv_func_fork" = xyes; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working fork" >&5 $as_echo_n "checking for working fork... " >&6; } if ${ac_cv_func_fork_works+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : ac_cv_func_fork_works=cross else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int main () { /* By Ruediger Kuhlmann. */ return fork () < 0; ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : ac_cv_func_fork_works=yes else ac_cv_func_fork_works=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_fork_works" >&5 $as_echo "$ac_cv_func_fork_works" >&6; } else ac_cv_func_fork_works=$ac_cv_func_fork fi if test "x$ac_cv_func_fork_works" = xcross; then case $host in *-*-amigaos* | *-*-msdosdjgpp*) # Override, as these systems have only a dummy fork() stub ac_cv_func_fork_works=no ;; *) ac_cv_func_fork_works=yes ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: result $ac_cv_func_fork_works guessed because of cross compilation" >&5 $as_echo "$as_me: WARNING: result $ac_cv_func_fork_works guessed because of cross compilation" >&2;} fi ac_cv_func_vfork_works=$ac_cv_func_vfork if test "x$ac_cv_func_vfork" = xyes; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working vfork" >&5 $as_echo_n "checking for working vfork... " >&6; } if ${ac_cv_func_vfork_works+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : ac_cv_func_vfork_works=cross else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Thanks to Paul Eggert for this test. */ $ac_includes_default #include #ifdef HAVE_VFORK_H # include #endif /* On some sparc systems, changes by the child to local and incoming argument registers are propagated back to the parent. The compiler is told about this with #include , but some compilers (e.g. gcc -O) don't grok . Test for this by using a static variable whose address is put into a register that is clobbered by the vfork. */ static void #ifdef __cplusplus sparc_address_test (int arg) # else sparc_address_test (arg) int arg; #endif { static pid_t child; if (!child) { child = vfork (); if (child < 0) { perror ("vfork"); _exit(2); } if (!child) { arg = getpid(); write(-1, "", 0); _exit (arg); } } } int main () { pid_t parent = getpid (); pid_t child; sparc_address_test (0); child = vfork (); if (child == 0) { /* Here is another test for sparc vfork register problems. This test uses lots of local variables, at least as many local variables as main has allocated so far including compiler temporaries. 4 locals are enough for gcc 1.40.3 on a Solaris 4.1.3 sparc, but we use 8 to be safe. A buggy compiler should reuse the register of parent for one of the local variables, since it will think that parent can't possibly be used any more in this routine. Assigning to the local variable will thus munge parent in the parent process. */ pid_t p = getpid(), p1 = getpid(), p2 = getpid(), p3 = getpid(), p4 = getpid(), p5 = getpid(), p6 = getpid(), p7 = getpid(); /* Convince the compiler that p..p7 are live; otherwise, it might use the same hardware register for all 8 local variables. */ if (p != p1 || p != p2 || p != p3 || p != p4 || p != p5 || p != p6 || p != p7) _exit(1); /* On some systems (e.g. IRIX 3.3), vfork doesn't separate parent from child file descriptors. If the child closes a descriptor before it execs or exits, this munges the parent's descriptor as well. Test for this by closing stdout in the child. */ _exit(close(fileno(stdout)) != 0); } else { int status; struct stat st; while (wait(&status) != child) ; return ( /* Was there some problem with vforking? */ child < 0 /* Did the child fail? (This shouldn't happen.) */ || status /* Did the vfork/compiler bug occur? */ || parent != getpid() /* Did the file descriptor bug occur? */ || fstat(fileno(stdout), &st) != 0 ); } } _ACEOF if ac_fn_c_try_run "$LINENO"; then : ac_cv_func_vfork_works=yes else ac_cv_func_vfork_works=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_vfork_works" >&5 $as_echo "$ac_cv_func_vfork_works" >&6; } fi; if test "x$ac_cv_func_fork_works" = xcross; then ac_cv_func_vfork_works=$ac_cv_func_vfork { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: result $ac_cv_func_vfork_works guessed because of cross compilation" >&5 $as_echo "$as_me: WARNING: result $ac_cv_func_vfork_works guessed because of cross compilation" >&2;} fi if test "x$ac_cv_func_vfork_works" = xyes; then $as_echo "#define HAVE_WORKING_VFORK 1" >>confdefs.h else $as_echo "#define vfork fork" >>confdefs.h fi if test "x$ac_cv_func_fork_works" = xyes; then $as_echo "#define HAVE_WORKING_FORK 1" >>confdefs.h fi for ac_header in $ac_header_list do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_func in getpagesize do : ac_fn_c_check_func "$LINENO" "getpagesize" "ac_cv_func_getpagesize" if test "x$ac_cv_func_getpagesize" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETPAGESIZE 1 _ACEOF fi done { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working mmap" >&5 $as_echo_n "checking for working mmap... " >&6; } if ${ac_cv_func_mmap_fixed_mapped+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : ac_cv_func_mmap_fixed_mapped=no else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default /* malloc might have been renamed as rpl_malloc. */ #undef malloc /* Thanks to Mike Haertel and Jim Avera for this test. Here is a matrix of mmap possibilities: mmap private not fixed mmap private fixed at somewhere currently unmapped mmap private fixed at somewhere already mapped mmap shared not fixed mmap shared fixed at somewhere currently unmapped mmap shared fixed at somewhere already mapped For private mappings, we should verify that changes cannot be read() back from the file, nor mmap's back from the file at a different address. (There have been systems where private was not correctly implemented like the infamous i386 svr4.0, and systems where the VM page cache was not coherent with the file system buffer cache like early versions of FreeBSD and possibly contemporary NetBSD.) For shared mappings, we should conversely verify that changes get propagated back to all the places they're supposed to be. Grep wants private fixed already mapped. The main things grep needs to know about mmap are: * does it exist and is it safe to write into the mmap'd area * how to use it (BSD variants) */ #include #include #if !defined STDC_HEADERS && !defined HAVE_STDLIB_H char *malloc (); #endif /* This mess was copied from the GNU getpagesize.h. */ #ifndef HAVE_GETPAGESIZE # ifdef _SC_PAGESIZE # define getpagesize() sysconf(_SC_PAGESIZE) # else /* no _SC_PAGESIZE */ # ifdef HAVE_SYS_PARAM_H # include # ifdef EXEC_PAGESIZE # define getpagesize() EXEC_PAGESIZE # else /* no EXEC_PAGESIZE */ # ifdef NBPG # define getpagesize() NBPG * CLSIZE # ifndef CLSIZE # define CLSIZE 1 # endif /* no CLSIZE */ # else /* no NBPG */ # ifdef NBPC # define getpagesize() NBPC # else /* no NBPC */ # ifdef PAGESIZE # define getpagesize() PAGESIZE # endif /* PAGESIZE */ # endif /* no NBPC */ # endif /* no NBPG */ # endif /* no EXEC_PAGESIZE */ # else /* no HAVE_SYS_PARAM_H */ # define getpagesize() 8192 /* punt totally */ # endif /* no HAVE_SYS_PARAM_H */ # endif /* no _SC_PAGESIZE */ #endif /* no HAVE_GETPAGESIZE */ int main () { char *data, *data2, *data3; const char *cdata2; int i, pagesize; int fd, fd2; pagesize = getpagesize (); /* First, make a file with some known garbage in it. */ data = (char *) malloc (pagesize); if (!data) return 1; for (i = 0; i < pagesize; ++i) *(data + i) = rand (); umask (0); fd = creat ("conftest.mmap", 0600); if (fd < 0) return 2; if (write (fd, data, pagesize) != pagesize) return 3; close (fd); /* Next, check that the tail of a page is zero-filled. File must have non-zero length, otherwise we risk SIGBUS for entire page. */ fd2 = open ("conftest.txt", O_RDWR | O_CREAT | O_TRUNC, 0600); if (fd2 < 0) return 4; cdata2 = ""; if (write (fd2, cdata2, 1) != 1) return 5; data2 = (char *) mmap (0, pagesize, PROT_READ | PROT_WRITE, MAP_SHARED, fd2, 0L); if (data2 == MAP_FAILED) return 6; for (i = 0; i < pagesize; ++i) if (*(data2 + i)) return 7; close (fd2); if (munmap (data2, pagesize)) return 8; /* Next, try to mmap the file at a fixed address which already has something else allocated at it. If we can, also make sure that we see the same garbage. */ fd = open ("conftest.mmap", O_RDWR); if (fd < 0) return 9; if (data2 != mmap (data2, pagesize, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_FIXED, fd, 0L)) return 10; for (i = 0; i < pagesize; ++i) if (*(data + i) != *(data2 + i)) return 11; /* Finally, make sure that changes to the mapped area do not percolate back to the file as seen by read(). (This is a bug on some variants of i386 svr4.0.) */ for (i = 0; i < pagesize; ++i) *(data2 + i) = *(data2 + i) + 1; data3 = (char *) malloc (pagesize); if (!data3) return 12; if (read (fd, data3, pagesize) != pagesize) return 13; for (i = 0; i < pagesize; ++i) if (*(data + i) != *(data3 + i)) return 14; close (fd); return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : ac_cv_func_mmap_fixed_mapped=yes else ac_cv_func_mmap_fixed_mapped=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_mmap_fixed_mapped" >&5 $as_echo "$ac_cv_func_mmap_fixed_mapped" >&6; } if test $ac_cv_func_mmap_fixed_mapped = yes; then $as_echo "#define HAVE_MMAP 1" >>confdefs.h fi rm -f conftest.mmap conftest.txt for ac_func in accept4 do : ac_fn_c_check_func "$LINENO" "accept4" "ac_cv_func_accept4" if test "x$ac_cv_func_accept4" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_ACCEPT4 1 _ACEOF fi done { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether SO_REUSEPORT works" >&5 $as_echo_n "checking whether SO_REUSEPORT works... " >&6; } if ${ac_cv_so_reuseport_works+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run test program while cross compiling See \`config.log' for more details" "$LINENO" 5; } else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include int main () { int s = socket(AF_INET, SOCK_STREAM, 0); int i = 5; if (setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &i, sizeof i) < 0) return (1); return (0); ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : ac_cv_so_reuseport_works=yes else ac_cv_so_reuseport_works=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_so_reuseport_works" >&5 $as_echo "$ac_cv_so_reuseport_works" >&6; } if test "$ac_cv_so_reuseport_works" = yes; then $as_echo "#define SO_REUSEPORT_WORKS 1" >>confdefs.h fi SH_TESTS="$(cd $srcdir/src && echo tests/test*.sh)" ac_config_files="$ac_config_files Makefile" ac_config_files="$ac_config_files src/Makefile" ac_config_files="$ac_config_files src/util/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) # `set' does not quote correctly, so add quotes: double-quote # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; #( *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) | sed ' /^ac_cv_env_/b end t clear :clear s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} if test ! -f "$cache_file" || test -h "$cache_file"; then cat confcache >"$cache_file" else case $cache_file in #( */* | ?:*) mv -f confcache "$cache_file"$$ && mv -f "$cache_file"$$ "$cache_file" ;; #( *) mv -f confcache "$cache_file" ;; esac fi fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' ac_i=`$as_echo "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs { $as_echo "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5 $as_echo_n "checking that generated files are newer than configure... " >&6; } if test -n "$am_sleep_pid"; then # Hide warnings about reused PIDs. wait $am_sleep_pid 2>/dev/null fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: done" >&5 $as_echo "done" >&6; } if test -n "$EXEEXT"; then am__EXEEXT_TRUE= am__EXEEXT_FALSE='#' else am__EXEEXT_TRUE='#' am__EXEEXT_FALSE= fi if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then as_fn_error $? "conditional \"AMDEP\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then as_fn_error $? "conditional \"am__fastdepCC\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${FOUND_RST2MAN_TRUE}" && test -z "${FOUND_RST2MAN_FALSE}"; then as_fn_error $? "conditional \"FOUND_RST2MAN\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then as_fn_error $? "conditional \"MAINTAINER_MODE\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${USE_SHCTX_TRUE}" && test -z "${USE_SHCTX_FALSE}"; then as_fn_error $? "conditional \"USE_SHCTX\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi : "${CONFIG_STATUS=./config.status}" ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 $as_echo "$as_me: creating $CONFIG_STATUS" >&6;} as_write_fail=0 cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. debug=false ac_cs_recheck=false ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} export SHELL _ASEOF cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" exec 6>&1 ## ----------------------------------- ## ## Main body of $CONFIG_STATUS script. ## ## ----------------------------------- ## _ASEOF test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by hitch $as_me 1.4.4, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ on `(hostname || uname -n) 2>/dev/null | sed 1q` " _ACEOF case $ac_config_files in *" "*) set x $ac_config_files; shift; ac_config_files=$*;; esac case $ac_config_headers in *" "*) set x $ac_config_headers; shift; ac_config_headers=$*;; esac cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" config_headers="$ac_config_headers" config_commands="$ac_config_commands" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ \`$as_me' instantiates files and other configuration actions from templates according to the current configuration. Unless the files and actions are specified as TAGs, all are instantiated by default. Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit --config print configuration, then exit -q, --quiet, --silent do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] instantiate the configuration file FILE --header=FILE[:TEMPLATE] instantiate the configuration header FILE Configuration files: $config_files Configuration headers: $config_headers Configuration commands: $config_commands Report bugs to ." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ hitch config.status 1.4.4 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." ac_pwd='$ac_pwd' srcdir='$srcdir' INSTALL='$INSTALL' MKDIR_P='$MKDIR_P' AWK='$AWK' test -n "\$AWK" || AWK=awk _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do case $1 in --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; --*=) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg= ac_shift=: ;; *) ac_option=$1 ac_optarg=$2 ac_shift=shift ;; esac case $ac_option in # Handling of the options. -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) $as_echo "$ac_cs_version"; exit ;; --config | --confi | --conf | --con | --co | --c ) $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; '') as_fn_error $? "missing file argument" ;; esac as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; esac as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; --he | --h) # Conflict between --help and --header as_fn_error $? "ambiguous option: \`$1' Try \`$0 --help' for more information.";; --help | --hel | -h ) $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. -*) as_fn_error $? "unrecognized option: \`$1' Try \`$0 --help' for more information." ;; *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac shift done ac_configure_extra_args= if $ac_cs_silent; then exec 6>/dev/null ac_configure_extra_args="$ac_configure_extra_args --silent" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' export CONFIG_SHELL exec "\$@" fi _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX $as_echo "$ac_log" } >&5 _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # # INIT-COMMANDS # AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets do case $ac_config_target in "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; "src/Makefile") CONFIG_FILES="$CONFIG_FILES src/Makefile" ;; "src/util/Makefile") CONFIG_FILES="$CONFIG_FILES src/util/Makefile" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac done # If the user did not use the arguments to specify the items to instantiate, # then the envvar interface is used. Set only those that are not. # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands fi # Have a temporary directory for convenience. Make it in the build tree # simply because there is no reason against having it here, and in addition, # creating and moving files from /tmp can sometimes cause problems. # Hook for its removal unless debugging. # Note that there is a small window in which the directory will not be cleaned: # after its creation but before its name has been assigned to `$tmp'. $debug || { tmp= ac_tmp= trap 'exit_status=$? : "${ac_tmp:=$tmp}" { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. # This happens for instance with `./config.status config.h'. if test -n "$CONFIG_FILES"; then ac_cr=`echo X | tr X '\015'` # On cygwin, bash can eat \r inside `` if the user requested igncr. # But we know of no other shell where ac_cr would be empty at this # point, so we can use a bashism as a fallback. if test "x$ac_cr" = x; then eval ac_cr=\$\'\\r\' fi ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then ac_cs_awk_cr='\\r' else ac_cs_awk_cr=$ac_cr fi echo 'BEGIN {' >"$ac_tmp/subs1.awk" && _ACEOF { echo "cat >conf$$subs.awk <<_ACEOF" && echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && echo "_ACEOF" } >conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do . ./conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h s/^/S["/; s/!.*/"]=/ p g s/^[^!]*!// :repl t repl s/'"$ac_delim"'$// t delim :nl h s/\(.\{148\}\)..*/\1/ t more1 s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ p n b repl :more1 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t nl :delim h s/\(.\{148\}\)..*/\1/ t more2 s/["\\]/\\&/g; s/^/"/; s/$/"/ p b :more2 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t delim ' >$CONFIG_STATUS || ac_write_fail=1 rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" } { line = $ 0 nfields = split(line, field, "@") substed = 0 len = length(field[1]) for (i = 2; i < nfields; i++) { key = field[i] keylen = length(key) if (S_is_set[key]) { value = S[key] line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) len += length(value) + length(field[++i]) substed = 1 } else len += 1 + keylen } print line } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF # VPATH may cause trouble with some makes, so we remove sole $(srcdir), # ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ h s/// s/^/:/ s/[ ]*$/:/ s/:\$(srcdir):/:/g s/:\${srcdir}:/:/g s/:@srcdir@:/:/g s/^:*// s/:*$// x s/\(=[ ]*\).*/\1/ G s/\n// s/^[^=]*=[ ]*$// }' fi cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 fi # test -n "$CONFIG_FILES" # Set up the scripts for CONFIG_HEADERS section. # No need to generate them if there are no CONFIG_HEADERS. # This happens for instance with `./config.status Makefile'. if test -n "$CONFIG_HEADERS"; then cat >"$ac_tmp/defines.awk" <<\_ACAWK || BEGIN { _ACEOF # Transform confdefs.h into an awk script `defines.awk', embedded as # here-document in config.status, that substitutes the proper values into # config.h.in to produce config.h. # Create a delimiter string that does not exist in confdefs.h, to ease # handling of long lines. ac_delim='%!_!# ' for ac_last_try in false false :; do ac_tt=`sed -n "/$ac_delim/p" confdefs.h` if test -z "$ac_tt"; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done # For the awk script, D is an array of macro values keyed by name, # likewise P contains macro parameters if any. Preserve backslash # newline sequences. ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* sed -n ' s/.\{148\}/&'"$ac_delim"'/g t rset :rset s/^[ ]*#[ ]*define[ ][ ]*/ / t def d :def s/\\$// t bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3"/p s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p d :bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3\\\\\\n"\\/p t cont s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p t cont d :cont n s/.\{148\}/&'"$ac_delim"'/g t clear :clear s/\\$// t bsnlc s/["\\]/\\&/g; s/^/"/; s/$/"/p d :bsnlc s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p b cont ' >$CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 for (key in D) D_is_set[key] = 1 FS = "" } /^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { line = \$ 0 split(line, arg, " ") if (arg[1] == "#") { defundef = arg[2] mac1 = arg[3] } else { defundef = substr(arg[1], 2) mac1 = arg[2] } split(mac1, mac2, "(") #) macro = mac2[1] prefix = substr(line, 1, index(line, defundef) - 1) if (D_is_set[macro]) { # Preserve the white space surrounding the "#". print prefix "define", macro P[macro] D[macro] next } else { # Replace #undef with comments. This is necessary, for example, # in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. if (defundef == "undef") { print "/*", prefix defundef, macro, "*/" next } } } { print } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 fi # test -n "$CONFIG_HEADERS" eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS" shift for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac ac_save_IFS=$IFS IFS=: set x $ac_tag IFS=$ac_save_IFS shift ac_file=$1 shift case $ac_mode in :L) ac_source=$1;; :[FH]) ac_file_inputs= for ac_f do case $ac_f in -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. test -f "$ac_f" || case $ac_f in [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ configure_input='Generated from '` $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 $as_echo "$as_me: creating $ac_file" >&6;} fi # Neutralize special characters interpreted by sed in replacement strings. case $configure_input in #( *\&* | *\|* | *\\* ) ac_sed_conf_input=`$as_echo "$configure_input" | sed 's/[\\\\&|]/\\\\&/g'`;; #( *) ac_sed_conf_input=$configure_input;; esac case $ac_tag in *:-:* | *:-) cat >"$ac_tmp/stdin" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac ac_dir=`$as_dirname -- "$ac_file" || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix case $ac_mode in :F) # # CONFIG_FILE # case $INSTALL in [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; esac ac_MKDIR_P=$MKDIR_P case $MKDIR_P in [\\/$]* | ?:[\\/]* ) ;; */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;; esac _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= ac_sed_dataroot=' /datarootdir/ { p q } /@datadir@/p /@docdir@/p /@infodir@/p /@localedir@/p /@mandir@/p' case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 $as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when `$srcdir' = `.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_sed_extra="$ac_vpsub $extrasub _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t s&@builddir@&$ac_builddir&;t t s&@abs_builddir@&$ac_abs_builddir&;t t s&@abs_top_builddir@&$ac_abs_top_builddir&;t t s&@INSTALL@&$ac_INSTALL&;t t s&@MKDIR_P@&$ac_MKDIR_P&;t t $ac_datarootdir_hack " eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ "$ac_tmp/out"`; test -z "$ac_out"; } && { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&5 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$ac_tmp/stdin" case $ac_file in -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; esac \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; :H) # # CONFIG_HEADER # if test x"$ac_file" != x-; then { $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" } >"$ac_tmp/config.h" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 $as_echo "$as_me: $ac_file is unchanged" >&6;} else rm -f "$ac_file" mv "$ac_tmp/config.h" "$ac_file" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ || as_fn_error $? "could not create -" "$LINENO" 5 fi # Compute "$ac_file"'s index in $config_headers. _am_arg="$ac_file" _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" || $as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$_am_arg" : 'X\(//\)[^/]' \| \ X"$_am_arg" : 'X\(//\)$' \| \ X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$_am_arg" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'`/stamp-h$_am_stamp_count ;; :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 $as_echo "$as_me: executing $ac_file commands" >&6;} ;; esac case $ac_file$ac_mode in "depfiles":C) test x"$AMDEP_TRUE" != x"" || { # Older Autoconf quotes --file arguments for eval, but not when files # are listed without --file. Let's play safe and only enable the eval # if we detect the quoting. case $CONFIG_FILES in *\'*) eval set x "$CONFIG_FILES" ;; *) set x $CONFIG_FILES ;; esac shift for mf do # Strip MF so we end up with the name of the file. mf=`echo "$mf" | sed -e 's/:.*$//'` # Check whether this is an Automake generated Makefile or not. # We used to match only the files named 'Makefile.in', but # some people rename them; so instead we look at the file content. # Grep'ing the first line is not enough: some people post-process # each Makefile.in and add a new line on top of each file to say so. # Grep'ing the whole file is not good either: AIX grep has a line # limit of 2048, but all sed's we know have understand at least 4000. if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then dirpart=`$as_dirname -- "$mf" || $as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$mf" : 'X\(//\)[^/]' \| \ X"$mf" : 'X\(//\)$' \| \ X"$mf" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$mf" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` else continue fi # Extract the definition of DEPDIR, am__include, and am__quote # from the Makefile without running 'make'. DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` test -z "$DEPDIR" && continue am__include=`sed -n 's/^am__include = //p' < "$mf"` test -z "$am__include" && continue am__quote=`sed -n 's/^am__quote = //p' < "$mf"` # Find all dependency output files, they are included files with # $(DEPDIR) in their names. We invoke sed twice because it is the # simplest approach to changing $(DEPDIR) to its actual value in the # expansion. for file in `sed -n " s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do # Make sure the directory exists. test -f "$dirpart/$file" && continue fdir=`$as_dirname -- "$file" || $as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$file" : 'X\(//\)[^/]' \| \ X"$file" : 'X\(//\)$' \| \ X"$file" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` as_dir=$dirpart/$fdir; as_fn_mkdir_p # echo "creating $dirpart/$file" echo '# dummy' > "$dirpart/$file" done done } ;; esac done # for ac_tag as_fn_exit 0 _ACEOF ac_clean_files=$ac_clean_files_save test $ac_write_fail = 0 || as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open # by configure, so config.status won't be able to write to it; its # output is simply discarded. So we exec the FD to /dev/null, # effectively closing config.log, so it can be properly (re)opened and # appended to by config.status. When coming back to configure, we # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: ac_config_status_args= test "$silent" = yes && ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. $ac_cs_success || as_fn_exit 1 fi if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi hitch-1.4.4/hitch.conf.50000644000175000017500000002136713011340204011646 00000000000000.\" Man page generated from reStructuredText. . .TH HITCH.CONF 5 "" "" "" .SH NAME Hitch.conf \- Configuration file for Hitch . .nr rst2man-indent-level 0 . .de1 rstReportMargin \\$1 \\n[an-margin] level \\n[rst2man-indent-level] level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] - \\n[rst2man-indent0] \\n[rst2man-indent1] \\n[rst2man-indent2] .. .de1 INDENT .\" .rstReportMargin pre: . RS \\$1 . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] . nr rst2man-indent-level +1 .\" .rstReportMargin post: .. .de UNINDENT . RE .\" indent \\n[an-margin] .\" old: \\n[rst2man-indent\\n[rst2man-indent-level]] .nr rst2man-indent-level -1 .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. .SH DESCRIPTION .sp hitch.conf is the configuration file for \fIhitch(8)\fP\&. The configuration file is loaded using the Hitch option \-\-config=, and can thus have different names and can exist in different locations. .sp Almost all options available in hitch.conf can be specified or overridden in the command line of Hitch, as described in hitch(8). .sp The Hitch configuration file consists of a series of option assignments. Some options (pem\-file, frontend) can be be set several times, and the effect is that multiple certificate files and "listening frontends" are defined. Other options can only be assigned once. .sp The hash mark, or pound sign ("#"), is used as a "comment" character. You can use it to annotate your config file. All text after the comment character to the end of the line is ignored. Empty lines are ignored. .SH OPTIONS .sp Options can either be in the top level of the configuration file (global scope), or inside a \fIfrontend block\fP\&. Options inside a frontend block only affect the frontend, while options in the top level sets defaults for all frontends. .sp Unless otherwise noted below, options can only be used in the top level. .SS alpn\-protos = .sp Comma separated list of protocols supported by the backend in a quoted string. The list is used select protocols when the client supports Next Protocol Negotiation (NPN) or Application\-Layer Protocol Negotiation (ALPN). If Hitch is compiled against a OpenSSL version that does not support ALPN, only NPN will be used to select a protocol. .sp The result of the NPN/ALPN negotiation will be communicated to the backend if and only if write\-proxy\-v2 or proxy\-proxy is used. For HTTP/2 to work with modern browsers, ALPN negotiation is required. .SS backend = "[HOST]:PORT" .sp The host and port Hitch connects to when receiving a connection. Only a single backend is supported. .SS backlog = .sp Listen backlog size .SS chroot = .sp Chroot directory .SS ciphers = ... .sp List of ciphers to use in the secure communication. Refer to the OpenSSL documentation for a complete list of supported ciphers. .sp If not specified, OpenSSL will allow all ciphers. System administrators are adviced to either only support strong ciphers (as in the example file below) or to pay close attention to security advisories related OpenSSL\(aqs ciphers. .sp This option is also available in frontend blocks. .SS daemon = on|off .sp Run as daemon. Default is off. .SS frontend = ... .sp This specifies the port and interface (the \fIlisten endpoint\fP) that Hitch binds to when listening for connections. It is possible define several frontends, and Hitch will bind to several ports and/or several interfaces. .sp If "*" is used as the host, then Hitch will bind on all interfaces for the given port. .sp A frontend can be specified either in a single line: .INDENT 0.0 .INDENT 3.5 .sp .nf .ft C frontend = "[HOST]:PORT[+CERT]" .ft P .fi .UNINDENT .UNINDENT .sp Or in a \fIfrontend block\fP: .INDENT 0.0 .INDENT 3.5 .sp .nf .ft C frontend = { host = "HOST" port = "PORT" } .ft P .fi .UNINDENT .UNINDENT .SS group = .sp If given, Hitch will change to this group after binding to listen sockets. .SS keepalive = .sp Number of seconds a TCP socket is kept alive .SS ocsp\-dir = .sp Directory where Hitch will store and read OCSP responses for stapling. Default is "/var/lib/hitch/". .sp Directory must be readable and writable for the configured Hitch user, or automatic retrieval and updating of OCSP responses will not take place. .sp If you have a manually pre\-loaded OCSP staple, an alternative pem\-file syntax can be used for stapling: .INDENT 0.0 .INDENT 3.5 .sp .nf .ft C pem\-file = { cert = "mycert.pem" ocsp\-resp\-file = "ocsp\-resp.der" } .ft P .fi .UNINDENT .UNINDENT .SS ocsp\-connect\-tmo = .sp OCSP fetch connect timeout. .sp This does normally not need to be changed. .sp Default is 4.0 seconds. .SS ocsp\-resp\-tmo = .sp OCSP fetch response timeout. .sp This does normally not need to be changed. .sp Default is 10 seconds. .SS ocsp\-verify\-staple = on|off .sp If set, OCSP responses will be verified against the certificate after retrieval. .sp Default is off. .SS pem\-file = .sp Specify a SSL x509 certificate file. Server Name Indication (SNI) is supported by using one certificate file per SNI name. .sp Certificates are used in the order they are listed; the last certificate listed will be used if none of the others match. .sp A file suitable for Hitch is a concatenation of a private key and a corresponding certificate or certificate chain. .sp At least one PEM file is needed for Hitch to start, but it can be supplied on the command line. .sp This option is also available in a frontend declaration, to make a certificate only available for a specific listen endpoint. .SS prefer\-server\-ciphers = on|off .sp Turns on or off enforcement of the cipher ordering set in Hitch. .sp This option is also available in frontend blocks. .sp Default is off. .SS proxy\-proxy = on|off .sp Proxy an existing PROXY protocol header through this request. At the moment this is equivalent to write\-proxy\-v2. .sp This option is mutually exclusive with option write\-proxy\-v2, write\-ip and write\-proxy\-v1. .sp Default is off. .SS quiet = on|off .sp If quiet is turned on, only error messages will be shown. .SS tls\-protos = ... .sp The SSL/TLS protocols to be used. This is an unquoted list of tokens. Available tokens are SSLv3, TLSv1.0, TLSv1.1 and TLSv1.2. .sp The default is TLSv1.1 and TLSv1.2. .sp There are two deprecated options, ssl= and tls=, that also select protocols. If "ssl=on" is used, then all protocols are selected. This is known to be insecure, and is strongly discouraged. If "tls=on" is used, the three TLS protocol versions will be used. Turning on SSLv3 and TLSv1.0 is not recommended \- support for these protocols are only kept for backwards compatibility. .sp This option is also available in frontend blocks. .SS sni\-nomatch\-abort = on|off .sp Abort handshake when the client submits an unrecognized SNI server name. .sp This option is also available in a frontend declaration. .SS ssl\-engine = .sp Set the SSL engine. This is used with SSL accelerator cards. See the OpenSSL documentation for legal values. .SS syslog = on|off .sp Send messages to syslog. Default is off. .SS syslog\-facility = .sp Set the syslog facility. Default is "daemon". .SS user = .sp User to run as. If Hitch is started as root, it will insist on changing to a user with lower rights after binding to sockets. .SS workers = .sp Number of worker processes. One per CPU core is recommended. .SS write\-ip = on|off .sp Report the client ip to the backend by writing IP before sending data. .sp This option is mutually exclusive with each of the options write\-proxy\-v2, write\-proxy\-v1 and proxy\-proxy. .sp Default is off. .SS write\-proxy\-v1 = on|off .sp Report client address using the PROXY protocol. .sp This option is mutually exclusive with option write\-proxy\-v2, write\-ip and proxy\-proxy. .sp Default is off. .SS write\-proxy\-v2 = on|off .sp Report client address using PROXY v2 protocol. .sp This option is mutually exclusive with option write\-ip, write\-proxy\-v1 and proxy\-proxy. .sp Default is off. .SH EXAMPLE .\" example-start . .sp The following file shows the syntax needed to get started with: .INDENT 0.0 .INDENT 3.5 .sp .nf .ft C frontend = { host = "*" port = "443" } backend = "[127.0.0.1]:6086" # 6086 is the default Varnish PROXY port. workers = 4 # number of CPU cores daemon = on user = "nobody" group = "nogroup" # Enable to let clients negotiate HTTP/2 with ALPN. (default off) # alpn\-protos = "http/2, http/1.1" # run Varnish as backend over PROXY; varnishd \-a :80 \-a localhost:6086,PROXY .. write\-proxy\-v2 = on # Write PROXY header .ft P .fi .UNINDENT .UNINDENT .\" example-end . .SH AUTHOR .sp This manual was written by PÃ¥l Hermunn Johansen <\fI\%hermunn@varnish\-software.com\fP> .\" Generated by docutils manpage writer. . hitch-1.4.4/install-sh0000755000175000017500000003546313006223057011555 00000000000000#!/bin/sh # install - install a program, script, or datafile scriptversion=2014-09-12.12; # UTC # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the # following copyright and license. # # Copyright (C) 1994 X Consortium # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to # deal in the Software without restriction, including without limitation the # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or # sell copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in # all copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN # AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC- # TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. # # Except as contained in this notice, the name of the X Consortium shall not # be used in advertising or otherwise to promote the sale, use or other deal- # ings in this Software without prior written authorization from the X Consor- # tium. # # # FSF changes to this file are in the public domain. # # Calling this script install-sh is preferred over install.sh, to prevent # 'make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. tab=' ' nl=' ' IFS=" $tab$nl" # Set DOITPROG to "echo" to test this script. doit=${DOITPROG-} doit_exec=${doit:-exec} # Put in absolute file names if you don't have them in your path; # or use environment vars. chgrpprog=${CHGRPPROG-chgrp} chmodprog=${CHMODPROG-chmod} chownprog=${CHOWNPROG-chown} cmpprog=${CMPPROG-cmp} cpprog=${CPPROG-cp} mkdirprog=${MKDIRPROG-mkdir} mvprog=${MVPROG-mv} rmprog=${RMPROG-rm} stripprog=${STRIPPROG-strip} posix_mkdir= # Desired mode of installed file. mode=0755 chgrpcmd= chmodcmd=$chmodprog chowncmd= mvcmd=$mvprog rmcmd="$rmprog -f" stripcmd= src= dst= dir_arg= dst_arg= copy_on_change=false is_target_a_directory=possibly usage="\ Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE or: $0 [OPTION]... SRCFILES... DIRECTORY or: $0 [OPTION]... -t DIRECTORY SRCFILES... or: $0 [OPTION]... -d DIRECTORIES... In the 1st form, copy SRCFILE to DSTFILE. In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. In the 4th, create DIRECTORIES. Options: --help display this help and exit. --version display version info and exit. -c (ignored) -C install only if different (preserve the last data modification time) -d create directories instead of installing files. -g GROUP $chgrpprog installed files to GROUP. -m MODE $chmodprog installed files to MODE. -o USER $chownprog installed files to USER. -s $stripprog installed files. -t DIRECTORY install into DIRECTORY. -T report an error if DSTFILE is a directory. Environment variables override the default commands: CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG " while test $# -ne 0; do case $1 in -c) ;; -C) copy_on_change=true;; -d) dir_arg=true;; -g) chgrpcmd="$chgrpprog $2" shift;; --help) echo "$usage"; exit $?;; -m) mode=$2 case $mode in *' '* | *"$tab"* | *"$nl"* | *'*'* | *'?'* | *'['*) echo "$0: invalid mode: $mode" >&2 exit 1;; esac shift;; -o) chowncmd="$chownprog $2" shift;; -s) stripcmd=$stripprog;; -t) is_target_a_directory=always dst_arg=$2 # Protect names problematic for 'test' and other utilities. case $dst_arg in -* | [=\(\)!]) dst_arg=./$dst_arg;; esac shift;; -T) is_target_a_directory=never;; --version) echo "$0 $scriptversion"; exit $?;; --) shift break;; -*) echo "$0: invalid option: $1" >&2 exit 1;; *) break;; esac shift done # We allow the use of options -d and -T together, by making -d # take the precedence; this is for compatibility with GNU install. if test -n "$dir_arg"; then if test -n "$dst_arg"; then echo "$0: target directory not allowed when installing a directory." >&2 exit 1 fi fi if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then # When -d is used, all remaining arguments are directories to create. # When -t is used, the destination is already specified. # Otherwise, the last argument is the destination. Remove it from $@. for arg do if test -n "$dst_arg"; then # $@ is not empty: it contains at least $arg. set fnord "$@" "$dst_arg" shift # fnord fi shift # arg dst_arg=$arg # Protect names problematic for 'test' and other utilities. case $dst_arg in -* | [=\(\)!]) dst_arg=./$dst_arg;; esac done fi if test $# -eq 0; then if test -z "$dir_arg"; then echo "$0: no input file specified." >&2 exit 1 fi # It's OK to call 'install-sh -d' without argument. # This can happen when creating conditional directories. exit 0 fi if test -z "$dir_arg"; then if test $# -gt 1 || test "$is_target_a_directory" = always; then if test ! -d "$dst_arg"; then echo "$0: $dst_arg: Is not a directory." >&2 exit 1 fi fi fi if test -z "$dir_arg"; then do_exit='(exit $ret); exit $ret' trap "ret=129; $do_exit" 1 trap "ret=130; $do_exit" 2 trap "ret=141; $do_exit" 13 trap "ret=143; $do_exit" 15 # Set umask so as not to create temps with too-generous modes. # However, 'strip' requires both read and write access to temps. case $mode in # Optimize common cases. *644) cp_umask=133;; *755) cp_umask=22;; *[0-7]) if test -z "$stripcmd"; then u_plus_rw= else u_plus_rw='% 200' fi cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;; *) if test -z "$stripcmd"; then u_plus_rw= else u_plus_rw=,u+rw fi cp_umask=$mode$u_plus_rw;; esac fi for src do # Protect names problematic for 'test' and other utilities. case $src in -* | [=\(\)!]) src=./$src;; esac if test -n "$dir_arg"; then dst=$src dstdir=$dst test -d "$dstdir" dstdir_status=$? else # Waiting for this to be detected by the "$cpprog $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if test ! -f "$src" && test ! -d "$src"; then echo "$0: $src does not exist." >&2 exit 1 fi if test -z "$dst_arg"; then echo "$0: no destination specified." >&2 exit 1 fi dst=$dst_arg # If destination is a directory, append the input filename; won't work # if double slashes aren't ignored. if test -d "$dst"; then if test "$is_target_a_directory" = never; then echo "$0: $dst_arg: Is a directory" >&2 exit 1 fi dstdir=$dst dst=$dstdir/`basename "$src"` dstdir_status=0 else dstdir=`dirname "$dst"` test -d "$dstdir" dstdir_status=$? fi fi obsolete_mkdir_used=false if test $dstdir_status != 0; then case $posix_mkdir in '') # Create intermediate dirs using mode 755 as modified by the umask. # This is like FreeBSD 'install' as of 1997-10-28. umask=`umask` case $stripcmd.$umask in # Optimize common cases. *[2367][2367]) mkdir_umask=$umask;; .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;; *[0-7]) mkdir_umask=`expr $umask + 22 \ - $umask % 100 % 40 + $umask % 20 \ - $umask % 10 % 4 + $umask % 2 `;; *) mkdir_umask=$umask,go-w;; esac # With -d, create the new directory with the user-specified mode. # Otherwise, rely on $mkdir_umask. if test -n "$dir_arg"; then mkdir_mode=-m$mode else mkdir_mode= fi posix_mkdir=false case $umask in *[123567][0-7][0-7]) # POSIX mkdir -p sets u+wx bits regardless of umask, which # is incompatible with FreeBSD 'install' when (umask & 300) != 0. ;; *) # $RANDOM is not portable (e.g. dash); use it when possible to # lower collision chance tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$ trap 'ret=$?; rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null; exit $ret' 0 # As "mkdir -p" follows symlinks and we work in /tmp possibly; so # create the $tmpdir first (and fail if unsuccessful) to make sure # that nobody tries to guess the $tmpdir name. if (umask $mkdir_umask && $mkdirprog $mkdir_mode "$tmpdir" && exec $mkdirprog $mkdir_mode -p -- "$tmpdir/a/b") >/dev/null 2>&1 then if test -z "$dir_arg" || { # Check for POSIX incompatibilities with -m. # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or # other-writable bit of parent directory when it shouldn't. # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. test_tmpdir="$tmpdir/a" ls_ld_tmpdir=`ls -ld "$test_tmpdir"` case $ls_ld_tmpdir in d????-?r-*) different_mode=700;; d????-?--*) different_mode=755;; *) false;; esac && $mkdirprog -m$different_mode -p -- "$test_tmpdir" && { ls_ld_tmpdir_1=`ls -ld "$test_tmpdir"` test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1" } } then posix_mkdir=: fi rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" else # Remove any dirs left behind by ancient mkdir implementations. rmdir ./$mkdir_mode ./-p ./-- "$tmpdir" 2>/dev/null fi trap '' 0;; esac;; esac if $posix_mkdir && ( umask $mkdir_umask && $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir" ) then : else # The umask is ridiculous, or mkdir does not conform to POSIX, # or it failed possibly due to a race condition. Create the # directory the slow way, step by step, checking for races as we go. case $dstdir in /*) prefix='/';; [-=\(\)!]*) prefix='./';; *) prefix='';; esac oIFS=$IFS IFS=/ set -f set fnord $dstdir shift set +f IFS=$oIFS prefixes= for d do test X"$d" = X && continue prefix=$prefix$d if test -d "$prefix"; then prefixes= else if $posix_mkdir; then (umask=$mkdir_umask && $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break # Don't fail if two instances are running concurrently. test -d "$prefix" || exit 1 else case $prefix in *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;; *) qprefix=$prefix;; esac prefixes="$prefixes '$qprefix'" fi fi prefix=$prefix/ done if test -n "$prefixes"; then # Don't fail if two instances are running concurrently. (umask $mkdir_umask && eval "\$doit_exec \$mkdirprog $prefixes") || test -d "$dstdir" || exit 1 obsolete_mkdir_used=true fi fi fi if test -n "$dir_arg"; then { test -z "$chowncmd" || $doit $chowncmd "$dst"; } && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } && { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false || test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1 else # Make a couple of temp file names in the proper directory. dsttmp=$dstdir/_inst.$$_ rmtmp=$dstdir/_rm.$$_ # Trap to clean up those temp files at exit. trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 # Copy the file name to the temp name. (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && # and set any options; do chmod last to preserve setuid bits. # # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $cpprog $src $dsttmp" command. # { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && # If -C, don't bother to copy if it wouldn't change the file. if $copy_on_change && old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && set -f && set X $old && old=:$2:$4:$5:$6 && set X $new && new=:$2:$4:$5:$6 && set +f && test "$old" = "$new" && $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 then rm -f "$dsttmp" else # Rename the file to the real destination. $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || # The rename failed, perhaps because mv can't rename something else # to itself, or perhaps because mv is so ancient that it does not # support -f. { # Now remove or move aside any old file at destination location. # We try this two ways since rm can't unlink itself on some # systems and the destination file might be busy for other # reasons. In this case, the final cleanup might fail but the new # file should still install successfully. { test ! -f "$dst" || $doit $rmcmd -f "$dst" 2>/dev/null || { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } } || { echo "$0: cannot unlink or rename $dst" >&2 (exit 1); exit 1 } } && # Now rename the file to the real destination. $doit $mvcmd "$dsttmp" "$dst" } fi || exit 1 trap '' 0 fi done # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/hitch.conf.example0000644000175000017500000000100713026756721013147 00000000000000# Run 'man hitch.conf' for a description of all options. frontend = { host = "*" port = "443" } backend = "[127.0.0.1]:6086" # 6086 is the default Varnish PROXY port. workers = 4 # number of CPU cores daemon = on user = "nobody" group = "nogroup" # Enable to let clients negotiate HTTP/2 with ALPN. (default off) # alpn-protos = "http/2, http/1.1" # run Varnish as backend over PROXY; varnishd -a :80 -a localhost:6086,PROXY .. write-proxy-v2 = on # Write PROXY header hitch-1.4.4/hitch.conf.man.rst0000644000175000017500000002026113011340200013050 00000000000000 .. _hitch.conf(5): ========== Hitch.conf ========== ---------------------------- Configuration file for Hitch ---------------------------- :Manual section: 5 Description =========== hitch.conf is the configuration file for `hitch(8)`. The configuration file is loaded using the Hitch option --config=, and can thus have different names and can exist in different locations. Almost all options available in hitch.conf can be specified or overridden in the command line of Hitch, as described in hitch(8). The Hitch configuration file consists of a series of option assignments. Some options (pem-file, frontend) can be be set several times, and the effect is that multiple certificate files and "listening frontends" are defined. Other options can only be assigned once. The hash mark, or pound sign ("#"), is used as a "comment" character. You can use it to annotate your config file. All text after the comment character to the end of the line is ignored. Empty lines are ignored. Options ======= Options can either be in the top level of the configuration file (global scope), or inside a *frontend block*. Options inside a frontend block only affect the frontend, while options in the top level sets defaults for all frontends. Unless otherwise noted below, options can only be used in the top level. alpn-protos = ----------------------------- Comma separated list of protocols supported by the backend in a quoted string. The list is used select protocols when the client supports Next Protocol Negotiation (NPN) or Application-Layer Protocol Negotiation (ALPN). If Hitch is compiled against a OpenSSL version that does not support ALPN, only NPN will be used to select a protocol. The result of the NPN/ALPN negotiation will be communicated to the backend if and only if write-proxy-v2 or proxy-proxy is used. For HTTP/2 to work with modern browsers, ALPN negotiation is required. backend = "[HOST]:PORT" ----------------------- The host and port Hitch connects to when receiving a connection. Only a single backend is supported. backlog = ------------------ Listen backlog size chroot = ----------------- Chroot directory ciphers = ... ------------- List of ciphers to use in the secure communication. Refer to the OpenSSL documentation for a complete list of supported ciphers. If not specified, OpenSSL will allow all ciphers. System administrators are adviced to either only support strong ciphers (as in the example file below) or to pay close attention to security advisories related OpenSSL's ciphers. This option is also available in frontend blocks. daemon = on|off --------------- Run as daemon. Default is off. frontend = ... -------------- This specifies the port and interface (the *listen endpoint*) that Hitch binds to when listening for connections. It is possible define several frontends, and Hitch will bind to several ports and/or several interfaces. If "*" is used as the host, then Hitch will bind on all interfaces for the given port. A frontend can be specified either in a single line: :: frontend = "[HOST]:PORT[+CERT]" Or in a *frontend block*: :: frontend = { host = "HOST" port = "PORT" } group = ---------------- If given, Hitch will change to this group after binding to listen sockets. keepalive = -------------------- Number of seconds a TCP socket is kept alive ocsp-dir = ------------------- Directory where Hitch will store and read OCSP responses for stapling. Default is "/var/lib/hitch/". Directory must be readable and writable for the configured Hitch user, or automatic retrieval and updating of OCSP responses will not take place. If you have a manually pre-loaded OCSP staple, an alternative pem-file syntax can be used for stapling: :: pem-file = { cert = "mycert.pem" ocsp-resp-file = "ocsp-resp.der" } ocsp-connect-tmo = --------------------------- OCSP fetch connect timeout. This does normally not need to be changed. Default is 4.0 seconds. ocsp-resp-tmo = ------------------------ OCSP fetch response timeout. This does normally not need to be changed. Default is 10 seconds. ocsp-verify-staple = on|off --------------------------- If set, OCSP responses will be verified against the certificate after retrieval. Default is off. pem-file = ------------------- Specify a SSL x509 certificate file. Server Name Indication (SNI) is supported by using one certificate file per SNI name. Certificates are used in the order they are listed; the last certificate listed will be used if none of the others match. A file suitable for Hitch is a concatenation of a private key and a corresponding certificate or certificate chain. At least one PEM file is needed for Hitch to start, but it can be supplied on the command line. This option is also available in a frontend declaration, to make a certificate only available for a specific listen endpoint. prefer-server-ciphers = on|off ------------------------------ Turns on or off enforcement of the cipher ordering set in Hitch. This option is also available in frontend blocks. Default is off. proxy-proxy = on|off -------------------- Proxy an existing PROXY protocol header through this request. At the moment this is equivalent to write-proxy-v2. This option is mutually exclusive with option write-proxy-v2, write-ip and write-proxy-v1. Default is off. quiet = on|off -------------- If quiet is turned on, only error messages will be shown. tls-protos = ... ---------------- The SSL/TLS protocols to be used. This is an unquoted list of tokens. Available tokens are SSLv3, TLSv1.0, TLSv1.1 and TLSv1.2. The default is TLSv1.1 and TLSv1.2. There are two deprecated options, ssl= and tls=, that also select protocols. If "ssl=on" is used, then all protocols are selected. This is known to be insecure, and is strongly discouraged. If "tls=on" is used, the three TLS protocol versions will be used. Turning on SSLv3 and TLSv1.0 is not recommended - support for these protocols are only kept for backwards compatibility. This option is also available in frontend blocks. sni-nomatch-abort = on|off -------------------------- Abort handshake when the client submits an unrecognized SNI server name. This option is also available in a frontend declaration. ssl-engine = --------------------- Set the SSL engine. This is used with SSL accelerator cards. See the OpenSSL documentation for legal values. syslog = on|off ---------------- Send messages to syslog. Default is off. syslog-facility = -------------------------- Set the syslog facility. Default is "daemon". user = --------------- User to run as. If Hitch is started as root, it will insist on changing to a user with lower rights after binding to sockets. workers = ------------------ Number of worker processes. One per CPU core is recommended. write-ip = on|off ----------------- Report the client ip to the backend by writing IP before sending data. This option is mutually exclusive with each of the options write-proxy-v2, write-proxy-v1 and proxy-proxy. Default is off. write-proxy-v1 = on|off ----------------------- Report client address using the PROXY protocol. This option is mutually exclusive with option write-proxy-v2, write-ip and proxy-proxy. Default is off. write-proxy-v2 = on|off ----------------------- Report client address using PROXY v2 protocol. This option is mutually exclusive with option write-ip, write-proxy-v1 and proxy-proxy. Default is off. Example ======= .. example-start The following file shows the syntax needed to get started with:: frontend = { host = "*" port = "443" } backend = "[127.0.0.1]:6086" # 6086 is the default Varnish PROXY port. workers = 4 # number of CPU cores daemon = on user = "nobody" group = "nogroup" # Enable to let clients negotiate HTTP/2 with ALPN. (default off) # alpn-protos = "http/2, http/1.1" # run Varnish as backend over PROXY; varnishd -a :80 -a localhost:6086,PROXY .. write-proxy-v2 = on # Write PROXY header .. example-end Author ====== This manual was written by PÃ¥l Hermunn Johansen hitch-1.4.4/Makefile.am0000644000175000017500000000126113011315764011575 00000000000000 SUBDIRS = src src/util if FOUND_RST2MAN hitch.8: hitch.man.rst ${RST2MAN} --halt=2 $(srcdir)/hitch.man.rst $@ hitch.conf.5: hitch.conf.man.rst ${RST2MAN} --halt=2 $(srcdir)/hitch.conf.man.rst $@ dist_man_MANS = hitch.8 hitch.conf.5 endif hitch.conf.example: hitch.conf.man.rst echo "# Run 'man hitch.conf' for a description of all options." > $@.tmp sed -e '1,/^.. example-start/d' \ -e '/.. example-end/,$$d' \ -e '/^[^ ]/d' \ -e 's/^ //' hitch.conf.man.rst >> $@.tmp mv $@.tmp $@ doc_DATA = hitch.conf.example CHANGES.rst README.md EXTRA_DIST = LICENSE README.md hitch.man.rst hitch.conf.man.rst hitch.conf.example CHANGES.rst docs CLEANFILES = hitch.conf.example hitch-1.4.4/config.h.in0000644000175000017500000000705213010325220011553 00000000000000/* config.h.in. Generated from configure.ac by autoheader. */ /* Define to 1 if you have the `accept4' function. */ #undef HAVE_ACCEPT4 /* Define to 1 if you have the `fork' function. */ #undef HAVE_FORK /* Define to 1 if you have the `getpagesize' function. */ #undef HAVE_GETPAGESIZE /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H /* Define to 1 if you have a working `mmap' system call. */ #undef HAVE_MMAP /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H /* Define to 1 if you have the header file. */ #undef HAVE_STRING_H /* Define to 1 if `st_mtim' is a member of `struct stat'. */ #undef HAVE_STRUCT_STAT_ST_MTIM /* Define to 1 if `st_mtimespec' is a member of `struct stat'. */ #undef HAVE_STRUCT_STAT_ST_MTIMESPEC /* Define to 1 if you have the header file. */ #undef HAVE_SYS_PARAM_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H /* Define to 1 if you have the `vfork' function. */ #undef HAVE_VFORK /* Define to 1 if you have the header file. */ #undef HAVE_VFORK_H /* Define to 1 if `fork' works. */ #undef HAVE_WORKING_FORK /* Define to 1 if `vfork' works. */ #undef HAVE_WORKING_VFORK /* Name of package */ #undef PACKAGE /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT /* Define to the full name of this package. */ #undef PACKAGE_NAME /* Define to the full name and version of this package. */ #undef PACKAGE_STRING /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME /* Define to the home page for this package. */ #undef PACKAGE_URL /* Define to the version of this package. */ #undef PACKAGE_VERSION /* Define if SO_REUSEPORT works */ #undef SO_REUSEPORT_WORKS /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS /* Version number of package */ #undef VERSION /* Define to 1 if `lex' declares `yytext' as a `char *' by default, not a `char[]'. */ #undef YYTEXT_POINTER /* Define for Solaris 2.5.1 so the uint32_t typedef from , , or is not used. If the typedef were allowed, the #define below would cause a syntax error. */ #undef _UINT32_T /* Define to `int' if doesn't define. */ #undef gid_t /* Define to `__inline__' or `__inline' if that's what the C compiler calls it, or to nothing if 'inline' is not supported under any name. */ #ifndef __cplusplus #undef inline #endif /* Define to the type of a signed integer type of width exactly 32 bits if such a type exists and the standard includes do not define it. */ #undef int32_t /* Define to `int' if does not define. */ #undef pid_t /* Define to `unsigned int' if does not define. */ #undef size_t /* Define to `int' if does not define. */ #undef ssize_t /* Define to `int' if doesn't define. */ #undef uid_t /* Define to the type of an unsigned integer type of width exactly 32 bits if such a type exists and the standard includes do not define it. */ #undef uint32_t /* Define as `fork' if `vfork' does not work. */ #undef vfork hitch-1.4.4/src/0000755000175000017500000000000013026756721010420 500000000000000hitch-1.4.4/src/hitch.h0000644000175000017500000001055013003667032011600 00000000000000/** * Copyright 2016 Varnish Software * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above * copyright notice, this list of conditions and the following * disclaimer. * * 2. Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials * provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY BUMP TECHNOLOGIES, INC. ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BUMP * TECHNOLOGIES, INC. OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef HITCH_H_INCLUDED #define HITCH_H_INCLUDED #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "asn_gentm.h" #include "config.h" #include "configuration.h" #include "ringbuffer.h" #include "foreign/miniobj.h" #include "foreign/vas.h" #include "foreign/vsb.h" typedef struct sslstaple_s sslstaple; struct sni_name_s; VTAILQ_HEAD(sni_name_head, sni_name_s); /* SSL contexts. */ struct sslctx_s { unsigned magic; #define SSLCTX_MAGIC 0xcd1ce5ff char *filename; SSL_CTX *ctx; double mtim; sslstaple *staple; int staple_vfy; char *staple_fn; X509 *x509; ev_stat *ev_staple; struct sni_name_head sni_list; UT_hash_handle hh; }; typedef struct sslctx_s sslctx; #ifndef OPENSSL_NO_TLSEXT struct sslstaple_s { unsigned magic; #define SSLSTAPLE_MAGIC 0x20fe53fd unsigned char *staple; double mtim; double nextupd; int len; }; /* SNI lookup objects */ typedef struct sni_name_s { unsigned magic; #define SNI_NAME_MAGIC 0xb0626581 char *servername; sslctx *sctx; int is_wildcard; VTAILQ_ENTRY(sni_name_s) list; UT_hash_handle hh; } sni_name; sni_name *sni_names; #endif /* OPENSSL_NO_TLSEXT */ /* * Proxied State * * All state associated with one proxied connection */ typedef struct proxystate { unsigned magic; #define PROXYSTATE_MAGIC 0xcf877ed9 ringbuffer ring_ssl2clear; /* Pushing bytes from * secure to clear * stream */ ringbuffer ring_clear2ssl; /* Pushing bytes from * clear to secure * stream */ ev_io ev_r_ssl; /* Secure stream write event */ ev_io ev_w_ssl; /* Secure stream read event */ ev_io ev_r_handshake; /* Secure stream handshake * write event */ ev_io ev_w_handshake; /* Secure stream handshake * read event */ ev_timer ev_t_handshake; /* handshake timer */ ev_io ev_w_connect; /* Backend connect event */ ev_timer ev_t_connect; /* backend connect timer */ ev_io ev_r_clear; /* Clear stream write event */ ev_io ev_w_clear; /* Clear stream read event */ ev_io ev_proxy; /* proxy read event */ int fd_up; /* Upstream (client) socket */ int fd_down; /* Downstream (backend) * socket */ int want_shutdown:1; /* Connection is * half-shutdown */ int handshaked:1; /* Initial handshake happened */ int clear_connected:1; /* Clear stream is * connected */ int renegotiation:1; /* Renegotation is * occuring */ int npn_alpn_tried:1;/* NPN or ALPN was tried */ SSL *ssl; /* OpenSSL SSL state */ struct sockaddr_storage remote_ip; /* Remote ip returned * from `accept` */ int connect_port; /* local port for connection */ } proxystate; X509 * Find_issuer(X509 *subj, STACK_OF(X509) *chain); #endif /* HITCH_H_INCLUDED */ hitch-1.4.4/src/cfg_lex.l0000644000175000017500000000552512771171634012133 00000000000000%{ #include #include #include "configuration.h" #include "cfg_parser.h" %} %option nounput noinput %option yylineno %option noyywrap %% [ \t\n\r] ; #.*$ ; "{" { return ('{'); } "}" { return ('}'); } "=" { return ('='); } [0-9]+ { yylval.i = atoi(yytext); return (UINT); } \-?[0-9]+ { yylval.i = atoi(yytext); return (INT); } "frontend" { return (TOK_FRONTEND); } "backend" { return (TOK_BACKEND); } "quiet" { return (TOK_QUIET); } "ssl" { return (TOK_SSL); } "tls" { return (TOK_TLS); } "tls-protos" { return (TOK_TLS_PROTOS); } "SSLv3" { return (TOK_SSLv3); } "TLSv1.0" { return (TOK_TLSv1_0); } "TLSv1.1" { return (TOK_TLSv1_1); } "TLSv1.2" { return (TOK_TLSv1_2); } "ciphers" { return (TOK_CIPHERS); } "ssl-engine" { return (TOK_SSL_ENGINE); } "prefer-server-ciphers" { return (TOK_PREFER_SERVER_CIPHERS); } "workers" { return (TOK_WORKERS); } "backlog" { return (TOK_BACKLOG); } "keepalive" { return (TOK_KEEPALIVE); } "chroot" { return (TOK_CHROOT); } "user" { return (TOK_USER); } "group" { return (TOK_GROUP); } "syslog" { return (TOK_SYSLOG); } "syslog-facility" { return (TOK_SYSLOG_FACILITY); } "daemon" { return (TOK_DAEMON); } "write-ip" { return (TOK_WRITE_IP); } "write-proxy" { return (TOK_WRITE_PROXY); } "write-proxy-v1" { return (TOK_WRITE_PROXY_V1); } "write-proxy-v2" { return (TOK_WRITE_PROXY_V2); } "pem-file" { return (TOK_PEM_FILE); } "proxy-proxy" { return (TOK_PROXY_PROXY); } "alpn-protos" { return (TOK_ALPN_PROTOS); } "backend-connect-timeout" { return (TOK_BACKEND_CONNECT_TIMEOUT); } "ssl-handshake-timeout" { return (TOK_SSL_HANDSHAKE_TIMEOUT); } "recv-bufsize" { return (TOK_RECV_BUFSIZE); } "send-bufsize" { return (TOK_SEND_BUFSIZE); } "log-filename" { return (TOK_LOG_FILENAME); } "ring-slots" { return (TOK_RING_SLOTS); } "ring-data-len" { return (TOK_RING_DATA_LEN); } "pidfile" { return (TOK_PIDFILE); } "sni-nomatch-abort" { return (TOK_SNI_NOMATCH_ABORT); } "host" { return (TOK_HOST); } "port" { return (TOK_PORT); } "match-global-certs" { return (TOK_MATCH_GLOBAL); } "cert" { return (TOK_PB_CERT); } "ocsp-resp-file" { return (TOK_PB_OCSP_FILE); } "ocsp-verify-staple" { return (TOK_OCSP_VERIFY); } "ocsp-resp-tmo" { return (TOK_OCSP_RESP_TMO); } "ocsp-connect-tmo" { return (TOK_OCSP_CONN_TMO); } "ocsp-dir" { return (TOK_OCSP_DIR); } (?i:"yes"|"y"|"on"|"true"|"t"|\"yes\"|\"y\"|\"on\"|\"true\"|\"t\") { yylval.i = 1; return (BOOL); } (?i:"no"|"n"|"off"|"false"|"f"|\"no\"|\"n\"|\"off\"|\"false\"|\"f\") { yylval.i = 0; return (BOOL); } \"(\\.|[^\\"])*\" { char *s; if (strlen(yytext) == 2) { yylval.s = NULL; return (STRING); } s = strchr(yytext + 1, '"'); *s = '\0'; yylval.s = yytext + 1; return (STRING); } [a-zA-Z0-9\-]+ { yylval.s = yytext; return (STRING); } . ; %% hitch-1.4.4/src/asn_gentm.c0000644000175000017500000001271212764475665012477 00000000000000/* * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ /* This code is borrowed from the openssl library, which conveniently * doesn't expose any functions for converting an ASN1_GENERALIZEDTIME * to a sane timestamp format. */ #include #include #include /* * Convert date to and from julian day Uses Fliegel & Van Flandern algorithm */ static void julian_to_date(long jd, int *y, int *m, int *d) { long L = jd + 68569; long n = (4 * L) / 146097; long i, j; L = L - (146097 * n + 3) / 4; i = (4000 * (L + 1)) / 1461001; L = L - (1461 * i) / 4 + 31; j = (80 * L) / 2447; *d = L - (2447 * j) / 80; L = j / 11; *m = j + 2 - (12 * L); *y = 100 * (n - 49) + i + L; } static long date_to_julian(int y, int m, int d) { return (1461 * (y + 4800 + (m - 14) / 12)) / 4 + (367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 - (3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 + d - 32075; } #define SECS_PER_DAY (24 * 60 * 60) /* Convert tm structure and offset into julian day and seconds */ static int julian_adj(const struct tm *tm, int off_day, long offset_sec, long *pday, int *psec) { int offset_hms, offset_day; long time_jd; int time_year, time_month, time_day; /* split offset into days and day seconds */ offset_day = offset_sec / SECS_PER_DAY; /* Avoid sign issues with % operator */ offset_hms = offset_sec - (offset_day * SECS_PER_DAY); offset_day += off_day; /* Add current time seconds to offset */ offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec; /* Adjust day seconds if overflow */ if (offset_hms >= SECS_PER_DAY) { offset_day++; offset_hms -= SECS_PER_DAY; } else if (offset_hms < 0) { offset_day--; offset_hms += SECS_PER_DAY; } /* * Convert date of time structure into a Julian day number. */ time_year = tm->tm_year + 1900; time_month = tm->tm_mon + 1; time_day = tm->tm_mday; time_jd = date_to_julian(time_year, time_month, time_day); /* Work out Julian day of new date */ time_jd += offset_day; if (time_jd < 0) return 0; *pday = time_jd; *psec = offset_hms; return 1; } static int openssl_gmtime_adj(struct tm *tm, int off_day, long offset_sec) { int time_sec, time_year, time_month, time_day; long time_jd; /* Convert time and offset into Julian day and seconds */ if (!julian_adj(tm, off_day, offset_sec, &time_jd, &time_sec)) return 0; /* Convert Julian day back to date */ julian_to_date(time_jd, &time_year, &time_month, &time_day); if (time_year < 1900 || time_year > 9999) return 0; /* Update tm structure */ tm->tm_year = time_year - 1900; tm->tm_mon = time_month - 1; tm->tm_mday = time_day; tm->tm_hour = time_sec / 3600; tm->tm_min = (time_sec / 60) % 60; tm->tm_sec = time_sec % 60; return 1; } static int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d) { static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 }; static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 }; char *a; int n, i, l, o; if (d->type != V_ASN1_GENERALIZEDTIME) return (0); l = d->length; a = (char *)d->data; o = 0; /* * GENERALIZEDTIME is similar to UTCTIME except the year is represented * as YYYY. This stuff treats everything as a two digit field so make * first two fields 00 to 99 */ if (l < 13) goto err; for (i = 0; i < 7; i++) { if ((i == 6) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) { i++; if (tm) tm->tm_sec = 0; break; } if ((a[o] < '0') || (a[o] > '9')) goto err; n = a[o] - '0'; if (++o > l) goto err; if ((a[o] < '0') || (a[o] > '9')) goto err; n = (n * 10) + a[o] - '0'; if (++o > l) goto err; if ((n < min[i]) || (n > max[i])) goto err; if (tm) { switch (i) { case 0: tm->tm_year = n * 100 - 1900; break; case 1: tm->tm_year += n; break; case 2: tm->tm_mon = n - 1; break; case 3: tm->tm_mday = n; break; case 4: tm->tm_hour = n; break; case 5: tm->tm_min = n; break; case 6: tm->tm_sec = n; break; } } } /* * Optional fractional seconds: decimal point followed by one or more * digits. */ if (a[o] == '.') { if (++o > l) goto err; i = o; while ((o <= l) && (a[o] >= '0') && (a[o] <= '9')) o++; /* Must have at least one digit after decimal point */ if (i == o) goto err; } if (a[o] == 'Z') o++; else if ((a[o] == '+') || (a[o] == '-')) { int offsign = a[o] == '-' ? -1 : 1, offset = 0; o++; if (o + 4 > l) goto err; for (i = 7; i < 9; i++) { if ((a[o] < '0') || (a[o] > '9')) goto err; n = a[o] - '0'; o++; if ((a[o] < '0') || (a[o] > '9')) goto err; n = (n * 10) + a[o] - '0'; if ((n < min[i]) || (n > max[i])) goto err; if (tm) { if (i == 7) offset = n * 3600; else if (i == 8) offset += n * 60; } o++; } if (offset && !openssl_gmtime_adj(tm, 0, offset * offsign)) return 0; } else if (a[o]) { /* Missing time zone information. */ goto err; } return (o == l); err: return (0); } double asn1_gentime_parse(const ASN1_GENERALIZEDTIME *d) { struct tm tm = { .tm_min = 0 }; if (d == NULL) return (-1.0); if (asn1_generalizedtime_to_tm(&tm, d) == 0) return (-1.0); return (double) (mktime(&tm)); } hitch-1.4.4/src/hitch.c0000644000175000017500000025640413024517723011611 00000000000000/** * Copyright 2015-2016 Varnish Software * Copyright 2011 Bump Technologies, Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above * copyright notice, this list of conditions and the following * disclaimer. * * 2. Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials * provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY BUMP TECHNOLOGIES, INC. ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BUMP * TECHNOLOGIES, INC. OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * The views and conclusions contained in the software and * documentation are those of the authors and should not be * interpreted as representing official policies, either expressed or * implied, of Bump Technologies, Inc. * */ #include #include #include /* TCP_NODELAY */ #include #include #include #include /* WAIT_PID */ #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef __linux__ #include #endif #include "config.h" #include "configuration.h" #include "hitch.h" #include "hssl_locks.h" #include "logging.h" #include "ocsp.h" #include "shctx.h" #include "foreign/vpf.h" #include "foreign/uthash.h" #ifndef MSG_NOSIGNAL # define MSG_NOSIGNAL 0 #endif #ifndef AI_ADDRCONFIG # define AI_ADDRCONFIG 0 #endif /* For Mac OS X */ #ifndef TCP_KEEPIDLE # ifdef TCP_KEEPALIVE # define TCP_KEEPIDLE TCP_KEEPALIVE # endif #endif #ifndef SOL_TCP # define SOL_TCP IPPROTO_TCP #endif /* Do we have SNI support? */ #ifndef OPENSSL_NO_TLSEXT #ifndef SSL_CTRL_SET_TLSEXT_HOSTNAME #define OPENSSL_NO_TLSEXT #endif #endif /* logging.c */ extern FILE *logfile; extern struct stat logf_st; extern time_t logf_check_t; /* Globals */ struct ev_loop *loop; hitch_config *CONFIG; /* Worker proc's read side of mgt->worker pipe(2) */ static ev_io mgt_rd; static struct addrinfo *backaddr; static pid_t master_pid; static pid_t ocsp_proc_pid; static int core_id; static SSL_SESSION *client_session; /* The current number of active client connections. */ static uint64_t n_conns; /* Current generation of worker processes. Bumped after a sighup prior * to launching new children. */ static unsigned worker_gen; static volatile unsigned n_sighup; static volatile unsigned n_sigchld; enum worker_state_e { WORKER_ACTIVE, WORKER_EXITING }; static enum worker_state_e worker_state; struct worker_proc { unsigned magic; #define WORKER_PROC_MAGIC 0xbc7fe9e6 /* Writer end of pipe(2) for mgt -> worker ipc */ int pfd; pid_t pid; unsigned gen; int core_id; VTAILQ_ENTRY(worker_proc) list; }; VTAILQ_HEAD(worker_proc_head, worker_proc); static struct worker_proc_head worker_procs; struct sslctx_s; struct sni_name_s; struct listen_sock { unsigned magic; #define LISTEN_SOCK_MAGIC 0xda96b2f6 int sock; char *name; ev_io listener; struct sockaddr_storage addr; VTAILQ_ENTRY(listen_sock) list; }; VTAILQ_HEAD(listen_sock_head, listen_sock); struct frontend { unsigned magic; #define FRONTEND_MAGIC 0x5b04e577 int match_global_certs; int sni_nomatch_abort; struct sni_name_s *sni_names; struct sslctx_s *ssl_ctxs; char *pspec; struct listen_sock_head socks; VTAILQ_ENTRY(frontend) list; }; VTAILQ_HEAD(frontend_head, frontend); static struct frontend_head frontends; #ifdef USE_SHARED_CACHE static ev_io shcupd_listener; static int shcupd_socket; struct addrinfo *shcupd_peers[MAX_SHCUPD_PEERS+1]; static unsigned char shared_secret[SHA_DIGEST_LENGTH]; #endif /*USE_SHARED_CACHE*/ int create_workers; static struct vpf_fh *pfh = NULL; static char tcp_proxy_line[128] = ""; /* What agent/state requests the shutdown--for proper half-closed * handling */ typedef enum _SHUTDOWN_REQUESTOR { SHUTDOWN_HARD, SHUTDOWN_CLEAR, SHUTDOWN_SSL } SHUTDOWN_REQUESTOR; static const char *SHUTDOWN_STR[] = { [SHUTDOWN_HARD] = "SHUTDOWN_HARD", [SHUTDOWN_CLEAR] = "SHUTDOWN_CLEAR", [SHUTDOWN_SSL] = "SHUTDOWN_SSL", }; #ifndef OPENSSL_NO_TLSEXT sni_name *sni_names; static sslctx *ssl_ctxs; static sslctx *default_ctx; static void insert_sni_names(sslctx *sc, sni_name **sn_tab); static int load_cert_ctx(sslctx *so); #endif /* OPENSSL_NO_TLSEXT */ union ha_proxy_v2_addr { struct { /* for TCP/UDP over IPv4, len = 12 */ uint32_t src_addr; uint32_t dst_addr; uint16_t src_port; uint16_t dst_port; } ipv4; struct { /* for TCP/UDP over IPv6, len = 36 */ uint8_t src_addr[16]; uint8_t dst_addr[16]; uint16_t src_port; uint16_t dst_port; } ipv6; struct { /* for AF_UNIX sockets, len = 216 */ uint8_t src_addr[108]; uint8_t dst_addr[108]; } unix; }; struct ha_proxy_v2_hdr { uint8_t sig[12]; uint8_t ver_cmd; uint8_t fam; uint16_t len; /* number of following bytes * part of the header */ union ha_proxy_v2_addr addr; }; /* set a file descriptor (socket) to non-blocking mode */ static int setnonblocking(int fd) { int flag = 1; if (ioctl(fd, FIONBIO, &flag) < 0) { assert (errno == ECONNRESET || errno == ENOTCONN); return (-1); } return (0); } /* set a tcp socket to use TCP Keepalive */ static void settcpkeepalive(int fd) { int optval = 1; socklen_t optlen = sizeof(optval); if(setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &optval, optlen) < 0) { SOCKERR("Error activating SO_KEEPALIVE on client socket"); } #ifdef TCP_KEEPIDLE optval = CONFIG->TCP_KEEPALIVE_TIME; optlen = sizeof(optval); if (setsockopt(fd, SOL_TCP, TCP_KEEPIDLE, &optval, optlen) < 0) { SOCKERR("Error setting TCP_KEEPIDLE on client socket"); } #endif } #ifndef OPENSSL_NO_DH static int init_dh(SSL_CTX *ctx, const char *cert) { DH *dh; BIO *bio; AN(cert); bio = BIO_new_file(cert, "r"); if (!bio) { log_ssl_error(NULL, "{core} BIO_new_file"); return (-1); } dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL); BIO_free(bio); if (!dh) { LOG("{core} Note: no DH parameters found in %s\n", cert); return (-1); } LOG("{core} Using DH parameters from %s\n", cert); if (!SSL_CTX_set_tmp_dh(ctx, dh)) { log_ssl_error(NULL, "{core} Error setting temp DH params"); return (-1); } LOG("{core} DH initialized with %d bit key\n", 8*DH_size(dh)); DH_free(dh); return (0); } static int init_ecdh(SSL_CTX *ctx) { #ifndef OPENSSL_NO_EC #ifdef NID_X9_62_prime256v1 EC_KEY *ecdh = NULL; ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); SSL_CTX_set_tmp_ecdh(ctx, ecdh); EC_KEY_free(ecdh); LOG("{core} ECDH Initialized with NIST P-256\n"); #endif /* NID_X9_62_prime256v1 */ #endif /* OPENSSL_NO_EC */ return 0; } #endif /* OPENSSL_NO_DH */ /* This callback function is executed while OpenSSL processes the SSL * handshake and does SSL record layer stuff. It's used to trap * client-initiated renegotiations. */ static void info_callback(const SSL *ssl, int where, int ret) { proxystate *ps; (void)ret; if (where & SSL_CB_HANDSHAKE_START) { CAST_OBJ_NOTNULL(ps, SSL_get_app_data(ssl), PROXYSTATE_MAGIC); if (ps->handshaked) { ps->renegotiation = 1; LOG("{core} SSL renegotiation asked by client\n"); } } } #ifdef OPENSSL_WITH_NPN static int npn_select_cb(SSL *ssl, const unsigned char **out, unsigned *outlen, void *arg) { proxystate *ps; (void)arg; CAST_OBJ_NOTNULL(ps, SSL_get_app_data(ssl), PROXYSTATE_MAGIC); ps->npn_alpn_tried = 1; LOG("{npn} Got NPN callback\n"); *out = (unsigned char *) CONFIG->ALPN_PROTOS_LV; *outlen = CONFIG->ALPN_PROTOS_LV_LEN; return SSL_TLSEXT_ERR_OK; } #endif #ifdef OPENSSL_WITH_ALPN static int alpn_select_cb(SSL *ssl, const unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg) { int selected; proxystate *ps; (void)arg; CAST_OBJ_NOTNULL(ps, SSL_get_app_data(ssl), PROXYSTATE_MAGIC); ps->npn_alpn_tried = 1; selected = SSL_select_next_proto((unsigned char **)out, outlen, CONFIG->ALPN_PROTOS_LV, CONFIG->ALPN_PROTOS_LV_LEN, in, inlen); if (selected == OPENSSL_NPN_NEGOTIATED) return SSL_TLSEXT_ERR_OK; else { assert(selected == OPENSSL_NPN_NO_OVERLAP); LOGPROXY(ps, "ALPN: no overlap in protocols.\n"); /* Here it is possible to add logging of which protocols the client wanted */ return SSL_TLSEXT_ERR_NOACK; } return SSL_TLSEXT_ERR_NOACK; } #endif #ifdef USE_SHARED_CACHE /* Handle incoming message updates */ static void handle_shcupd(struct ev_loop *loop, ev_io *w, int revents) { (void)revents; unsigned char msg[SHSESS_MAX_ENCODED_LEN], hash[EVP_MAX_MD_SIZE]; ssize_t r; unsigned int hash_len; uint32_t encdate; long now = (time_t)ev_now(loop); while ((r = recv(w->fd, msg, sizeof(msg), 0)) > 0) { /* msg len must be greater than 1 Byte of data + sig length */ if (r < (int)(1+sizeof(shared_secret))) continue; /* compute sig */ r -= sizeof(shared_secret); HMAC(EVP_sha1(), shared_secret, sizeof(shared_secret), msg, r, hash, &hash_len); if (hash_len != sizeof(shared_secret)) /* should never happen */ continue; /* check sign */ if (memcmp(msg+r, hash, hash_len)) continue; /* msg len must be greater than 1 Byte of data + * encdate length */ if (r < (int)(1+sizeof(uint32_t))) continue; /* drop too unsync updates */ r -= sizeof(uint32_t); encdate = *((uint32_t *)&msg[r]); if (!(abs((int)(int32_t)now - ntohl(encdate)) < SSL_CTX_get_timeout(default_ctx->ctx))) continue; shctx_sess_add(msg, r, now); } } /* Send remote updates messages callback */ void shcupd_session_new(unsigned char *msg, unsigned int len, long cdate) { unsigned int hash_len; struct addrinfo **pai = shcupd_peers; uint32_t ncdate; /* add session creation encoded date to footer */ ncdate = htonl((uint32_t)cdate); memcpy(msg+len, &ncdate, sizeof(ncdate)); len += sizeof(ncdate); /* add msg sign */ HMAC(EVP_sha1(), shared_secret, sizeof(shared_secret), msg, len, msg+len, &hash_len); len += hash_len; /* send msg to peers */ while (*pai) { sendto(shcupd_socket, msg, len, 0, (*pai)->ai_addr, (*pai)->ai_addrlen); pai++; } } /* Compute a sha1 secret from an ASN1 rsa private key */ static int compute_secret(RSA *rsa, unsigned char *secret) { unsigned char *buf, *p; unsigned int length; length = i2d_RSAPrivateKey(rsa, NULL); if (length <= 0) return -1; p = buf = (unsigned char *)malloc(length*sizeof(unsigned char)); if (!buf) return -1; i2d_RSAPrivateKey(rsa,&p); SHA1(buf, length, secret); free(buf); return 0; } /* Create udp socket to receive and send updates */ static int create_shcupd_socket() { struct addrinfo *ai, hints; struct addrinfo **pai = shcupd_peers; memset(&hints, 0, sizeof hints); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_DGRAM; hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; const int gai_err = getaddrinfo(CONFIG->SHCUPD_IP, CONFIG->SHCUPD_PORT, &hints, &ai); if (gai_err != 0) { ERR("{getaddrinfo}: %s\n", gai_strerror(gai_err)); exit(1); } /* check if peers inet family addresses match */ while (*pai) { if ((*pai)->ai_family != ai->ai_family) { ERR("Share host and peers inet family differs\n"); exit(1); } pai++; } int s = socket(ai->ai_family, SOCK_DGRAM, IPPROTO_UDP); if (s == -1) fail("{socket: shared cache updates}"); int t = 1; (void)setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &t, sizeof(int)); #ifdef SO_REUSEPORT_WORKS (void)setsockopt(s, SOL_SOCKET, SO_REUSEPORT, &t, sizeof(int)); #endif if (setnonblocking(s) < 0) fail("{shared cache: setnonblocking}"); if (ai->ai_addr->sa_family == AF_INET) { struct ip_mreqn mreqn; memset(&mreqn, 0, sizeof(mreqn)); mreqn.imr_multiaddr.s_addr = ((struct sockaddr_in *)ai->ai_addr)->sin_addr.s_addr; if (CONFIG->SHCUPD_MCASTIF) { if (isalpha(*CONFIG->SHCUPD_MCASTIF)) { /* appears to be an iface name */ struct ifreq ifr; memset(&ifr, 0, sizeof(ifr)); if (strlen(CONFIG->SHCUPD_MCASTIF) > IFNAMSIZ) { ERR("Error iface name is too " "long [%s]\n", CONFIG->SHCUPD_MCASTIF); exit(1); } memcpy(ifr.ifr_name, CONFIG->SHCUPD_MCASTIF, strlen(CONFIG->SHCUPD_MCASTIF)); if (ioctl(s, SIOCGIFINDEX, &ifr)) { fail("{ioctl: SIOCGIFINDEX}"); } mreqn.imr_ifindex = ifr.ifr_ifindex; } else if (strchr(CONFIG->SHCUPD_MCASTIF,'.')) { /* appears to be an ipv4 address */ mreqn.imr_address.s_addr = inet_addr(CONFIG->SHCUPD_MCASTIF); } else { /* appears to be an iface index */ mreqn.imr_ifindex = atoi(CONFIG->SHCUPD_MCASTIF); } } if (setsockopt(s, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreqn, sizeof(mreqn)) < 0) { if (errno != EINVAL) { /* EINVAL if it is not a multicast address, * not an error we consider unicast */ fail("{setsockopt: IP_ADD_MEMBERSIP}"); } } else { /* this is a multicast address */ unsigned char loop = 0; if (setsockopt(s, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, sizeof(loop)) < 0) { fail("{setsockopt: IP_MULTICAST_LOOP}"); } } /* optional set sockopts for sending to multicast msg */ if (CONFIG->SHCUPD_MCASTIF && setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF, &mreqn, sizeof(mreqn)) < 0) { fail("{setsockopt: IP_MULTICAST_IF}"); } if (CONFIG->SHCUPD_MCASTTTL) { unsigned char ttl; ttl = (unsigned char)atoi(CONFIG->SHCUPD_MCASTTTL); if (setsockopt(s, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl)) < 0) { fail("{setsockopt: IP_MULTICAST_TTL}"); } } } #ifdef IPV6_ADD_MEMBERSHIP else if (ai->ai_addr->sa_family == AF_INET6) { struct ipv6_mreq mreq; memset(&mreq, 0, sizeof(mreq)); memcpy(&mreq.ipv6mr_multiaddr, &((struct sockaddr_in6 *)ai->ai_addr)->sin6_addr, sizeof(mreq.ipv6mr_multiaddr)); if (CONFIG->SHCUPD_MCASTIF) { if (isalpha(*CONFIG->SHCUPD_MCASTIF)) { /* appears to be an iface name */ struct ifreq ifr; memset(&ifr, 0, sizeof(ifr)); if (strlen(CONFIG->SHCUPD_MCASTIF) > IFNAMSIZ) { ERR("Error iface name is too " "long [%s]\n", CONFIG->SHCUPD_MCASTIF); exit(1); } memcpy(ifr.ifr_name, CONFIG->SHCUPD_MCASTIF, strlen(CONFIG->SHCUPD_MCASTIF)); if (ioctl(s, SIOCGIFINDEX, &ifr)) fail("{ioctl: SIOCGIFINDEX}"); mreq.ipv6mr_interface = ifr.ifr_ifindex; } else { /* option appears to be an iface index */ mreq.ipv6mr_interface = atoi(CONFIG->SHCUPD_MCASTIF); } } if (setsockopt(s, IPPROTO_IPV6, IPV6_ADD_MEMBERSHIP, &mreq, sizeof(mreq)) < 0) { if (errno != EINVAL) { /* EINVAL if it is not a multicast address, * not an error we consider unicast */ fail("{setsockopt: IPV6_ADD_MEMBERSIP}"); } } else { /* this is a multicast address */ unsigned int loop = 0; if (setsockopt(s, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &loop, sizeof(loop)) < 0) { fail("{setsockopt: IPV6_MULTICAST_LOOP}"); } } /* optional set sockopts for sending to multicast msg */ if (setsockopt(s, IPPROTO_IPV6, IPV6_MULTICAST_IF, &mreq.ipv6mr_interface, sizeof(mreq.ipv6mr_interface)) < 0) { fail("{setsockopt: IPV6_MULTICAST_IF}"); } if (CONFIG->SHCUPD_MCASTTTL) { int hops; hops = atoi(CONFIG->SHCUPD_MCASTTTL); if (setsockopt(s, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &hops, sizeof(hops)) < 0) { fail("{setsockopt: IPV6_MULTICAST_HOPS}"); } } } #endif /* IPV6_ADD_MEMBERSHIP */ if (bind(s, ai->ai_addr, ai->ai_addrlen)) { fail("{bind-socket}"); } freeaddrinfo(ai); return s; } #endif /*USE_SHARED_CACHE */ EVP_PKEY * load_privatekey(SSL_CTX *ctx, const char *file) { BIO *bio; EVP_PKEY *pkey; bio = BIO_new_file(file, "r"); if (!bio) { log_ssl_error(NULL, "{core} BIO_new_file"); return NULL; } #if OPENSSL_VERSION_NUMBER < 0x10100000L #define SSL_CTX_get_default_passwd_cb(ctx) (ctx->default_passwd_callback) #define SSL_CTX_get_default_passwd_cb_userdata(ctx) (ctx->default_passwd_callback_userdata) #endif pkey = PEM_read_bio_PrivateKey(bio, NULL, SSL_CTX_get_default_passwd_cb(ctx), SSL_CTX_get_default_passwd_cb_userdata(ctx)); BIO_free(bio); return (pkey); } #ifndef OPENSSL_NO_TLSEXT static int sni_match(const sni_name *sn, const char *srvname) { if (!sn->is_wildcard) return (strcasecmp(srvname, sn->servername) == 0); else { char *s = strchr(srvname, '.'); if (s == NULL) return (0); return (strcasecmp(s, sn->servername + 1) == 0); } } static sslctx * sni_lookup(const char *servername, const sni_name *sn_tab) { const sni_name *sn; HASH_FIND_STR(sn_tab, servername, sn); if (sn == NULL) { char *s; /* attempt another lookup for wildcard matches */ s = strchr(servername, '.'); if (s != NULL) { HASH_FIND_STR(sn_tab, s, sn); } } if (sn != NULL) { CHECK_OBJ_NOTNULL(sn, SNI_NAME_MAGIC); if (sni_match(sn, servername)) return (sn->sctx); } return (NULL); } /* * Switch the context of the current SSL object to the most appropriate one * based on the SNI header */ static int sni_switch_ctx(SSL *ssl, int *al, void *data) { const char *servername; sslctx *sc; const struct frontend *fr = NULL; int lookup_global = 1; int sni_nomatch_abort = CONFIG->SNI_NOMATCH_ABORT; (void)al; if (data != NULL) CAST_OBJ_NOTNULL(fr, data, FRONTEND_MAGIC); servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); if (!servername) return (SSL_TLSEXT_ERR_NOACK); #define TRY_SNI_MATCH(sn_tab) \ do { \ sc = sni_lookup(servername, (sn_tab)); \ if (sc != NULL) { \ CHECK_OBJ_NOTNULL(sc, SSLCTX_MAGIC); \ SSL_set_SSL_CTX(ssl, sc->ctx); \ return (SSL_TLSEXT_ERR_OK); \ } \ } while (0) if (fr != NULL) { TRY_SNI_MATCH(fr->sni_names); lookup_global = fr->match_global_certs; if (fr->sni_nomatch_abort != -1) sni_nomatch_abort = fr->sni_nomatch_abort; } if (lookup_global) TRY_SNI_MATCH(sni_names); /* No matching certs */ if (sni_nomatch_abort) return (SSL_TLSEXT_ERR_ALERT_FATAL); else return (SSL_TLSEXT_ERR_NOACK); } #endif /* OPENSSL_NO_TLSEXT */ static void sctx_free(sslctx *sc, sni_name **sn_tab) { sni_name *sn, *sntmp; if (sc == NULL) return; HOCSP_free(&sc->staple); if (sn_tab != NULL) CHECK_OBJ_NOTNULL(*sn_tab, SNI_NAME_MAGIC); CHECK_OBJ_NOTNULL(sc, SSLCTX_MAGIC); VTAILQ_FOREACH_SAFE(sn, &sc->sni_list, list, sntmp) { CHECK_OBJ_NOTNULL(sn, SNI_NAME_MAGIC); VTAILQ_REMOVE(&sc->sni_list, sn, list); if (sn_tab != NULL) HASH_DEL(*sn_tab, sn); free(sn->servername); FREE_OBJ(sn); } free(sc->filename); SSL_CTX_free(sc->ctx); FREE_OBJ(sc); } X509 * Find_issuer(X509 *subj, STACK_OF(X509) *chain) { int i; X509 *x; AN(subj); for (i = 0; i < sk_X509_num(chain); i++) { x = sk_X509_value(chain, i); if (X509_check_issued(x, subj) == X509_V_OK) return (x); } /* todo: look in cert store? */ return (NULL); } /* Initialize an SSL context */ static sslctx * make_ctx_fr(const struct cfg_cert_file *cf, const struct frontend *fr, const struct front_arg *fa) { SSL_CTX *ctx; sslctx *sc; EVP_PKEY *pkey; int selected_protos = CONFIG->SELECTED_TLS_PROTOS; char *ciphers = CONFIG->CIPHER_SUITE; int pref_srv_ciphers = CONFIG->PREFER_SERVER_CIPHERS; if (fa != NULL) { CHECK_OBJ_NOTNULL(fa, FRONT_ARG_MAGIC); if (fa->selected_protos != 0) selected_protos = fa->selected_protos; if (fa->ciphers != NULL) ciphers = fa->ciphers; if (fa->prefer_server_ciphers != -1) pref_srv_ciphers = fa->prefer_server_ciphers; } long ssloptions = SSL_OP_NO_SSLv2 | SSL_OP_ALL | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION; #ifdef SSL_OP_NO_COMPRESSION ssloptions |= SSL_OP_NO_COMPRESSION; #endif #ifdef SSL_OP_SINGLE_DH_USE ssloptions |= SSL_OP_SINGLE_DH_USE; #endif if (!(selected_protos & SSLv3_PROTO)) ssloptions |= SSL_OP_NO_SSLv3; if (!(selected_protos & TLSv1_0_PROTO)) ssloptions |= SSL_OP_NO_TLSv1; if (!(selected_protos & TLSv1_1_PROTO)) ssloptions |= SSL_OP_NO_TLSv1_1; if (!(selected_protos & TLSv1_2_PROTO)) ssloptions |= SSL_OP_NO_TLSv1_2; ctx = SSL_CTX_new((CONFIG->PMODE == SSL_CLIENT) ? SSLv23_client_method() : SSLv23_server_method()); SSL_CTX_set_options(ctx, ssloptions); SSL_CTX_set_info_callback(ctx, info_callback); #ifdef OPENSSL_WITH_ALPN if (CONFIG->ALPN_PROTOS != NULL) SSL_CTX_set_alpn_select_cb(ctx, alpn_select_cb, NULL); #endif #ifdef OPENSSL_WITH_NPN if (CONFIG->ALPN_PROTOS != NULL) SSL_CTX_set_next_protos_advertised_cb(ctx, npn_select_cb, NULL); #endif AN(SSL_CTX_set_default_verify_paths(ctx)); if (ciphers != NULL) { if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1) { log_ssl_error(NULL, "{core} SSL_CTX_set_cipher_list"); return (NULL); } } if (pref_srv_ciphers) SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE); ALLOC_OBJ(sc, SSLCTX_MAGIC); AN(sc); sc->filename = strdup(cf->filename); sc->mtim = cf->mtim; sc->ctx = ctx; sc->staple_vfy = cf->ocsp_vfy; VTAILQ_INIT(&sc->sni_list); if (CONFIG->PMODE == SSL_CLIENT) return (sc); /* SSL_SERVER Mode stuff */ if (SSL_CTX_use_certificate_chain_file(ctx, cf->filename) <= 0) { log_ssl_error(NULL, "Error loading certificate file %s\n", cf->filename); sctx_free(sc, NULL); return (NULL); } pkey = load_privatekey(ctx, cf->filename); if (!pkey) { ERR("Error loading private key (%s)\n", cf->filename); sctx_free(sc, NULL); return (NULL); } if (SSL_CTX_use_PrivateKey(ctx, pkey) <= 0) { log_ssl_error(NULL, "SSL_CTX_use_PrivateKey: %s", cf->filename); EVP_PKEY_free(pkey); sctx_free(sc, NULL); return (NULL); } #ifndef OPENSSL_NO_DH init_dh(ctx, cf->filename); init_ecdh(ctx); #endif /* OPENSSL_NO_DH */ #ifndef OPENSSL_NO_TLSEXT if (!SSL_CTX_set_tlsext_servername_callback(ctx, sni_switch_ctx)) { ERR("Error setting up SNI support.\n"); } CHECK_OBJ_ORNULL(fr, FRONTEND_MAGIC); if (!SSL_CTX_set_tlsext_servername_arg(ctx, fr)) { ERR("Error setting SNI servername arg.\n"); } if (load_cert_ctx(sc) != 0) { EVP_PKEY_free(pkey); sctx_free(sc, NULL); return (NULL); } if (CONFIG->OCSP_DIR) { char *fn = HOCSP_fn(sc->filename); /* attempt loading of cached ocsp staple */ if (fn != NULL && HOCSP_init_file(fn, sc, 1) == 0) { LOG("{core} Loaded cached OCSP staple for cert '%s'\n", sc->filename); sc->staple_fn = fn; } } if (sc->staple == NULL && cf->ocspfn != NULL) { if (HOCSP_init_file(cf->ocspfn, sc, 0) != 0) { ERR("Error loading OCSP response %s for stapling.\n", cf->ocspfn); EVP_PKEY_free(pkey); sctx_free(sc, NULL); return (NULL); } else { LOG("{core} Loaded OCSP staple '%s'\n", cf->ocspfn); sc->staple_fn = strdup(cf->ocspfn); sc->staple->mtim = cf->ocsp_mtim; } } if (CONFIG->OCSP_DIR != NULL) HOCSP_ev_stat(sc); #endif /* OPENSSL_NO_TLSEXT */ #ifdef USE_SHARED_CACHE if (CONFIG->SHARED_CACHE) { if (shared_context_init(ctx, CONFIG->SHARED_CACHE) < 0) { ERR("Unable to alloc memory for shared cache.\n"); EVP_PKEY_free(pkey); sctx_free(sc, NULL); return (NULL); } if (CONFIG->SHCUPD_PORT) { RSA *rsa; rsa = EVP_PKEY_get1_RSA(pkey); if (rsa != NULL && compute_secret(rsa, shared_secret) < 0) { ERR("Unable to compute shared secret.\n"); EVP_PKEY_free(pkey); sctx_free(sc, NULL); return (NULL); } /* Force TLS tickets because keys differs. */ SSL_CTX_set_options(ctx, SSL_OP_NO_TICKET); if (*shcupd_peers) { shsess_set_new_cbk(shcupd_session_new); } } } #endif EVP_PKEY_free(pkey); return (sc); } static void insert_sni_names(sslctx *sc, sni_name **sn_tab) { sni_name *sn, *sn2; char *key; CHECK_OBJ_NOTNULL(sc, SSLCTX_MAGIC); VTAILQ_FOREACH(sn, &sc->sni_list, list) { CHECK_OBJ_NOTNULL(sn, SNI_NAME_MAGIC); key = sn->servername; if (sn->is_wildcard) key = sn->servername + 1; HASH_FIND_STR(*sn_tab, key, sn2); if (sn2 != NULL) { ERR("Warning: SNI name '%s' from '%s' overridden" " by '%s'\n", key, sn2->sctx->filename, sn->sctx->filename); } HASH_ADD_KEYPTR(hh, *sn_tab, key, strlen(key), sn); } } static sslctx * make_ctx(const struct cfg_cert_file *cf) { return (make_ctx_fr(cf, NULL, NULL)); } #ifndef OPENSSL_NO_TLSEXT static int load_cert_ctx(sslctx *so) { X509 *x509; X509_NAME *x509_name; X509_NAME_ENTRY *x509_entry; BIO *f; STACK_OF(GENERAL_NAME) *names = NULL; GENERAL_NAME *name; int i; #define PUSH_CTX(asn1_str, ctx) \ do { \ sni_name *sn; \ ALLOC_OBJ(sn, SNI_NAME_MAGIC); \ ASN1_STRING_to_UTF8( \ (unsigned char **)&sn->servername, asn1_str); \ sn->is_wildcard = \ (strstr(sn->servername, "*.") == sn->servername); \ sn->sctx = so; \ VTAILQ_INSERT_TAIL(&so->sni_list, sn, list); \ } while (0) f = BIO_new(BIO_s_file()); // TODO: error checking if (!BIO_read_filename(f, so->filename)) { ERR("Could not read certificate '%s'\n", so->filename); return (1); } x509 = PEM_read_bio_X509_AUX(f, NULL, NULL, NULL); BIO_free(f); so->x509 = x509; /* First, look for Subject Alternative Names. */ names = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL); for (i = 0; i < sk_GENERAL_NAME_num(names); i++) { name = sk_GENERAL_NAME_value(names, i); if (name->type == GEN_DNS) { PUSH_CTX(name->d.dNSName, ctx); } } if (sk_GENERAL_NAME_num(names) > 0) { sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free); /* If we found some, don't bother looking any further. */ return (0); } else if (names != NULL) { sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free); } /* Now we're left looking at the CN on the cert. */ x509_name = X509_get_subject_name(x509); i = X509_NAME_get_index_by_NID(x509_name, NID_commonName, -1); if (i < 0) { ERR("Could not find Subject Alternative Names" " or a CN on cert %s\n", so->filename); return (1); } x509_entry = X509_NAME_get_entry(x509_name, i); #if OPENSSL_VERSION_NUMBER < 0x10100000L #define X509_NAME_ENTRY_get_data(e) (e->value) #endif AN(x509_entry); PUSH_CTX(X509_NAME_ENTRY_get_data(x509_entry), ctx); return (0); } #endif /* OPENSSL_NO_TLSEXT */ /* Check that we don't needlessly load a cert that's already loaded. */ static sslctx * find_ctx(const char *file) { sslctx *so; HASH_FIND_STR(ssl_ctxs, file, so); return (so); } /* Init library and load specified certificate. * Establishes a SSL_ctx, to act as a template for * each connection */ void init_openssl(void) { SSL_library_init(); SSL_load_error_strings(); OpenSSL_add_all_digests(); if (CONFIG->ENGINE) { ENGINE *e = NULL; ENGINE_load_builtin_engines(); HSSL_Locks_Init(); if (!strcmp(CONFIG->ENGINE, "auto")) ENGINE_register_all_complete(); else { if ((e = ENGINE_by_id(CONFIG->ENGINE)) == NULL || !ENGINE_init(e) || !ENGINE_set_default(e, ENGINE_METHOD_ALL)) { log_ssl_error(NULL, "{core} ENGINE initialization failed"); exit(1); } LOG("{core} will use OpenSSL engine %s.\n", ENGINE_get_id(e)); ENGINE_finish(e); ENGINE_free(e); } } } static void init_certs(void) { struct cfg_cert_file *cf, *cftmp; sslctx *so; if (CONFIG->CERT_DEFAULT != NULL) { AN(CONFIG->CERT_DEFAULT); default_ctx = make_ctx(CONFIG->CERT_DEFAULT); if (default_ctx == NULL) exit(1); #ifndef OPENSSL_NO_TLSEXT insert_sni_names(default_ctx, &sni_names); #endif } // Go through the list of PEMs and make some SSL contexts for // them. We also keep track of the names associated with each // cert so we can do SNI on them later HASH_ITER(hh, CONFIG->CERT_FILES, cf, cftmp) { if (find_ctx(cf->filename) == NULL) { so = make_ctx(cf); if (so == NULL) exit(1); HASH_ADD_KEYPTR(hh, ssl_ctxs, cf->filename, strlen(cf->filename), so); #ifndef OPENSSL_NO_TLSEXT insert_sni_names(so, &sni_names); #endif } } } static void destroy_lsock(struct listen_sock *ls) { CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC); if (ls->sock > 0) (void) close(ls->sock); free(ls->name); FREE_OBJ(ls); } static void destroy_frontend(struct frontend *fr) { struct listen_sock *ls, *lstmp; sslctx *sc, *sctmp; CHECK_OBJ_NOTNULL(fr, FRONTEND_MAGIC); VTAILQ_FOREACH_SAFE(ls, &fr->socks, list, lstmp) { CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC); VTAILQ_REMOVE(&fr->socks, ls, list); destroy_lsock(ls); } HASH_ITER(hh, fr->ssl_ctxs, sc, sctmp) { HASH_DEL(fr->ssl_ctxs, sc); sctx_free(sc, &fr->sni_names); } AZ(HASH_COUNT(fr->sni_names)); free(fr->pspec); FREE_OBJ(fr); } /* Create the bound socket in the parent process */ static int frontend_listen(const struct front_arg *fa, struct listen_sock_head *slist) { struct addrinfo *ai, hints, *it; struct listen_sock *ls, *lstmp; char buf[INET6_ADDRSTRLEN+20]; char abuf[INET6_ADDRSTRLEN]; char pbuf[8]; int r, count = 0; CHECK_OBJ_NOTNULL(fa, FRONT_ARG_MAGIC); memset(&hints, 0, sizeof hints); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG; r = getaddrinfo(fa->ip, fa->port, &hints, &ai); if (r != 0) { ERR("{getaddrinfo-listen}: %s: %s\n", fa->pspec, gai_strerror(r)); return (-1); } for (it = ai; it != NULL; it = it->ai_next) { ALLOC_OBJ(ls, LISTEN_SOCK_MAGIC); VTAILQ_INSERT_TAIL(slist, ls, list); count++; ls->sock = socket(it->ai_family, SOCK_STREAM, IPPROTO_TCP); if (ls->sock == -1) { ERR("{socket: main}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } int t = 1; if (setsockopt(ls->sock, SOL_SOCKET, SO_REUSEADDR, &t, sizeof(int)) < 0) { ERR("{setsockopt-reuseaddr}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } #ifdef SO_REUSEPORT_WORKS if (setsockopt(ls->sock, SOL_SOCKET, SO_REUSEPORT, &t, sizeof(int)) < 0) { ERR("{setsockopt-reuseport}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } #endif if(setnonblocking(ls->sock) < 0) { ERR("{listen sock: setnonblocking}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } #ifdef IPV6_V6ONLY t = 1; if (it->ai_family == AF_INET6 && setsockopt(ls->sock, IPPROTO_IPV6, IPV6_V6ONLY, &t, sizeof (t)) != 0) { ERR("{setsockopt-ipv6only}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } #endif if (CONFIG->RECV_BUFSIZE > 0) { r = setsockopt(ls->sock, SOL_SOCKET, SO_RCVBUF, &CONFIG->RECV_BUFSIZE, sizeof(CONFIG->RECV_BUFSIZE)); if (r < 0) { ERR("{setsockopt-rcvbuf}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } } if (CONFIG->SEND_BUFSIZE > 0) { r = setsockopt(ls->sock, SOL_SOCKET, SO_SNDBUF, &CONFIG->SEND_BUFSIZE, sizeof(CONFIG->SEND_BUFSIZE)); if (r < 0) { ERR("{setsockopt-sndbuf}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } } if (bind(ls->sock, it->ai_addr, it->ai_addrlen)) { ERR("{bind-socket}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } #ifndef NO_DEFER_ACCEPT #if TCP_DEFER_ACCEPT int timeout = 1; if (setsockopt(ls->sock, IPPROTO_TCP, TCP_DEFER_ACCEPT, &timeout, sizeof(int)) < 0) { ERR("{setsockopt-defer_accept}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } #endif /* TCP_DEFER_ACCEPT */ #endif if (listen(ls->sock, CONFIG->BACKLOG) != 0) { ERR("{listen-socket}: %s: %s\n", strerror(errno), fa->pspec); goto creat_frontend_err; } memcpy(&ls->addr, it->ai_addr, it->ai_addrlen); r = getnameinfo(it->ai_addr, it->ai_addrlen, abuf, sizeof abuf, pbuf, sizeof pbuf, NI_NUMERICHOST | NI_NUMERICSERV); if (r != 0) { ERR("{getnameinfo}: %s\n", fa->pspec); goto creat_frontend_err; } if (it->ai_addr->sa_family == AF_INET6) { sprintf(buf, "[%s]:%s", abuf, pbuf); } else { sprintf(buf, "%s:%s", abuf, pbuf); } ls->name = strdup(buf); AN(ls->name); LOG("{core} Listening on %s\n", ls->name); } freeaddrinfo(ai); return (count); creat_frontend_err: freeaddrinfo(ai); VTAILQ_FOREACH_SAFE(ls, slist, list, lstmp) { VTAILQ_REMOVE(slist, ls, list); free(ls->name); if (ls->sock > 0) (void) close(ls->sock); FREE_OBJ(ls); } return (-1); } static struct frontend * create_frontend(const struct front_arg *fa) { struct frontend *fr; sslctx *so; int count = 0; struct frontend_head tmp_list; struct cfg_cert_file *cf, *cftmp; CHECK_OBJ_NOTNULL(fa, FRONT_ARG_MAGIC); ALLOC_OBJ(fr, FRONTEND_MAGIC); VTAILQ_INIT(&fr->socks); AN(fr); fr->pspec = strdup(fa->pspec); fr->match_global_certs = fa->match_global_certs; fr->sni_nomatch_abort = fa->sni_nomatch_abort; VTAILQ_INIT(&tmp_list); count = frontend_listen(fa, &fr->socks); if (count < 0) { destroy_frontend(fr); return (NULL); } HASH_ITER(hh, fa->certs, cf, cftmp) { so = make_ctx_fr(cf, fr, fa); if (so == NULL) { destroy_frontend(fr); return (NULL); } HASH_ADD_KEYPTR(hh, fr->ssl_ctxs, cf->filename, strlen(cf->filename), so); #ifndef OPENSSL_NO_TLSEXT insert_sni_names(so, &fr->sni_names); #endif } return (fr); } /* Initiate a clear-text nonblocking connect() to the backend IP on behalf * of a newly connected upstream (encrypted) client */ static int create_back_socket() { int s = socket(backaddr->ai_family, SOCK_STREAM, IPPROTO_TCP); if (s == -1) return -1; int flag = 1; int ret = setsockopt(s, IPPROTO_TCP, TCP_NODELAY, (char *)&flag, sizeof(flag)); if (ret == -1) ERR("Couldn't setsockopt to backend (TCP_NODELAY): %s\n", strerror(errno)); if (setnonblocking(s) < 0) { (void)close(s); return (-1); } return (s); } /* Only enable a libev ev_io event if the proxied connection still * has both up and down connected */ static void safe_enable_io(proxystate *ps, ev_io *w) { CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); if (!ps->want_shutdown) ev_io_start(loop, w); } static void check_exit_state(void) { if (worker_state == WORKER_EXITING && n_conns == 0) { LOGL("Worker %d (gen: %d) in state EXITING " "is now exiting.\n", core_id, worker_gen); _exit(0); } } /* Only enable a libev ev_io event if the proxied connection still * has both up and down connected */ static void shutdown_proxy(proxystate *ps, SHUTDOWN_REQUESTOR req) { CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); LOGPROXY(ps, "proxy shutdown req=%s\n", SHUTDOWN_STR[req]); if (ps->want_shutdown || req == SHUTDOWN_HARD) { ev_io_stop(loop, &ps->ev_w_ssl); ev_io_stop(loop, &ps->ev_r_ssl); ev_io_stop(loop, &ps->ev_w_handshake); ev_io_stop(loop, &ps->ev_r_handshake); ev_timer_stop(loop, &ps->ev_t_handshake); ev_io_stop(loop, &ps->ev_w_connect); ev_timer_stop(loop, &ps->ev_t_connect); ev_io_stop(loop, &ps->ev_w_clear); ev_io_stop(loop, &ps->ev_r_clear); ev_io_stop(loop, &ps->ev_proxy); (void)SSL_shutdown(ps->ssl); ERR_clear_error(); SSL_free(ps->ssl); close(ps->fd_up); close(ps->fd_down); ringbuffer_cleanup(&ps->ring_clear2ssl); ringbuffer_cleanup(&ps->ring_ssl2clear); free(ps); n_conns--; check_exit_state(); } else { ps->want_shutdown = 1; if (req == SHUTDOWN_CLEAR && ringbuffer_is_empty(&ps->ring_clear2ssl)) shutdown_proxy(ps, SHUTDOWN_HARD); else if (req == SHUTDOWN_SSL && ringbuffer_is_empty(&ps->ring_ssl2clear)) shutdown_proxy(ps, SHUTDOWN_HARD); } } /* Handle various socket errors */ static void handle_socket_errno(proxystate *ps, int backend) { CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); if (errno == EAGAIN || errno == EWOULDBLOCK || errno == EINTR) return; if (backend) ERR("{backend} Socket error: %s\n", strerror(errno)); else LOG("{client} Socket error: %s\n", strerror(errno)); shutdown_proxy(ps, SHUTDOWN_CLEAR); } /* Start connect to backend */ static int start_connect(proxystate *ps) { int t = 1; CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); t = connect(ps->fd_down, backaddr->ai_addr, backaddr->ai_addrlen); if (t == 0 || errno == EINPROGRESS || errno == EINTR) { ev_io_start(loop, &ps->ev_w_connect); ev_timer_start(loop, &ps->ev_t_connect); return 0; } ERR("{backend-connect}: %s\n", strerror(errno)); shutdown_proxy(ps, SHUTDOWN_HARD); return -1; } /* Read some data from the backend when libev says data is available-- * write it into the upstream buffer and make sure the write event is * enabled for the upstream socket */ static void clear_read(struct ev_loop *loop, ev_io *w, int revents) { (void) revents; int t; proxystate *ps; CAST_OBJ_NOTNULL(ps, w->data, PROXYSTATE_MAGIC); if (ps->want_shutdown) { ev_io_stop(loop, &ps->ev_r_clear); return; } int fd = w->fd; char *buf = ringbuffer_write_ptr(&ps->ring_clear2ssl); t = recv(fd, buf, ps->ring_clear2ssl.data_len, 0); if (t > 0) { ringbuffer_write_append(&ps->ring_clear2ssl, t); if (ringbuffer_is_full(&ps->ring_clear2ssl)) ev_io_stop(loop, &ps->ev_r_clear); if (ps->handshaked) safe_enable_io(ps, &ps->ev_w_ssl); } else if (t == 0) { LOGPROXY(ps,"Connection closed by %s\n", fd == ps->fd_down ? "backend" : "client"); shutdown_proxy(ps, SHUTDOWN_CLEAR); } else { assert(t == -1); handle_socket_errno(ps, fd == ps->fd_down ? 1 : 0); } } /* Write some data, previously received on the secure upstream socket, * out of the downstream buffer and onto the backend socket */ static void clear_write(struct ev_loop *loop, ev_io *w, int revents) { (void)revents; int t; proxystate *ps; int fd = w->fd; int sz; CAST_OBJ_NOTNULL(ps, w->data, PROXYSTATE_MAGIC); assert(!ringbuffer_is_empty(&ps->ring_ssl2clear)); char *next = ringbuffer_read_next(&ps->ring_ssl2clear, &sz); t = send(fd, next, sz, MSG_NOSIGNAL); if (t > 0) { if (t == sz) { ringbuffer_read_pop(&ps->ring_ssl2clear); if (ps->handshaked) safe_enable_io(ps, &ps->ev_r_ssl); if (ringbuffer_is_empty(&ps->ring_ssl2clear)) { if (ps->want_shutdown) { shutdown_proxy(ps, SHUTDOWN_HARD); return; // dealloc'd } ev_io_stop(loop, &ps->ev_w_clear); } } else { ringbuffer_read_skip(&ps->ring_ssl2clear, t); } } else { assert(t == -1); handle_socket_errno(ps, fd == ps->fd_down ? 1 : 0); } } static void start_handshake(proxystate *ps, int err); /* Continue/complete the asynchronous connect() before starting data * transmission between front/backend */ static void handle_connect(struct ev_loop *loop, ev_io *w, int revents) { int t, r; proxystate *ps; (void)revents; CAST_OBJ_NOTNULL(ps, w->data, PROXYSTATE_MAGIC); t = connect(ps->fd_down, backaddr->ai_addr, backaddr->ai_addrlen); if (!t || errno == EISCONN || !errno) { ev_io_stop(loop, &ps->ev_w_connect); ev_timer_stop(loop, &ps->ev_t_connect); if (!ps->clear_connected) { struct sockaddr_storage addr; socklen_t sl; sl = sizeof(addr); r = getsockname(ps->fd_down, (struct sockaddr*) &addr, &sl); AZ(r); ps->connect_port = ntohs(((struct sockaddr_in*)&addr)->sin_port); LOGPROXY(ps, "backend connected\n"); ps->clear_connected = 1; /* if incoming buffer is not full */ if (!ringbuffer_is_full(&ps->ring_clear2ssl)) safe_enable_io(ps, &ps->ev_r_clear); /* if outgoing buffer is not empty */ if (!ringbuffer_is_empty(&ps->ring_ssl2clear)) // not safe.. we want to resume stream // even during half-closed ev_io_start(loop, &ps->ev_w_clear); } else { /* Clear side already connected so connect is on * secure side: perform handshake */ start_handshake(ps, SSL_ERROR_WANT_WRITE); } } else if (errno == EINPROGRESS || errno == EINTR || errno == EALREADY) { /* do nothing, we'll get phoned home again... */ } else { ERR("{backend-connect}: %s\n", strerror(errno)); shutdown_proxy(ps, SHUTDOWN_HARD); } } static void connect_timeout(EV_P_ ev_timer *w, int revents) { (void)loop; (void)revents; proxystate *ps; CAST_OBJ_NOTNULL(ps, w->data, PROXYSTATE_MAGIC); ERRPROXY(ps,"backend connect timeout\n"); //shutdown_proxy(ps, SHUTDOWN_HARD); } /* Upon receiving a signal from OpenSSL that a handshake is required, re-wire * the read/write events to hook up to the handshake handlers */ static void start_handshake(proxystate *ps, int err) { CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); ev_io_stop(loop, &ps->ev_r_ssl); ev_io_stop(loop, &ps->ev_w_ssl); ps->handshaked = 0; LOGPROXY(ps,"ssl handshake start\n"); if (err == SSL_ERROR_WANT_READ) ev_io_start(loop, &ps->ev_r_handshake); else if (err == SSL_ERROR_WANT_WRITE) ev_io_start(loop, &ps->ev_w_handshake); ev_timer_start(loop, &ps->ev_t_handshake); } static void get_proto_selected(proxystate *ps, const unsigned char **selected, unsigned *len) { *selected = NULL; *len = 0; #ifdef OPENSSL_WITH_ALPN SSL_get0_alpn_selected(ps->ssl, selected, len); #endif #ifdef OPENSSL_WITH_NPN if (*len == 0) SSL_get0_next_proto_negotiated(ps->ssl, selected, len); #endif } static void write_proxy_v2(proxystate *ps, const struct sockaddr *local) { char *base; #if defined(OPENSSL_WITH_ALPN) || defined(OPENSSL_WITH_NPN) const unsigned char *selected = NULL; unsigned selected_len = 0; char *alpn_base; get_proto_selected(ps, &selected, &selected_len); #endif struct ha_proxy_v2_hdr *p; union addr { struct sockaddr sa; struct sockaddr_in sa4; struct sockaddr_in6 sa6; } *l, *r; CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); base = ringbuffer_write_ptr(&ps->ring_ssl2clear); p = (struct ha_proxy_v2_hdr *)base; size_t len = 16; l = (union addr *) local; r = (union addr *) &ps->remote_ip; memcpy(&p->sig,"\r\n\r\n\0\r\nQUIT\n", 12); p->ver_cmd = 0x21; /* v2|PROXY */ p->fam = l->sa.sa_family == AF_INET ? 0x11 : 0x21; size_t payload_len = l->sa.sa_family == AF_INET ? 12 : 36; #if defined(OPENSSL_WITH_ALPN) || defined(OPENSSL_WITH_NPN) if (selected_len > 0) payload_len += selected_len + 3; #endif p->len = htons(payload_len); if (l->sa.sa_family == AF_INET) { len += 12; /* src/client */ memcpy(&p->addr.ipv4.src_addr, &r->sa4.sin_addr.s_addr, sizeof p->addr.ipv4.src_addr); memcpy(&p->addr.ipv4.src_port, &r->sa4.sin_port, sizeof p->addr.ipv4.src_port); /* dst/server */ memcpy(&p->addr.ipv4.dst_addr, &l->sa4.sin_addr.s_addr, sizeof p->addr.ipv4.dst_addr); memcpy(&p->addr.ipv4.dst_port, &l->sa4.sin_port, sizeof p->addr.ipv4.dst_port); } else { assert (l->sa.sa_family == AF_INET6); len += 36; /* src/client */ memcpy(&p->addr.ipv6.src_addr, &r->sa6.sin6_addr.s6_addr, sizeof p->addr.ipv6.src_addr); memcpy(&p->addr.ipv6.src_port, &r->sa6.sin6_port, sizeof p->addr.ipv6.src_port); /* dst/server */ memcpy(&p->addr.ipv6.dst_addr, &l->sa6.sin6_addr.s6_addr, sizeof p->addr.ipv6.dst_addr); memcpy(&p->addr.ipv6.dst_port, &l->sa6.sin6_port, sizeof p->addr.ipv6.dst_port); } /* This is where we add something related to NPN or ALPN*/ #if defined(OPENSSL_WITH_ALPN) || defined(OPENSSL_WITH_NPN) if (selected_len > 0) { /* let the server know that a protocol was selected. */ alpn_base = base + len; alpn_base[0] = 1 /* PP2_TYPE_ALPN */; alpn_base[1] = (selected_len >> 8) & 0xff; alpn_base[2] = selected_len & 0xff; memcpy(alpn_base + 3, selected, selected_len); len += selected_len + 3; } #endif assert(len == payload_len + 16); ringbuffer_write_append(&ps->ring_ssl2clear, len); } static void write_proxy_v1(proxystate *ps, const struct sockaddr *local, socklen_t slen) { char *p; char src_addr[INET6_ADDRSTRLEN+1], dst_addr[INET6_ADDRSTRLEN+1]; char src_port[8], dst_port[8]; size_t len; int n; CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); p = ringbuffer_write_ptr(&ps->ring_ssl2clear); n = getnameinfo(local, slen, dst_addr, sizeof dst_addr, dst_port, sizeof dst_port, NI_NUMERICHOST | NI_NUMERICSERV); AZ(n); n = getnameinfo((struct sockaddr *) &ps->remote_ip, slen, src_addr, sizeof src_addr, src_port, sizeof src_port, NI_NUMERICHOST | NI_NUMERICSERV); AZ(n); if (local->sa_family == AF_INET) { len = sprintf(p, "PROXY TCP4 %s %s %s %s\r\n", src_addr, dst_addr, src_port, dst_port); } else { assert (local->sa_family == AF_INET6); len = sprintf(p, "PROXY TCP6 %s %s %s %s\r\n", src_addr, dst_addr, src_port, dst_port); } assert (len > 0); ringbuffer_write_append(&ps->ring_ssl2clear, len); } static void write_ip_octet(proxystate *ps) { char *ring_pnt; CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); ring_pnt = ringbuffer_write_ptr(&ps->ring_ssl2clear); assert(ps->remote_ip.ss_family == AF_INET || ps->remote_ip.ss_family == AF_INET6); *ring_pnt++ = (unsigned char) ps->remote_ip.ss_family; if (ps->remote_ip.ss_family == AF_INET6) { memcpy(ring_pnt, &((struct sockaddr_in6 *) &ps->remote_ip)->sin6_addr.s6_addr, 16U); ringbuffer_write_append(&ps->ring_ssl2clear, 1U + 16U); } else { memcpy(ring_pnt, &((struct sockaddr_in *) &ps->remote_ip)->sin_addr.s_addr, 4U); ringbuffer_write_append(&ps->ring_ssl2clear, 1U + 4U); } } #if defined(OPENSSL_WITH_NPN) || defined(OPENSSL_WITH_ALPN) static int is_protocol_matching(const unsigned char *selected, unsigned len) { int unsigned i = 0; if (CONFIG->ALPN_PROTOS_LV != NULL) { while (i < CONFIG->ALPN_PROTOS_LV_LEN) { if(CONFIG->ALPN_PROTOS_LV[i] == len && 0 == memcmp(selected, CONFIG->ALPN_PROTOS_LV + i + 1, len)) return 1; i+= CONFIG->ALPN_PROTOS_LV[i] + 1; } } return 0; } static int is_alpn_shutdown_needed(proxystate *ps) { const unsigned char *selected; unsigned selected_len; if (CONFIG->ALPN_PROTOS_LV == NULL) return 0; get_proto_selected(ps, &selected, &selected_len); if (selected_len == 0) { /* If alpn / npn was tried, shut down */ if(ps->npn_alpn_tried) { LOGPROXY(ps, "Unsuccessful NPN/ALPN negotiation\n"); return 1; } else LOGPROXY(ps, "No NPN/ALPN negotiation happened.\n"); } else if (!is_protocol_matching(selected, selected_len)) { LOGPROXY(ps, "NPN: Unknown protocol selected\n"); return 1; } else LOGPROXY(ps, "NPN/ALPN protocol: %.*s\n", selected_len, selected); return 0; } #endif /* After OpenSSL is done with a handshake, re-wire standard read/write handlers * for data transmission */ static void end_handshake(proxystate *ps) { CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); ev_io_stop(loop, &ps->ev_r_handshake); ev_io_stop(loop, &ps->ev_w_handshake); ev_timer_stop(loop, &ps->ev_t_handshake); #if defined(OPENSSL_WITH_NPN) || defined(OPENSSL_WITH_ALPN) if (is_alpn_shutdown_needed(ps)) { shutdown_proxy(ps, SHUTDOWN_HARD); return; } #endif LOGPROXY(ps,"ssl end handshake\n"); /* Disable renegotiation (CVE-2009-3555) */ #if OPENSSL_VERSION_NUMBER < 0x10100000L /* For OpenSSL 1.1, setting the following flag does not seem * to be possible. This is OK, since SSLv3 negotiation will * not happen in OpenSSL 0.9.8m or later unless * SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION is set. */ if (ps->ssl->s3) { ps->ssl->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS; } #endif ps->handshaked = 1; /* Check if clear side is connected */ if (!ps->clear_connected) { if (CONFIG->WRITE_PROXY_LINE_V1 || CONFIG->WRITE_PROXY_LINE_V2) { struct sockaddr_storage local; socklen_t slen = sizeof local; AZ(getsockname(ps->fd_up, (struct sockaddr *) &local, &slen)); if (CONFIG->WRITE_PROXY_LINE_V1) write_proxy_v1(ps, (struct sockaddr *) &local, slen); else write_proxy_v2(ps, (struct sockaddr *) &local); } else if (CONFIG->WRITE_IP_OCTET) { write_ip_octet(ps); } /* start connect now */ if (0 != start_connect(ps)) return; } else { /* hitch used in client mode, keep client session ) */ if (!SSL_session_reused(ps->ssl)) { if (client_session) SSL_SESSION_free(client_session); client_session = SSL_get1_session(ps->ssl); } } /* if incoming buffer is not full */ if (!ringbuffer_is_full(&ps->ring_ssl2clear)) safe_enable_io(ps, &ps->ev_r_ssl); /* if outgoing buffer is not empty */ if (!ringbuffer_is_empty(&ps->ring_clear2ssl)) // not safe.. we want to resume stream even during half-closed ev_io_start(loop, &ps->ev_w_ssl); } static void client_proxy_proxy(struct ev_loop *loop, ev_io *w, int revents) { (void)revents; int t; char *proxy = tcp_proxy_line; char *end = tcp_proxy_line + sizeof(tcp_proxy_line); proxystate *ps; BIO *b; CAST_OBJ_NOTNULL(ps, w->data, PROXYSTATE_MAGIC); b = SSL_get_rbio(ps->ssl); // Copy characters one-by-one until we hit a \n or an error while (proxy != end && (t = BIO_read(b, proxy, 1)) == 1) { if (*proxy++ == '\n') break; } if (proxy == end) { LOG("{client} Unexpectedly long PROXY line. Malformed req?"); shutdown_proxy(ps, SHUTDOWN_SSL); } else if (t == 1) { if (ringbuffer_is_full(&ps->ring_ssl2clear)) { LOG("{client} Error writing PROXY line"); shutdown_proxy(ps, SHUTDOWN_SSL); return; } char *ring = ringbuffer_write_ptr(&ps->ring_ssl2clear); memcpy(ring, tcp_proxy_line, proxy - tcp_proxy_line); ringbuffer_write_append(&ps->ring_ssl2clear, proxy - tcp_proxy_line); // Finished reading the PROXY header if (*(proxy - 1) == '\n') { ev_io_stop(loop, &ps->ev_proxy); // Start the real handshake start_handshake(ps, SSL_ERROR_WANT_READ); } } else if (!BIO_should_retry(b)) { LOG("{client} Unexpected error reading PROXY line"); shutdown_proxy(ps, SHUTDOWN_SSL); } } /* The libev I/O handler during the OpenSSL handshake phase. Basically, just * let OpenSSL do what it likes with the socket and obey its requests for reads * or writes */ static void client_handshake(struct ev_loop *loop, ev_io *w, int revents) { (void)revents; int t; const char *errtok; proxystate *ps; int errno_val; CAST_OBJ_NOTNULL(ps, w->data, PROXYSTATE_MAGIC); LOGPROXY(ps,"ssl client handshake revents=%x\n",revents); t = SSL_do_handshake(ps->ssl); if (t == 1) { end_handshake(ps); } else { errno_val = errno; int err = SSL_get_error(ps->ssl, t); switch (err) { #define SSL_ERR(a) \ case a: errtok = #a; break; #include "ssl_err.h" #undef SSL_ERR default: errtok = ""; } LOGPROXY(ps,"ssl client handshake err=%s\n",errtok); if (err == SSL_ERROR_WANT_READ) { ev_io_stop(loop, &ps->ev_w_handshake); ev_io_start(loop, &ps->ev_r_handshake); } else if (err == SSL_ERROR_WANT_WRITE) { ev_io_stop(loop, &ps->ev_r_handshake); ev_io_start(loop, &ps->ev_w_handshake); } else if (err == SSL_ERROR_ZERO_RETURN) { LOG("{%s} Connection closed (in handshake)\n", w->fd == ps->fd_up ? "client" : "backend"); shutdown_proxy(ps, SHUTDOWN_SSL); } else if (err == SSL_ERROR_SYSCALL) { LOG("{%s} SSL socket error in handshake: %s\n", w->fd == ps->fd_up ? "client" : "backend", strerror(errno_val)); shutdown_proxy(ps, SHUTDOWN_SSL); } else { if (err == SSL_ERROR_SSL) { log_ssl_error(ps, "Handshake failure"); } else { LOG("{%s} Unexpected SSL error " "(in handshake): %d\n", w->fd == ps->fd_up ? "client" : "backend", err); } shutdown_proxy(ps, SHUTDOWN_SSL); } } } static void handshake_timeout(EV_P_ ev_timer *w, int revents) { (void)loop; (void)revents; proxystate *ps; CAST_OBJ_NOTNULL(ps, w->data, PROXYSTATE_MAGIC); LOGPROXY(ps,"SSL handshake timeout\n"); shutdown_proxy(ps, SHUTDOWN_HARD); } #define SSLERR(ps, which, log) \ switch (err) { \ case SSL_ERROR_ZERO_RETURN: \ log(ps,"Connection closed by " which "\n"); \ break; \ case SSL_ERROR_SYSCALL: \ if (errno == 0) { \ log(ps,"Connection closed by " which "\n"); \ } else { \ log(ps,"SSL socket error (" which "): %s\n", \ strerror(errno)); \ } \ break; \ default: \ log(ps,"{" which "} Unexpected SSL_read error (" \ which "): %d\n", err); \ } /* Handle a socket error condition passed to us from OpenSSL */ static void handle_fatal_ssl_error(proxystate *ps, int err, int backend) { CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); if (backend) { SSLERR(ps, "backend", ERRPROXY); } else { SSLERR(ps, "client", LOGPROXY); } shutdown_proxy(ps, SHUTDOWN_SSL); } /* Read some data from the upstream secure socket via OpenSSL, * and buffer anything we get for writing to the backend */ static void ssl_read(struct ev_loop *loop, ev_io *w, int revents) { (void)revents; int t; proxystate *ps; CAST_OBJ_NOTNULL(ps, w->data, PROXYSTATE_MAGIC); if (ps->want_shutdown) { ev_io_stop(loop, &ps->ev_r_ssl); return; } if (ringbuffer_is_full(&ps->ring_ssl2clear)) { ERRPROXY(ps, "attempt to read ssl when ring full"); ev_io_stop(loop, &ps->ev_r_ssl); return; } char *buf = ringbuffer_write_ptr(&ps->ring_ssl2clear); t = SSL_read(ps->ssl, buf, ps->ring_ssl2clear.data_len); /* Fix CVE-2009-3555. Disable reneg if started by client. */ if (ps->renegotiation) { shutdown_proxy(ps, SHUTDOWN_SSL); return; } if (t > 0) { ringbuffer_write_append(&ps->ring_ssl2clear, t); if (ringbuffer_is_full(&ps->ring_ssl2clear)) ev_io_stop(loop, &ps->ev_r_ssl); if (ps->clear_connected) safe_enable_io(ps, &ps->ev_w_clear); } else { int err = SSL_get_error(ps->ssl, t); if (err == SSL_ERROR_WANT_WRITE) { start_handshake(ps, err); } else if (err == SSL_ERROR_WANT_READ) { /* NOOP. Incomplete SSL data */ } else { if (err == SSL_ERROR_SSL) { log_ssl_error(ps, "SSL_read error"); } handle_fatal_ssl_error(ps, err, w->fd == ps->fd_up ? 0 : 1); } } } /* Write some previously-buffered backend data upstream on the * secure socket using OpenSSL */ static void ssl_write(struct ev_loop *loop, ev_io *w, int revents) { (void)revents; int t; int sz; proxystate *ps; CAST_OBJ_NOTNULL(ps, w->data, PROXYSTATE_MAGIC); assert(!ringbuffer_is_empty(&ps->ring_clear2ssl)); char *next = ringbuffer_read_next(&ps->ring_clear2ssl, &sz); t = SSL_write(ps->ssl, next, sz); if (t > 0) { if (t == sz) { ringbuffer_read_pop(&ps->ring_clear2ssl); if (ps->clear_connected) // can be re-enabled b/c we've popped safe_enable_io(ps, &ps->ev_r_clear); if (ringbuffer_is_empty(&ps->ring_clear2ssl)) { if (ps->want_shutdown) { shutdown_proxy(ps, SHUTDOWN_HARD); return; } ev_io_stop(loop, &ps->ev_w_ssl); } } else { ringbuffer_read_skip(&ps->ring_clear2ssl, t); } } else { int err = SSL_get_error(ps->ssl, t); if (err == SSL_ERROR_WANT_READ) { start_handshake(ps, err); } else if (err == SSL_ERROR_WANT_WRITE) { /* NOOP. Incomplete SSL data */ } else { if (err == SSL_ERROR_SSL) { log_ssl_error(ps, "SSL_write error"); } else { LOG("{%s} SSL_write error: %d\n", w->fd == ps->fd_up ? "client" : "backend", err); } handle_fatal_ssl_error(ps, err, w->fd == ps->fd_up ? 0 : 1); } } } /* libev read handler for the bound sockets. Socket is accepted, * the proxystate is allocated and initalized, and we're off the races * connecting to the backend */ static void handle_accept(struct ev_loop *loop, ev_io *w, int revents) { (void)revents; (void)loop; struct sockaddr_storage addr; sslctx *so; struct frontend *fr; proxystate *ps; socklen_t sl = sizeof(addr); #if HAVE_ACCEPT4==1 int client = accept4(w->fd, (struct sockaddr *) &addr, &sl, SOCK_NONBLOCK); #else int client = accept(w->fd, (struct sockaddr *) &addr, &sl); #endif if (client == -1) { switch (errno) { case EMFILE: ERR("{client} accept() failed; " "too many open files for this process\n"); break; case ENFILE: ERR("{client} accept() failed; " "too many open files for this system\n"); break; default: if (errno != EINTR && errno != EWOULDBLOCK && errno != EAGAIN && errno != ENOTTY && errno != ECONNABORTED) { SOCKERR("{client} accept() failed"); } } return; } int flag = 1; int ret = setsockopt(client, IPPROTO_TCP, TCP_NODELAY, (char *)&flag, sizeof(flag) ); if (ret == -1) { SOCKERR("Couldn't setsockopt on client (TCP_NODELAY)"); } #ifdef TCP_CWND int cwnd = 10; ret = setsockopt(client, IPPROTO_TCP, TCP_CWND, &cwnd, sizeof(cwnd)); if (ret == -1) { SOCKERR("Couldn't setsockopt on client (TCP_CWND)"); } #endif #if HAVE_ACCEPT4==0 if (setnonblocking(client) < 0) { SOCKERR("{client} setnonblocking failed"); (void) close(client); return; } #endif settcpkeepalive(client); int back = create_back_socket(); if (back == -1) { (void) close(client); ERR("{backend-socket}: %s\n", strerror(errno)); return; } CAST_OBJ_NOTNULL(fr, w->data, FRONTEND_MAGIC); if (fr->ssl_ctxs != NULL) CAST_OBJ_NOTNULL(so, fr->ssl_ctxs, SSLCTX_MAGIC); else CAST_OBJ_NOTNULL(so, default_ctx, SSLCTX_MAGIC); SSL *ssl = SSL_new(so->ctx); if (ssl == NULL) { (void)close(back); (void)close(client); ERR("{SSL_new}: %s\n", strerror(errno)); return; } ALLOC_OBJ(ps, PROXYSTATE_MAGIC); if (ps == NULL) { SSL_free(ssl); (void)close(back); (void)close(client); ERR("{malloc-err}: %s\n", strerror(errno)); return; } long mode = SSL_MODE_ENABLE_PARTIAL_WRITE; #ifdef SSL_MODE_RELEASE_BUFFERS mode |= SSL_MODE_RELEASE_BUFFERS; #endif SSL_set_mode(ssl, mode); SSL_set_accept_state(ssl); SSL_set_fd(ssl, client); ps->fd_up = client; ps->fd_down = back; ps->ssl = ssl; ps->want_shutdown = 0; ps->clear_connected = 0; ps->handshaked = 0; ps->renegotiation = 0; ps->remote_ip = addr; ps->connect_port = 0; ringbuffer_init(&ps->ring_clear2ssl, CONFIG->RING_SLOTS, CONFIG->RING_DATA_LEN); ringbuffer_init(&ps->ring_ssl2clear, CONFIG->RING_SLOTS, CONFIG->RING_DATA_LEN); /* set up events */ ev_io_init(&ps->ev_r_ssl, ssl_read, client, EV_READ); ev_io_init(&ps->ev_w_ssl, ssl_write, client, EV_WRITE); ev_io_init(&ps->ev_r_handshake, client_handshake, client, EV_READ); ev_io_init(&ps->ev_w_handshake, client_handshake, client, EV_WRITE); ev_timer_init(&ps->ev_t_handshake, handshake_timeout, CONFIG->SSL_HANDSHAKE_TIMEOUT, 0.); ev_io_init(&ps->ev_proxy, client_proxy_proxy, client, EV_READ); ev_io_init(&ps->ev_w_connect, handle_connect, back, EV_WRITE); ev_timer_init(&ps->ev_t_connect, connect_timeout, CONFIG->BACKEND_CONNECT_TIMEOUT, 0.); ev_io_init(&ps->ev_w_clear, clear_write, back, EV_WRITE); ev_io_init(&ps->ev_r_clear, clear_read, back, EV_READ); ps->ev_r_ssl.data = ps; ps->ev_w_ssl.data = ps; ps->ev_r_clear.data = ps; ps->ev_w_clear.data = ps; ps->ev_proxy.data = ps; ps->ev_w_connect.data = ps; ps->ev_t_connect.data = ps; ps->ev_r_handshake.data = ps; ps->ev_w_handshake.data = ps; ps->ev_t_handshake.data = ps; /* Link back proxystate to SSL state */ SSL_set_app_data(ssl, ps); n_conns++; LOGPROXY(ps, "proxy connect\n"); if (CONFIG->PROXY_PROXY_LINE) { ev_io_start(loop, &ps->ev_proxy); } else { /* for client-first handshake */ start_handshake(ps, SSL_ERROR_WANT_READ); } } static void check_ppid(struct ev_loop *loop, ev_timer *w, int revents) { struct frontend *fr; struct listen_sock *ls; (void)revents; pid_t ppid = getppid(); if (ppid != master_pid) { ERR("{core} Process %d detected parent death, " "closing listener sockets.\n", core_id); ev_timer_stop(loop, w); VTAILQ_FOREACH(fr, &frontends, list) { CHECK_OBJ_NOTNULL(fr, FRONTEND_MAGIC); VTAILQ_FOREACH(ls, &fr->socks, list) { CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC); ev_io_stop(loop, &ls->listener); close(ls->sock); } } } } static void handle_mgt_rd(struct ev_loop *loop, ev_io *w, int revents) { unsigned cg; ssize_t r; struct frontend *fr; struct listen_sock *ls; (void) revents; r = read(w->fd, &cg, sizeof(cg)); if (r == -1) { if (errno == EWOULDBLOCK || errno == EAGAIN) return; SOCKERR("Error in mgt->worker read operation. " "Restarting process."); /* If something went wrong here, the process will be * left in utter limbo as to whether it should keep * running or not. Kill the process and let the mgt * process start it back up. */ _exit(1); } else if (r == 0) { /* Parent died .. */ _exit(1); } if (cg != worker_gen) { /* This means this process has reached its retirement age. */ worker_state = WORKER_EXITING; /* Stop accepting new connections. */ VTAILQ_FOREACH(fr, &frontends, list) { CHECK_OBJ_NOTNULL(fr, FRONTEND_MAGIC); VTAILQ_FOREACH(ls, &fr->socks, list) { CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC); ev_io_stop(loop, &ls->listener); close(ls->sock); } } check_exit_state(); } LOGL("Worker %d (gen: %d): State %s\n", core_id, worker_gen, (worker_state == WORKER_EXITING) ? "EXITING" : "ACTIVE"); } static void handle_clear_accept(struct ev_loop *loop, ev_io *w, int revents) { (void)revents; (void)loop; struct sockaddr_storage addr; struct frontend *fr; sslctx *so; proxystate *ps; socklen_t sl = sizeof(addr); int client = accept(w->fd, (struct sockaddr *) &addr, &sl); if (client == -1) { switch (errno) { case EMFILE: ERR("{client} accept() failed; " "too many open files for this process\n"); break; case ENFILE: ERR("{client} accept() failed; " "too many open files for this system\n"); break; default: if (errno != EINTR && errno != EWOULDBLOCK && errno != EAGAIN && errno != ECONNABORTED) { SOCKERR("{client} accept() failed"); } break; } return; } int flag = 1; int ret = setsockopt(client, IPPROTO_TCP, TCP_NODELAY, (char *)&flag, sizeof(flag) ); if (ret == -1) { ERR("Couldn't setsockopt on client (TCP_NODELAY): %s\n", strerror(errno)); } #ifdef TCP_CWND int cwnd = 10; ret = setsockopt(client, IPPROTO_TCP, TCP_CWND, &cwnd, sizeof(cwnd)); if (ret == -1) { ERR("Couldn't setsockopt on client (TCP_CWND): %s\n", strerror(errno)); } #endif if (setnonblocking(client)) { SOCKERR("{client} setnonblocking failed"); (void) close(client); return; } settcpkeepalive(client); int back = create_back_socket(); if (back == -1) { close(client); ERR("{backend-socket}: %s\n", strerror(errno)); return; } CAST_OBJ_NOTNULL(fr, w->data, FRONTEND_MAGIC); if (fr->ssl_ctxs != NULL) CAST_OBJ_NOTNULL(so, fr->ssl_ctxs, SSLCTX_MAGIC); else CAST_OBJ_NOTNULL(so, default_ctx, SSLCTX_MAGIC); SSL *ssl = SSL_new(so->ctx); long mode = SSL_MODE_ENABLE_PARTIAL_WRITE; #ifdef SSL_MODE_RELEASE_BUFFERS mode |= SSL_MODE_RELEASE_BUFFERS; #endif SSL_set_mode(ssl, mode); SSL_set_connect_state(ssl); SSL_set_fd(ssl, back); if (client_session) SSL_set_session(ssl, client_session); ALLOC_OBJ(ps, PROXYSTATE_MAGIC); ps->fd_up = client; ps->fd_down = back; ps->ssl = ssl; ps->want_shutdown = 0; ps->clear_connected = 1; ps->handshaked = 0; ps->renegotiation = 0; ps->remote_ip = addr; ringbuffer_init(&ps->ring_clear2ssl, CONFIG->RING_SLOTS, CONFIG->RING_DATA_LEN); ringbuffer_init(&ps->ring_ssl2clear, CONFIG->RING_SLOTS, CONFIG->RING_DATA_LEN); /* set up events */ ev_io_init(&ps->ev_r_clear, clear_read, client, EV_READ); ev_io_init(&ps->ev_w_clear, clear_write, client, EV_WRITE); ev_io_init(&ps->ev_w_connect, handle_connect, back, EV_WRITE); ev_timer_init(&ps->ev_t_connect, connect_timeout, CONFIG->BACKEND_CONNECT_TIMEOUT, 0.); ev_io_init(&ps->ev_r_handshake, client_handshake, back, EV_READ); ev_io_init(&ps->ev_w_handshake, client_handshake, back, EV_WRITE); ev_timer_init(&ps->ev_t_handshake, handshake_timeout, CONFIG->SSL_HANDSHAKE_TIMEOUT, 0.); ev_io_init(&ps->ev_w_ssl, ssl_write, back, EV_WRITE); ev_io_init(&ps->ev_r_ssl, ssl_read, back, EV_READ); ps->ev_r_ssl.data = ps; ps->ev_w_ssl.data = ps; ps->ev_r_clear.data = ps; ps->ev_w_clear.data = ps; ps->ev_w_connect.data = ps; ps->ev_r_handshake.data = ps; ps->ev_w_handshake.data = ps; ps->ev_t_handshake.data = ps; /* Link back proxystate to SSL state */ SSL_set_app_data(ssl, ps); n_conns++; ev_io_start(loop, &ps->ev_r_clear); start_connect(ps); /* start connect */ } /* Set up the child (worker) process including libev event loop, read event * on the bound sockets, etc */ static void handle_connections(int mgt_fd) { struct frontend *fr; sslctx *sc, *sctmp; struct listen_sock *ls; struct sigaction sa; worker_state = WORKER_ACTIVE; LOGL("{core} Process %d online\n", core_id); /* child cannot create new children... */ create_workers = 0; /* nor can they handle SIGHUP */ sa.sa_flags = 0; sa.sa_handler = SIG_IGN; sigemptyset(&sa.sa_mask); AZ(sigaction(SIGHUP, &sa, NULL)); #if defined(CPU_ZERO) && defined(CPU_SET) cpu_set_t cpus; CPU_ZERO(&cpus); CPU_SET(core_id, &cpus); int res = sched_setaffinity(0, sizeof(cpus), &cpus); if (!res) LOG("{core} Successfully attached to CPU #%d\n", core_id); else ERR("{core-warning} Unable to attach to CPU #%d; " "do you have that many cores?\n", core_id); #endif loop = ev_default_loop(EVFLAG_AUTO); ev_timer timer_ppid_check; ev_timer_init(&timer_ppid_check, check_ppid, 1.0, 1.0); ev_timer_start(loop, &timer_ppid_check); VTAILQ_FOREACH(fr, &frontends, list) { VTAILQ_FOREACH(ls, &fr->socks, list) { ev_io_init(&ls->listener, (CONFIG->PMODE == SSL_CLIENT) ? handle_clear_accept : handle_accept, ls->sock, EV_READ); ls->listener.data = fr; ev_io_start(loop, &ls->listener); } } if (CONFIG->OCSP_DIR != NULL) { HASH_ITER(hh, ssl_ctxs, sc, sctmp) { if (sc->ev_staple) ev_stat_start(loop, sc->ev_staple); } VTAILQ_FOREACH(fr, &frontends, list) { HASH_ITER(hh, fr->ssl_ctxs, sc, sctmp) { if (sc->ev_staple) ev_stat_start(loop, sc->ev_staple); } } if (default_ctx != NULL && default_ctx->ev_staple != NULL) ev_stat_start(loop, default_ctx->ev_staple); } AZ(setnonblocking(mgt_fd)); ev_io_init(&mgt_rd, handle_mgt_rd, mgt_fd, EV_READ); ev_io_start(loop, &mgt_rd); ev_loop(loop, 0); ERR("Worker %d (gen: %d) exiting.\n", core_id, worker_gen); _exit(1); } /* OCSP requestor process. */ static void handle_ocsp_task(void) { struct frontend *fr; struct listen_sock *ls; sslctx *sc, *sctmp; ev_timer timer_ppid_check; /* we don't accept incoming connections for this process. */ VTAILQ_FOREACH(fr, &frontends, list) { CHECK_OBJ_NOTNULL(fr, FRONTEND_MAGIC); VTAILQ_FOREACH(ls, &fr->socks, list) { CHECK_OBJ_NOTNULL(ls, LISTEN_SOCK_MAGIC); ev_io_stop(loop, &ls->listener); close(ls->sock); } } (void) umask(027); loop = ev_default_loop(EVFLAG_AUTO); /* Create ocspquery work items for any eligible ocsp queries */ HASH_ITER(hh, ssl_ctxs, sc, sctmp) { HOCSP_mktask(sc, NULL, -1.0); } VTAILQ_FOREACH(fr, &frontends, list) { HASH_ITER(hh, fr->ssl_ctxs, sc, sctmp) { HOCSP_mktask(sc, NULL, -1.0); } } if (default_ctx != NULL) HOCSP_mktask(default_ctx, NULL, -1.0); ev_timer_init(&timer_ppid_check, check_ppid, 1.0, 1.0); ev_timer_start(loop, &timer_ppid_check); ev_loop(loop, 0); _exit(0); } void change_root() { if (chroot(CONFIG->CHROOT) == -1) fail("chroot"); if (chdir("/")) fail("chdir"); } void drop_privileges(void) { if (geteuid() == 0) { if (CONFIG->UID >= 0) AZ(setgroups(0, NULL)); if (CONFIG->GID >= 0) AZ(setgid(CONFIG->GID)); if (CONFIG->UID >= 0) AZ(setuid(CONFIG->UID)); } else { LOG("{core} Not running as root, no priv-sep\n"); } /* On Linux >= 2.4, you need to set the dumpable flag to get core dumps after you have done a setuid. */ #ifdef __linux__ if (prctl(PR_SET_DUMPABLE, 1) != 0) LOG("Could not set dumpable bit. Core dumps turned off\n"); #endif } void init_globals(void) { /* backaddr */ struct addrinfo hints; VTAILQ_INIT(&frontends); VTAILQ_INIT(&worker_procs); memset(&hints, 0, sizeof hints); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = 0; const int gai_err = getaddrinfo(CONFIG->BACK_IP, CONFIG->BACK_PORT, &hints, &backaddr); if (gai_err != 0) { ERR("{getaddrinfo-backend}: %s\n", gai_strerror(gai_err)); exit(1); } #ifdef USE_SHARED_CACHE if (CONFIG->SHARED_CACHE) { /* cache update peers addresses */ shcupd_peer_opt *spo = CONFIG->SHCUPD_PEERS; struct addrinfo **pai = shcupd_peers; while (spo->ip) { memset(&hints, 0, sizeof hints); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_DGRAM; hints.ai_flags = 0; const int gai_err = getaddrinfo(spo->ip, spo->port ? spo->port : CONFIG->SHCUPD_PORT, &hints, pai); if (gai_err != 0) { ERR("{getaddrinfo}: %s\n", gai_strerror(gai_err)); exit(1); } spo++; pai++; } } #endif if (CONFIG->SYSLOG) openlog("hitch", LOG_CONS | LOG_PID | LOG_NDELAY, CONFIG->SYSLOG_FACILITY); } /* Forks COUNT children starting with START_INDEX. We keep a struct * child_proc per child so the parent can manage it later. */ void start_workers(int start_index, int count) { struct worker_proc *c; int pfd[2]; /* don't do anything if we're not allowed to create new workers */ if (!create_workers) return; for (core_id = start_index; core_id < start_index + count; core_id++) { ALLOC_OBJ(c, WORKER_PROC_MAGIC); AZ(pipe(pfd)); c->pfd = pfd[1]; c->gen = worker_gen; c->pid = fork(); c->core_id = core_id; if (c->pid == -1) { ERR("{core} fork() failed: %s; Goodbye cruel world!\n", strerror(errno)); exit(1); } else if (c->pid == 0) { /* child */ close(pfd[1]); FREE_OBJ(c); if (CONFIG->UID >= 0 || CONFIG->GID >= 0) drop_privileges(); if (geteuid() == 0) { ERR("{core} ERROR: " "Refusing to run workers as root.\n"); _exit(1); } handle_connections(pfd[0]); exit(0); } else { /* parent. Track new child. */ close(pfd[0]); VTAILQ_INSERT_TAIL(&worker_procs, c, list); } } } void start_ocsp_proc(void) { ocsp_proc_pid = fork(); if (ocsp_proc_pid == -1) { ERR("{core}: fork() failed: %s: Exiting.\n", strerror(errno)); exit(1); } else if (ocsp_proc_pid == 0) { if (CONFIG->UID >= 0 || CONFIG->GID >= 0) drop_privileges(); if (geteuid() == 0) { ERR("{core} ERROR: " "Refusing to run workers as root.\n"); _exit(1); } handle_ocsp_task(); } /* child proc should never return. */ AN(ocsp_proc_pid); } /* Forks a new child to replace the old, dead, one with the given PID.*/ void replace_child_with_pid(pid_t pid) { struct worker_proc *c, *cp; /* find old child's slot and put a new child there */ VTAILQ_FOREACH_SAFE(c, &worker_procs, list, cp) { if (c->pid == pid) { VTAILQ_REMOVE(&worker_procs, c, list); /* Only replace if it matches current generation. */ if (c->gen == worker_gen) start_workers(c->core_id, 1); FREE_OBJ(c); return; } } ERR("Cannot find index for child pid %d", pid); } /* Manage status changes in child processes */ static void do_wait(void) { struct worker_proc *c, *ctmp; int status; int pid; #define WAIT_PID(p, action) do { \ pid = waitpid(p, &status, WNOHANG); \ if (pid == 0) { \ /* child has not exited */ \ break; \ } \ else if (pid == -1) { \ if (errno == EINTR) \ ERR("{core} Interrupted waitpid\n"); \ else \ fail("waitpid"); \ } else { \ if (WIFEXITED(status)) { \ ERR("{core} Child %d exited with status %d.\n", \ pid, WEXITSTATUS(status)); \ action; \ } else if (WIFSIGNALED(status)) { \ ERR("{core} Child %d was terminated by " \ "signal %d.\n", pid, WTERMSIG(status)); \ action; \ } \ } \ } while (0) VTAILQ_FOREACH_SAFE(c, &worker_procs, list, ctmp) { WAIT_PID(c->pid, replace_child_with_pid(pid)); } /* also check if the ocsp worker killed itself */ if (CONFIG->OCSP_DIR != NULL) WAIT_PID(ocsp_proc_pid, start_ocsp_proc()); } static void sigchld_handler(int signum) { assert(signum == SIGCHLD); n_sigchld++; } static void sigh_terminate (int __attribute__ ((unused)) signo) { struct worker_proc *c; /* don't create any more children */ create_workers = 0; /* are we the master? */ if (getpid() == master_pid) { LOGL("{core} Received signal %d, shutting down.\n", signo); /* kill all children */ VTAILQ_FOREACH(c, &worker_procs, list) { /* LOG("Stopping worker pid %d.\n", c->pid); */ if (c->pid > 1 && kill(c->pid, SIGTERM) != 0) { ERR("{core} Unable to send SIGTERM to worker " "pid %d: %s\n", c->pid, strerror(errno)); } } if (ocsp_proc_pid != 0) kill(ocsp_proc_pid, SIGTERM); } /* this is it, we're done... */ exit(0); } static void sighup_handler(int signum) { assert(signum == SIGHUP); n_sighup++; } static void init_signals() { struct sigaction act; sigemptyset(&act.sa_mask); act.sa_flags = 0; act.sa_handler = SIG_IGN; /* Avoid getting PIPE signal when writing to a closed file descriptor */ if (sigaction(SIGPIPE, &act, NULL) < 0) fail("sigaction - sigpipe"); /* We don't care if someone stops and starts a child process * with kill (1) */ act.sa_flags = SA_NOCLDSTOP; act.sa_handler = sigchld_handler; /* We do care when child processes change status */ if (sigaction(SIGCHLD, &act, NULL) < 0) fail("sigaction - sigchld"); /* catch INT and TERM signals */ act.sa_flags = 0; act.sa_handler = sigh_terminate; if (sigaction(SIGINT, &act, NULL) < 0) { ERR("Unable to register SIGINT signal handler: %s\n", strerror(errno)); exit(1); } if (sigaction(SIGTERM, &act, NULL) < 0) { ERR("Unable to register SIGTERM signal handler: %s\n", strerror(errno)); exit(1); } act.sa_handler = sighup_handler; if (sigaction(SIGHUP, &act, NULL) != 0) { ERR("Unable to register SIGHUP signal handler: %s\n", strerror(errno)); exit(1); } } #define NULL_DEV "/dev/null" static void daemonize() { /* logging.c */ if (logfile == stdout || logfile == stderr) { logfile = NULL; } /* go to root directory */ if (chdir("/") != 0) { ERR("Unable change directory to /: %s\n", strerror(errno)); exit(1); } /* let's make some children, baby :) */ pid_t pid = fork(); if (pid < 0) { ERR("Unable to daemonize: fork failed: %s\n", strerror(errno)); exit(1); } /* am i the parent? */ if (pid != 0) { LOGL("{core} Daemonized as pid %d.\n", pid); exit(0); } /* reopen standard streams to null device */ if (freopen(NULL_DEV, "r", stdin) == NULL) { ERR("Unable to reopen stdin to %s: %s\n", NULL_DEV, strerror(errno)); exit(1); } if (freopen(NULL_DEV, "w", stdout) == NULL) { ERR("Unable to reopen stdout to %s: %s\n", NULL_DEV, strerror(errno)); exit(1); } if (freopen(NULL_DEV, "w", stderr) == NULL) { ERR("Unable to reopen stderr to %s: %s\n", NULL_DEV, strerror(errno)); exit(1); } /* this is child, the new master */ pid_t s = setsid(); if (s < 0) { ERR("Unable to create new session, setsid(2) failed: " "%s :: %d\n", strerror(errno), s); exit(1); } LOG("Successfully daemonized as pid %d.\n", getpid()); } static void openssl_check_version() { /* detect OpenSSL version in runtime */ long openssl_version = SSLeay(); /* check if we're running the same openssl that we were */ /* compiled with */ if ((openssl_version ^ OPENSSL_VERSION_NUMBER) & ~0xff0L) { ERR( "WARNING: {core} OpenSSL version mismatch; " "hitch was compiled with %lx, now using %lx.\n", (unsigned long int)OPENSSL_VERSION_NUMBER, (unsigned long int)openssl_version ); /* now what? exit now? */ /* exit(1); */ } LOG("{core} Using OpenSSL version %lx.\n", (unsigned long int)openssl_version); } static void remove_pfh(void) { if (pfh && master_pid == getpid()) { VPF_Remove(pfh); } } struct cfg_tpc_obj; enum cfg_tpc_type { CFG_FRONTEND, CFG_CERT /* ... */ }; /* Commit/rollback handling: - KEEP: - commit: reuse - rollback: do nothing - NEW: - commit: use as new - rollback: drop - DROP: - commit: drop - rollback: do nothing */ enum cfg_tpc_handling { CFG_TPC_KEEP, CFG_TPC_NEW, CFG_TPC_DROP }; typedef void cfg_tpc_rollback_f(struct cfg_tpc_obj *o); typedef void cfg_tpc_commit_f(struct cfg_tpc_obj *o); struct cfg_tpc_obj { unsigned magic; #define CFG_TPC_OBJ_MAGIC 0xd6953e5f enum cfg_tpc_type type; enum cfg_tpc_handling handling; void *p[2]; cfg_tpc_rollback_f *rollback; cfg_tpc_commit_f *commit; VTAILQ_ENTRY(cfg_tpc_obj) list; }; VTAILQ_HEAD(cfg_tpc_obj_head, cfg_tpc_obj); static struct cfg_tpc_obj * make_cfg_obj(enum cfg_tpc_type type, enum cfg_tpc_handling handling, void *priv0, void *priv1, cfg_tpc_rollback_f *rollback, cfg_tpc_commit_f *commit) { struct cfg_tpc_obj *o; ALLOC_OBJ(o, CFG_TPC_OBJ_MAGIC); AN(o); o->type = type; o->handling = handling; o->p[0] = priv0; o->p[1] = priv1; o->rollback = rollback; o->commit = commit; return (o); } static void frontend_rollback(struct cfg_tpc_obj *o) { struct frontend *fr; if (o->handling == CFG_TPC_NEW) { CAST_OBJ_NOTNULL(fr, o->p[0], FRONTEND_MAGIC); destroy_frontend(fr); } /* KEEP/DROP: ignore */ } static void frontend_commit(struct cfg_tpc_obj *o) { struct frontend *fr; sslctx *sc; CAST_OBJ_NOTNULL(fr, o->p[0], FRONTEND_MAGIC); switch (o->handling) { case CFG_TPC_NEW: VTAILQ_INSERT_TAIL(&frontends, fr, list); /* FALL-THROUGH */ case CFG_TPC_KEEP: if (o->p[1]) { CAST_OBJ_NOTNULL(sc, o->p[1], SSLCTX_MAGIC); /* fr->sctx = sc; */ } break; case CFG_TPC_DROP: VTAILQ_REMOVE(&frontends, fr, list); destroy_frontend(fr); break; } } static void cert_rollback(struct cfg_tpc_obj *o); static void cert_commit(struct cfg_tpc_obj *o); // Is this incorrectly named? static int ocsp_cfg_changed(const struct cfg_cert_file *cf, const sslctx *sc) { if (sc->staple != NULL && cf->ocspfn == NULL) return (1); /* Dropped OCSP definition */ if (sc->staple == NULL && cf->ocspfn != NULL) return (1); /* Added OCSP definition */ if (sc->staple != NULL && cf->ocspfn != NULL) { if (strcmp(sc->staple_fn, cf->ocspfn) != 0 || sc->staple->mtim < cf->ocsp_mtim) return (1); /* Updated */ } return (0); } /* Query frontend-specific certificates. */ static int cert_fr_query(struct frontend *fr, struct front_arg *fa, struct cfg_tpc_obj_head *cfg_objs) { struct cfg_cert_file *cf, *cftmp; sslctx *sc, *sctmp; struct cfg_tpc_obj *o; HASH_ITER(hh, fr->ssl_ctxs, sc, sctmp) { HASH_FIND_STR(fa->certs, sc->filename, cf); if (cf != NULL && cf->mtim <= sc->mtim && !ocsp_cfg_changed(cf, sc)) { cf->mark = 1; } else { o = make_cfg_obj(CFG_CERT, CFG_TPC_DROP, sc, fr, cert_rollback, cert_commit); VTAILQ_INSERT_TAIL(cfg_objs, o, list); } } HASH_ITER(hh, fa->certs, cf, cftmp) { if (cf->mark) continue; sc = make_ctx_fr(cf, fr, fa); if (sc == NULL) return (-1); o = make_cfg_obj(CFG_CERT, CFG_TPC_NEW, sc, fr, cert_rollback, cert_commit); VTAILQ_INSERT_TAIL(cfg_objs, o, list); } return (0); } /* Query reload of listen sockets. Returns -1 on failure. Failure: Caller calls .rollback() on the objects added in cfg_objs. Success: Caller calls .commit() */ static int frontend_query(struct front_arg *new_set, struct cfg_tpc_obj_head *cfg_objs) { struct frontend *fr; struct front_arg *fa, *ftmp; struct cfg_tpc_obj *o; VTAILQ_FOREACH(fr, &frontends, list) { HASH_FIND_STR(new_set, fr->pspec, fa); if (fa != NULL) { fa->mark = 1; o = make_cfg_obj(CFG_FRONTEND, CFG_TPC_KEEP, fr, NULL, frontend_rollback, frontend_commit); if(cert_fr_query(fr, fa, cfg_objs) < 0) { FREE_OBJ(o); return (-1); } } else o = make_cfg_obj(CFG_FRONTEND, CFG_TPC_DROP, fr, NULL, frontend_rollback, frontend_commit); VTAILQ_INSERT_TAIL(cfg_objs, o, list); } HASH_ITER(hh, new_set, fa, ftmp) { if (!fa->mark) { fr = create_frontend(fa); if (fr == NULL) return (-1); o = make_cfg_obj(CFG_FRONTEND, CFG_TPC_NEW, fr, NULL, frontend_rollback, frontend_commit); VTAILQ_INSERT_TAIL(cfg_objs, o, list); } } return (0); } static void cert_rollback(struct cfg_tpc_obj *o) { sslctx *sc; if (o->handling != CFG_TPC_NEW) return; CAST_OBJ_NOTNULL(sc, o->p[0], SSLCTX_MAGIC); sctx_free(sc, NULL); } static void cert_commit(struct cfg_tpc_obj *o) { sslctx *sc; sni_name **sn_tab; sslctx **ctxs; struct frontend *fr; sn_tab = &sni_names; ctxs = &ssl_ctxs; CAST_OBJ_NOTNULL(sc, o->p[0], SSLCTX_MAGIC); if (o->p[1] != NULL) { CAST_OBJ_NOTNULL(fr, o->p[1], FRONTEND_MAGIC); sn_tab = &fr->sni_names; ctxs = &fr->ssl_ctxs; } switch (o->handling) { case CFG_TPC_NEW: HASH_ADD_KEYPTR(hh, *ctxs, sc->filename, strlen(sc->filename), sc); insert_sni_names(sc, sn_tab); break; case CFG_TPC_KEEP: WRONG("unreachable"); break; case CFG_TPC_DROP: HASH_DEL(*ctxs, sc); sctx_free(sc, sn_tab); break; } } static void dcert_rollback(struct cfg_tpc_obj *o) { cert_rollback(o); } static void dcert_commit(struct cfg_tpc_obj *o) { sslctx *sc; CAST_OBJ_NOTNULL(sc, o->p[0], SSLCTX_MAGIC); CHECK_OBJ_NOTNULL(sni_names, SNI_NAME_MAGIC); switch (o->handling) { case CFG_TPC_NEW: sctx_free(default_ctx, &sni_names); default_ctx = sc; insert_sni_names(sc, &sni_names); break; case CFG_TPC_KEEP: /* FALL-THROUGH */ case CFG_TPC_DROP: /* We always have a default cert. This should not * happen. */ WRONG("unreachable"); break; } } /* Query reload of certificate files */ static int cert_query(hitch_config *cfg, struct cfg_tpc_obj_head *cfg_objs) { struct cfg_cert_file *cf, *cftmp; sslctx *sc, *sctmp; struct cfg_tpc_obj *o; /* NB: The ordering here is significant. It is imperative that * all DROP objects are inserted before any NEW objects, in * order to not wreak havoc in cert_commit(). */ HASH_ITER(hh, ssl_ctxs, sc, sctmp) { HASH_FIND_STR(cfg->CERT_FILES, sc->filename, cf); if (cf != NULL && cf->mtim <= sc->mtim && !ocsp_cfg_changed(cf, sc)) { cf->mark = 1; } else { o = make_cfg_obj(CFG_CERT, CFG_TPC_DROP, sc, NULL, cert_rollback, cert_commit); VTAILQ_INSERT_TAIL(cfg_objs, o, list); } } /* handle default cert. Default cert has its own * rollback/commit functions. */ if (cfg->CERT_DEFAULT != NULL) { cf = cfg->CERT_DEFAULT; CHECK_OBJ_NOTNULL(default_ctx, SSLCTX_MAGIC); if (strcmp(default_ctx->filename, cf->filename) != 0 || cf->mtim > default_ctx->mtim || ocsp_cfg_changed(cf, default_ctx)) { sc = make_ctx(cf); if (sc == NULL) return (-1); o = make_cfg_obj(CFG_CERT, CFG_TPC_NEW, sc, NULL, dcert_rollback, dcert_commit); VTAILQ_INSERT_TAIL(cfg_objs, o, list); } } HASH_ITER(hh, cfg->CERT_FILES, cf, cftmp) { if (cf->mark) continue; sc = make_ctx(cf); if (sc == NULL) return (-1); o = make_cfg_obj(CFG_CERT, CFG_TPC_NEW, sc, NULL, cert_rollback, cert_commit); VTAILQ_INSERT_TAIL(cfg_objs, o, list); } return (0); } static void reconfigure(int argc, char **argv) { struct worker_proc *c; hitch_config *cfg_new; int i, rv; struct cfg_tpc_obj_head cfg_objs; struct cfg_tpc_obj *cto, *cto_tmp; struct timeval tv; double t0, t1; LOGL("Received SIGHUP: Initiating configuration reload.\n"); AZ(gettimeofday(&tv, NULL)); t0 = tv.tv_sec + 1e-6 * tv.tv_usec; VTAILQ_INIT(&cfg_objs); cfg_new = config_new(); AN(cfg_new); if (config_parse_cli(argc, argv, cfg_new, &rv) != 0) { ERR("Config reload failed: %s\n", config_error_get()); config_destroy(cfg_new); return; } /* NB: the ordering of the foo_query() calls here is * significant. */ if (frontend_query(cfg_new->LISTEN_ARGS, &cfg_objs) < 0 || cert_query(cfg_new, &cfg_objs) < 0) { VTAILQ_FOREACH_SAFE(cto, &cfg_objs, list, cto_tmp) { VTAILQ_REMOVE(&cfg_objs, cto, list); AN(cto->rollback); cto->rollback(cto); FREE_OBJ(cto); } ERR("{core} Config reload failed.\n"); return; } else { VTAILQ_FOREACH_SAFE(cto, &cfg_objs, list, cto_tmp) { VTAILQ_REMOVE(&cfg_objs, cto, list); AN(cto->commit); cto->commit(cto); FREE_OBJ(cto); } } AZ(gettimeofday(&tv, NULL)); t1 = tv.tv_sec + 1e-6 * tv.tv_usec; LOGL("{core} Config reloaded in %.2lf seconds. " "Starting new child processes.\n", t1 - t0); worker_gen++; start_workers(0, CONFIG->NCORES); VTAILQ_FOREACH(c, &worker_procs, list) { if (c->gen != worker_gen) { errno = 0; do { i = write(c->pfd, &worker_gen, sizeof(worker_gen)); if (i == -1 && errno != EINTR) { ERR("WARNING: {core} Unable to " "gracefully reload worker %d" " (%s).\n", c->pid, strerror(errno)); (void)kill(c->pid, SIGTERM); break; } } while (i == -1 && errno == EINTR); } } if (CONFIG->OCSP_DIR != NULL) { (void) kill(ocsp_proc_pid, SIGTERM); start_ocsp_proc(); } config_destroy(CONFIG); CONFIG = cfg_new; } /* Process command line args, create the bound socket, * spawn child (worker) processes, and respawn if any die */ int main(int argc, char **argv) { // initialize configuration struct front_arg *fa, *ftmp; int rv; CONFIG = config_new(); // parse command line if (config_parse_cli(argc, argv, CONFIG, &rv) != 0) { fprintf(stderr, "%s\n", config_error_get()); return (rv); } if (CONFIG->TEST) { fprintf(stderr, "Trying to initialize SSL contexts with your" " certificates\n"); init_globals(); init_openssl(); init_certs(); fprintf(stderr, "%s configuration looks ok.\n", basename(argv[0])); return (0); } if (CONFIG->LOG_FILENAME) { FILE* f; if ((f = fopen(CONFIG->LOG_FILENAME, "a")) == NULL) { /* logging.c */ logfile = stderr; ERR("FATAL: Unable to open log file: %s: %s\n", CONFIG->LOG_FILENAME, strerror(errno)); exit(2); } logfile = f; if (CONFIG->UID >=0 || CONFIG->GID >= 0) { AZ(fchown(fileno(logfile), CONFIG->UID, CONFIG->GID)); } AZ(fstat(fileno(logfile), &logf_st)); logf_check_t = time(NULL); } else { logfile = CONFIG->QUIET ? stderr : stdout; } AZ(setvbuf(logfile, NULL, _IONBF, BUFSIZ)); if (CONFIG->DAEMONIZE && (logfile == stdout || logfile == stderr)) logfile = NULL; LOGL("{core} %s starting\n", PACKAGE_STRING); create_workers = 1; openssl_check_version(); init_signals(); init_globals(); init_openssl(); HASH_ITER(hh, CONFIG->LISTEN_ARGS, fa, ftmp) { struct frontend *fr = create_frontend(fa); if (fr == NULL) exit(1); VTAILQ_INSERT_TAIL(&frontends, fr, list); } /* load certificates, pass to handle_connections */ LOGL("{core} Loading certificate pem files (%d)\n", HASH_COUNT(CONFIG->CERT_FILES) + 1); /* XXX: TODO */ init_certs(); #ifdef USE_SHARED_CACHE if (CONFIG->SHCUPD_PORT) { /* create socket to send(children) and receive(parent) cache updates */ shcupd_socket = create_shcupd_socket(); } #endif /* USE_SHARED_CACHE */ if (CONFIG->CHROOT && CONFIG->CHROOT[0]) change_root(); if (geteuid() == 0 && CONFIG->UID < 0) { ERR("{core} ERROR: Refusing to run workers as root.\n"); exit(1); } if (CONFIG->DAEMONIZE) daemonize(); master_pid = getpid(); if (CONFIG->PIDFILE) { pfh = VPF_Open(CONFIG->PIDFILE, 0644, NULL); if (pfh == NULL) { ERR("FATAL: Could not open pid (-p) file (%s): %s\n", CONFIG->PIDFILE, strerror(errno)); exit(1); } AZ(VPF_Write(pfh)); atexit(remove_pfh); } start_workers(0, CONFIG->NCORES); if (CONFIG->OCSP_DIR != NULL) start_ocsp_proc(); #ifdef USE_SHARED_CACHE if (CONFIG->SHCUPD_PORT) { /* start event loop to receive cache updates */ loop = ev_default_loop(EVFLAG_AUTO); ev_io_init(&shcupd_listener, handle_shcupd, shcupd_socket, EV_READ); ev_io_start(loop, &shcupd_listener); } #endif /* USE_SHARED_CACHE */ LOGL("{core} %s initialization complete\n", PACKAGE_STRING); for (;;) { #ifdef USE_SHARED_CACHE if (CONFIG->SHCUPD_PORT) { while (n_sighup == 0 && n_sigchld == 0) { /* event loop to receive cache updates */ ev_loop(loop, EVRUN_ONCE); } } else #else pause(); /* Sleep and let the children work. * Parent will be woken up if a signal arrives */ #endif /* USE_SHARED_CACHE */ while (n_sighup != 0) { n_sighup = 0; reconfigure(argc, argv); } while (n_sigchld != 0) { n_sigchld = 0; do_wait(); } } exit(0); /* just a formality; we never get here */ } hitch-1.4.4/src/configuration.c0000644000175000017500000011460413024470656013357 00000000000000/** * configuration.c * * Original author: Brane F. Gracnar */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "config.h" #include "configuration.h" #include "foreign/miniobj.h" #include "foreign/vas.h" #include "foreign/vsb.h" #include "cfg_parser.h" #define ADDR_LEN 150 #define PORT_LEN 6 #define CFG_BOOL_ON "on" // BEGIN: configuration parameters #define CFG_CIPHERS "ciphers" #define CFG_SSL_ENGINE "ssl-engine" #define CFG_PREFER_SERVER_CIPHERS "prefer-server-ciphers" #define CFG_BACKEND "backend" #define CFG_FRONTEND "frontend" #define CFG_WORKERS "workers" #define CFG_BACKLOG "backlog" #define CFG_KEEPALIVE "keepalive" #define CFG_CHROOT "chroot" #define CFG_USER "user" #define CFG_GROUP "group" #define CFG_QUIET "quiet" #define CFG_SYSLOG "syslog" #define CFG_SYSLOG_FACILITY "syslog-facility" #define CFG_PARAM_SYSLOG_FACILITY 11015 #define CFG_DAEMON "daemon" #define CFG_WRITE_IP "write-ip" #define CFG_WRITE_PROXY "write-proxy" #define CFG_WRITE_PROXY_V1 "write-proxy-v1" #define CFG_WRITE_PROXY_V2 "write-proxy-v2" #define CFG_PEM_FILE "pem-file" #define CFG_PROXY_PROXY "proxy-proxy" #define CFG_ALPN_PROTOS "alpn-protos" #define CFG_PARAM_ALPN_PROTOS 48173 #define CFG_BACKEND_CONNECT_TIMEOUT "backend-connect-timeout" #define CFG_SSL_HANDSHAKE_TIMEOUT "ssl-handshake-timeout" #define CFG_RECV_BUFSIZE "recv-bufsize" #define CFG_SEND_BUFSIZE "send-bufsize" #define CFG_LOG_FILENAME "log-filename" #define CFG_RING_SLOTS "ring-slots" #define CFG_RING_DATA_LEN "ring-data-len" #define CFG_PIDFILE "pidfile" #define CFG_SNI_NOMATCH_ABORT "sni-nomatch-abort" #define CFG_OCSP_DIR "ocsp-dir" #define CFG_TLS_PROTOS "tls-protos" #ifdef USE_SHARED_CACHE #define CFG_SHARED_CACHE "shared-cache" #define CFG_SHARED_CACHE_LISTEN "shared-cache-listen" #define CFG_SHARED_CACHE_PEER "shared-cache-peer" #define CFG_SHARED_CACHE_MCASTIF "shared-cache-if" #endif #define FMT_STR "%s = %s\n" #define FMT_QSTR "%s = \"%s\"\n" #define FMT_ISTR "%s = %d\n" #define CONFIG_BUF_SIZE 1024 #define CFG_PARAM_CFGFILE 10000 #define CFG_CONFIG "config" extern FILE *yyin; extern int yyparse(hitch_config *); void cfg_cert_file_free(struct cfg_cert_file **cfptr); // END: configuration parameters static char error_buf[CONFIG_BUF_SIZE]; static char tmp_buf[150]; /* declare static printf like functions: */ static void config_error_set(char *fmt, ...) __attribute__((format(printf, 1, 2))); static void config_error_set(char *fmt, ...) { int len; char buf[CONFIG_BUF_SIZE] = ""; va_list args; va_start(args, fmt); len = vsnprintf(buf, (sizeof(buf) - 1), fmt, args); va_end(args); len += 1; if (len > CONFIG_BUF_SIZE) len = CONFIG_BUF_SIZE; memcpy(error_buf, buf, len); } char * config_error_get(void) { return error_buf; } struct front_arg * front_arg_new(void) { struct front_arg *fa; ALLOC_OBJ(fa, FRONT_ARG_MAGIC); AN(fa); fa->match_global_certs = -1; fa->sni_nomatch_abort = -1; fa->selected_protos = 0; fa->prefer_server_ciphers = -1; return (fa); } void front_arg_destroy(struct front_arg *fa) { struct cfg_cert_file *cf, *cftmp; CHECK_OBJ_NOTNULL(fa, FRONT_ARG_MAGIC); free(fa->ip); free(fa->port); free(fa->pspec); free(fa->ciphers); HASH_ITER(hh, fa->certs, cf, cftmp) { CHECK_OBJ_NOTNULL(cf, CFG_CERT_FILE_MAGIC); HASH_DEL(fa->certs, cf); cfg_cert_file_free(&cf); } FREE_OBJ(fa); } hitch_config * config_new(void) { hitch_config *r; struct front_arg *fa; r = calloc(1, sizeof(hitch_config)); AN(r); // set default values r->PMODE = SSL_SERVER; r->SELECTED_TLS_PROTOS= 0; r->WRITE_IP_OCTET = 0; r->WRITE_PROXY_LINE_V1= 0; r->WRITE_PROXY_LINE_V2= 0; r->PROXY_PROXY_LINE = 0; r->ALPN_PROTOS = NULL; r->ALPN_PROTOS_LV = NULL; r->ALPN_PROTOS_LV_LEN = 0; r->CHROOT = NULL; r->UID = -1; r->GID = -1; r->BACK_IP = strdup("127.0.0.1"); r->BACK_PORT = strdup("8000"); r->NCORES = 1; r->CIPHER_SUITE = strdup("EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"); r->ENGINE = NULL; r->BACKLOG = 100; r->SNI_NOMATCH_ABORT = 0; r->CERT_DEFAULT = NULL; r->CERT_FILES = NULL; r->LISTEN_ARGS = NULL; fa = front_arg_new(); fa->port = strdup("8443"); fa->pspec = strdup("default"); HASH_ADD_KEYPTR(hh, r->LISTEN_ARGS, fa->pspec, strlen(fa->pspec), fa); r->LISTEN_DEFAULT = fa; r->OCSP_DIR = strdup("/var/lib/hitch/"); r->OCSP_VFY = 0; r->OCSP_RESP_TMO = 10.0; r->OCSP_CONN_TMO = 4.0; #ifdef USE_SHARED_CACHE r->SHARED_CACHE = 0; r->SHCUPD_IP = NULL; r->SHCUPD_PORT = NULL; for (int i = 0 ; i < MAX_SHCUPD_PEERS; i++) memset(&r->SHCUPD_PEERS[i], 0, sizeof(shcupd_peer_opt)); r->SHCUPD_MCASTIF = NULL; r->SHCUPD_MCASTTTL = NULL; #endif r->QUIET = 0; r->SYSLOG = 0; r->SYSLOG_FACILITY = LOG_DAEMON; r->TCP_KEEPALIVE_TIME = 3600; r->DAEMONIZE = 0; r->PREFER_SERVER_CIPHERS = 0; r->TEST = 0; r->BACKEND_CONNECT_TIMEOUT = 30; r->SSL_HANDSHAKE_TIMEOUT = 30; r->RECV_BUFSIZE = -1; r->SEND_BUFSIZE = -1; r->LOG_FILENAME = NULL; r->PIDFILE = NULL; r->RING_SLOTS = 0; r->RING_DATA_LEN = 0; return r; } void config_destroy(hitch_config *cfg) { // printf("config_destroy() in pid %d: %p\n", getpid(), cfg); struct front_arg *fa, *ftmp; struct cfg_cert_file *cf, *cftmp; if (cfg == NULL) return; // free all members! free(cfg->CHROOT); HASH_ITER(hh, cfg->LISTEN_ARGS, fa, ftmp) { CHECK_OBJ_NOTNULL(fa, FRONT_ARG_MAGIC); HASH_DEL(cfg->LISTEN_ARGS, fa); front_arg_destroy(fa); } free(cfg->BACK_IP); free(cfg->BACK_PORT); HASH_ITER(hh, cfg->CERT_FILES, cf, cftmp) { CHECK_OBJ_NOTNULL(cf, CFG_CERT_FILE_MAGIC); HASH_DEL(cfg->CERT_FILES, cf); cfg_cert_file_free(&cf); } if (cfg->CERT_DEFAULT != NULL) { cfg_cert_file_free(&cfg->CERT_DEFAULT); } free(cfg->CIPHER_SUITE); free(cfg->ENGINE); free(cfg->PIDFILE); free(cfg->OCSP_DIR); free(cfg->ALPN_PROTOS); free(cfg->ALPN_PROTOS_LV); #ifdef USE_SHARED_CACHE free(cfg->SHCUPD_IP); free(cfg->SHCUPD_PORT); for (int i = 0; i < MAX_SHCUPD_PEERS; i++) { free(cfg->SHCUPD_PEERS[i].ip); free(cfg->SHCUPD_PEERS[i].port); } free(cfg->SHCUPD_MCASTIF); free(cfg->SHCUPD_MCASTTTL); #endif free(cfg); } char * config_assign_str(char **dst, char *v) { assert(v != NULL); if (strlen(v) <= 0) return(NULL); if (*dst != NULL) free(*dst); *dst = strdup(v); return *dst; } int config_param_val_bool(char *val, int *res) { assert(val != NULL); if (strcasecmp(val, CFG_BOOL_ON) == 0 || strcasecmp(val, "yes") == 0 || strcasecmp(val, "y") == 0 || strcasecmp(val, "true") == 0 || strcasecmp(val, "t") == 0 || strcasecmp(val, "1") == 0) { *res = 1; } return 1; } int config_param_host_port_wildcard(const char *str, char **addr, char **port, char **cert, int wildcard_okay) { const char *cert_ptr = NULL; if (str == NULL) { config_error_set("Invalid/unset host/port string."); return 0; } if (strlen(str) > ADDR_LEN) { config_error_set("Host address too long."); return 0; } // address/port buffers char port_buf[PORT_LEN]; char addr_buf[ADDR_LEN]; memset(port_buf, '\0', sizeof(port_buf)); memset(addr_buf, '\0', sizeof(addr_buf)); // FORMAT IS: [address]:port if (*str != '[') { config_error_set("Invalid address string '%s'", str); return 0; } const char *ptr = str + 1; const char *x = strrchr(ptr, ']'); if (x == NULL) { config_error_set("Invalid address '%s'.", str); return 0; } // address if ((unsigned)(x - ptr) >= sizeof(addr_buf)) { config_error_set("Invalid address '%s'.", str); return 0; } strncpy(addr_buf, ptr, (x - ptr)); // port if (x[1] != ':' || x[2] == '\0') { config_error_set("Invalid port specifier in string '%s'.", str); return 0; } ptr = x + 2; x = strchr(ptr, '+'); if (x == NULL) memcpy(port_buf, ptr, sizeof(port_buf) - 1); else memcpy(port_buf, ptr, (x - ptr)); // cert if (cert && x) { cert_ptr = x + 1; } // printf("PARSED ADDR '%s', PORT '%s'\n", addr_buf, port_buf); int p = atoi(port_buf); if (p < 1 || p > 65536) { config_error_set("Invalid port number '%s'", port_buf); return 0; } if (strcmp(addr_buf, "*") == 0) { if (wildcard_okay) free(*addr); else { config_error_set("Invalid address: wildcards are not allowed."); return 0; } } else { *addr = strdup(addr_buf); } *port = strdup(port_buf); if (cert_ptr != NULL) *cert = strdup(cert_ptr); /* printf("ADDR FINAL: '%s', '%s', '%s'\n", *addr, *port, */ /* cert ? *cert : ""); */ return 1; } int config_param_host_port(char *str, char **addr, char **port) { return config_param_host_port_wildcard(str, addr, port, NULL, 0); } int config_param_val_int(char *str, int *dst, int positive_only) { int num; assert(str != NULL); num = atoi(str); if (positive_only && num < 0) { config_error_set("Not a positive number."); return 0; } *dst = num; return 1; } int config_param_val_long(char *str, long *dst, int positive_only) { long num; assert(str != NULL); num = atol(str); if (positive_only && num <= 0) { config_error_set("Not a positive number."); return 0; } *dst = num; return 1; } static double mtim2double(const struct stat *sb) { double d = sb->st_mtime; #if defined(HAVE_STRUCT_STAT_ST_MTIM) d += sb->st_mtim.tv_nsec * 1e-9; #elif defined(HAVE_STRUCT_STAT_ST_MTIMESPEC) d += sb->st_mtimespec.tv_nsec * 1e-9; #endif return (d); } struct cfg_cert_file * cfg_cert_file_new(void) { struct cfg_cert_file *cert; ALLOC_OBJ(cert, CFG_CERT_FILE_MAGIC); AN(cert); cert->ocsp_vfy = -1; return (cert); } void cfg_cert_file_free(struct cfg_cert_file **cfptr) { struct cfg_cert_file *cf; CHECK_OBJ_NOTNULL(*cfptr, CFG_CERT_FILE_MAGIC); cf = *cfptr; free(cf->filename); free(cf->ocspfn); FREE_OBJ(cf); *cfptr = NULL; } int cfg_cert_vfy(struct cfg_cert_file *cf) { struct stat st; CHECK_OBJ_NOTNULL(cf, CFG_CERT_FILE_MAGIC); AN(cf->filename); if (cf->filename == NULL || strlen(cf->filename) <= 0) return (0); if (stat(cf->filename, &st) != 0) { config_error_set("Unable to stat x509 " "certificate PEM file '%s': %s", cf->filename, strerror(errno)); return (0); } if (!S_ISREG(st.st_mode)) { config_error_set("Invalid x509 certificate " "PEM file '%s': Not a file.", cf->filename); return (0); } cf->mtim = mtim2double(&st); if (cf->ocspfn != NULL) { if (stat(cf->ocspfn, &st) == -1) { config_error_set("Unable to stat OCSP " "stapling file '%s': %s", cf->ocspfn, strerror(errno)); return (0); } if (!S_ISREG(st.st_mode)) { config_error_set("Invalid OCSP stapling file " "'%s': Not a file.", cf->ocspfn); return (0); } cf->ocsp_mtim = mtim2double(&st); } return (1); } void cfg_cert_add(struct cfg_cert_file *cf, struct cfg_cert_file **dst) { CHECK_OBJ_NOTNULL(cf, CFG_CERT_FILE_MAGIC); AN(dst); CHECK_OBJ_ORNULL(*dst, CFG_CERT_FILE_MAGIC); HASH_ADD_KEYPTR(hh, *dst, cf->filename, strlen(cf->filename), cf); } #ifdef USE_SHARED_CACHE /* Parse mcast and ttl options */ int config_param_shcupd_mcastif(char *str, char **iface, char **ttl) { char buf[150]; char *sp; if (strlen(str) >= sizeof buf) { config_error_set("Invalid option for IFACE[,TTL]"); return 0; } sp = strchr(str, ','); if (!sp) { if (!strcmp(str, "*")) *iface = NULL; else *iface = strdup(str); *ttl = NULL; return 1; } else if (!strncmp(str, "*", sp - str)) { *iface = NULL; } else { *sp = 0; *iface = strdup(str); } *ttl = strdup(sp + 1); return 1; } int config_param_shcupd_peer(char *str, hitch_config *cfg) { if (cfg == NULL) { config_error_set("Configuration pointer is NULL."); return 0; } // parse result int r = 1; // find place for new peer int offset = 0; int i = 0; for (i = 0; i < MAX_SHCUPD_PEERS; i++) { if (cfg->SHCUPD_PEERS[i].ip == NULL && cfg->SHCUPD_PEERS[i].port == NULL) { offset = i; break; } } if (i >= MAX_SHCUPD_PEERS) { config_error_set( "Reached maximum number of shared cache update peers (%d).", MAX_SHCUPD_PEERS ); return 0; } // create place for new peer char *addr = malloc(ADDR_LEN); if (addr == NULL) { config_error_set( "Unable to allocate memory for new shared cache update peer address: %s", strerror(errno) ); r = 0; goto outta_parse_peer; } memset(addr, '\0', ADDR_LEN); char *port = malloc(PORT_LEN); if (port == NULL) { config_error_set( "Unable to allocate memory for new shared cache update peer port: %s", strerror(errno) ); r = 0; goto outta_parse_peer; } memset(port, '\0', PORT_LEN); // try to parse address if (! config_param_host_port(str, &addr, &port)) { r = 0; goto outta_parse_peer; } outta_parse_peer: if (! r) { if (addr != NULL) free(addr); if (port != NULL) free(port); } else { cfg->SHCUPD_PEERS[offset].ip = addr; cfg->SHCUPD_PEERS[offset].port = port; } return r; } #endif /* USE_SHARED_CACHE */ int front_arg_add(hitch_config *cfg, struct front_arg *fa) { struct vsb pspec; CHECK_OBJ_NOTNULL(fa, FRONT_ARG_MAGIC); if (cfg->LISTEN_DEFAULT != NULL) { /* drop default listen arg. */ struct front_arg *def = NULL; HASH_FIND_STR(cfg->LISTEN_ARGS, "default", def); AN(def); HASH_DEL(cfg->LISTEN_ARGS, def); free(def->ip); free(def->port); free(def->pspec); FREE_OBJ(def); cfg->LISTEN_DEFAULT = NULL; } VSB_new(&pspec, NULL, 0, VSB_AUTOEXTEND); VSB_printf(&pspec, "[%s]:%s", fa->ip, fa->port); VSB_finish(&pspec); fa->pspec = VSB_data(&pspec); if (fa->port == NULL) { config_error_set("No port number specified " "for frontend '%s'", fa->pspec); return (0); } HASH_ADD_KEYPTR(hh, cfg->LISTEN_ARGS, fa->pspec, strlen(fa->pspec), fa); if (fa->match_global_certs == -1) { if (HASH_CNT(hh, fa->certs) == 0) fa->match_global_certs = 1; else fa->match_global_certs = 0; } else { if (HASH_CNT(hh, fa->certs) == 0 && fa->match_global_certs == 0) { config_error_set("No certificate configured " "for frontend '%s'", fa->pspec); return (0); } } return (1); } int config_param_validate(char *k, char *v, hitch_config *cfg, char *file, int line) { int r = 1; struct stat st; assert(k != NULL); assert(v != NULL); assert(strlen(k) >= 2); if (strcmp(k, "tls") == 0) { cfg->SELECTED_TLS_PROTOS = TLS_OPTION_PROTOS; } else if (strcmp(k, "ssl") == 0) { cfg->SELECTED_TLS_PROTOS = SSL_OPTION_PROTOS; } else if (strcmp(k, CFG_CIPHERS) == 0) { if (strlen(v) > 0) { config_assign_str(&cfg->CIPHER_SUITE, v); } } else if (strcmp(k, CFG_SSL_ENGINE) == 0) { if (strlen(v) > 0) { config_assign_str(&cfg->ENGINE, v); } } else if (strcmp(k, CFG_PREFER_SERVER_CIPHERS) == 0) { r = config_param_val_bool(v, &cfg->PREFER_SERVER_CIPHERS); } else if (strcmp(k, CFG_FRONTEND) == 0) { struct front_arg *fa; struct cfg_cert_file *cert; char *certfile = NULL; fa = front_arg_new(); r = config_param_host_port_wildcard(v, &fa->ip, &fa->port, &certfile, 1); if (r != 0) { if (certfile != NULL) { cert = cfg_cert_file_new(); config_assign_str(&cert->filename, certfile); r = cfg_cert_vfy(cert); if (r != 0) cfg_cert_add(cert, &fa->certs); else cfg_cert_file_free(&cert); free(certfile); } if (r != 0) r = front_arg_add(cfg, fa); else FREE_OBJ(fa); } } else if (strcmp(k, CFG_BACKEND) == 0) { free(cfg->BACK_PORT); free(cfg->BACK_IP); r = config_param_host_port(v, &cfg->BACK_IP, &cfg->BACK_PORT); } else if (strcmp(k, CFG_WORKERS) == 0) { r = config_param_val_long(v, &cfg->NCORES, 1); } else if (strcmp(k, CFG_BACKLOG) == 0) { r = config_param_val_int(v, &cfg->BACKLOG, 0); } else if (strcmp(k, CFG_KEEPALIVE) == 0) { r = config_param_val_int(v, &cfg->TCP_KEEPALIVE_TIME, 1); } #ifdef USE_SHARED_CACHE else if (strcmp(k, CFG_SHARED_CACHE) == 0) { r = config_param_val_int(v, &cfg->SHARED_CACHE, 1); } else if (strcmp(k, CFG_SHARED_CACHE_LISTEN) == 0) { if (strlen(v) > 0) r = config_param_host_port_wildcard(v, &cfg->SHCUPD_IP, &cfg->SHCUPD_PORT, NULL, 1); } else if (strcmp(k, CFG_SHARED_CACHE_PEER) == 0) { r = config_param_shcupd_peer(v, cfg); } else if (strcmp(k, CFG_SHARED_CACHE_MCASTIF) == 0) { r = config_param_shcupd_mcastif(v, &cfg->SHCUPD_MCASTIF, &cfg->SHCUPD_MCASTTTL); } #endif else if (strcmp(k, CFG_CHROOT) == 0) { if (strlen(v) > 0) { // check directory if (stat(v, &st) != 0) { config_error_set("Unable to stat directory" " '%s': %s'.",v,strerror(errno)); r = 0; } else { if (! S_ISDIR(st.st_mode)) { config_error_set("Bad chroot directory " "'%s': Not a directory", v); r = 0; } else { config_assign_str(&cfg->CHROOT, v); } } } } else if (strcmp(k, CFG_USER) == 0) { if (strlen(v) > 0) { struct passwd *passwd; passwd = getpwnam(v); if (!passwd) { config_error_set("Invalid user '%s'.", v); r = 0; } else { cfg->UID = passwd->pw_uid; cfg->GID = passwd->pw_gid; } } } else if (strcmp(k, CFG_GROUP) == 0) { if (strlen(v) > 0) { struct group *grp; grp = getgrnam(v); if (!grp) { config_error_set("Invalid group '%s'.", v); r = 0; } else { cfg->GID = grp->gr_gid; } } } else if (strcmp(k, CFG_QUIET) == 0) { r = config_param_val_bool(v, &cfg->QUIET); } else if (strcmp(k, CFG_SYSLOG) == 0) { r = config_param_val_bool(v, &cfg->SYSLOG); } else if (strcmp(k, CFG_SYSLOG_FACILITY) == 0) { int facility = -1; r = 1; #define SYSLOG_FAC(m, s) \ if (!strcmp(v, s)) \ facility = m; #include "sysl_tbl.h" #undef SYSLOG_FAC if (facility != -1) cfg->SYSLOG_FACILITY = facility; else { config_error_set("Invalid facility '%s'.", v); r = 0; } } else if (strcmp(k, CFG_DAEMON) == 0) { r = config_param_val_bool(v, &cfg->DAEMONIZE); } else if (strcmp(k, CFG_WRITE_IP) == 0) { r = config_param_val_bool(v, &cfg->WRITE_IP_OCTET); } else if (strcmp(k, CFG_WRITE_PROXY) == 0) { r = config_param_val_bool(v, &cfg->WRITE_PROXY_LINE_V2); } else if (strcmp(k, CFG_WRITE_PROXY_V1) == 0) { r = config_param_val_bool(v, &cfg->WRITE_PROXY_LINE_V1); } else if (strcmp(k, CFG_WRITE_PROXY_V2) == 0) { r = config_param_val_bool(v, &cfg->WRITE_PROXY_LINE_V2); } else if (strcmp(k, CFG_PROXY_PROXY) == 0) { r = config_param_val_bool(v, &cfg->PROXY_PROXY_LINE); } else if (strcmp(k, CFG_ALPN_PROTOS) == 0) { if (strlen(v) > 0) { config_assign_str(&cfg->ALPN_PROTOS, v); } } else if (strcmp(k, CFG_PEM_FILE) == 0) { struct cfg_cert_file *cert; cert = cfg_cert_file_new(); config_assign_str(&cert->filename, v); r = cfg_cert_vfy(cert); if (r != 0) { if (cfg->CERT_DEFAULT != NULL) { struct cfg_cert_file *tmp = cfg->CERT_DEFAULT; cfg_cert_add(tmp, &cfg->CERT_FILES); } cfg->CERT_DEFAULT = cert; } else cfg_cert_file_free(&cert); } else if (strcmp(k, CFG_BACKEND_CONNECT_TIMEOUT) == 0) { r = config_param_val_int(v, &cfg->BACKEND_CONNECT_TIMEOUT, 1); } else if (strcmp(k, CFG_SSL_HANDSHAKE_TIMEOUT) == 0) { r = config_param_val_int(v, &cfg->SSL_HANDSHAKE_TIMEOUT, 1); } else if (strcmp(k, CFG_RECV_BUFSIZE) == 0) { r = config_param_val_int(v, &cfg->RECV_BUFSIZE, 1); } else if (strcmp(k, CFG_SEND_BUFSIZE) == 0) { r = config_param_val_int(v, &cfg->SEND_BUFSIZE, 1); } else if (strcmp(k, CFG_LOG_FILENAME) == 0) { if (strlen(v) > 0) { config_assign_str(&cfg->LOG_FILENAME, v); } } else if (strcmp(k, CFG_PIDFILE) == 0) { if (strlen(v) > 0) { config_assign_str(&cfg->PIDFILE, v); } } else if (strcmp(k, CFG_RING_SLOTS) == 0) { r = config_param_val_int(v, &cfg->RING_SLOTS, 1); } else if (strcmp(k, CFG_RING_DATA_LEN) == 0) { r = config_param_val_int(v, &cfg->RING_DATA_LEN, 1); } else if (strcmp(k, CFG_SNI_NOMATCH_ABORT) == 0) { r = config_param_val_bool(v, &cfg->SNI_NOMATCH_ABORT); } else if (strcmp(k, CFG_OCSP_DIR) == 0) { config_assign_str(&cfg->OCSP_DIR, v); } else { fprintf( stderr, "Ignoring unknown configuration key '%s' in configuration file '%s', line %d\n", k, file, line ); } if (!r) { if (file != NULL) config_error_set("Error in configuration file '%s', " "line %d: %s\n", file, line, config_error_get()); else config_error_set("Invalid parameter '%s': %s", k, config_error_get()); return (1); } return (0); } int config_file_parse(char *file, hitch_config *cfg) { FILE *fp = NULL; int r = 0; AN(cfg); // should we read stdin? if (file == NULL || strlen(file) < 1 || strcmp(file, "-") == 0) fp = stdin; else fp = fopen(file, "r"); if (fp == NULL) { config_error_set("Unable to open configuration file '%s': %s\n", file, strerror(errno)); return (1); } yyin = fp; do { if (yyparse(cfg) != 0) { r = 1; break; } } while (!feof(yyin)); fclose(fp); return (r); } char * config_disp_str(char *str) { return (str == NULL) ? "" : str; } char * config_disp_bool(int v) { return (v > 0) ? CFG_BOOL_ON : "off"; } char * config_disp_uid(uid_t uid) { memset(tmp_buf, '\0', sizeof(tmp_buf)); if (uid == 0 && geteuid() != 0) return tmp_buf; struct passwd *pw = getpwuid(uid); if (pw) { memcpy(tmp_buf, pw->pw_name, strlen(pw->pw_name)); } return tmp_buf; } char * config_disp_gid (gid_t gid) { memset(tmp_buf, '\0', sizeof(tmp_buf)); if (gid == 0 && geteuid() != 0) return tmp_buf; struct group *gr = getgrgid(gid); if (gr) { memcpy(tmp_buf, gr->gr_name, strlen(gr->gr_name)); } return tmp_buf; } char * config_disp_hostport(char *host, char *port) { memset(tmp_buf, '\0', sizeof(tmp_buf)); if (host == NULL && port == NULL) return ""; strcat(tmp_buf, "["); if (host == NULL) strcat(tmp_buf, "*"); else { strncat(tmp_buf, host, 40); } strcat(tmp_buf, "]:"); strncat(tmp_buf, port, 5); return tmp_buf; } const char * config_disp_log_facility (int facility) { switch (facility) { #define SYSLOG_FAC(m, s) \ case m: \ return (s); #include "sysl_tbl.h" #undef SYSLOG_FAC default: return "UNKNOWN"; } } void config_print_usage_fd(char *prog, FILE *out) { hitch_config *cfg; cfg = config_new(); AN(cfg); if (out == NULL) out = stderr; fprintf(out, "Usage: %s [OPTIONS] PEM\n\n", basename(prog)); fprintf(out, "This is hitch, The Scalable TLS Unwrapping Daemon.\n\n"); fprintf(out, "CONFIGURATION:\n"); fprintf(out, "\n"); fprintf(out, " --config=FILE Load configuration from specified file.\n"); fprintf(out, "\n"); fprintf(out, "ENCRYPTION METHODS:\n"); fprintf(out, "\n"); fprintf(out, " --tls TLSv1 (default. No SSLv3)\n"); fprintf(out, " --ssl SSLv3 (enables SSLv3)\n"); fprintf(out, " -c --ciphers=SUITE Sets allowed ciphers (Default: \"%s\")\n", config_disp_str(cfg->CIPHER_SUITE)); fprintf(out, " -e --ssl-engine=NAME Sets OpenSSL engine (Default: \"%s\")\n", config_disp_str(cfg->ENGINE)); fprintf(out, " -O --prefer-server-ciphers Prefer server list order\n"); fprintf(out, "\n"); fprintf(out, "SOCKET:\n"); fprintf(out, "\n"); fprintf(out, " --client Enable client proxy mode\n"); fprintf(out, " -b --backend=[HOST]:PORT Backend [connect] (default is \"%s\")\n", config_disp_hostport(cfg->BACK_IP, cfg->BACK_PORT)); fprintf(out, " -f --frontend=[HOST]:PORT[+CERT] Frontend [bind] (default is \"%s\")\n", config_disp_hostport(cfg->LISTEN_DEFAULT->ip, cfg->LISTEN_DEFAULT->port)); fprintf(out, " (Note: brackets are mandatory in endpoint specifiers.)"); #ifdef USE_SHARED_CACHE fprintf(out, "\n"); fprintf(out, " -U --shared-cache-listen=HOST,PORT\n"); fprintf(out, " Accept cache updates on UDP (Default: \"%s\")\n", config_disp_hostport(cfg->SHCUPD_IP, cfg->SHCUPD_PORT)); fprintf(out, " NOTE: This option requires enabled SSL session cache.\n"); fprintf(out, " -P --shared-cache-peer=HOST,PORT\n"); fprintf(out, " Send cache updates to specified peer\n"); fprintf(out, " NOTE: This option can be specified multiple times.\n"); fprintf(out, " -M --shared-cache-if=IFACE[,TTL]\n"); fprintf(out, " Force iface and ttl to receive and send multicast updates\n"); #endif fprintf(out, "\n"); fprintf(out, "PERFORMANCE:\n"); fprintf(out, "\n"); fprintf(out, " -n --workers=NUM Number of worker processes (Default: %ld)\n", cfg->NCORES); fprintf(out, " -B --backlog=NUM Set listen backlog size (Default: %d)\n", cfg->BACKLOG); fprintf(out, " -k --keepalive=SECS TCP keepalive on client socket (Default: %d)\n", cfg->TCP_KEEPALIVE_TIME); #ifdef USE_SHARED_CACHE fprintf(out, " -C --session-cache=NUM Enable and set SSL session cache to specified number\n"); fprintf(out, " of sessions (Default: %d)\n", cfg->SHARED_CACHE); #endif fprintf(out, "\n"); fprintf(out, "SECURITY:\n"); fprintf(out, "\n"); fprintf(out, " -r --chroot=DIR Sets chroot directory (Default: \"%s\")\n", config_disp_str(cfg->CHROOT)); fprintf(out, " -u --user=USER Set uid/gid after binding the socket (Default: \"%s\")\n", config_disp_uid(cfg->UID)); fprintf(out, " -g --group=GROUP Set gid after binding the socket (Default: \"%s\")\n", config_disp_gid(cfg->GID)); fprintf(out, "\n"); fprintf(out, "LOGGING:\n"); fprintf(out, " -q --quiet Be quiet; emit only error messages\n"); fprintf(out, " -s --syslog Send log message to syslog in addition to stderr/stdout\n"); fprintf(out, " --syslog-facility=FACILITY Syslog facility to use (Default: \"%s\")\n", config_disp_log_facility(cfg->SYSLOG_FACILITY)); fprintf(out, "\n"); fprintf(out, "OTHER OPTIONS:\n"); fprintf(out, " --daemon Fork into background and become a daemon (Default: %s)\n", config_disp_bool(cfg->DAEMONIZE)); fprintf(out, " --write-ip Write 1 octet with the IP family followed by the IP\n"); fprintf(out, " address in 4 (IPv4) or 16 (IPv6) octets little-endian\n"); fprintf(out, " to backend before the actual data\n"); fprintf(out, " (Default: %s)\n", config_disp_bool(cfg->WRITE_IP_OCTET)); fprintf(out, " --write-proxy-v1 Write HaProxy's PROXY v1 (IPv4 or IPv6) protocol line\n" ); fprintf(out, " before actual data\n"); fprintf(out, " (Default: %s)\n", config_disp_bool(cfg->WRITE_PROXY_LINE_V1)); fprintf(out, " --write-proxy-v2 Write HaProxy's PROXY v2 binary (IPv4 or IPv6) protocol line\n" ); fprintf(out, " before actual data\n"); fprintf(out, " (Default: %s)\n", config_disp_bool(cfg->WRITE_PROXY_LINE_V2)); fprintf(out, " --write-proxy Equivalent to --write-proxy-v2. For PROXY version 1 use\n"); fprintf(out, " --write-proxy-v1 explicitly\n"); fprintf(out, " --proxy-proxy Proxy HaProxy's PROXY (IPv4 or IPv6) protocol line\n" ); fprintf(out, " before actual data (PROXY v1 only)\n"); fprintf(out, " (Default: %s)\n", config_disp_bool(cfg->PROXY_PROXY_LINE)); fprintf(out, " --sni-nomatch-abort Abort handshake when client " "submits an unrecognized SNI server name\n" ); fprintf(out, " (Default: %s)\n", config_disp_bool(cfg->SNI_NOMATCH_ABORT)); fprintf(out, " --ocsp-dir=DIR Set OCSP staple cache directory\n"); fprintf(out, " This enables automated retrieval and stapling of OCSP responses\n"); fprintf(out, " (Default: \"%s\")\n", config_disp_str(cfg->OCSP_DIR)); fprintf(out, "\n"); fprintf(out, " -t --test Test configuration and exit\n"); fprintf(out, " -p --pidfile=FILE PID file\n"); fprintf(out, " -V --version Print program version and exit\n"); fprintf(out, " -h --help This help message\n"); config_destroy(cfg); } void config_print_usage(char *prog) { config_print_usage_fd(prog, stdout); } int config_parse_cli(int argc, char **argv, hitch_config *cfg, int *retval) { static int tls = 0, ssl = 0; static int client = 0; int c, i; optind = 1; AN(retval); *retval = 0; struct option long_options[] = { { CFG_CONFIG, 1, NULL, CFG_PARAM_CFGFILE }, { "tls", 0, &tls, 1}, { "ssl", 0, &ssl, 1}, { "client", 0, &client, 1}, { CFG_CIPHERS, 1, NULL, 'c' }, { CFG_PREFER_SERVER_CIPHERS, 0, NULL, 'O' }, { CFG_BACKEND, 1, NULL, 'b' }, { CFG_FRONTEND, 1, NULL, 'f' }, { CFG_WORKERS, 1, NULL, 'n' }, { CFG_BACKLOG, 1, NULL, 'B' }, #ifdef USE_SHARED_CACHE { CFG_SHARED_CACHE, 1, NULL, 'C' }, { CFG_SHARED_CACHE_LISTEN, 1, NULL, 'U' }, { CFG_SHARED_CACHE_PEER, 1, NULL, 'P' }, { CFG_SHARED_CACHE_MCASTIF, 1, NULL, 'M' }, #endif { CFG_PIDFILE, 1, NULL, 'p' }, { CFG_KEEPALIVE, 1, NULL, 'k' }, { CFG_CHROOT, 1, NULL, 'r' }, { CFG_USER, 1, NULL, 'u' }, { CFG_GROUP, 1, NULL, 'g' }, { CFG_QUIET, 0, NULL, 'q' }, { CFG_SYSLOG, 0, NULL, 's' }, { CFG_SYSLOG_FACILITY, 1, NULL, CFG_PARAM_SYSLOG_FACILITY }, { CFG_DAEMON, 0, &cfg->DAEMONIZE, 1 }, { CFG_WRITE_IP, 0, &cfg->WRITE_IP_OCTET, 1 }, { CFG_WRITE_PROXY_V1, 0, &cfg->WRITE_PROXY_LINE_V1, 1 }, { CFG_WRITE_PROXY_V2, 0, &cfg->WRITE_PROXY_LINE_V2, 1 }, { CFG_WRITE_PROXY, 0, &cfg->WRITE_PROXY_LINE_V2, 1 }, { CFG_PROXY_PROXY, 0, &cfg->PROXY_PROXY_LINE, 1 }, { CFG_ALPN_PROTOS, 1, NULL, CFG_PARAM_ALPN_PROTOS }, { CFG_SNI_NOMATCH_ABORT, 0, &cfg->SNI_NOMATCH_ABORT, 1 }, { CFG_OCSP_DIR, 1, NULL, 'o' }, { "test", 0, NULL, 't' }, { "version", 0, NULL, 'V' }, { "help", 0, NULL, 'h' }, { 0, 0, 0, 0 } }; #define SHORT_OPTS "c:e:Ob:f:n:B:C:U:p:P:M:k:r:u:g:qstVho:" if (argc == 1) { config_print_usage(argv[0]); *retval = 0; return (1); } /* First do a pass over the args string to see if there was a * config file present. If so, apply its options first in * order to let them be overridden by the command line. */ while (1) { int option_index = 0; c = getopt_long(argc, argv, SHORT_OPTS, long_options, &option_index); if (c == -1) break; else if (c == CFG_PARAM_CFGFILE) { if (config_file_parse(optarg, cfg) != 0) { *retval = 1; return (1); } } } int tls_protos_config_file = cfg->SELECTED_TLS_PROTOS; optind = 1; while (1) { int ret = 0; int option_index = 0; c = getopt_long(argc, argv, SHORT_OPTS, long_options, &option_index); if (c == -1) break; switch (c) { case 0: break; case CFG_PARAM_CFGFILE: /* Handled above */ break; case CFG_PARAM_SYSLOG_FACILITY: ret = config_param_validate(CFG_SYSLOG_FACILITY, optarg, cfg, NULL, 0); break; case 'c': ret = config_param_validate(CFG_CIPHERS, optarg, cfg, NULL, 0); break; case 'e': ret = config_param_validate(CFG_SSL_ENGINE, optarg, cfg, NULL, 0); break; case 'O': ret = config_param_validate(CFG_PREFER_SERVER_CIPHERS, CFG_BOOL_ON, cfg, NULL, 0); break; case 'b': ret = config_param_validate(CFG_BACKEND, optarg, cfg, NULL, 0); break; case 'f': ret = config_param_validate(CFG_FRONTEND, optarg, cfg, NULL, 0); break; case 'n': ret = config_param_validate(CFG_WORKERS, optarg, cfg, NULL, 0); break; case 'B': ret = config_param_validate(CFG_BACKLOG, optarg, cfg, NULL, 0); break; #ifdef USE_SHARED_CACHE case 'C': ret = config_param_validate(CFG_SHARED_CACHE, optarg, cfg, NULL, 0); break; case 'U': ret = config_param_validate(CFG_SHARED_CACHE_LISTEN, optarg, cfg, NULL, 0); break; case 'P': ret = config_param_validate(CFG_SHARED_CACHE_PEER, optarg, cfg, NULL, 0); break; case 'M': ret =config_param_validate(CFG_SHARED_CACHE_MCASTIF, optarg, cfg, NULL, 0); break; #endif case 'p': ret = config_param_validate(CFG_PIDFILE, optarg, cfg, NULL, 0); break; case 'k': ret = config_param_validate(CFG_KEEPALIVE, optarg, cfg, NULL, 0); break; case 'r': ret = config_param_validate(CFG_CHROOT, optarg, cfg, NULL, 0); break; case 'u': ret = config_param_validate(CFG_USER, optarg, cfg, NULL, 0); break; case 'g': ret = config_param_validate(CFG_GROUP, optarg, cfg, NULL, 0); break; case 'q': ret = config_param_validate(CFG_QUIET, CFG_BOOL_ON, cfg, NULL, 0); break; case 's': ret = config_param_validate(CFG_SYSLOG, CFG_BOOL_ON, cfg, NULL, 0); break; case 't': cfg->TEST = 1; break; case 'V': printf("%s %s\n", basename(argv[0]), VERSION); *retval = 0; return (1); break; case 'h': config_print_usage(argv[0]); *retval = 0; return (1); break; case 'o': ret = config_param_validate(CFG_OCSP_DIR, optarg, cfg, NULL, 0); break; case CFG_PARAM_ALPN_PROTOS: ret = config_param_validate(CFG_ALPN_PROTOS, optarg, cfg, NULL, 0); break; default: config_error_set("Invalid command line parameters. " "Run %s --help for instructions.", basename(argv[0])); *retval = 1; return (1); } if (ret != 0) { *retval = 1; return (1); } } if ((tls || ssl) && tls_protos_config_file != 0) { config_error_set("Deprecated options --tls and --ssl cannot be" " used to override tls-protos in a config file."); *retval = 1; return (1); } if (tls && ssl) { config_error_set("Options --tls and --ssl are mutually" " exclusive."); *retval = 1; return (1); } else { if (ssl) cfg->SELECTED_TLS_PROTOS = SSL_OPTION_PROTOS; else if (tls) cfg->SELECTED_TLS_PROTOS = TLS_OPTION_PROTOS; } if (cfg->SELECTED_TLS_PROTOS == 0) cfg->SELECTED_TLS_PROTOS = DEFAULT_TLS_PROTOS; if (client) cfg->PMODE = SSL_CLIENT; if ((!!cfg->WRITE_IP_OCTET + !!cfg->PROXY_PROXY_LINE + !!cfg->WRITE_PROXY_LINE_V1 + !!cfg->WRITE_PROXY_LINE_V2) >= 2) { config_error_set("Options --write-ip, --write-proxy-proxy," " --write-proxy-v1 and --write-proxy-v2 are" " mutually exclusive."); *retval = 1; return (1); } if (cfg->DAEMONIZE) { cfg->SYSLOG = 1; cfg->QUIET = 1; } #ifdef USE_SHARED_CACHE if (cfg->SHCUPD_IP != NULL && ! cfg->SHARED_CACHE) { config_error_set("Shared cache update listener is defined," " but shared cache is disabled."); *retval = 1; return (1); } #endif /* ALPN/NPN protocol negotiation additional configuration and error handling */ if (cfg->ALPN_PROTOS != NULL) { char *error; if (!create_alpn_callback_data(cfg, &error)) { if (error) config_error_set("alpn-protos configuration" " \"%s\" is bad. %s", cfg->ALPN_PROTOS, error); else config_error_set("alpn-protos configuration" " \"%s\" is bad. See man page for more" " info.", cfg->ALPN_PROTOS); *retval = 1; return (1); } AN(cfg->ALPN_PROTOS_LV); int multi_proto = cfg->ALPN_PROTOS_LV[0] != cfg->ALPN_PROTOS_LV_LEN - 1; if (multi_proto && !cfg->WRITE_PROXY_LINE_V2) { config_error_set("alpn-protos is specified with" " more than one protocol while proxy-v2 is " " not selected. This is a configuration" " error."); *retval = 1; return (1); /* Note that this test was carried out indepenently of the availability of ALPN / NPN */ } #if defined(OPENSSL_WITH_NPN) || defined(OPENSSL_WITH_ALPN) /* if (cfg->WRITE_PROXY_LINE_V2) fprintf(stderr, ALPN_NPN_PREFIX_STR " Negotiated protocol will be communicated to the" " backend.\n"); */ #ifndef OPENSSL_WITH_ALPN fprintf(stderr, ALPN_NPN_PREFIX_STR " Warning: Hitch has been" " compiled against a version of OpenSSL without ALPN" " support.\n"); #endif #else /* No support for ALPN / NPN support in OpenSSL */ if (multi_proto || 0 != strncmp(cfg->ALPN_PROTOS_LV, "\x8http/1.1", 9)) { config_error_set("This is compiled against OpenSSL version" " %lx, which does not have NPN or ALPN support," " yet alpn-protos has been set to %s.", OPENSSL_VERSION_NUMBER, cfg->ALPN_PROTOS); *retval = 1; return (1); } else fprintf(stderr, "This is compiled against OpenSSL version" " %lx, which does not have NPN or ALPN support." " alpn-protos setting \"http/1.1\" will be ignored.\n", OPENSSL_VERSION_NUMBER); #endif } // Any arguments left are presumed to be PEM files argc -= optind; argv += optind; for (i = 0; i < argc; i++) { if (config_param_validate(CFG_PEM_FILE, argv[i], cfg, NULL, 0)) { *retval = 1; return (1); } } if (cfg->PMODE == SSL_SERVER && cfg->CERT_DEFAULT == NULL) { struct front_arg *fa, *fatmp; HASH_ITER(hh, cfg->LISTEN_ARGS, fa, fatmp) { if (HASH_CNT(hh, fa->certs) == 0) { config_error_set("No x509 certificate PEM file " "specified for frontend '%s'!", fa->pspec); *retval = 1; return (1); } } } if (cfg->OCSP_DIR != NULL) { struct stat sb; if (stat(cfg->OCSP_DIR, &sb) != 0) { fprintf(stderr, "{ocsp} Warning: Unable to stat directory '%s': %s'." " OCSP stapling will be disabled.\n", cfg->OCSP_DIR, strerror(errno)); free(cfg->OCSP_DIR); cfg->OCSP_DIR = NULL; } else { if (!S_ISDIR(sb.st_mode)) { fprintf(stderr, "{ocsp} Bad ocsp-dir " "'%s': Not a directory." " OCSP stapling will be disabled.\n", cfg->OCSP_DIR); free(cfg->OCSP_DIR); cfg->OCSP_DIR = NULL; } } } return (0); } int create_alpn_callback_data(hitch_config *cfg, char **error) { size_t i = 1, j, l; AN(cfg->ALPN_PROTOS); l = strlen(cfg->ALPN_PROTOS); cfg->ALPN_PROTOS_LV = malloc(l + 1); AN(cfg->ALPN_PROTOS_LV); // first remove spaces while copying to cfg->ALPN_PROTOS_LV for(j = 0; j < l; j++) { if (!isspace(cfg->ALPN_PROTOS[j])) { cfg->ALPN_PROTOS_LV[i] = cfg->ALPN_PROTOS[j]; i++; } } l = i - 1; // same as before iff cfg->ALPN_PROTOS has no spaces i = 0; // location of next "length" byte for(j = 1; j <= l; j++) { if (cfg->ALPN_PROTOS_LV[j] == ',') { if (i + 1 == j) { *error = "alpn-protos has empty proto in list"; return (0); // failure } if (j - i > 256) { free(cfg->ALPN_PROTOS_LV); cfg->ALPN_PROTOS_LV = NULL; *error = "alpn protocol too long"; return (0); } cfg->ALPN_PROTOS_LV[i] = (unsigned char)(j - i - 1); i = j; } } if (i == j) { // alpn-protos ends with a comma - we let it slide cfg->ALPN_PROTOS_LV_LEN = l; } else { if (j - i > 256) { free(cfg->ALPN_PROTOS_LV); cfg->ALPN_PROTOS_LV = NULL; *error = "alpn protocol too long"; return (0); } cfg->ALPN_PROTOS_LV[i] = (unsigned char)(j - i - 1); cfg->ALPN_PROTOS_LV_LEN = l + 1; } return (1); // ok! } hitch-1.4.4/src/ocsp.c0000644000175000017500000004062713024470354011452 00000000000000/** * Copyright 2016 Varnish Software * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above * copyright notice, this list of conditions and the following * disclaimer. * * 2. Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials * provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY BUMP TECHNOLOGIES, INC. ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BUMP * TECHNOLOGIES, INC. OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include #include #include "logging.h" #include "hitch.h" #include "ocsp.h" #include "configuration.h" /* hitch.c */ extern hitch_config *CONFIG; extern struct ev_loop *loop; void HOCSP_free(sslstaple **staple) { if (*staple == NULL) return; free((*staple)->staple); FREE_OBJ(*staple); *staple = NULL; } int HOCSP_verify(sslctx *sc, OCSP_RESPONSE *resp, double *nextupd) { OCSP_BASICRESP *br = NULL; X509_STORE *store; STACK_OF(X509) *chain = NULL; OCSP_CERTID *cid = NULL; int status = -1, reason; ASN1_GENERALIZEDTIME *asn_nextupd = NULL; X509 *issuer; int i; int do_verify = sc->staple_vfy; int verify_flags = OCSP_TRUSTOTHER; if (sc->staple_vfy < 0) do_verify = CONFIG->OCSP_VFY; if (!do_verify) verify_flags |= OCSP_NOVERIFY; store = SSL_CTX_get_cert_store(sc->ctx); AN(store); #ifdef SSL_CTRL_GET_CHAIN_CERTS AN(SSL_CTX_get0_chain_certs(sc->ctx, &chain)); #else chain = sc->ctx->extra_certs; #endif br = OCSP_response_get1_basic(resp); if (br == NULL) { ERR("{core} OCSP_response_get1_basic failed (cert: %s)\n", sc->filename); goto err; } i = OCSP_basic_verify(br, chain, store, verify_flags); if (i <= 0) { log_ssl_error(NULL, "{core} Staple verification failed " "for cert %s\n", sc->filename); goto err; } issuer = Find_issuer(sc->x509, chain); if (issuer == NULL) { ERR("{core} Unable to find issuer for cert %s\n.", sc->filename); goto err; } cid = OCSP_cert_to_id(NULL, sc->x509, issuer); if (cid == NULL) { ERR("{core} OCSP_cert_to_id failed\n"); goto err; } if (OCSP_resp_find_status(br, cid, &status, &reason, NULL, NULL, &asn_nextupd) != 1) { ERR("{core} OCSP_resp_find_status failed: Unable to " "find OCSP response with a matching certificate id\n"); goto err; } if (status != V_OCSP_CERTSTATUS_GOOD) { ERR("{core} Certificate %s has status %s\n", sc->filename, OCSP_cert_status_str(status)); if (status == V_OCSP_CERTSTATUS_REVOKED) ERR("{core} Certificate %s revocation reason: %s\n", sc->filename, OCSP_crl_reason_str(reason)); goto err; } if (asn_nextupd != NULL) *nextupd = asn1_gentime_parse(asn_nextupd); else { *nextupd = -1.0; } OCSP_CERTID_free(cid); OCSP_BASICRESP_free(br); return (0); err: if (cid != NULL) OCSP_CERTID_free(cid); if (br != NULL) OCSP_BASICRESP_free(br); return (1); } #ifndef OPENSSL_NO_TLSEXT int HOCSP_staple_cb(SSL *ssl, void *priv) { sslstaple *staple; unsigned char *buf; CAST_OBJ_NOTNULL(staple, priv, SSLSTAPLE_MAGIC); if (staple->nextupd != -1 && staple->nextupd < Time_now()) { return (SSL_TLSEXT_ERR_NOACK); } /* SSL_set_tlsext_status_ocsp_resp will issue a free() on the * provided input, so we need to pass a copy. */ buf = malloc(staple->len); AN(buf); memcpy(buf, staple->staple, staple->len); if (SSL_set_tlsext_status_ocsp_resp(ssl, buf, staple->len) == 1) return (SSL_TLSEXT_ERR_OK); else free(buf); return (SSL_TLSEXT_ERR_NOACK); } #endif int HOCSP_init_resp(sslctx *sc, OCSP_RESPONSE *resp) { sslstaple *staple = NULL; int len, i; unsigned char *tmp, *buf; i = OCSP_response_status(resp); if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL) { ERR("{core} Error: OCSP response for cert %s has status %s\n", sc->filename, OCSP_response_status_str(i)); goto err; } len = i2d_OCSP_RESPONSE(resp, NULL); if (len < 0) { log_ssl_error(NULL, "{core} i2d_OCSP_RESPONSE"); goto err; } buf = malloc(len); AN(buf); tmp = buf; i = i2d_OCSP_RESPONSE(resp, &tmp); assert(i > 0); ALLOC_OBJ(staple, SSLSTAPLE_MAGIC); AN(staple); staple->staple = buf; staple->len = len; if (HOCSP_verify(sc, resp, &staple->nextupd) != 0) { goto err; } if (!SSL_CTX_set_tlsext_status_cb(sc->ctx, HOCSP_staple_cb)) { ERR("Error configuring status callback.\n"); goto err; } else if (!SSL_CTX_set_tlsext_status_arg(sc->ctx, staple)) { ERR("Error setting status callback argument.\n"); goto err; } if (sc->staple != NULL) HOCSP_free(&sc->staple); sc->staple = staple; return (0); err: if (staple != NULL) HOCSP_free(&staple); return (1); } static void hocsp_stat_cb(struct ev_loop *loop, ev_stat *w, int revents) { sslctx *sc; sslstaple *oldstaple; (void) revents; (void) loop; CAST_OBJ_NOTNULL(sc, w->data, SSLCTX_MAGIC); if (w->attr.st_nlink) { oldstaple = sc->staple; sc->staple = NULL; AN(sc->staple_fn); if (HOCSP_init_file(sc->staple_fn, sc, 1) != 0) { sc->staple = oldstaple; return; } HOCSP_free(&oldstaple); LOG("{core} Loaded cached OCSP staple for cert '%s'\n", sc->filename); } } void HOCSP_ev_stat(sslctx *sc) { char *fn; STACK_OF(OPENSSL_STRING) *sk_uri = NULL; AN(sc->x509); sk_uri = X509_get1_ocsp(sc->x509); if (sk_uri == NULL || sk_OPENSSL_STRING_num(sk_uri) == 0) { goto err; } fn = HOCSP_fn(sc->filename); if (fn == NULL) goto err; free(sc->staple_fn); sc->staple_fn = fn; sc->ev_staple = malloc(sizeof *sc->ev_staple); AN(sc->ev_staple); sc->ev_staple->data = sc; ev_stat_init(sc->ev_staple, hocsp_stat_cb, fn, 0); err: if (sk_uri != NULL) X509_email_free(sk_uri); } static OCSP_REQUEST * hocsp_mkreq(ocspquery *oq) { OCSP_REQUEST *req; OCSP_CERTID *cid; STACK_OF(X509) *chain = NULL; X509 *issuer; CHECK_OBJ_NOTNULL(oq, OCSPQUERY_MAGIC); CHECK_OBJ_NOTNULL(oq->sctx, SSLCTX_MAGIC); #ifdef SSL_CTRL_GET_CHAIN_CERTS AN(SSL_CTX_get0_chain_certs(oq->sctx->ctx, &chain)); #else chain = oq->sctx->ctx->extra_certs; #endif issuer = Find_issuer(oq->sctx->x509, chain); if (issuer == NULL) { ERR("{ocsp} Unable to find issuer for cert %s\n.", oq->sctx->filename); return (NULL); } cid = OCSP_cert_to_id(NULL, oq->sctx->x509, issuer); if (cid == NULL) { ERR("{ocsp} OCSP_cert_to_id failed for cert %s\n", oq->sctx->filename); return (NULL); } req = OCSP_REQUEST_new(); if (req == NULL) { ERR("{ocsp} OCSP_REQUEST_new failed\n"); OCSP_CERTID_free(cid); return (NULL); } if (OCSP_request_add0_id(req, cid) == NULL) { ERR("{ocsp} OCSP_request_add0_id failed\n"); OCSP_CERTID_free(cid); OCSP_REQUEST_free(req); return (NULL); } return (req); } /* Save a downloaded staple to the file system. * Process: OCSP child */ static int hocsp_proc_persist(sslctx *sc) { char *dstfile = NULL; int fd = -1; struct vsb *tmpfn; CHECK_OBJ_NOTNULL(sc, SSLCTX_MAGIC); CHECK_OBJ_NOTNULL(sc->staple, SSLSTAPLE_MAGIC); dstfile = HOCSP_fn(sc->filename); if (dstfile == NULL) return (1); (void)umask(027); tmpfn = VSB_new_auto(); AN(tmpfn); VSB_printf(tmpfn, "%s.XXXXXX", dstfile); VSB_finish(tmpfn); fd = mkstemp(VSB_data(tmpfn)); if (fd < 0) { if (errno == EACCES) ERR("{ocsp} Error: ocsp-dir '%s' is not " "writable for the configured user\n", CONFIG->OCSP_DIR); else ERR("{ocsp} hocsp_proc_persist: mkstemp: %s: %s\n", VSB_data(tmpfn), strerror(errno)); goto err; } if (write(fd, sc->staple->staple, sc->staple->len) != sc->staple->len) { ERR("{ocsp} hocsp_proc_persist: write: %s\n", strerror(errno)); (void) close(fd); goto err; } if(close(fd) != 0) { ERR("{ocsp} hocsp_proc_persist: close: %s\n", strerror(errno)); goto err; } if (rename(VSB_data(tmpfn), dstfile) != 0) { ERR("{ocsp} hocsp_proc_persist: rename: %s: %s\n", strerror(errno), dstfile); goto err; } /* worker procs notified via ev_stat (inotify/stat) */ VSB_delete(tmpfn); free(dstfile); return (0); err: unlink(VSB_data(tmpfn)); VSB_delete(tmpfn); free(dstfile); return (1); } int HOCSP_init_file(const char *ocspfn, sslctx *sc, int is_cached) { BIO *bio; OCSP_RESPONSE *resp; if (ocspfn == NULL) { return (1); } bio = BIO_new_file(ocspfn, "r"); if (bio == NULL) { if (is_cached) return (1); ERR("Error loading status file '%s'\n", ocspfn); return (1); } resp = d2i_OCSP_RESPONSE_bio(bio, NULL); BIO_free(bio); if (resp == NULL) { ERR("Error parsing OCSP staple in '%s'\n", ocspfn); return (1); } if (HOCSP_init_resp(sc, resp) != 0) goto err; CHECK_OBJ_NOTNULL(sc->staple, SSLSTAPLE_MAGIC); OCSP_RESPONSE_free(resp); return (0); err: if (resp != NULL) OCSP_RESPONSE_free(resp); return (1); } char * HOCSP_fn(const char *certfn) { EVP_MD_CTX *mdctx = NULL; unsigned char md_val[EVP_MAX_MD_SIZE]; unsigned int i, md_len; struct vsb *vsb; char *res; if (CONFIG->OCSP_DIR == NULL) { ERR("{ocsp} Error: OCSP directory not specified.\n"); return (NULL); } mdctx = EVP_MD_CTX_create(); if (mdctx == NULL) { ERR("{ocsp} EVP_MD_CTX_create failed\n"); goto err; } if (EVP_DigestInit_ex(mdctx, EVP_md5(), NULL) != 1) { ERR("{ocsp} EVP_DigestInit_ex in ocsp_fn() failed\n"); goto err; } if (EVP_DigestUpdate(mdctx, certfn, strlen(certfn)) != 1) { ERR("{ocsp} EVP_DigestUpdate in ocsp_fn() failed\n"); goto err; } if (EVP_DigestFinal_ex(mdctx, md_val, &md_len) != 1) { ERR("{ocsp} EVP_DigestFinal_ex in ocsp_fn() failed\n"); goto err; } EVP_MD_CTX_destroy(mdctx); vsb = VSB_new_auto(); AN(vsb); VSB_cat(vsb, CONFIG->OCSP_DIR); VSB_putc(vsb, '/'); for (i = 0; i < md_len; i++) VSB_printf(vsb, "%02x", md_val[i]); VSB_finish(vsb); res = strdup(VSB_data(vsb)); AN(res); VSB_delete(vsb); return (res); err: if (mdctx != NULL) EVP_MD_CTX_destroy(mdctx); return (NULL); } static void hocsp_query_responder(struct ev_loop *loop, ev_timer *w, int revents); /* Start a per-sslctx evloop timer that downloads the OCSP staple. * Process: OCSP child */ void HOCSP_mktask(sslctx *sc, ocspquery *oq, double refresh_hint) { double refresh = -1.0; double tnow; STACK_OF(OPENSSL_STRING) *sk_uri; tnow = Time_now(); if (sc->staple != NULL) { CHECK_OBJ_NOTNULL(sc->staple, SSLSTAPLE_MAGIC); if (sc->staple->nextupd > 0) { refresh = sc->staple->nextupd - tnow - 600; if (refresh < 0) refresh = 0.0; } else refresh = 1800; } else { AN(sc->x509); sk_uri = X509_get1_ocsp(sc->x509); if (sk_uri == NULL || sk_OPENSSL_STRING_num(sk_uri) == 0) { LOG("{ocsp} Note: No OCSP responder URI found " "for cert %s\n", sc->filename); if (sk_uri != NULL) X509_email_free(sk_uri); return; } /* schedule for immediate retrieval */ X509_email_free(sk_uri); refresh = 0.0; } if (refresh < refresh_hint) refresh = refresh_hint; if (oq == NULL) ALLOC_OBJ(oq, OCSPQUERY_MAGIC); CHECK_OBJ_NOTNULL(oq, OCSPQUERY_MAGIC); oq->sctx = sc; assert(refresh >= 0.0); ev_timer_init(&oq->ev_t_refresh, hocsp_query_responder, refresh, 0.); oq->ev_t_refresh.data = oq; ev_timer_start(loop, &oq->ev_t_refresh); LOG("{ocsp} Refresh of OCSP staple for %s scheduled in " "%.0lf seconds\n", sc->filename, refresh); } static void hocsp_query_responder(struct ev_loop *loop, ev_timer *w, int revents) { ocspquery *oq; OCSP_REQUEST *req = NULL; OCSP_REQ_CTX *rctx = NULL; STACK_OF(OPENSSL_STRING) *sk_uri; char *host = NULL, *port = NULL, *path = NULL; int https = 0; BIO *cbio = NULL, *sbio; SSL_CTX *ctx = NULL; OCSP_RESPONSE *resp = NULL; double resp_tmo; fd_set fds; struct timeval tv; int n, fd; double refresh_hint = 60; (void) loop; (void) revents; CAST_OBJ_NOTNULL(oq, w->data, OCSPQUERY_MAGIC); sk_uri = X509_get1_ocsp(oq->sctx->x509); AN(sk_uri); AN(OCSP_parse_url(sk_OPENSSL_STRING_value(sk_uri, 0), &host, &port, &path, &https)); X509_email_free(sk_uri); req = hocsp_mkreq(oq); if (req == NULL) { /* If we weren't able to create a request, there is no * use in scheduling a retry. */ FREE_OBJ(oq); goto err; } /* printf("host: %s port: %s path: %s ssl: %d\n", */ /* host, port, path, https); */ cbio = BIO_new_connect(host); if (cbio == NULL) { refresh_hint = 60; goto retry; } if (port == NULL) { if (https) port = "443"; else port = "80"; } AN(BIO_set_conn_port(cbio, port)); if (https) { ctx = SSL_CTX_new(SSLv23_client_method()); AN(ctx); SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3); SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY); sbio = BIO_new_ssl(ctx, 1); if (sbio == NULL) { ERR("{ocsp} BIO_new_ssl failed: %s\n", strerror(errno)); refresh_hint = 60; goto retry; } cbio = BIO_push(sbio, cbio); AN(cbio); } /* set non-blocking */ BIO_set_nbio(cbio, 1); n = BIO_do_connect(cbio); if (n <= 0 && !BIO_should_retry(cbio)) { ERR("{ocsp} Error connecting to %s:%s\n", host, port); refresh_hint = 300; goto retry; } assert(BIO_get_fd(cbio, &fd) >= 0); if (n <= 0) { FD_ZERO(&fds); FD_SET(fd, &fds); tv.tv_sec = CONFIG->OCSP_CONN_TMO; tv.tv_usec = (CONFIG->OCSP_CONN_TMO - tv.tv_sec) * 1e6; n = select(fd + 1, NULL, (void *) &fds, NULL, &tv); if (n == 0) { /* connect timeout */ ERR("{ocsp} Error: Connection to %s:%s timed out. " "Hit parameter 'ocsp-connect-tmo" " [current value: %.3fs]\n", host, port, CONFIG->OCSP_CONN_TMO); refresh_hint = 300; goto retry; } else if (n < 0) { ERR("{ocsp} Error: Connecting to %s:%s failed: " "select: %s\n", host, port, strerror(errno)); refresh_hint = 300; goto retry; } } rctx = OCSP_sendreq_new(cbio, path, NULL, 0); if (rctx == NULL) { ERR("{ocsp} OCSP_sendreq_new failed\n"); refresh_hint = 60; goto retry; } if (OCSP_REQ_CTX_add1_header(rctx, "Host", host) == 0) { ERR("{ocsp} OCSP_REQ_CTX_add1_header failed\n"); refresh_hint = 60; goto retry; } if (OCSP_REQ_CTX_set1_req(rctx, req) == 0) { ERR("{ocsp} OCSP_REQ_CTX_set1_req failed\n"); refresh_hint = 60; goto retry; } resp_tmo = Time_now() + CONFIG->OCSP_RESP_TMO; while (1) { double tnow; n = OCSP_sendreq_nbio(&resp, rctx); if (n == 0) { /* this is an error, and we can't continue */ ERR("{ocsp} OCSP_sendreq_nbio failed for %s:%s.\n", host, port); refresh_hint = 300; goto retry; } else if (n == 1) { /* complete */ break; } FD_ZERO(&fds); FD_SET(fd, &fds); tnow = Time_now(); tv.tv_sec = resp_tmo - tnow; tv.tv_usec = ((resp_tmo - tnow) - tv.tv_sec) * 1e6; if (BIO_should_read(cbio)) n = select(fd + 1, (void *) &fds, NULL, NULL, &tv); else if (BIO_should_write(cbio)) n = select(fd + 1, NULL, (void *) &fds, NULL, &tv); else { /* BIO_should_io_special? */ refresh_hint = 300; goto retry; } if (n == -1) { if (errno == EINTR) continue; ERR("{ocsp} Error: Transmission failed:" " select: %s\n", strerror(errno)); refresh_hint = 300; goto retry; } if (n == 0) { /* timeout */ ERR("{ocsp} Error: Transmission timeout for %s:%s. " "Consider increasing parameter 'ocsp-resp-tmo'" " [current value: %.3fs]\n", host, port, CONFIG->OCSP_RESP_TMO); refresh_hint = 300; goto retry; } } if (resp == NULL) { /* fetch failed. Retry later. */ refresh_hint = 600.0; } else { if (HOCSP_init_resp(oq->sctx, resp) == 0) { LOG("{ocsp} Retrieved new staple for cert %s\n", oq->sctx->filename); if (hocsp_proc_persist(oq->sctx) != 0) { refresh_hint = 300; goto retry; } } else { refresh_hint = 300; goto retry; } } retry: HOCSP_mktask(oq->sctx, oq, refresh_hint); err: if (rctx) OCSP_REQ_CTX_free(rctx); if (req) OCSP_REQUEST_free(req); if (resp) OCSP_RESPONSE_free(resp); if (cbio) BIO_free_all(cbio); if (ctx) SSL_CTX_free(ctx); } hitch-1.4.4/src/logging.c0000644000175000017500000001255113003667032012125 00000000000000/** * Copyright 2016 Varnish Software * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above * copyright notice, this list of conditions and the following * disclaimer. * * 2. Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials * provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY VARNISH SOFTWARE ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BUMP * TECHNOLOGIES, INC. OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include #include /* TCP_NODELAY */ #include #include #include #include #include /* WAIT_PID */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include "logging.h" #include "config.h" #include "configuration.h" #include "hitch.h" #include "hssl_locks.h" #include "ocsp.h" #include "shctx.h" #include "foreign/vpf.h" #include "foreign/uthash.h" /* hitch.c */ extern hitch_config *CONFIG; #define LOG_REOPEN_INTERVAL 60 FILE * logfile; struct stat logf_st; time_t logf_check_t; #define LOGPROXY(...) \ do { \ if (!CONFIG->QUIET && (logfile || CONFIG->SYSLOG)) \ logproxy(LOG_INFO, __VA_ARGS__ ); \ } while(0) #define ERRPROXY(...) \ do { \ if (logfile || CONFIG->SYSLOG) \ logproxy(LOG_ERR, __VA_ARGS__ ); \ } while (0) double Time_now(void) { struct timespec tv; AZ(clock_gettime(CLOCK_REALTIME, &tv)); return (tv.tv_sec + 1e-9 * tv.tv_nsec); } void VWLOG(int level, const char *fmt, va_list ap) { struct timeval tv; struct tm tm; char buf[1024]; int n; va_list ap1; va_copy(ap1, ap); if (CONFIG->SYSLOG) { vsyslog(level, fmt, ap); } if (!logfile) { va_end(ap1); return; } AZ(gettimeofday(&tv, NULL)); if (logfile != stdout && logfile != stderr && tv.tv_sec >= logf_check_t + LOG_REOPEN_INTERVAL) { struct stat st; if (stat(CONFIG->LOG_FILENAME, &st) < 0 || st.st_dev != logf_st.st_dev || st.st_ino != logf_st.st_ino) { fclose(logfile); logfile = fopen(CONFIG->LOG_FILENAME, "a"); if (logfile == NULL || fstat(fileno(logfile), &logf_st) < 0) memset(&logf_st, 0, sizeof(logf_st)); } logf_check_t = tv.tv_sec; } AN(localtime_r(&tv.tv_sec, &tm)); n = strftime(buf, sizeof(buf), "%Y%m%dT%H%M%S", &tm); snprintf(buf + n, sizeof(buf) - n, ".%06d [%5d] %s", (int) tv.tv_usec, getpid(), fmt); vfprintf(logfile, buf, ap1); va_end(ap1); } void WLOG(int level, const char *fmt, ...) { va_list ap; va_start(ap, fmt); VWLOG(level, fmt, ap); va_end(ap); } #define LOG(...) \ do { \ if (!CONFIG->QUIET) \ WLOG(LOG_INFO, __VA_ARGS__ ); \ } while (0) #define ERR(...) WLOG(LOG_ERR, __VA_ARGS__ ) #define LOGL(...) WLOG(LOG_INFO, __VA_ARGS__) #define SOCKERR(msg) \ do { \ if (errno == ECONNRESET) { \ LOG(msg ": %s\n", strerror(errno)); \ } else { \ ERR(msg ": %s\n", strerror(errno)); \ } \ } while (0) void logproxy(int level, const proxystate* ps, const char *fmt, ...) { char buf[1024]; char hbuf[INET6_ADDRSTRLEN+1]; char sbuf[8]; int n; va_list ap; socklen_t salen; CHECK_OBJ_NOTNULL(ps, PROXYSTATE_MAGIC); salen = (ps->remote_ip.ss_family == AF_INET) ? sizeof(struct sockaddr) : sizeof(struct sockaddr_in6); n = getnameinfo((struct sockaddr *) &ps->remote_ip, salen, hbuf, sizeof hbuf, sbuf, sizeof sbuf, NI_NUMERICHOST | NI_NUMERICSERV); if (n != 0) { strcpy(hbuf, "n/a"); strcpy(sbuf, "n/a"); } va_start(ap, fmt); if (ps->remote_ip.ss_family == AF_INET) snprintf(buf, sizeof(buf), "%s:%s :%d %d:%d %s", hbuf, sbuf, ps->connect_port, ps->fd_up, ps->fd_down, fmt); else snprintf(buf, sizeof(buf), "[%s]:%s :%d %d:%d %s", hbuf, sbuf, ps->connect_port, ps->fd_up, ps->fd_down, fmt); VWLOG(level, buf, ap); va_end(ap); } // XXX: Rename void fail(const char *s) { ERR("%s: %s\n", s, strerror(errno)); exit(1); } void log_ssl_error(proxystate *ps, const char *what, ...) { va_list ap; int e; char buf[256]; char whatbuf[1024]; CHECK_OBJ_ORNULL(ps, PROXYSTATE_MAGIC); va_start(ap, what); vsnprintf(whatbuf, sizeof(whatbuf), what, ap); va_end(ap); while ((e = ERR_get_error())) { ERR_error_string_n(e, buf, sizeof(buf)); if (ps) ERRPROXY(ps, "%s: %s\n", whatbuf, buf); else ERR("%s: %s\n", whatbuf, buf); } } hitch-1.4.4/src/sysl_tbl.h0000644000175000017500000000106212710627110012327 00000000000000SYSLOG_FAC(LOG_AUTH, "auth") SYSLOG_FAC(LOG_AUTHPRIV, "authpriv") SYSLOG_FAC(LOG_CRON, "cron") SYSLOG_FAC(LOG_DAEMON, "daemon") SYSLOG_FAC(LOG_FTP, "ftp") SYSLOG_FAC(LOG_LOCAL0, "local0") SYSLOG_FAC(LOG_LOCAL1, "local1") SYSLOG_FAC(LOG_LOCAL2, "local2") SYSLOG_FAC(LOG_LOCAL3, "local3") SYSLOG_FAC(LOG_LOCAL4, "local4") SYSLOG_FAC(LOG_LOCAL5, "local5") SYSLOG_FAC(LOG_LOCAL6, "local6") SYSLOG_FAC(LOG_LOCAL7, "local7") SYSLOG_FAC(LOG_LPR, "lpr") SYSLOG_FAC(LOG_MAIL, "mail") SYSLOG_FAC(LOG_NEWS, "news") SYSLOG_FAC(LOG_USER, "user") SYSLOG_FAC(LOG_UUCP, "uucp") hitch-1.4.4/src/ringbuffer.c0000644000175000017500000000765013003667032012634 00000000000000/*- * Copyright 2011 Bump Technologies, Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY BUMP TECHNOLOGIES, INC. ``AS IS'' AND ANY * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE * DISCLAIMED. IN NO EVENT SHALL BUMP TECHNOLOGIES, INC. OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF * THE POSSIBILITY OF SUCH DAMAGE. * * The views and conclusions contained in the software and documentation are * those of the authors and should not be interpreted as representing * official policies, either expressed or implied, of Bump Technologies, Inc. * **/ #include #include "foreign/vas.h" #include "ringbuffer.h" /* Initialize a ringbuffer structure to empty */ void ringbuffer_init(ringbuffer *rb, int num_slots, int data_len) { rb->num_slots = num_slots ?: DEF_RING_SLOTS; rb->data_len = data_len ?: DEF_RING_DATA_LEN; rb->slots = malloc(rb->num_slots * sizeof(rb->slots[0])); AN(rb->slots); rb->head = &rb->slots[0]; rb->tail = &rb->slots[0]; int x; for (x=0; x < rb->num_slots; x++) { rb->slots[x].next = &(rb->slots[(x + 1) % rb->num_slots]); rb->slots[x].data = malloc(rb->data_len); AN(rb->slots[x].data); } rb->used = 0; rb->bytes_written = 0; } void ringbuffer_cleanup(ringbuffer *rb) { int x; for (x=0; x < rb->num_slots; x++) { free(rb->slots[x].data); } free(rb->slots); } /** READ FUNCTIONS **/ /* Return a char * that represents the current unconsumed buffer */ char * ringbuffer_read_next(ringbuffer *rb, int * length) { assert(rb->used); *length = rb->head->left; return rb->head->ptr; } /* Mark consumption of only part of the read head buffer */ void ringbuffer_read_skip(ringbuffer *rb, int length) { assert(rb->used); rb->head->ptr += length; rb->head->left -= length; } /* Pop a consumed (fully read) head from the buffer */ void ringbuffer_read_pop(ringbuffer *rb) { assert(rb->used); rb->head = rb->head->next; rb->used--; } /** WRITE FUNCTIONS **/ /* Return the tail ptr (current target of new writes) */ char * ringbuffer_write_ptr(ringbuffer *rb) { assert(rb->used < rb->num_slots); return rb->tail->data; } /* Mark the tail appended for `length` bytes, and move the cursor * to the next slot */ void ringbuffer_write_append(ringbuffer *rb, int length) { assert(rb->used < rb->num_slots); rb->used++; rb->tail->ptr = rb->tail->data; rb->tail->left = length; rb->tail = rb->tail->next; } /** RING STATE FUNCTIONS **/ /* Used size of the ringbuffer */ int ringbuffer_size(ringbuffer *rb) { return rb->used; } /* Used size of the ringbuffer */ int ringbuffer_capacity(ringbuffer *rb) { return rb->num_slots; } /* Is the ringbuffer completely empty (implies: no data to be written) */ int ringbuffer_is_empty(ringbuffer *rb) { return rb->used == 0; } /* Is the ringbuffer completely full (implies: no more data should be read) */ int ringbuffer_is_full(ringbuffer *rb) { return rb->used == rb->num_slots; } hitch-1.4.4/src/ocsp.h0000644000175000017500000000115313003667032011444 00000000000000/* * */ #ifndef OCSP_H_INCLUDED #define OCSP_H_INCLUDED #include "hitch.h" typedef struct ocspquery_s { unsigned magic; #define OCSPQUERY_MAGIC 0xb91c4eb1 ev_timer ev_t_refresh; sslctx *sctx; /* */ } ocspquery; void HOCSP_free(sslstaple **staple); int HOCSP_init_resp(sslctx *sc, OCSP_RESPONSE *resp); int HOCSP_verify(sslctx *sc, OCSP_RESPONSE *resp, double *nextupd); char * HOCSP_fn(const char *certfn); int HOCSP_init_file(const char *ocspfn, sslctx *sc, int is_cached); void HOCSP_mktask(sslctx *sc, ocspquery *oq, double refresh_hint); void HOCSP_ev_stat(sslctx *sc); #endif /* OCSP_H_INCLUDED */ hitch-1.4.4/src/Makefile.in0000644000175000017500000010611713026747414012412 00000000000000# Makefile.in generated by automake 1.15 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2014 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : sbin_PROGRAMS = hitch$(EXEEXT) @USE_SHCTX_TRUE@am__append_1 = -DUSE_SHARED_CACHE -DUSE_SYSCALL_FUTEX \ @USE_SHCTX_TRUE@ -Iebtree @USE_SHCTX_TRUE@am__append_2 = shctx.c @USE_SHCTX_TRUE@am__append_3 = ebtree/libebtree.a subdir = src ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(nobase_noinst_HEADERS) \ $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(sbindir)" PROGRAMS = $(sbin_PROGRAMS) am__hitch_SOURCES_DIST = configuration.c ringbuffer.c hitch.c \ cfg_parser.y cfg_lex.l hssl_locks.c asn_gentm.c ocsp.c \ logging.c foreign/vpf.c foreign/flopen.c foreign/vas.c \ foreign/vsb.c shctx.c am__dirstamp = $(am__leading_dot)dirstamp @USE_SHCTX_TRUE@am__objects_1 = shctx.$(OBJEXT) am_hitch_OBJECTS = configuration.$(OBJEXT) ringbuffer.$(OBJEXT) \ hitch.$(OBJEXT) cfg_parser.$(OBJEXT) cfg_lex.$(OBJEXT) \ hssl_locks.$(OBJEXT) asn_gentm.$(OBJEXT) ocsp.$(OBJEXT) \ logging.$(OBJEXT) foreign/vpf.$(OBJEXT) \ foreign/flopen.$(OBJEXT) foreign/vas.$(OBJEXT) \ foreign/vsb.$(OBJEXT) $(am__objects_1) hitch_OBJECTS = $(am_hitch_OBJECTS) am__DEPENDENCIES_1 = hitch_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__append_3) AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp am__depfiles_maybe = depfiles am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) AM_V_CC = $(am__v_CC_@AM_V@) am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) am__v_CC_0 = @echo " CC " $@; am__v_CC_1 = CCLD = $(CC) LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = @MAINTAINER_MODE_FALSE@am__skiplex = test -f $@ || LEXCOMPILE = $(LEX) $(AM_LFLAGS) $(LFLAGS) AM_V_LEX = $(am__v_LEX_@AM_V@) am__v_LEX_ = $(am__v_LEX_@AM_DEFAULT_V@) am__v_LEX_0 = @echo " LEX " $@; am__v_LEX_1 = YLWRAP = $(top_srcdir)/build-aux/ylwrap @MAINTAINER_MODE_FALSE@am__skipyacc = test -f $@ || am__yacc_c2h = sed -e s/cc$$/hh/ -e s/cpp$$/hpp/ -e s/cxx$$/hxx/ \ -e s/c++$$/h++/ -e s/c$$/h/ YACCCOMPILE = $(YACC) $(AM_YFLAGS) $(YFLAGS) AM_V_YACC = $(am__v_YACC_@AM_V@) am__v_YACC_ = $(am__v_YACC_@AM_DEFAULT_V@) am__v_YACC_0 = @echo " YACC " $@; am__v_YACC_1 = SOURCES = $(hitch_SOURCES) DIST_SOURCES = $(am__hitch_SOURCES_DIST) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac HEADERS = $(nobase_noinst_HEADERS) am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags am__tty_colors_dummy = \ mgn= red= grn= lgn= blu= brg= std=; \ am__color_tests=no am__tty_colors = { \ $(am__tty_colors_dummy); \ if test "X$(AM_COLOR_TESTS)" = Xno; then \ am__color_tests=no; \ elif test "X$(AM_COLOR_TESTS)" = Xalways; then \ am__color_tests=yes; \ elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \ am__color_tests=yes; \ fi; \ if test $$am__color_tests = yes; then \ red=''; \ grn=''; \ lgn=''; \ blu=''; \ mgn=''; \ brg=''; \ std=''; \ fi; \ } am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; am__install_max = 40 am__nobase_strip_setup = \ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` am__nobase_strip = \ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" am__nobase_list = $(am__nobase_strip_setup); \ for p in $$list; do echo "$$p $$p"; done | \ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ if (++n[$$2] == $(am__install_max)) \ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ END { for (dir in files) print dir, files[dir] }' am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__uninstall_files_from_dir = { \ test -z "$$files" \ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ $(am__cd) "$$dir" && rm -f $$files; }; \ } am__recheck_rx = ^[ ]*:recheck:[ ]* am__global_test_result_rx = ^[ ]*:global-test-result:[ ]* am__copy_in_global_log_rx = ^[ ]*:copy-in-global-log:[ ]* # A command that, given a newline-separated list of test names on the # standard input, print the name of the tests that are to be re-run # upon "make recheck". am__list_recheck_tests = $(AWK) '{ \ recheck = 1; \ while ((rc = (getline line < ($$0 ".trs"))) != 0) \ { \ if (rc < 0) \ { \ if ((getline line2 < ($$0 ".log")) < 0) \ recheck = 0; \ break; \ } \ else if (line ~ /$(am__recheck_rx)[nN][Oo]/) \ { \ recheck = 0; \ break; \ } \ else if (line ~ /$(am__recheck_rx)[yY][eE][sS]/) \ { \ break; \ } \ }; \ if (recheck) \ print $$0; \ close ($$0 ".trs"); \ close ($$0 ".log"); \ }' # A command that, given a newline-separated list of test names on the # standard input, create the global log from their .trs and .log files. am__create_global_log = $(AWK) ' \ function fatal(msg) \ { \ print "fatal: making $@: " msg | "cat >&2"; \ exit 1; \ } \ function rst_section(header) \ { \ print header; \ len = length(header); \ for (i = 1; i <= len; i = i + 1) \ printf "="; \ printf "\n\n"; \ } \ { \ copy_in_global_log = 1; \ global_test_result = "RUN"; \ while ((rc = (getline line < ($$0 ".trs"))) != 0) \ { \ if (rc < 0) \ fatal("failed to read from " $$0 ".trs"); \ if (line ~ /$(am__global_test_result_rx)/) \ { \ sub("$(am__global_test_result_rx)", "", line); \ sub("[ ]*$$", "", line); \ global_test_result = line; \ } \ else if (line ~ /$(am__copy_in_global_log_rx)[nN][oO]/) \ copy_in_global_log = 0; \ }; \ if (copy_in_global_log) \ { \ rst_section(global_test_result ": " $$0); \ while ((rc = (getline line < ($$0 ".log"))) != 0) \ { \ if (rc < 0) \ fatal("failed to read from " $$0 ".log"); \ print line; \ }; \ printf "\n"; \ }; \ close ($$0 ".trs"); \ close ($$0 ".log"); \ }' # Restructured Text title. am__rst_title = { sed 's/.*/ & /;h;s/./=/g;p;x;s/ *$$//;p;g' && echo; } # Solaris 10 'make', and several other traditional 'make' implementations, # pass "-e" to $(SHELL), and POSIX 2008 even requires this. Work around it # by disabling -e (using the XSI extension "set +e") if it's set. am__sh_e_setup = case $$- in *e*) set +e;; esac # Default flags passed to test drivers. am__common_driver_flags = \ --color-tests "$$am__color_tests" \ --enable-hard-errors "$$am__enable_hard_errors" \ --expect-failure "$$am__expect_failure" # To be inserted before the command running the test. Creates the # directory for the log if needed. Stores in $dir the directory # containing $f, in $tst the test, in $log the log. Executes the # developer- defined test setup AM_TESTS_ENVIRONMENT (if any), and # passes TESTS_ENVIRONMENT. Set up options for the wrapper that # will run the test scripts (or their associated LOG_COMPILER, if # thy have one). am__check_pre = \ $(am__sh_e_setup); \ $(am__vpath_adj_setup) $(am__vpath_adj) \ $(am__tty_colors); \ srcdir=$(srcdir); export srcdir; \ case "$@" in \ */*) am__odir=`echo "./$@" | sed 's|/[^/]*$$||'`;; \ *) am__odir=.;; \ esac; \ test "x$$am__odir" = x"." || test -d "$$am__odir" \ || $(MKDIR_P) "$$am__odir" || exit $$?; \ if test -f "./$$f"; then dir=./; \ elif test -f "$$f"; then dir=; \ else dir="$(srcdir)/"; fi; \ tst=$$dir$$f; log='$@'; \ if test -n '$(DISABLE_HARD_ERRORS)'; then \ am__enable_hard_errors=no; \ else \ am__enable_hard_errors=yes; \ fi; \ case " $(XFAIL_TESTS) " in \ *[\ \ ]$$f[\ \ ]* | *[\ \ ]$$dir$$f[\ \ ]*) \ am__expect_failure=yes;; \ *) \ am__expect_failure=no;; \ esac; \ $(AM_TESTS_ENVIRONMENT) $(TESTS_ENVIRONMENT) # A shell command to get the names of the tests scripts with any registered # extension removed (i.e., equivalently, the names of the test logs, with # the '.log' extension removed). The result is saved in the shell variable # '$bases'. This honors runtime overriding of TESTS and TEST_LOGS. Sadly, # we cannot use something simpler, involving e.g., "$(TEST_LOGS:.log=)", # since that might cause problem with VPATH rewrites for suffix-less tests. # See also 'test-harness-vpath-rewrite.sh' and 'test-trs-basic.sh'. am__set_TESTS_bases = \ bases='$(TEST_LOGS)'; \ bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \ bases=`echo $$bases` RECHECK_LOGS = $(TEST_LOGS) AM_RECURSIVE_TARGETS = check recheck TEST_SUITE_LOG = test-suite.log am__test_logs1 = $(TESTS:=.log) am__test_logs2 = $(am__test_logs1:@EXEEXT@.log=.log) TEST_LOGS = $(am__test_logs2:.sh.log=.log) SH_LOG_DRIVER = $(SHELL) $(top_srcdir)/build-aux/test-driver SH_LOG_COMPILE = $(SH_LOG_COMPILER) $(AM_SH_LOG_FLAGS) $(SH_LOG_FLAGS) am__set_b = \ case '$@' in \ */*) \ case '$*' in \ */*) b='$*';; \ *) b=`echo '$@' | sed 's/\.log$$//'`; \ esac;; \ *) \ b='$*';; \ esac am__DIST_COMMON = $(srcdir)/Makefile.in \ $(top_srcdir)/build-aux/depcomp \ $(top_srcdir)/build-aux/test-driver \ $(top_srcdir)/build-aux/ylwrap cfg_lex.c cfg_parser.c \ cfg_parser.h DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CRYPTO_CFLAGS = @CRYPTO_CFLAGS@ CRYPTO_LIBS = @CRYPTO_LIBS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EV_CFLAGS = @EV_CFLAGS@ EV_LIBS = @EV_LIBS@ EXEEXT = @EXEEXT@ GREP = @GREP@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ RST2MAN = @RST2MAN@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SH_TESTS = @SH_TESTS@ SSL_CFLAGS = @SSL_CFLAGS@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ build_alias = @build_alias@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host_alias = @host_alias@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ EXTRA_DIST = tests AM_CPPFLAGS = $(EV_CFLAGS) AM_CFLAGS = -O2 -g -std=c99 -fno-strict-aliasing -Wall -W \ -D_GNU_SOURCE $(am__append_1) AM_YFLAGS = -d -t TESTS_ENVIRONMENT = \ TESTDIR=$(abs_top_srcdir)/src/tests/; export TESTDIR; \ PATH=$(abs_top_builddir)/src:$(abs_top_builddir)/src/util:$$PATH; export PATH; TESTS = @SH_TESTS@ TEST_EXTENSIONS = .sh nobase_noinst_HEADERS = hitch.h ringbuffer.h configuration.h shctx.h \ logging.h sysl_tbl.h hssl_locks.h asn_gentm.h ssl_err.h \ ocsp.h \ foreign/miniobj.h foreign/vqueue.h foreign/vpf.h \ foreign/flopen.h foreign/uthash.h \ foreign/vas.h foreign/vsb.h BUILT_SOURCES = cfg_parser.h cfg_parser.c hitch_SOURCES = configuration.c ringbuffer.c hitch.c cfg_parser.y \ cfg_lex.l hssl_locks.c asn_gentm.c ocsp.c logging.c \ foreign/vpf.c foreign/flopen.c foreign/vas.c foreign/vsb.c \ $(am__append_2) hitch_LDADD = $(SSL_LIBS) $(CRYPTO_LIBS) $(EV_LIBS) -lrt \ $(am__append_3) CLEANFILES = cfg_parser.h cfg_parser.c cfg_lex.c all: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: .SUFFIXES: .c .l .log .o .obj .sh .sh$(EXEEXT) .trs .y $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign src/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): install-sbinPROGRAMS: $(sbin_PROGRAMS) @$(NORMAL_INSTALL) @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(sbindir)'"; \ $(MKDIR_P) "$(DESTDIR)$(sbindir)" || exit 1; \ fi; \ for p in $$list; do echo "$$p $$p"; done | \ sed 's/$(EXEEXT)$$//' | \ while read p p1; do if test -f $$p \ ; then echo "$$p"; echo "$$p"; else :; fi; \ done | \ sed -e 'p;s,.*/,,;n;h' \ -e 's|.*|.|' \ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ sed 'N;N;N;s,\n, ,g' | \ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ if ($$2 == $$4) files[d] = files[d] " " $$1; \ else { print "f", $$3 "/" $$4, $$1; } } \ END { for (d in files) print "f", d, files[d] }' | \ while read type dir files; do \ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ test -z "$$files" || { \ echo " $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ } \ ; done uninstall-sbinPROGRAMS: @$(NORMAL_UNINSTALL) @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ files=`for p in $$list; do echo "$$p"; done | \ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ -e 's/$$/$(EXEEXT)/' \ `; \ test -n "$$list" || exit 0; \ echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ cd "$(DESTDIR)$(sbindir)" && rm -f $$files clean-sbinPROGRAMS: -test -z "$(sbin_PROGRAMS)" || rm -f $(sbin_PROGRAMS) cfg_parser.h: cfg_parser.c @if test ! -f $@; then rm -f cfg_parser.c; else :; fi @if test ! -f $@; then $(MAKE) $(AM_MAKEFLAGS) cfg_parser.c; else :; fi foreign/$(am__dirstamp): @$(MKDIR_P) foreign @: > foreign/$(am__dirstamp) foreign/$(DEPDIR)/$(am__dirstamp): @$(MKDIR_P) foreign/$(DEPDIR) @: > foreign/$(DEPDIR)/$(am__dirstamp) foreign/vpf.$(OBJEXT): foreign/$(am__dirstamp) \ foreign/$(DEPDIR)/$(am__dirstamp) foreign/flopen.$(OBJEXT): foreign/$(am__dirstamp) \ foreign/$(DEPDIR)/$(am__dirstamp) foreign/vas.$(OBJEXT): foreign/$(am__dirstamp) \ foreign/$(DEPDIR)/$(am__dirstamp) foreign/vsb.$(OBJEXT): foreign/$(am__dirstamp) \ foreign/$(DEPDIR)/$(am__dirstamp) hitch$(EXEEXT): $(hitch_OBJECTS) $(hitch_DEPENDENCIES) $(EXTRA_hitch_DEPENDENCIES) @rm -f hitch$(EXEEXT) $(AM_V_CCLD)$(LINK) $(hitch_OBJECTS) $(hitch_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) -rm -f foreign/*.$(OBJEXT) distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn_gentm.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cfg_lex.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cfg_parser.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/configuration.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hitch.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hssl_locks.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/logging.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ocsp.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ringbuffer.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/shctx.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@foreign/$(DEPDIR)/flopen.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@foreign/$(DEPDIR)/vas.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@foreign/$(DEPDIR)/vpf.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@foreign/$(DEPDIR)/vsb.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .l.c: $(AM_V_LEX)$(am__skiplex) $(SHELL) $(YLWRAP) $< $(LEX_OUTPUT_ROOT).c $@ -- $(LEXCOMPILE) .y.c: $(AM_V_YACC)$(am__skipyacc) $(SHELL) $(YLWRAP) $< y.tab.c $@ y.tab.h `echo $@ | $(am__yacc_c2h)` y.output $*.output -- $(YACCCOMPILE) ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-am TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-am CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscopelist: cscopelist-am cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags # Recover from deleted '.trs' file; this should ensure that # "rm -f foo.log; make foo.trs" re-run 'foo.test', and re-create # both 'foo.log' and 'foo.trs'. Break the recipe in two subshells # to avoid problems with "make -n". .log.trs: rm -f $< $@ $(MAKE) $(AM_MAKEFLAGS) $< # Leading 'am--fnord' is there to ensure the list of targets does not # expand to empty, as could happen e.g. with make check TESTS=''. am--fnord $(TEST_LOGS) $(TEST_LOGS:.log=.trs): $(am__force_recheck) am--force-recheck: @: $(TEST_SUITE_LOG): $(TEST_LOGS) @$(am__set_TESTS_bases); \ am__f_ok () { test -f "$$1" && test -r "$$1"; }; \ redo_bases=`for i in $$bases; do \ am__f_ok $$i.trs && am__f_ok $$i.log || echo $$i; \ done`; \ if test -n "$$redo_bases"; then \ redo_logs=`for i in $$redo_bases; do echo $$i.log; done`; \ redo_results=`for i in $$redo_bases; do echo $$i.trs; done`; \ if $(am__make_dryrun); then :; else \ rm -f $$redo_logs && rm -f $$redo_results || exit 1; \ fi; \ fi; \ if test -n "$$am__remaking_logs"; then \ echo "fatal: making $(TEST_SUITE_LOG): possible infinite" \ "recursion detected" >&2; \ elif test -n "$$redo_logs"; then \ am__remaking_logs=yes $(MAKE) $(AM_MAKEFLAGS) $$redo_logs; \ fi; \ if $(am__make_dryrun); then :; else \ st=0; \ errmsg="fatal: making $(TEST_SUITE_LOG): failed to create"; \ for i in $$redo_bases; do \ test -f $$i.trs && test -r $$i.trs \ || { echo "$$errmsg $$i.trs" >&2; st=1; }; \ test -f $$i.log && test -r $$i.log \ || { echo "$$errmsg $$i.log" >&2; st=1; }; \ done; \ test $$st -eq 0 || exit 1; \ fi @$(am__sh_e_setup); $(am__tty_colors); $(am__set_TESTS_bases); \ ws='[ ]'; \ results=`for b in $$bases; do echo $$b.trs; done`; \ test -n "$$results" || results=/dev/null; \ all=` grep "^$$ws*:test-result:" $$results | wc -l`; \ pass=` grep "^$$ws*:test-result:$$ws*PASS" $$results | wc -l`; \ fail=` grep "^$$ws*:test-result:$$ws*FAIL" $$results | wc -l`; \ skip=` grep "^$$ws*:test-result:$$ws*SKIP" $$results | wc -l`; \ xfail=`grep "^$$ws*:test-result:$$ws*XFAIL" $$results | wc -l`; \ xpass=`grep "^$$ws*:test-result:$$ws*XPASS" $$results | wc -l`; \ error=`grep "^$$ws*:test-result:$$ws*ERROR" $$results | wc -l`; \ if test `expr $$fail + $$xpass + $$error` -eq 0; then \ success=true; \ else \ success=false; \ fi; \ br='==================='; br=$$br$$br$$br$$br; \ result_count () \ { \ if test x"$$1" = x"--maybe-color"; then \ maybe_colorize=yes; \ elif test x"$$1" = x"--no-color"; then \ maybe_colorize=no; \ else \ echo "$@: invalid 'result_count' usage" >&2; exit 4; \ fi; \ shift; \ desc=$$1 count=$$2; \ if test $$maybe_colorize = yes && test $$count -gt 0; then \ color_start=$$3 color_end=$$std; \ else \ color_start= color_end=; \ fi; \ echo "$${color_start}# $$desc $$count$${color_end}"; \ }; \ create_testsuite_report () \ { \ result_count $$1 "TOTAL:" $$all "$$brg"; \ result_count $$1 "PASS: " $$pass "$$grn"; \ result_count $$1 "SKIP: " $$skip "$$blu"; \ result_count $$1 "XFAIL:" $$xfail "$$lgn"; \ result_count $$1 "FAIL: " $$fail "$$red"; \ result_count $$1 "XPASS:" $$xpass "$$red"; \ result_count $$1 "ERROR:" $$error "$$mgn"; \ }; \ { \ echo "$(PACKAGE_STRING): $(subdir)/$(TEST_SUITE_LOG)" | \ $(am__rst_title); \ create_testsuite_report --no-color; \ echo; \ echo ".. contents:: :depth: 2"; \ echo; \ for b in $$bases; do echo $$b; done \ | $(am__create_global_log); \ } >$(TEST_SUITE_LOG).tmp || exit 1; \ mv $(TEST_SUITE_LOG).tmp $(TEST_SUITE_LOG); \ if $$success; then \ col="$$grn"; \ else \ col="$$red"; \ test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \ fi; \ echo "$${col}$$br$${std}"; \ echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \ echo "$${col}$$br$${std}"; \ create_testsuite_report --maybe-color; \ echo "$$col$$br$$std"; \ if $$success; then :; else \ echo "$${col}See $(subdir)/$(TEST_SUITE_LOG)$${std}"; \ if test -n "$(PACKAGE_BUGREPORT)"; then \ echo "$${col}Please report to $(PACKAGE_BUGREPORT)$${std}"; \ fi; \ echo "$$col$$br$$std"; \ fi; \ $$success || exit 1 check-TESTS: @list='$(RECHECK_LOGS)'; test -z "$$list" || rm -f $$list @list='$(RECHECK_LOGS:.log=.trs)'; test -z "$$list" || rm -f $$list @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) @set +e; $(am__set_TESTS_bases); \ log_list=`for i in $$bases; do echo $$i.log; done`; \ trs_list=`for i in $$bases; do echo $$i.trs; done`; \ log_list=`echo $$log_list`; trs_list=`echo $$trs_list`; \ $(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) TEST_LOGS="$$log_list"; \ exit $$?; recheck: all @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) @set +e; $(am__set_TESTS_bases); \ bases=`for i in $$bases; do echo $$i; done \ | $(am__list_recheck_tests)` || exit 1; \ log_list=`for i in $$bases; do echo $$i.log; done`; \ log_list=`echo $$log_list`; \ $(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) \ am__force_recheck=am--force-recheck \ TEST_LOGS="$$log_list"; \ exit $$? .sh.log: @p='$<'; \ $(am__set_b); \ $(am__check_pre) $(SH_LOG_DRIVER) --test-name "$$f" \ --log-file $$b.log --trs-file $$b.trs \ $(am__common_driver_flags) $(AM_SH_LOG_DRIVER_FLAGS) $(SH_LOG_DRIVER_FLAGS) -- $(SH_LOG_COMPILE) \ "$$tst" $(AM_TESTS_FD_REDIRECT) @am__EXEEXT_TRUE@.sh$(EXEEXT).log: @am__EXEEXT_TRUE@ @p='$<'; \ @am__EXEEXT_TRUE@ $(am__set_b); \ @am__EXEEXT_TRUE@ $(am__check_pre) $(SH_LOG_DRIVER) --test-name "$$f" \ @am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \ @am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_SH_LOG_DRIVER_FLAGS) $(SH_LOG_DRIVER_FLAGS) -- $(SH_LOG_COMPILE) \ @am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT) distdir: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done check-am: all-am $(MAKE) $(AM_MAKEFLAGS) check-TESTS check: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) check-am all-am: Makefile $(PROGRAMS) $(HEADERS) installdirs: for dir in "$(DESTDIR)$(sbindir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-am install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: -test -z "$(TEST_LOGS)" || rm -f $(TEST_LOGS) -test -z "$(TEST_LOGS:.log=.trs)" || rm -f $(TEST_LOGS:.log=.trs) -test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) clean-generic: -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) -rm -f foreign/$(DEPDIR)/$(am__dirstamp) -rm -f foreign/$(am__dirstamp) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -rm -f cfg_lex.c -rm -f cfg_parser.c -rm -f cfg_parser.h -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) clean: clean-am clean-am: clean-generic clean-sbinPROGRAMS mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) foreign/$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags dvi: dvi-am dvi-am: html: html-am html-am: info: info-am info-am: install-data-am: install-dvi: install-dvi-am install-dvi-am: install-exec-am: install-sbinPROGRAMS install-html: install-html-am install-html-am: install-info: install-info-am install-info-am: install-man: install-pdf: install-pdf-am install-pdf-am: install-ps: install-ps-am install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am -rm -rf ./$(DEPDIR) foreign/$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic pdf: pdf-am pdf-am: ps: ps-am ps-am: uninstall-am: uninstall-sbinPROGRAMS .MAKE: all check check-am install install-am install-strip .PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \ clean-generic clean-sbinPROGRAMS cscopelist-am ctags ctags-am \ distclean distclean-compile distclean-generic distclean-tags \ distdir dvi dvi-am html html-am info info-am install \ install-am install-data install-data-am install-dvi \ install-dvi-am install-exec install-exec-am install-html \ install-html-am install-info install-info-am install-man \ install-pdf install-pdf-am install-ps install-ps-am \ install-sbinPROGRAMS install-strip installcheck \ installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic pdf pdf-am ps ps-am recheck tags tags-am \ uninstall uninstall-am uninstall-sbinPROGRAMS .PRECIOUS: Makefile # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: hitch-1.4.4/src/cfg_parser.h0000644000175000017500000001140613026756721012626 00000000000000/* A Bison parser, made by GNU Bison 3.0.4. */ /* Bison interface for Yacc-like parsers in C Copyright (C) 1984, 1989-1990, 2000-2015 Free Software Foundation, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ /* As a special exception, you may create a larger work that contains part or all of the Bison parser skeleton and distribute that work under terms of your choice, so long as that work isn't itself a parser generator using the skeleton or a modified version thereof as a parser skeleton. Alternatively, if you modify or redistribute the parser skeleton itself, you may (at your option) remove this special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ #ifndef YY_YY_CFG_PARSER_H_INCLUDED # define YY_YY_CFG_PARSER_H_INCLUDED /* Debug traces. */ #ifndef YYDEBUG # define YYDEBUG 1 #endif #if YYDEBUG extern int yydebug; #endif /* Token type. */ #ifndef YYTOKENTYPE # define YYTOKENTYPE enum yytokentype { INT = 258, UINT = 259, BOOL = 260, STRING = 261, TOK_CIPHERS = 262, TOK_SSL_ENGINE = 263, TOK_PREFER_SERVER_CIPHERS = 264, TOK_BACKEND = 265, TOK_FRONTEND = 266, TOK_WORKERS = 267, TOK_BACKLOG = 268, TOK_KEEPALIVE = 269, TOK_CHROOT = 270, TOK_USER = 271, TOK_GROUP = 272, TOK_QUIET = 273, TOK_SYSLOG = 274, TOK_SYSLOG_FACILITY = 275, TOK_PARAM_SYSLOG_FACILITY = 276, TOK_DAEMON = 277, TOK_WRITE_IP = 278, TOK_WRITE_PROXY = 279, TOK_WRITE_PROXY_V1 = 280, TOK_WRITE_PROXY_V2 = 281, TOK_PEM_FILE = 282, TOK_PROXY_PROXY = 283, TOK_BACKEND_CONNECT_TIMEOUT = 284, TOK_SSL_HANDSHAKE_TIMEOUT = 285, TOK_RECV_BUFSIZE = 286, TOK_SEND_BUFSIZE = 287, TOK_LOG_FILENAME = 288, TOK_RING_SLOTS = 289, TOK_RING_DATA_LEN = 290, TOK_PIDFILE = 291, TOK_SNI_NOMATCH_ABORT = 292, TOK_SSL = 293, TOK_TLS = 294, TOK_HOST = 295, TOK_PORT = 296, TOK_MATCH_GLOBAL = 297, TOK_PB_CERT = 298, TOK_PB_OCSP_FILE = 299, TOK_OCSP_VERIFY = 300, TOK_OCSP_DIR = 301, TOK_OCSP_RESP_TMO = 302, TOK_OCSP_CONN_TMO = 303, TOK_ALPN_PROTOS = 304, TOK_TLS_PROTOS = 305, TOK_SSLv3 = 306, TOK_TLSv1_0 = 307, TOK_TLSv1_1 = 308, TOK_TLSv1_2 = 309 }; #endif /* Tokens. */ #define INT 258 #define UINT 259 #define BOOL 260 #define STRING 261 #define TOK_CIPHERS 262 #define TOK_SSL_ENGINE 263 #define TOK_PREFER_SERVER_CIPHERS 264 #define TOK_BACKEND 265 #define TOK_FRONTEND 266 #define TOK_WORKERS 267 #define TOK_BACKLOG 268 #define TOK_KEEPALIVE 269 #define TOK_CHROOT 270 #define TOK_USER 271 #define TOK_GROUP 272 #define TOK_QUIET 273 #define TOK_SYSLOG 274 #define TOK_SYSLOG_FACILITY 275 #define TOK_PARAM_SYSLOG_FACILITY 276 #define TOK_DAEMON 277 #define TOK_WRITE_IP 278 #define TOK_WRITE_PROXY 279 #define TOK_WRITE_PROXY_V1 280 #define TOK_WRITE_PROXY_V2 281 #define TOK_PEM_FILE 282 #define TOK_PROXY_PROXY 283 #define TOK_BACKEND_CONNECT_TIMEOUT 284 #define TOK_SSL_HANDSHAKE_TIMEOUT 285 #define TOK_RECV_BUFSIZE 286 #define TOK_SEND_BUFSIZE 287 #define TOK_LOG_FILENAME 288 #define TOK_RING_SLOTS 289 #define TOK_RING_DATA_LEN 290 #define TOK_PIDFILE 291 #define TOK_SNI_NOMATCH_ABORT 292 #define TOK_SSL 293 #define TOK_TLS 294 #define TOK_HOST 295 #define TOK_PORT 296 #define TOK_MATCH_GLOBAL 297 #define TOK_PB_CERT 298 #define TOK_PB_OCSP_FILE 299 #define TOK_OCSP_VERIFY 300 #define TOK_OCSP_DIR 301 #define TOK_OCSP_RESP_TMO 302 #define TOK_OCSP_CONN_TMO 303 #define TOK_ALPN_PROTOS 304 #define TOK_TLS_PROTOS 305 #define TOK_SSLv3 306 #define TOK_TLSv1_0 307 #define TOK_TLSv1_1 308 #define TOK_TLSv1_2 309 /* Value type. */ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED union YYSTYPE { #line 31 "cfg_parser.y" /* yacc.c:1909 */ int i; char *s; #line 167 "cfg_parser.h" /* yacc.c:1909 */ }; typedef union YYSTYPE YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 # define YYSTYPE_IS_DECLARED 1 #endif extern YYSTYPE yylval; int yyparse (hitch_config *cfg); #endif /* !YY_YY_CFG_PARSER_H_INCLUDED */ hitch-1.4.4/src/cfg_parser.c0000644000175000017500000021322013026756721012617 00000000000000/* A Bison parser, made by GNU Bison 3.0.4. */ /* Bison implementation for Yacc-like parsers in C Copyright (C) 1984, 1989-1990, 2000-2015 Free Software Foundation, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ /* As a special exception, you may create a larger work that contains part or all of the Bison parser skeleton and distribute that work under terms of your choice, so long as that work isn't itself a parser generator using the skeleton or a modified version thereof as a parser skeleton. Alternatively, if you modify or redistribute the parser skeleton itself, you may (at your option) remove this special exception, which will cause the skeleton and the resulting Bison output files to be licensed under the GNU General Public License without this special exception. This special exception was added by the Free Software Foundation in version 2.2 of Bison. */ /* C LALR(1) parser skeleton written by Richard Stallman, by simplifying the original so-called "semantic" parser. */ /* All symbols defined below should begin with yy or YY, to avoid infringing on user name space. This should be done even for local variables, as they might otherwise be expanded by user macros. There are some unavoidable exceptions within include files to define necessary library symbols; they are noted "INFRINGES ON USER NAME SPACE" below. */ /* Identify Bison output. */ #define YYBISON 1 /* Bison version. */ #define YYBISON_VERSION "3.0.4" /* Skeleton name. */ #define YYSKELETON_NAME "yacc.c" /* Pure parsers. */ #define YYPURE 0 /* Push parsers. */ #define YYPUSH 0 /* Pull parsers. */ #define YYPULL 1 /* Copy the first part of user declarations. */ #line 1 "cfg_parser.y" /* yacc.c:339 */ #include #include #include "configuration.h" #include "foreign/vas.h" #include "foreign/miniobj.h" #include "foreign/uthash.h" extern int yylex (void); extern int yyparse(hitch_config *); extern FILE *yyin; int yyget_lineno(void); int config_param_validate(char *k, char *v, hitch_config *cfg, char *file, int line); int front_arg_add(hitch_config *cfg, struct front_arg *fa); struct front_arg *front_arg_new(void); void front_arg_destroy(struct front_arg *fa); struct cfg_cert_file * cfg_cert_file_new(void); void cfg_cert_file_free(struct cfg_cert_file **cfptr); int cfg_cert_vfy(struct cfg_cert_file *cf); void yyerror(hitch_config *, const char *); void cfg_cert_add(struct cfg_cert_file *cf, struct cfg_cert_file **dst); static struct front_arg *cur_fa; static struct cfg_cert_file *cur_pem; #line 96 "cfg_parser.c" /* yacc.c:339 */ # ifndef YY_NULLPTR # if defined __cplusplus && 201103L <= __cplusplus # define YY_NULLPTR nullptr # else # define YY_NULLPTR 0 # endif # endif /* Enabling verbose error messages. */ #ifdef YYERROR_VERBOSE # undef YYERROR_VERBOSE # define YYERROR_VERBOSE 1 #else # define YYERROR_VERBOSE 0 #endif /* In a future release of Bison, this section will be replaced by #include "y.tab.h". */ #ifndef YY_YY_CFG_PARSER_H_INCLUDED # define YY_YY_CFG_PARSER_H_INCLUDED /* Debug traces. */ #ifndef YYDEBUG # define YYDEBUG 1 #endif #if YYDEBUG extern int yydebug; #endif /* Token type. */ #ifndef YYTOKENTYPE # define YYTOKENTYPE enum yytokentype { INT = 258, UINT = 259, BOOL = 260, STRING = 261, TOK_CIPHERS = 262, TOK_SSL_ENGINE = 263, TOK_PREFER_SERVER_CIPHERS = 264, TOK_BACKEND = 265, TOK_FRONTEND = 266, TOK_WORKERS = 267, TOK_BACKLOG = 268, TOK_KEEPALIVE = 269, TOK_CHROOT = 270, TOK_USER = 271, TOK_GROUP = 272, TOK_QUIET = 273, TOK_SYSLOG = 274, TOK_SYSLOG_FACILITY = 275, TOK_PARAM_SYSLOG_FACILITY = 276, TOK_DAEMON = 277, TOK_WRITE_IP = 278, TOK_WRITE_PROXY = 279, TOK_WRITE_PROXY_V1 = 280, TOK_WRITE_PROXY_V2 = 281, TOK_PEM_FILE = 282, TOK_PROXY_PROXY = 283, TOK_BACKEND_CONNECT_TIMEOUT = 284, TOK_SSL_HANDSHAKE_TIMEOUT = 285, TOK_RECV_BUFSIZE = 286, TOK_SEND_BUFSIZE = 287, TOK_LOG_FILENAME = 288, TOK_RING_SLOTS = 289, TOK_RING_DATA_LEN = 290, TOK_PIDFILE = 291, TOK_SNI_NOMATCH_ABORT = 292, TOK_SSL = 293, TOK_TLS = 294, TOK_HOST = 295, TOK_PORT = 296, TOK_MATCH_GLOBAL = 297, TOK_PB_CERT = 298, TOK_PB_OCSP_FILE = 299, TOK_OCSP_VERIFY = 300, TOK_OCSP_DIR = 301, TOK_OCSP_RESP_TMO = 302, TOK_OCSP_CONN_TMO = 303, TOK_ALPN_PROTOS = 304, TOK_TLS_PROTOS = 305, TOK_SSLv3 = 306, TOK_TLSv1_0 = 307, TOK_TLSv1_1 = 308, TOK_TLSv1_2 = 309 }; #endif /* Tokens. */ #define INT 258 #define UINT 259 #define BOOL 260 #define STRING 261 #define TOK_CIPHERS 262 #define TOK_SSL_ENGINE 263 #define TOK_PREFER_SERVER_CIPHERS 264 #define TOK_BACKEND 265 #define TOK_FRONTEND 266 #define TOK_WORKERS 267 #define TOK_BACKLOG 268 #define TOK_KEEPALIVE 269 #define TOK_CHROOT 270 #define TOK_USER 271 #define TOK_GROUP 272 #define TOK_QUIET 273 #define TOK_SYSLOG 274 #define TOK_SYSLOG_FACILITY 275 #define TOK_PARAM_SYSLOG_FACILITY 276 #define TOK_DAEMON 277 #define TOK_WRITE_IP 278 #define TOK_WRITE_PROXY 279 #define TOK_WRITE_PROXY_V1 280 #define TOK_WRITE_PROXY_V2 281 #define TOK_PEM_FILE 282 #define TOK_PROXY_PROXY 283 #define TOK_BACKEND_CONNECT_TIMEOUT 284 #define TOK_SSL_HANDSHAKE_TIMEOUT 285 #define TOK_RECV_BUFSIZE 286 #define TOK_SEND_BUFSIZE 287 #define TOK_LOG_FILENAME 288 #define TOK_RING_SLOTS 289 #define TOK_RING_DATA_LEN 290 #define TOK_PIDFILE 291 #define TOK_SNI_NOMATCH_ABORT 292 #define TOK_SSL 293 #define TOK_TLS 294 #define TOK_HOST 295 #define TOK_PORT 296 #define TOK_MATCH_GLOBAL 297 #define TOK_PB_CERT 298 #define TOK_PB_OCSP_FILE 299 #define TOK_OCSP_VERIFY 300 #define TOK_OCSP_DIR 301 #define TOK_OCSP_RESP_TMO 302 #define TOK_OCSP_CONN_TMO 303 #define TOK_ALPN_PROTOS 304 #define TOK_TLS_PROTOS 305 #define TOK_SSLv3 306 #define TOK_TLSv1_0 307 #define TOK_TLSv1_1 308 #define TOK_TLSv1_2 309 /* Value type. */ #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED union YYSTYPE { #line 31 "cfg_parser.y" /* yacc.c:355 */ int i; char *s; #line 249 "cfg_parser.c" /* yacc.c:355 */ }; typedef union YYSTYPE YYSTYPE; # define YYSTYPE_IS_TRIVIAL 1 # define YYSTYPE_IS_DECLARED 1 #endif extern YYSTYPE yylval; int yyparse (hitch_config *cfg); #endif /* !YY_YY_CFG_PARSER_H_INCLUDED */ /* Copy the second part of user declarations. */ #line 266 "cfg_parser.c" /* yacc.c:358 */ #ifdef short # undef short #endif #ifdef YYTYPE_UINT8 typedef YYTYPE_UINT8 yytype_uint8; #else typedef unsigned char yytype_uint8; #endif #ifdef YYTYPE_INT8 typedef YYTYPE_INT8 yytype_int8; #else typedef signed char yytype_int8; #endif #ifdef YYTYPE_UINT16 typedef YYTYPE_UINT16 yytype_uint16; #else typedef unsigned short int yytype_uint16; #endif #ifdef YYTYPE_INT16 typedef YYTYPE_INT16 yytype_int16; #else typedef short int yytype_int16; #endif #ifndef YYSIZE_T # ifdef __SIZE_TYPE__ # define YYSIZE_T __SIZE_TYPE__ # elif defined size_t # define YYSIZE_T size_t # elif ! defined YYSIZE_T # include /* INFRINGES ON USER NAME SPACE */ # define YYSIZE_T size_t # else # define YYSIZE_T unsigned int # endif #endif #define YYSIZE_MAXIMUM ((YYSIZE_T) -1) #ifndef YY_ # if defined YYENABLE_NLS && YYENABLE_NLS # if ENABLE_NLS # include /* INFRINGES ON USER NAME SPACE */ # define YY_(Msgid) dgettext ("bison-runtime", Msgid) # endif # endif # ifndef YY_ # define YY_(Msgid) Msgid # endif #endif #ifndef YY_ATTRIBUTE # if (defined __GNUC__ \ && (2 < __GNUC__ || (__GNUC__ == 2 && 96 <= __GNUC_MINOR__))) \ || defined __SUNPRO_C && 0x5110 <= __SUNPRO_C # define YY_ATTRIBUTE(Spec) __attribute__(Spec) # else # define YY_ATTRIBUTE(Spec) /* empty */ # endif #endif #ifndef YY_ATTRIBUTE_PURE # define YY_ATTRIBUTE_PURE YY_ATTRIBUTE ((__pure__)) #endif #ifndef YY_ATTRIBUTE_UNUSED # define YY_ATTRIBUTE_UNUSED YY_ATTRIBUTE ((__unused__)) #endif #if !defined _Noreturn \ && (!defined __STDC_VERSION__ || __STDC_VERSION__ < 201112) # if defined _MSC_VER && 1200 <= _MSC_VER # define _Noreturn __declspec (noreturn) # else # define _Noreturn YY_ATTRIBUTE ((__noreturn__)) # endif #endif /* Suppress unused-variable warnings by "using" E. */ #if ! defined lint || defined __GNUC__ # define YYUSE(E) ((void) (E)) #else # define YYUSE(E) /* empty */ #endif #if defined __GNUC__ && 407 <= __GNUC__ * 100 + __GNUC_MINOR__ /* Suppress an incorrect diagnostic about yylval being uninitialized. */ # define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \ _Pragma ("GCC diagnostic push") \ _Pragma ("GCC diagnostic ignored \"-Wuninitialized\"")\ _Pragma ("GCC diagnostic ignored \"-Wmaybe-uninitialized\"") # define YY_IGNORE_MAYBE_UNINITIALIZED_END \ _Pragma ("GCC diagnostic pop") #else # define YY_INITIAL_VALUE(Value) Value #endif #ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN # define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN # define YY_IGNORE_MAYBE_UNINITIALIZED_END #endif #ifndef YY_INITIAL_VALUE # define YY_INITIAL_VALUE(Value) /* Nothing. */ #endif #if ! defined yyoverflow || YYERROR_VERBOSE /* The parser invokes alloca or malloc; define the necessary symbols. */ # ifdef YYSTACK_USE_ALLOCA # if YYSTACK_USE_ALLOCA # ifdef __GNUC__ # define YYSTACK_ALLOC __builtin_alloca # elif defined __BUILTIN_VA_ARG_INCR # include /* INFRINGES ON USER NAME SPACE */ # elif defined _AIX # define YYSTACK_ALLOC __alloca # elif defined _MSC_VER # include /* INFRINGES ON USER NAME SPACE */ # define alloca _alloca # else # define YYSTACK_ALLOC alloca # if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS # include /* INFRINGES ON USER NAME SPACE */ /* Use EXIT_SUCCESS as a witness for stdlib.h. */ # ifndef EXIT_SUCCESS # define EXIT_SUCCESS 0 # endif # endif # endif # endif # endif # ifdef YYSTACK_ALLOC /* Pacify GCC's 'empty if-body' warning. */ # define YYSTACK_FREE(Ptr) do { /* empty */; } while (0) # ifndef YYSTACK_ALLOC_MAXIMUM /* The OS might guarantee only one guard page at the bottom of the stack, and a page size can be as small as 4096 bytes. So we cannot safely invoke alloca (N) if N exceeds 4096. Use a slightly smaller number to allow for a few compiler-allocated temporary stack slots. */ # define YYSTACK_ALLOC_MAXIMUM 4032 /* reasonable circa 2006 */ # endif # else # define YYSTACK_ALLOC YYMALLOC # define YYSTACK_FREE YYFREE # ifndef YYSTACK_ALLOC_MAXIMUM # define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM # endif # if (defined __cplusplus && ! defined EXIT_SUCCESS \ && ! ((defined YYMALLOC || defined malloc) \ && (defined YYFREE || defined free))) # include /* INFRINGES ON USER NAME SPACE */ # ifndef EXIT_SUCCESS # define EXIT_SUCCESS 0 # endif # endif # ifndef YYMALLOC # define YYMALLOC malloc # if ! defined malloc && ! defined EXIT_SUCCESS void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ # endif # endif # ifndef YYFREE # define YYFREE free # if ! defined free && ! defined EXIT_SUCCESS void free (void *); /* INFRINGES ON USER NAME SPACE */ # endif # endif # endif #endif /* ! defined yyoverflow || YYERROR_VERBOSE */ #if (! defined yyoverflow \ && (! defined __cplusplus \ || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) /* A type that is properly aligned for any stack member. */ union yyalloc { yytype_int16 yyss_alloc; YYSTYPE yyvs_alloc; }; /* The size of the maximum gap between one aligned stack and the next. */ # define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) /* The size of an array large to enough to hold all stacks, each with N elements. */ # define YYSTACK_BYTES(N) \ ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \ + YYSTACK_GAP_MAXIMUM) # define YYCOPY_NEEDED 1 /* Relocate STACK from its old location to the new one. The local variables YYSIZE and YYSTACKSIZE give the old and new number of elements in the stack, and YYPTR gives the new location of the stack. Advance YYPTR to a properly aligned location for the next stack. */ # define YYSTACK_RELOCATE(Stack_alloc, Stack) \ do \ { \ YYSIZE_T yynewbytes; \ YYCOPY (&yyptr->Stack_alloc, Stack, yysize); \ Stack = &yyptr->Stack_alloc; \ yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ yyptr += yynewbytes / sizeof (*yyptr); \ } \ while (0) #endif #if defined YYCOPY_NEEDED && YYCOPY_NEEDED /* Copy COUNT objects from SRC to DST. The source and destination do not overlap. */ # ifndef YYCOPY # if defined __GNUC__ && 1 < __GNUC__ # define YYCOPY(Dst, Src, Count) \ __builtin_memcpy (Dst, Src, (Count) * sizeof (*(Src))) # else # define YYCOPY(Dst, Src, Count) \ do \ { \ YYSIZE_T yyi; \ for (yyi = 0; yyi < (Count); yyi++) \ (Dst)[yyi] = (Src)[yyi]; \ } \ while (0) # endif # endif #endif /* !YYCOPY_NEEDED */ /* YYFINAL -- State number of the termination state. */ #define YYFINAL 94 /* YYLAST -- Last index in YYTABLE. */ #define YYLAST 150 /* YYNTOKENS -- Number of terminals. */ #define YYNTOKENS 58 /* YYNNTS -- Number of nonterminals. */ #define YYNNTS 61 /* YYNRULES -- Number of rules. */ #define YYNRULES 115 /* YYNSTATES -- Number of states. */ #define YYNSTATES 207 /* YYTRANSLATE[YYX] -- Symbol number corresponding to YYX as returned by yylex, with out-of-bounds checking. */ #define YYUNDEFTOK 2 #define YYMAXUTOK 309 #define YYTRANSLATE(YYX) \ ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) /* YYTRANSLATE[TOKEN-NUM] -- Symbol number corresponding to TOKEN-NUM as returned by yylex, without out-of-bounds checking. */ static const yytype_uint8 yytranslate[] = { 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 55, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 56, 2, 57, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54 }; #if YYDEBUG /* YYRLINE[YYN] -- Source line where rule number YYN was defined. */ static const yytype_uint16 yyrline[] = { 0, 57, 57, 61, 62, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 99, 106, 105, 118, 120, 121, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 137, 138, 140, 143, 144, 148, 149, 150, 153, 155, 161, 169, 177, 182, 187, 203, 202, 219, 221, 226, 242, 258, 258, 269, 269, 271, 272, 273, 274, 275, 276, 281, 283, 285, 287, 289, 304, 319, 319, 328, 328, 330, 331, 332, 333, 335, 337, 342, 349, 356, 363, 362, 384, 385, 387, 392, 394, 401, 408, 410, 412, 417, 422, 424, 431 }; #endif #if YYDEBUG || YYERROR_VERBOSE || 0 /* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. First, the terminals, then, starting at YYNTOKENS, nonterminals. */ static const char *const yytname[] = { "$end", "error", "$undefined", "INT", "UINT", "BOOL", "STRING", "TOK_CIPHERS", "TOK_SSL_ENGINE", "TOK_PREFER_SERVER_CIPHERS", "TOK_BACKEND", "TOK_FRONTEND", "TOK_WORKERS", "TOK_BACKLOG", "TOK_KEEPALIVE", "TOK_CHROOT", "TOK_USER", "TOK_GROUP", "TOK_QUIET", "TOK_SYSLOG", "TOK_SYSLOG_FACILITY", "TOK_PARAM_SYSLOG_FACILITY", "TOK_DAEMON", "TOK_WRITE_IP", "TOK_WRITE_PROXY", "TOK_WRITE_PROXY_V1", "TOK_WRITE_PROXY_V2", "TOK_PEM_FILE", "TOK_PROXY_PROXY", "TOK_BACKEND_CONNECT_TIMEOUT", "TOK_SSL_HANDSHAKE_TIMEOUT", "TOK_RECV_BUFSIZE", "TOK_SEND_BUFSIZE", "TOK_LOG_FILENAME", "TOK_RING_SLOTS", "TOK_RING_DATA_LEN", "TOK_PIDFILE", "TOK_SNI_NOMATCH_ABORT", "TOK_SSL", "TOK_TLS", "TOK_HOST", "TOK_PORT", "TOK_MATCH_GLOBAL", "TOK_PB_CERT", "TOK_PB_OCSP_FILE", "TOK_OCSP_VERIFY", "TOK_OCSP_DIR", "TOK_OCSP_RESP_TMO", "TOK_OCSP_CONN_TMO", "TOK_ALPN_PROTOS", "TOK_TLS_PROTOS", "TOK_SSLv3", "TOK_TLSv1_0", "TOK_TLSv1_1", "TOK_TLSv1_2", "'='", "'{'", "'}'", "$accept", "CFG", "CFG_RECORDS", "CFG_RECORD", "FRONTEND_REC", "$@1", "FRONTEND_BLK", "FB_RECS", "FB_REC", "FB_HOST", "FB_PORT", "PEM_BLK", "PB_RECS", "PB_REC", "PB_CERT", "PB_OCSP_RESP_FILE", "OCSP_VERIFY", "OCSP_DIR", "OCSP_RESP_TMO", "OCSP_CONN_TMO", "FB_CERT", "$@2", "FB_MATCH_GLOBAL", "FB_SNI_NOMATCH_ABORT", "FB_TLS", "FB_SSL", "FB_TLS_PROTOS", "$@3", "FB_TLS_PROTOS_LIST", "FB_TLS_PROTO", "FB_CIPHERS", "FB_PREF_SRV_CIPH", "QUIET_REC", "WORKERS_REC", "BACKLOG_REC", "KEEPALIVE_REC", "TLS_REC", "SSL_REC", "TLS_PROTOS_REC", "$@4", "TLS_PROTOS_LIST", "TLS_PROTO", "SSL_ENGINE_REC", "PREFER_SERVER_CIPHERS_REC", "CHROOT_REC", "BACKEND_REC", "PEM_FILE_REC", "$@5", "SYSLOG_REC", "DAEMON_REC", "SNI_NOMATCH_ABORT_REC", "CIPHERS_REC", "USER_REC", "GROUP_REC", "WRITE_IP_REC", "WRITE_PROXY_REC", "WRITE_PROXY_V1_REC", "WRITE_PROXY_V2_REC", "PROXY_PROXY_REC", "ALPN_PROTOS_REC", "SYSLOG_FACILITY_REC", YY_NULLPTR }; #endif # ifdef YYPRINT /* YYTOKNUM[NUM] -- (External) token number corresponding to the (internal) symbol number NUM (which must be that of a token). */ static const yytype_uint16 yytoknum[] = { 0, 256, 257, 258, 259, 260, 261, 262, 263, 264, 265, 266, 267, 268, 269, 270, 271, 272, 273, 274, 275, 276, 277, 278, 279, 280, 281, 282, 283, 284, 285, 286, 287, 288, 289, 290, 291, 292, 293, 294, 295, 296, 297, 298, 299, 300, 301, 302, 303, 304, 305, 306, 307, 308, 309, 61, 123, 125 }; # endif #define YYPACT_NINF -59 #define yypact_value_is_default(Yystate) \ (!!((Yystate) == (-59))) #define YYTABLE_NINF -1 #define yytable_value_is_error(Yytable_value) \ 0 /* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing STATE-NUM. */ static const yytype_int16 yypact[] = { -3, -52, -37, -29, -28, -26, -24, -22, 13, 14, 15, 17, 18, 19, 20, 23, 24, 25, 26, 27, 28, 29, 30, 31, 33, 34, 35, 36, 37, 38, -59, 41, -3, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, 43, 51, 71, 81, -6, 73, 90, 91, 92, 93, 94, 96, 97, 98, 100, 101, 102, 103, 104, -5, 105, 106, 107, 108, 109, 110, 99, 111, 112, 42, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -14, 21, 22, -59, -59, -59, -59, -14, -59, 62, 64, 65, 66, 67, 68, 69, 70, 72, -59, 39, 21, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, 74, 75, 76, 22, -59, -59, -59, -59, -59, 120, 123, -4, 126, 127, 129, 130, 131, 133, 80, -59, -59, 134, 135, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, 2, -59, -59, 22, -59, -59, -59, -59, 2, -59, 82, -59, -59 }; /* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM. Performed when YYTABLE does not specify something else to do. Zero means the default is an error. */ static const yytype_uint8 yydefact[] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 88, 0, 2, 3, 5, 31, 34, 32, 33, 20, 14, 15, 16, 9, 10, 11, 13, 12, 17, 6, 7, 21, 23, 30, 8, 18, 19, 24, 25, 26, 27, 28, 29, 22, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 106, 96, 97, 99, 35, 36, 83, 84, 85, 98, 107, 108, 82, 103, 115, 104, 109, 110, 111, 112, 100, 101, 113, 105, 87, 86, 61, 62, 63, 64, 114, 0, 0, 0, 92, 93, 94, 95, 89, 90, 0, 0, 0, 0, 0, 0, 0, 0, 0, 72, 0, 38, 39, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 0, 0, 0, 53, 54, 56, 57, 58, 91, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 37, 40, 0, 0, 102, 55, 80, 81, 65, 66, 69, 71, 70, 51, 52, 68, 0, 59, 60, 0, 76, 77, 78, 79, 73, 74, 0, 75, 67 }; /* YYPGOTO[NTERM-NUM]. */ static const yytype_int8 yypgoto[] = { -59, -59, -59, 113, -59, -59, -59, -59, -1, -59, -59, -55, -59, -19, -59, -59, 32, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -58, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, 16, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59, -59 }; /* YYDEFGOTO[NTERM-NUM]. */ static const yytype_int16 yydefgoto[] = { -1, 31, 32, 33, 34, 128, 146, 147, 148, 149, 150, 161, 162, 163, 164, 165, 166, 36, 37, 38, 151, 197, 152, 153, 154, 155, 156, 177, 202, 203, 157, 158, 39, 40, 41, 42, 43, 44, 45, 93, 134, 135, 46, 47, 48, 49, 50, 129, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63 }; /* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If positive, shift that token. If negative, reduce the rule whose number is the opposite. If YYTABLE_NINF, syntax error. */ static const yytype_uint8 yytable[] = { 100, 116, 186, 64, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 65, 15, 16, 17, 18, 19, 20, 21, 66, 67, 136, 68, 137, 69, 35, 70, 22, 23, 24, 130, 131, 132, 133, 94, 25, 26, 27, 28, 29, 30, 138, 96, 101, 117, 187, 198, 199, 200, 201, 97, 139, 140, 141, 142, 143, 144, 35, 159, 160, 25, 71, 72, 73, 145, 74, 75, 76, 77, 98, 102, 78, 79, 80, 81, 82, 83, 84, 85, 86, 99, 87, 88, 89, 90, 91, 92, 103, 104, 178, 127, 105, 106, 107, 108, 109, 124, 110, 111, 112, 113, 114, 115, 118, 119, 120, 121, 122, 125, 123, 168, 126, 169, 170, 171, 172, 173, 174, 175, 184, 176, 185, 180, 181, 188, 189, 182, 190, 194, 191, 192, 193, 206, 195, 196, 204, 183, 205, 95, 179, 0, 0, 0, 167 }; static const yytype_int16 yycheck[] = { 6, 6, 6, 55, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 55, 22, 23, 24, 25, 26, 27, 28, 55, 55, 7, 55, 9, 55, 0, 55, 37, 38, 39, 51, 52, 53, 54, 0, 45, 46, 47, 48, 49, 50, 27, 6, 56, 56, 56, 51, 52, 53, 54, 6, 37, 38, 39, 40, 41, 42, 32, 43, 44, 45, 55, 55, 55, 50, 55, 55, 55, 55, 5, 4, 55, 55, 55, 55, 55, 55, 55, 55, 55, 6, 55, 55, 55, 55, 55, 55, 4, 4, 57, 55, 6, 6, 6, 5, 5, 4, 6, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 55, 6, 55, 55, 55, 55, 55, 55, 55, 6, 55, 5, 55, 55, 5, 5, 57, 5, 55, 6, 6, 5, 57, 6, 6, 197, 162, 202, 32, 147, -1, -1, -1, 134 }; /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing symbol of state STATE-NUM. */ static const yytype_uint8 yystos[] = { 0, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 22, 23, 24, 25, 26, 27, 28, 37, 38, 39, 45, 46, 47, 48, 49, 50, 59, 60, 61, 62, 74, 75, 76, 77, 90, 91, 92, 93, 94, 95, 96, 100, 101, 102, 103, 104, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 55, 97, 0, 61, 6, 6, 5, 6, 6, 56, 4, 4, 4, 6, 6, 6, 5, 5, 6, 5, 5, 5, 5, 5, 6, 56, 5, 5, 5, 5, 5, 6, 4, 4, 6, 55, 63, 105, 51, 52, 53, 54, 98, 99, 7, 9, 27, 37, 38, 39, 40, 41, 42, 50, 64, 65, 66, 67, 68, 78, 80, 81, 82, 83, 84, 88, 89, 43, 44, 69, 70, 71, 72, 73, 74, 99, 55, 55, 55, 55, 55, 55, 55, 55, 55, 85, 57, 66, 55, 55, 57, 71, 6, 5, 6, 56, 5, 5, 5, 6, 6, 5, 55, 6, 6, 79, 51, 52, 53, 54, 86, 87, 69, 87, 57 }; /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ static const yytype_uint8 yyr1[] = { 0, 58, 59, 60, 60, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 61, 62, 63, 62, 64, 65, 65, 66, 66, 66, 66, 66, 66, 66, 66, 66, 66, 67, 68, 69, 70, 70, 71, 71, 71, 72, 73, 74, 75, 76, 77, 78, 79, 78, 80, 81, 82, 83, 85, 84, 86, 86, 87, 87, 87, 87, 88, 89, 90, 91, 92, 93, 94, 95, 97, 96, 98, 98, 99, 99, 99, 99, 100, 101, 102, 103, 104, 105, 104, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118 }; /* YYR2[YYN] -- Number of symbols on the right hand side of rule YYN. */ static const yytype_uint8 yyr2[] = { 0, 2, 1, 1, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 3, 0, 6, 1, 1, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 3, 3, 1, 1, 2, 1, 1, 1, 3, 3, 3, 3, 3, 3, 3, 0, 6, 3, 3, 3, 3, 0, 4, 1, 2, 1, 1, 1, 1, 3, 3, 3, 3, 3, 3, 3, 3, 0, 4, 1, 2, 1, 1, 1, 1, 3, 3, 3, 3, 3, 0, 6, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3 }; #define yyerrok (yyerrstatus = 0) #define yyclearin (yychar = YYEMPTY) #define YYEMPTY (-2) #define YYEOF 0 #define YYACCEPT goto yyacceptlab #define YYABORT goto yyabortlab #define YYERROR goto yyerrorlab #define YYRECOVERING() (!!yyerrstatus) #define YYBACKUP(Token, Value) \ do \ if (yychar == YYEMPTY) \ { \ yychar = (Token); \ yylval = (Value); \ YYPOPSTACK (yylen); \ yystate = *yyssp; \ goto yybackup; \ } \ else \ { \ yyerror (cfg, YY_("syntax error: cannot back up")); \ YYERROR; \ } \ while (0) /* Error token number */ #define YYTERROR 1 #define YYERRCODE 256 /* Enable debugging if requested. */ #if YYDEBUG # ifndef YYFPRINTF # include /* INFRINGES ON USER NAME SPACE */ # define YYFPRINTF fprintf # endif # define YYDPRINTF(Args) \ do { \ if (yydebug) \ YYFPRINTF Args; \ } while (0) /* This macro is provided for backward compatibility. */ #ifndef YY_LOCATION_PRINT # define YY_LOCATION_PRINT(File, Loc) ((void) 0) #endif # define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ do { \ if (yydebug) \ { \ YYFPRINTF (stderr, "%s ", Title); \ yy_symbol_print (stderr, \ Type, Value, cfg); \ YYFPRINTF (stderr, "\n"); \ } \ } while (0) /*----------------------------------------. | Print this symbol's value on YYOUTPUT. | `----------------------------------------*/ static void yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep, hitch_config *cfg) { FILE *yyo = yyoutput; YYUSE (yyo); YYUSE (cfg); if (!yyvaluep) return; # ifdef YYPRINT if (yytype < YYNTOKENS) YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep); # endif YYUSE (yytype); } /*--------------------------------. | Print this symbol on YYOUTPUT. | `--------------------------------*/ static void yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep, hitch_config *cfg) { YYFPRINTF (yyoutput, "%s %s (", yytype < YYNTOKENS ? "token" : "nterm", yytname[yytype]); yy_symbol_value_print (yyoutput, yytype, yyvaluep, cfg); YYFPRINTF (yyoutput, ")"); } /*------------------------------------------------------------------. | yy_stack_print -- Print the state stack from its BOTTOM up to its | | TOP (included). | `------------------------------------------------------------------*/ static void yy_stack_print (yytype_int16 *yybottom, yytype_int16 *yytop) { YYFPRINTF (stderr, "Stack now"); for (; yybottom <= yytop; yybottom++) { int yybot = *yybottom; YYFPRINTF (stderr, " %d", yybot); } YYFPRINTF (stderr, "\n"); } # define YY_STACK_PRINT(Bottom, Top) \ do { \ if (yydebug) \ yy_stack_print ((Bottom), (Top)); \ } while (0) /*------------------------------------------------. | Report that the YYRULE is going to be reduced. | `------------------------------------------------*/ static void yy_reduce_print (yytype_int16 *yyssp, YYSTYPE *yyvsp, int yyrule, hitch_config *cfg) { unsigned long int yylno = yyrline[yyrule]; int yynrhs = yyr2[yyrule]; int yyi; YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n", yyrule - 1, yylno); /* The symbols being reduced. */ for (yyi = 0; yyi < yynrhs; yyi++) { YYFPRINTF (stderr, " $%d = ", yyi + 1); yy_symbol_print (stderr, yystos[yyssp[yyi + 1 - yynrhs]], &(yyvsp[(yyi + 1) - (yynrhs)]) , cfg); YYFPRINTF (stderr, "\n"); } } # define YY_REDUCE_PRINT(Rule) \ do { \ if (yydebug) \ yy_reduce_print (yyssp, yyvsp, Rule, cfg); \ } while (0) /* Nonzero means print parse trace. It is left uninitialized so that multiple parsers can coexist. */ int yydebug; #else /* !YYDEBUG */ # define YYDPRINTF(Args) # define YY_SYMBOL_PRINT(Title, Type, Value, Location) # define YY_STACK_PRINT(Bottom, Top) # define YY_REDUCE_PRINT(Rule) #endif /* !YYDEBUG */ /* YYINITDEPTH -- initial size of the parser's stacks. */ #ifndef YYINITDEPTH # define YYINITDEPTH 200 #endif /* YYMAXDEPTH -- maximum size the stacks can grow to (effective only if the built-in stack extension method is used). Do not make this value too large; the results are undefined if YYSTACK_ALLOC_MAXIMUM < YYSTACK_BYTES (YYMAXDEPTH) evaluated with infinite-precision integer arithmetic. */ #ifndef YYMAXDEPTH # define YYMAXDEPTH 10000 #endif #if YYERROR_VERBOSE # ifndef yystrlen # if defined __GLIBC__ && defined _STRING_H # define yystrlen strlen # else /* Return the length of YYSTR. */ static YYSIZE_T yystrlen (const char *yystr) { YYSIZE_T yylen; for (yylen = 0; yystr[yylen]; yylen++) continue; return yylen; } # endif # endif # ifndef yystpcpy # if defined __GLIBC__ && defined _STRING_H && defined _GNU_SOURCE # define yystpcpy stpcpy # else /* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in YYDEST. */ static char * yystpcpy (char *yydest, const char *yysrc) { char *yyd = yydest; const char *yys = yysrc; while ((*yyd++ = *yys++) != '\0') continue; return yyd - 1; } # endif # endif # ifndef yytnamerr /* Copy to YYRES the contents of YYSTR after stripping away unnecessary quotes and backslashes, so that it's suitable for yyerror. The heuristic is that double-quoting is unnecessary unless the string contains an apostrophe, a comma, or backslash (other than backslash-backslash). YYSTR is taken from yytname. If YYRES is null, do not copy; instead, return the length of what the result would have been. */ static YYSIZE_T yytnamerr (char *yyres, const char *yystr) { if (*yystr == '"') { YYSIZE_T yyn = 0; char const *yyp = yystr; for (;;) switch (*++yyp) { case '\'': case ',': goto do_not_strip_quotes; case '\\': if (*++yyp != '\\') goto do_not_strip_quotes; /* Fall through. */ default: if (yyres) yyres[yyn] = *yyp; yyn++; break; case '"': if (yyres) yyres[yyn] = '\0'; return yyn; } do_not_strip_quotes: ; } if (! yyres) return yystrlen (yystr); return yystpcpy (yyres, yystr) - yyres; } # endif /* Copy into *YYMSG, which is of size *YYMSG_ALLOC, an error message about the unexpected token YYTOKEN for the state stack whose top is YYSSP. Return 0 if *YYMSG was successfully written. Return 1 if *YYMSG is not large enough to hold the message. In that case, also set *YYMSG_ALLOC to the required number of bytes. Return 2 if the required number of bytes is too large to store. */ static int yysyntax_error (YYSIZE_T *yymsg_alloc, char **yymsg, yytype_int16 *yyssp, int yytoken) { YYSIZE_T yysize0 = yytnamerr (YY_NULLPTR, yytname[yytoken]); YYSIZE_T yysize = yysize0; enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; /* Internationalized format string. */ const char *yyformat = YY_NULLPTR; /* Arguments of yyformat. */ char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; /* Number of reported tokens (one for the "unexpected", one per "expected"). */ int yycount = 0; /* There are many possibilities here to consider: - If this state is a consistent state with a default action, then the only way this function was invoked is if the default action is an error action. In that case, don't check for expected tokens because there are none. - The only way there can be no lookahead present (in yychar) is if this state is a consistent state with a default action. Thus, detecting the absence of a lookahead is sufficient to determine that there is no unexpected or expected token to report. In that case, just report a simple "syntax error". - Don't assume there isn't a lookahead just because this state is a consistent state with a default action. There might have been a previous inconsistent state, consistent state with a non-default action, or user semantic action that manipulated yychar. - Of course, the expected token list depends on states to have correct lookahead information, and it depends on the parser not to perform extra reductions after fetching a lookahead from the scanner and before detecting a syntax error. Thus, state merging (from LALR or IELR) and default reductions corrupt the expected token list. However, the list is correct for canonical LR with one exception: it will still contain any token that will not be accepted due to an error action in a later state. */ if (yytoken != YYEMPTY) { int yyn = yypact[*yyssp]; yyarg[yycount++] = yytname[yytoken]; if (!yypact_value_is_default (yyn)) { /* Start YYX at -YYN if negative to avoid negative indexes in YYCHECK. In other words, skip the first -YYN actions for this state because they are default actions. */ int yyxbegin = yyn < 0 ? -yyn : 0; /* Stay within bounds of both yycheck and yytname. */ int yychecklim = YYLAST - yyn + 1; int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; int yyx; for (yyx = yyxbegin; yyx < yyxend; ++yyx) if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR && !yytable_value_is_error (yytable[yyx + yyn])) { if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) { yycount = 1; yysize = yysize0; break; } yyarg[yycount++] = yytname[yyx]; { YYSIZE_T yysize1 = yysize + yytnamerr (YY_NULLPTR, yytname[yyx]); if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) return 2; yysize = yysize1; } } } } switch (yycount) { # define YYCASE_(N, S) \ case N: \ yyformat = S; \ break YYCASE_(0, YY_("syntax error")); YYCASE_(1, YY_("syntax error, unexpected %s")); YYCASE_(2, YY_("syntax error, unexpected %s, expecting %s")); YYCASE_(3, YY_("syntax error, unexpected %s, expecting %s or %s")); YYCASE_(4, YY_("syntax error, unexpected %s, expecting %s or %s or %s")); YYCASE_(5, YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s")); # undef YYCASE_ } { YYSIZE_T yysize1 = yysize + yystrlen (yyformat); if (! (yysize <= yysize1 && yysize1 <= YYSTACK_ALLOC_MAXIMUM)) return 2; yysize = yysize1; } if (*yymsg_alloc < yysize) { *yymsg_alloc = 2 * yysize; if (! (yysize <= *yymsg_alloc && *yymsg_alloc <= YYSTACK_ALLOC_MAXIMUM)) *yymsg_alloc = YYSTACK_ALLOC_MAXIMUM; return 1; } /* Avoid sprintf, as that infringes on the user's name space. Don't have undefined behavior even if the translation produced a string with the wrong number of "%s"s. */ { char *yyp = *yymsg; int yyi = 0; while ((*yyp = *yyformat) != '\0') if (*yyp == '%' && yyformat[1] == 's' && yyi < yycount) { yyp += yytnamerr (yyp, yyarg[yyi++]); yyformat += 2; } else { yyp++; yyformat++; } } return 0; } #endif /* YYERROR_VERBOSE */ /*-----------------------------------------------. | Release the memory associated to this symbol. | `-----------------------------------------------*/ static void yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep, hitch_config *cfg) { YYUSE (yyvaluep); YYUSE (cfg); if (!yymsg) yymsg = "Deleting"; YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp); YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN YYUSE (yytype); YY_IGNORE_MAYBE_UNINITIALIZED_END } /* The lookahead symbol. */ int yychar; /* The semantic value of the lookahead symbol. */ YYSTYPE yylval; /* Number of syntax errors so far. */ int yynerrs; /*----------. | yyparse. | `----------*/ int yyparse (hitch_config *cfg) { int yystate; /* Number of tokens to shift before error messages enabled. */ int yyerrstatus; /* The stacks and their tools: 'yyss': related to states. 'yyvs': related to semantic values. Refer to the stacks through separate pointers, to allow yyoverflow to reallocate them elsewhere. */ /* The state stack. */ yytype_int16 yyssa[YYINITDEPTH]; yytype_int16 *yyss; yytype_int16 *yyssp; /* The semantic value stack. */ YYSTYPE yyvsa[YYINITDEPTH]; YYSTYPE *yyvs; YYSTYPE *yyvsp; YYSIZE_T yystacksize; int yyn; int yyresult; /* Lookahead token as an internal (translated) token number. */ int yytoken = 0; /* The variables used to return semantic value and location from the action routines. */ YYSTYPE yyval; #if YYERROR_VERBOSE /* Buffer for error messages, and its allocated size. */ char yymsgbuf[128]; char *yymsg = yymsgbuf; YYSIZE_T yymsg_alloc = sizeof yymsgbuf; #endif #define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) /* The number of symbols on the RHS of the reduced rule. Keep to zero when no symbol should be popped. */ int yylen = 0; yyssp = yyss = yyssa; yyvsp = yyvs = yyvsa; yystacksize = YYINITDEPTH; YYDPRINTF ((stderr, "Starting parse\n")); yystate = 0; yyerrstatus = 0; yynerrs = 0; yychar = YYEMPTY; /* Cause a token to be read. */ goto yysetstate; /*------------------------------------------------------------. | yynewstate -- Push a new state, which is found in yystate. | `------------------------------------------------------------*/ yynewstate: /* In all cases, when you get here, the value and location stacks have just been pushed. So pushing a state here evens the stacks. */ yyssp++; yysetstate: *yyssp = yystate; if (yyss + yystacksize - 1 <= yyssp) { /* Get the current used size of the three stacks, in elements. */ YYSIZE_T yysize = yyssp - yyss + 1; #ifdef yyoverflow { /* Give user a chance to reallocate the stack. Use copies of these so that the &'s don't force the real ones into memory. */ YYSTYPE *yyvs1 = yyvs; yytype_int16 *yyss1 = yyss; /* Each stack pointer address is followed by the size of the data in use in that stack, in bytes. This used to be a conditional around just the two extra args, but that might be undefined if yyoverflow is a macro. */ yyoverflow (YY_("memory exhausted"), &yyss1, yysize * sizeof (*yyssp), &yyvs1, yysize * sizeof (*yyvsp), &yystacksize); yyss = yyss1; yyvs = yyvs1; } #else /* no yyoverflow */ # ifndef YYSTACK_RELOCATE goto yyexhaustedlab; # else /* Extend the stack our own way. */ if (YYMAXDEPTH <= yystacksize) goto yyexhaustedlab; yystacksize *= 2; if (YYMAXDEPTH < yystacksize) yystacksize = YYMAXDEPTH; { yytype_int16 *yyss1 = yyss; union yyalloc *yyptr = (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); if (! yyptr) goto yyexhaustedlab; YYSTACK_RELOCATE (yyss_alloc, yyss); YYSTACK_RELOCATE (yyvs_alloc, yyvs); # undef YYSTACK_RELOCATE if (yyss1 != yyssa) YYSTACK_FREE (yyss1); } # endif #endif /* no yyoverflow */ yyssp = yyss + yysize - 1; yyvsp = yyvs + yysize - 1; YYDPRINTF ((stderr, "Stack size increased to %lu\n", (unsigned long int) yystacksize)); if (yyss + yystacksize - 1 <= yyssp) YYABORT; } YYDPRINTF ((stderr, "Entering state %d\n", yystate)); if (yystate == YYFINAL) YYACCEPT; goto yybackup; /*-----------. | yybackup. | `-----------*/ yybackup: /* Do appropriate processing given the current state. Read a lookahead token if we need one and don't already have one. */ /* First try to decide what to do without reference to lookahead token. */ yyn = yypact[yystate]; if (yypact_value_is_default (yyn)) goto yydefault; /* Not known => get a lookahead token if don't already have one. */ /* YYCHAR is either YYEMPTY or YYEOF or a valid lookahead symbol. */ if (yychar == YYEMPTY) { YYDPRINTF ((stderr, "Reading a token: ")); yychar = yylex (); } if (yychar <= YYEOF) { yychar = yytoken = YYEOF; YYDPRINTF ((stderr, "Now at end of input.\n")); } else { yytoken = YYTRANSLATE (yychar); YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc); } /* If the proper action on seeing token YYTOKEN is to reduce or to detect an error, take that action. */ yyn += yytoken; if (yyn < 0 || YYLAST < yyn || yycheck[yyn] != yytoken) goto yydefault; yyn = yytable[yyn]; if (yyn <= 0) { if (yytable_value_is_error (yyn)) goto yyerrlab; yyn = -yyn; goto yyreduce; } /* Count tokens shifted since error; after three, turn off error status. */ if (yyerrstatus) yyerrstatus--; /* Shift the lookahead token. */ YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); /* Discard the shifted token. */ yychar = YYEMPTY; yystate = yyn; YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN *++yyvsp = yylval; YY_IGNORE_MAYBE_UNINITIALIZED_END goto yynewstate; /*-----------------------------------------------------------. | yydefault -- do the default action for the current state. | `-----------------------------------------------------------*/ yydefault: yyn = yydefact[yystate]; if (yyn == 0) goto yyerrlab; goto yyreduce; /*-----------------------------. | yyreduce -- Do a reduction. | `-----------------------------*/ yyreduce: /* yyn is the number of a rule to reduce with. */ yylen = yyr2[yyn]; /* If YYLEN is nonzero, implement the default value of the action: '$$ = $1'. Otherwise, the following line sets YYVAL to garbage. This behavior is undocumented and Bison users should not rely upon it. Assigning to YYVAL unconditionally makes the parser a bit smaller, and it avoids a GCC warning that YYVAL may be used uninitialized. */ yyval = yyvsp[1-yylen]; YY_REDUCE_PRINT (yyn); switch (yyn) { case 35: #line 100 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s) && config_param_validate("frontend", (yyvsp[0].s), cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } #line 1509 "cfg_parser.c" /* yacc.c:1646 */ break; case 36: #line 106 "cfg_parser.y" /* yacc.c:1646 */ { /* NB: Mid-rule action */ AZ(cur_fa); cur_fa = front_arg_new(); } #line 1519 "cfg_parser.c" /* yacc.c:1646 */ break; case 37: #line 112 "cfg_parser.y" /* yacc.c:1646 */ { if (front_arg_add(cfg, cur_fa) != 1) YYABORT; cur_fa = NULL; } #line 1529 "cfg_parser.c" /* yacc.c:1646 */ break; case 51: #line 137 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s)) cur_fa->ip = strdup((yyvsp[0].s)); } #line 1535 "cfg_parser.c" /* yacc.c:1646 */ break; case 52: #line 138 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s)) cur_fa->port = strdup((yyvsp[0].s)); } #line 1541 "cfg_parser.c" /* yacc.c:1646 */ break; case 59: #line 153 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s)) cur_pem->filename = strdup((yyvsp[0].s)); } #line 1547 "cfg_parser.c" /* yacc.c:1646 */ break; case 60: #line 156 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s)) cur_pem->ocspfn = strdup((yyvsp[0].s)); } #line 1556 "cfg_parser.c" /* yacc.c:1646 */ break; case 61: #line 162 "cfg_parser.y" /* yacc.c:1646 */ { if (cur_pem != NULL) cur_pem->ocsp_vfy = (yyvsp[0].i); else cfg->OCSP_VFY = (yyvsp[0].i); } #line 1567 "cfg_parser.c" /* yacc.c:1646 */ break; case 62: #line 170 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s)) cfg->OCSP_DIR = strdup((yyvsp[0].s)); else cfg->OCSP_DIR = NULL; } #line 1578 "cfg_parser.c" /* yacc.c:1646 */ break; case 63: #line 178 "cfg_parser.y" /* yacc.c:1646 */ { cfg->OCSP_RESP_TMO = (yyvsp[0].i); } #line 1586 "cfg_parser.c" /* yacc.c:1646 */ break; case 64: #line 183 "cfg_parser.y" /* yacc.c:1646 */ { cfg->OCSP_CONN_TMO = (yyvsp[0].i); } #line 1594 "cfg_parser.c" /* yacc.c:1646 */ break; case 65: #line 188 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s) != NULL) { int r; struct cfg_cert_file *cert; cert = cfg_cert_file_new(); cert->filename = strdup((yyvsp[0].s)); r = cfg_cert_vfy(cert); if (r == 0) { cfg_cert_file_free(&cert); YYABORT; } cfg_cert_add(cert, &cur_fa->certs); } } #line 1613 "cfg_parser.c" /* yacc.c:1646 */ break; case 66: #line 203 "cfg_parser.y" /* yacc.c:1646 */ { /* NB: Mid-rule action */ AZ(cur_pem); cur_pem = cfg_cert_file_new(); } #line 1623 "cfg_parser.c" /* yacc.c:1646 */ break; case 67: #line 209 "cfg_parser.y" /* yacc.c:1646 */ { if (cfg_cert_vfy(cur_pem) != 0) cfg_cert_add(cur_pem, &cur_fa->certs); else { cfg_cert_file_free(&cur_pem); YYABORT; } cur_pem = NULL; } #line 1637 "cfg_parser.c" /* yacc.c:1646 */ break; case 68: #line 219 "cfg_parser.y" /* yacc.c:1646 */ { cur_fa->match_global_certs = (yyvsp[0].i); } #line 1643 "cfg_parser.c" /* yacc.c:1646 */ break; case 69: #line 222 "cfg_parser.y" /* yacc.c:1646 */ { cur_fa->sni_nomatch_abort = (yyvsp[0].i); } #line 1651 "cfg_parser.c" /* yacc.c:1646 */ break; case 70: #line 226 "cfg_parser.y" /* yacc.c:1646 */ { if (cur_fa->selected_protos != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify tls after ssl," " tls or tls-protos.\n", __func__, __FILE__, __LINE__); front_arg_destroy(cur_fa); cur_fa = NULL; YYABORT; } if ((yyvsp[0].i)) cur_fa->selected_protos = TLS_OPTION_PROTOS; else fprintf(stderr, "Warning: tls = off is deprecated and has no effect.\n"); } #line 1672 "cfg_parser.c" /* yacc.c:1646 */ break; case 71: #line 242 "cfg_parser.y" /* yacc.c:1646 */ { if (cur_fa->selected_protos != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify ssl after ssl," " tls or tls-protos.\n", __func__, __FILE__, __LINE__); front_arg_destroy(cur_fa); cur_fa = NULL; YYABORT; } if ((yyvsp[0].i)) cur_fa->selected_protos = SSL_OPTION_PROTOS; else fprintf(stderr, "Warning: ssl = off is deprecated and has no effect.\n"); } #line 1693 "cfg_parser.c" /* yacc.c:1646 */ break; case 72: #line 258 "cfg_parser.y" /* yacc.c:1646 */ { if (cur_fa->selected_protos != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify tls-protos after" " ssl, tls or tls-protos\nSelected before was %d\n", __func__, __FILE__, __LINE__, cur_fa->selected_protos); front_arg_destroy(cur_fa); cur_fa = NULL; YYABORT; } } #line 1709 "cfg_parser.c" /* yacc.c:1646 */ break; case 76: #line 271 "cfg_parser.y" /* yacc.c:1646 */ { cur_fa->selected_protos |= SSLv3_PROTO; } #line 1715 "cfg_parser.c" /* yacc.c:1646 */ break; case 77: #line 272 "cfg_parser.y" /* yacc.c:1646 */ { cur_fa->selected_protos |= TLSv1_0_PROTO; } #line 1721 "cfg_parser.c" /* yacc.c:1646 */ break; case 78: #line 273 "cfg_parser.y" /* yacc.c:1646 */ { cur_fa->selected_protos |= TLSv1_1_PROTO; } #line 1727 "cfg_parser.c" /* yacc.c:1646 */ break; case 79: #line 274 "cfg_parser.y" /* yacc.c:1646 */ { cur_fa->selected_protos |= TLSv1_2_PROTO; } #line 1733 "cfg_parser.c" /* yacc.c:1646 */ break; case 80: #line 275 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s)) cur_fa->ciphers = strdup((yyvsp[0].s)); } #line 1739 "cfg_parser.c" /* yacc.c:1646 */ break; case 81: #line 277 "cfg_parser.y" /* yacc.c:1646 */ { cur_fa->prefer_server_ciphers = (yyvsp[0].i); } #line 1747 "cfg_parser.c" /* yacc.c:1646 */ break; case 82: #line 281 "cfg_parser.y" /* yacc.c:1646 */ { cfg->QUIET = (yyvsp[0].i); } #line 1753 "cfg_parser.c" /* yacc.c:1646 */ break; case 83: #line 283 "cfg_parser.y" /* yacc.c:1646 */ { cfg->NCORES = (yyvsp[0].i); } #line 1759 "cfg_parser.c" /* yacc.c:1646 */ break; case 84: #line 285 "cfg_parser.y" /* yacc.c:1646 */ { cfg->BACKLOG = (yyvsp[0].i); } #line 1765 "cfg_parser.c" /* yacc.c:1646 */ break; case 85: #line 287 "cfg_parser.y" /* yacc.c:1646 */ { cfg->TCP_KEEPALIVE_TIME = (yyvsp[0].i); } #line 1771 "cfg_parser.c" /* yacc.c:1646 */ break; case 86: #line 289 "cfg_parser.y" /* yacc.c:1646 */ { if (cfg->SELECTED_TLS_PROTOS != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify tls after ssl," " tls or tls-protos\n", __func__, __FILE__, __LINE__); YYABORT; } if ((yyvsp[0].i)) cfg->SELECTED_TLS_PROTOS = TLS_OPTION_PROTOS; else fprintf(stderr, "Warning: tls = off is deprecated and has no effect.\n"); } #line 1790 "cfg_parser.c" /* yacc.c:1646 */ break; case 87: #line 304 "cfg_parser.y" /* yacc.c:1646 */ { if (cfg->SELECTED_TLS_PROTOS != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify ssl after ssl," " tls or tls-protos.\n", __func__, __FILE__, __LINE__); YYABORT; } if ((yyvsp[0].i)) cfg->SELECTED_TLS_PROTOS = SSL_OPTION_PROTOS; else fprintf(stderr, "Warning: ssl = off is deprecated and has no effect.\n"); } #line 1809 "cfg_parser.c" /* yacc.c:1646 */ break; case 88: #line 319 "cfg_parser.y" /* yacc.c:1646 */ { if (cfg->SELECTED_TLS_PROTOS != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify tls-protos after" " ssl, tls or tls-protos\n", __func__, __FILE__, __LINE__); YYABORT; } } #line 1823 "cfg_parser.c" /* yacc.c:1646 */ break; case 92: #line 330 "cfg_parser.y" /* yacc.c:1646 */ { cfg->SELECTED_TLS_PROTOS |= SSLv3_PROTO; } #line 1829 "cfg_parser.c" /* yacc.c:1646 */ break; case 93: #line 331 "cfg_parser.y" /* yacc.c:1646 */ { cfg->SELECTED_TLS_PROTOS |= TLSv1_0_PROTO; } #line 1835 "cfg_parser.c" /* yacc.c:1646 */ break; case 94: #line 332 "cfg_parser.y" /* yacc.c:1646 */ { cfg->SELECTED_TLS_PROTOS |= TLSv1_1_PROTO; } #line 1841 "cfg_parser.c" /* yacc.c:1646 */ break; case 95: #line 333 "cfg_parser.y" /* yacc.c:1646 */ { cfg->SELECTED_TLS_PROTOS |= TLSv1_2_PROTO; } #line 1847 "cfg_parser.c" /* yacc.c:1646 */ break; case 96: #line 335 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s)) cfg->ENGINE = strdup((yyvsp[0].s)); } #line 1853 "cfg_parser.c" /* yacc.c:1646 */ break; case 97: #line 338 "cfg_parser.y" /* yacc.c:1646 */ { cfg->PREFER_SERVER_CIPHERS = (yyvsp[0].i); } #line 1861 "cfg_parser.c" /* yacc.c:1646 */ break; case 98: #line 343 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s) && config_param_validate("chroot", (yyvsp[0].s), cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } #line 1871 "cfg_parser.c" /* yacc.c:1646 */ break; case 99: #line 350 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s) && config_param_validate("backend", (yyvsp[0].s), cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } #line 1881 "cfg_parser.c" /* yacc.c:1646 */ break; case 100: #line 357 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s) && config_param_validate("pem-file", (yyvsp[0].s), cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } #line 1891 "cfg_parser.c" /* yacc.c:1646 */ break; case 101: #line 363 "cfg_parser.y" /* yacc.c:1646 */ { /* NB: Mid-rule action */ AZ(cur_pem); cur_pem = cfg_cert_file_new(); } #line 1901 "cfg_parser.c" /* yacc.c:1646 */ break; case 102: #line 369 "cfg_parser.y" /* yacc.c:1646 */ { if (cfg_cert_vfy(cur_pem) != 0) { if (cfg->CERT_DEFAULT != NULL) { struct cfg_cert_file *tmp = cfg->CERT_DEFAULT; cfg_cert_add(tmp, &cfg->CERT_FILES); } cfg->CERT_DEFAULT = cur_pem; } else { cfg_cert_file_free(&cur_pem); YYABORT; } cur_pem = NULL; } #line 1919 "cfg_parser.c" /* yacc.c:1646 */ break; case 103: #line 384 "cfg_parser.y" /* yacc.c:1646 */ { cfg->SYSLOG = (yyvsp[0].i); } #line 1925 "cfg_parser.c" /* yacc.c:1646 */ break; case 104: #line 385 "cfg_parser.y" /* yacc.c:1646 */ { cfg->DAEMONIZE = (yyvsp[0].i); } #line 1931 "cfg_parser.c" /* yacc.c:1646 */ break; case 105: #line 388 "cfg_parser.y" /* yacc.c:1646 */ { cfg->SNI_NOMATCH_ABORT = (yyvsp[0].i); } #line 1939 "cfg_parser.c" /* yacc.c:1646 */ break; case 106: #line 392 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s)) cfg->CIPHER_SUITE = strdup((yyvsp[0].s)); } #line 1945 "cfg_parser.c" /* yacc.c:1646 */ break; case 107: #line 395 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s) && config_param_validate("user", (yyvsp[0].s), cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } #line 1955 "cfg_parser.c" /* yacc.c:1646 */ break; case 108: #line 402 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s) && config_param_validate("group", (yyvsp[0].s), cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } #line 1965 "cfg_parser.c" /* yacc.c:1646 */ break; case 109: #line 408 "cfg_parser.y" /* yacc.c:1646 */ { cfg->WRITE_IP_OCTET = (yyvsp[0].i); } #line 1971 "cfg_parser.c" /* yacc.c:1646 */ break; case 110: #line 410 "cfg_parser.y" /* yacc.c:1646 */ { cfg->WRITE_PROXY_LINE_V2 = (yyvsp[0].i); } #line 1977 "cfg_parser.c" /* yacc.c:1646 */ break; case 111: #line 413 "cfg_parser.y" /* yacc.c:1646 */ { cfg->WRITE_PROXY_LINE_V1 = (yyvsp[0].i); } #line 1985 "cfg_parser.c" /* yacc.c:1646 */ break; case 112: #line 418 "cfg_parser.y" /* yacc.c:1646 */ { cfg->WRITE_PROXY_LINE_V2 = (yyvsp[0].i); } #line 1993 "cfg_parser.c" /* yacc.c:1646 */ break; case 113: #line 422 "cfg_parser.y" /* yacc.c:1646 */ { cfg->PROXY_PROXY_LINE = (yyvsp[0].i); } #line 1999 "cfg_parser.c" /* yacc.c:1646 */ break; case 114: #line 425 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s) && config_param_validate("alpn-protos", (yyvsp[0].s), cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } #line 2009 "cfg_parser.c" /* yacc.c:1646 */ break; case 115: #line 432 "cfg_parser.y" /* yacc.c:1646 */ { if ((yyvsp[0].s) && config_param_validate("syslog-facility", (yyvsp[0].s), cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } #line 2020 "cfg_parser.c" /* yacc.c:1646 */ break; #line 2024 "cfg_parser.c" /* yacc.c:1646 */ default: break; } /* User semantic actions sometimes alter yychar, and that requires that yytoken be updated with the new translation. We take the approach of translating immediately before every use of yytoken. One alternative is translating here after every semantic action, but that translation would be missed if the semantic action invokes YYABORT, YYACCEPT, or YYERROR immediately after altering yychar or if it invokes YYBACKUP. In the case of YYABORT or YYACCEPT, an incorrect destructor might then be invoked immediately. In the case of YYERROR or YYBACKUP, subsequent parser actions might lead to an incorrect destructor call or verbose syntax error message before the lookahead is translated. */ YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); YYPOPSTACK (yylen); yylen = 0; YY_STACK_PRINT (yyss, yyssp); *++yyvsp = yyval; /* Now 'shift' the result of the reduction. Determine what state that goes to, based on the state we popped back to and the rule number reduced by. */ yyn = yyr1[yyn]; yystate = yypgoto[yyn - YYNTOKENS] + *yyssp; if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp) yystate = yytable[yystate]; else yystate = yydefgoto[yyn - YYNTOKENS]; goto yynewstate; /*--------------------------------------. | yyerrlab -- here on detecting error. | `--------------------------------------*/ yyerrlab: /* Make sure we have latest lookahead translation. See comments at user semantic actions for why this is necessary. */ yytoken = yychar == YYEMPTY ? YYEMPTY : YYTRANSLATE (yychar); /* If not already recovering from an error, report this error. */ if (!yyerrstatus) { ++yynerrs; #if ! YYERROR_VERBOSE yyerror (cfg, YY_("syntax error")); #else # define YYSYNTAX_ERROR yysyntax_error (&yymsg_alloc, &yymsg, \ yyssp, yytoken) { char const *yymsgp = YY_("syntax error"); int yysyntax_error_status; yysyntax_error_status = YYSYNTAX_ERROR; if (yysyntax_error_status == 0) yymsgp = yymsg; else if (yysyntax_error_status == 1) { if (yymsg != yymsgbuf) YYSTACK_FREE (yymsg); yymsg = (char *) YYSTACK_ALLOC (yymsg_alloc); if (!yymsg) { yymsg = yymsgbuf; yymsg_alloc = sizeof yymsgbuf; yysyntax_error_status = 2; } else { yysyntax_error_status = YYSYNTAX_ERROR; yymsgp = yymsg; } } yyerror (cfg, yymsgp); if (yysyntax_error_status == 2) goto yyexhaustedlab; } # undef YYSYNTAX_ERROR #endif } if (yyerrstatus == 3) { /* If just tried and failed to reuse lookahead token after an error, discard it. */ if (yychar <= YYEOF) { /* Return failure if at end of input. */ if (yychar == YYEOF) YYABORT; } else { yydestruct ("Error: discarding", yytoken, &yylval, cfg); yychar = YYEMPTY; } } /* Else will try to reuse lookahead token after shifting the error token. */ goto yyerrlab1; /*---------------------------------------------------. | yyerrorlab -- error raised explicitly by YYERROR. | `---------------------------------------------------*/ yyerrorlab: /* Pacify compilers like GCC when the user code never invokes YYERROR and the label yyerrorlab therefore never appears in user code. */ if (/*CONSTCOND*/ 0) goto yyerrorlab; /* Do not reclaim the symbols of the rule whose action triggered this YYERROR. */ YYPOPSTACK (yylen); yylen = 0; YY_STACK_PRINT (yyss, yyssp); yystate = *yyssp; goto yyerrlab1; /*-------------------------------------------------------------. | yyerrlab1 -- common code for both syntax error and YYERROR. | `-------------------------------------------------------------*/ yyerrlab1: yyerrstatus = 3; /* Each real token shifted decrements this. */ for (;;) { yyn = yypact[yystate]; if (!yypact_value_is_default (yyn)) { yyn += YYTERROR; if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) { yyn = yytable[yyn]; if (0 < yyn) break; } } /* Pop the current state because it cannot handle the error token. */ if (yyssp == yyss) YYABORT; yydestruct ("Error: popping", yystos[yystate], yyvsp, cfg); YYPOPSTACK (1); yystate = *yyssp; YY_STACK_PRINT (yyss, yyssp); } YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN *++yyvsp = yylval; YY_IGNORE_MAYBE_UNINITIALIZED_END /* Shift the error token. */ YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp); yystate = yyn; goto yynewstate; /*-------------------------------------. | yyacceptlab -- YYACCEPT comes here. | `-------------------------------------*/ yyacceptlab: yyresult = 0; goto yyreturn; /*-----------------------------------. | yyabortlab -- YYABORT comes here. | `-----------------------------------*/ yyabortlab: yyresult = 1; goto yyreturn; #if !defined yyoverflow || YYERROR_VERBOSE /*-------------------------------------------------. | yyexhaustedlab -- memory exhaustion comes here. | `-------------------------------------------------*/ yyexhaustedlab: yyerror (cfg, YY_("memory exhausted")); yyresult = 2; /* Fall through. */ #endif yyreturn: if (yychar != YYEMPTY) { /* Make sure we have latest lookahead translation. See comments at user semantic actions for why this is necessary. */ yytoken = YYTRANSLATE (yychar); yydestruct ("Cleanup: discarding lookahead", yytoken, &yylval, cfg); } /* Do not reclaim the symbols of the rule whose action triggered this YYABORT or YYACCEPT. */ YYPOPSTACK (yylen); YY_STACK_PRINT (yyss, yyssp); while (yyssp != yyss) { yydestruct ("Cleanup: popping", yystos[*yyssp], yyvsp, cfg); YYPOPSTACK (1); } #ifndef yyoverflow if (yyss != yyssa) YYSTACK_FREE (yyss); #endif #if YYERROR_VERBOSE if (yymsg != yymsgbuf) YYSTACK_FREE (yymsg); #endif return yyresult; } #line 439 "cfg_parser.y" /* yacc.c:1906 */ void yyerror(hitch_config *cfg, const char *s) { (void) cfg; /* Clean up if FRONTEND_BLK parsing failed */ if (cur_fa != NULL) FREE_OBJ(cur_fa); fprintf(stderr, "parsing error: line: %d: %s\n", yyget_lineno(), s); } hitch-1.4.4/src/util/0000755000175000017500000000000013026756721011375 500000000000000hitch-1.4.4/src/util/parse_proxy_v2.c0000644000175000017500000002027012764000122014425 00000000000000/*- * Copyright (c) 2015 Varnish Software AS * All rights reserved. * * Author: PÃ¥l Hermunn Johansen * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */ /* * Very simple utility for parsing a proxy protocol header (version 1 or 2) * and printing the contents to standard out. * * The program simply does a single read, and according to the spec * (http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt), this is the * correct thing to do. */ #include #include #include #include #include #include #include #include #include unsigned char PROXY_V2_HEADER[12] = { 0x0D, 0x0A, 0x0D, 0x0A, 0x00, 0x0D, 0x0A, 0x51, 0x55, 0x49, 0x54, 0x0A}; #define MAX_HEADER_SIZE 536 int main(int argc, const char **argv); ssize_t read_from_socket(const char *port, unsigned char *buf, int len); void print_addr_with_ports(int af, int len, unsigned char *p); int print_extensions(unsigned char *extension_start, int extensions_len); int main(int argc, const char **argv) { unsigned char proxy_header[MAX_HEADER_SIZE + 1]; ssize_t n = 0; int address_len = 0; #if OPENSSL_VERSION_NUMBER < 0x1000100fL printf("Warning:\tThis OpenSSL version is too old for NPN.\n"); #elseif OPENSSL_VERSION_NUMBER < 0x1000200fL printf("Warning:\tThis OpenSSL version is too old for ALPN.\n"); #endif if (argc == 1) n = read(STDIN_FILENO, proxy_header, MAX_HEADER_SIZE); else if (argc == 2) n = read_from_socket(argv[1], proxy_header, MAX_HEADER_SIZE); else { fprintf(stderr, "Usage: parse_proxy_v2 [port]\n"); return (1); } if (n < 16) { printf("ERROR:\tread too few bytes.\n"); return (1); } proxy_header[n] = '\0'; if (strncmp("PROXY TCP", (char *)proxy_header, 9) == 0) { /* PROXY version 1 over TCP */ fprintf(stdout, "ERROR:\tPROXY v1 parsing not supported in this tool.\n"); return (1); } else if (memcmp(PROXY_V2_HEADER, proxy_header, 12) != 0) { printf("ERROR:\tNot a valid PROXY header\n"); return (1); } printf("PROXY v2 detected.\n"); switch (proxy_header[12]) { case 0x20: printf("ERROR:\tLOCAL connection\n"); return (1); case 0x21: printf("Connection:\tPROXYed connection detected\n"); break; default: printf("ERROR:\t13th byte has illegal value %d\n", (int)proxy_header[12]); return (1); } switch (proxy_header[13]) { case 0x00: printf("ERROR:\tProtocol:\tUnspecified/unsupported\n"); return (1); case 0x11: printf("Protocol:\tTCP over IPv4\n"); address_len = 12; break; case 0x12: printf("Protocol:\tUDP over IPv4\n"); printf("ERROR:\tProtocol unsupported in hitch seen\n"); address_len = 12; break; case 0x21: printf("Protocol:\tTCP over IPv6\n"); address_len = 36; break; case 0x22: printf("Protocol:\tUDP over IPv6\n"); printf("ERROR:\tProtocol unsupported in hitch\n"); address_len = 36; break; case 0x31: printf("Protocol:\tUNIX stream\n"); address_len = 216; break; case 0x32: printf("Protocol:\tUNIX datagram\n"); printf("ERROR:\tProtocol unsupported in hitch\n"); address_len = 216; break; default: printf("ERROR:\t14th byte has illegal value %d\n", (int)proxy_header[13]); return (1); } int additional_len = (proxy_header[14] << 8) + proxy_header[15]; if (additional_len < address_len) { printf("ERROR:\tThe the total header length %d does" " not leave room for the addresses\n", additional_len + 16); return (1); } if (additional_len + 16 > n) { printf("ERROR:\tToo few bytes was read; %zd\n", n); return (1); } if (address_len == 12) print_addr_with_ports(AF_INET, 4, proxy_header + 16); else if (address_len == 36) print_addr_with_ports(AF_INET6, 16, proxy_header + 16); else { printf("ERROR:\tPrinting of UNIX socket addresses" " not implemented.\n"); } if (address_len < additional_len) return print_extensions(proxy_header + 16 + address_len, additional_len - address_len); return (0); } ssize_t read_from_socket(const char *port, unsigned char *buf, int len) { struct addrinfo hints; struct addrinfo *result; struct addrinfo *rp; int listen_socket = -1; (void)port; (void)buf; (void)len; memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_family = AF_INET; /* Allow IPv4 or IPv6 */ hints.ai_socktype = SOCK_STREAM; hints.ai_flags = AI_PASSIVE; hints.ai_protocol = 0; hints.ai_canonname = NULL; hints.ai_addr = NULL; hints.ai_next = NULL; int s = getaddrinfo(NULL, port, &hints, &result); if (s != 0) { fprintf(stderr, "getaddrinfo failed: %s\n", gai_strerror(s)); exit(1); } // getaddrinfo just returned a list of address structures. Try // each address until we successfully bind(2). If socket(2) (or // bind(2)) fails, we (close the socket and) try the next address. for (rp = result; rp != NULL; rp = rp->ai_next) { listen_socket = socket(rp->ai_family, rp->ai_socktype, rp->ai_protocol); if (listen_socket == -1) continue; if (bind(listen_socket, rp->ai_addr, rp->ai_addrlen) == 0) break; // success! close(listen_socket); listen_socket = -1; } freeaddrinfo(result); if (rp == NULL) { printf("ERROR: Could not create and bind listen socket.\n"); exit(1); } if (0 != listen(listen_socket, 1)) { perror("Call to listen() failed"); exit(1); } fprintf(stderr, "Listening on port %s\n", port); int sock = accept(listen_socket, NULL, NULL); if (sock < 0) { close(listen_socket); perror("Calling accept failed"); exit(1); } ssize_t n = recv(sock, buf, len, 0); fprintf(stderr, "Read %zd bytes in recv\n", n); close(sock); close(listen_socket); return n; } void print_addr_with_ports(int af, int len, unsigned char *p) { char buf1[256], buf2[256]; const char *addr1 = inet_ntop(af, p, buf1, 256); const char *addr2 = inet_ntop(af, p + len, buf2, 256); if (addr1 == NULL || addr2 == NULL) { printf("ERROR:\tIP addresses printing failed.\n"); exit(1); } int src_port = (p[2 * len] << 8) + p[2 * len + 1]; int dest_port = (p[2 * len + 2] << 8) + p[2 * len + 3]; printf("Source IP:\t%s\n", addr1); printf("Destination IP:\t%s\n", addr2); printf("Source port:\t%d\n", src_port); printf("Destination port:\t%d\n", dest_port); } int print_extensions(unsigned char *extensions, int extensions_len) { int i, l, type; for (i = 0; i < extensions_len; i++) { if(i > extensions_len - 4) goto ext_parse_error; type = extensions[i]; l = (extensions[i + 1] << 8) + extensions[i + 2]; i += 3; if (l <= 0 || i + l > extensions_len) goto ext_parse_error; switch(type) { case 0x1: // PP2_TYPE_ALPN printf("ALPN extension:\t%.*s\n", l, extensions + i); break; default: printf("ERROR:\tUnknown extension %d\n", type); } i += l - 1; } if (i != extensions_len) { printf("ERROR:\tBuffer overrun (%d / %d)\n", i, extensions_len); return (1); } return (0); ext_parse_error: printf("ERROR:\tExtension parse error\n"); printf("Extensions data:"); for (i = 0; i < extensions_len; i++) printf(" 0x%x", (int)extensions[i]); printf("\n"); return (1); } hitch-1.4.4/src/util/Makefile.in0000644000175000017500000003742013026747414013367 00000000000000# Makefile.in generated by automake 1.15 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2014 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : noinst_PROGRAMS = parse_proxy_v2$(EXEEXT) subdir = src/util ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = PROGRAMS = $(noinst_PROGRAMS) am_parse_proxy_v2_OBJECTS = parse_proxy_v2.$(OBJEXT) parse_proxy_v2_OBJECTS = $(am_parse_proxy_v2_OBJECTS) parse_proxy_v2_LDADD = $(LDADD) AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp am__depfiles_maybe = depfiles am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) AM_V_CC = $(am__v_CC_@AM_V@) am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) am__v_CC_0 = @echo " CC " $@; am__v_CC_1 = CCLD = $(CC) LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(parse_proxy_v2_SOURCES) DIST_SOURCES = $(parse_proxy_v2_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags am__DIST_COMMON = $(srcdir)/Makefile.in \ $(top_srcdir)/build-aux/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CRYPTO_CFLAGS = @CRYPTO_CFLAGS@ CRYPTO_LIBS = @CRYPTO_LIBS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EV_CFLAGS = @EV_CFLAGS@ EV_LIBS = @EV_LIBS@ EXEEXT = @EXEEXT@ GREP = @GREP@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ RST2MAN = @RST2MAN@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SH_TESTS = @SH_TESTS@ SSL_CFLAGS = @SSL_CFLAGS@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ YACC = @YACC@ YFLAGS = @YFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_CC = @ac_ct_CC@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ build_alias = @build_alias@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host_alias = @host_alias@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ parse_proxy_v2_SOURCES = parse_proxy_v2.c all: all-am .SUFFIXES: .SUFFIXES: .c .o .obj $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/util/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign src/util/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): clean-noinstPROGRAMS: -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) parse_proxy_v2$(EXEEXT): $(parse_proxy_v2_OBJECTS) $(parse_proxy_v2_DEPENDENCIES) $(EXTRA_parse_proxy_v2_DEPENDENCIES) @rm -f parse_proxy_v2$(EXEEXT) $(AM_V_CCLD)$(LINK) $(parse_proxy_v2_OBJECTS) $(parse_proxy_v2_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/parse_proxy_v2.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-am TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-am CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscopelist: cscopelist-am cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done check-am: all-am check: check-am all-am: Makefile $(PROGRAMS) installdirs: install: install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-am install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." clean: clean-am clean-am: clean-generic clean-noinstPROGRAMS mostlyclean-am distclean: distclean-am -rm -rf ./$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags dvi: dvi-am dvi-am: html: html-am html-am: info: info-am info-am: install-data-am: install-dvi: install-dvi-am install-dvi-am: install-exec-am: install-html: install-html-am install-html-am: install-info: install-info-am install-info-am: install-man: install-pdf: install-pdf-am install-pdf-am: install-ps: install-ps-am install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am -rm -rf ./$(DEPDIR) -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic pdf: pdf-am pdf-am: ps: ps-am ps-am: uninstall-am: .MAKE: install-am install-strip .PHONY: CTAGS GTAGS TAGS all all-am check check-am clean clean-generic \ clean-noinstPROGRAMS cscopelist-am ctags ctags-am distclean \ distclean-compile distclean-generic distclean-tags distdir dvi \ dvi-am html html-am info info-am install install-am \ install-data install-data-am install-dvi install-dvi-am \ install-exec install-exec-am install-html install-html-am \ install-info install-info-am install-man install-pdf \ install-pdf-am install-ps install-ps-am install-strip \ installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic pdf pdf-am ps ps-am tags tags-am uninstall \ uninstall-am .PRECIOUS: Makefile # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: hitch-1.4.4/src/util/Makefile.am0000644000175000017500000000011412760035243013336 00000000000000 noinst_PROGRAMS = parse_proxy_v2 parse_proxy_v2_SOURCES = parse_proxy_v2.c hitch-1.4.4/src/shctx.h0000644000175000017500000000353612546560025011645 00000000000000/* * shctx.h * * Copyright (C) 2011 EXCELIANCE * * Author: Emeric Brun - emeric@exceliance.fr * */ #ifndef SHCTX_H #define SHCTX_H #include #include #ifndef SHSESS_MAX_FOOTER_LEN #define SHSESS_MAX_FOOTER_LEN sizeof(uint32_t) \ + EVP_MAX_MD_SIZE #endif #ifndef SHSESS_MAX_DATA_LEN #define SHSESS_MAX_DATA_LEN 512 #endif #define SHSESS_MAX_ENCODED_LEN SSL_MAX_SSL_SESSION_ID_LENGTH \ + SHSESS_MAX_DATA_LEN \ + SHSESS_MAX_FOOTER_LEN /* Callback called on a new session event: * session contains the sessionid zeros padded to SSL_MAX_SSL_SESSION_ID_LENGTH * followed by ASN1 session encoding. * len is set to SSL_MAX_SSL_SESSION_ID_LENGTH + ASN1 session length * len is always less than SSL_MAX_SSL_SESSION_ID_LENGTH + SHSESS_MAX_DATA_LEN. * Remaining Bytes from len to SHSESS_MAX_ENCODED_LEN can be used to add a footer. * cdate is the creation date timestamp. */ void shsess_set_new_cbk(void (*func)(unsigned char *session, unsigned int len, long cdate)); /* Add a session into the cache, * session contains the sessionid zeros padded to SSL_MAX_SSL_SESSION_ID_LENGTH * followed by ASN1 session encoding. * len is set to SSL_MAX_SSL_SESSION_ID_LENGTH + ASN1 data length. * if len greater than SHSESS_MAX_ENCODED_LEN, session is not added. * if cdate not 0, on get events session creation date will be reset to cdate */ void shctx_sess_add(const unsigned char *session, unsigned int session_len, long cdate); /* Init shared memory context if not allocated and set SSL context callbacks * size is the max number of stored session * Returns: -1 on alloc failure, size if performs context alloc, and 0 if just * perform callbacks registration */ int shared_context_init(SSL_CTX *ctx, int size); #endif /* SHCTX_H */ hitch-1.4.4/src/Makefile.am0000644000175000017500000000212613024470656012373 00000000000000 sbin_PROGRAMS = hitch EXTRA_DIST = tests AM_CPPFLAGS = $(EV_CFLAGS) AM_CFLAGS = -O2 -g -std=c99 -fno-strict-aliasing -Wall -W -D_GNU_SOURCE AM_YFLAGS = -d -t TESTS_ENVIRONMENT = \ TESTDIR=$(abs_top_srcdir)/src/tests/; export TESTDIR; \ PATH=$(abs_top_builddir)/src:$(abs_top_builddir)/src/util:$$PATH; export PATH; TESTS = @SH_TESTS@ TEST_EXTENSIONS = .sh nobase_noinst_HEADERS = hitch.h ringbuffer.h configuration.h shctx.h \ logging.h sysl_tbl.h hssl_locks.h asn_gentm.h ssl_err.h \ ocsp.h \ foreign/miniobj.h foreign/vqueue.h foreign/vpf.h \ foreign/flopen.h foreign/uthash.h \ foreign/vas.h foreign/vsb.h BUILT_SOURCES = cfg_parser.h cfg_parser.c hitch_SOURCES = configuration.c ringbuffer.c hitch.c cfg_parser.y \ cfg_lex.l hssl_locks.c asn_gentm.c ocsp.c logging.c \ foreign/vpf.c foreign/flopen.c foreign/vas.c \ foreign/vsb.c hitch_LDADD = $(SSL_LIBS) $(CRYPTO_LIBS) $(EV_LIBS) -lrt CLEANFILES = cfg_parser.h cfg_parser.c cfg_lex.c if USE_SHCTX AM_CFLAGS += -DUSE_SHARED_CACHE -DUSE_SYSCALL_FUTEX hitch_SOURCES += shctx.c hitch_LDADD += ebtree/libebtree.a AM_CFLAGS += -Iebtree endif hitch-1.4.4/src/foreign/0000755000175000017500000000000013026756721012051 500000000000000hitch-1.4.4/src/foreign/uthash.h0000644000175000017500000017116313003667032013436 00000000000000/* Copyright (c) 2003-2014, Troy D. Hanson http://troydhanson.github.com/uthash/ All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef UTHASH_H #define UTHASH_H #include /* memcmp,strlen */ #include /* ptrdiff_t */ #include /* exit() */ /* These macros use decltype or the earlier __typeof GNU extension. As decltype is only available in newer compilers (VS2010 or gcc 4.3+ when compiling c++ source) this code uses whatever method is needed or, for VS2008 where neither is available, uses casting workarounds. */ #if defined(_MSC_VER) /* MS compiler */ #if _MSC_VER >= 1600 && defined(__cplusplus) /* VS2010 or newer in C++ mode */ #define DECLTYPE(x) (decltype(x)) #else /* VS2008 or older (or VS2010 in C mode) */ #define NO_DECLTYPE #define DECLTYPE(x) #endif #elif defined(__BORLANDC__) || defined(__LCC__) || defined(__WATCOMC__) #define NO_DECLTYPE #define DECLTYPE(x) #else /* GNU, Sun and other compilers */ #define DECLTYPE(x) (__typeof(x)) #endif #ifdef NO_DECLTYPE #define DECLTYPE_ASSIGN(dst,src) \ do { \ char **_da_dst = (char**)(&(dst)); \ *_da_dst = (char*)(src); \ } while(0) #else #define DECLTYPE_ASSIGN(dst,src) \ do { \ (dst) = DECLTYPE(dst)(src); \ } while(0) #endif /* a number of the hash function use uint32_t which isn't defined on Pre VS2010 */ #if defined (_WIN32) #if defined(_MSC_VER) && _MSC_VER >= 1600 #include #elif defined(__WATCOMC__) #include #else typedef unsigned int uint32_t; typedef unsigned char uint8_t; #endif #else #include #endif #define UTHASH_VERSION 1.9.9 #ifndef uthash_fatal #define uthash_fatal(msg) exit(-1) /* fatal error (out of memory,etc) */ #endif #ifndef uthash_malloc #define uthash_malloc(sz) malloc(sz) /* malloc fcn */ #endif #ifndef uthash_free #define uthash_free(ptr,sz) free(ptr) /* free fcn */ #endif #ifndef uthash_noexpand_fyi #define uthash_noexpand_fyi(tbl) /* can be defined to log noexpand */ #endif #ifndef uthash_expand_fyi #define uthash_expand_fyi(tbl) /* can be defined to log expands */ #endif /* initial number of buckets */ #define HASH_INITIAL_NUM_BUCKETS 32U /* initial number of buckets */ #define HASH_INITIAL_NUM_BUCKETS_LOG2 5U /* lg2 of initial number of buckets */ #define HASH_BKT_CAPACITY_THRESH 10U /* expand when bucket count reaches */ /* calculate the element whose hash handle address is hhe */ #define ELMT_FROM_HH(tbl,hhp) ((void*)(((char*)(hhp)) - ((tbl)->hho))) #define HASH_FIND(hh,head,keyptr,keylen,out) \ do { \ out=NULL; \ if (head != NULL) { \ unsigned _hf_bkt,_hf_hashv; \ HASH_FCN(keyptr,keylen, (head)->hh.tbl->num_buckets, _hf_hashv, _hf_bkt); \ if (HASH_BLOOM_TEST((head)->hh.tbl, _hf_hashv) != 0) { \ HASH_FIND_IN_BKT((head)->hh.tbl, hh, (head)->hh.tbl->buckets[ _hf_bkt ], \ keyptr,keylen,out); \ } \ } \ } while (0) #ifdef HASH_BLOOM #define HASH_BLOOM_BITLEN (1UL << HASH_BLOOM) #define HASH_BLOOM_BYTELEN (HASH_BLOOM_BITLEN/8UL) + (((HASH_BLOOM_BITLEN%8UL)!=0UL) ? 1UL : 0UL) #define HASH_BLOOM_MAKE(tbl) \ do { \ (tbl)->bloom_nbits = HASH_BLOOM; \ (tbl)->bloom_bv = (uint8_t*)uthash_malloc(HASH_BLOOM_BYTELEN); \ if (!((tbl)->bloom_bv)) { uthash_fatal( "out of memory"); } \ memset((tbl)->bloom_bv, 0, HASH_BLOOM_BYTELEN); \ (tbl)->bloom_sig = HASH_BLOOM_SIGNATURE; \ } while (0) #define HASH_BLOOM_FREE(tbl) \ do { \ uthash_free((tbl)->bloom_bv, HASH_BLOOM_BYTELEN); \ } while (0) #define HASH_BLOOM_BITSET(bv,idx) (bv[(idx)/8U] |= (1U << ((idx)%8U))) #define HASH_BLOOM_BITTEST(bv,idx) (bv[(idx)/8U] & (1U << ((idx)%8U))) #define HASH_BLOOM_ADD(tbl,hashv) \ HASH_BLOOM_BITSET((tbl)->bloom_bv, (hashv & (uint32_t)((1ULL << (tbl)->bloom_nbits) - 1U))) #define HASH_BLOOM_TEST(tbl,hashv) \ HASH_BLOOM_BITTEST((tbl)->bloom_bv, (hashv & (uint32_t)((1ULL << (tbl)->bloom_nbits) - 1U))) #else #define HASH_BLOOM_MAKE(tbl) #define HASH_BLOOM_FREE(tbl) #define HASH_BLOOM_ADD(tbl,hashv) #define HASH_BLOOM_TEST(tbl,hashv) (1) #define HASH_BLOOM_BYTELEN 0U #endif #define HASH_MAKE_TABLE(hh,head) \ do { \ (head)->hh.tbl = (UT_hash_table*)uthash_malloc( \ sizeof(UT_hash_table)); \ if (!((head)->hh.tbl)) { uthash_fatal( "out of memory"); } \ memset((head)->hh.tbl, 0, sizeof(UT_hash_table)); \ (head)->hh.tbl->tail = &((head)->hh); \ (head)->hh.tbl->num_buckets = HASH_INITIAL_NUM_BUCKETS; \ (head)->hh.tbl->log2_num_buckets = HASH_INITIAL_NUM_BUCKETS_LOG2; \ (head)->hh.tbl->hho = (char*)(&(head)->hh) - (char*)(head); \ (head)->hh.tbl->buckets = (UT_hash_bucket*)uthash_malloc( \ HASH_INITIAL_NUM_BUCKETS*sizeof(struct UT_hash_bucket)); \ if (! (head)->hh.tbl->buckets) { uthash_fatal( "out of memory"); } \ memset((head)->hh.tbl->buckets, 0, \ HASH_INITIAL_NUM_BUCKETS*sizeof(struct UT_hash_bucket)); \ HASH_BLOOM_MAKE((head)->hh.tbl); \ (head)->hh.tbl->signature = HASH_SIGNATURE; \ } while(0) #define HASH_ADD(hh,head,fieldname,keylen_in,add) \ HASH_ADD_KEYPTR(hh,head,&((add)->fieldname),keylen_in,add) #define HASH_REPLACE(hh,head,fieldname,keylen_in,add,replaced) \ do { \ replaced=NULL; \ HASH_FIND(hh,head,&((add)->fieldname),keylen_in,replaced); \ if (replaced!=NULL) { \ HASH_DELETE(hh,head,replaced); \ } \ HASH_ADD(hh,head,fieldname,keylen_in,add); \ } while(0) #define HASH_ADD_KEYPTR(hh,head,keyptr,keylen_in,add) \ do { \ unsigned _ha_bkt; \ (add)->hh.next = NULL; \ (add)->hh.key = (char*)(keyptr); \ (add)->hh.keylen = (unsigned)(keylen_in); \ if (!(head)) { \ head = (add); \ (head)->hh.prev = NULL; \ HASH_MAKE_TABLE(hh,head); \ } else { \ (head)->hh.tbl->tail->next = (add); \ (add)->hh.prev = ELMT_FROM_HH((head)->hh.tbl, (head)->hh.tbl->tail); \ (head)->hh.tbl->tail = &((add)->hh); \ } \ (head)->hh.tbl->num_items++; \ (add)->hh.tbl = (head)->hh.tbl; \ HASH_FCN(keyptr,keylen_in, (head)->hh.tbl->num_buckets, \ (add)->hh.hashv, _ha_bkt); \ HASH_ADD_TO_BKT((head)->hh.tbl->buckets[_ha_bkt],&(add)->hh); \ HASH_BLOOM_ADD((head)->hh.tbl,(add)->hh.hashv); \ HASH_EMIT_KEY(hh,head,keyptr,keylen_in); \ HASH_FSCK(hh,head); \ } while(0) #define HASH_TO_BKT( hashv, num_bkts, bkt ) \ do { \ bkt = ((hashv) & ((num_bkts) - 1U)); \ } while(0) /* delete "delptr" from the hash table. * "the usual" patch-up process for the app-order doubly-linked-list. * The use of _hd_hh_del below deserves special explanation. * These used to be expressed using (delptr) but that led to a bug * if someone used the same symbol for the head and deletee, like * HASH_DELETE(hh,users,users); * We want that to work, but by changing the head (users) below * we were forfeiting our ability to further refer to the deletee (users) * in the patch-up process. Solution: use scratch space to * copy the deletee pointer, then the latter references are via that * scratch pointer rather than through the repointed (users) symbol. */ #define HASH_DELETE(hh,head,delptr) \ do { \ struct UT_hash_handle *_hd_hh_del; \ if ( ((delptr)->hh.prev == NULL) && ((delptr)->hh.next == NULL) ) { \ uthash_free((head)->hh.tbl->buckets, \ (head)->hh.tbl->num_buckets*sizeof(struct UT_hash_bucket) ); \ HASH_BLOOM_FREE((head)->hh.tbl); \ uthash_free((head)->hh.tbl, sizeof(UT_hash_table)); \ head = NULL; \ } else { \ unsigned _hd_bkt; \ _hd_hh_del = &((delptr)->hh); \ if ((delptr) == ELMT_FROM_HH((head)->hh.tbl,(head)->hh.tbl->tail)) { \ (head)->hh.tbl->tail = \ (UT_hash_handle*)((ptrdiff_t)((delptr)->hh.prev) + \ (head)->hh.tbl->hho); \ } \ if ((delptr)->hh.prev != NULL) { \ ((UT_hash_handle*)((ptrdiff_t)((delptr)->hh.prev) + \ (head)->hh.tbl->hho))->next = (delptr)->hh.next; \ } else { \ DECLTYPE_ASSIGN(head,(delptr)->hh.next); \ } \ if (_hd_hh_del->next != NULL) { \ ((UT_hash_handle*)((ptrdiff_t)_hd_hh_del->next + \ (head)->hh.tbl->hho))->prev = \ _hd_hh_del->prev; \ } \ HASH_TO_BKT( _hd_hh_del->hashv, (head)->hh.tbl->num_buckets, _hd_bkt); \ HASH_DEL_IN_BKT(hh,(head)->hh.tbl->buckets[_hd_bkt], _hd_hh_del); \ (head)->hh.tbl->num_items--; \ } \ HASH_FSCK(hh,head); \ } while (0) /* convenience forms of HASH_FIND/HASH_ADD/HASH_DEL */ #define HASH_FIND_STR(head,findstr,out) \ HASH_FIND(hh,head,findstr,(unsigned)strlen(findstr),out) #define HASH_ADD_STR(head,strfield,add) \ HASH_ADD(hh,head,strfield[0],(unsigned int)strlen(add->strfield),add) #define HASH_REPLACE_STR(head,strfield,add,replaced) \ HASH_REPLACE(hh,head,strfield[0],(unsigned)strlen(add->strfield),add,replaced) #define HASH_FIND_INT(head,findint,out) \ HASH_FIND(hh,head,findint,sizeof(int),out) #define HASH_ADD_INT(head,intfield,add) \ HASH_ADD(hh,head,intfield,sizeof(int),add) #define HASH_REPLACE_INT(head,intfield,add,replaced) \ HASH_REPLACE(hh,head,intfield,sizeof(int),add,replaced) #define HASH_FIND_PTR(head,findptr,out) \ HASH_FIND(hh,head,findptr,sizeof(void *),out) #define HASH_ADD_PTR(head,ptrfield,add) \ HASH_ADD(hh,head,ptrfield,sizeof(void *),add) #define HASH_REPLACE_PTR(head,ptrfield,add,replaced) \ HASH_REPLACE(hh,head,ptrfield,sizeof(void *),add,replaced) #define HASH_DEL(head,delptr) \ HASH_DELETE(hh,head,delptr) /* HASH_FSCK checks hash integrity on every add/delete when HASH_DEBUG is defined. * This is for uthash developer only; it compiles away if HASH_DEBUG isn't defined. */ #ifdef HASH_DEBUG #define HASH_OOPS(...) do { fprintf(stderr,__VA_ARGS__); exit(-1); } while (0) #define HASH_FSCK(hh,head) \ do { \ struct UT_hash_handle *_thh; \ if (head) { \ unsigned _bkt_i; \ unsigned _count; \ char *_prev; \ _count = 0; \ for( _bkt_i = 0; _bkt_i < (head)->hh.tbl->num_buckets; _bkt_i++) { \ unsigned _bkt_count = 0; \ _thh = (head)->hh.tbl->buckets[_bkt_i].hh_head; \ _prev = NULL; \ while (_thh) { \ if (_prev != (char*)(_thh->hh_prev)) { \ HASH_OOPS("invalid hh_prev %p, actual %p\n", \ _thh->hh_prev, _prev ); \ } \ _bkt_count++; \ _prev = (char*)(_thh); \ _thh = _thh->hh_next; \ } \ _count += _bkt_count; \ if ((head)->hh.tbl->buckets[_bkt_i].count != _bkt_count) { \ HASH_OOPS("invalid bucket count %u, actual %u\n", \ (head)->hh.tbl->buckets[_bkt_i].count, _bkt_count); \ } \ } \ if (_count != (head)->hh.tbl->num_items) { \ HASH_OOPS("invalid hh item count %u, actual %u\n", \ (head)->hh.tbl->num_items, _count ); \ } \ /* traverse hh in app order; check next/prev integrity, count */ \ _count = 0; \ _prev = NULL; \ _thh = &(head)->hh; \ while (_thh) { \ _count++; \ if (_prev !=(char*)(_thh->prev)) { \ HASH_OOPS("invalid prev %p, actual %p\n", \ _thh->prev, _prev ); \ } \ _prev = (char*)ELMT_FROM_HH((head)->hh.tbl, _thh); \ _thh = ( _thh->next ? (UT_hash_handle*)((char*)(_thh->next) + \ (head)->hh.tbl->hho) : NULL ); \ } \ if (_count != (head)->hh.tbl->num_items) { \ HASH_OOPS("invalid app item count %u, actual %u\n", \ (head)->hh.tbl->num_items, _count ); \ } \ } \ } while (0) #else #define HASH_FSCK(hh,head) #endif /* When compiled with -DHASH_EMIT_KEYS, length-prefixed keys are emitted to * the descriptor to which this macro is defined for tuning the hash function. * The app can #include to get the prototype for write(2). */ #ifdef HASH_EMIT_KEYS #define HASH_EMIT_KEY(hh,head,keyptr,fieldlen) \ do { \ unsigned _klen = fieldlen; \ write(HASH_EMIT_KEYS, &_klen, sizeof(_klen)); \ write(HASH_EMIT_KEYS, keyptr, (unsigned long)fieldlen); \ } while (0) #else #define HASH_EMIT_KEY(hh,head,keyptr,fieldlen) #endif /* default to Jenkin's hash unless overridden e.g. DHASH_FUNCTION=HASH_SAX */ #ifdef HASH_FUNCTION #define HASH_FCN HASH_FUNCTION #else #define HASH_FCN HASH_JEN #endif /* The Bernstein hash function, used in Perl prior to v5.6. Note (x<<5+x)=x*33. */ #define HASH_BER(key,keylen,num_bkts,hashv,bkt) \ do { \ unsigned _hb_keylen=(unsigned)keylen; \ const unsigned char *_hb_key=(const unsigned char*)(key); \ (hashv) = 0; \ while (_hb_keylen-- != 0U) { \ (hashv) = (((hashv) << 5) + (hashv)) + *_hb_key++; \ } \ bkt = (hashv) & (num_bkts-1U); \ } while (0) /* SAX/FNV/OAT/JEN hash functions are macro variants of those listed at * http://eternallyconfuzzled.com/tuts/algorithms/jsw_tut_hashing.aspx */ #define HASH_SAX(key,keylen,num_bkts,hashv,bkt) \ do { \ unsigned _sx_i; \ const unsigned char *_hs_key=(const unsigned char*)(key); \ hashv = 0; \ for(_sx_i=0; _sx_i < keylen; _sx_i++) { \ hashv ^= (hashv << 5) + (hashv >> 2) + _hs_key[_sx_i]; \ } \ bkt = hashv & (num_bkts-1U); \ } while (0) /* FNV-1a variation */ #define HASH_FNV(key,keylen,num_bkts,hashv,bkt) \ do { \ unsigned _fn_i; \ const unsigned char *_hf_key=(const unsigned char*)(key); \ hashv = 2166136261U; \ for(_fn_i=0; _fn_i < keylen; _fn_i++) { \ hashv = hashv ^ _hf_key[_fn_i]; \ hashv = hashv * 16777619U; \ } \ bkt = hashv & (num_bkts-1U); \ } while(0) #define HASH_OAT(key,keylen,num_bkts,hashv,bkt) \ do { \ unsigned _ho_i; \ const unsigned char *_ho_key=(const unsigned char*)(key); \ hashv = 0; \ for(_ho_i=0; _ho_i < keylen; _ho_i++) { \ hashv += _ho_key[_ho_i]; \ hashv += (hashv << 10); \ hashv ^= (hashv >> 6); \ } \ hashv += (hashv << 3); \ hashv ^= (hashv >> 11); \ hashv += (hashv << 15); \ bkt = hashv & (num_bkts-1U); \ } while(0) #define HASH_JEN_MIX(a,b,c) \ do { \ a -= b; a -= c; a ^= ( c >> 13 ); \ b -= c; b -= a; b ^= ( a << 8 ); \ c -= a; c -= b; c ^= ( b >> 13 ); \ a -= b; a -= c; a ^= ( c >> 12 ); \ b -= c; b -= a; b ^= ( a << 16 ); \ c -= a; c -= b; c ^= ( b >> 5 ); \ a -= b; a -= c; a ^= ( c >> 3 ); \ b -= c; b -= a; b ^= ( a << 10 ); \ c -= a; c -= b; c ^= ( b >> 15 ); \ } while (0) #define HASH_JEN(key,keylen,num_bkts,hashv,bkt) \ do { \ unsigned _hj_i,_hj_j,_hj_k; \ unsigned const char *_hj_key=(unsigned const char*)(key); \ hashv = 0xfeedbeefu; \ _hj_i = _hj_j = 0x9e3779b9u; \ _hj_k = (unsigned)(keylen); \ while (_hj_k >= 12U) { \ _hj_i += (_hj_key[0] + ( (unsigned)_hj_key[1] << 8 ) \ + ( (unsigned)_hj_key[2] << 16 ) \ + ( (unsigned)_hj_key[3] << 24 ) ); \ _hj_j += (_hj_key[4] + ( (unsigned)_hj_key[5] << 8 ) \ + ( (unsigned)_hj_key[6] << 16 ) \ + ( (unsigned)_hj_key[7] << 24 ) ); \ hashv += (_hj_key[8] + ( (unsigned)_hj_key[9] << 8 ) \ + ( (unsigned)_hj_key[10] << 16 ) \ + ( (unsigned)_hj_key[11] << 24 ) ); \ \ HASH_JEN_MIX(_hj_i, _hj_j, hashv); \ \ _hj_key += 12; \ _hj_k -= 12U; \ } \ hashv += (unsigned)(keylen); \ switch ( _hj_k ) { \ case 11: hashv += ( (unsigned)_hj_key[10] << 24 ); /* FALLTHROUGH */ \ case 10: hashv += ( (unsigned)_hj_key[9] << 16 ); /* FALLTHROUGH */ \ case 9: hashv += ( (unsigned)_hj_key[8] << 8 ); /* FALLTHROUGH */ \ case 8: _hj_j += ( (unsigned)_hj_key[7] << 24 ); /* FALLTHROUGH */ \ case 7: _hj_j += ( (unsigned)_hj_key[6] << 16 ); /* FALLTHROUGH */ \ case 6: _hj_j += ( (unsigned)_hj_key[5] << 8 ); /* FALLTHROUGH */ \ case 5: _hj_j += _hj_key[4]; /* FALLTHROUGH */ \ case 4: _hj_i += ( (unsigned)_hj_key[3] << 24 ); /* FALLTHROUGH */ \ case 3: _hj_i += ( (unsigned)_hj_key[2] << 16 ); /* FALLTHROUGH */ \ case 2: _hj_i += ( (unsigned)_hj_key[1] << 8 ); /* FALLTHROUGH */ \ case 1: _hj_i += _hj_key[0]; \ } \ HASH_JEN_MIX(_hj_i, _hj_j, hashv); \ bkt = hashv & (num_bkts-1U); \ } while(0) /* The Paul Hsieh hash function */ #undef get16bits #if (defined(__GNUC__) && defined(__i386__)) || defined(__WATCOMC__) \ || defined(_MSC_VER) || defined (__BORLANDC__) || defined (__TURBOC__) #define get16bits(d) (*((const uint16_t *) (d))) #endif #if !defined (get16bits) #define get16bits(d) ((((uint32_t)(((const uint8_t *)(d))[1])) << 8) \ +(uint32_t)(((const uint8_t *)(d))[0]) ) #endif #define HASH_SFH(key,keylen,num_bkts,hashv,bkt) \ do { \ unsigned const char *_sfh_key=(unsigned const char*)(key); \ uint32_t _sfh_tmp, _sfh_len = (uint32_t)keylen; \ \ unsigned _sfh_rem = _sfh_len & 3U; \ _sfh_len >>= 2; \ hashv = 0xcafebabeu; \ \ /* Main loop */ \ for (;_sfh_len > 0U; _sfh_len--) { \ hashv += get16bits (_sfh_key); \ _sfh_tmp = ((uint32_t)(get16bits (_sfh_key+2)) << 11) ^ hashv; \ hashv = (hashv << 16) ^ _sfh_tmp; \ _sfh_key += 2U*sizeof (uint16_t); \ hashv += hashv >> 11; \ } \ \ /* Handle end cases */ \ switch (_sfh_rem) { \ case 3: hashv += get16bits (_sfh_key); \ hashv ^= hashv << 16; \ hashv ^= (uint32_t)(_sfh_key[sizeof (uint16_t)]) << 18; \ hashv += hashv >> 11; \ break; \ case 2: hashv += get16bits (_sfh_key); \ hashv ^= hashv << 11; \ hashv += hashv >> 17; \ break; \ case 1: hashv += *_sfh_key; \ hashv ^= hashv << 10; \ hashv += hashv >> 1; \ } \ \ /* Force "avalanching" of final 127 bits */ \ hashv ^= hashv << 3; \ hashv += hashv >> 5; \ hashv ^= hashv << 4; \ hashv += hashv >> 17; \ hashv ^= hashv << 25; \ hashv += hashv >> 6; \ bkt = hashv & (num_bkts-1U); \ } while(0) #ifdef HASH_USING_NO_STRICT_ALIASING /* The MurmurHash exploits some CPU's (x86,x86_64) tolerance for unaligned reads. * For other types of CPU's (e.g. Sparc) an unaligned read causes a bus error. * MurmurHash uses the faster approach only on CPU's where we know it's safe. * * Note the preprocessor built-in defines can be emitted using: * * gcc -m64 -dM -E - < /dev/null (on gcc) * cc -## a.c (where a.c is a simple test file) (Sun Studio) */ #if (defined(__i386__) || defined(__x86_64__) || defined(_M_IX86)) #define MUR_GETBLOCK(p,i) p[i] #else /* non intel */ #define MUR_PLUS0_ALIGNED(p) (((unsigned long)p & 3UL) == 0UL) #define MUR_PLUS1_ALIGNED(p) (((unsigned long)p & 3UL) == 1UL) #define MUR_PLUS2_ALIGNED(p) (((unsigned long)p & 3UL) == 2UL) #define MUR_PLUS3_ALIGNED(p) (((unsigned long)p & 3UL) == 3UL) #define WP(p) ((uint32_t*)((unsigned long)(p) & ~3UL)) #if (defined(__BIG_ENDIAN__) || defined(SPARC) || defined(__ppc__) || defined(__ppc64__)) #define MUR_THREE_ONE(p) ((((*WP(p))&0x00ffffff) << 8) | (((*(WP(p)+1))&0xff000000) >> 24)) #define MUR_TWO_TWO(p) ((((*WP(p))&0x0000ffff) <<16) | (((*(WP(p)+1))&0xffff0000) >> 16)) #define MUR_ONE_THREE(p) ((((*WP(p))&0x000000ff) <<24) | (((*(WP(p)+1))&0xffffff00) >> 8)) #else /* assume little endian non-intel */ #define MUR_THREE_ONE(p) ((((*WP(p))&0xffffff00) >> 8) | (((*(WP(p)+1))&0x000000ff) << 24)) #define MUR_TWO_TWO(p) ((((*WP(p))&0xffff0000) >>16) | (((*(WP(p)+1))&0x0000ffff) << 16)) #define MUR_ONE_THREE(p) ((((*WP(p))&0xff000000) >>24) | (((*(WP(p)+1))&0x00ffffff) << 8)) #endif #define MUR_GETBLOCK(p,i) (MUR_PLUS0_ALIGNED(p) ? ((p)[i]) : \ (MUR_PLUS1_ALIGNED(p) ? MUR_THREE_ONE(p) : \ (MUR_PLUS2_ALIGNED(p) ? MUR_TWO_TWO(p) : \ MUR_ONE_THREE(p)))) #endif #define MUR_ROTL32(x,r) (((x) << (r)) | ((x) >> (32 - (r)))) #define MUR_FMIX(_h) \ do { \ _h ^= _h >> 16; \ _h *= 0x85ebca6bu; \ _h ^= _h >> 13; \ _h *= 0xc2b2ae35u; \ _h ^= _h >> 16; \ } while(0) #define HASH_MUR(key,keylen,num_bkts,hashv,bkt) \ do { \ const uint8_t *_mur_data = (const uint8_t*)(key); \ const int _mur_nblocks = (int)(keylen) / 4; \ uint32_t _mur_h1 = 0xf88D5353u; \ uint32_t _mur_c1 = 0xcc9e2d51u; \ uint32_t _mur_c2 = 0x1b873593u; \ uint32_t _mur_k1 = 0; \ const uint8_t *_mur_tail; \ const uint32_t *_mur_blocks = (const uint32_t*)(_mur_data+(_mur_nblocks*4)); \ int _mur_i; \ for(_mur_i = -_mur_nblocks; _mur_i!=0; _mur_i++) { \ _mur_k1 = MUR_GETBLOCK(_mur_blocks,_mur_i); \ _mur_k1 *= _mur_c1; \ _mur_k1 = MUR_ROTL32(_mur_k1,15); \ _mur_k1 *= _mur_c2; \ \ _mur_h1 ^= _mur_k1; \ _mur_h1 = MUR_ROTL32(_mur_h1,13); \ _mur_h1 = (_mur_h1*5U) + 0xe6546b64u; \ } \ _mur_tail = (const uint8_t*)(_mur_data + (_mur_nblocks*4)); \ _mur_k1=0; \ switch((keylen) & 3U) { \ case 3: _mur_k1 ^= (uint32_t)_mur_tail[2] << 16; /* FALLTHROUGH */ \ case 2: _mur_k1 ^= (uint32_t)_mur_tail[1] << 8; /* FALLTHROUGH */ \ case 1: _mur_k1 ^= (uint32_t)_mur_tail[0]; \ _mur_k1 *= _mur_c1; \ _mur_k1 = MUR_ROTL32(_mur_k1,15); \ _mur_k1 *= _mur_c2; \ _mur_h1 ^= _mur_k1; \ } \ _mur_h1 ^= (uint32_t)(keylen); \ MUR_FMIX(_mur_h1); \ hashv = _mur_h1; \ bkt = hashv & (num_bkts-1U); \ } while(0) #endif /* HASH_USING_NO_STRICT_ALIASING */ /* key comparison function; return 0 if keys equal */ #define HASH_KEYCMP(a,b,len) memcmp(a,b,(unsigned long)(len)) /* iterate over items in a known bucket to find desired item */ #define HASH_FIND_IN_BKT(tbl,hh,head,keyptr,keylen_in,out) \ do { \ if (head.hh_head != NULL) { DECLTYPE_ASSIGN(out,ELMT_FROM_HH(tbl,head.hh_head)); } \ else { out=NULL; } \ while (out != NULL) { \ if ((out)->hh.keylen == (keylen_in)) { \ if ((HASH_KEYCMP((out)->hh.key,keyptr,keylen_in)) == 0) { break; } \ } \ if ((out)->hh.hh_next != NULL) { DECLTYPE_ASSIGN(out,ELMT_FROM_HH(tbl,(out)->hh.hh_next)); } \ else { out = NULL; } \ } \ } while(0) /* add an item to a bucket */ #define HASH_ADD_TO_BKT(head,addhh) \ do { \ head.count++; \ (addhh)->hh_next = head.hh_head; \ (addhh)->hh_prev = NULL; \ if (head.hh_head != NULL) { (head).hh_head->hh_prev = (addhh); } \ (head).hh_head=addhh; \ if ((head.count >= ((head.expand_mult+1U) * HASH_BKT_CAPACITY_THRESH)) \ && ((addhh)->tbl->noexpand != 1U)) { \ HASH_EXPAND_BUCKETS((addhh)->tbl); \ } \ } while(0) /* remove an item from a given bucket */ #define HASH_DEL_IN_BKT(hh,head,hh_del) \ (head).count--; \ if ((head).hh_head == hh_del) { \ (head).hh_head = hh_del->hh_next; \ } \ if (hh_del->hh_prev) { \ hh_del->hh_prev->hh_next = hh_del->hh_next; \ } \ if (hh_del->hh_next) { \ hh_del->hh_next->hh_prev = hh_del->hh_prev; \ } /* Bucket expansion has the effect of doubling the number of buckets * and redistributing the items into the new buckets. Ideally the * items will distribute more or less evenly into the new buckets * (the extent to which this is true is a measure of the quality of * the hash function as it applies to the key domain). * * With the items distributed into more buckets, the chain length * (item count) in each bucket is reduced. Thus by expanding buckets * the hash keeps a bound on the chain length. This bounded chain * length is the essence of how a hash provides constant time lookup. * * The calculation of tbl->ideal_chain_maxlen below deserves some * explanation. First, keep in mind that we're calculating the ideal * maximum chain length based on the *new* (doubled) bucket count. * In fractions this is just n/b (n=number of items,b=new num buckets). * Since the ideal chain length is an integer, we want to calculate * ceil(n/b). We don't depend on floating point arithmetic in this * hash, so to calculate ceil(n/b) with integers we could write * * ceil(n/b) = (n/b) + ((n%b)?1:0) * * and in fact a previous version of this hash did just that. * But now we have improved things a bit by recognizing that b is * always a power of two. We keep its base 2 log handy (call it lb), * so now we can write this with a bit shift and logical AND: * * ceil(n/b) = (n>>lb) + ( (n & (b-1)) ? 1:0) * */ #define HASH_EXPAND_BUCKETS(tbl) \ do { \ unsigned _he_bkt; \ unsigned _he_bkt_i; \ struct UT_hash_handle *_he_thh, *_he_hh_nxt; \ UT_hash_bucket *_he_new_buckets, *_he_newbkt; \ _he_new_buckets = (UT_hash_bucket*)uthash_malloc( \ 2UL * tbl->num_buckets * sizeof(struct UT_hash_bucket)); \ if (!_he_new_buckets) { uthash_fatal( "out of memory"); } \ memset(_he_new_buckets, 0, \ 2UL * tbl->num_buckets * sizeof(struct UT_hash_bucket)); \ tbl->ideal_chain_maxlen = \ (tbl->num_items >> (tbl->log2_num_buckets+1U)) + \ (((tbl->num_items & ((tbl->num_buckets*2U)-1U)) != 0U) ? 1U : 0U); \ tbl->nonideal_items = 0; \ for(_he_bkt_i = 0; _he_bkt_i < tbl->num_buckets; _he_bkt_i++) \ { \ _he_thh = tbl->buckets[ _he_bkt_i ].hh_head; \ while (_he_thh != NULL) { \ _he_hh_nxt = _he_thh->hh_next; \ HASH_TO_BKT( _he_thh->hashv, tbl->num_buckets*2U, _he_bkt); \ _he_newbkt = &(_he_new_buckets[ _he_bkt ]); \ if (++(_he_newbkt->count) > tbl->ideal_chain_maxlen) { \ tbl->nonideal_items++; \ _he_newbkt->expand_mult = _he_newbkt->count / \ tbl->ideal_chain_maxlen; \ } \ _he_thh->hh_prev = NULL; \ _he_thh->hh_next = _he_newbkt->hh_head; \ if (_he_newbkt->hh_head != NULL) { _he_newbkt->hh_head->hh_prev = \ _he_thh; } \ _he_newbkt->hh_head = _he_thh; \ _he_thh = _he_hh_nxt; \ } \ } \ uthash_free( tbl->buckets, tbl->num_buckets*sizeof(struct UT_hash_bucket) ); \ tbl->num_buckets *= 2U; \ tbl->log2_num_buckets++; \ tbl->buckets = _he_new_buckets; \ tbl->ineff_expands = (tbl->nonideal_items > (tbl->num_items >> 1)) ? \ (tbl->ineff_expands+1U) : 0U; \ if (tbl->ineff_expands > 1U) { \ tbl->noexpand=1; \ uthash_noexpand_fyi(tbl); \ } \ uthash_expand_fyi(tbl); \ } while(0) /* This is an adaptation of Simon Tatham's O(n log(n)) mergesort */ /* Note that HASH_SORT assumes the hash handle name to be hh. * HASH_SRT was added to allow the hash handle name to be passed in. */ #define HASH_SORT(head,cmpfcn) HASH_SRT(hh,head,cmpfcn) #define HASH_SRT(hh,head,cmpfcn) \ do { \ unsigned _hs_i; \ unsigned _hs_looping,_hs_nmerges,_hs_insize,_hs_psize,_hs_qsize; \ struct UT_hash_handle *_hs_p, *_hs_q, *_hs_e, *_hs_list, *_hs_tail; \ if (head != NULL) { \ _hs_insize = 1; \ _hs_looping = 1; \ _hs_list = &((head)->hh); \ while (_hs_looping != 0U) { \ _hs_p = _hs_list; \ _hs_list = NULL; \ _hs_tail = NULL; \ _hs_nmerges = 0; \ while (_hs_p != NULL) { \ _hs_nmerges++; \ _hs_q = _hs_p; \ _hs_psize = 0; \ for ( _hs_i = 0; _hs_i < _hs_insize; _hs_i++ ) { \ _hs_psize++; \ _hs_q = (UT_hash_handle*)((_hs_q->next != NULL) ? \ ((void*)((char*)(_hs_q->next) + \ (head)->hh.tbl->hho)) : NULL); \ if (! (_hs_q) ) { break; } \ } \ _hs_qsize = _hs_insize; \ while ((_hs_psize > 0U) || ((_hs_qsize > 0U) && (_hs_q != NULL))) {\ if (_hs_psize == 0U) { \ _hs_e = _hs_q; \ _hs_q = (UT_hash_handle*)((_hs_q->next != NULL) ? \ ((void*)((char*)(_hs_q->next) + \ (head)->hh.tbl->hho)) : NULL); \ _hs_qsize--; \ } else if ( (_hs_qsize == 0U) || (_hs_q == NULL) ) { \ _hs_e = _hs_p; \ if (_hs_p != NULL){ \ _hs_p = (UT_hash_handle*)((_hs_p->next != NULL) ? \ ((void*)((char*)(_hs_p->next) + \ (head)->hh.tbl->hho)) : NULL); \ } \ _hs_psize--; \ } else if (( \ cmpfcn(DECLTYPE(head)(ELMT_FROM_HH((head)->hh.tbl,_hs_p)), \ DECLTYPE(head)(ELMT_FROM_HH((head)->hh.tbl,_hs_q))) \ ) <= 0) { \ _hs_e = _hs_p; \ if (_hs_p != NULL){ \ _hs_p = (UT_hash_handle*)((_hs_p->next != NULL) ? \ ((void*)((char*)(_hs_p->next) + \ (head)->hh.tbl->hho)) : NULL); \ } \ _hs_psize--; \ } else { \ _hs_e = _hs_q; \ _hs_q = (UT_hash_handle*)((_hs_q->next != NULL) ? \ ((void*)((char*)(_hs_q->next) + \ (head)->hh.tbl->hho)) : NULL); \ _hs_qsize--; \ } \ if ( _hs_tail != NULL ) { \ _hs_tail->next = ((_hs_e != NULL) ? \ ELMT_FROM_HH((head)->hh.tbl,_hs_e) : NULL); \ } else { \ _hs_list = _hs_e; \ } \ if (_hs_e != NULL) { \ _hs_e->prev = ((_hs_tail != NULL) ? \ ELMT_FROM_HH((head)->hh.tbl,_hs_tail) : NULL); \ } \ _hs_tail = _hs_e; \ } \ _hs_p = _hs_q; \ } \ if (_hs_tail != NULL){ \ _hs_tail->next = NULL; \ } \ if ( _hs_nmerges <= 1U ) { \ _hs_looping=0; \ (head)->hh.tbl->tail = _hs_tail; \ DECLTYPE_ASSIGN(head,ELMT_FROM_HH((head)->hh.tbl, _hs_list)); \ } \ _hs_insize *= 2U; \ } \ HASH_FSCK(hh,head); \ } \ } while (0) /* This function selects items from one hash into another hash. * The end result is that the selected items have dual presence * in both hashes. There is no copy of the items made; rather * they are added into the new hash through a secondary hash * hash handle that must be present in the structure. */ #define HASH_SELECT(hh_dst, dst, hh_src, src, cond) \ do { \ unsigned _src_bkt, _dst_bkt; \ void *_last_elt=NULL, *_elt; \ UT_hash_handle *_src_hh, *_dst_hh, *_last_elt_hh=NULL; \ ptrdiff_t _dst_hho = ((char*)(&(dst)->hh_dst) - (char*)(dst)); \ if (src != NULL) { \ for(_src_bkt=0; _src_bkt < (src)->hh_src.tbl->num_buckets; _src_bkt++) { \ for(_src_hh = (src)->hh_src.tbl->buckets[_src_bkt].hh_head; \ _src_hh != NULL; \ _src_hh = _src_hh->hh_next) { \ _elt = ELMT_FROM_HH((src)->hh_src.tbl, _src_hh); \ if (cond(_elt)) { \ _dst_hh = (UT_hash_handle*)(((char*)_elt) + _dst_hho); \ _dst_hh->key = _src_hh->key; \ _dst_hh->keylen = _src_hh->keylen; \ _dst_hh->hashv = _src_hh->hashv; \ _dst_hh->prev = _last_elt; \ _dst_hh->next = NULL; \ if (_last_elt_hh != NULL) { _last_elt_hh->next = _elt; } \ if (dst == NULL) { \ DECLTYPE_ASSIGN(dst,_elt); \ HASH_MAKE_TABLE(hh_dst,dst); \ } else { \ _dst_hh->tbl = (dst)->hh_dst.tbl; \ } \ HASH_TO_BKT(_dst_hh->hashv, _dst_hh->tbl->num_buckets, _dst_bkt); \ HASH_ADD_TO_BKT(_dst_hh->tbl->buckets[_dst_bkt],_dst_hh); \ (dst)->hh_dst.tbl->num_items++; \ _last_elt = _elt; \ _last_elt_hh = _dst_hh; \ } \ } \ } \ } \ HASH_FSCK(hh_dst,dst); \ } while (0) #define HASH_CLEAR(hh,head) \ do { \ if (head != NULL) { \ uthash_free((head)->hh.tbl->buckets, \ (head)->hh.tbl->num_buckets*sizeof(struct UT_hash_bucket)); \ HASH_BLOOM_FREE((head)->hh.tbl); \ uthash_free((head)->hh.tbl, sizeof(UT_hash_table)); \ (head)=NULL; \ } \ } while(0) #define HASH_OVERHEAD(hh,head) \ ((head != NULL) ? ( \ (size_t)(((head)->hh.tbl->num_items * sizeof(UT_hash_handle)) + \ ((head)->hh.tbl->num_buckets * sizeof(UT_hash_bucket)) + \ sizeof(UT_hash_table) + \ (HASH_BLOOM_BYTELEN))) : 0U) #ifdef NO_DECLTYPE #define HASH_ITER(hh,head,el,tmp) \ for(((el)=(head)), ((*(char**)(&(tmp)))=(char*)((head!=NULL)?(head)->hh.next:NULL)); \ (el) != NULL; ((el)=(tmp)), ((*(char**)(&(tmp)))=(char*)((tmp!=NULL)?(tmp)->hh.next:NULL))) #else #define HASH_ITER(hh,head,el,tmp) \ for(((el)=(head)), ((tmp)=DECLTYPE(el)((head!=NULL)?(head)->hh.next:NULL)); \ (el) != NULL; ((el)=(tmp)), ((tmp)=DECLTYPE(el)((tmp!=NULL)?(tmp)->hh.next:NULL))) #endif /* obtain a count of items in the hash */ #define HASH_COUNT(head) HASH_CNT(hh,head) #define HASH_CNT(hh,head) ((head != NULL)?((head)->hh.tbl->num_items):0U) typedef struct UT_hash_bucket { struct UT_hash_handle *hh_head; unsigned count; /* expand_mult is normally set to 0. In this situation, the max chain length * threshold is enforced at its default value, HASH_BKT_CAPACITY_THRESH. (If * the bucket's chain exceeds this length, bucket expansion is triggered). * However, setting expand_mult to a non-zero value delays bucket expansion * (that would be triggered by additions to this particular bucket) * until its chain length reaches a *multiple* of HASH_BKT_CAPACITY_THRESH. * (The multiplier is simply expand_mult+1). The whole idea of this * multiplier is to reduce bucket expansions, since they are expensive, in * situations where we know that a particular bucket tends to be overused. * It is better to let its chain length grow to a longer yet-still-bounded * value, than to do an O(n) bucket expansion too often. */ unsigned expand_mult; } UT_hash_bucket; /* random signature used only to find hash tables in external analysis */ #define HASH_SIGNATURE 0xa0111fe1u #define HASH_BLOOM_SIGNATURE 0xb12220f2u typedef struct UT_hash_table { UT_hash_bucket *buckets; unsigned num_buckets, log2_num_buckets; unsigned num_items; struct UT_hash_handle *tail; /* tail hh in app order, for fast append */ ptrdiff_t hho; /* hash handle offset (byte pos of hash handle in element */ /* in an ideal situation (all buckets used equally), no bucket would have * more than ceil(#items/#buckets) items. that's the ideal chain length. */ unsigned ideal_chain_maxlen; /* nonideal_items is the number of items in the hash whose chain position * exceeds the ideal chain maxlen. these items pay the penalty for an uneven * hash distribution; reaching them in a chain traversal takes >ideal steps */ unsigned nonideal_items; /* ineffective expands occur when a bucket doubling was performed, but * afterward, more than half the items in the hash had nonideal chain * positions. If this happens on two consecutive expansions we inhibit any * further expansion, as it's not helping; this happens when the hash * function isn't a good fit for the key domain. When expansion is inhibited * the hash will still work, albeit no longer in constant time. */ unsigned ineff_expands, noexpand; uint32_t signature; /* used only to find hash tables in external analysis */ #ifdef HASH_BLOOM uint32_t bloom_sig; /* used only to test bloom exists in external analysis */ uint8_t *bloom_bv; uint8_t bloom_nbits; #endif } UT_hash_table; typedef struct UT_hash_handle { struct UT_hash_table *tbl; void *prev; /* prev element in app order */ void *next; /* next element in app order */ struct UT_hash_handle *hh_prev; /* previous hh in bucket order */ struct UT_hash_handle *hh_next; /* next hh in bucket order */ void *key; /* ptr to enclosing struct's key */ unsigned keylen; /* enclosing struct's key len */ unsigned hashv; /* result of hash-fcn(key) */ } UT_hash_handle; #endif /* UTHASH_H */ hitch-1.4.4/src/foreign/vsb.c0000644000175000017500000002723513003667032012727 00000000000000/*- * Copyright (c) 2000-2008 Poul-Henning Kamp * Copyright (c) 2000-2008 Dag-Erling Coïdan Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer * in this position and unchanged. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. __FBSDID("$FreeBSD: head/sys/kern/subr_vsb.c 222004 2011-05-17 06:36:32Z phk $") */ #include "config.h" #include #include #include #include #include #include #include "vas.h" #include "vsb.h" #define KASSERT(e, m) assert(e) #define SBMALLOC(size) malloc(size) #define SBFREE(buf) free(buf) #define roundup2(x, y) (((x)+((y)-1))&(~((y)-1))) /* if y is powers of two */ /* * Predicates */ #define VSB_ISDYNAMIC(s) ((s)->s_flags & VSB_DYNAMIC) #define VSB_ISDYNSTRUCT(s) ((s)->s_flags & VSB_DYNSTRUCT) #define VSB_HASROOM(s) ((s)->s_len < (s)->s_size - 1) #define VSB_FREESPACE(s) ((s)->s_size - ((s)->s_len + 1)) #define VSB_CANEXTEND(s) ((s)->s_flags & VSB_AUTOEXTEND) /* * Set / clear flags */ #define VSB_SETFLAG(s, f) do { (s)->s_flags |= (f); } while (0) #define VSB_CLEARFLAG(s, f) do { (s)->s_flags &= ~(f); } while (0) #define VSB_MINEXTENDSIZE 16 /* Should be power of 2. */ #ifdef PAGE_SIZE #define VSB_MAXEXTENDSIZE PAGE_SIZE #define VSB_MAXEXTENDINCR PAGE_SIZE #else #define VSB_MAXEXTENDSIZE 4096 #define VSB_MAXEXTENDINCR 4096 #endif /* * Debugging support */ #if !defined(NDEBUG) static void _assert_VSB_integrity(const char *fun, const struct vsb *s) { (void)fun; (void)s; KASSERT(s != NULL, ("%s called with a NULL vsb pointer", fun)); KASSERT(s->magic == VSB_MAGIC, ("%s called wih an bogus vsb pointer", fun)); KASSERT(s->s_buf != NULL, ("%s called with uninitialized or corrupt vsb", fun)); KASSERT(s->s_len < s->s_size, ("wrote past end of vsb (%d >= %d)", s->s_len, s->s_size)); } static void _assert_VSB_state(const char *fun, const struct vsb *s, int state) { (void)fun; (void)s; (void)state; KASSERT((s->s_flags & VSB_FINISHED) == state, ("%s called with %sfinished or corrupt vsb", fun, (state ? "un" : ""))); } #define assert_VSB_integrity(s) _assert_VSB_integrity(__func__, (s)) #define assert_VSB_state(s, i) _assert_VSB_state(__func__, (s), (i)) #else #define assert_VSB_integrity(s) do { } while (0) #define assert_VSB_state(s, i) do { } while (0) #endif #ifdef CTASSERT CTASSERT(powerof2(VSB_MAXEXTENDSIZE)); CTASSERT(powerof2(VSB_MAXEXTENDINCR)); #endif static int VSB_extendsize(int size) { int newsize; if (size < (int)VSB_MAXEXTENDSIZE) { newsize = VSB_MINEXTENDSIZE; while (newsize < size) newsize *= 2; } else { newsize = roundup2(size, VSB_MAXEXTENDINCR); } KASSERT(newsize >= size, ("%s: %d < %d\n", __func__, newsize, size)); return (newsize); } /* * Extend an vsb. */ static int VSB_extend(struct vsb *s, int addlen) { char *newbuf; int newsize; if (!VSB_CANEXTEND(s)) return (-1); newsize = VSB_extendsize(s->s_size + addlen); if (VSB_ISDYNAMIC(s)) newbuf = realloc(s->s_buf, newsize); else newbuf = SBMALLOC(newsize); if (newbuf == NULL) return (-1); if (!VSB_ISDYNAMIC(s)) { memcpy(newbuf, s->s_buf, s->s_size); VSB_SETFLAG(s, VSB_DYNAMIC); } s->s_buf = newbuf; s->s_size = newsize; return (0); } static void _vsb_indent(struct vsb *s) { if (s->s_indent == 0 || s->s_error != 0 || (s->s_len > 0 && s->s_buf[s->s_len - 1] != '\n')) return; if (VSB_FREESPACE(s) <= s->s_indent && VSB_extend(s, s->s_indent) < 0) { s->s_error = ENOMEM; return; } memset(s->s_buf + s->s_len, ' ', s->s_indent); s->s_len += s->s_indent; } /* * Initialize the internals of an vsb. * If buf is non-NULL, it points to a static or already-allocated string * big enough to hold at least length characters. */ static struct vsb * VSB_newbuf(struct vsb *s, char *buf, int length, int flags) { memset(s, 0, sizeof(*s)); s->magic = VSB_MAGIC; s->s_flags = flags; s->s_size = length; s->s_buf = buf; if ((s->s_flags & VSB_AUTOEXTEND) == 0) { KASSERT(s->s_size > 1, ("attempt to create a too small vsb")); } if (s->s_buf != NULL) return (s); if ((flags & VSB_AUTOEXTEND) != 0) s->s_size = VSB_extendsize(s->s_size); s->s_buf = SBMALLOC(s->s_size); if (s->s_buf == NULL) return (NULL); VSB_SETFLAG(s, VSB_DYNAMIC); return (s); } /* * Initialize an vsb. * If buf is non-NULL, it points to a static or already-allocated string * big enough to hold at least length characters. */ struct vsb * VSB_new(struct vsb *s, char *buf, int length, int flags) { KASSERT(length >= 0, ("attempt to create an vsb of negative length (%d)", length)); KASSERT((flags & ~VSB_USRFLAGMSK) == 0, ("%s called with invalid flags", __func__)); flags &= VSB_USRFLAGMSK; if (s != NULL) return (VSB_newbuf(s, buf, length, flags)); s = SBMALLOC(sizeof(*s)); if (s == NULL) return (NULL); if (VSB_newbuf(s, buf, length, flags) == NULL) { SBFREE(s); return (NULL); } VSB_SETFLAG(s, VSB_DYNSTRUCT); return (s); } /* * Clear an vsb and reset its position. */ void VSB_clear(struct vsb *s) { assert_VSB_integrity(s); /* don't care if it's finished or not */ VSB_CLEARFLAG(s, VSB_FINISHED); s->s_error = 0; s->s_len = 0; s->s_indent = 0; } /* * Append a byte to an vsb. This is the core function for appending * to an vsb and is the main place that deals with extending the * buffer and marking overflow. */ static void VSB_put_byte(struct vsb *s, int c) { assert_VSB_integrity(s); assert_VSB_state(s, 0); if (s->s_error != 0) return; _vsb_indent(s); if (VSB_FREESPACE(s) <= 0) { if (VSB_extend(s, 1) < 0) s->s_error = ENOMEM; if (s->s_error != 0) return; } s->s_buf[s->s_len++] = (char)c; } /* * Append a byte string to an vsb. */ int VSB_bcat(struct vsb *s, const void *buf, ssize_t len) { assert_VSB_integrity(s); assert_VSB_state(s, 0); assert(len >= 0); if (s->s_error != 0) return (-1); if (len == 0) return (0); _vsb_indent(s); if (len > VSB_FREESPACE(s)) { if (VSB_extend(s, len - VSB_FREESPACE(s)) < 0) s->s_error = ENOMEM; if (s->s_error != 0) return (-1); } memcpy(s->s_buf + s->s_len, buf, len); s->s_len += len; return (0); } /* * Append a string to an vsb. */ int VSB_cat(struct vsb *s, const char *str) { assert_VSB_integrity(s); assert_VSB_state(s, 0); if (s->s_error != 0) return (-1); while (*str != '\0') { VSB_put_byte(s, *str++); if (s->s_error != 0) return (-1); } return (0); } /* * Format the given argument list and append the resulting string to an vsb. */ int VSB_vprintf(struct vsb *s, const char *fmt, va_list ap) { va_list ap_copy; int len; assert_VSB_integrity(s); assert_VSB_state(s, 0); KASSERT(fmt != NULL, ("%s called with a NULL format string", __func__)); if (s->s_error != 0) return (-1); _vsb_indent(s); /* * For the moment, there is no way to get vsnprintf(3) to hand * back a character at a time, to push everything into * VSB_putc_func() as was done for the kernel. * * In userspace, while drains are useful, there's generally * not a problem attempting to malloc(3) on out of space. So * expand a userland vsb if there is not enough room for the * data produced by VSB_[v]printf(3). */ do { va_copy(ap_copy, ap); len = vsnprintf(&s->s_buf[s->s_len], VSB_FREESPACE(s) + 1, fmt, ap_copy); if (len < 0) { s->s_error = errno; return (-1); } va_end(ap_copy); } while (len > VSB_FREESPACE(s) && VSB_extend(s, len - VSB_FREESPACE(s)) == 0); /* * s->s_len is the length of the string, without the terminating nul. * When updating s->s_len, we must subtract 1 from the length that * we passed into vsnprintf() because that length includes the * terminating nul. * * vsnprintf() returns the amount that would have been copied, * given sufficient space, so don't over-increment s_len. */ if (VSB_FREESPACE(s) < len) len = VSB_FREESPACE(s); s->s_len += len; if (!VSB_HASROOM(s) && !VSB_CANEXTEND(s)) s->s_error = ENOMEM; KASSERT(s->s_len < s->s_size, ("wrote past end of vsb (%d >= %d)", s->s_len, s->s_size)); if (s->s_error != 0) return (-1); return (0); } /* * Format the given arguments and append the resulting string to an vsb. */ int VSB_printf(struct vsb *s, const char *fmt, ...) { va_list ap; int result; va_start(ap, fmt); result = VSB_vprintf(s, fmt, ap); va_end(ap); return (result); } /* * Append a character to an vsb. */ int VSB_putc(struct vsb *s, int c) { VSB_put_byte(s, c); if (s->s_error != 0) return (-1); return (0); } /* * Check if an vsb has an error. */ int VSB_error(const struct vsb *s) { return (s->s_error); } /* * Finish off an vsb. */ int VSB_finish(struct vsb *s) { assert_VSB_integrity(s); assert_VSB_state(s, 0); s->s_buf[s->s_len] = '\0'; VSB_SETFLAG(s, VSB_FINISHED); errno = s->s_error; if (s->s_error) return (-1); return (0); } /* * Return a pointer to the vsb data. */ char * VSB_data(const struct vsb *s) { assert_VSB_integrity(s); assert_VSB_state(s, VSB_FINISHED); return (s->s_buf); } /* * Return the length of the vsb data. */ ssize_t VSB_len(const struct vsb *s) { assert_VSB_integrity(s); /* don't care if it's finished or not */ if (s->s_error != 0) return (-1); return (s->s_len); } /* * Clear an vsb, free its buffer if necessary. */ void VSB_delete(struct vsb *s) { int isdyn; assert_VSB_integrity(s); /* don't care if it's finished or not */ if (VSB_ISDYNAMIC(s)) SBFREE(s->s_buf); isdyn = VSB_ISDYNSTRUCT(s); memset(s, 0, sizeof(*s)); if (isdyn) SBFREE(s); } /* * Quote a string */ void VSB_quote(struct vsb *s, const char *p, int len, int how) { const char *q; int quote = 0; (void)how; /* For future enhancements */ if (len == -1) len = strlen(p); for (q = p; q < p + len; q++) { if (!isgraph(*q) || *q == '"' || *q == '\\') { quote++; break; } } if (!quote) { (void)VSB_bcat(s, p, len); return; } (void)VSB_putc(s, '"'); for (q = p; q < p + len; q++) { switch (*q) { case ' ': (void)VSB_putc(s, *q); break; case '\\': case '"': (void)VSB_putc(s, '\\'); (void)VSB_putc(s, *q); break; case '\n': if (how & VSB_QUOTE_NONL) (void)VSB_cat(s, "\n"); else (void)VSB_cat(s, "\\n"); break; case '\r': (void)VSB_cat(s, "\\r"); break; case '\t': (void)VSB_cat(s, "\\t"); break; default: if (isgraph(*q)) (void)VSB_putc(s, *q); else (void)VSB_printf(s, "\\%o", *q & 0xff); break; } } (void)VSB_putc(s, '"'); } /* * Indentation */ void VSB_indent(struct vsb * s, int i) { assert_VSB_integrity(s); if (s->s_indent + i < 0) s->s_error = EINVAL; else s->s_indent += i; } hitch-1.4.4/src/foreign/vqueue.h0000644000175000017500000004673213003667032013457 00000000000000/*- * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)queue.h 8.5 (Berkeley) 8/20/94 * $FreeBSD: head/sys/sys/queue.h 251887 2013-06-18 02:57:56Z lstewart $ */ #ifndef VARNISH_QUEUE_H #define VARNISH_QUEUE_H /* * This file defines four types of data structures: singly-linked lists, * singly-linked tail queues, lists and tail queues. * * A singly-linked list is headed by a single forward pointer. The elements * are singly linked for minimum space and pointer manipulation overhead at * the expense of O(n) removal for arbitrary elements. New elements can be * added to the list after an existing element or at the head of the list. * Elements being removed from the head of the list should use the explicit * macro for this purpose for optimum efficiency. A singly-linked list may * only be traversed in the forward direction. Singly-linked lists are ideal * for applications with large datasets and few or no removals or for * implementing a LIFO queue. * * A singly-linked tail queue is headed by a pair of pointers, one to the * head of the list and the other to the tail of the list. The elements are * singly linked for minimum space and pointer manipulation overhead at the * expense of O(n) removal for arbitrary elements. New elements can be added * to the list after an existing element, at the head of the list, or at the * end of the list. Elements being removed from the head of the tail queue * should use the explicit macro for this purpose for optimum efficiency. * A singly-linked tail queue may only be traversed in the forward direction. * Singly-linked tail queues are ideal for applications with large datasets * and few or no removals or for implementing a FIFO queue. * * A list is headed by a single forward pointer (or an array of forward * pointers for a hash table header). The elements are doubly linked * so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before * or after an existing element or at the head of the list. A list * may be traversed in either direction. * * A tail queue is headed by a pair of pointers, one to the head of the * list and the other to the tail of the list. The elements are doubly * linked so that an arbitrary element can be removed without a need to * traverse the list. New elements can be added to the list before or * after an existing element, at the head of the list, or at the end of * the list. A tail queue may be traversed in either direction. * * For details on the use of these macros, see the queue(3) manual page. * * * VSLIST VLIST VSTAILQ VTAILQ * _HEAD + + + + * _HEAD_INITIALIZER + + + + * _ENTRY + + + + * _INIT + + + + * _EMPTY + + + + * _FIRST + + + + * _NEXT + + + + * _PREV - + - + * _LAST - - + + * _FOREACH + + + + * _FOREACH_FROM + + + + * _FOREACH_SAFE + + + + * _FOREACH_FROM_SAFE + + + + * _FOREACH_REVERSE - - - + * _FOREACH_REVERSE_FROM - - - + * _FOREACH_REVERSE_SAFE - - - + * _FOREACH_REVERSE_FROM_SAFE - - - + * _INSERT_HEAD + + + + * _INSERT_BEFORE - + - + * _INSERT_AFTER + + + + * _INSERT_TAIL - - + + * _CONCAT - - + + * _REMOVE_AFTER + - + - * _REMOVE_HEAD + - + - * _REMOVE + + + + * _SWAP + + + + * */ #define TRACEBUF #define TRACEBUF_INITIALIZER #define TRASHIT(x) /* * Singly-linked List declarations. */ #define VSLIST_HEAD(name, type) \ struct name { \ struct type *vslh_first; /* first element */ \ } #define VSLIST_HEAD_INITIALIZER(head) \ { NULL } #define VSLIST_ENTRY(type) \ struct { \ struct type *vsle_next; /* next element */ \ } /* * Singly-linked List functions. */ #define VSLIST_EMPTY(head) ((head)->vslh_first == NULL) #define VSLIST_FIRST(head) ((head)->vslh_first) #define VSLIST_FOREACH(var, head, field) \ for ((var) = VSLIST_FIRST((head)); \ (var); \ (var) = VSLIST_NEXT((var), field)) #define VSLIST_FOREACH_FROM(var, head, field) \ for ((var) = ((var) ? (var) : VSLIST_FIRST((head))); \ (var); \ (var) = VSLIST_NEXT((var), field)) #define VSLIST_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = VSLIST_FIRST((head)); \ (var) && ((tvar) = VSLIST_NEXT((var), field), 1); \ (var) = (tvar)) #define VSLIST_FOREACH_FROM_SAFE(var, head, field, tvar) \ for ((var) = ((var) ? (var) : VSLIST_FIRST((head))); \ (var) && ((tvar) = VSLIST_NEXT((var), field), 1); \ (var) = (tvar)) #define VSLIST_FOREACH_PREVPTR(var, varp, head, field) \ for ((varp) = &VSLIST_FIRST((head)); \ ((var) = *(varp)) != NULL; \ (varp) = &VSLIST_NEXT((var), field)) #define VSLIST_INIT(head) do { \ VSLIST_FIRST((head)) = NULL; \ } while (0) #define VSLIST_INSERT_AFTER(slistelm, elm, field) do { \ VSLIST_NEXT((elm), field) = VSLIST_NEXT((slistelm), field); \ VSLIST_NEXT((slistelm), field) = (elm); \ } while (0) #define VSLIST_INSERT_HEAD(head, elm, field) do { \ VSLIST_NEXT((elm), field) = VSLIST_FIRST((head)); \ VSLIST_FIRST((head)) = (elm); \ } while (0) #define VSLIST_NEXT(elm, field) ((elm)->field.vsle_next) #define VSLIST_REMOVE(head, elm, type, field) do { \ if (VSLIST_FIRST((head)) == (elm)) { \ VSLIST_REMOVE_HEAD((head), field); \ } \ else { \ struct type *curelm = VSLIST_FIRST((head)); \ while (VSLIST_NEXT(curelm, field) != (elm)) \ curelm = VSLIST_NEXT(curelm, field); \ VSLIST_REMOVE_AFTER(curelm, field); \ } \ TRASHIT(*oldnext); \ } while (0) #define VSLIST_REMOVE_AFTER(elm, field) do { \ VSLIST_NEXT(elm, field) = \ VSLIST_NEXT(VSLIST_NEXT(elm, field), field); \ } while (0) #define VSLIST_REMOVE_HEAD(head, field) do { \ VSLIST_FIRST((head)) = VSLIST_NEXT(VSLIST_FIRST((head)), field);\ } while (0) #define VSLIST_SWAP(head1, head2, type) do { \ struct type *swap_first = VSLIST_FIRST(head1); \ VSLIST_FIRST(head1) = VSLIST_FIRST(head2); \ VSLIST_FIRST(head2) = swap_first; \ } while (0) /* * Singly-linked Tail queue declarations. */ #define VSTAILQ_HEAD(name, type) \ struct name { \ struct type *vstqh_first;/* first element */ \ struct type **vstqh_last;/* addr of last next element */ \ } #define VSTAILQ_HEAD_INITIALIZER(head) \ { NULL, &(head).vstqh_first } #define VSTAILQ_ENTRY(type) \ struct { \ struct type *vstqe_next; /* next element */ \ } /* * Singly-linked Tail queue functions. */ #define VSTAILQ_CONCAT(head1, head2) do { \ if (!VSTAILQ_EMPTY((head2))) { \ *(head1)->vstqh_last = (head2)->vstqh_first; \ (head1)->vstqh_last = (head2)->vstqh_last; \ VSTAILQ_INIT((head2)); \ } \ } while (0) #define VSTAILQ_EMPTY(head) ((head)->vstqh_first == NULL) #define VSTAILQ_FIRST(head) ((head)->vstqh_first) #define VSTAILQ_FOREACH(var, head, field) \ for((var) = VSTAILQ_FIRST((head)); \ (var); \ (var) = VSTAILQ_NEXT((var), field)) #define VSTAILQ_FOREACH_FROM(var, head, field) \ for ((var) = ((var) ? (var) : VSTAILQ_FIRST((head))); \ (var); \ (var) = VSTAILQ_NEXT((var), field)) #define VSTAILQ_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = VSTAILQ_FIRST((head)); \ (var) && ((tvar) = VSTAILQ_NEXT((var), field), 1); \ (var) = (tvar)) #define VSTAILQ_FOREACH_FROM_SAFE(var, head, field, tvar) \ for ((var) = ((var) ? (var) : VSTAILQ_FIRST((head))); \ (var) && ((tvar) = VSTAILQ_NEXT((var), field), 1); \ (var) = (tvar)) #define VSTAILQ_INIT(head) do { \ VSTAILQ_FIRST((head)) = NULL; \ (head)->vstqh_last = &VSTAILQ_FIRST((head)); \ } while (0) #define VSTAILQ_INSERT_AFTER(head, tqelm, elm, field) do { \ if ((VSTAILQ_NEXT((elm), field) = VSTAILQ_NEXT((tqelm), field)) == NULL)\ (head)->vstqh_last = &VSTAILQ_NEXT((elm), field); \ VSTAILQ_NEXT((tqelm), field) = (elm); \ } while (0) #define VSTAILQ_INSERT_HEAD(head, elm, field) do { \ if ((VSTAILQ_NEXT((elm), field) = VSTAILQ_FIRST((head))) == NULL)\ (head)->vstqh_last = &VSTAILQ_NEXT((elm), field); \ VSTAILQ_FIRST((head)) = (elm); \ } while (0) #define VSTAILQ_INSERT_TAIL(head, elm, field) do { \ VSTAILQ_NEXT((elm), field) = NULL; \ *(head)->vstqh_last = (elm); \ (head)->vstqh_last = &VSTAILQ_NEXT((elm), field); \ } while (0) #define VSTAILQ_LAST(head, type, field) \ (VSTAILQ_EMPTY((head)) ? NULL : \ __containerof((head)->vstqh_last, struct type, field.vstqe_next)) #define VSTAILQ_NEXT(elm, field) ((elm)->field.vstqe_next) #define VSTAILQ_REMOVE(head, elm, type, field) do { \ if (VSTAILQ_FIRST((head)) == (elm)) { \ VSTAILQ_REMOVE_HEAD((head), field); \ } \ else { \ struct type *curelm = VSTAILQ_FIRST((head)); \ while (VSTAILQ_NEXT(curelm, field) != (elm)) \ curelm = VSTAILQ_NEXT(curelm, field); \ VSTAILQ_REMOVE_AFTER(head, curelm, field); \ } \ TRASHIT(*oldnext); \ } while (0) #define VSTAILQ_REMOVE_AFTER(head, elm, field) do { \ if ((VSTAILQ_NEXT(elm, field) = \ VSTAILQ_NEXT(VSTAILQ_NEXT(elm, field), field)) == NULL) \ (head)->vstqh_last = &VSTAILQ_NEXT((elm), field); \ } while (0) #define VSTAILQ_REMOVE_HEAD(head, field) do { \ if ((VSTAILQ_FIRST((head)) = \ VSTAILQ_NEXT(VSTAILQ_FIRST((head)), field)) == NULL) \ (head)->vstqh_last = &VSTAILQ_FIRST((head)); \ } while (0) #define VSTAILQ_SWAP(head1, head2, type) do { \ struct type *swap_first = VSTAILQ_FIRST(head1); \ struct type **swap_last = (head1)->vstqh_last; \ VSTAILQ_FIRST(head1) = VSTAILQ_FIRST(head2); \ (head1)->vstqh_last = (head2)->vstqh_last; \ VSTAILQ_FIRST(head2) = swap_first; \ (head2)->vstqh_last = swap_last; \ if (VSTAILQ_EMPTY(head1)) \ (head1)->vstqh_last = &VSTAILQ_FIRST(head1); \ if (VSTAILQ_EMPTY(head2)) \ (head2)->vstqh_last = &VSTAILQ_FIRST(head2); \ } while (0) /* * List declarations. */ #define VLIST_HEAD(name, type) \ struct name { \ struct type *vlh_first; /* first element */ \ } #define VLIST_HEAD_INITIALIZER(head) \ { NULL } #define VLIST_ENTRY(type) \ struct { \ struct type *vle_next; /* next element */ \ struct type **vle_prev; /* address of previous next element */ \ } /* * List functions. */ #define VLIST_EMPTY(head) ((head)->vlh_first == NULL) #define VLIST_FIRST(head) ((head)->vlh_first) #define VLIST_FOREACH(var, head, field) \ for ((var) = VLIST_FIRST((head)); \ (var); \ (var) = VLIST_NEXT((var), field)) #define VLIST_FOREACH_FROM(var, head, field) \ for ((var) = ((var) ? (var) : VLIST_FIRST((head))); \ (var); \ (var) = VLIST_NEXT((var), field)) #define VLIST_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = VLIST_FIRST((head)); \ (var) && ((tvar) = VLIST_NEXT((var), field), 1); \ (var) = (tvar)) #define VLIST_FOREACH_FROM_SAFE(var, head, field, tvar) \ for ((var) = ((var) ? (var) : VLIST_FIRST((head))); \ (var) && ((tvar) = VLIST_NEXT((var), field), 1); \ (var) = (tvar)) #define VLIST_INIT(head) do { \ VLIST_FIRST((head)) = NULL; \ } while (0) #define VLIST_INSERT_AFTER(listelm, elm, field) do { \ if ((VLIST_NEXT((elm), field) = VLIST_NEXT((listelm), field)) != NULL)\ VLIST_NEXT((listelm), field)->field.vle_prev = \ &VLIST_NEXT((elm), field); \ VLIST_NEXT((listelm), field) = (elm); \ (elm)->field.vle_prev = &VLIST_NEXT((listelm), field); \ } while (0) #define VLIST_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.vle_prev = (listelm)->field.vle_prev; \ VLIST_NEXT((elm), field) = (listelm); \ *(listelm)->field.vle_prev = (elm); \ (listelm)->field.vle_prev = &VLIST_NEXT((elm), field); \ } while (0) #define VLIST_INSERT_HEAD(head, elm, field) do { \ if ((VLIST_NEXT((elm), field) = VLIST_FIRST((head))) != NULL) \ VLIST_FIRST((head))->field.vle_prev = &VLIST_NEXT((elm), field);\ VLIST_FIRST((head)) = (elm); \ (elm)->field.vle_prev = &VLIST_FIRST((head)); \ } while (0) #define VLIST_NEXT(elm, field) ((elm)->field.vle_next) #define VLIST_PREV(elm, head, type, field) \ ((elm)->field.vle_prev == &VLIST_FIRST((head)) ? NULL : \ __containerof((elm)->field.vle_prev, struct type, field.vle_next)) #define VLIST_REMOVE(elm, field) do { \ if (VLIST_NEXT((elm), field) != NULL) \ VLIST_NEXT((elm), field)->field.vle_prev = \ (elm)->field.vle_prev; \ *(elm)->field.vle_prev = VLIST_NEXT((elm), field); \ TRASHIT(*oldnext); \ TRASHIT(*oldprev); \ } while (0) #define VLIST_SWAP(head1, head2, type, field) do { \ struct type *swap_tmp = VLIST_FIRST((head1)); \ VLIST_FIRST((head1)) = VLIST_FIRST((head2)); \ VLIST_FIRST((head2)) = swap_tmp; \ if ((swap_tmp = VLIST_FIRST((head1))) != NULL) \ swap_tmp->field.vle_prev = &VLIST_FIRST((head1)); \ if ((swap_tmp = VLIST_FIRST((head2))) != NULL) \ swap_tmp->field.vle_prev = &VLIST_FIRST((head2)); \ } while (0) /* * Tail queue declarations. */ #define VTAILQ_HEAD(name, type) \ struct name { \ struct type *vtqh_first; /* first element */ \ struct type **vtqh_last; /* addr of last next element */ \ TRACEBUF \ } #define VTAILQ_HEAD_INITIALIZER(head) \ { NULL, &(head).vtqh_first, TRACEBUF_INITIALIZER } #define VTAILQ_ENTRY(type) \ struct { \ struct type *vtqe_next; /* next element */ \ struct type **vtqe_prev; /* address of previous next element */\ TRACEBUF \ } /*lint -e(18) */ /* * Tail queue functions. */ #define VTAILQ_CONCAT(head1, head2, field) do { \ if (!VTAILQ_EMPTY(head2)) { \ *(head1)->vtqh_last = (head2)->vtqh_first; \ (head2)->vtqh_first->field.vtqe_prev = (head1)->vtqh_last;\ (head1)->vtqh_last = (head2)->vtqh_last; \ VTAILQ_INIT((head2)); \ } \ } while (0) #define VTAILQ_EMPTY(head) ((head)->vtqh_first == NULL) #define VTAILQ_FIRST(head) ((head)->vtqh_first) #define VTAILQ_FOREACH(var, head, field) \ for ((var) = VTAILQ_FIRST((head)); \ (var); \ (var) = VTAILQ_NEXT((var), field)) #define VTAILQ_FOREACH_FROM(var, head, field) \ for ((var) = ((var) ? (var) : VTAILQ_FIRST((head))); \ (var); \ (var) = VTAILQ_NEXT((var), field)) #define VTAILQ_FOREACH_SAFE(var, head, field, tvar) \ for ((var) = VTAILQ_FIRST((head)); \ (var) && ((tvar) = VTAILQ_NEXT((var), field), 1); \ (var) = (tvar)) #define VTAILQ_FOREACH_FROM_SAFE(var, head, field, tvar) \ for ((var) = ((var) ? (var) : VTAILQ_FIRST((head))); \ (var) && ((tvar) = VTAILQ_NEXT((var), field), 1); \ (var) = (tvar)) #define VTAILQ_FOREACH_REVERSE(var, head, headname, field) \ for ((var) = VTAILQ_LAST((head), headname); \ (var); \ (var) = VTAILQ_PREV((var), headname, field)) #define VTAILQ_FOREACH_REVERSE_FROM(var, head, headname, field) \ for ((var) = ((var) ? (var) : VTAILQ_LAST((head), headname)); \ (var); \ (var) = VTAILQ_PREV((var), headname, field)) #define VTAILQ_FOREACH_REVERSE_SAFE(var, head, headname, field, tvar) \ for ((var) = VTAILQ_LAST((head), headname); \ (var) && ((tvar) = VTAILQ_PREV((var), headname, field), 1); \ (var) = (tvar)) #define VTAILQ_FOREACH_REVERSE_FROM_SAFE(var, head, headname, field, tvar) \ for ((var) = ((var) ? (var) : VTAILQ_LAST((head), headname)); \ (var) && ((tvar) = VTAILQ_PREV((var), headname, field), 1); \ (var) = (tvar)) #define VTAILQ_INIT(head) do { \ VTAILQ_FIRST((head)) = NULL; \ (head)->vtqh_last = &VTAILQ_FIRST((head)); \ } while (0) #define VTAILQ_INSERT_AFTER(head, listelm, elm, field) do { \ if ((VTAILQ_NEXT((elm), field) = VTAILQ_NEXT((listelm), field)) != NULL)\ VTAILQ_NEXT((elm), field)->field.vtqe_prev = \ &VTAILQ_NEXT((elm), field); \ else { \ (head)->vtqh_last = &VTAILQ_NEXT((elm), field); \ } \ VTAILQ_NEXT((listelm), field) = (elm); \ (elm)->field.vtqe_prev = &VTAILQ_NEXT((listelm), field); \ } while (0) #define VTAILQ_INSERT_BEFORE(listelm, elm, field) do { \ (elm)->field.vtqe_prev = (listelm)->field.vtqe_prev; \ VTAILQ_NEXT((elm), field) = (listelm); \ *(listelm)->field.vtqe_prev = (elm); \ (listelm)->field.vtqe_prev = &VTAILQ_NEXT((elm), field); \ } while (0) #define VTAILQ_INSERT_HEAD(head, elm, field) do { \ if ((VTAILQ_NEXT((elm), field) = VTAILQ_FIRST((head))) != NULL) \ VTAILQ_FIRST((head))->field.vtqe_prev = \ &VTAILQ_NEXT((elm), field); \ else \ (head)->vtqh_last = &VTAILQ_NEXT((elm), field); \ VTAILQ_FIRST((head)) = (elm); \ (elm)->field.vtqe_prev = &VTAILQ_FIRST((head)); \ } while (0) #define VTAILQ_INSERT_TAIL(head, elm, field) do { \ VTAILQ_NEXT((elm), field) = NULL; \ (elm)->field.vtqe_prev = (head)->vtqh_last; \ *(head)->vtqh_last = (elm); \ (head)->vtqh_last = &VTAILQ_NEXT((elm), field); \ } while (0) #define VTAILQ_LAST(head, headname) \ (*(((struct headname *)((head)->vtqh_last))->vtqh_last)) #define VTAILQ_NEXT(elm, field) ((elm)->field.vtqe_next) #define VTAILQ_PREV(elm, headname, field) \ (*(((struct headname *)((elm)->field.vtqe_prev))->vtqh_last)) #define VTAILQ_REMOVE(head, elm, field) do { \ if ((VTAILQ_NEXT((elm), field)) != NULL) \ VTAILQ_NEXT((elm), field)->field.vtqe_prev = \ (elm)->field.vtqe_prev; \ else { \ (head)->vtqh_last = (elm)->field.vtqe_prev; \ } \ *(elm)->field.vtqe_prev = VTAILQ_NEXT((elm), field); \ TRASHIT(*oldnext); \ TRASHIT(*oldprev); \ } while (0) #define VTAILQ_SWAP(head1, head2, type, field) do { \ struct type *swap_first = (head1)->vtqh_first; \ struct type **swap_last = (head1)->vtqh_last; \ (head1)->vtqh_first = (head2)->vtqh_first; \ (head1)->vtqh_last = (head2)->vtqh_last; \ (head2)->vtqh_first = swap_first; \ (head2)->vtqh_last = swap_last; \ if ((swap_first = (head1)->vtqh_first) != NULL) \ swap_first->field.vtqe_prev = &(head1)->vtqh_first; \ else \ (head1)->vtqh_last = &(head1)->vtqh_first; \ if ((swap_first = (head2)->vtqh_first) != NULL) \ swap_first->field.vtqe_prev = &(head2)->vtqh_first; \ else \ (head2)->vtqh_last = &(head2)->vtqh_first; \ } while (0) #endif /* !VARNISH_QUEUE_H */ hitch-1.4.4/src/foreign/flopen.h0000644000175000017500000000320713003667032013416 00000000000000/*- * Copyright (c) 2007 Dag-Erling Coïdan Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer * in this position and unchanged. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * Derived from: * $FreeBSD: src/lib/libutil/libutil.h,v 1.44 2007/05/10 15:01:42 des Exp $ */ #ifndef FLOPEN_H_INCLUDED #define FLOPEN_H_INCLUDED int flopen(const char *, int, ...) __attribute__((format(printf, 1, 3))); int fltest(int fd, pid_t *pid); #endif hitch-1.4.4/src/foreign/flopen.c0000644000175000017500000000676213003667032013422 00000000000000/*- * Copyright (c) 2007 Dag-Erling Coïdan Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer * in this position and unchanged. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * Derived from: * $FreeBSD: head/lib/libutil/flopen.c 184094 2008-10-20 18:11:30Z des $ */ #include "config.h" #include #include #include #include #include #include #include "flopen.h" int flopen(const char *path, int flags, ...) { int fd, operation, serrno, trunc; struct flock lock; struct stat sb, fsb; mode_t mode; #ifdef O_EXLOCK flags &= ~O_EXLOCK; #endif mode = 0; if (flags & O_CREAT) { va_list ap; va_start(ap, flags); mode = (mode_t)va_arg(ap, int); /* mode_t promoted to int */ va_end(ap); } memset(&lock, 0, sizeof lock); lock.l_type = ((flags & O_ACCMODE) == O_RDONLY) ? F_RDLCK : F_WRLCK; lock.l_whence = SEEK_SET; operation = (flags & O_NONBLOCK) ? F_SETLK : F_SETLKW; trunc = (flags & O_TRUNC); flags &= ~O_TRUNC; for (;;) { if ((fd = open(path, flags, mode)) == -1) /* non-existent or no access */ return (-1); if (fcntl(fd, operation, &lock) == -1) { /* unsupported or interrupted */ serrno = errno; (void)close(fd); errno = serrno; return (-1); } if (stat(path, &sb) == -1) { /* disappeared from under our feet */ (void)close(fd); continue; } if (fstat(fd, &fsb) == -1) { /* can't happen [tm] */ serrno = errno; (void)close(fd); errno = serrno; return (-1); } if (sb.st_dev != fsb.st_dev || sb.st_ino != fsb.st_ino) { /* changed under our feet */ (void)close(fd); continue; } if (trunc && ftruncate(fd, 0) != 0) { /* can't happen [tm] */ serrno = errno; (void)close(fd); errno = serrno; return (-1); } return (fd); } } /* Tests if the given fd is locked through flopen * If pid is non-NULL, stores the pid of the process holding the lock there * Returns 1 if the file is locked * Returns 0 if the file is unlocked * Returns -1 on error (and errno) */ int fltest(int fd, pid_t *pid) { struct flock lock; memset(&lock, 0, sizeof lock); lock.l_type = F_WRLCK; lock.l_whence = SEEK_SET; if (fcntl(fd, F_GETLK, &lock) == -1) return (-1); if (lock.l_type == F_UNLCK) return (0); if (pid != NULL) *pid = lock.l_pid; return (1); } hitch-1.4.4/src/foreign/vpf.h0000644000175000017500000000327613003667032012734 00000000000000/*- * Copyright (c) 2005 Pawel Jakub Dawidek * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * Derived from: * $FreeBSD: src/lib/libutil/libutil.h,v 1.41 2005/08/24 17:21:38 pjd Exp $ */ #ifndef VPF_H_INCLUDED #define VPF_H_INCLUDED struct vpf_fh; struct vpf_fh *VPF_Open(const char *path, mode_t mode, pid_t *pidptr); int VPF_Write(struct vpf_fh *pfh); int VPF_Close(struct vpf_fh *pfh); int VPF_Remove(struct vpf_fh *pfh); #endif hitch-1.4.4/src/foreign/vpf.c0000644000175000017500000001271313003667032012723 00000000000000/*- * Copyright (c) 2005 Pawel Jakub Dawidek * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * Derived from: * $FreeBSD: head/lib/libutil/pidfile.c 184091 2008-10-20 17:41:08Z des $ */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include "flopen.h" #include "vpf.h" struct vpf_fh { int pf_fd; char pf_path[MAXPATHLEN + 1]; dev_t pf_dev; ino_t pf_ino; }; static int _VPF_Remove(struct vpf_fh *pfh, int freeit); static int vpf_verify(const struct vpf_fh *pfh) { struct stat sb; if (pfh == NULL || pfh->pf_fd == -1) return (EINVAL); /* * Check remembered descriptor. */ if (fstat(pfh->pf_fd, &sb) == -1) return (errno); if (sb.st_dev != pfh->pf_dev || sb.st_ino != pfh->pf_ino) return (EINVAL); return (0); } static int vpf_read(const char *path, pid_t *pidptr) { char buf[16], *endptr; int error, fd, i; fd = open(path, O_RDONLY); if (fd == -1) return (errno); i = read(fd, buf, sizeof(buf) - 1); error = errno; /* Remember errno in case close() wants to change it. */ (void)close(fd); if (i == -1) return (error); buf[i] = '\0'; *pidptr = strtol(buf, &endptr, 10); if (endptr != &buf[i]) return (EINVAL); return (0); } struct vpf_fh * VPF_Open(const char *path, mode_t mode, pid_t *pidptr) { struct vpf_fh *pfh; struct stat sb; int error, fd, len; pfh = malloc(sizeof(*pfh)); if (pfh == NULL) return (NULL); #if 0 if (path == NULL) len = snprintf(pfh->pf_path, sizeof(pfh->pf_path), "/var/run/%s.pid", getprogname()); else #endif { assert(path != NULL); len = snprintf(pfh->pf_path, sizeof(pfh->pf_path), "%s", path); } if (len >= (int)sizeof(pfh->pf_path)) { free(pfh); errno = ENAMETOOLONG; return (NULL); } /* * Open the PID file and obtain exclusive lock. * We truncate PID file here only to remove old PID immediatelly, * PID file will be truncated again in VPF_Write(), so * VPF_Write() can be called multiple times. */ fd = flopen(pfh->pf_path, O_WRONLY | O_CREAT | O_TRUNC | O_NONBLOCK, mode); if (fd == -1) { if (errno == EWOULDBLOCK && pidptr != NULL) { errno = vpf_read(pfh->pf_path, pidptr); if (errno == 0) errno = EEXIST; } free(pfh); return (NULL); } /* * Remember file information, so in VPF_Write() we are sure we write * to the proper descriptor. */ if (fstat(fd, &sb) == -1) { error = errno; (void)unlink(pfh->pf_path); (void)close(fd); free(pfh); errno = error; return (NULL); } pfh->pf_fd = fd; pfh->pf_dev = sb.st_dev; pfh->pf_ino = sb.st_ino; return (pfh); } int VPF_Write(struct vpf_fh *pfh) { char pidstr[16]; int error, fd; /* * Check remembered descriptor, so we don't overwrite some other * file if pidfile was closed and descriptor reused. */ errno = vpf_verify(pfh); if (errno != 0) { /* * Don't close descriptor, because we are not sure if it's ours. */ return (-1); } fd = pfh->pf_fd; /* * Truncate PID file, so multiple calls of VPF_Write() are allowed. */ if (ftruncate(fd, 0) == -1) { error = errno; (void)_VPF_Remove(pfh, 0); errno = error; return (-1); } error = snprintf(pidstr, sizeof(pidstr), "%ju", (uintmax_t)getpid()); assert(error < (int) sizeof pidstr); if (pwrite(fd, pidstr, strlen(pidstr), 0) != (ssize_t)strlen(pidstr)) { error = errno; (void)_VPF_Remove(pfh, 0); errno = error; return (-1); } return (0); } int VPF_Close(struct vpf_fh *pfh) { int error; error = vpf_verify(pfh); if (error != 0) { errno = error; return (-1); } if (close(pfh->pf_fd) == -1) error = errno; free(pfh); if (error != 0) { errno = error; return (-1); } return (0); } static int _VPF_Remove(struct vpf_fh *pfh, int freeit) { int error; error = vpf_verify(pfh); if (error != 0) { errno = error; return (-1); } if (unlink(pfh->pf_path) == -1) error = errno; if (close(pfh->pf_fd) == -1) { if (error == 0) error = errno; } if (freeit) free(pfh); else pfh->pf_fd = -1; if (error != 0) { errno = error; return (-1); } return (0); } int VPF_Remove(struct vpf_fh *pfh) { return (_VPF_Remove(pfh, 1)); } hitch-1.4.4/src/foreign/vas.c0000644000175000017500000000476113003667032012725 00000000000000/*- * Copyright (c) 2006 Verdens Gang AS * Copyright (c) 2006-2016 Varnish Software AS * All rights reserved. * * Author: Poul-Henning Kamp * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * This is the default backend function for libvarnish' assert facilities. */ #include "config.h" #include #include #include #include #include "vas.h" static void __attribute__((__noreturn__)) VAS_Fail_default(const char *func, const char *file, int line, const char *cond, enum vas_e kind) { int err = errno; if (kind == VAS_MISSING) { fprintf(stderr, "Missing error handling code in %s(), %s line %d:\n" " Condition(%s) not true.\n", func, file, line, cond); } else if (kind == VAS_INCOMPLETE) { fprintf(stderr, "Incomplete code in %s(), %s line %d:\n", func, file, line); } else if (kind == VAS_WRONG) { fprintf(stderr, "Wrong turn in %s(), %s line %d: %s\n", func, file, line, cond); } else { fprintf(stderr, "Assert error in %s(), %s line %d:\n" " Condition(%s) not true.\n", func, file, line, cond); } if (err) fprintf(stderr, " errno = %d (%s)\n", err, strerror(err)); abort(); } vas_f *VAS_Fail __attribute__((__noreturn__)) = VAS_Fail_default; hitch-1.4.4/src/foreign/miniobj.h0000644000175000017500000000311013003667032013553 00000000000000/* * Written by Poul-Henning Kamp * * This file is in the public domain. * */ #define INIT_OBJ(to, type_magic) \ do { \ (void)memset(to, 0, sizeof *to); \ (to)->magic = (type_magic); \ } while (0) #define ALLOC_OBJ(to, type_magic) \ do { \ (to) = calloc(sizeof *(to), 1); \ if ((to) != NULL) \ (to)->magic = (type_magic); \ } while (0) #define FREE_OBJ(to) \ do { \ (to)->magic = (0); \ free(to); \ to = NULL; \ } while (0) #define VALID_OBJ(ptr, type_magic) \ ((ptr) != NULL && (ptr)->magic == (type_magic)) #define CHECK_OBJ(ptr, type_magic) \ do { \ assert((ptr)->magic == type_magic); \ } while (0) #define CHECK_OBJ_NOTNULL(ptr, type_magic) \ do { \ assert((ptr) != NULL); \ assert((ptr)->magic == type_magic); \ } while (0) #define CHECK_OBJ_ORNULL(ptr, type_magic) \ do { \ if ((ptr) != NULL) \ assert((ptr)->magic == type_magic); \ } while (0) #define CAST_OBJ(to, from, type_magic) \ do { \ (to) = (from); \ if ((to) != NULL) \ CHECK_OBJ((to), (type_magic)); \ } while (0) #define CAST_OBJ_NOTNULL(to, from, type_magic) \ do { \ (to) = (from); \ assert((to) != NULL); \ CHECK_OBJ((to), (type_magic)); \ } while (0) #define REPLACE(ptr, val) \ do { \ if ((ptr) != NULL) \ free(ptr); \ if ((val) != NULL) { \ ptr = strdup(val); \ AN((ptr)); \ } else { \ ptr = NULL; \ } \ } while (0) hitch-1.4.4/src/foreign/vsb.h0000644000175000017500000000612513003667032012727 00000000000000/*- * Copyright (c) 2000-2011 Poul-Henning Kamp * Copyright (c) 2000-2008 Dag-Erling Coïdan Smørgrav * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer * in this position and unchanged. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * $FreeBSD: head/sys/sys/vsb.h 221993 2011-05-16 16:18:40Z phk $ */ #ifndef VSB_H_INCLUDED #define VSB_H_INCLUDED /* * Structure definition */ struct vsb { unsigned magic; #define VSB_MAGIC 0x4a82dd8a int s_error; /* current error code */ char *s_buf; /* storage buffer */ ssize_t s_size; /* size of storage buffer */ ssize_t s_len; /* current length of string */ #define VSB_FIXEDLEN 0x00000000 /* fixed length buffer (default) */ #define VSB_AUTOEXTEND 0x00000001 /* automatically extend buffer */ #define VSB_USRFLAGMSK 0x0000ffff /* mask of flags the user may specify */ #define VSB_DYNAMIC 0x00010000 /* s_buf must be freed */ #define VSB_FINISHED 0x00020000 /* set by VSB_finish() */ #define VSB_DYNSTRUCT 0x00080000 /* vsb must be freed */ int s_flags; /* flags */ int s_indent; /* Ident level */ }; #ifdef __cplusplus extern "C" { #endif /* * API functions */ struct vsb *VSB_new(struct vsb *, char *, int, int); #define VSB_new_auto() \ VSB_new(NULL, NULL, 0, VSB_AUTOEXTEND) void VSB_clear(struct vsb *); int VSB_bcat(struct vsb *, const void *, ssize_t); int VSB_cat(struct vsb *, const char *); int VSB_printf(struct vsb *, const char *, ...) __attribute__((format(printf, 2, 3))); #ifdef va_start int VSB_vprintf(struct vsb *, const char *, va_list); #endif int VSB_putc(struct vsb *, int); int VSB_error(const struct vsb *); int VSB_finish(struct vsb *); char *VSB_data(const struct vsb *); ssize_t VSB_len(const struct vsb *); void VSB_delete(struct vsb *); #define VSB_QUOTE_NONL 1 void VSB_quote(struct vsb *s, const char *p, int len, int how); void VSB_indent(struct vsb *, int); #ifdef __cplusplus }; #endif #endif hitch-1.4.4/src/foreign/vas.h0000644000175000017500000000576413003667032012736 00000000000000/*- * Copyright (c) 2006 Verdens Gang AS * Copyright (c) 2006-2011 Varnish Software AS * All rights reserved. * * Author: Poul-Henning Kamp * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * assert(), AN() and AZ() are static checks that should not happen. * In general asserts should be cheap, such as checking return * values and similar. * diagnostic() are asserts which are so expensive that we may want * to compile them out for performance at a later date. * xxxassert(), XXXAN() and XXXAZ() marks conditions we ought to * handle gracefully, such as malloc failure. */ #ifndef VAS_H_INCLUDED #define VAS_H_INCLUDED enum vas_e { VAS_WRONG, VAS_MISSING, VAS_ASSERT, VAS_INCOMPLETE, }; typedef void vas_f(const char *, const char *, int, const char *, enum vas_e); extern vas_f *VAS_Fail __attribute__((__noreturn__)); #ifdef WITHOUT_ASSERTS #define assert(e) ((void)(e)) #else /* WITH_ASSERTS */ #define assert(e) \ do { \ if (!(e)) { \ VAS_Fail(__func__, __FILE__, __LINE__, \ #e, VAS_ASSERT); \ } \ } while (0) #endif #define xxxassert(e) \ do { \ if (!(e)) { \ VAS_Fail(__func__, __FILE__, __LINE__, \ #e, VAS_MISSING); \ } \ } while (0) /* Assert zero return value */ #define AZ(foo) do { assert((foo) == 0); } while (0) #define AN(foo) do { assert((foo) != 0); } while (0) #define XXXAZ(foo) do { xxxassert((foo) == 0); } while (0) #define XXXAN(foo) do { xxxassert((foo) != 0); } while (0) #define diagnostic(foo) assert(foo) #define WRONG(expl) \ do { \ VAS_Fail(__func__, __FILE__, __LINE__, expl, VAS_WRONG); \ } while (0) #define INCOMPL() \ do { \ VAS_Fail(__func__, __FILE__, __LINE__, \ "", VAS_INCOMPLETE); \ } while (0) #endif hitch-1.4.4/src/asn_gentm.h0000644000175000017500000000266313003667032012462 00000000000000/* * Copyright 2015 Varnish Software * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above * copyright notice, this list of conditions and the following * disclaimer. * * 2. Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials * provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */ #include double asn1_gentime_parse(const ASN1_GENERALIZEDTIME *d); hitch-1.4.4/src/cfg_lex.c0000644000175000017500000020003213026756721012110 00000000000000 #line 3 "cfg_lex.c" #define YY_INT_ALIGNED short int /* A lexical scanner generated by flex */ #define FLEX_SCANNER #define YY_FLEX_MAJOR_VERSION 2 #define YY_FLEX_MINOR_VERSION 6 #define YY_FLEX_SUBMINOR_VERSION 1 #if YY_FLEX_SUBMINOR_VERSION > 0 #define FLEX_BETA #endif /* First, we deal with platform-specific or compiler-specific issues. */ /* begin standard C headers. */ #include #include #include #include /* end standard C headers. */ /* flex integer type definitions */ #ifndef FLEXINT_H #define FLEXINT_H /* C99 systems have . Non-C99 systems may or may not. */ #if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L /* C99 says to define __STDC_LIMIT_MACROS before including stdint.h, * if you want the limit (max/min) macros for int types. */ #ifndef __STDC_LIMIT_MACROS #define __STDC_LIMIT_MACROS 1 #endif #include typedef int8_t flex_int8_t; typedef uint8_t flex_uint8_t; typedef int16_t flex_int16_t; typedef uint16_t flex_uint16_t; typedef int32_t flex_int32_t; typedef uint32_t flex_uint32_t; #else typedef signed char flex_int8_t; typedef short int flex_int16_t; typedef int flex_int32_t; typedef unsigned char flex_uint8_t; typedef unsigned short int flex_uint16_t; typedef unsigned int flex_uint32_t; /* Limits of integral types. */ #ifndef INT8_MIN #define INT8_MIN (-128) #endif #ifndef INT16_MIN #define INT16_MIN (-32767-1) #endif #ifndef INT32_MIN #define INT32_MIN (-2147483647-1) #endif #ifndef INT8_MAX #define INT8_MAX (127) #endif #ifndef INT16_MAX #define INT16_MAX (32767) #endif #ifndef INT32_MAX #define INT32_MAX (2147483647) #endif #ifndef UINT8_MAX #define UINT8_MAX (255U) #endif #ifndef UINT16_MAX #define UINT16_MAX (65535U) #endif #ifndef UINT32_MAX #define UINT32_MAX (4294967295U) #endif #endif /* ! C99 */ #endif /* ! FLEXINT_H */ /* TODO: this is always defined, so inline it */ #define yyconst const #if defined(__GNUC__) && __GNUC__ >= 3 #define yynoreturn __attribute__((__noreturn__)) #else #define yynoreturn #endif /* Returned upon end-of-file. */ #define YY_NULL 0 /* Promotes a possibly negative, possibly signed char to an unsigned * integer for use as an array index. If the signed char is negative, * we want to instead treat it as an 8-bit unsigned char, hence the * double cast. */ #define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) /* Enter a start condition. This macro really ought to take a parameter, * but we do it the disgusting crufty way forced on us by the ()-less * definition of BEGIN. */ #define BEGIN (yy_start) = 1 + 2 * /* Translate the current start state into a value that can be later handed * to BEGIN to return to the state. The YYSTATE alias is for lex * compatibility. */ #define YY_START (((yy_start) - 1) / 2) #define YYSTATE YY_START /* Action number for EOF rule of a given start state. */ #define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) /* Special action meaning "start processing a new file". */ #define YY_NEW_FILE yyrestart(yyin ) #define YY_END_OF_BUFFER_CHAR 0 /* Size of default input buffer. */ #ifndef YY_BUF_SIZE #ifdef __ia64__ /* On IA-64, the buffer size is 16k, not 8k. * Moreover, YY_BUF_SIZE is 2*YY_READ_BUF_SIZE in the general case. * Ditto for the __ia64__ case accordingly. */ #define YY_BUF_SIZE 32768 #else #define YY_BUF_SIZE 16384 #endif /* __ia64__ */ #endif /* The state buf must be large enough to hold one state per character in the main buffer. */ #define YY_STATE_BUF_SIZE ((YY_BUF_SIZE + 2) * sizeof(yy_state_type)) #ifndef YY_TYPEDEF_YY_BUFFER_STATE #define YY_TYPEDEF_YY_BUFFER_STATE typedef struct yy_buffer_state *YY_BUFFER_STATE; #endif #ifndef YY_TYPEDEF_YY_SIZE_T #define YY_TYPEDEF_YY_SIZE_T typedef size_t yy_size_t; #endif extern int yyleng; extern FILE *yyin, *yyout; #define EOB_ACT_CONTINUE_SCAN 0 #define EOB_ACT_END_OF_FILE 1 #define EOB_ACT_LAST_MATCH 2 /* Note: We specifically omit the test for yy_rule_can_match_eol because it requires * access to the local variable yy_act. Since yyless() is a macro, it would break * existing scanners that call yyless() from OUTSIDE yylex. * One obvious solution it to make yy_act a global. I tried that, and saw * a 5% performance hit in a non-yylineno scanner, because yy_act is * normally declared as a register variable-- so it is not worth it. */ #define YY_LESS_LINENO(n) \ do { \ int yyl;\ for ( yyl = n; yyl < yyleng; ++yyl )\ if ( yytext[yyl] == '\n' )\ --yylineno;\ }while(0) #define YY_LINENO_REWIND_TO(dst) \ do {\ const char *p;\ for ( p = yy_cp-1; p >= (dst); --p)\ if ( *p == '\n' )\ --yylineno;\ }while(0) /* Return all but the first "n" matched characters back to the input stream. */ #define yyless(n) \ do \ { \ /* Undo effects of setting up yytext. */ \ int yyless_macro_arg = (n); \ YY_LESS_LINENO(yyless_macro_arg);\ *yy_cp = (yy_hold_char); \ YY_RESTORE_YY_MORE_OFFSET \ (yy_c_buf_p) = yy_cp = yy_bp + yyless_macro_arg - YY_MORE_ADJ; \ YY_DO_BEFORE_ACTION; /* set up yytext again */ \ } \ while ( 0 ) #define unput(c) yyunput( c, (yytext_ptr) ) #ifndef YY_STRUCT_YY_BUFFER_STATE #define YY_STRUCT_YY_BUFFER_STATE struct yy_buffer_state { FILE *yy_input_file; char *yy_ch_buf; /* input buffer */ char *yy_buf_pos; /* current position in input buffer */ /* Size of input buffer in bytes, not including room for EOB * characters. */ int yy_buf_size; /* Number of characters read into yy_ch_buf, not including EOB * characters. */ int yy_n_chars; /* Whether we "own" the buffer - i.e., we know we created it, * and can realloc() it to grow it, and should free() it to * delete it. */ int yy_is_our_buffer; /* Whether this is an "interactive" input source; if so, and * if we're using stdio for input, then we want to use getc() * instead of fread(), to make sure we stop fetching input after * each newline. */ int yy_is_interactive; /* Whether we're considered to be at the beginning of a line. * If so, '^' rules will be active on the next match, otherwise * not. */ int yy_at_bol; int yy_bs_lineno; /**< The line count. */ int yy_bs_column; /**< The column count. */ /* Whether to try to fill the input buffer when we reach the * end of it. */ int yy_fill_buffer; int yy_buffer_status; #define YY_BUFFER_NEW 0 #define YY_BUFFER_NORMAL 1 /* When an EOF's been seen but there's still some text to process * then we mark the buffer as YY_EOF_PENDING, to indicate that we * shouldn't try reading from the input source any more. We might * still have a bunch of tokens to match, though, because of * possible backing-up. * * When we actually see the EOF, we change the status to "new" * (via yyrestart()), so that the user can continue scanning by * just pointing yyin at a new input file. */ #define YY_BUFFER_EOF_PENDING 2 }; #endif /* !YY_STRUCT_YY_BUFFER_STATE */ /* Stack of input buffers. */ static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */ static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */ static YY_BUFFER_STATE * yy_buffer_stack = NULL; /**< Stack as an array. */ /* We provide macros for accessing buffer states in case in the * future we want to put the buffer states in a more general * "scanner state". * * Returns the top of the stack, or NULL. */ #define YY_CURRENT_BUFFER ( (yy_buffer_stack) \ ? (yy_buffer_stack)[(yy_buffer_stack_top)] \ : NULL) /* Same as previous macro, but useful when we know that the buffer stack is not * NULL or when we need an lvalue. For internal use only. */ #define YY_CURRENT_BUFFER_LVALUE (yy_buffer_stack)[(yy_buffer_stack_top)] /* yy_hold_char holds the character lost when yytext is formed. */ static char yy_hold_char; static int yy_n_chars; /* number of characters read into yy_ch_buf */ int yyleng; /* Points to current character in buffer. */ static char *yy_c_buf_p = NULL; static int yy_init = 0; /* whether we need to initialize */ static int yy_start = 0; /* start state number */ /* Flag which is used to allow yywrap()'s to do buffer switches * instead of setting up a fresh yyin. A bit of a hack ... */ static int yy_did_buffer_switch_on_eof; void yyrestart (FILE *input_file ); void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ); YY_BUFFER_STATE yy_create_buffer (FILE *file,int size ); void yy_delete_buffer (YY_BUFFER_STATE b ); void yy_flush_buffer (YY_BUFFER_STATE b ); void yypush_buffer_state (YY_BUFFER_STATE new_buffer ); void yypop_buffer_state (void ); static void yyensure_buffer_stack (void ); static void yy_load_buffer_state (void ); static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); #define YY_FLUSH_BUFFER yy_flush_buffer(YY_CURRENT_BUFFER ) YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,int len ); void *yyalloc (yy_size_t ); void *yyrealloc (void *,yy_size_t ); void yyfree (void * ); #define yy_new_buffer yy_create_buffer #define yy_set_interactive(is_interactive) \ { \ if ( ! YY_CURRENT_BUFFER ){ \ yyensure_buffer_stack (); \ YY_CURRENT_BUFFER_LVALUE = \ yy_create_buffer(yyin,YY_BUF_SIZE ); \ } \ YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \ } #define yy_set_bol(at_bol) \ { \ if ( ! YY_CURRENT_BUFFER ){\ yyensure_buffer_stack (); \ YY_CURRENT_BUFFER_LVALUE = \ yy_create_buffer(yyin,YY_BUF_SIZE ); \ } \ YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \ } #define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol) /* Begin user sect3 */ #define yywrap() (/*CONSTCOND*/1) #define YY_SKIP_YYWRAP typedef unsigned char YY_CHAR; FILE *yyin = NULL, *yyout = NULL; typedef int yy_state_type; extern int yylineno; int yylineno = 1; extern char *yytext; #ifdef yytext_ptr #undef yytext_ptr #endif #define yytext_ptr yytext static yy_state_type yy_get_previous_state (void ); static yy_state_type yy_try_NUL_trans (yy_state_type current_state ); static int yy_get_next_buffer (void ); static void yynoreturn yy_fatal_error (yyconst char* msg ); /* Done after the current pattern has been matched and before the * corresponding action - sets up yytext. */ #define YY_DO_BEFORE_ACTION \ (yytext_ptr) = yy_bp; \ yyleng = (int) (yy_cp - yy_bp); \ (yy_hold_char) = *yy_cp; \ *yy_cp = '\0'; \ (yy_c_buf_p) = yy_cp; #define YY_NUM_RULES 60 #define YY_END_OF_BUFFER 61 /* This struct is not used in this scanner, but its presence is necessary. */ struct yy_trans_info { flex_int32_t yy_verify; flex_int32_t yy_nxt; }; static yyconst flex_int16_t yy_accept[418] = { 0, 0, 0, 61, 59, 1, 1, 59, 59, 58, 6, 5, 58, 56, 56, 58, 58, 55, 55, 58, 58, 58, 58, 56, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 55, 58, 58, 3, 4, 0, 57, 0, 0, 0, 0, 0, 0, 0, 2, 58, 7, 6, 58, 56, 58, 55, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 56, 0, 0, 0, 0, 55, 0, 0, 58, 56, 58, 58, 58, 55, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 11, 58, 12, 58, 58, 58, 0, 0, 0, 0, 58, 58, 58, 55, 58, 58, 49, 58, 58, 58, 58, 58, 46, 58, 58, 58, 58, 58, 58, 47, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 25, 58, 58, 0, 0, 56, 14, 58, 58, 58, 58, 58, 58, 58, 58, 26, 58, 58, 58, 58, 58, 58, 58, 58, 10, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 0, 0, 58, 58, 58, 24, 58, 29, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 27, 58, 58, 58, 15, 16, 17, 58, 9, 22, 18, 58, 58, 58, 58, 58, 58, 58, 58, 58, 44, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 21, 58, 58, 58, 58, 8, 58, 58, 58, 58, 54, 58, 58, 34, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 30, 58, 58, 58, 23, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 58, 42, 58, 58, 19, 58, 58, 13, 58, 36, 58, 58, 58, 58, 58, 58, 58, 58, 35, 58, 58, 58, 58, 58, 58, 31, 58, 41, 58, 58, 58, 58, 58, 58, 39, 58, 40, 58, 58, 58, 58, 58, 58, 58, 58, 52, 58, 58, 43, 58, 58, 58, 58, 58, 58, 58, 50, 58, 58, 58, 58, 58, 32, 33, 58, 58, 58, 58, 58, 58, 58, 28, 58, 58, 53, 58, 58, 58, 58, 58, 58, 58, 58, 45, 58, 58, 48, 51, 58, 58, 58, 58, 58, 58, 58, 58, 58, 20, 38, 58, 37, 0 } ; static yyconst YY_CHAR yy_ec[256] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, 1, 1, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 2, 1, 4, 5, 1, 1, 1, 1, 1, 1, 1, 1, 1, 6, 7, 1, 8, 9, 10, 11, 12, 12, 12, 12, 12, 12, 1, 1, 1, 13, 1, 1, 1, 14, 15, 15, 15, 16, 17, 15, 15, 15, 15, 15, 18, 15, 19, 20, 15, 15, 21, 22, 23, 24, 15, 15, 15, 25, 15, 1, 26, 1, 1, 1, 1, 27, 28, 29, 30, 31, 32, 33, 34, 35, 15, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 1, 53, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 } ; static yyconst YY_CHAR yy_meta[54] = { 0, 1, 1, 1, 1, 1, 2, 1, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1 } ; static yyconst flex_uint16_t yy_base[421] = { 0, 0, 0, 529, 530, 530, 530, 50, 525, 47, 52, 530, 0, 51, 46, 55, 505, 50, 61, 489, 498, 49, 497, 71, 480, 482, 490, 480, 492, 80, 70, 472, 71, 72, 83, 473, 48, 530, 530, 92, 530, 103, 111, 117, 119, 128, 513, 512, 530, 0, 155, 160, 90, 0, 107, 0, 496, 491, 101, 106, 471, 482, 467, 466, 467, 476, 466, 465, 460, 472, 469, 456, 456, 461, 468, 454, 102, 461, 466, 455, 454, 457, 454, 446, 445, 457, 444, 451, 530, 156, 131, 169, 149, 530, 154, 172, 133, 0, 438, 437, 130, 0, 444, 446, 436, 440, 445, 440, 438, 430, 430, 433, 467, 443, 430, 464, 437, 423, 435, 417, 434, 417, 430, 432, 455, 454, 422, 452, 414, 420, 410, 177, 179, 180, 181, 171, 443, 444, 0, 446, 160, 0, 411, 419, 409, 403, 406, 0, 419, 413, 410, 437, 410, 406, 0, 409, 389, 393, 431, 430, 429, 395, 107, 393, 391, 0, 400, 399, 188, 184, 0, 0, 422, 387, 388, 386, 380, 381, 384, 391, 0, 384, 385, 413, 179, 383, 380, 373, 409, 0, 386, 183, 385, 372, 372, 383, 376, 365, 364, 400, 186, 215, 362, 374, 370, 0, 358, 0, 362, 365, 362, 365, 357, 361, 364, 363, 356, 361, 385, 349, 343, 361, 350, 340, 347, 351, 344, 376, 341, 336, 193, 530, 530, 530, 339, 372, 0, 0, 347, 329, 344, 337, 334, 329, 327, 327, 338, 0, 324, 324, 334, 320, 324, 331, 335, 326, 330, 327, 313, 0, 316, 313, 310, 325, 0, 322, 313, 311, 311, 0, 308, 313, 0, 316, 306, 301, 317, 298, 298, 296, 301, 295, 311, 297, 0, 296, 295, 294, 0, 306, 304, 300, 324, 297, 285, 278, 291, 319, 280, 288, 293, 290, 286, 290, 274, 268, 272, 276, 276, 286, 283, 185, 261, 263, 259, 257, 270, 0, 255, 271, 0, 277, 268, 0, 252, 0, 262, 269, 262, 253, 262, 258, 289, 263, 0, 262, 261, 260, 284, 253, 251, 281, 255, 0, 279, 278, 246, 242, 237, 237, 0, 240, 0, 251, 246, 241, 228, 245, 244, 227, 240, 0, 225, 263, 0, 240, 261, 221, 222, 220, 233, 225, 0, 235, 232, 220, 214, 208, 0, 0, 251, 213, 215, 213, 218, 209, 216, 0, 205, 204, 0, 211, 206, 201, 207, 209, 199, 211, 207, 0, 209, 201, 0, 0, 202, 189, 189, 175, 169, 149, 135, 107, 102, 0, 0, 36, 0, 530, 234, 236, 77 } ; static yyconst flex_int16_t yy_def[421] = { 0, 417, 1, 417, 417, 417, 417, 418, 419, 420, 420, 417, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 417, 417, 418, 417, 418, 418, 418, 418, 418, 418, 419, 417, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 417, 418, 418, 418, 418, 417, 418, 418, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 418, 418, 418, 418, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 418, 418, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 418, 417, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 417, 417, 417, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 420, 0, 417, 417, 417 } ; static yyconst flex_uint16_t yy_nxt[584] = { 0, 4, 5, 6, 7, 8, 9, 4, 10, 10, 10, 10, 10, 11, 12, 12, 12, 13, 12, 14, 15, 12, 16, 17, 12, 18, 4, 19, 20, 21, 22, 12, 23, 24, 25, 12, 26, 27, 28, 14, 29, 30, 31, 32, 33, 34, 35, 12, 36, 12, 18, 12, 37, 38, 40, 50, 50, 50, 50, 50, 51, 51, 51, 51, 51, 52, 53, 41, 57, 42, 43, 58, 54, 44, 55, 45, 46, 59, 52, 49, 62, 416, 41, 63, 64, 52, 53, 54, 86, 42, 43, 87, 59, 58, 55, 44, 40, 54, 52, 55, 45, 73, 78, 80, 58, 74, 79, 88, 96, 72, 75, 81, 54, 76, 66, 88, 82, 89, 46, 55, 84, 40, 83, 93, 97, 100, 58, 96, 101, 46, 89, 90, 93, 118, 91, 88, 92, 46, 194, 97, 94, 195, 119, 46, 95, 46, 138, 100, 415, 91, 101, 90, 414, 93, 46, 135, 92, 46, 40, 95, 40, 138, 94, 50, 50, 50, 50, 50, 51, 51, 51, 51, 51, 40, 131, 46, 40, 135, 133, 413, 46, 40, 46, 88, 40, 93, 132, 170, 93, 412, 88, 174, 40, 131, 134, 46, 169, 175, 46, 168, 133, 132, 170, 46, 200, 46, 46, 46, 212, 213, 46, 169, 46, 221, 46, 411, 134, 330, 410, 200, 409, 168, 214, 231, 232, 233, 215, 222, 260, 408, 331, 378, 379, 407, 261, 39, 39, 47, 47, 406, 405, 404, 403, 402, 401, 400, 399, 398, 397, 396, 395, 394, 393, 392, 391, 390, 389, 388, 387, 386, 385, 384, 383, 382, 381, 380, 377, 376, 375, 374, 373, 372, 371, 370, 369, 368, 367, 366, 365, 364, 363, 362, 361, 360, 359, 358, 357, 356, 355, 354, 353, 352, 351, 350, 349, 348, 347, 346, 345, 344, 343, 342, 341, 340, 339, 338, 337, 336, 335, 334, 333, 332, 329, 328, 327, 326, 325, 324, 323, 322, 321, 320, 319, 318, 317, 316, 315, 314, 313, 312, 311, 310, 309, 308, 307, 306, 305, 304, 303, 302, 301, 300, 299, 298, 297, 296, 295, 294, 293, 292, 291, 290, 289, 288, 287, 286, 285, 284, 283, 282, 281, 280, 279, 278, 277, 276, 275, 274, 273, 272, 271, 270, 269, 268, 267, 266, 265, 264, 263, 262, 259, 258, 257, 256, 255, 254, 253, 252, 251, 250, 249, 248, 247, 246, 245, 244, 243, 242, 241, 240, 239, 238, 237, 236, 235, 234, 230, 229, 228, 227, 226, 225, 224, 223, 220, 219, 218, 217, 216, 211, 210, 209, 208, 207, 206, 205, 204, 203, 202, 201, 199, 198, 197, 196, 193, 192, 191, 190, 189, 188, 187, 186, 185, 184, 183, 182, 181, 180, 179, 178, 177, 176, 173, 172, 171, 167, 166, 165, 164, 163, 162, 161, 160, 159, 158, 157, 156, 155, 154, 153, 152, 151, 150, 149, 148, 147, 146, 145, 144, 143, 142, 141, 140, 139, 137, 136, 130, 129, 128, 127, 126, 125, 124, 123, 122, 121, 120, 117, 116, 115, 114, 113, 112, 111, 110, 109, 108, 107, 106, 105, 104, 103, 102, 99, 98, 48, 417, 85, 77, 71, 70, 69, 68, 67, 65, 61, 60, 56, 48, 417, 3, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417 } ; static yyconst flex_int16_t yy_chk[584] = { 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 7, 9, 9, 9, 9, 9, 10, 10, 10, 10, 10, 13, 14, 7, 17, 7, 7, 17, 15, 7, 15, 7, 7, 18, 13, 420, 21, 415, 7, 21, 21, 23, 14, 15, 36, 7, 7, 36, 18, 17, 15, 7, 39, 29, 23, 29, 7, 30, 32, 33, 34, 30, 32, 41, 52, 29, 30, 33, 29, 30, 23, 42, 33, 41, 39, 29, 34, 43, 33, 44, 54, 58, 34, 52, 59, 41, 41, 42, 45, 76, 43, 90, 43, 42, 162, 54, 44, 162, 76, 43, 45, 44, 100, 58, 412, 43, 59, 42, 411, 92, 45, 96, 43, 90, 94, 45, 89, 100, 44, 50, 50, 50, 50, 50, 51, 51, 51, 51, 51, 91, 89, 92, 95, 96, 94, 410, 94, 131, 89, 132, 133, 134, 91, 135, 169, 409, 200, 140, 168, 89, 95, 91, 133, 140, 95, 131, 94, 91, 135, 131, 168, 132, 133, 134, 184, 184, 169, 133, 200, 191, 168, 408, 95, 311, 407, 168, 406, 131, 184, 201, 201, 201, 184, 191, 230, 405, 311, 368, 368, 404, 230, 418, 418, 419, 419, 401, 400, 398, 397, 396, 395, 394, 393, 392, 391, 389, 388, 386, 385, 384, 383, 382, 381, 380, 377, 376, 375, 374, 373, 371, 370, 369, 367, 366, 365, 363, 362, 360, 359, 358, 357, 356, 355, 354, 353, 351, 349, 348, 347, 346, 345, 344, 342, 341, 340, 339, 338, 337, 336, 335, 333, 332, 331, 330, 329, 328, 327, 326, 324, 322, 321, 319, 318, 316, 315, 314, 313, 312, 310, 309, 308, 307, 306, 305, 304, 303, 302, 301, 300, 299, 298, 297, 296, 295, 294, 293, 292, 291, 290, 289, 287, 286, 285, 283, 282, 281, 280, 279, 278, 277, 276, 275, 274, 273, 271, 270, 268, 267, 266, 265, 263, 262, 261, 260, 258, 257, 256, 255, 254, 253, 252, 251, 250, 249, 248, 246, 245, 244, 243, 242, 241, 240, 239, 238, 235, 234, 229, 228, 227, 226, 225, 224, 223, 222, 221, 220, 219, 218, 217, 216, 215, 214, 213, 212, 211, 210, 209, 208, 206, 204, 203, 202, 199, 198, 197, 196, 195, 194, 193, 192, 190, 188, 187, 186, 185, 183, 182, 181, 179, 178, 177, 176, 175, 174, 173, 172, 167, 166, 164, 163, 161, 160, 159, 158, 157, 156, 155, 153, 152, 151, 150, 149, 148, 146, 145, 144, 143, 142, 139, 137, 136, 130, 129, 128, 127, 126, 125, 124, 123, 122, 121, 120, 119, 118, 117, 116, 115, 114, 113, 112, 111, 110, 109, 108, 107, 106, 105, 104, 103, 102, 99, 98, 87, 86, 85, 84, 83, 82, 81, 80, 79, 78, 77, 75, 74, 73, 72, 71, 70, 69, 68, 67, 66, 65, 64, 63, 62, 61, 60, 57, 56, 47, 46, 35, 31, 28, 27, 26, 25, 24, 22, 20, 19, 16, 8, 3, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417, 417 } ; /* Table of booleans, true if rule could match eol. */ static yyconst flex_int32_t yy_rule_can_match_eol[61] = { 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, }; static yy_state_type yy_last_accepting_state; static char *yy_last_accepting_cpos; extern int yy_flex_debug; int yy_flex_debug = 0; /* The intent behind this definition is that it'll catch * any uses of REJECT which flex missed. */ #define REJECT reject_used_but_not_detected #define yymore() yymore_used_but_not_detected #define YY_MORE_ADJ 0 #define YY_RESTORE_YY_MORE_OFFSET char *yytext; #line 1 "cfg_lex.l" #line 2 "cfg_lex.l" #include #include #include "configuration.h" #include "cfg_parser.h" #define YY_NO_INPUT 1 #line 754 "cfg_lex.c" #define INITIAL 0 #ifndef YY_NO_UNISTD_H /* Special case for "unistd.h", since it is non-ANSI. We include it way * down here because we want the user's section 1 to have been scanned first. * The user has a chance to override it with an option. */ #include #endif #ifndef YY_EXTRA_TYPE #define YY_EXTRA_TYPE void * #endif static int yy_init_globals (void ); /* Accessor methods to globals. These are made visible to non-reentrant scanners for convenience. */ int yylex_destroy (void ); int yyget_debug (void ); void yyset_debug (int debug_flag ); YY_EXTRA_TYPE yyget_extra (void ); void yyset_extra (YY_EXTRA_TYPE user_defined ); FILE *yyget_in (void ); void yyset_in (FILE * _in_str ); FILE *yyget_out (void ); void yyset_out (FILE * _out_str ); int yyget_leng (void ); char *yyget_text (void ); int yyget_lineno (void ); void yyset_lineno (int _line_number ); /* Macros after this point can all be overridden by user definitions in * section 1. */ #ifndef YY_SKIP_YYWRAP #ifdef __cplusplus extern "C" int yywrap (void ); #else extern int yywrap (void ); #endif #endif #ifndef YY_NO_UNPUT #endif #ifndef yytext_ptr static void yy_flex_strncpy (char *,yyconst char *,int ); #endif #ifdef YY_NEED_STRLEN static int yy_flex_strlen (yyconst char * ); #endif #ifndef YY_NO_INPUT #ifdef __cplusplus static int yyinput (void ); #else static int input (void ); #endif #endif /* Amount of stuff to slurp up with each read. */ #ifndef YY_READ_BUF_SIZE #ifdef __ia64__ /* On IA-64, the buffer size is 16k, not 8k */ #define YY_READ_BUF_SIZE 16384 #else #define YY_READ_BUF_SIZE 8192 #endif /* __ia64__ */ #endif /* Copy whatever the last rule matched to the standard output. */ #ifndef ECHO /* This used to be an fputs(), but since the string might contain NUL's, * we now use fwrite(). */ #define ECHO do { if (fwrite( yytext, (size_t) yyleng, 1, yyout )) {} } while (0) #endif /* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, * is returned in "result". */ #ifndef YY_INPUT #define YY_INPUT(buf,result,max_size) \ if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ { \ int c = '*'; \ size_t n; \ for ( n = 0; n < max_size && \ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ buf[n] = (char) c; \ if ( c == '\n' ) \ buf[n++] = (char) c; \ if ( c == EOF && ferror( yyin ) ) \ YY_FATAL_ERROR( "input in flex scanner failed" ); \ result = n; \ } \ else \ { \ errno=0; \ while ( (result = (int) fread(buf, 1, max_size, yyin))==0 && ferror(yyin)) \ { \ if( errno != EINTR) \ { \ YY_FATAL_ERROR( "input in flex scanner failed" ); \ break; \ } \ errno=0; \ clearerr(yyin); \ } \ }\ \ #endif /* No semi-colon after return; correct usage is to write "yyterminate();" - * we don't want an extra ';' after the "return" because that will cause * some compilers to complain about unreachable statements. */ #ifndef yyterminate #define yyterminate() return YY_NULL #endif /* Number of entries by which start-condition stack grows. */ #ifndef YY_START_STACK_INCR #define YY_START_STACK_INCR 25 #endif /* Report a fatal error. */ #ifndef YY_FATAL_ERROR #define YY_FATAL_ERROR(msg) yy_fatal_error( msg ) #endif /* end tables serialization structures and prototypes */ /* Default declaration of generated scanner - a define so the user can * easily add parameters. */ #ifndef YY_DECL #define YY_DECL_IS_OURS 1 extern int yylex (void); #define YY_DECL int yylex (void) #endif /* !YY_DECL */ /* Code executed at the beginning of each rule, after yytext and yyleng * have been set up. */ #ifndef YY_USER_ACTION #define YY_USER_ACTION #endif /* Code executed at the end of each rule. */ #ifndef YY_BREAK #define YY_BREAK /*LINTED*/break; #endif #define YY_RULE_SETUP \ YY_USER_ACTION /** The main scanner function which does all the work. */ YY_DECL { yy_state_type yy_current_state; char *yy_cp, *yy_bp; int yy_act; if ( !(yy_init) ) { (yy_init) = 1; #ifdef YY_USER_INIT YY_USER_INIT; #endif if ( ! (yy_start) ) (yy_start) = 1; /* first start state */ if ( ! yyin ) yyin = stdin; if ( ! yyout ) yyout = stdout; if ( ! YY_CURRENT_BUFFER ) { yyensure_buffer_stack (); YY_CURRENT_BUFFER_LVALUE = yy_create_buffer(yyin,YY_BUF_SIZE ); } yy_load_buffer_state( ); } { #line 13 "cfg_lex.l" #line 972 "cfg_lex.c" while ( /*CONSTCOND*/1 ) /* loops until end-of-file is reached */ { yy_cp = (yy_c_buf_p); /* Support of yytext. */ *yy_cp = (yy_hold_char); /* yy_bp points to the position in yy_ch_buf of the start of * the current run. */ yy_bp = yy_cp; yy_current_state = (yy_start); yy_match: do { YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)] ; if ( yy_accept[yy_current_state] ) { (yy_last_accepting_state) = yy_current_state; (yy_last_accepting_cpos) = yy_cp; } while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; if ( yy_current_state >= 418 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (flex_int16_t) yy_c]; ++yy_cp; } while ( yy_base[yy_current_state] != 530 ); yy_find_action: yy_act = yy_accept[yy_current_state]; if ( yy_act == 0 ) { /* have to back up */ yy_cp = (yy_last_accepting_cpos); yy_current_state = (yy_last_accepting_state); yy_act = yy_accept[yy_current_state]; } YY_DO_BEFORE_ACTION; if ( yy_act != YY_END_OF_BUFFER && yy_rule_can_match_eol[yy_act] ) { yy_size_t yyl; for ( yyl = 0; yyl < yyleng; ++yyl ) if ( yytext[yyl] == '\n' ) yylineno++; ; } do_action: /* This label is used only to access EOF actions. */ switch ( yy_act ) { /* beginning of action switch */ case 0: /* must back up */ /* undo the effects of YY_DO_BEFORE_ACTION */ *yy_cp = (yy_hold_char); yy_cp = (yy_last_accepting_cpos); yy_current_state = (yy_last_accepting_state); goto yy_find_action; case 1: /* rule 1 can match eol */ YY_RULE_SETUP #line 14 "cfg_lex.l" ; YY_BREAK case 2: *yy_cp = (yy_hold_char); /* undo effects of setting up yytext */ (yy_c_buf_p) = yy_cp -= 1; YY_DO_BEFORE_ACTION; /* set up yytext again */ YY_RULE_SETUP #line 15 "cfg_lex.l" ; YY_BREAK case 3: YY_RULE_SETUP #line 16 "cfg_lex.l" { return ('{'); } YY_BREAK case 4: YY_RULE_SETUP #line 17 "cfg_lex.l" { return ('}'); } YY_BREAK case 5: YY_RULE_SETUP #line 18 "cfg_lex.l" { return ('='); } YY_BREAK case 6: YY_RULE_SETUP #line 20 "cfg_lex.l" { yylval.i = atoi(yytext); return (UINT); } YY_BREAK case 7: YY_RULE_SETUP #line 25 "cfg_lex.l" { yylval.i = atoi(yytext); return (INT); } YY_BREAK case 8: YY_RULE_SETUP #line 30 "cfg_lex.l" { return (TOK_FRONTEND); } YY_BREAK case 9: YY_RULE_SETUP #line 31 "cfg_lex.l" { return (TOK_BACKEND); } YY_BREAK case 10: YY_RULE_SETUP #line 32 "cfg_lex.l" { return (TOK_QUIET); } YY_BREAK case 11: YY_RULE_SETUP #line 33 "cfg_lex.l" { return (TOK_SSL); } YY_BREAK case 12: YY_RULE_SETUP #line 34 "cfg_lex.l" { return (TOK_TLS); } YY_BREAK case 13: YY_RULE_SETUP #line 35 "cfg_lex.l" { return (TOK_TLS_PROTOS); } YY_BREAK case 14: YY_RULE_SETUP #line 36 "cfg_lex.l" { return (TOK_SSLv3); } YY_BREAK case 15: YY_RULE_SETUP #line 37 "cfg_lex.l" { return (TOK_TLSv1_0); } YY_BREAK case 16: YY_RULE_SETUP #line 38 "cfg_lex.l" { return (TOK_TLSv1_1); } YY_BREAK case 17: YY_RULE_SETUP #line 39 "cfg_lex.l" { return (TOK_TLSv1_2); } YY_BREAK case 18: YY_RULE_SETUP #line 40 "cfg_lex.l" { return (TOK_CIPHERS); } YY_BREAK case 19: YY_RULE_SETUP #line 41 "cfg_lex.l" { return (TOK_SSL_ENGINE); } YY_BREAK case 20: YY_RULE_SETUP #line 42 "cfg_lex.l" { return (TOK_PREFER_SERVER_CIPHERS); } YY_BREAK case 21: YY_RULE_SETUP #line 43 "cfg_lex.l" { return (TOK_WORKERS); } YY_BREAK case 22: YY_RULE_SETUP #line 44 "cfg_lex.l" { return (TOK_BACKLOG); } YY_BREAK case 23: YY_RULE_SETUP #line 45 "cfg_lex.l" { return (TOK_KEEPALIVE); } YY_BREAK case 24: YY_RULE_SETUP #line 46 "cfg_lex.l" { return (TOK_CHROOT); } YY_BREAK case 25: YY_RULE_SETUP #line 47 "cfg_lex.l" { return (TOK_USER); } YY_BREAK case 26: YY_RULE_SETUP #line 48 "cfg_lex.l" { return (TOK_GROUP); } YY_BREAK case 27: YY_RULE_SETUP #line 49 "cfg_lex.l" { return (TOK_SYSLOG); } YY_BREAK case 28: YY_RULE_SETUP #line 50 "cfg_lex.l" { return (TOK_SYSLOG_FACILITY); } YY_BREAK case 29: YY_RULE_SETUP #line 51 "cfg_lex.l" { return (TOK_DAEMON); } YY_BREAK case 30: YY_RULE_SETUP #line 52 "cfg_lex.l" { return (TOK_WRITE_IP); } YY_BREAK case 31: YY_RULE_SETUP #line 53 "cfg_lex.l" { return (TOK_WRITE_PROXY); } YY_BREAK case 32: YY_RULE_SETUP #line 54 "cfg_lex.l" { return (TOK_WRITE_PROXY_V1); } YY_BREAK case 33: YY_RULE_SETUP #line 55 "cfg_lex.l" { return (TOK_WRITE_PROXY_V2); } YY_BREAK case 34: YY_RULE_SETUP #line 56 "cfg_lex.l" { return (TOK_PEM_FILE); } YY_BREAK case 35: YY_RULE_SETUP #line 57 "cfg_lex.l" { return (TOK_PROXY_PROXY); } YY_BREAK case 36: YY_RULE_SETUP #line 58 "cfg_lex.l" { return (TOK_ALPN_PROTOS); } YY_BREAK case 37: YY_RULE_SETUP #line 59 "cfg_lex.l" { return (TOK_BACKEND_CONNECT_TIMEOUT); } YY_BREAK case 38: YY_RULE_SETUP #line 60 "cfg_lex.l" { return (TOK_SSL_HANDSHAKE_TIMEOUT); } YY_BREAK case 39: YY_RULE_SETUP #line 61 "cfg_lex.l" { return (TOK_RECV_BUFSIZE); } YY_BREAK case 40: YY_RULE_SETUP #line 62 "cfg_lex.l" { return (TOK_SEND_BUFSIZE); } YY_BREAK case 41: YY_RULE_SETUP #line 63 "cfg_lex.l" { return (TOK_LOG_FILENAME); } YY_BREAK case 42: YY_RULE_SETUP #line 64 "cfg_lex.l" { return (TOK_RING_SLOTS); } YY_BREAK case 43: YY_RULE_SETUP #line 65 "cfg_lex.l" { return (TOK_RING_DATA_LEN); } YY_BREAK case 44: YY_RULE_SETUP #line 66 "cfg_lex.l" { return (TOK_PIDFILE); } YY_BREAK case 45: YY_RULE_SETUP #line 67 "cfg_lex.l" { return (TOK_SNI_NOMATCH_ABORT); } YY_BREAK case 46: YY_RULE_SETUP #line 68 "cfg_lex.l" { return (TOK_HOST); } YY_BREAK case 47: YY_RULE_SETUP #line 69 "cfg_lex.l" { return (TOK_PORT); } YY_BREAK case 48: YY_RULE_SETUP #line 70 "cfg_lex.l" { return (TOK_MATCH_GLOBAL); } YY_BREAK case 49: YY_RULE_SETUP #line 71 "cfg_lex.l" { return (TOK_PB_CERT); } YY_BREAK case 50: YY_RULE_SETUP #line 72 "cfg_lex.l" { return (TOK_PB_OCSP_FILE); } YY_BREAK case 51: YY_RULE_SETUP #line 73 "cfg_lex.l" { return (TOK_OCSP_VERIFY); } YY_BREAK case 52: YY_RULE_SETUP #line 74 "cfg_lex.l" { return (TOK_OCSP_RESP_TMO); } YY_BREAK case 53: YY_RULE_SETUP #line 75 "cfg_lex.l" { return (TOK_OCSP_CONN_TMO); } YY_BREAK case 54: YY_RULE_SETUP #line 76 "cfg_lex.l" { return (TOK_OCSP_DIR); } YY_BREAK case 55: YY_RULE_SETUP #line 78 "cfg_lex.l" { yylval.i = 1; return (BOOL); } YY_BREAK case 56: YY_RULE_SETUP #line 83 "cfg_lex.l" { yylval.i = 0; return (BOOL); } YY_BREAK case 57: /* rule 57 can match eol */ YY_RULE_SETUP #line 88 "cfg_lex.l" { char *s; if (strlen(yytext) == 2) { yylval.s = NULL; return (STRING); } s = strchr(yytext + 1, '"'); *s = '\0'; yylval.s = yytext + 1; return (STRING); } YY_BREAK case 58: YY_RULE_SETUP #line 99 "cfg_lex.l" { yylval.s = yytext; return (STRING); } YY_BREAK case 59: YY_RULE_SETUP #line 104 "cfg_lex.l" ; YY_BREAK case 60: YY_RULE_SETUP #line 105 "cfg_lex.l" ECHO; YY_BREAK #line 1369 "cfg_lex.c" case YY_STATE_EOF(INITIAL): yyterminate(); case YY_END_OF_BUFFER: { /* Amount of text matched not including the EOB char. */ int yy_amount_of_matched_text = (int) (yy_cp - (yytext_ptr)) - 1; /* Undo the effects of YY_DO_BEFORE_ACTION. */ *yy_cp = (yy_hold_char); YY_RESTORE_YY_MORE_OFFSET if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_NEW ) { /* We're scanning a new file or input source. It's * possible that this happened because the user * just pointed yyin at a new source and called * yylex(). If so, then we have to assure * consistency between YY_CURRENT_BUFFER and our * globals. Here is the right place to do so, because * this is the first action (other than possibly a * back-up) that will match for the new input source. */ (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; YY_CURRENT_BUFFER_LVALUE->yy_input_file = yyin; YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_NORMAL; } /* Note that here we test for yy_c_buf_p "<=" to the position * of the first EOB in the buffer, since yy_c_buf_p will * already have been incremented past the NUL character * (since all states make transitions on EOB to the * end-of-buffer state). Contrast this with the test * in input(). */ if ( (yy_c_buf_p) <= &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) { /* This was really a NUL. */ yy_state_type yy_next_state; (yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text; yy_current_state = yy_get_previous_state( ); /* Okay, we're now positioned to make the NUL * transition. We couldn't have * yy_get_previous_state() go ahead and do it * for us because it doesn't know how to deal * with the possibility of jamming (and we don't * want to build jamming into it because then it * will run more slowly). */ yy_next_state = yy_try_NUL_trans( yy_current_state ); yy_bp = (yytext_ptr) + YY_MORE_ADJ; if ( yy_next_state ) { /* Consume the NUL. */ yy_cp = ++(yy_c_buf_p); yy_current_state = yy_next_state; goto yy_match; } else { yy_cp = (yy_c_buf_p); goto yy_find_action; } } else switch ( yy_get_next_buffer( ) ) { case EOB_ACT_END_OF_FILE: { (yy_did_buffer_switch_on_eof) = 0; if ( yywrap( ) ) { /* Note: because we've taken care in * yy_get_next_buffer() to have set up * yytext, we can now set up * yy_c_buf_p so that if some total * hoser (like flex itself) wants to * call the scanner after we return the * YY_NULL, it'll still work - another * YY_NULL will get returned. */ (yy_c_buf_p) = (yytext_ptr) + YY_MORE_ADJ; yy_act = YY_STATE_EOF(YY_START); goto do_action; } else { if ( ! (yy_did_buffer_switch_on_eof) ) YY_NEW_FILE; } break; } case EOB_ACT_CONTINUE_SCAN: (yy_c_buf_p) = (yytext_ptr) + yy_amount_of_matched_text; yy_current_state = yy_get_previous_state( ); yy_cp = (yy_c_buf_p); yy_bp = (yytext_ptr) + YY_MORE_ADJ; goto yy_match; case EOB_ACT_LAST_MATCH: (yy_c_buf_p) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)]; yy_current_state = yy_get_previous_state( ); yy_cp = (yy_c_buf_p); yy_bp = (yytext_ptr) + YY_MORE_ADJ; goto yy_find_action; } break; } default: YY_FATAL_ERROR( "fatal flex scanner internal error--no action found" ); } /* end of action switch */ } /* end of scanning one token */ } /* end of user's declarations */ } /* end of yylex */ /* yy_get_next_buffer - try to read in a new buffer * * Returns a code representing an action: * EOB_ACT_LAST_MATCH - * EOB_ACT_CONTINUE_SCAN - continue scanning from current position * EOB_ACT_END_OF_FILE - end of file */ static int yy_get_next_buffer (void) { char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf; char *source = (yytext_ptr); yy_size_t number_to_move, i; int ret_val; if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] ) YY_FATAL_ERROR( "fatal flex scanner internal error--end of buffer missed" ); if ( YY_CURRENT_BUFFER_LVALUE->yy_fill_buffer == 0 ) { /* Don't try to fill the buffer, so this is an EOF. */ if ( (yy_c_buf_p) - (yytext_ptr) - YY_MORE_ADJ == 1 ) { /* We matched a single character, the EOB, so * treat this as a final EOF. */ return EOB_ACT_END_OF_FILE; } else { /* We matched some text prior to the EOB, first * process it. */ return EOB_ACT_LAST_MATCH; } } /* Try to read more data. */ /* First move last chars to start of buffer. */ number_to_move = (yy_size_t) ((yy_c_buf_p) - (yytext_ptr)) - 1; for ( i = 0; i < number_to_move; ++i ) *(dest++) = *(source++); if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING ) /* don't do the read, it's not guaranteed to return an EOF, * just force an EOF */ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars) = 0; else { int num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) { /* Not enough room in the buffer - grow it. */ /* just a shorter name for the current buffer */ YY_BUFFER_STATE b = YY_CURRENT_BUFFER_LVALUE; int yy_c_buf_p_offset = (int) ((yy_c_buf_p) - b->yy_ch_buf); if ( b->yy_is_our_buffer ) { int new_size = b->yy_buf_size * 2; if ( new_size <= 0 ) b->yy_buf_size += b->yy_buf_size / 8; else b->yy_buf_size *= 2; b->yy_ch_buf = (char *) /* Include room in for 2 EOB chars. */ yyrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2 ); } else /* Can't grow it, we don't own it. */ b->yy_ch_buf = NULL; if ( ! b->yy_ch_buf ) YY_FATAL_ERROR( "fatal error - scanner input buffer overflow" ); (yy_c_buf_p) = &b->yy_ch_buf[yy_c_buf_p_offset]; num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; } if ( num_to_read > YY_READ_BUF_SIZE ) num_to_read = YY_READ_BUF_SIZE; /* Read in more data. */ YY_INPUT( (&YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]), (yy_n_chars), num_to_read ); YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); } if ( (yy_n_chars) == 0 ) { if ( number_to_move == YY_MORE_ADJ ) { ret_val = EOB_ACT_END_OF_FILE; yyrestart(yyin ); } else { ret_val = EOB_ACT_LAST_MATCH; YY_CURRENT_BUFFER_LVALUE->yy_buffer_status = YY_BUFFER_EOF_PENDING; } } else ret_val = EOB_ACT_CONTINUE_SCAN; if ((int) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) { /* Extend the array by 50%, plus the number we really need. */ int new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1); YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size ); if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" ); } (yy_n_chars) += number_to_move; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] = YY_END_OF_BUFFER_CHAR; YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] = YY_END_OF_BUFFER_CHAR; (yytext_ptr) = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[0]; return ret_val; } /* yy_get_previous_state - get the state just before the EOB char was reached */ static yy_state_type yy_get_previous_state (void) { yy_state_type yy_current_state; char *yy_cp; yy_current_state = (yy_start); for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp ) { YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); if ( yy_accept[yy_current_state] ) { (yy_last_accepting_state) = yy_current_state; (yy_last_accepting_cpos) = yy_cp; } while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; if ( yy_current_state >= 418 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (flex_int16_t) yy_c]; } return yy_current_state; } /* yy_try_NUL_trans - try to make a transition on the NUL character * * synopsis * next_state = yy_try_NUL_trans( current_state ); */ static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state ) { int yy_is_jam; char *yy_cp = (yy_c_buf_p); YY_CHAR yy_c = 1; if ( yy_accept[yy_current_state] ) { (yy_last_accepting_state) = yy_current_state; (yy_last_accepting_cpos) = yy_cp; } while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) { yy_current_state = (int) yy_def[yy_current_state]; if ( yy_current_state >= 418 ) yy_c = yy_meta[(unsigned int) yy_c]; } yy_current_state = yy_nxt[yy_base[yy_current_state] + (flex_int16_t) yy_c]; yy_is_jam = (yy_current_state == 417); return yy_is_jam ? 0 : yy_current_state; } #ifndef YY_NO_UNPUT #endif #ifndef YY_NO_INPUT #ifdef __cplusplus static int yyinput (void) #else static int input (void) #endif { int c; *(yy_c_buf_p) = (yy_hold_char); if ( *(yy_c_buf_p) == YY_END_OF_BUFFER_CHAR ) { /* yy_c_buf_p now points to the character we want to return. * If this occurs *before* the EOB characters, then it's a * valid NUL; if not, then we've hit the end of the buffer. */ if ( (yy_c_buf_p) < &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars)] ) /* This was really a NUL. */ *(yy_c_buf_p) = '\0'; else { /* need more input */ int offset = (yy_c_buf_p) - (yytext_ptr); ++(yy_c_buf_p); switch ( yy_get_next_buffer( ) ) { case EOB_ACT_LAST_MATCH: /* This happens because yy_g_n_b() * sees that we've accumulated a * token and flags that we need to * try matching the token before * proceeding. But for input(), * there's no matching to consider. * So convert the EOB_ACT_LAST_MATCH * to EOB_ACT_END_OF_FILE. */ /* Reset buffer status. */ yyrestart(yyin ); /*FALLTHROUGH*/ case EOB_ACT_END_OF_FILE: { if ( yywrap( ) ) return 0; if ( ! (yy_did_buffer_switch_on_eof) ) YY_NEW_FILE; #ifdef __cplusplus return yyinput(); #else return input(); #endif } case EOB_ACT_CONTINUE_SCAN: (yy_c_buf_p) = (yytext_ptr) + offset; break; } } } c = *(unsigned char *) (yy_c_buf_p); /* cast for 8-bit char's */ *(yy_c_buf_p) = '\0'; /* preserve yytext */ (yy_hold_char) = *++(yy_c_buf_p); if ( c == '\n' ) yylineno++; ; return c; } #endif /* ifndef YY_NO_INPUT */ /** Immediately switch to a different input stream. * @param input_file A readable stream. * * @note This function does not reset the start condition to @c INITIAL . */ void yyrestart (FILE * input_file ) { if ( ! YY_CURRENT_BUFFER ){ yyensure_buffer_stack (); YY_CURRENT_BUFFER_LVALUE = yy_create_buffer(yyin,YY_BUF_SIZE ); } yy_init_buffer(YY_CURRENT_BUFFER,input_file ); yy_load_buffer_state( ); } /** Switch to a different input buffer. * @param new_buffer The new input buffer. * */ void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ) { /* TODO. We should be able to replace this entire function body * with * yypop_buffer_state(); * yypush_buffer_state(new_buffer); */ yyensure_buffer_stack (); if ( YY_CURRENT_BUFFER == new_buffer ) return; if ( YY_CURRENT_BUFFER ) { /* Flush out information for old buffer. */ *(yy_c_buf_p) = (yy_hold_char); YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); } YY_CURRENT_BUFFER_LVALUE = new_buffer; yy_load_buffer_state( ); /* We don't actually know whether we did this switch during * EOF (yywrap()) processing, but the only time this flag * is looked at is after yywrap() is called, so it's safe * to go ahead and always set it. */ (yy_did_buffer_switch_on_eof) = 1; } static void yy_load_buffer_state (void) { (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_n_chars; (yytext_ptr) = (yy_c_buf_p) = YY_CURRENT_BUFFER_LVALUE->yy_buf_pos; yyin = YY_CURRENT_BUFFER_LVALUE->yy_input_file; (yy_hold_char) = *(yy_c_buf_p); } /** Allocate and initialize an input buffer state. * @param file A readable stream. * @param size The character buffer size in bytes. When in doubt, use @c YY_BUF_SIZE. * * @return the allocated buffer state. */ YY_BUFFER_STATE yy_create_buffer (FILE * file, int size ) { YY_BUFFER_STATE b; b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); if ( ! b ) YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); b->yy_buf_size = (yy_size_t)size; /* yy_ch_buf has to be 2 characters longer than the size given because * we need to put in 2 end-of-buffer characters. */ b->yy_ch_buf = (char *) yyalloc(b->yy_buf_size + 2 ); if ( ! b->yy_ch_buf ) YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); b->yy_is_our_buffer = 1; yy_init_buffer(b,file ); return b; } /** Destroy the buffer. * @param b a buffer created with yy_create_buffer() * */ void yy_delete_buffer (YY_BUFFER_STATE b ) { if ( ! b ) return; if ( b == YY_CURRENT_BUFFER ) /* Not sure if we should pop here. */ YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0; if ( b->yy_is_our_buffer ) yyfree((void *) b->yy_ch_buf ); yyfree((void *) b ); } /* Initializes or reinitializes a buffer. * This function is sometimes called more than once on the same buffer, * such as during a yyrestart() or at EOF. */ static void yy_init_buffer (YY_BUFFER_STATE b, FILE * file ) { int oerrno = errno; yy_flush_buffer(b ); b->yy_input_file = file; b->yy_fill_buffer = 1; /* If b is the current buffer, then yy_init_buffer was _probably_ * called from yyrestart() or through yy_get_next_buffer. * In that case, we don't want to reset the lineno or column. */ if (b != YY_CURRENT_BUFFER){ b->yy_bs_lineno = 1; b->yy_bs_column = 0; } b->yy_is_interactive = file ? (isatty( fileno(file) ) > 0) : 0; errno = oerrno; } /** Discard all buffered characters. On the next scan, YY_INPUT will be called. * @param b the buffer state to be flushed, usually @c YY_CURRENT_BUFFER. * */ void yy_flush_buffer (YY_BUFFER_STATE b ) { if ( ! b ) return; b->yy_n_chars = 0; /* We always need two end-of-buffer characters. The first causes * a transition to the end-of-buffer state. The second causes * a jam in that state. */ b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR; b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR; b->yy_buf_pos = &b->yy_ch_buf[0]; b->yy_at_bol = 1; b->yy_buffer_status = YY_BUFFER_NEW; if ( b == YY_CURRENT_BUFFER ) yy_load_buffer_state( ); } /** Pushes the new state onto the stack. The new state becomes * the current state. This function will allocate the stack * if necessary. * @param new_buffer The new state. * */ void yypush_buffer_state (YY_BUFFER_STATE new_buffer ) { if (new_buffer == NULL) return; yyensure_buffer_stack(); /* This block is copied from yy_switch_to_buffer. */ if ( YY_CURRENT_BUFFER ) { /* Flush out information for old buffer. */ *(yy_c_buf_p) = (yy_hold_char); YY_CURRENT_BUFFER_LVALUE->yy_buf_pos = (yy_c_buf_p); YY_CURRENT_BUFFER_LVALUE->yy_n_chars = (yy_n_chars); } /* Only push if top exists. Otherwise, replace top. */ if (YY_CURRENT_BUFFER) (yy_buffer_stack_top)++; YY_CURRENT_BUFFER_LVALUE = new_buffer; /* copied from yy_switch_to_buffer. */ yy_load_buffer_state( ); (yy_did_buffer_switch_on_eof) = 1; } /** Removes and deletes the top of the stack, if present. * The next element becomes the new top. * */ void yypop_buffer_state (void) { if (!YY_CURRENT_BUFFER) return; yy_delete_buffer(YY_CURRENT_BUFFER ); YY_CURRENT_BUFFER_LVALUE = NULL; if ((yy_buffer_stack_top) > 0) --(yy_buffer_stack_top); if (YY_CURRENT_BUFFER) { yy_load_buffer_state( ); (yy_did_buffer_switch_on_eof) = 1; } } /* Allocates the stack if it does not exist. * Guarantees space for at least one push. */ static void yyensure_buffer_stack (void) { int num_to_alloc; if (!(yy_buffer_stack)) { /* First allocation is just for 2 elements, since we don't know if this * scanner will even need a stack. We use 2 instead of 1 to avoid an * immediate realloc on the next call. */ num_to_alloc = 1; /* After all that talk, this was set to 1 anyways... */ (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc (num_to_alloc * sizeof(struct yy_buffer_state*) ); if ( ! (yy_buffer_stack) ) YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); (yy_buffer_stack_max) = num_to_alloc; (yy_buffer_stack_top) = 0; return; } if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){ /* Increase the buffer to prepare for a possible push. */ yy_size_t grow_size = 8 /* arbitrary grow size */; num_to_alloc = (yy_buffer_stack_max) + grow_size; (yy_buffer_stack) = (struct yy_buffer_state**)yyrealloc ((yy_buffer_stack), num_to_alloc * sizeof(struct yy_buffer_state*) ); if ( ! (yy_buffer_stack) ) YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); /* zero only the new slots.*/ memset((yy_buffer_stack) + (yy_buffer_stack_max), 0, grow_size * sizeof(struct yy_buffer_state*)); (yy_buffer_stack_max) = num_to_alloc; } } /** Setup the input buffer state to scan directly from a user-specified character buffer. * @param base the character buffer * @param size the size in bytes of the character buffer * * @return the newly allocated buffer state object. */ YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) { YY_BUFFER_STATE b; if ( size < 2 || base[size-2] != YY_END_OF_BUFFER_CHAR || base[size-1] != YY_END_OF_BUFFER_CHAR ) /* They forgot to leave room for the EOB's. */ return NULL; b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); if ( ! b ) YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ b->yy_buf_pos = b->yy_ch_buf = base; b->yy_is_our_buffer = 0; b->yy_input_file = NULL; b->yy_n_chars = b->yy_buf_size; b->yy_is_interactive = 0; b->yy_at_bol = 1; b->yy_fill_buffer = 0; b->yy_buffer_status = YY_BUFFER_NEW; yy_switch_to_buffer(b ); return b; } /** Setup the input buffer state to scan a string. The next call to yylex() will * scan from a @e copy of @a str. * @param yystr a NUL-terminated string to scan * * @return the newly allocated buffer state object. * @note If you want to scan bytes that may contain NUL values, then use * yy_scan_bytes() instead. */ YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) { return yy_scan_bytes(yystr,(int) strlen(yystr) ); } /** Setup the input buffer state to scan the given bytes. The next call to yylex() will * scan from a @e copy of @a bytes. * @param yybytes the byte buffer to scan * @param _yybytes_len the number of bytes in the buffer pointed to by @a bytes. * * @return the newly allocated buffer state object. */ YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, int _yybytes_len ) { YY_BUFFER_STATE b; char *buf; yy_size_t n; yy_size_t i; /* Get memory for full buffer, including space for trailing EOB's. */ n = (yy_size_t) _yybytes_len + 2; buf = (char *) yyalloc(n ); if ( ! buf ) YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); for ( i = 0; i < _yybytes_len; ++i ) buf[i] = yybytes[i]; buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR; b = yy_scan_buffer(buf,n ); if ( ! b ) YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); /* It's okay to grow etc. this buffer, and we should throw it * away when we're done. */ b->yy_is_our_buffer = 1; return b; } #ifndef YY_EXIT_FAILURE #define YY_EXIT_FAILURE 2 #endif static void yynoreturn yy_fatal_error (yyconst char* msg ) { (void) fprintf( stderr, "%s\n", msg ); exit( YY_EXIT_FAILURE ); } /* Redefine yyless() so it works in section 3 code. */ #undef yyless #define yyless(n) \ do \ { \ /* Undo effects of setting up yytext. */ \ int yyless_macro_arg = (n); \ YY_LESS_LINENO(yyless_macro_arg);\ yytext[yyleng] = (yy_hold_char); \ (yy_c_buf_p) = yytext + yyless_macro_arg; \ (yy_hold_char) = *(yy_c_buf_p); \ *(yy_c_buf_p) = '\0'; \ yyleng = yyless_macro_arg; \ } \ while ( 0 ) /* Accessor methods (get/set functions) to struct members. */ /** Get the current line number. * */ int yyget_lineno (void) { return yylineno; } /** Get the input stream. * */ FILE *yyget_in (void) { return yyin; } /** Get the output stream. * */ FILE *yyget_out (void) { return yyout; } /** Get the length of the current token. * */ int yyget_leng (void) { return yyleng; } /** Get the current token. * */ char *yyget_text (void) { return yytext; } /** Set the current line number. * @param _line_number line number * */ void yyset_lineno (int _line_number ) { yylineno = _line_number; } /** Set the input stream. This does not discard the current * input buffer. * @param _in_str A readable stream. * * @see yy_switch_to_buffer */ void yyset_in (FILE * _in_str ) { yyin = _in_str ; } void yyset_out (FILE * _out_str ) { yyout = _out_str ; } int yyget_debug (void) { return yy_flex_debug; } void yyset_debug (int _bdebug ) { yy_flex_debug = _bdebug ; } static int yy_init_globals (void) { /* Initialization is the same as for the non-reentrant scanner. * This function is called from yylex_destroy(), so don't allocate here. */ /* We do not touch yylineno unless the option is enabled. */ yylineno = 1; (yy_buffer_stack) = NULL; (yy_buffer_stack_top) = 0; (yy_buffer_stack_max) = 0; (yy_c_buf_p) = NULL; (yy_init) = 0; (yy_start) = 0; /* Defined in main.c */ #ifdef YY_STDINIT yyin = stdin; yyout = stdout; #else yyin = NULL; yyout = NULL; #endif /* For future reference: Set errno on error, since we are called by * yylex_init() */ return 0; } /* yylex_destroy is for both reentrant and non-reentrant scanners. */ int yylex_destroy (void) { /* Pop the buffer stack, destroying each element. */ while(YY_CURRENT_BUFFER){ yy_delete_buffer(YY_CURRENT_BUFFER ); YY_CURRENT_BUFFER_LVALUE = NULL; yypop_buffer_state(); } /* Destroy the stack itself. */ yyfree((yy_buffer_stack) ); (yy_buffer_stack) = NULL; /* Reset the globals. This is important in a non-reentrant scanner so the next time * yylex() is called, initialization will occur. */ yy_init_globals( ); return 0; } /* * Internal utility routines. */ #ifndef yytext_ptr static void yy_flex_strncpy (char* s1, yyconst char * s2, int n ) { int i; for ( i = 0; i < n; ++i ) s1[i] = s2[i]; } #endif #ifdef YY_NEED_STRLEN static int yy_flex_strlen (yyconst char * s ) { int n; for ( n = 0; s[n]; ++n ) ; return n; } #endif void *yyalloc (yy_size_t size ) { return malloc(size); } void *yyrealloc (void * ptr, yy_size_t size ) { /* The cast to (char *) in the following accommodates both * implementations that use char* generic pointers, and those * that use void* generic pointers. It works with the latter * because both ANSI C and C++ allow castless assignment from * any pointer type to void*, and deal with argument conversions * as though doing an assignment. */ return realloc(ptr, size); } void yyfree (void * ptr ) { free( (char *) ptr ); /* see yyrealloc() for (char *) cast */ } #define YYTABLES_NAME "yytables" #line 105 "cfg_lex.l" hitch-1.4.4/src/cfg_parser.y0000644000175000017500000002414013024470656012644 00000000000000%{ #include #include #include "configuration.h" #include "foreign/vas.h" #include "foreign/miniobj.h" #include "foreign/uthash.h" extern int yylex (void); extern int yyparse(hitch_config *); extern FILE *yyin; int yyget_lineno(void); int config_param_validate(char *k, char *v, hitch_config *cfg, char *file, int line); int front_arg_add(hitch_config *cfg, struct front_arg *fa); struct front_arg *front_arg_new(void); void front_arg_destroy(struct front_arg *fa); struct cfg_cert_file * cfg_cert_file_new(void); void cfg_cert_file_free(struct cfg_cert_file **cfptr); int cfg_cert_vfy(struct cfg_cert_file *cf); void yyerror(hitch_config *, const char *); void cfg_cert_add(struct cfg_cert_file *cf, struct cfg_cert_file **dst); static struct front_arg *cur_fa; static struct cfg_cert_file *cur_pem; %} %union { int i; char *s; } %token INT %token UINT %token BOOL %token STRING %token TOK_CIPHERS TOK_SSL_ENGINE TOK_PREFER_SERVER_CIPHERS TOK_BACKEND %token TOK_FRONTEND TOK_WORKERS TOK_BACKLOG TOK_KEEPALIVE TOK_CHROOT %token TOK_USER TOK_GROUP TOK_QUIET TOK_SYSLOG TOK_SYSLOG_FACILITY %token TOK_PARAM_SYSLOG_FACILITY TOK_DAEMON TOK_WRITE_IP TOK_WRITE_PROXY %token TOK_WRITE_PROXY_V1 TOK_WRITE_PROXY_V2 TOK_PEM_FILE TOK_PROXY_PROXY %token TOK_BACKEND_CONNECT_TIMEOUT TOK_SSL_HANDSHAKE_TIMEOUT TOK_RECV_BUFSIZE %token TOK_SEND_BUFSIZE TOK_LOG_FILENAME TOK_RING_SLOTS TOK_RING_DATA_LEN %token TOK_PIDFILE TOK_SNI_NOMATCH_ABORT TOK_SSL TOK_TLS TOK_HOST TOK_PORT %token TOK_MATCH_GLOBAL TOK_PB_CERT TOK_PB_OCSP_FILE TOK_OCSP_VERIFY %token TOK_OCSP_DIR TOK_OCSP_RESP_TMO TOK_OCSP_CONN_TMO TOK_ALPN_PROTOS %token TOK_TLS_PROTOS TOK_SSLv3 TOK_TLSv1_0 TOK_TLSv1_1 TOK_TLSv1_2 %parse-param { hitch_config *cfg } %% CFG : CFG_RECORDS ; CFG_RECORDS : CFG_RECORD | CFG_RECORDS CFG_RECORD ; CFG_RECORD : FRONTEND_REC | BACKEND_REC | PEM_FILE_REC | CIPHERS_REC | TLS_REC | SSL_REC | TLS_PROTOS_REC | PREFER_SERVER_CIPHERS_REC | SSL_ENGINE_REC | WORKERS_REC | BACKLOG_REC | KEEPALIVE_REC | CHROOT_REC | USER_REC | GROUP_REC | QUIET_REC | SYSLOG_REC | SYSLOG_FACILITY_REC | DAEMON_REC | WRITE_IP_REC | WRITE_PROXY_REC | WRITE_PROXY_V1_REC | WRITE_PROXY_V2_REC | PROXY_PROXY_REC | ALPN_PROTOS_REC | SNI_NOMATCH_ABORT_REC | OCSP_VERIFY | OCSP_RESP_TMO | OCSP_CONN_TMO | OCSP_DIR ; FRONTEND_REC : TOK_FRONTEND '=' STRING { if ($3 && config_param_validate("frontend", $3, cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } | TOK_FRONTEND '=' '{' { /* NB: Mid-rule action */ AZ(cur_fa); cur_fa = front_arg_new(); } FRONTEND_BLK '}' { if (front_arg_add(cfg, cur_fa) != 1) YYABORT; cur_fa = NULL; }; FRONTEND_BLK: FB_RECS; FB_RECS : FB_REC | FB_RECS FB_REC ; FB_REC : FB_HOST | FB_PORT | FB_CERT | FB_MATCH_GLOBAL | FB_SNI_NOMATCH_ABORT | FB_TLS | FB_SSL | FB_TLS_PROTOS | FB_CIPHERS | FB_PREF_SRV_CIPH ; FB_HOST: TOK_HOST '=' STRING { if ($3) cur_fa->ip = strdup($3); }; FB_PORT: TOK_PORT '=' STRING { if ($3) cur_fa->port = strdup($3); }; PEM_BLK: PB_RECS; PB_RECS : PB_REC | PB_RECS PB_REC ; PB_REC : PB_CERT | PB_OCSP_RESP_FILE; | OCSP_VERIFY ; PB_CERT: TOK_PB_CERT '=' STRING { if ($3) cur_pem->filename = strdup($3); }; PB_OCSP_RESP_FILE: TOK_PB_OCSP_FILE '=' STRING { if ($3) cur_pem->ocspfn = strdup($3); }; OCSP_VERIFY: TOK_OCSP_VERIFY '=' BOOL { if (cur_pem != NULL) cur_pem->ocsp_vfy = $3; else cfg->OCSP_VFY = $3; }; OCSP_DIR: TOK_OCSP_DIR '=' STRING { if ($3) cfg->OCSP_DIR = strdup($3); else cfg->OCSP_DIR = NULL; }; OCSP_RESP_TMO: TOK_OCSP_RESP_TMO '=' UINT { cfg->OCSP_RESP_TMO = $3; }; OCSP_CONN_TMO: TOK_OCSP_CONN_TMO '=' UINT { cfg->OCSP_CONN_TMO = $3; }; FB_CERT: TOK_PEM_FILE '=' STRING { if ($3 != NULL) { int r; struct cfg_cert_file *cert; cert = cfg_cert_file_new(); cert->filename = strdup($3); r = cfg_cert_vfy(cert); if (r == 0) { cfg_cert_file_free(&cert); YYABORT; } cfg_cert_add(cert, &cur_fa->certs); } } | TOK_PEM_FILE '=' '{' { /* NB: Mid-rule action */ AZ(cur_pem); cur_pem = cfg_cert_file_new(); } PEM_BLK '}' { if (cfg_cert_vfy(cur_pem) != 0) cfg_cert_add(cur_pem, &cur_fa->certs); else { cfg_cert_file_free(&cur_pem); YYABORT; } cur_pem = NULL; }; FB_MATCH_GLOBAL: TOK_MATCH_GLOBAL '=' BOOL { cur_fa->match_global_certs = $3; }; FB_SNI_NOMATCH_ABORT:TOK_SNI_NOMATCH_ABORT '=' BOOL { cur_fa->sni_nomatch_abort = $3; }; // this is not optimal, but it was not before, either. FB_TLS: TOK_TLS '=' BOOL { if (cur_fa->selected_protos != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify tls after ssl," " tls or tls-protos.\n", __func__, __FILE__, __LINE__); front_arg_destroy(cur_fa); cur_fa = NULL; YYABORT; } if ($3) cur_fa->selected_protos = TLS_OPTION_PROTOS; else fprintf(stderr, "Warning: tls = off is deprecated and has no effect.\n"); } FB_SSL: TOK_SSL '=' BOOL { if (cur_fa->selected_protos != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify ssl after ssl," " tls or tls-protos.\n", __func__, __FILE__, __LINE__); front_arg_destroy(cur_fa); cur_fa = NULL; YYABORT; } if ($3) cur_fa->selected_protos = SSL_OPTION_PROTOS; else fprintf(stderr, "Warning: ssl = off is deprecated and has no effect.\n"); } FB_TLS_PROTOS: TOK_TLS_PROTOS { if (cur_fa->selected_protos != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify tls-protos after" " ssl, tls or tls-protos\nSelected before was %d\n", __func__, __FILE__, __LINE__, cur_fa->selected_protos); front_arg_destroy(cur_fa); cur_fa = NULL; YYABORT; } } '=' FB_TLS_PROTOS_LIST; FB_TLS_PROTOS_LIST: FB_TLS_PROTO | FB_TLS_PROTOS_LIST FB_TLS_PROTO; FB_TLS_PROTO : TOK_SSLv3 { cur_fa->selected_protos |= SSLv3_PROTO; } | TOK_TLSv1_0 { cur_fa->selected_protos |= TLSv1_0_PROTO; } | TOK_TLSv1_1 { cur_fa->selected_protos |= TLSv1_1_PROTO; } | TOK_TLSv1_2 { cur_fa->selected_protos |= TLSv1_2_PROTO; }; FB_CIPHERS: TOK_CIPHERS '=' STRING { if ($3) cur_fa->ciphers = strdup($3); }; FB_PREF_SRV_CIPH: TOK_PREFER_SERVER_CIPHERS '=' BOOL { cur_fa->prefer_server_ciphers = $3; }; QUIET_REC: TOK_QUIET '=' BOOL { cfg->QUIET = $3; }; WORKERS_REC: TOK_WORKERS '=' UINT { cfg->NCORES = $3; }; BACKLOG_REC: TOK_BACKLOG '=' UINT { cfg->BACKLOG = $3; }; KEEPALIVE_REC: TOK_KEEPALIVE '=' UINT { cfg->TCP_KEEPALIVE_TIME = $3; }; TLS_REC: TOK_TLS '=' BOOL { if (cfg->SELECTED_TLS_PROTOS != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify tls after ssl," " tls or tls-protos\n", __func__, __FILE__, __LINE__); YYABORT; } if ($3) cfg->SELECTED_TLS_PROTOS = TLS_OPTION_PROTOS; else fprintf(stderr, "Warning: tls = off is deprecated and has no effect.\n"); }; SSL_REC: TOK_SSL '=' BOOL { if (cfg->SELECTED_TLS_PROTOS != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify ssl after ssl," " tls or tls-protos.\n", __func__, __FILE__, __LINE__); YYABORT; } if ($3) cfg->SELECTED_TLS_PROTOS = SSL_OPTION_PROTOS; else fprintf(stderr, "Warning: ssl = off is deprecated and has no effect.\n"); }; TLS_PROTOS_REC: TOK_TLS_PROTOS { if (cfg->SELECTED_TLS_PROTOS != 0) { fprintf(stderr, "%s (%s, line %d):" " It is illegal to specify tls-protos after" " ssl, tls or tls-protos\n", __func__, __FILE__, __LINE__); YYABORT; } } '=' TLS_PROTOS_LIST; TLS_PROTOS_LIST: TLS_PROTO | TLS_PROTOS_LIST TLS_PROTO; TLS_PROTO : TOK_SSLv3 { cfg->SELECTED_TLS_PROTOS |= SSLv3_PROTO; } | TOK_TLSv1_0 { cfg->SELECTED_TLS_PROTOS |= TLSv1_0_PROTO; } | TOK_TLSv1_1 { cfg->SELECTED_TLS_PROTOS |= TLSv1_1_PROTO; } | TOK_TLSv1_2 { cfg->SELECTED_TLS_PROTOS |= TLSv1_2_PROTO; }; SSL_ENGINE_REC: TOK_SSL_ENGINE '=' STRING { if ($3) cfg->ENGINE = strdup($3); }; PREFER_SERVER_CIPHERS_REC: TOK_PREFER_SERVER_CIPHERS '=' BOOL { cfg->PREFER_SERVER_CIPHERS = $3; }; CHROOT_REC: TOK_CHROOT '=' STRING { if ($3 && config_param_validate("chroot", $3, cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; }; BACKEND_REC: TOK_BACKEND '=' STRING { if ($3 && config_param_validate("backend", $3, cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; }; PEM_FILE_REC: TOK_PEM_FILE '=' STRING { if ($3 && config_param_validate("pem-file", $3, cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; } | TOK_PEM_FILE '=' '{' { /* NB: Mid-rule action */ AZ(cur_pem); cur_pem = cfg_cert_file_new(); } PEM_BLK '}' { if (cfg_cert_vfy(cur_pem) != 0) { if (cfg->CERT_DEFAULT != NULL) { struct cfg_cert_file *tmp = cfg->CERT_DEFAULT; cfg_cert_add(tmp, &cfg->CERT_FILES); } cfg->CERT_DEFAULT = cur_pem; } else { cfg_cert_file_free(&cur_pem); YYABORT; } cur_pem = NULL; }; SYSLOG_REC: TOK_SYSLOG '=' BOOL { cfg->SYSLOG = $3; }; DAEMON_REC: TOK_DAEMON '=' BOOL { cfg->DAEMONIZE = $3; }; SNI_NOMATCH_ABORT_REC : TOK_SNI_NOMATCH_ABORT '=' BOOL { cfg->SNI_NOMATCH_ABORT = $3; }; CIPHERS_REC: TOK_CIPHERS '=' STRING { if ($3) cfg->CIPHER_SUITE = strdup($3); }; USER_REC: TOK_USER '=' STRING { if ($3 && config_param_validate("user", $3, cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; }; GROUP_REC: TOK_GROUP '=' STRING { if ($3 && config_param_validate("group", $3, cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; }; WRITE_IP_REC: TOK_WRITE_IP '=' BOOL { cfg->WRITE_IP_OCTET = $3; }; WRITE_PROXY_REC: TOK_WRITE_PROXY '=' BOOL { cfg->WRITE_PROXY_LINE_V2 = $3; }; WRITE_PROXY_V1_REC: TOK_WRITE_PROXY_V1 '=' BOOL { cfg->WRITE_PROXY_LINE_V1 = $3; }; WRITE_PROXY_V2_REC: TOK_WRITE_PROXY_V2 '=' BOOL { cfg->WRITE_PROXY_LINE_V2 = $3; }; PROXY_PROXY_REC: TOK_PROXY_PROXY '=' BOOL { cfg->PROXY_PROXY_LINE = $3; }; ALPN_PROTOS_REC: TOK_ALPN_PROTOS '=' STRING { if ($3 && config_param_validate("alpn-protos", $3, cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; }; SYSLOG_FACILITY_REC: TOK_SYSLOG_FACILITY '=' STRING { if ($3 && config_param_validate("syslog-facility", $3, cfg, /* XXX: */ "", yyget_lineno()) != 0) YYABORT; }; %% void yyerror(hitch_config *cfg, const char *s) { (void) cfg; /* Clean up if FRONTEND_BLK parsing failed */ if (cur_fa != NULL) FREE_OBJ(cur_fa); fprintf(stderr, "parsing error: line: %d: %s\n", yyget_lineno(), s); } hitch-1.4.4/src/hssl_locks.h0000644000175000017500000000025313003667032012644 00000000000000/*- * Copyright (c) 2015-2016 Varnish Software * All rights reserved. * * Author: Martin Blix Grydeland */ void HSSL_Locks_Init(void); hitch-1.4.4/src/ringbuffer.h0000644000175000017500000000522612546560025012643 00000000000000/** * Copyright 2011 Bump Technologies, Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without modification, are * permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, this list of * conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright notice, this list * of conditions and the following disclaimer in the documentation and/or other materials * provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY BUMP TECHNOLOGIES, INC. ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND * FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BUMP TECHNOLOGIES, INC. OR * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * The views and conclusions contained in the software and documentation are those of the * authors and should not be interpreted as representing official policies, either expressed * or implied, of Bump Technologies, Inc. * **/ #ifndef RINGBUFFER_H #define RINGBUFFER_H #include /* Tweak these for potential memory/throughput tradeoffs */ #define DEF_RING_SLOTS 3 #define DEF_RING_DATA_LEN (1024 * 32) typedef struct bufent { char *data; char *ptr; size_t left; struct bufent *next; } bufent; typedef struct ringbuffer { bufent *slots; bufent *head; // reads from the head bufent *tail; // writes to the tail int used; int num_slots; int data_len; size_t bytes_written; } ringbuffer; void ringbuffer_init(ringbuffer *rb, int num_slots, int data_len); void ringbuffer_cleanup(ringbuffer *rb); char * ringbuffer_read_next(ringbuffer *rb, int * length); void ringbuffer_read_skip(ringbuffer *rb, int length); void ringbuffer_read_pop(ringbuffer *rb); char * ringbuffer_write_ptr(ringbuffer *rb); void ringbuffer_write_append(ringbuffer *rb, int length); int ringbuffer_size(ringbuffer *rb); int ringbuffer_capacity(ringbuffer *rb); int ringbuffer_is_empty(ringbuffer *rb); int ringbuffer_is_full(ringbuffer *rb); #endif /* RINGBUFFER_H */ hitch-1.4.4/src/logging.h0000644000175000017500000000553313003667032012134 00000000000000/** * Copyright 2016 Varnish Software * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above * copyright notice, this list of conditions and the following * disclaimer. * * 2. Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials * provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY VARNISH SOFTWARE ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BUMP * TECHNOLOGIES, INC. OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef LOGGING_H_INCLUDED #define LOGGING_H_INCLUDED #include #include #include #include #include #include // #include "asn_gentm.h" #include "config.h" #include "configuration.h" #include "hitch.h" // #include "miniobj.h" // #include "ringbuffer.h" // #include "vas.h" // #include "vsb.h" double Time_now(void); void WLOG(int level, const char *fmt, ...) __attribute__((format(printf, 2, 3))); void logproxy(int level, const proxystate* ps, const char *fmt, ...) __attribute__((format(printf, 3, 4))); void VWLOG(int level, const char *fmt, va_list ap); void WLOG(int level, const char *fmt, ...); void log_ssl_error(proxystate *ps, const char *what, ...); void fail(const char *s); #define LOG(...) \ do { \ if (!CONFIG->QUIET) \ WLOG(LOG_INFO, __VA_ARGS__ ); \ } while (0) #define ERR(...) WLOG(LOG_ERR, __VA_ARGS__ ) #define LOGL(...) WLOG(LOG_INFO, __VA_ARGS__) #define SOCKERR(msg) \ do { \ if (errno == ECONNRESET) { \ LOG(msg ": %s\n", strerror(errno)); \ } else { \ ERR(msg ": %s\n", strerror(errno)); \ } \ } while (0) #define LOGPROXY(...) \ do { \ if (!CONFIG->QUIET && (logfile || CONFIG->SYSLOG)) \ logproxy(LOG_INFO, __VA_ARGS__ ); \ } while(0) #define ERRPROXY(...) \ do { \ if (logfile || CONFIG->SYSLOG) \ logproxy(LOG_ERR, __VA_ARGS__ ); \ } while (0) #endif /* LOGGING_H_INCLUDED */ hitch-1.4.4/src/configuration.h0000644000175000017500000000664413026753621013366 00000000000000/** * configuration.h * * Author: Brane F. Gracnar * */ #ifndef CONFIGURATION_H_INCLUDED #define CONFIGURATION_H_INCLUDED #include #include #include "foreign/vqueue.h" #include "foreign/uthash.h" /* Is NPN available? See openssl/opensslv.h for explanation. */ #ifndef OPENSSL_NO_NEXTPROTONEG #if OPENSSL_VERSION_NUMBER >= 0x1000100fL #define OPENSSL_WITH_NPN #endif #endif /* Is ALPN available? See openssl/opensslv.h for explanation. */ #if OPENSSL_VERSION_NUMBER >= 0x1000200fL #define OPENSSL_WITH_ALPN #endif #ifdef OPENSSL_WITH_ALPN #define ALPN_NPN_PREFIX_STR "{alpn}" #else #ifdef OPENSSL_WITH_NPN #define ALPN_NPN_PREFIX_STR "{npn}" #endif #endif #ifdef USE_SHARED_CACHE #include "shctx.h" #ifndef MAX_SHCUPD_PEERS #define MAX_SHCUPD_PEERS 15 #endif typedef struct shcupd_peer_opt { char *ip; char *port; } shcupd_peer_opt; #endif typedef enum { SSLv3_PROTO = 0x01, TLSv1_0_PROTO = 0x02, TLSv1_1_PROTO = 0x04, TLSv1_2_PROTO = 0x08 } TLS_PROTOCOL; #define DEFAULT_TLS_PROTOS (TLSv1_1_PROTO | TLSv1_2_PROTO) #define TLS_OPTION_PROTOS (TLSv1_0_PROTO | DEFAULT_TLS_PROTOS) #define SSL_OPTION_PROTOS (SSLv3_PROTO | TLS_OPTION_PROTOS) typedef enum { SSL_SERVER, SSL_CLIENT } PROXY_MODE; struct cfg_cert_file { unsigned magic; #define CFG_CERT_FILE_MAGIC 0x58c280d2 char *filename; char *ocspfn; double ocsp_mtim; int mark; int ocsp_vfy; double mtim; UT_hash_handle hh; }; struct front_arg { unsigned magic; #define FRONT_ARG_MAGIC 0x07a16cb5 char *ip; char *port; struct cfg_cert_file *certs; char *pspec; int match_global_certs; int sni_nomatch_abort; int prefer_server_ciphers; char *ciphers; // ENC_TYPE etype; int selected_protos; int mark; UT_hash_handle hh; }; /* configuration structure */ struct __hitch_config { // ENC_TYPE ETYPE; PROXY_MODE PMODE; int SELECTED_TLS_PROTOS; int WRITE_IP_OCTET; int WRITE_PROXY_LINE_V1; int WRITE_PROXY_LINE_V2; int PROXY_PROXY_LINE; char *ALPN_PROTOS; unsigned char *ALPN_PROTOS_LV; unsigned ALPN_PROTOS_LV_LEN; char *CHROOT; int UID; int GID; struct front_arg *LISTEN_ARGS; struct front_arg *LISTEN_DEFAULT; char *BACK_IP; char *BACK_PORT; long NCORES; struct cfg_cert_file *CERT_FILES; struct cfg_cert_file *CERT_DEFAULT; char *CIPHER_SUITE; char *ENGINE; int BACKLOG; #ifdef USE_SHARED_CACHE int SHARED_CACHE; char *SHCUPD_IP; char *SHCUPD_PORT; shcupd_peer_opt SHCUPD_PEERS[MAX_SHCUPD_PEERS+1]; char *SHCUPD_MCASTIF; char *SHCUPD_MCASTTTL; #endif int QUIET; int SYSLOG; int SYSLOG_FACILITY; int TCP_KEEPALIVE_TIME; int DAEMONIZE; int PREFER_SERVER_CIPHERS; int BACKEND_CONNECT_TIMEOUT; int SSL_HANDSHAKE_TIMEOUT; int RECV_BUFSIZE; int SEND_BUFSIZE; char* LOG_FILENAME; int RING_SLOTS; int RING_DATA_LEN; char *PIDFILE; int SNI_NOMATCH_ABORT; int TEST; int OCSP_VFY; char *OCSP_DIR; double OCSP_RESP_TMO; double OCSP_CONN_TMO; }; typedef struct __hitch_config hitch_config; char * config_error_get (void); hitch_config * config_new (void); void config_destroy (hitch_config *cfg); int config_file_parse (char *file, hitch_config *cfg); int config_parse_cli(int argc, char **argv, hitch_config *cfg, int *rv); int create_alpn_callback_data(hitch_config *cfg, char **error); #endif /* CONFIGURATION_H_INCLUDED */ hitch-1.4.4/src/tests/0000755000175000017500000000000013026754003011551 500000000000000hitch-1.4.4/src/tests/test02-simple-request.sh0000755000175000017500000000100313011340142016105 00000000000000#!/bin/sh # # Test basic argument handling. # . ${TESTDIR}/common.sh set +o errexit hitch $HITCH_ARGS --backend=[hitch-tls.org]:80 "--frontend=[${LISTENADDR}]:$LISTENPORT" ${CERTSDIR}/site1.example.com test "$?" = "0" || die "Hitch did not start." echo -e "\n" | openssl s_client -prexit -connect $LISTENADDR:$LISTENPORT >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site1.example.com" $DUMPFILE test "$?" = "0" || die "Got wrong certificate." runcurl $LISTENADDR $LISTENPORT hitch-1.4.4/src/tests/test17-ecc-certs.sh0000755000175000017500000000077013011340142015016 00000000000000#!/bin/sh # Test loading an ECC certificate . ${TESTDIR}/common.sh set +o errexit hitch $HITCH_ARGS --backend=[hitch-tls.org]:80 "--frontend=[${LISTENADDR}]:$LISTENPORT" ${CERTSDIR}/ecc.example.com.pem test "$?" = "0" || die "Hitch did not start." echo -e "\n" | openssl s_client -prexit -connect $LISTENADDR:$LISTENPORT >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "CN=ecc.example.com" $DUMPFILE test "$?" = "0" || die "Got wrong certificate." runcurl $LISTENADDR $LISTENPORT hitch-1.4.4/src/tests/test15-proxy-v2-npn.sh0000755000175000017500000000216213011340142015440 00000000000000#!/bin/sh . ${TESTDIR}/common.sh set +o errexit BACKENDPORT=`expr $LISTENPORT + 1500` echo Listen port is $LISTENPORT hitch $HITCH_ARGS --backend=[127.0.0.1]:$BACKENDPORT "--frontend=[${LISTENADDR}]:$LISTENPORT" \ --write-proxy-v2 --alpn-protos="h2,h2-14,http/1.1" \ ${CERTSDIR}/site1.example.com test "$?" = "0" || die "Hitch did not start." type parse_proxy_v2 || die "Can't find parse_proxy_v2" parse_proxy_v2 $BACKENDPORT > $DUMPFILE & sleep 0.1 # If you have nghttp installed, you can try it instead of openssl s_client: # nghttp -v "https://localhost:$LISTENPORT" echo -e "\n" | openssl s_client -nextprotoneg 'h2-14' -prexit -connect $LISTENADDR:$LISTENPORT > /dev/null test "$?" = "0" || die "s_client failed" grep -q -c "too old for NPN" $DUMPFILE if [ "$" = "0" ]; then echo "Skipping test: SSL too old for NPN" else grep -q -c "ERROR" $DUMPFILE test "$?" != "0" || die "The utility parse_proxy_v2 gave an ERROR" grep -q -c "h2-14" $DUMPFILE test "$?" = "0" || die "No ALPN extension reported" grep -q -c "ALPN extension" $DUMPFILE test "$?" = "0" || die "No ALPN extension reported" fi hitch-1.4.4/src/tests/test10-dflt-certs.sh0000755000175000017500000000453713011340142015213 00000000000000#!/bin/sh # # . ${TESTDIR}/common.sh set +o errexit PORT1=`expr $$ % 60000 + 1024` PORT2=`expr $$ % 60000 + 2048` PORT3=`expr $$ % 60000 + 3072` PORT4=`expr $$ % 60000 + 4096` mk_cfg <$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site1.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate on listen port #1" # :PORT1 w/ SNI echo | openssl s_client -servername site1.example.com -prexit -connect $LISTENADDR:$PORT1 >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site1.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2 (expected site1.example.com)" # :PORT1 w/ different matching SNI name echo | openssl s_client -servername site3.example.com -prexit -connect $LISTENADDR:$PORT2 >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site3.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2 (expected site3.example.com)" # :PORT2 no SNI echo | openssl s_client -prexit -connect $LISTENADDR:$PORT2 >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site2.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2 (expected site2.example.com)" # :PORT4 SNI w/ unknown servername echo | openssl s_client -servername invalid.example.com -prexit -connect $LISTENADDR:$PORT4 >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=default.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2 (expected default.example.com)" hitch-1.4.4/src/tests/test09-wildcard-cert.sh0000755000175000017500000000100413011340142015662 00000000000000#!/bin/sh . ${TESTDIR}/common.sh set +o errexit hitch $HITCH_ARGS --backend=[hitch-tls.org]:80 "--frontend=[${LISTENADDR}]:$LISTENPORT" ${CERTSDIR}/wildcard.example.com ${CERTSDIR}/default.example.com test "$?" = "0" || die "Hitch did not start." echo | openssl s_client -servername foo.example.com -prexit -connect $LISTENADDR:$LISTENPORT >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "/CN=\*.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2" hitch-1.4.4/src/tests/test04-listen-with-own-certs.sh0000755000175000017500000000173113024470656017350 00000000000000#!/bin/sh # # Test multiple listening sockets, each with their own certificate. # . ${TESTDIR}/common.sh set +o errexit PORT2=`expr $$ % 60000 + 4000` hitch $HITCH_ARGS --backend=[hitch-tls.org]:80 \ "--frontend=[${LISTENADDR}]:$LISTENPORT+${CERTSDIR}/site1.example.com" \ "--frontend=[${LISTENADDR}]:$PORT2+${CERTSDIR}/site2.example.com" \ ${CERTSDIR}/default.example.com test "$?" = "0" || die "Hitch did not start." echo -e "\n" | openssl s_client -prexit -connect $LISTENADDR:$LISTENPORT >$DUMPFILE 2>&1 || die "s_client failed" grep -q -c "subject=/CN=site1.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate on listen port #1" # Second listen port. echo -e "\n" | openssl s_client -prexit -connect $LISTENADDR:$PORT2 >$DUMPFILE 2>&1 || die "s_client failed" grep -q -c "subject=/CN=site2.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2" runcurl $LISTENADDR $LISTENPORT runcurl $LISTENADDR $PORT2 hitch-1.4.4/src/tests/test01-start-and-stop.sh0000755000175000017500000000042713011340142016016 00000000000000#!/bin/sh # Test basic argument handling. . ${TESTDIR}/common.sh set +o errexit hitch --help test "$?" = "0" || die "--help does not work." hitch --OBVIOUSLY_BROKEN_ARG test "$?" = "1" || die "Wrong exit code." hitch --version test "$?" = "0" || die "--version does not work" hitch-1.4.4/src/tests/test24-tls-protos-tls1_1.sh0000755000175000017500000000133413011340142016370 00000000000000#!/bin/sh # Test tls-protos in global scope . ${TESTDIR}/common.sh set +o errexit # only TLSv1.1 mk_cfg < $DUMPFILE test "$?" = "0" || die "Hitch did not start. (config #1)" # hitch 1.0.0 mk_cfg < $DUMPFILE test "$?" = "0" || die "Hitch did not start. (config #2)" # 1.1.0 didn't see any config file changes # hitch 1.2.0 mk_cfg < $DUMPFILE test "$?" = "0" || die "Hitch did not start. (config #3)" # hitch 1.3.0 mk_cfg < $DUMPFILE test "$?" = "0" || die "Hitch did not start. (config #4)" # hitch 1.4.0 mk_cfg < $DUMPFILE test "$?" = "0" || die "Hitch did not start (config #5 return code: $?)" hitch-1.4.4/src/tests/test08-test-configs.sh0000755000175000017500000000543113011340142015552 00000000000000#!/bin/sh # Test configuration parser. . ${TESTDIR}/common.sh set +o errexit # This is a somewhat half-assed attempt at getting a usable group since the # redhats and debians can't seem to agree on which group user "nobody" # should be in. GRP=`id -Gn nobody | cut -d' ' -f1` test "$GRP" != "" || die "No usable group found for user nobody." hitch --test --config=${CONFDIR}/default.cfg ${CERTSDIR}/default.example.com test "$?" = "0" || die "default.cfg is not testable." mk_cfg < $TMPFILE hitch --test --config=$TMPFILE ${CERTSDIR}/default.example.com RCODE=$? rm $TMPFILE if [ "$RCODE" != "0" ]; then die "hitch.conf.example is not valid" fi hitch-1.4.4/src/tests/test14-ocsp-vfy.sh0000755000175000017500000000257013011340142014711 00000000000000#!/bin/sh . ${TESTDIR}/common.sh set +o errexit unset SSL_CERT_DIR unset SSL_CERT_FILE mk_cfg <$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=default.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate on listen port #1" # send a SNI request echo -e "\n" | openssl s_client -servername site1.example.com -prexit -connect $LISTENADDR:$LISTENPORT >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site1.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2" runcurl $LISTENADDR $LISTENPORT hitch-1.4.4/src/tests/test13-r82.sh0000755000175000017500000000577013011340142013562 00000000000000#!/bin/sh # gh issue #82, per-frontend wildcard certificates . ${TESTDIR}/common.sh set +o errexit PORT1=`expr $LISTENPORT + 1301` PORT2=`expr $LISTENPORT + 1302` PORT3=`expr $LISTENPORT + 1303` mk_cfg <$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "/CN=\*.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #1" # Wildcard cert on frontend #2 echo | openssl s_client -servername bar.example.com -prexit -connect $LISTENADDR:$PORT2 >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "/CN=\*.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2" # Exact match on frontend #2 echo | openssl s_client -servername site1.example.com -prexit -connect $LISTENADDR:$PORT2 >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "/CN=site1.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2" # Verify that sni-nomatch-abort = off is respected for frontend #1 echo | openssl s_client -servername "asdf" -prexit -connect $LISTENADDR:$PORT1 >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "/CN=\*.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #1" # And also verify that global setting sni-nomatch-abort = on is respected for other frontend echo | openssl s_client -servername "asdf" -prexit -connect $LISTENADDR:$PORT3 >$DUMPFILE 2>&1 test "$?" != "0" || die "s_client did NOT fail when it should have. " grep -q -c "unrecognized name" $DUMPFILE test "$?" = "0" || die "Expected 'unrecognized name' error." hitch-1.4.4/src/tests/common.sh0000644000175000017500000000201113024470656013316 00000000000000# # To run tests manually, do: # export TESTDIR=`pwd`/; export PATH=$PATH:`pwd`/../:`pwd`/../util/ # export LC_ALL=C set -o errexit LISTENADDR="localhost" LISTENPORT=`expr $$ % 62000 + 1024` PIDFILE="$(mktemp -u)" CONFFILE="$(mktemp -u)" DUMPFILE="$(mktemp -u)" CERTSDIR="${TESTDIR}/certs" CONFDIR="${TESTDIR}/configs" HITCH_ARGS="--pidfile=$PIDFILE --daemon --quiet" if [ "$USER" = "root" ]; then HITCH_ARGS="$HITCH_ARGS --user=nobody" fi cleanup() { test -f "$CONFFILE" && rm -f "$CONFFILE" test -f "$DUMPFILE" && rm -f "$DUMPFILE" if [ -s $PIDFILE ]; then kill `cat "$PIDFILE"` fi } trap cleanup EXIT die() { echo "FAILED: $*" if [ -r "$DUMPFILE" ]; then cat $DUMPFILE; fi exit 255 } skip() { echo "SKIPPED: $*" if [ -r "$DUMPFILE" ]; then cat $DUMPFILE; fi exit 77 } mk_cfg() { cat > "$CONFFILE" } runcurl() { # Verify that we got a HTTP reply. curl $CURL_EXTRA -I -X GET --max-time 5 --silent --insecure https://$1:$2/ test "$?" = "0" || die "Incorrect HTTP response code." } hitch-1.4.4/src/tests/test20-empty-tokens.sh0000755000175000017500000000044113011340142015572 00000000000000#!/bin/sh . ${TESTDIR}/common.sh set +o errexit mk_cfg < How to generate --------------- These files were generated on Debian jessie, using the following commands: apt-get install ssl-cert /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf OUTPUTFILE openssl dhparam -rand - 1024 >> OUTPUTFILE (default|siteN).example.com are basic 2048bit RSA certificates with a single commonName set. hitch-1.4.4/src/tests/certs/valid.example.com.ocsp0000644000175000017500000000424212743406622017015 000000000000000‚ž  ‚—0‚“ +0‚„0‚€0½¡V0T1 0 UNO10 U Norway10U Varnish Software10U ocsp.example.com20160506123654Z0R0P0;0 +a¤*Žx•¦Ç B͘µ¡Ë­x_³JmŸÕ¦z•¸L“Ì”½?P€20160506123654Z0  *†H†÷  ‚h¼)ˆ&r, pð%|ƒÖ JCê'jÝ܃hv/[‘B»`0bXQ~ “À°cÞ[ OpEŸÙ[kƒ.VûŽ¥¶<|%ßX<’À|­}<ÀyŸpâ¾ÅŒƒéôH™ô³c™ &6xë+ñŸózCfק”ßsjÏLòŒo?dá AÃâ[¿ ·¢¹w6|Ÿuð3>×h5b™%.ÔED˜w¸g4 ö‡’•HK–¯{eaµF¨-ð øåñ@4á,ÓG¿úçE{ÍžsëÕŽ œ.벦Qî¸ãÕ¹Nhr§Á‹ué ”8Hh‘æ¼5$Óú›õ“FRÓö”Í–`Vàm)v|}ŒRÒo2Eð/ d³¥3a¶p•3Œ­àíæN):µÑÇ¥z¬_ÄÕ'"v" 6e£OÕJü^TÚ\ò—œŽ/}¡êÁîwwH}ÅêU2ÓÔýÀÞÓñ8|ãÇøRº1Ó=^aœ*'¶D4¿­Šé„ káþ¦‚œüUð]C»´ÐF¥¤vi†ü›!¼º¢|ý ænªnÏ~…Þµis¤`*'3é¬ØAUÐXÃXz$=œ«-C‹§„Ã-þ0j¬ÀPÁÛ: ŸT‰V²õ‚@v=’Û<°]·ŠÈa($ý68–céqï|·‹7ÉÀ²1f ‚¨0‚¤0‚ 0‚ˆ 0  *†H†÷  0[1 0 UNO10 U Norway10U Varnish Software1 0U Example Intermediate CA0 160428133931Z 211019133931Z0T1 0 UNO10 U Norway10U Varnish Software10U ocsp.example.com0‚"0  *†H†÷ ‚0‚ ‚æã``oü¡]ŠDk¸ó\?¾¼«O½£ ¤TG4(SmmÜñ1ó>ÇÕûµÜ·‚ íO$W°$[üüŸMÇ+¯ÎW6)s¯°in º`æµï åî<]™Ye®¬'!ÑÎO û²Äy»3B{m“¹ç· Ø#~…:µ4 %é×®lmPõŒhVxž3 }ϵ0µŽ.ÄYÍó˜g·J&)ruÕ Œ‘ù=§„MX*ëΧ ñ7Ä>”,×>Òè]]N­l_>‹~Iñv *¬§R#¬üMŸ®»ùƒçöKÏ÷b )ÞRkx“'ÄNȽk'ï‘Óë4 ø3…¿ÁÔc"Äâ× Rë$iä°ñïú&»ïh~ª/ãKZ(G(éÙG$N8~H×0ñ̸Ó}ò™/2%ÃkŒçÒcÎó ;óŸ9fg<–Ì°5;¸õè;Ç,oyrÒŠPdäpA)j0µ0Ëš8iãé0ó[ƒ"u26‚mmtñh£™ ðq|’ØkxP8l'¢õuÕ¡X…Žnòë­´02·¸.K=OÅ÷ÒdÝS‹q7·Aæ‹®5þÙ¤›rã­_Z¸—d¶1q&NG‚ø÷\q‰Ü…)ÁôT¶M) \ªv.œ,m0¥Æꇖ ¤÷Têõ£u0s0 U00UÖ ½]‰ —–÷°ÉæÖªûÎi+0U#0€_³JmŸÕ¦z•¸L“Ì”½?P0Uÿ€0U%ÿ 0 + 0  *†H†÷  ‚mÈäÀ ŒºÎÔ}o¶WNjâmëÚP ðˆo ¼ï£®¸¤(6L(ŽWËZôݵÄ9Ñkí«ýp5ðÑnÅÏô!ÊܺqÊÃAkaœÖL±¹x¯þd54Øò¾üÈ|Sp᾿C×»Öpo‘«Qøßl˜Tu)w¬¥›:ðù‹÷u.¨k¦ª“õ~wûÑv´¸¼Ý—´4!J*,œÂ«pëR*.ÃEJ(éâìCŒ LipIºEÕ/Ï$.çÀ>ûàM lu\Ö7¬"—²S–{åB¯—ÕŒéÖ©æ†cÁÅ^ /‰†1Émrˆ*Ãpö•';™ã’ŽÃÂã!U:§Sùg7[éôk½»3½î¡¿úE<Ä\ïaª³o‹èàîÊ{bšj– ¼ÁÓO9ÄSXØ0î&–*òP]1Å÷¸°oc{ m©±rÕç‰Yµµ†ˆx÷AE3­ÞÎåHò¦Ù[¬pýÓ6µÐÐ]‹°•ŒÖÏ· …4ÐWM‹${QR¬ÓWSè«þi´‚ýuÓ[¦êÎ};~³_ÉðbP¿U¤.™€¥ÍQR]ÂO”¦+Ûam|räv‡¨…¦tr/°…0ÒjºTW ÈoŽîîó­þçŒA /JúÔulÂnMUVŠÌÄý‘„ŒEhitch-1.4.4/src/tests/certs/valid.example.com-ca-chain.pem0000644000175000017500000000760412743406622020300 00000000000000-----BEGIN CERTIFICATE----- MIIFkDCCA3igAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwUzELMAkGA1UEBhMCTk8x DzANBgNVBAgMBk5vcndheTEZMBcGA1UECgwQVmFybmlzaCBTb2Z0d2FyZTEYMBYG A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTE2MDQyODA5NDE0NloXDTMwMDEwNTA5 NDE0NlowWzELMAkGA1UEBhMCTk8xDzANBgNVBAgMBk5vcndheTEZMBcGA1UECgwQ VmFybmlzaCBTb2Z0d2FyZTEgMB4GA1UEAwwXRXhhbXBsZSBJbnRlcm1lZGlhdGUg Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5ywLtYEenau+mAOUT DtPajOxXTIgFi/ctaPA0DIkyxb7ODzUyO+F5LTchUODSXV4PJRSKFFfx8mAlYL8H WmsagLIfmmeJArep6Cd+jx4ubiMOSonZp3C1LHlf8DLZp5K5Lt+3YmglAXwXwOYt aTCIrZ3fbULuz6SxTPnzlZiTR/k/0REfeGO8QLy108I8DBANYv8undPeU6aC3MXi FOIAS8qmS4g82QWa5tmcO7VeC5IL0+jqhqwv8XWQxZXFla6sFgnPYUQm68fhlVtV i8gk2Ulbn1vbMCNEWjIrrgYKhND6kLO3cpBoKlYa3arIGUfvLeezUks7IPpThS+t 6SRfH4U3g6ay0jUANLkwq3GLg/OQtDXzbn0Esthw9l5Hrn2Xz4/x2ODWuoIhJmSl JFSsYiAhp4QNVgjKtKnDFfHcWcxnsC6ujWE0/IrTkUxpu2o+VQoPQKwE44ltgVGe AubQ+IIQOCiQ4udDSYzfaG4v1Oa3ka3bDRShmBw4a2MpPlmyK++4ZTkeaJ4wjmsH 9HmOjLCKP0pZ3XpbgXk2Yqd3UGIJu4s5SF53TiYWyn83BRbZq3DoDYX0DBRDHPs/ M/1y5B+BTPAVoyU4LqyirEVG97JJqvir7gxx98alx/N0SxCTEbcydfn1LIqgx5Nk RLRcjuYaVy23Hv0IoS7U3UPkMQIDAQABo2YwZDAdBgNVHQ4EFgQUG1+zSm2f1aZ6 lRy4TJPMlAe9P1AwHwYDVR0jBBgwFoAUjIrUzRCfCuPZdxRCsiW/MOIVF+AwEgYD VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD ggIBACkm7cD2uuAMnjmFg/JBR34wiHrRRj9jsaegCO7Bp0RUgOnE20wKHuKX4A4B E/IoPJ4Y08JsBUTW6+G6WyIJcOta+p6S+iKisfJur/0dgbFkY297e4HGx7beg0ov igTEYdDpsPvbfRSU3U89Cn6EKHlUlkh0oijFPSCwZyY49k4TKqDS0xCwvsEz1hYk 1h043LsORxpJbeZwqaAKHZC69YuK1lbEhe8en061oq+m5Um37yn4XNqCPf8La+KZ pGzwZBBOMttzDNiztyLfsSHsWbeisZprc9XzvjHMdJcevNj3Zs7e9daOHna4WFjv dJc+BFLjWVN2zfM+r3JEvnnAB2DU3/BW9iAFknEttyNT/qj/oTaL7NchIJvZtW1N Dc8UEwz2tWjEMpsjqVmech6ywhFZEPKXDtmUlVFeeGULWWNRsCtQI/3UGYdfvNax 087YQByvZyvQBPCfIBd6DMm7n//VD/lYy4hesJNPpRb7zipS+NVhCIkGyAfGBfiv s3g3BznI2V9sNxI6C6KiTjjUszrY/zw3zsBbKHgPiMMsK9zv42la/KsuRKtn/g3v hp3G5PpnYJyt9Tny7jIQA7C2F8t6CF4juNuy4K3lqBShJHJgjn9cNEhetRbPEsVd 1XeP0XWa5Ix4ByDTnIT1L1TEC3kP8nIbhPMjGPa8hRduL3re -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFjDCCA3SgAwIBAgIJAOL1pFW+79bmMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNV BAYTAk5PMQ8wDQYDVQQIDAZOb3J3YXkxGTAXBgNVBAoMEFZhcm5pc2ggU29mdHdh cmUxGDAWBgNVBAMMD0V4YW1wbGUgUm9vdCBDQTAeFw0xNjA0MjgwOTMwNTFaFw00 MzA5MTQwOTMwNTFaMFMxCzAJBgNVBAYTAk5PMQ8wDQYDVQQIDAZOb3J3YXkxGTAX BgNVBAoMEFZhcm5pc2ggU29mdHdhcmUxGDAWBgNVBAMMD0V4YW1wbGUgUm9vdCBD QTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKdthbmTbULCRgEKvJct isBXqqt1raqKeaSddo2jWjbvBS2Kn0AFH6CwORmOdJg7Bg5ZlynQOuYrXiz1Wr06 VnQW3OZQtiJhABgSLZM180zwtvFcj/P2SqPeS0Geirj3j3zdDS8T9w/pvbb4UE7c BUUejQ2KctZYTHDhlapLE6zjJngluRKbczo0kpUuFD+YWzZ3JqVyWiv5z0qdVI1Q 0xFCpRYCmkxIqaZtrPsCnISua9aZmJStUgPPyrtnSg2wx9oHvTH/ERG6b5D1fWR7 oX6uQpNnuuIU0nk5CZhKkkAcHApvWtoa5n4afX77b3Hd4Ju6yqRh2xUFXnyAz7ZJ nZcdeC8B0f4eqKZqCJE1WFjU7NoNB99hSGX+MmF0i4UMEL6NIQ3pvbBwdWdJNaAT mTeRfrcRD5G7annrpWwXo/tO+leykgrDnVMQYqUjzTj0GWGELpNROamCtXOUxC7x lo4B0NjUML47k1nlX03KEEQmPsWuG1B6yM2+L9tfJmVKU0kGioSRI81pN6htC8TK yCcXLbViuQedT9sfmX1vcXvpZeQrIANNjShjRH6f9OIc1Ak7vTnfaHQLbMhjFIBL C6shsHdsBYF8NCBe6Y6EDOtErjPTPYwN4Iv933pPWC80yJsa6LVzh+VNbm/R9ip5 0JYcJ5et79/fVTWuPb/ewq5NAgMBAAGjYzBhMB0GA1UdDgQWBBSMitTNEJ8K49l3 FEKyJb8w4hUX4DAfBgNVHSMEGDAWgBSMitTNEJ8K49l3FEKyJb8w4hUX4DAPBgNV HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEA ZJRDQ/uJ8fDk0jdbPcZhUhYZsPDcb8fpanlWtXiYt5CVAsVHQIFpY71LYMK4hGBv g9Lnykd20nBJCPNxdr/hZUvBVfEUhB5YPVK8yRq22SXIyc81s0wlVcstxuvnJf64 KGOKlBpI9rbEP0YjO/lWNwVToUIDbn/SSmb6LbXJo90B3rvXflVHdaw8OdgzIHUI HAAoRkPGlBrEaVffEETabFIHWILBpZUDUk6tBQTGlvJadV5oYt4tyIcue5Km37ZU fmEAF8iXew2nb0NKMKeEC95L9bvzuW0kScI7K9wiaO/AHzu2xj0/PJtlj8fcRWeL vehES/PXpnJKr0JW7oaF2UKRmcsLGhw2ZOIhM1CNETJYITXHbUx0tW0S3x18X3+I FOmREGxxmbK+7G47hwSqbmOTSxliHobnjc99qU+YSzBnxTnlCRhHZxvJ9UFJ73bp 6gFuEAwArjOW7zdq6+oe1PfnK50y6jPPXVA3hX75KoODTIu64TTzqloO8+xEQcdP /cGkHMVTtWbO8uEK0NAp/UowH/Ady0NO2vcBJsdI3w6FmPzYt/+ECjYgUPMN16jD vdjRxzUOUUOT3px7rNLUPM9IZfgavFXQKiIoBaxBPS1aAQF5cQf/ulD1PN2MrfNp Hxcf9eBCmZQDQ00iS55H9Fd9ywnFpOmsUNjg0/LydaI= -----END CERTIFICATE----- hitch-1.4.4/src/tests/certs/wildcard.example.com0000644000175000017500000000675712710627110016550 00000000000000-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAssAUoT3EVWitYWl1tEx+RmRquuT8sMMr2cS68xao/hysvWrn SaxM8NYVLEWA94MekjXspQ6pe8LT03j5q6+l8TBxdUdKcb/RCuOpWteuCwv11d53 mUqf4zNvevBJA/EnNcJ5OHD571lk684a/ozmbhlBAN7UaTgRFWkc5gTR6WaZk88E 51V9wOjC8JXs+NOuju9oGxjvztrLm/ryniUawBB41GTwxoUF2ZNIXr1uccnf5knA vA/6Q2YYWyvNVRuvt5VWv/j3ilollpOaIQQZQewAzCngpsDq0o0sfzt+MDcXuMSv XUPGkbZpzBgE8uR3dOxGwBBfEUgeIUawEhz4eQIDAQABAoIBADO2fkFnrTVIY2Cb MgJHXwDebEJFnRVGYZlO4QcStzFM+mySUPdvcZL7XITCVt1EgcOq9huKcl3rr3yu swyIdGmiqjBTv6XI6KFN2+D8JM3tV+HXyqH+hOMmLkpS2czaJ43WBVve02/7XMcb iZO7D68qfzPRQ4JtRgP7tPCW1GPBXwjcuQhcCsR7FRDU90Fw8IK3moDGkaIAc2ZK pBM3WaWR7HAv31PMIS6FmXW1AnT8ZgrnfuMfamTtkcZUSlnoBveYPgLhAprQ2DxV Zoi56OqIwylQvrLxiWsLleJ0kAZ6La3hnUFmQfkWC771PEBC7DqnuFkurb0z/qxn uF5k30ECgYEA47J7zuAmzDNQmB3k31XMbSSJSs6s1F2oM7vM1H+PuRtAJTenSdX3 yOGlkvm88jeESYBpfCz/xOz2t9KsfuZPU+X3mGs+xNDrbMu2li5HYmb+9cz6bFqG iAjRHoLAxmplqc9r5QyB71Rk4hqvohFATd878n59Yoxnkq4b6EuQcY8CgYEAyPgQ 3PQaWBuqZrgzNmF1n1dHQlfbjE/mefjVnrBAhcNVl6JoU0j4iiosQCbOCgbfCeCd 0DB2pFIBwelqIDnWgB4aUbtbSQg8/i1oGjmXGiuzLVFxBTTkq2voi4c/fboDtYah AuAn+q2MOdpw4FKjWH8q/ukfGU6hFiNdRI9/YXcCgYBnyQMF2MXWbc1eiMG5yrHT TcQGhQ3h/o6chg1nDn3EMdebHzLxRMYcmj2OMKcfAI8bsZxjLV+nsxsBztUxQmkG JNwmbTu/Gjs06+Xdrlp7T9cG0teSa/DGML6g2Zhk2DpenFzhmkHfhOg251MG3DYj SI1aiq08LiNHiHTP/SFpoQKBgQDGfcRiBzLR3RlTdREX3/CFnXWDQDVXAz+XLr8G ifxgYUpzhvPVdpgMFpU4E1ujKaA3KEOWcZdsupaDyJ+KDrYeOh0ypoMFwf5D6eMN K95i+dBxrSOcyd4ktWKsFLwP2J57NupmZbD29Vwvc+HSnaw55vg3Z1bQ7wlJTUp8 QeLFBwKBgQCZ00ar4cEdrTh1+cV8G04iN49X9saXB3YkT3rujVmtJ5n/mbXPRF7i 948rtomUuyqxelzjAuYSe7zE19K66ZlYqmo8IQrwi+gcCY3VxlMo/WA9tKt41e9p T0KoIiqg0BueH7pLdWp4+xEkZvyzD4W9/y9YOXmtQ0UmpDCBPTCKZg== -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIIEDTCCAvWgAwIBAgIJAIH1UUxrC2oyMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD VQQGEwJOTzENMAsGA1UECAwET3NsbzEZMBcGA1UECgwQVmFybmlzaCBTb2Z0d2Fy ZTENMAsGA1UEBwwET3NsbzEWMBQGA1UEAwwNKi5leGFtcGxlLmNvbTEZMBcGA1UE CwwQVmFybmlzaCBTb2Z0d2FyZTEhMB8GCSqGSIb3DQEJARYSZm9vYmFyQGV4YW1w bGUuY29tMB4XDTE1MTAyNjE1NDg0NFoXDTE4MTAyNTE1NDg0NFowgZwxCzAJBgNV BAYTAk5PMQ0wCwYDVQQIDARPc2xvMRkwFwYDVQQKDBBWYXJuaXNoIFNvZnR3YXJl MQ0wCwYDVQQHDARPc2xvMRYwFAYDVQQDDA0qLmV4YW1wbGUuY29tMRkwFwYDVQQL DBBWYXJuaXNoIFNvZnR3YXJlMSEwHwYJKoZIhvcNAQkBFhJmb29iYXJAZXhhbXBs ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCywBShPcRVaK1h aXW0TH5GZGq65PywwyvZxLrzFqj+HKy9audJrEzw1hUsRYD3gx6SNeylDql7wtPT ePmrr6XxMHF1R0pxv9EK46la164LC/XV3neZSp/jM2968EkD8Sc1wnk4cPnvWWTr zhr+jOZuGUEA3tRpOBEVaRzmBNHpZpmTzwTnVX3A6MLwlez4066O72gbGO/O2sub +vKeJRrAEHjUZPDGhQXZk0hevW5xyd/mScC8D/pDZhhbK81VG6+3lVa/+PeKWiWW k5ohBBlB7ADMKeCmwOrSjSx/O34wNxe4xK9dQ8aRtmnMGATy5Hd07EbAEF8RSB4h RrASHPh5AgMBAAGjUDBOMB0GA1UdDgQWBBRZIQHOrBLp1fDNAqAa+2AzzzBv1TAf BgNVHSMEGDAWgBRZIQHOrBLp1fDNAqAa+2AzzzBv1TAMBgNVHRMEBTADAQH/MA0G CSqGSIb3DQEBCwUAA4IBAQCM1M6uyF9cViP+0S1R6EAsfwn2LCh+YWwL+UYM+HCp 9gA9Z6sMlBH6v3NZwrUv7LpSkr0uB+Vp71KV6WALbWx6no0aPg2IXIg0hmZnUbPP IEPYs6sMkr/uKw26YdMql0xFX3dtbXLKzn/8R5wWiCKKNg7BVo+/zBBBEkm8acSA 7bHA5Rp/oovsWzrrR7L0RQ39327fXny52b9EqA67qBhsaalw7BPHNytn9BZlva21 h7U8wyjHNFeTEQAloPlp7xtfCFYLm8W1R8glcwO15PUggKOmanic47OJpkmGWRtM 767bKE1+ZT3OgIjMVYovNO/517MgPB9kGxYy0JUjggyf -----END CERTIFICATE----- -----BEGIN DH PARAMETERS----- MIIBCAKCAQEA8H12cT21ydklGJeyztjJtYmGcNmG+gtfqR0hY2GOu/ZWIozr61EE 9157BxAz3/I5oIGTvBZeR4vn+cKF25XHYdhjU6wPR5GQ7sbf6qtM+Vo/TDwryapm WSn+ALokL30ohuzntpCS//OASLuRdGipfJ3yMgMsJhzeu6nu+4Rdq3Vw1iBDJWuM FZMRR7Pe4cgj53eNQEYdDW0yjAbpguWkzyHHh8+ttkfkSyg7Bl3pSG9r6oJeQfEv PtTIwNyM3/YgW4TG4hQJ/bS/Q0d3Eq6EaJqqa8g7zUhiisUf2neNNqVcpcD4wEGp 1ZbJIbISu8VQ/gBqyyAeLt5GP+4cL+F9CwIBAg== -----END DH PARAMETERS----- hitch-1.4.4/src/tests/certs/default.example.com0000644000175000017500000000564212560105637016403 00000000000000-----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDOCJ5SZvnsESOd 70ni86DzSOhYBs0mkS1iorxxNgDbLIoWPhFVfBTPTn9lnUgrJPNg5GhBSoqLDLSq WCr4G4VVk+2VdFxRrG3Qch/sYtLS9q6Uyxg3gdBPPi3GtyUGhJfKFodWwMt3+2KH gSu8FwWPwTuPb5kOUmO7Pp+5g9OL4q0oyo5GY8ai7c6+GqL7JazsnnVLNVuC8uD4 o25E9ZEyMl0ntP79ImzmZJCK43EYI9uUsWngv8LyR3lGslm8LSYTONtc41HFrj2T a78oEMHhOFESNq5g8qiSXkM5F8Hql2F9aY1HKIIUq+RfbpJFH01SMk/NZ4I7MK41 7Qd0foE5AgMBAAECggEBAJ4cJQtNdRuA55lKyaO9nNU2LP9ocMTZAkBAbGZgr/WC T5HUHc9BQmL4dXGQapKZb5/6iDsargkZPge/U3JFBGRw+hEIU9Rlg3xEKFVqXSmC HuWWmcX2+9nj+JMXdvVyiV2PPlsH5tzzcGBWcy6LaDwyaLehR46jEV/fJgnirVQZ xgj03AK3SBsL4WpK3C9D9dURvsDfd15v+D8mqOhxhNF/sMFiHLMB1m+HCYChbn3T 2lkUfS5NF1Cd0NwV+fglvHjytyT+ELGoGPez1uBKxigBYmOtuIEbo3xH+jjPJuAr ZgbyPtdO9flQpqRLcW5Ie6NZlZxfA1WcVULf/198FjUCgYEA8tO+XF6sFUvwo63S uqG/y8+wCSpwwzUxU+bNtqeM3WbkTgi0AuhAWAVqaGyysCVFJ0WLK+wFOpeFIwcL vmA6sWZ26dqF/IxmvC6+ytbKKmKvMv5p3IWky20Dz8123poBKM/E7afNBKrCa3BJ 151whywgLOQ429pERDqeWbfo/IsCgYEA2TXoEKiG0/dw/3CgUkufi5+ZIzASrplj okeg1H75AeHke4avrILrc0d+9DxJ+ZIJsJ/N0b69q433MNoFcljWp7nMMxpI5w2x eC5asbopF4nmMw8Hr8iu/x+LB2XcAb4A9Mn2oJTrH3fV5VRi9Ta3i3cIswtdWUEW Dq2erK43ncsCgYApRpzhDqapqBLrf6yGVOBJQLBnnnM0e2I7JMxq8+gZ6ld8fDY9 GEV3sNP5lCB7mJo8prGVcbUh1IepAJWacrkHVqd38NE9sI/2BOwhhoku0z98p4pP FdiBS7KOLBq8k+kGiuqqiw9qb6xEnv2uTPDHyVRezRxtIpjgECbCkWRlKQKBgDIT eHXmtHbHtBhf2cY/QwAIgmCXY6c3G7487zouL7AcaPWFfpix8iA4mm8qOw+7eFps 7SFu7QFREG0Fxn2vN4Whkw8w/x+ti32eijAxL+oKU7TvwSDojleo6P+Cny8To9rL eP1ad75gfUKKqunHfJc9kRbeBt5d3/zwUAWVgKLzAoGATMWtO/KkioQK2uQLMHNs ngsp/95qR3p0PkN7odN1fKyAZ9w+XzUS3ZZ2jWWq+3aoMRJVkX0hsl64pibFkKUK 0PjzgceoRhIlswZKmQKeRPTagX2Phy27lbMOxUZi3IftcZp3N6LuYkrMmhgrg4Ir JTGbKqwPUATa1PfjFys686I= -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIICzDCCAbSgAwIBAgIJAKVQRZn9OSoBMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV BAMME2RlZmF1bHQuZXhhbXBsZS5jb20wHhcNMTUwNTE5MTA1MDIzWhcNMjUwNTE2 MTA1MDIzWjAeMRwwGgYDVQQDDBNkZWZhdWx0LmV4YW1wbGUuY29tMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgieUmb57BEjne9J4vOg80joWAbNJpEt YqK8cTYA2yyKFj4RVXwUz05/ZZ1IKyTzYORoQUqKiwy0qlgq+BuFVZPtlXRcUaxt 0HIf7GLS0vaulMsYN4HQTz4txrclBoSXyhaHVsDLd/tih4ErvBcFj8E7j2+ZDlJj uz6fuYPTi+KtKMqORmPGou3Ovhqi+yWs7J51SzVbgvLg+KNuRPWRMjJdJ7T+/SJs 5mSQiuNxGCPblLFp4L/C8kd5RrJZvC0mEzjbXONRxa49k2u/KBDB4ThREjauYPKo kl5DORfB6pdhfWmNRyiCFKvkX26SRR9NUjJPzWeCOzCuNe0HdH6BOQIDAQABow0w CzAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQB5F8NU2VSucsSDYlWkY7hB cTlkshVZl5yssrWUG0qBA6/ApuwyIv8RmAiUCtKVDaTHuWCgLPWEM4N0hJmiRE7O 8ZzxHUjqsxbcFT3EUstgBynxpYCOAsF8nePlG/8xCLUJjmL4z4GAASbqiG1R6fET JRVwlvtx/mFQx7GvEHIhW102eb800LLDDX+yxxDDbswEJ45MaPkeQ67moVVNkdZ4 s5LWJOis+aNkcWwd5eA2PGZ8QAUhcPsnmwyeke/Pcg5P8Niheelbyc2h5kJOmixn fq1WK3KrvGcCXNhvpAvaQ1qwXYBGzt9Vd56sqyk+DtlvLQG8lPbW+VtfYeE3MSrH -----END CERTIFICATE----- -----BEGIN DH PARAMETERS----- MIGHAoGBANuocow40w4uZqh+qhuFa1VfTW0+DdGkUcCKOX74+ld7ObEXMo4WYENh IyFr8OQuScchDZQf27UFrRV3bgDcNvxB2davRtgZuZf75/P33Ue0uKcFTPgWqQK0 JPAUcJ0ZDabZ+iKZx1aGuZXVz6NECacqQQBJVdctcHfqB8Cod90TAgEC -----END DH PARAMETERS----- hitch-1.4.4/src/tests/certs/733bfb5f0000644000175000017500000000563612560105637013774 00000000000000-----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/i7Eng68ltewd bh0wyDtwCuW1zZrZyB2VuXpO6vMbC4ogynMK2dsPFUN8oOCzLcomlyypqfVIF5hC ILFLf2oE/vY0c7ZClFdro3TNnnH0PD/x9yQsm5Qo1BBWxMlq76kCMwdb769CGU1P U/AgW+T/+gJOzfUjEj0ivs4fsVkHa1N2IpA6s6HxcSswa5WcYKYUD13o1+X9T3SM Sgp3nzGXgzUsKoiLAa8RebqpHMHnzSUW3ctW7W5N/SbrBy17LlW0M4XS1ZmcI5wp 5lMmjJvgaYWs/NapfEfFgHnl5XB6RCLbNOqwMVWbLP4OTEQhlBnambW36Ye8FUjF A6B8oEzzAgMBAAECggEAPJZ5MOCMdEc5Ko38GcQcWPJ5eqpQgvaztPp4X6Idx748 sOaYwSPsELdPI4rXyJWBTfefnwMtnOIpvTEOI61n4bCsPCclzaWSiW+osKmfrfuo 1mawQJPtp4R8rpWMiJDKSvHNMB1+uE+8jo0kdXfb1cRFGpw3ICLSx7zHAmtcl+Wk pIdjiqy87tsf9DQGqm0JMjxqPpuc2HCaFPETRPiqPmjbeXzVoRr4J4m5Di2trtZS 0Svh3/RFlpACGPi5GNdIu9yYIEjUfBH5ZBPS/Ik4TxKUQW3IOkUmtmNueCXGC5X7 NFvEA3oudhn0eGQ/EzOk6JIbMivntHKUODMve+tWQQKBgQDrbsprn6NiD6+WKiGp dn4qWPI9fIi0IqRjlB3KAbfxmQTytZc7AhDcsTww7qpAf0kWESjrebbXsFpZaUSu 3sWovmUwSEvsyTEv2UpQWzLwYPE2ZsnG8w0eUcyB/uJmchSjIi/PFRgdg8JB7Flp ByOpnex020/Cw+zWgNRTyDCM0QKBgQDQR2luWstlG4Z39nUPXMsMkmpaWmeahpnx m6NSGD9VpDThvVUycQAeijRkaPuI1g27f4ke2On0XGmEzpyB5rjT2J7jcqrPnPNL USmYJEl7YbKB9JharATllg6NSL2ooQUB+nvUNjo3kb5VD7ysh1nJ3YA7GoGXUnoX ZBPwBbvegwKBgQCN+GFYRQvhNlRL2VwzNKEgKELrkQ1ekwVOhyLvjdm+dufk9Fwd 2UER1E7XsxQ3kIoiJHboiJ0Zs97HzBL+4JeRCj86vl4Ki8h9ciq+CkDNc6gBhjpn Hmnqvqj0Ox+LZ3/KX/M0jSPdqHacCkpga022GuVcEmQmrr9DGqzvWOjuAQKBgCS7 U2a48IIGVrK1bnOlI9I1yDfjFb502pV3o1gJGrJZ4VGmeG4K68B3E0JaGXJKfeWB WodsLeaAncNkRMnMDPCflXX7dRBkV6wCxlkknSj7U+YDYxMqnzp2Ol7EY15n92Af 8tK8NYwzUePigJ3UyQsG22SRCiXLz+hsJ+/+suFNAoGATq0eCfEL75Q7su+urcJ/ ELsH6Utjx541HbfosuPGhoQ7wjyeepY6kR0Rwm/h/SbIpSywc0wHy11mlv56M1Sf sJVVegNLeLyA2jDC5oUXacwzRNFdltdEVN6F3+CEOR6IAFtJIRObL+eGS7m0chLn L7oX0xwXs7JfXyjHRJpwZ/I= -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIICyDCCAbCgAwIBAgIJAMdM7eXgW+95MA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNV BAMMEXNpdGUzLmV4YW1wbGUuY29tMB4XDTE1MDUxOTEwNTEwM1oXDTI1MDUxNjEw NTEwM1owHDEaMBgGA1UEAwwRc2l0ZTMuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQC/i7Eng68ltewdbh0wyDtwCuW1zZrZyB2VuXpO 6vMbC4ogynMK2dsPFUN8oOCzLcomlyypqfVIF5hCILFLf2oE/vY0c7ZClFdro3TN nnH0PD/x9yQsm5Qo1BBWxMlq76kCMwdb769CGU1PU/AgW+T/+gJOzfUjEj0ivs4f sVkHa1N2IpA6s6HxcSswa5WcYKYUD13o1+X9T3SMSgp3nzGXgzUsKoiLAa8Rebqp HMHnzSUW3ctW7W5N/SbrBy17LlW0M4XS1ZmcI5wp5lMmjJvgaYWs/NapfEfFgHnl 5XB6RCLbNOqwMVWbLP4OTEQhlBnambW36Ye8FUjFA6B8oEzzAgMBAAGjDTALMAkG A1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAKvV1N5yiGDbj/j2tYTXtm/GyIGk WISB7zYL3x7L92CW8ECx1IhAx/YY3VnmRHIVKMyA6pFV2tfTdwJMrwSybbEfi88e q/xnJXPw6niUgHgMq4o7UCt2jVnkVncHj21zdUydq+KWVYodk2utVECeVI8uy//V 8Jif+z9E/CZsG84tbtHfq8ohLnosBIEbm9e6uqhivPbB+YN7uSEY/Z5ikYGU7hlN QCPSefot21XqHd/6dBYKs5mJu6VeuIwY2UkZtXfABrHzc3AfzbD9fj6kivWzqvNu erkJIZsV/I3vAwiiFM8K4hwYYxYWGMY9YCL1zkqqK8jJcVWdsUh9BkXJj7w= -----END CERTIFICATE----- -----BEGIN DH PARAMETERS----- MIGHAoGBAPbJOe3yBytYY3hjJ3ScHJx7R3vpn8MFq2N00RYYMCSraytAG596QvEo 9X/ETnzBU06nfVbJo0gKlsJfciDQbuorUGC/0LvVB9t6Nt1c4Xa5QGI7LeErfnNj CbsNgRirkh/lmn2e0HhQXaVk/vb6i8Cci927nWPWdl+M8GdnvjIjAgEC -----END DH PARAMETERS----- hitch-1.4.4/src/tests/certs/site1.example.com0000644000175000017500000000563612560105637016007 00000000000000-----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCx17z55j38mGHB +kAcRH9l/JlGkArB7HsoeFJ5ZMT+W4IW+QTrw21tL3+iJoavnE9kURV8pQ/2C8mB lbTCY4d+7j1Jq8pnIZs9YqgwqXUizEXgqTGtxWs4I/v2QkD0DXI6y1S9DWTKKflM HNjPWaWPNIwrnQAi0bNq3PjS5x8p885+64aDQmMiMJRu7btjtuXPa4icfn7/2twq 0BVKARio15IcKgXHJCcjvVpYK4brK8E+OrzUQ6wNDMwGcckrNylIJafYAHv5wKfu 6TJLCD3RUn20PRFmBR66qap68SJAuSBJXMrtWZYXoF0qLz1QvAwmxzFq2oxpKyzQ 2R2TTKwnAgMBAAECggEASLCYckA0h+E029dQiv1IYUQs1hWcAAWLlVAQzcNtbVWz x3YDF+Zp/J3Uek9q765hGOy3bpn8+yF4PHoXRvjtcekorcsE0MCAtkdz3Wf2E8IQ sbIWNyOhHnI+0znjWJ2CWhuvyBIIZ0Veu0hzKdVHgVAGFvF2E8VIo14sae/D4h4x FMYp8Od6zyb4pEigIELQeunxQuev8SGBYzI+3EYrs9+Vl1I4TUwfjxK24gXmjyc/ pmRIsGChD5lVZHWh5WIyGaaSKISM3ZmmXz15g4eammDVwA17poKMudUZRSx16M91 w04SoQdvikk8/eoqx+7ATzZj0YSHADXMRq9/tENbaQKBgQDmJWL9QlBBqsXvtMq7 EAfqBa4JYDKz8VKcBQULA0G030MQgGws2QixzbuxJ/FaEc97qLVCzpJjL5aeAgGO UoUsrSbEycOxUaGCnY2ie8CGU2w0DqfKLuHJjOqlJMY4KNaSEWNqzQCfEi5Tn8uX 1tlWnd8rL3P5ObgS/avnjXkwXQKBgQDF0jIzuoPKL+KuBgQIeG4m9YQncpHuu/w3 4j+nD7zqL3Gvp3+UEWCrrKplwfFnUUgs8yt6kfmPIAMOxyPvFsadi3CxKIf9stR6 acvKXVeKq5PFu/3j/IYXWgPqVfgx/yOCFWsEVOP+Lpl3XeGgxe8heHFWVD7I40/Z uOqdcKIWUwKBgBf3osRvKH5+M1jQQiCS/dAAQWyWiRE2O30mBK1t7GTSr2BDj4Bo JcCmhTpgx4CyxCHDowTPEG2l4hCYcuMIcvgBHD14KZoIv0Ij+EEIlDco7ubI8+5Z TYg41aLXHpFwp0/U4b6YlMz8DrkEtiYc6Mtda4VKztAQk7vekQ1vLUS9AoGBAKat +UbEvQ67UlA3GWbZslZ5QCTM0FFLa7Tama91/0ODPlM22rQ0ADQmhFzBEVpwjlPx gI0COjhyTKFDAfAOTMOqHgXnlM4axBVw1xlnlL9u2lAdmktjFsjOO8ZTMZFO3Oha i5VWwdQGB6EgJWCF5ntZNIX87fnuLfXRbT3DDY+pAoGBAKMI3B1YIqIjR13AEKnb e5zi/oTvMszGfOtlPlNLNTVFOmQ40ZtCLxFPTVro2rSR40fNmA8BuBmVdb2jM860 N6opPVlWDROrz1/FNXZVoEvk94Ip50eNXC0OCJr5pRGshTYTjle0kXU40RJquj+d /2NZsggs386IXfST4tsTOgbJ -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIICyDCCAbCgAwIBAgIJAJEPAZDkTVHzMA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNV BAMMEXNpdGUxLmV4YW1wbGUuY29tMB4XDTE1MDUxOTEwNTA0MloXDTI1MDUxNjEw NTA0MlowHDEaMBgGA1UEAwwRc2l0ZTEuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCx17z55j38mGHB+kAcRH9l/JlGkArB7HsoeFJ5 ZMT+W4IW+QTrw21tL3+iJoavnE9kURV8pQ/2C8mBlbTCY4d+7j1Jq8pnIZs9Yqgw qXUizEXgqTGtxWs4I/v2QkD0DXI6y1S9DWTKKflMHNjPWaWPNIwrnQAi0bNq3PjS 5x8p885+64aDQmMiMJRu7btjtuXPa4icfn7/2twq0BVKARio15IcKgXHJCcjvVpY K4brK8E+OrzUQ6wNDMwGcckrNylIJafYAHv5wKfu6TJLCD3RUn20PRFmBR66qap6 8SJAuSBJXMrtWZYXoF0qLz1QvAwmxzFq2oxpKyzQ2R2TTKwnAgMBAAGjDTALMAkG A1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAI/nbQA9Jcx0Yvzug1I59/9DHXL2 DRcnhcnRP1OjL08TH79Wnsm11FtKXHcu00vYjEDbpjDroFWcQbQhTXy+5Bn9qTXU 2dFIPYU3NaMzifxcN5GgbhkEWD6F/QQG7pu0rvAQyanrMvyBV7qYO/0X6GfL9VLo qcqaUU2fA/7Po10iHeiphgxD+NhyM0OuBNvXJZyqx7wWqJLgTUJKfBxjHgvSqFwO 3qg3TqMlIpDqWy3WBY0NK0AlcD6K/Nvww/QBd2bl+8K2tvBGie2qTS2nVcBc9YVY 0c3v+VMUmvPTJqRvCicyOTfoR4yL5Nqj0bo9+RsdvziNyrhcPHUB7ssxRyo= -----END CERTIFICATE----- -----BEGIN DH PARAMETERS----- MIGHAoGBAObzCZWZ2QBmxGYQ/9yyX4IHjfKpnVIN9n6xV4rksZpzYAQB078GgfPZ KeE2mDwEsmj8gXwg5GZM6RB4nBDpuGIJb1ZEfzLij5Erj5rTvifgn/h7pZPdvJjt YeKgzBih3GhD6CEUrfqV6CktkwqFH+gfEghZbCUVoSaB4tw4zawTAgEC -----END DH PARAMETERS----- hitch-1.4.4/src/tests/certs/site2.example.com0000644000175000017500000000563612560105637016010 00000000000000-----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgwATitq8V+zkN tlxZYtzA/LEyOkWszPTR4sCQRZihZx/YuMGX7/TcyEl3X/r4c/nlMTnU5U3nUUZv 5JKZdMyMVD6cd2GOdWTI17tTrvMrxBgRa538jnKL0SPcXFiSzzUacoRqDdA/WnJm Vbn7F9L8mbThwYumKnYOK54PisixLel8fhGypiKyeKQ3zP8SecRk8jvkdIltvHXw oI+YDZXy1qqXsDuDoE6PGh+1rKEQdyGjDzCFwUcUGLURcHKu3elESEi7QE03hQsj nJXTMc0xg2v3dxEnhkUaV3KKMFrDz7OVa9prkqPUI7+hOK9J6bWXGc7PWRzsMQbO LGeTxn4ZAgMBAAECggEBAIJzUYOqPOvZs7MtCkR/tiXm6uWX5HMW4JZzLVHnKLXS ukVlqbVjRZLl9ripa0G03FbiW8wpSc8uZbroAxAFePloZGcVelXhbqiOaba/gxdB S0bXzp3l+477ad6qEjcRcEbGKC7ohtbiz3O8nfDmpJHZKrEKIAn461UUkHCMb9FX 527BejW8Yu4DiKxBHo+WW6ukezS8BQP1e1L2MUXvEr5EnWK+0ADVh9NDPh8RgvZf p8Im/iaBH+8ptyFEMkV8Paacow19cSBoN0BVh5KP+5b+H3xuXYEvUVtEKVcCmUyD slr++fWJuN3ugnCT+lzs/cWHyTzLWSb7kP3Z3C/J5wECgYEA0hu2ShOxqYRvbyIO VoEC2DxHPP3Sm6d9Gx+/jS+tOXjG37BM0Rc+E3HZmj2ZGXuKUcH3QPO12nVKjFjE GKpUVexJAhoAn3NzpJizGhA/uu4GjGQjY8aDoX7Fvp6aWYDGFbScbl9saIDODwhD vEAupB8dKaIPo0dOBcUOAatAYbMCgYEAw9xstEFZZi8VREIPAsAJC0N3+nd21INs pLXW0q06Cu4WvrMwpjBwXDBMc76MIFfDFBs/Du2K7mPrPZ3k8Ov6ANikCviVBM3N 0itZ42K3eKktv0FQx6S47EJvfFaUikbnHoAmMeEAu5jEb8E0gvnUgkjTmhCJwS4u 03la9gj+wwMCgYBzwQS65wK4S9hAt9iCW+0/SGZO+d/wFWRdby5PEHc09I9MaYrI ny958v1ZdppEacWYqW4ZAKutwXTiwXy3wg9Yjybh24WAU1Dg26fAsjcKO1ysN/cv XwziCj/Tdvm+Wa3IA4szW6sUH/JmYb0/l3SawvGEIF7RK9WWZCwFS13a9QKBgHfv CzWZ6qdy31/r34s8ko0uJFLgQojBbY6ytrhNUQSOZKkjyv+JG9Sn0rjxjpbjhtZS FNwMQ43U66DQhfetWGqaPmFldML7TzSKTUG7GkQtvJCn61JFIOOzjtchoVXHMxFv QXQ7ppo5YthYA9LMLwAUnlZyGBiOMihW4IdWXMKHAoGAGRRg8fL/U+w3UaXAEuMY dg5fTOp006lFy4M/9nuxbYoARKS16VK14ai1PNQicJJ8iVWmzULJvzhe9NRuuOLp ZMJj0y2DHkNrZVwmCZp2dyKPAoaOu2wt1XIEAnh0mZWFs+pGi0R+rt9qaoPkOEdd f1dua1DbcN79MyX5scrBkjs= -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIICyDCCAbCgAwIBAgIJAJz3jnCmy88MMA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNV BAMMEXNpdGUyLmV4YW1wbGUuY29tMB4XDTE1MDUxOTEwNTA1MloXDTI1MDUxNjEw NTA1MlowHDEaMBgGA1UEAwwRc2l0ZTIuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQCgwATitq8V+zkNtlxZYtzA/LEyOkWszPTR4sCQ RZihZx/YuMGX7/TcyEl3X/r4c/nlMTnU5U3nUUZv5JKZdMyMVD6cd2GOdWTI17tT rvMrxBgRa538jnKL0SPcXFiSzzUacoRqDdA/WnJmVbn7F9L8mbThwYumKnYOK54P isixLel8fhGypiKyeKQ3zP8SecRk8jvkdIltvHXwoI+YDZXy1qqXsDuDoE6PGh+1 rKEQdyGjDzCFwUcUGLURcHKu3elESEi7QE03hQsjnJXTMc0xg2v3dxEnhkUaV3KK MFrDz7OVa9prkqPUI7+hOK9J6bWXGc7PWRzsMQbOLGeTxn4ZAgMBAAGjDTALMAkG A1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAGnB1SB16rtHwQlPwA9KnhzD6Vmr Vx4q+L3hm9FAaTnc0fsKiavfH0DowmaAnD4RFlp/TmVwrb0LyFee8H+IXtDlrWY+ OTG13AaulXeGf+7l3BjvzNXkyg8LcsarQa4AF0cpVBCyZvWGDl/K5nuBTHu8J9Hi Uq+Yiq33nqU9/bWBC5SW7tHRICVeI2jQ2x5O/jT08JHkwf84klurTcNBRJ1LIb0+ 97v5FT2Fzb9W0cSdfopqzRhXqsJr3kA3+y9XPIXY0NdYwS1NCfgEfdvFXh7Soyce G2Wc0zMCp+JwCihvWRnAqwcxB1hWj2NdSopYIdvNYqa5FMI2HTJ/Aml5iAI= -----END CERTIFICATE----- -----BEGIN DH PARAMETERS----- MIGHAoGBALvVNh6W7TE1y0sVBgLsoJWgH+bJ3FIUqXnGzbKWfY3u0DD5NAlFACxd HLUcuLHYdExSOOipZLJgijy88u9LiIf1V2mEBbHQvIIF+uOPvedIGgJyrKX6UJRS HqwmuL+wv1Z7Ulrln+Sa5yXziBthKBwHIvYVnmmnsWMTi2w+Vl5rAgEC -----END DH PARAMETERS----- hitch-1.4.4/src/tests/certs/site3.example.com0000644000175000017500000000000012560105637024022 1hitch-1.4.4/src/tests/certs/733bfb5f00000000000000hitch-1.4.4/src/tests/certs/valid.example.com0000644000175000017500000001754312743406622016062 00000000000000-----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEApDz4IHLfO+NLn2pEjN7al7qXVH3QgS/KbrUr6TXyGdYHwIfA d+GbcGiPH6aaZqpIIQQ4WEA+gTBDcHeT7MY5NyEvX5EcEmhq5zFutjiIruszxufj GnXFqzPsrelpzPwD/HgKPX0dxUZzQAo7R27tFSY4hD+yuibp6tSQ6jpMtFL2CIQh CFhTaja6W3+iWoiBSTraKgduktdz0I0NyswQHe472LyoD5dMiv+o8ik3+75tLzsg xc1zhS7CevKdWYukpeY6fKHnFVaQNjEKOSujIC1lHOYLvcrET7HfpG0Ir6H+8Gn6 KFWzx+bM3p8xtxrBaBJjERkvhefQwe74jTXCVwIDAQABAoIBAQCWpTnvAY7TbtRB oAbKs+sLO2JtZI3owT5MN6/UVOABZLltltcq3uxlufJ11KpROyW36xgHkr4CX5Os SHKNvvBiKfU7Em4OUGqmL0heqhJtZ13xt2cvMRGjzJfumWerVwoM/MpfxjCVb95s wjXHeu7J9GnonEjCyMjM1jcqMVmEGBAik+LmnbI6UX6lBbD+C0Iw+8mg2+s973sW XojZNyO3qo2pUUCL4OBSTHukskLJswHXdPCFb4DAYrrZRTbHZzKLV8YERm7+sWrc TILcL4xjpm7gehwZdOO36zcSxnAqUvoBIfyLqUS1k8lljsk1GQl/OxEcpGYS7sjD vCvnU0BBAoGBANRQ3x4oL8LweRGiyBnw5P1nz1xAY5sjWuVZ1b/J0YfqNhVINrqA QEGtfD3wtAXWdOcOe3GHhNRejxT950xrqW96BjhOPR8RRKj/EA37+W/+C75zDasF aq2rCTvpRBTP11kabKi+NUj8Iw9qvC4Hxza2o29/BLgvYkEsPRubunm3AoGBAMYH vbjcyqUULXYimSSiOf9n4wD+y2jb9sZ5XdRh2IoxD4/tonLeJhJIeW6EsDooBaoT 0yAXcMI1YdUnSrXK6n2xnueyTabFudG6OJ7AEjGNciIIVgxKRtAJIQb7r08VJt4M sAd7ULiu2KZt0ULXUXgzb0g71xZmuOMqv2cgL3xhAoGAKGHNXh4En44/aMROTOjN lQkWnpQ8nbhGxJKmnhjTuocojDm09xoHnrZRiDJs+yNEDuJpRjmhYQcvLa3xPU7I 5kQORM1UwMD3DzGcKxy+37cxIqMdeWbJWIjMc9G1OkQh0He/LQUoe15BiOAjNJoU IOryAPXmvuV8SasRYFvpRtcCgYAXZxjLvQQRyDWrLWGNy8Iw5dUU7Aeb58rdH8Cv 9bRCeJPPPZUiIBC9vmTjY7jz1oD83YTo2PxRZz+dkhwpKcbWfeQ6m37Dw8A3Advp HufHhWDEltmccDa4JSwLCDlqjiRev38aEz+x46/k0zuUu598Jg/zqGa91fvplMaz 6EDUYQKBgBoNliNytnrRTkvgxOjqmhbe7IZj4x0HCu84QYZVJ/mvIRuHT5501gX6 dSiVtHyH/dE3hNazr+tzAu0nAm04nCrIhsrLbdYP7pAfOY8nYS8AISMLBfJr7rry XLrtVroWpAEtLduP+aufLJoFWFIPreM4D7Te/5KL37cryo/wDT2N -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIIFfTCCA2WgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwWzELMAkGA1UEBhMCTk8x DzANBgNVBAgMBk5vcndheTEZMBcGA1UECgwQVmFybmlzaCBTb2Z0d2FyZTEgMB4G A1UEAwwXRXhhbXBsZSBJbnRlcm1lZGlhdGUgQ0EwHhcNMTYwNDI4MTQwNDQ1WhcN MjExMDE5MTQwNDQ1WjBVMQswCQYDVQQGEwJOTzEPMA0GA1UECAwGTm9yd2F5MRkw FwYDVQQKDBBWYXJuaXNoIFNvZnR3YXJlMRowGAYDVQQDDBF2YWxpZC5leGFtcGxl LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKQ8+CBy3zvjS59q RIze2pe6l1R90IEvym61K+k18hnWB8CHwHfhm3Bojx+mmmaqSCEEOFhAPoEwQ3B3 k+zGOTchL1+RHBJoaucxbrY4iK7rM8bn4xp1xasz7K3pacz8A/x4Cj19HcVGc0AK O0du7RUmOIQ/srom6erUkOo6TLRS9giEIQhYU2o2ult/olqIgUk62ioHbpLXc9CN DcrMEB3uO9i8qA+XTIr/qPIpN/u+bS87IMXNc4UuwnrynVmLpKXmOnyh5xVWkDYx CjkroyAtZRzmC73KxE+x36RtCK+h/vBp+ihVs8fmzN6fMbcawWgSYxEZL4Xn0MHu +I01wlcCAwEAAaOCAU8wggFLMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZA MDMGCWCGSAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBTZXJ2ZXIgQ2VydGlm aWNhdGUwHQYDVR0OBBYEFEEXilaM4+QYL948jNnSyjbiGiTFMHwGA1UdIwR1MHOA FBtfs0ptn9WmepUcuEyTzJQHvT9QoVekVTBTMQswCQYDVQQGEwJOTzEPMA0GA1UE CAwGTm9yd2F5MRkwFwYDVQQKDBBWYXJuaXNoIFNvZnR3YXJlMRgwFgYDVQQDDA9F eGFtcGxlIFJvb3QgQ0GCAhAAMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggr BgEFBQcDATA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw LmV4YW1wbGUuY29tLzANBgkqhkiG9w0BAQsFAAOCAgEAen1rU6qctt5cXF6X/EeD oTroGAYMsOhuoI8GcwZgGf0bt4u2rKM3CF/aU0noO2jiBRP4IOiFNEFFgOF3mkRf Nv061Ox/khv8MCaTZtIODTpmhQ2CD/KZmvK9zjNOAjzANVgaa3pwlWtB7E8cBufA W+VjOiUvAD8O0L1uRMSej8TLjgz6oQJjwvmS491ZirNTqDkLRtyuqxrLKdObXl9X vaEe56EoMPYF/7FV+rJoPqF2djMXMbbtNBqMiJmBnoML8wLHSjIl5m7NG0nqP9oO d1x5zqhcezQg/GATBZ3Qr6h7hbDRqMbihqYH7kQV+cbrqxUo4a4FhE7C33SKQj63 Ku6IsPCl15gbPy9VokDAaxk29uZkmhSg2yhN7Xswv1WkfQFvhDkqLRjlb4Q0W/Dw c5aeCk9x+kM7g8yGUy3/hhqDdeznah4QKaqDm59TpfmroSdMVJqE2t1B6j4ZgDXi 692Ol1UsoTbSSMO0o1ny7qwO9337lod/NDTzF3y5HRTkMw7Vo/oLrk1KE3WImpAp ihhGlLCO/iwe8aVy31sNmVIpsRdfMkECkV90LWifGQt+2nSjspBGfRF06fJk+EYi cdcNd0XexVyKvdtsjAHy0aYQymkFcX3eiBSKj/gkZ4KZj2lsIgzEAdTSj6+7nOJ/ aG8W+d9SSznqQz1/5REn5e0= -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFkDCCA3igAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwUzELMAkGA1UEBhMCTk8x DzANBgNVBAgMBk5vcndheTEZMBcGA1UECgwQVmFybmlzaCBTb2Z0d2FyZTEYMBYG A1UEAwwPRXhhbXBsZSBSb290IENBMB4XDTE2MDQyODA5NDE0NloXDTMwMDEwNTA5 NDE0NlowWzELMAkGA1UEBhMCTk8xDzANBgNVBAgMBk5vcndheTEZMBcGA1UECgwQ VmFybmlzaCBTb2Z0d2FyZTEgMB4GA1UEAwwXRXhhbXBsZSBJbnRlcm1lZGlhdGUg Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5ywLtYEenau+mAOUT DtPajOxXTIgFi/ctaPA0DIkyxb7ODzUyO+F5LTchUODSXV4PJRSKFFfx8mAlYL8H WmsagLIfmmeJArep6Cd+jx4ubiMOSonZp3C1LHlf8DLZp5K5Lt+3YmglAXwXwOYt aTCIrZ3fbULuz6SxTPnzlZiTR/k/0REfeGO8QLy108I8DBANYv8undPeU6aC3MXi FOIAS8qmS4g82QWa5tmcO7VeC5IL0+jqhqwv8XWQxZXFla6sFgnPYUQm68fhlVtV i8gk2Ulbn1vbMCNEWjIrrgYKhND6kLO3cpBoKlYa3arIGUfvLeezUks7IPpThS+t 6SRfH4U3g6ay0jUANLkwq3GLg/OQtDXzbn0Esthw9l5Hrn2Xz4/x2ODWuoIhJmSl JFSsYiAhp4QNVgjKtKnDFfHcWcxnsC6ujWE0/IrTkUxpu2o+VQoPQKwE44ltgVGe AubQ+IIQOCiQ4udDSYzfaG4v1Oa3ka3bDRShmBw4a2MpPlmyK++4ZTkeaJ4wjmsH 9HmOjLCKP0pZ3XpbgXk2Yqd3UGIJu4s5SF53TiYWyn83BRbZq3DoDYX0DBRDHPs/ M/1y5B+BTPAVoyU4LqyirEVG97JJqvir7gxx98alx/N0SxCTEbcydfn1LIqgx5Nk RLRcjuYaVy23Hv0IoS7U3UPkMQIDAQABo2YwZDAdBgNVHQ4EFgQUG1+zSm2f1aZ6 lRy4TJPMlAe9P1AwHwYDVR0jBBgwFoAUjIrUzRCfCuPZdxRCsiW/MOIVF+AwEgYD VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD ggIBACkm7cD2uuAMnjmFg/JBR34wiHrRRj9jsaegCO7Bp0RUgOnE20wKHuKX4A4B E/IoPJ4Y08JsBUTW6+G6WyIJcOta+p6S+iKisfJur/0dgbFkY297e4HGx7beg0ov igTEYdDpsPvbfRSU3U89Cn6EKHlUlkh0oijFPSCwZyY49k4TKqDS0xCwvsEz1hYk 1h043LsORxpJbeZwqaAKHZC69YuK1lbEhe8en061oq+m5Um37yn4XNqCPf8La+KZ pGzwZBBOMttzDNiztyLfsSHsWbeisZprc9XzvjHMdJcevNj3Zs7e9daOHna4WFjv dJc+BFLjWVN2zfM+r3JEvnnAB2DU3/BW9iAFknEttyNT/qj/oTaL7NchIJvZtW1N Dc8UEwz2tWjEMpsjqVmech6ywhFZEPKXDtmUlVFeeGULWWNRsCtQI/3UGYdfvNax 087YQByvZyvQBPCfIBd6DMm7n//VD/lYy4hesJNPpRb7zipS+NVhCIkGyAfGBfiv s3g3BznI2V9sNxI6C6KiTjjUszrY/zw3zsBbKHgPiMMsK9zv42la/KsuRKtn/g3v hp3G5PpnYJyt9Tny7jIQA7C2F8t6CF4juNuy4K3lqBShJHJgjn9cNEhetRbPEsVd 1XeP0XWa5Ix4ByDTnIT1L1TEC3kP8nIbhPMjGPa8hRduL3re -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFjDCCA3SgAwIBAgIJAOL1pFW+79bmMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNV BAYTAk5PMQ8wDQYDVQQIDAZOb3J3YXkxGTAXBgNVBAoMEFZhcm5pc2ggU29mdHdh cmUxGDAWBgNVBAMMD0V4YW1wbGUgUm9vdCBDQTAeFw0xNjA0MjgwOTMwNTFaFw00 MzA5MTQwOTMwNTFaMFMxCzAJBgNVBAYTAk5PMQ8wDQYDVQQIDAZOb3J3YXkxGTAX BgNVBAoMEFZhcm5pc2ggU29mdHdhcmUxGDAWBgNVBAMMD0V4YW1wbGUgUm9vdCBD QTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKdthbmTbULCRgEKvJct isBXqqt1raqKeaSddo2jWjbvBS2Kn0AFH6CwORmOdJg7Bg5ZlynQOuYrXiz1Wr06 VnQW3OZQtiJhABgSLZM180zwtvFcj/P2SqPeS0Geirj3j3zdDS8T9w/pvbb4UE7c BUUejQ2KctZYTHDhlapLE6zjJngluRKbczo0kpUuFD+YWzZ3JqVyWiv5z0qdVI1Q 0xFCpRYCmkxIqaZtrPsCnISua9aZmJStUgPPyrtnSg2wx9oHvTH/ERG6b5D1fWR7 oX6uQpNnuuIU0nk5CZhKkkAcHApvWtoa5n4afX77b3Hd4Ju6yqRh2xUFXnyAz7ZJ nZcdeC8B0f4eqKZqCJE1WFjU7NoNB99hSGX+MmF0i4UMEL6NIQ3pvbBwdWdJNaAT mTeRfrcRD5G7annrpWwXo/tO+leykgrDnVMQYqUjzTj0GWGELpNROamCtXOUxC7x lo4B0NjUML47k1nlX03KEEQmPsWuG1B6yM2+L9tfJmVKU0kGioSRI81pN6htC8TK yCcXLbViuQedT9sfmX1vcXvpZeQrIANNjShjRH6f9OIc1Ak7vTnfaHQLbMhjFIBL C6shsHdsBYF8NCBe6Y6EDOtErjPTPYwN4Iv933pPWC80yJsa6LVzh+VNbm/R9ip5 0JYcJ5et79/fVTWuPb/ewq5NAgMBAAGjYzBhMB0GA1UdDgQWBBSMitTNEJ8K49l3 FEKyJb8w4hUX4DAfBgNVHSMEGDAWgBSMitTNEJ8K49l3FEKyJb8w4hUX4DAPBgNV HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEA ZJRDQ/uJ8fDk0jdbPcZhUhYZsPDcb8fpanlWtXiYt5CVAsVHQIFpY71LYMK4hGBv g9Lnykd20nBJCPNxdr/hZUvBVfEUhB5YPVK8yRq22SXIyc81s0wlVcstxuvnJf64 KGOKlBpI9rbEP0YjO/lWNwVToUIDbn/SSmb6LbXJo90B3rvXflVHdaw8OdgzIHUI HAAoRkPGlBrEaVffEETabFIHWILBpZUDUk6tBQTGlvJadV5oYt4tyIcue5Km37ZU fmEAF8iXew2nb0NKMKeEC95L9bvzuW0kScI7K9wiaO/AHzu2xj0/PJtlj8fcRWeL vehES/PXpnJKr0JW7oaF2UKRmcsLGhw2ZOIhM1CNETJYITXHbUx0tW0S3x18X3+I FOmREGxxmbK+7G47hwSqbmOTSxliHobnjc99qU+YSzBnxTnlCRhHZxvJ9UFJ73bp 6gFuEAwArjOW7zdq6+oe1PfnK50y6jPPXVA3hX75KoODTIu64TTzqloO8+xEQcdP /cGkHMVTtWbO8uEK0NAp/UowH/Ady0NO2vcBJsdI3w6FmPzYt/+ECjYgUPMN16jD vdjRxzUOUUOT3px7rNLUPM9IZfgavFXQKiIoBaxBPS1aAQF5cQf/ulD1PN2MrfNp Hxcf9eBCmZQDQ00iS55H9Fd9ywnFpOmsUNjg0/LydaI= -----END CERTIFICATE----- -----BEGIN DH PARAMETERS----- MIIBCAKCAQEA63BMyJYYlselsI27ZUboAmHFfphfB5qDKlriw8YP0x5QlKDaKC8R zBpg9PeLgi5gO8qU2M6eC3jL2epd7ZPChVzDAhJOOBETEjqtOkXDE/kzuZLH3MMK pH550/wFh3LBItZe2A4oZ7L2g1SfaqEuKsyai/Zrw5AxQcMrmFyZH6T1MmPtaair r6nQyNwPFRwwbu2tF4ofkn4w39wd6uPBdpYPNQULvFVUizo0pIjexS5Xs/OR9GcT uJoAXcqhFmR1CgwgnrN1pGDpwPynjvt+otK6zYKEjhEFPGJjAN/TP5HH2RzJIUnS FkDjrQs2+rTFYzCf7bITOQlEbzVCh1b14wIBAg== -----END DH PARAMETERS----- hitch-1.4.4/src/tests/certs/47b804e60000644000175000017500000000000012560105637023663 1hitch-1.4.4/src/tests/certs/site2.example.com00000000000000hitch-1.4.4/src/tests/certs/ecc.example.com.pem0000644000175000017500000000315612764260501016265 00000000000000-----BEGIN EC PARAMETERS----- BggqhkjOPQMBBw== -----END EC PARAMETERS----- -----BEGIN EC PRIVATE KEY----- MHcCAQEEILGG81gMCCHEFVPCNvmiHyj52I52lN/ZseXOgWeWjdR8oAoGCCqGSM49 AwEHoUQDQgAEiPp1pDeYnScZ0k8QV55Lqe5GvPjdFdhj+Z78blrVuc6L7H3bKx67 5Sjpth7SRdcBLj0J3xQbdczXNYT1mGyv0Q== -----END EC PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIICejCCAh+gAwIBAgIJAJBlb7KNsA6TMAoGCCqGSM49BAMCMIGYMQswCQYDVQQG EwJOTzEMMAoGA1UECAwDRm9vMQwwCgYDVQQHDANiYXIxITAfBgNVBAoMGEludGVy bmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIGA1UECwwLZXhhbXBsZS5jb20xGDAWBgNV BAMMD2VjYy5leGFtcGxlLmNvbTEaMBgGCSqGSIb3DQEJARYLZm9vQGJhci5iYXow HhcNMTYwOTA4MTIyNjAwWhcNMTcwOTA4MTIyNjAwWjCBmDELMAkGA1UEBhMCTk8x DDAKBgNVBAgMA0ZvbzEMMAoGA1UEBwwDYmFyMSEwHwYDVQQKDBhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQxFDASBgNVBAsMC2V4YW1wbGUuY29tMRgwFgYDVQQDDA9l Y2MuZXhhbXBsZS5jb20xGjAYBgkqhkiG9w0BCQEWC2Zvb0BiYXIuYmF6MFkwEwYH KoZIzj0CAQYIKoZIzj0DAQcDQgAEiPp1pDeYnScZ0k8QV55Lqe5GvPjdFdhj+Z78 blrVuc6L7H3bKx675Sjpth7SRdcBLj0J3xQbdczXNYT1mGyv0aNQME4wHQYDVR0O BBYEFEFiYs25LVpgAaFAiht+hAVuhm+VMB8GA1UdIwQYMBaAFEFiYs25LVpgAaFA iht+hAVuhm+VMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAMPtYL6C IpjW9xra2sCehyHe/exVqzyrbrToMcCagAWvAiEA7HXMTHVAkv5YdKEijhGuHyoZ jrQFNBRbZE+jZmVgf/o= -----END CERTIFICATE----- -----BEGIN DH PARAMETERS----- MIIBCAKCAQEAlaqrlaY8iQGnqIl7Xhvo1zGIq7i8ectN+WVfStKgCzbUYdTpQXYQ H2KxqQpbMHVfFZerrqIwn6/ZAZKVLZFsKYeThrCI/2wNzeRp0L8AVRZ9poibGxVD MQe4jHY+PQ7t6dkiM33rsadOjo/BGlHZgeQo3qgzyZEJgvafu+xroVQadVXqAWqx sAJ3nWj9oCIcTvOBmGH77jENp4mmM4qr0CaGGPbOAz2k9jmn/+ZyWCSqwqeO0bff b/+JwL5iu86mgWewaZj5mz4iGFVgrIwbC+8e2KTFa2Lg16ZGVUyt6jje/3fw1Ovy l6qilDnsHm9LkiNXx9QPTravWelxgVkbkwIBAg== -----END DH PARAMETERS----- hitch-1.4.4/src/tests/certs/19b579440000644000175000017500000000000012560105637023607 1hitch-1.4.4/src/tests/certs/site1.example.com00000000000000hitch-1.4.4/src/tests/certs/e690c8b80000644000175000017500000000000012560105637024346 1hitch-1.4.4/src/tests/certs/default.example.com00000000000000hitch-1.4.4/src/tests/test03-multiple-listen.sh0000755000175000017500000000136713024470656016315 00000000000000#!/bin/sh # # Test multiple listening sockets. # . ${TESTDIR}/common.sh PORT2=`expr $$ % 60000 + 3000` hitch $HITCH_ARGS --backend=[hitch-tls.org]:80 \ "--frontend=[${LISTENADDR}]:$LISTENPORT" \ "--frontend=[${LISTENADDR}]:$PORT2" \ ${CERTSDIR}/site1.example.com test "$?" = "0" || die "Hitch did not start." echo -e "\n" | openssl s_client -prexit -connect $LISTENADDR:$LISTENPORT >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site1.example.com" $DUMPFILE # Second listen port. echo -e "\n" | openssl s_client -prexit -connect $LISTENADDR:$PORT2 >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site1.example.com" $DUMPFILE runcurl $LISTENADDR $LISTENPORT runcurl $LISTENADDR $PORT2 hitch-1.4.4/src/tests/test16-proxy-v2-alpn.sh0000755000175000017500000000231313011340142015576 00000000000000#!/bin/sh . ${TESTDIR}/common.sh set +o errexit BACKENDPORT=`expr $LISTENPORT + 1600` openssl version > $DUMPFILE grep -q -c "OpenSSL 1.0.1" $DUMPFILE test "$?" != "0" || skip "OpenSSL does not support ALPN" hitch $HITCH_ARGS --backend=[127.0.0.1]:$BACKENDPORT "--frontend=[${LISTENADDR}]:$LISTENPORT" \ --write-proxy-v2 --alpn-protos="tor,h2,h2-14,http/1.1" \ ${CERTSDIR}/site1.example.com test "$?" = "0" || die "Hitch did not start." type parse_proxy_v2 || die "Unable to find parse_proxy_v2" parse_proxy_v2 $BACKENDPORT > $DUMPFILE & sleep 0.1 # If you have nghttp installed, you can try it instead of openssl s_client: # nghttp -v "https://localhost:$LISTENPORT" echo -e "\n" | openssl s_client -alpn 'h2' -prexit -connect $LISTENADDR:$LISTENPORT > /dev/null test "$?" = "0" || die "s_client failed" grep -q -c "too old for ALPN" $DUMPFILE if [ "$" == "0" ]; then echo "Skipping test: SSL too old for ALPN" else grep -q -c "ERROR" $DUMPFILE test "$?" != "0" || die "The utility parse_proxy_v2 gave an ERROR" grep -q -c "h2" $DUMPFILE test "$?" = "0" || die "No ALPN extension reported" grep -q -c "ALPN extension" $DUMPFILE test "$?" = "0" || die "No ALPN extension reported" fi hitch-1.4.4/src/tests/test20-emtpy-tokens.trs0000644000175000017500000000012212770204020015766 00000000000000:test-result: PASS :global-test-result: PASS :recheck: no :copy-in-global-log: no hitch-1.4.4/src/tests/test19-protos-badly-specified.sh0000755000175000017500000001150613011340142017517 00000000000000#!/bin/sh # Test specifying combinations of ssl, tls and tls-protos in different ways. # All of these invocations of hitch shall fail, or something is wrong . ${TESTDIR}/common.sh set +o errexit ########## # In frontend blocks # "tls-protos = " then "ssl = on" in frontend block mk_cfg <$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed (2)" grep -q -c "Reused, " $DUMPFILE test "$?" = "0" || die "Unable to resume session via session ticket." runcurl $LISTENADDR $LISTENPORT hitch-1.4.4/src/tests/test07-nomatch-abort.sh0000755000175000017500000000462313011340142015704 00000000000000#!/bin/sh # # Test --sni-nomatch-abort # . ${TESTDIR}/common.sh set +o errexit mk_cfg <$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=default.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate on listen port #1" # SNI request w/ valid servername echo -e "\n" | openssl s_client -servername site1.example.com -prexit \ -connect $LISTENADDR:$LISTENPORT >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site1.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2" # SNI w/ unknown servername echo | openssl s_client -servername invalid.example.com -prexit \ -connect $LISTENADDR:$LISTENPORT >$DUMPFILE 2>&1 test "$?" != "0" || die "s_client did NOT fail when it should have. " grep -q -c "unrecognized name" $DUMPFILE test "$?" = "0" || die "Expected 'unrecognized name' error." HAVE_CURL_RESOLVE=`curl --help | grep -c -- '--resolve'` # Disable this part of the test case if the curl version is ancient if [ $HAVE_CURL_RESOLVE != "0" ]; then CURL_EXTRA="--resolve site1.example.com:$LISTENPORT:127.0.0.1" runcurl site1.example.com $LISTENPORT fi # SNI request w/ valid servername echo -e "\n" | openssl s_client -servername site1.example.com -prexit \ -connect $LISTENADDR:`expr $LISTENPORT + 701` >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site3.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2" # SNI w/ unknown servername echo | openssl s_client -servername invalid.example.com -prexit \ -connect $LISTENADDR:`expr $LISTENPORT + 701` >$DUMPFILE 2>&1 test "$?" = "0" || die "s_client failed" grep -q -c "subject=/CN=site3.example.com" $DUMPFILE test "$?" = "0" || die "s_client got wrong certificate in listen port #2" hitch-1.4.4/src/tests/test20-emtpy-tokens.log0000644000175000017500000000015612770204020015746 00000000000000No port number specified for frontend '[localhost]:(null)' PASS tests/test20-emtpy-tokens.sh (exit status: 0) hitch-1.4.4/src/tests/a.cfg0000644000175000017500000000164512663203756012412 00000000000000pem-file = "/home/daghf/repos/hitch/src/tests/certs/site1.example.com" pem-file = "/home/daghf/repos/hitch/src/tests/certs/site3.example.com" pem-file = "/home/daghf/repos/hitch/src/tests/certs/default.example.com" backend = "[hitch-tls.org]:80" sni-nomatch-abort = on frontend = { host = "localhost" port = "9443" pem-file = "/home/daghf/repos/hitch/src/tests/certs/site1.example.com" } frontend = { host = "localhost" port = "9444" pem-file = "/home/daghf/repos/hitch/src/tests/certs/site2.example.com" match-global-certs = on ciphers = "HIGH" } frontend = { host = "localhost" port = "9445" pem-file = "/home/daghf/repos/hitch/src/tests/certs/site3.example.com" pem-file = "/home/daghf/repos/hitch/src/tests/certs/default.example.com" # sni-nomatch-abort = on } frontend = { host = "localhost" port = "9446" match-global-certs = on sni-nomatch-abort = off } hitch-1.4.4/src/tests/test11-cfg.sh0000755000175000017500000000124213011340142013672 00000000000000#!/bin/sh . ${TESTDIR}/common.sh set +o errexit mk_cfg < * Author: Dag Haavi Finstad * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */ #include #include #include #include #include "foreign/vas.h" #include "hssl_locks.h" static int num_locks = 0; static pthread_mutex_t *locks = NULL; static void hssl_lock_cb(int mode, int type, const char *file, int line) { (void)file; (void)line; AN(locks); assert(type >= 0 && type < num_locks); if (mode & CRYPTO_LOCK) AZ(pthread_mutex_lock(&locks[type])); else AZ(pthread_mutex_unlock(&locks[type])); } void HSSL_Locks_Init(void) { int i; assert(locks == NULL || CRYPTO_get_locking_callback() == hssl_lock_cb); if (locks != NULL) return; num_locks = CRYPTO_num_locks(); assert(num_locks > 0); locks = malloc(sizeof (pthread_mutex_t) * num_locks); AN(locks); for (i = 0; i < num_locks; i++) AZ(pthread_mutex_init(&locks[i], NULL)); AZ(CRYPTO_get_locking_callback()); CRYPTO_set_locking_callback(hssl_lock_cb); } hitch-1.4.4/src/ssl_err.h0000644000175000017500000000314512745650576012175 00000000000000/* * Copyright 2015 Varnish Software * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above * copyright notice, this list of conditions and the following * disclaimer. * * 2. Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials * provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * */ SSL_ERR(SSL_ERROR_NONE) SSL_ERR(SSL_ERROR_ZERO_RETURN) SSL_ERR(SSL_ERROR_WANT_READ) SSL_ERR(SSL_ERROR_WANT_WRITE) SSL_ERR(SSL_ERROR_WANT_CONNECT) SSL_ERR(SSL_ERROR_WANT_ACCEPT) SSL_ERR(SSL_ERROR_WANT_X509_LOOKUP) SSL_ERR(SSL_ERROR_SYSCALL) SSL_ERR(SSL_ERROR_SSL) hitch-1.4.4/src/shctx.c0000644000175000017500000002425212546560025011636 00000000000000/* * shctx.c * * Copyright (C) 2011 EXCELIANCE * * Author: Emeric Brun - emeric@exceliance.fr * */ #include #ifdef USE_SYSCALL_FUTEX #include #include #include #else /* USE_SYSCALL_FUTEX */ #include #endif /* USE_SYSCALL_FUTEX */ #include "ebtree/ebmbtree.h" #include "shctx.h" struct shared_session { struct ebmb_node key; unsigned char key_data[SSL_MAX_SSL_SESSION_ID_LENGTH]; long c_date; int data_len; unsigned char data[SHSESS_MAX_DATA_LEN]; struct shared_session *p; struct shared_session *n; }; struct shared_context { #ifdef USE_SYSCALL_FUTEX unsigned int waiters; #else /* USE_SYSCALL_FUTEX */ pthread_mutex_t mutex; #endif struct shared_session active; struct shared_session free; }; /* Static shared context */ static struct shared_context *shctx = NULL; /* Callbacks */ static void (*shared_session_new_cbk)(unsigned char *session, unsigned int session_len, long cdate); /* Lock functions */ #ifdef USE_SYSCALL_FUTEX static inline unsigned int xchg(unsigned int *ptr, unsigned int x) { __asm volatile("lock xchgl %0,%1" : "=r" (x), "+m" (*ptr) : "0" (x) : "memory"); return x; } static inline unsigned int cmpxchg(unsigned int *ptr, unsigned int old, unsigned int new) { unsigned int ret; __asm volatile("lock cmpxchgl %2,%1" : "=a" (ret), "+m" (*ptr) : "r" (new), "0" (old) : "memory"); return ret; } static inline unsigned char atomic_inc(unsigned int *ptr) { unsigned char ret; __asm volatile("lock incl %0\n" "setne %1\n" : "+m" (*ptr), "=qm" (ret) : : "memory"); return ret; } static inline unsigned char atomic_dec(unsigned int *ptr) { unsigned char ret; __asm volatile("lock decl %0\n" "setne %1\n" : "+m" (*ptr), "=qm" (ret) : : "memory"); return ret; } static inline void shared_context_lock(void) { unsigned int x; x = cmpxchg(&shctx->waiters, 0, 1); if (x) { if (x != 2) x = xchg(&shctx->waiters, 2); while (x) { syscall(SYS_futex, &shctx->waiters, FUTEX_WAIT, 2, NULL, 0, 0); x = xchg(&shctx->waiters, 2); } } } static inline void shared_context_unlock(void) { if (atomic_dec(&shctx->waiters)) { shctx->waiters = 0; syscall(SYS_futex, &shctx->waiters, FUTEX_WAKE, 1, NULL, 0, 0); } } #else /* USE_SYSCALL_FUTEX */ #define shared_context_lock(v) pthread_mutex_lock(&shctx->mutex) #define shared_context_unlock(v) pthread_mutex_unlock(&shctx->mutex) #endif /* List Macros */ #define shsess_unset(s) (s)->n->p = (s)->p; \ (s)->p->n = (s)->n; #define shsess_set_free(s) shsess_unset(s) \ (s)->p = &shctx->free; \ (s)->n = shctx->free.n; \ shctx->free.n->p = s; \ shctx->free.n = s; #define shsess_set_active(s) shsess_unset(s) \ (s)->p = &shctx->active; \ (s)->n = shctx->active.n; \ shctx->active.n->p = s; \ shctx->active.n = s; #define shsess_get_next() (shctx->free.p == shctx->free.n) ? \ shctx->active.p : shctx->free.p; /* Tree Macros */ #define shsess_tree_delete(s) ebmb_delete(&(s)->key); #define shsess_tree_insert(s) (struct shared_session *)ebmb_insert(&shctx->active.key.node.branches, \ &(s)->key, SSL_MAX_SSL_SESSION_ID_LENGTH); #define shsess_tree_lookup(k) (struct shared_session *)ebmb_lookup(&shctx->active.key.node.branches, \ (k), SSL_MAX_SSL_SESSION_ID_LENGTH); /* Other Macros */ #define shsess_set_key(s,k,l) { memcpy((s)->key_data, (k), (l)); \ if ((l) < SSL_MAX_SSL_SESSION_ID_LENGTH) \ memset((s)->key_data+(l), 0, SSL_MAX_SSL_SESSION_ID_LENGTH-(l)); }; /* SSL context callbacks */ /* SSL callback used on new session creation */ int shctx_new_cb(SSL *ssl, SSL_SESSION *sess) { (void)ssl; struct shared_session *shsess; unsigned char *data,*p; unsigned int data_len; unsigned char encsess[SHSESS_MAX_ENCODED_LEN]; /* check if session reserved size in aligned buffer is large enougth for the ASN1 encode session */ data_len=i2d_SSL_SESSION(sess, NULL); if(data_len > SHSESS_MAX_DATA_LEN) return 1; /* process ASN1 session encoding before the lock: lower cost */ p = data = encsess+SSL_MAX_SSL_SESSION_ID_LENGTH; i2d_SSL_SESSION(sess, &p); shared_context_lock(); shsess = shsess_get_next(); shsess_tree_delete(shsess); shsess_set_key(shsess, sess->session_id, sess->session_id_length); /* it returns the already existing node or current node if none, never returns null */ shsess = shsess_tree_insert(shsess); /* store ASN1 encoded session into cache */ shsess->data_len = data_len; memcpy(shsess->data, data, data_len); /* store creation date */ shsess->c_date = SSL_SESSION_get_time(sess); shsess_set_active(shsess); shared_context_unlock(); if (shared_session_new_cbk) { /* if user level callback is set */ /* copy sessionid padded with 0 into the sessionid + data aligned buffer */ memcpy(encsess, sess->session_id, sess->session_id_length); if (sess->session_id_length < SSL_MAX_SSL_SESSION_ID_LENGTH) memset(encsess+sess->session_id_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH-sess->session_id_length); shared_session_new_cbk(encsess, SSL_MAX_SSL_SESSION_ID_LENGTH+data_len, SSL_SESSION_get_time(sess)); } return 0; /* do not increment session reference count */ } /* SSL callback used on lookup an existing session cause none found in internal cache */ SSL_SESSION *shctx_get_cb(SSL *ssl, unsigned char *key, int key_len, int *do_copy) { (void)ssl; struct shared_session *shsess; unsigned char data[SHSESS_MAX_DATA_LEN], *p; unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH]; unsigned int data_len; long cdate; SSL_SESSION *sess; /* allow the session to be freed automatically by openssl */ *do_copy = 0; /* tree key is zeros padded sessionid */ if ( key_len < SSL_MAX_SSL_SESSION_ID_LENGTH ) { memcpy(tmpkey, key, key_len); memset(tmpkey+key_len, 0, SSL_MAX_SSL_SESSION_ID_LENGTH-key_len); key = tmpkey; } /* lock cache */ shared_context_lock(); /* lookup for session */ shsess = shsess_tree_lookup(key); if(!shsess) { /* no session found: unlock cache and exit */ shared_context_unlock(); return NULL; } /* backup creation date to reset in session after ASN1 decode */ cdate = shsess->c_date; /* copy ASN1 session data to decode outside the lock */ data_len = shsess->data_len; memcpy(data, shsess->data, shsess->data_len); shsess_set_active(shsess); shared_context_unlock(); /* decode ASN1 session */ p = data; sess = d2i_SSL_SESSION(NULL, (const unsigned char **)&p, data_len); /* reset creation date */ if (sess) SSL_SESSION_set_time(sess, cdate); return sess; } /* SSL callback used to signal session is no more used in internal cache */ void shctx_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess) { (void)ctx; struct shared_session *shsess; unsigned char tmpkey[SSL_MAX_SSL_SESSION_ID_LENGTH]; unsigned char *key = sess->session_id; /* tree key is zeros padded sessionid */ if ( sess->session_id_length < SSL_MAX_SSL_SESSION_ID_LENGTH ) { memcpy(tmpkey, sess->session_id, sess->session_id_length); memset(tmpkey+sess->session_id_length, 0, SSL_MAX_SSL_SESSION_ID_LENGTH-sess->session_id_length); key = tmpkey; } shared_context_lock(); /* lookup for session */ shsess = shsess_tree_lookup(key); if ( shsess ) { shsess_set_free(shsess); } /* unlock cache */ shared_context_unlock(); } /* User level function called to add a session to the cache (remote updates) */ void shctx_sess_add(const unsigned char *encsess, unsigned int len, long cdate) { struct shared_session *shsess; /* check buffer is at least padded key long + 1 byte and data_len not too long */ if ( (len <= SSL_MAX_SSL_SESSION_ID_LENGTH) || (len > SHSESS_MAX_DATA_LEN+SSL_MAX_SSL_SESSION_ID_LENGTH) ) return; shared_context_lock(); shsess = shsess_get_next(); shsess_tree_delete(shsess); shsess_set_key(shsess, encsess, SSL_MAX_SSL_SESSION_ID_LENGTH); /* it returns the already existing node or current node if none, never returns null */ shsess = shsess_tree_insert(shsess); /* store into cache and update earlier on session get events */ if (cdate) shsess->c_date = (long)cdate; /* copy ASN1 session data into cache */ shsess->data_len = len-SSL_MAX_SSL_SESSION_ID_LENGTH; memcpy(shsess->data, encsess+SSL_MAX_SSL_SESSION_ID_LENGTH, shsess->data_len); shsess_set_active(shsess); shared_context_unlock(); } /* Function used to set a callback on new session creation */ void shsess_set_new_cbk(void (*func)(unsigned char *, unsigned int, long)) { shared_session_new_cbk = func; } /* Init shared memory context if not allocated and set SSL context callbacks * size is the max number of stored session * Returns: -1 on alloc failure, size if performs context alloc, and 0 if just perform * callbacks registration */ int shared_context_init(SSL_CTX *ctx, int size) { int ret = 0; if (!shctx) { int i; #ifndef USE_SYSCALL_FUTEX pthread_mutexattr_t attr; #endif /* USE_SYSCALL_FUTEX */ struct shared_session *prev,*cur; shctx = (struct shared_context *)mmap(NULL, sizeof(struct shared_context)+(size*sizeof(struct shared_session)), PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, -1, 0); if (!shctx || shctx == MAP_FAILED) return -1; #ifdef USE_SYSCALL_FUTEX shctx->waiters = 0; #else pthread_mutexattr_init(&attr); pthread_mutexattr_setpshared(&attr, PTHREAD_PROCESS_SHARED); pthread_mutex_init(&shctx->mutex, &attr); #endif memset(&shctx->active.key, 0, sizeof(struct ebmb_node)); memset(&shctx->free.key, 0, sizeof(struct ebmb_node)); /* No duplicate authorized in tree: */ shctx->active.key.node.branches.b[1] = (void *)1; cur = &shctx->active; cur->n = cur->p = cur; cur = &shctx->free; for ( i = 0 ; i < size ; i++) { prev = cur; cur = (struct shared_session *)((char *)prev + sizeof(struct shared_session)); prev->n = cur; cur->p = prev; } cur->n = &shctx->free; shctx->free.p = cur; ret = size; } /* set SSL internal cache size to external cache / 8 + 123 */ SSL_CTX_sess_set_cache_size(ctx, size >> 3 | 0x3ff); /* Set callbacks */ SSL_CTX_sess_set_new_cb(ctx, shctx_new_cb); SSL_CTX_sess_set_get_cb(ctx, shctx_get_cb); SSL_CTX_sess_set_remove_cb(ctx, shctx_remove_cb); return ret; } hitch-1.4.4/CHANGES.rst0000644000175000017500000002405713026745263011362 00000000000000List of changes =============== This file contains the running log of changes applied to each released hitch version. hitch-1.4.4 (2016-12-22) ------------------------ * OpenSSL 1.1.0 compatibility fixes. OpenSSL 1.1.0 is now fully supported with Hitch. * Fix a bug in the OCSP refresh code that could make it loop with immediate refreshes flooding an OCSP responder. * Force the SSL_OP_SINGLE_DH_USE setting. This protects against an OpenSSL vulnerability where a remote attacker could discover private DH exponents (CVE-2016-0701). hitch-1.4.3 (2016-11-14) ------------------------ * OCSP stapling is now enabled by default. Users should create ocsp-dir (default: /var/lib/hitch/) and make it writable for the hitch user. * Build error due to man page generation on FreeBSD (most likely non-Linux) has been fixed. hitch-1.4.2 (2016-11-08) ------------------------ * Example configuration file hitch.conf.example has been shortened and defaults moved into Hitch itself. Default cipher string is now what we believe to be secure. Users are recommended to use the built-in default from now on, unless they have special requirements. * hitch.conf(5) manual has been added. * Hitch will now send a TLS Close notification during connection teardown. This fixes an incomplete read with a GnuTLS client when the backend (thttpd) used EOF to signal end of data, leaving some octets discarded by gnutls client-side. (Issue 127_) * Autotools will now detect SO_REUSEPORT availability. (Issue 122_) * Improved error handling on memory allocation failure. .. _122: https://github.com/varnish/hitch/issues/122 .. _127: https://github.com/varnish/hitch/issues/127 hitch-1.4.1 (2016-09-23) ------------------------ * Add a new ``tls-protos`` configuration option for specifying the permitted TLS/SSL protocols. This new option supersedes settings ``ssl`` and ``tls`` which are now deprecated and will be kept for backwards compatibility. hitch-1.4.0 (2016-09-12) ------------------------ * Fix a bug in the OCSP request code where it broke if the OCSP responder required a Host header. (Issue 113_) * Add support for ECC certificates. (Issue 116_) .. _113: https://github.com/varnish/hitch/issues/113 .. _116: https://github.com/varnish/hitch/issues/116 hitch-1.4.0-beta1 (2016-08-26) ------------------------------ * NPN/ALPN support for negotiating a protocol in the SSL handshake. This lets you use Hitch for terminating TLS in front of an HTTP/2 capable backend. For ALPN, OpenSSL 1.0.2 is needed, while NPN requires OpenSSL 1.0.1. * Expanded PROXY protocol support for communicating an ALPN/NPN negotiated protocol to the backend. Hitch will now include the ALPN/NPN protocol that was selected during the handshake as part of the PROXYv2 header. hitch-1.3.1 (2016-08-16) ------------------------ * Fixes a bug in the autotools configuration which led to man pages not being built. hitch-1.3.0 (2016-08-16) ------------------------ * Fix a bug where we crashed in the OCSP handling if there was no default SSLCTX configured. * Minor documentation fix. hitch-1.3.0-beta3 (2016-07-26) ------------------------------ * Fully automated retrieval and refreshes of OCSP responses (see configuration.md for details). * New parameters ``ocsp-dir``, ``ocsp-resp-tmo`` and ``ocsp-connect-tmo``. * Cleanup of various log messages. * Verification of OCSP staples. Enabled by setting ``ocsp-verify-staple = on``. * Make rst2man an optional requirement (Issue 93_). Thanks to Barry Allard. * Avoid stapling expired OCSP responses. * A few fixes to the shared cache updating code. Thanks to Piyush Dewnani. .. _93: https://github.com/varnish/hitch/issues/93 hitch-1.3.0-beta2 (2016-05-31) ------------------------------ * Options given on the command line now take presedence over configuration file settings. I.e. there is no longer a need to specify ``--config`` first to get this behavior. * Config file regression: "yes" and "no" are now accepted by the config file parser as boolean values. * Documentation improvements and spelling fixes. * Various minor autotools build fixes. hitch-1.3.0-beta1 (2016-05-11) ------------------------------ * Support for OCSP stapling (see configuration.md for details) * Initialize OpenSSL locking callback if an engine is loaded. Some SSL accelerator cards have their custom SSL engine running in a multithreaded context. For these to work correctly, Hitch needs to initialize a set of mutexes utilized by the OpenSSL library. * Issue 82_: A mistake in the SNI lookup code caused us to inspect the wrong list when looking for wildcard certificate matches. .. _82: https://github.com/varnish/hitch/issues/82 hitch-1.2.0 (2016-04-19) ------------------------ * Fixes two minor leaks discovered by Coverity * Issue 72_: Fix a error handling for command line --frontend option. * Various autotools improvements * Parallel make check .. _72: https://github.com/varnish/hitch/issues/72 hitch-1.2.0-beta1 (2016-02-25) ------------------------------ * Expanded configuration file format to permit settings various options at a more granular level. * The following options can now be set on a per-frontend basis: ``pem-file``, ``ssl``, ``tls``, ``ciphers``, ``prefer-server-ciphers``, ``sni-nomatch-abort`` * Added options ``host`` and ``port`` for specifying the listening endpoint in a ``frontend`` block. * Added option ``match-global-certs`` (available in a ``frontend`` declaration) hitch-1.1.1 (2016-01-26) ------------------------ * Remove compiler warning on FreeBSD. * Fix fatal build error for manpage on FreeBSD. * Issue 55_: Fix a bug which caused the Hitch worker threads to sometimes hit an assert after a configuration reload. * Issue 57_: Slightly reorganize assertion handling. * Issue 52_: Fix a bug where we would crash on --help. * Various minor documentation changes. .. _57: https://github.com/varnish/hitch/issues/57 .. _55: https://github.com/varnish/hitch/issues/55 .. _52: https://github.com/varnish/hitch/issues/52 hitch-1.1.0 (2015-11-20) ------------------------ * Avoid leaking memory if failing to create an SSL context. (Coverity) * Fix possible memory leak in create_listen_sock(). (Coverity) hitch-1.1.0-beta1 (2015-11-06) ------------------------------ * [dist] init.hitch file has been removed, CHANGES.rst is now distributed. * [configure] session cache support can now be enabled. (default off) * Fixes an off-by-one bug that broke wildcard certificate matching. * Set the IPV6_V6ONLY socket option for IPv6 listen sockets in order to avoid conflicts between INADDR_ANY and IN6ADDR_ANY. * Uninterrupted configuration reload of PEM files and frontend listen endpoints. * Priv-sep: To permit configuration reloads, privileges are now dropped in the child processes, and elevated privileges are retained in the management process. * Various error messages are now rewritten to be more specific about what went wrong. * A warning is issued if multiple certificates contain identical server name entries. * Initialize ECDH also for certificates without DH parameters (patch from Fedor Indutny). hitch-1.0.1 (2015-10-15) ------------------------ * Fix configuration parsing bug skipping short values, typically "workers = 1". * Tarball now contains an example configuration file. hitch-1.0.0 (2015-10-07) ------------------------ * A hash table is now used for faster SNI lookups. * Hitch binary has been renamed back to `hitch`, previously `hitch-openssl`. * Man page is updated. hitch-1.0.0-beta5 (2015-08-17) ------------------------------ * Issue 37_: Fixes a bug related to a varargs buffer that was consumed twice with syslog logging enabled. * --default-config retired and replaced by shipping a sample configuration file. * Use accept4() where supported. * --write-proxy now defaults to PROXY v2. This is a BREAKING CHANGE if PROXY1 is used. For PROXY v1, use --write-proxy-v1 explicitly. * Various minor error handling fixes. .. _37: https://github.com/varnish/hitch/issues/37 hitch 1.0.0-beta4 (2015-07-08) ------------------------------ In general beta4 contains fixes to problems found with Coverity. These were all of minor character, but were fixed for completeness. Source code has been reindented from 3-4 different formatting styles to FreeBSD style. hitch 1.0.0-beta3 (2015-06-18) ------------------------------ * Drop supplementary groups when doing setgid(). (Issue 31_) * Add --sni-nomatch-abort which abort connections on unknown SNI server name. (useful for avoiding certificate warnings in clients attempting probabilistic TLS upgrades) * Remove cosmetic NULL-check before free(). (Issue 26_) * Avoid segfault when testing configuration with -t. (Issue 22_) * Minor helptext changes. .. _31: https://github.com/varnish/hitch/issues/31 .. _26: https://github.com/varnish/hitch/issues/26 .. _22: https://github.com/varnish/hitch/issues/22 hitch 1.0.0-beta2 (2015-05-22) ------------------------------ * New --pidfile argument. * Fixed bug in certificate ordering, avoiding wrong cert being provided when running on dualstack servers. (found by test framework!) * Rudimentary test framework implemented. * Init script updates provided by Denis Brækhus. * FreeBSD installation instructions added. (contributed by Ryan Steinmetz) * autoconf configuration updated to work on EL6. * Some forgotten references to stud were updated. hitch 1.0.0-beta1 (2015-05-13) ------------------------------ Hitch 1.0.0-beta1 is based on stud 0.3.2. A selected set of public patches from github forks were applied. Notable changes: * TLS v1.0, TLS v1.1 and TLS v1.2 support. * Support for SNI added. * Support PROXYv1 and PROXYv2 protocol to origin. * Multiple listening sockets with possibly different default key/certificate. * Wildcard certificates are supported. (with and without SNI.) * SSL3.0 must now be enabled explicitly. Various minor and stylistic fixed issues: * Properly clean SSL error queue. * Do not segfault if backend is not ready. * Logging now knows about IPv6. * IPv6 adresses should now use bracketed notation. * Additional timeouts for backend connect and SSL handshake added. * autoconf/automake is now used for building hitch. hitch-1.4.4/hitch.man.rst0000644000175000017500000001045313003667032012146 00000000000000 .. _hitch(8): ===== Hitch ===== -------------------------- high performance TLS proxy -------------------------- :Manual section: 8 Synopsis ======== hitch [OPTIONS] [PEM] Description =========== Hitch is a network proxy that terminates TLS/SSL connections and forwards the unencrypted traffic to some backend. It's designed to handle 10s of thousands of connections efficiently on multicore machines. Hitch has very few features -- it's designed to be paired with an intelligent backend like Varnish Cache. It maintains a strict 1:1 connection pattern with this backend handler so that the backend can dictate throttling behavior, maximum connection behavior, availability of service, etc. The only required argument is a path to a PEM file that contains the certificate (or a chain of certificates) and private key. It should also contain DH parameter if you wish to use Diffie-Hellman cipher suites. Command line arguments ====================== --config=FILE Load configuration from specified file. See `hitch.conf(5)` for details. --tls All TLS versions, no SSLv3 (deprecated). See config file setting ``tls-protos``. --ssl enable SSLv3 (deprecated). See config file setting ``tls-protos``. -c --ciphers=SUITE Sets allowed ciphers (Default: "") -e --ssl-engine=NAME Sets OpenSSL engine (Default: "") -O --prefer-server-ciphers Prefer server list order --client Enable client proxy mode -b --backend=[HOST]:PORT Backend [connect] (default is "[127.0.0.1]:8000") -f --frontend=[HOST]:PORT[+CERT] Frontend [bind] (default is "[*]:8443") (Note: brackets are mandatory in endpoint specifiers.) -n --workers=NUM Number of worker processes (Default: 1) -B --backlog=NUM Set listen backlog size (Default: 100) -k --keepalive=SECS TCP keepalive on client socket (Default: 3600) -r --chroot=DIR Sets chroot directory (Default: "") -u --user=USER Set uid/gid after binding the socket (Default: "") -g --group=GROUP Set gid after binding the socket (Default: "") -q --quiet Be quiet; emit only error messages -s --syslog Send log message to syslog in addition to stderr/stdout --syslog-facility=FACILITY Syslog facility to use (Default: "daemon") --daemon Fork into background and become a daemon; this also sets the --quiet option (Default: off) --write-ip Write 1 octet with the IP family followed by the IP address in 4 (IPv4) or 16 (IPv6) octets little-endian to backend before the actual data (Default: off) --write-proxy-v1 Write HaProxy's PROXY v1 (IPv4 or IPv6) protocol line before actual data (Default: off) --write-proxy-v2 Write HaProxy's PROXY v2 binary (IPv4 or IPv6) protocol line before actual data (Default: off) --write-proxy Equivalent to --write-proxy-v2. For PROXY version 1 use --write-proxy-v1 explicitly --proxy-proxy Proxy HaProxy's PROXY (IPv4 or IPv6) protocol line before actual data (PROXY v1 only) (Default: off) --alpn-protos=LIST Sets the protocols for ALPN/NPN negotiation, given by a comma separated list. If this is not set explicitly, ALPN/NPN will not be used. Requires OpenSSL 1.0.1 for NPN and OpenSSL 1.0.2 for ALPN. --sni-nomatch-abort Abort handshake when client submits an unrecognized SNI server name (Default: off) --ocsp-dir=DIR Set OCSP staple cache directory This enables automated retrieval and stapling of OCSP responses (Default: "") -t --test Test configuration and exit -p --pidfile=FILE PID file -V --version Print program version and exit -h --help This help message History ======= Hitch was originally called stud and was written by Jamie Turner at Bump.com. hitch-1.4.4/missing0000755000175000017500000001533013006223057011137 00000000000000#! /bin/sh # Common wrapper for a few potentially missing GNU programs. scriptversion=2013-10-28.13; # UTC # Copyright (C) 1996-2014 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard , 1996. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. if test $# -eq 0; then echo 1>&2 "Try '$0 --help' for more information" exit 1 fi case $1 in --is-lightweight) # Used by our autoconf macros to check whether the available missing # script is modern enough. exit 0 ;; --run) # Back-compat with the calling convention used by older automake. shift ;; -h|--h|--he|--hel|--help) echo "\ $0 [OPTION]... PROGRAM [ARGUMENT]... Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due to PROGRAM being missing or too old. Options: -h, --help display this help and exit -v, --version output version information and exit Supported PROGRAM values: aclocal autoconf autoheader autom4te automake makeinfo bison yacc flex lex help2man Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and 'g' are ignored when checking the name. Send bug reports to ." exit $? ;; -v|--v|--ve|--ver|--vers|--versi|--versio|--version) echo "missing $scriptversion (GNU Automake)" exit $? ;; -*) echo 1>&2 "$0: unknown '$1' option" echo 1>&2 "Try '$0 --help' for more information" exit 1 ;; esac # Run the given program, remember its exit status. "$@"; st=$? # If it succeeded, we are done. test $st -eq 0 && exit 0 # Also exit now if we it failed (or wasn't found), and '--version' was # passed; such an option is passed most likely to detect whether the # program is present and works. case $2 in --version|--help) exit $st;; esac # Exit code 63 means version mismatch. This often happens when the user # tries to use an ancient version of a tool on a file that requires a # minimum version. if test $st -eq 63; then msg="probably too old" elif test $st -eq 127; then # Program was missing. msg="missing on your system" else # Program was found and executed, but failed. Give up. exit $st fi perl_URL=http://www.perl.org/ flex_URL=http://flex.sourceforge.net/ gnu_software_URL=http://www.gnu.org/software program_details () { case $1 in aclocal|automake) echo "The '$1' program is part of the GNU Automake package:" echo "<$gnu_software_URL/automake>" echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:" echo "<$gnu_software_URL/autoconf>" echo "<$gnu_software_URL/m4/>" echo "<$perl_URL>" ;; autoconf|autom4te|autoheader) echo "The '$1' program is part of the GNU Autoconf package:" echo "<$gnu_software_URL/autoconf/>" echo "It also requires GNU m4 and Perl in order to run:" echo "<$gnu_software_URL/m4/>" echo "<$perl_URL>" ;; esac } give_advice () { # Normalize program name to check for. normalized_program=`echo "$1" | sed ' s/^gnu-//; t s/^gnu//; t s/^g//; t'` printf '%s\n' "'$1' is $msg." configure_deps="'configure.ac' or m4 files included by 'configure.ac'" case $normalized_program in autoconf*) echo "You should only need it if you modified 'configure.ac'," echo "or m4 files included by it." program_details 'autoconf' ;; autoheader*) echo "You should only need it if you modified 'acconfig.h' or" echo "$configure_deps." program_details 'autoheader' ;; automake*) echo "You should only need it if you modified 'Makefile.am' or" echo "$configure_deps." program_details 'automake' ;; aclocal*) echo "You should only need it if you modified 'acinclude.m4' or" echo "$configure_deps." program_details 'aclocal' ;; autom4te*) echo "You might have modified some maintainer files that require" echo "the 'autom4te' program to be rebuilt." program_details 'autom4te' ;; bison*|yacc*) echo "You should only need it if you modified a '.y' file." echo "You may want to install the GNU Bison package:" echo "<$gnu_software_URL/bison/>" ;; lex*|flex*) echo "You should only need it if you modified a '.l' file." echo "You may want to install the Fast Lexical Analyzer package:" echo "<$flex_URL>" ;; help2man*) echo "You should only need it if you modified a dependency" \ "of a man page." echo "You may want to install the GNU Help2man package:" echo "<$gnu_software_URL/help2man/>" ;; makeinfo*) echo "You should only need it if you modified a '.texi' file, or" echo "any other file indirectly affecting the aspect of the manual." echo "You might want to install the Texinfo package:" echo "<$gnu_software_URL/texinfo/>" echo "The spurious makeinfo call might also be the consequence of" echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might" echo "want to install GNU make:" echo "<$gnu_software_URL/make/>" ;; *) echo "You might have modified some files without having the proper" echo "tools for further handling them. Check the 'README' file, it" echo "often tells you about the needed prerequisites for installing" echo "this package. You may also peek at any GNU archive site, in" echo "case some other package contains this missing '$1' program." ;; esac } give_advice "$1" | sed -e '1s/^/WARNING: /' \ -e '2,$s/^/ /' >&2 # Propagate the correct exit status (expected to be 127 for a program # not found, 63 for a program that failed due to version mismatch). exit $st # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/build-aux/0000755000175000017500000000000013026756721011523 500000000000000hitch-1.4.4/build-aux/depcomp0000755000175000017500000005601613006223057013015 00000000000000#! /bin/sh # depcomp - compile a program generating dependencies as side-effects scriptversion=2013-05-30.07; # UTC # Copyright (C) 1999-2014 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Originally written by Alexandre Oliva . case $1 in '') echo "$0: No command. Try '$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: depcomp [--help] [--version] PROGRAM [ARGS] Run PROGRAMS ARGS to compile a file, generating dependencies as side-effects. Environment variables: depmode Dependency tracking mode. source Source file read by 'PROGRAMS ARGS'. object Object file output by 'PROGRAMS ARGS'. DEPDIR directory where to store dependencies. depfile Dependency file to output. tmpdepfile Temporary file to use when outputting dependencies. libtool Whether libtool is used (yes/no). Report bugs to . EOF exit $? ;; -v | --v*) echo "depcomp $scriptversion" exit $? ;; esac # Get the directory component of the given path, and save it in the # global variables '$dir'. Note that this directory component will # be either empty or ending with a '/' character. This is deliberate. set_dir_from () { case $1 in */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;; *) dir=;; esac } # Get the suffix-stripped basename of the given path, and save it the # global variable '$base'. set_base_from () { base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'` } # If no dependency file was actually created by the compiler invocation, # we still have to create a dummy depfile, to avoid errors with the # Makefile "include basename.Plo" scheme. make_dummy_depfile () { echo "#dummy" > "$depfile" } # Factor out some common post-processing of the generated depfile. # Requires the auxiliary global variable '$tmpdepfile' to be set. aix_post_process_depfile () { # If the compiler actually managed to produce a dependency file, # post-process it. if test -f "$tmpdepfile"; then # Each line is of the form 'foo.o: dependency.h'. # Do two passes, one to just change these to # $object: dependency.h # and one to simply output # dependency.h: # which is needed to avoid the deleted-header problem. { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile" sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile" } > "$depfile" rm -f "$tmpdepfile" else make_dummy_depfile fi } # A tabulation character. tab=' ' # A newline character. nl=' ' # Character ranges might be problematic outside the C locale. # These definitions help. upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ lower=abcdefghijklmnopqrstuvwxyz digits=0123456789 alpha=${upper}${lower} if test -z "$depmode" || test -z "$source" || test -z "$object"; then echo "depcomp: Variables source, object and depmode must be set" 1>&2 exit 1 fi # Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po. depfile=${depfile-`echo "$object" | sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`} tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} rm -f "$tmpdepfile" # Avoid interferences from the environment. gccflag= dashmflag= # Some modes work just like other modes, but use different flags. We # parameterize here, but still list the modes in the big case below, # to make depend.m4 easier to write. Note that we *cannot* use a case # here, because this file can only contain one case statement. if test "$depmode" = hp; then # HP compiler uses -M and no extra arg. gccflag=-M depmode=gcc fi if test "$depmode" = dashXmstdout; then # This is just like dashmstdout with a different argument. dashmflag=-xM depmode=dashmstdout fi cygpath_u="cygpath -u -f -" if test "$depmode" = msvcmsys; then # This is just like msvisualcpp but w/o cygpath translation. # Just convert the backslash-escaped backslashes to single forward # slashes to satisfy depend.m4 cygpath_u='sed s,\\\\,/,g' depmode=msvisualcpp fi if test "$depmode" = msvc7msys; then # This is just like msvc7 but w/o cygpath translation. # Just convert the backslash-escaped backslashes to single forward # slashes to satisfy depend.m4 cygpath_u='sed s,\\\\,/,g' depmode=msvc7 fi if test "$depmode" = xlc; then # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information. gccflag=-qmakedep=gcc,-MF depmode=gcc fi case "$depmode" in gcc3) ## gcc 3 implements dependency tracking that does exactly what ## we want. Yay! Note: for some reason libtool 1.4 doesn't like ## it if -MD -MP comes after the -MF stuff. Hmm. ## Unfortunately, FreeBSD c89 acceptance of flags depends upon ## the command line argument order; so add the flags where they ## appear in depend2.am. Note that the slowdown incurred here ## affects only configure: in makefiles, %FASTDEP% shortcuts this. for arg do case $arg in -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;; *) set fnord "$@" "$arg" ;; esac shift # fnord shift # $arg done "$@" stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi mv "$tmpdepfile" "$depfile" ;; gcc) ## Note that this doesn't just cater to obsosete pre-3.x GCC compilers. ## but also to in-use compilers like IMB xlc/xlC and the HP C compiler. ## (see the conditional assignment to $gccflag above). ## There are various ways to get dependency output from gcc. Here's ## why we pick this rather obscure method: ## - Don't want to use -MD because we'd like the dependencies to end ## up in a subdir. Having to rename by hand is ugly. ## (We might end up doing this anyway to support other compilers.) ## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like ## -MM, not -M (despite what the docs say). Also, it might not be ## supported by the other compilers which use the 'gcc' depmode. ## - Using -M directly means running the compiler twice (even worse ## than renaming). if test -z "$gccflag"; then gccflag=-MD, fi "$@" -Wp,"$gccflag$tmpdepfile" stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" echo "$object : \\" > "$depfile" # The second -e expression handles DOS-style file names with drive # letters. sed -e 's/^[^:]*: / /' \ -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" ## This next piece of magic avoids the "deleted header file" problem. ## The problem is that when a header file which appears in a .P file ## is deleted, the dependency causes make to die (because there is ## typically no way to rebuild the header). We avoid this by adding ## dummy dependencies for each header file. Too bad gcc doesn't do ## this for us directly. ## Some versions of gcc put a space before the ':'. On the theory ## that the space means something, we add a space to the output as ## well. hp depmode also adds that space, but also prefixes the VPATH ## to the object. Take care to not repeat it in the output. ## Some versions of the HPUX 10.20 sed can't process this invocation ## correctly. Breaking it into two sed invocations is a workaround. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; hp) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; sgi) if test "$libtool" = yes; then "$@" "-Wp,-MDupdate,$tmpdepfile" else "$@" -MDupdate "$tmpdepfile" fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files echo "$object : \\" > "$depfile" # Clip off the initial element (the dependent). Don't try to be # clever and replace this with sed code, as IRIX sed won't handle # lines with more than a fixed number of characters (4096 in # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; # the IRIX cc adds comments like '#:fec' to the end of the # dependency line. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \ | tr "$nl" ' ' >> "$depfile" echo >> "$depfile" # The second pass generates a dummy entry for each header file. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ >> "$depfile" else make_dummy_depfile fi rm -f "$tmpdepfile" ;; xlc) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; aix) # The C for AIX Compiler uses -M and outputs the dependencies # in a .u file. In older versions, this file always lives in the # current directory. Also, the AIX compiler puts '$object:' at the # start of each line; $object doesn't have directory information. # Version 6 uses the directory in both cases. set_dir_from "$object" set_base_from "$object" if test "$libtool" = yes; then tmpdepfile1=$dir$base.u tmpdepfile2=$base.u tmpdepfile3=$dir.libs/$base.u "$@" -Wc,-M else tmpdepfile1=$dir$base.u tmpdepfile2=$dir$base.u tmpdepfile3=$dir$base.u "$@" -M fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" exit $stat fi for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" do test -f "$tmpdepfile" && break done aix_post_process_depfile ;; tcc) # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26 # FIXME: That version still under development at the moment of writing. # Make that this statement remains true also for stable, released # versions. # It will wrap lines (doesn't matter whether long or short) with a # trailing '\', as in: # # foo.o : \ # foo.c \ # foo.h \ # # It will put a trailing '\' even on the last line, and will use leading # spaces rather than leading tabs (at least since its commit 0394caf7 # "Emit spaces for -MD"). "$@" -MD -MF "$tmpdepfile" stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'. # We have to change lines of the first kind to '$object: \'. sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile" # And for each line of the second kind, we have to emit a 'dep.h:' # dummy dependency, to avoid the deleted-header problem. sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile" rm -f "$tmpdepfile" ;; ## The order of this option in the case statement is important, since the ## shell code in configure will try each of these formats in the order ## listed in this file. A plain '-MD' option would be understood by many ## compilers, so we must ensure this comes after the gcc and icc options. pgcc) # Portland's C compiler understands '-MD'. # Will always output deps to 'file.d' where file is the root name of the # source file under compilation, even if file resides in a subdirectory. # The object file name does not affect the name of the '.d' file. # pgcc 10.2 will output # foo.o: sub/foo.c sub/foo.h # and will wrap long lines using '\' : # foo.o: sub/foo.c ... \ # sub/foo.h ... \ # ... set_dir_from "$object" # Use the source, not the object, to determine the base name, since # that's sadly what pgcc will do too. set_base_from "$source" tmpdepfile=$base.d # For projects that build the same source file twice into different object # files, the pgcc approach of using the *source* file root name can cause # problems in parallel builds. Use a locking strategy to avoid stomping on # the same $tmpdepfile. lockdir=$base.d-lock trap " echo '$0: caught signal, cleaning up...' >&2 rmdir '$lockdir' exit 1 " 1 2 13 15 numtries=100 i=$numtries while test $i -gt 0; do # mkdir is a portable test-and-set. if mkdir "$lockdir" 2>/dev/null; then # This process acquired the lock. "$@" -MD stat=$? # Release the lock. rmdir "$lockdir" break else # If the lock is being held by a different process, wait # until the winning process is done or we timeout. while test -d "$lockdir" && test $i -gt 0; do sleep 1 i=`expr $i - 1` done fi i=`expr $i - 1` done trap - 1 2 13 15 if test $i -le 0; then echo "$0: failed to acquire lock after $numtries attempts" >&2 echo "$0: check lockdir '$lockdir'" >&2 exit 1 fi if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" # Each line is of the form `foo.o: dependent.h', # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. # Do two passes, one to just change these to # `$object: dependent.h' and one to simply `dependent.h:'. sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process this invocation # correctly. Breaking it into two sed invocations is a workaround. sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; hp2) # The "hp" stanza above does not work with aCC (C++) and HP's ia64 # compilers, which have integrated preprocessors. The correct option # to use with these is +Maked; it writes dependencies to a file named # 'foo.d', which lands next to the object file, wherever that # happens to be. # Much of this is similar to the tru64 case; see comments there. set_dir_from "$object" set_base_from "$object" if test "$libtool" = yes; then tmpdepfile1=$dir$base.d tmpdepfile2=$dir.libs/$base.d "$@" -Wc,+Maked else tmpdepfile1=$dir$base.d tmpdepfile2=$dir$base.d "$@" +Maked fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" exit $stat fi for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" do test -f "$tmpdepfile" && break done if test -f "$tmpdepfile"; then sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile" # Add 'dependent.h:' lines. sed -ne '2,${ s/^ *// s/ \\*$// s/$/:/ p }' "$tmpdepfile" >> "$depfile" else make_dummy_depfile fi rm -f "$tmpdepfile" "$tmpdepfile2" ;; tru64) # The Tru64 compiler uses -MD to generate dependencies as a side # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'. # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put # dependencies in 'foo.d' instead, so we check for that too. # Subdirectories are respected. set_dir_from "$object" set_base_from "$object" if test "$libtool" = yes; then # Libtool generates 2 separate objects for the 2 libraries. These # two compilations output dependencies in $dir.libs/$base.o.d and # in $dir$base.o.d. We have to check for both files, because # one of the two compilations can be disabled. We should prefer # $dir$base.o.d over $dir.libs/$base.o.d because the latter is # automatically cleaned when .libs/ is deleted, while ignoring # the former would cause a distcleancheck panic. tmpdepfile1=$dir$base.o.d # libtool 1.5 tmpdepfile2=$dir.libs/$base.o.d # Likewise. tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504 "$@" -Wc,-MD else tmpdepfile1=$dir$base.d tmpdepfile2=$dir$base.d tmpdepfile3=$dir$base.d "$@" -MD fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" exit $stat fi for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" do test -f "$tmpdepfile" && break done # Same post-processing that is required for AIX mode. aix_post_process_depfile ;; msvc7) if test "$libtool" = yes; then showIncludes=-Wc,-showIncludes else showIncludes=-showIncludes fi "$@" $showIncludes > "$tmpdepfile" stat=$? grep -v '^Note: including file: ' "$tmpdepfile" if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" echo "$object : \\" > "$depfile" # The first sed program below extracts the file names and escapes # backslashes for cygpath. The second sed program outputs the file # name when reading, but also accumulates all include files in the # hold buffer in order to output them again at the end. This only # works with sed implementations that can handle large buffers. sed < "$tmpdepfile" -n ' /^Note: including file: *\(.*\)/ { s//\1/ s/\\/\\\\/g p }' | $cygpath_u | sort -u | sed -n ' s/ /\\ /g s/\(.*\)/'"$tab"'\1 \\/p s/.\(.*\) \\/\1:/ H $ { s/.*/'"$tab"'/ G p }' >> "$depfile" echo >> "$depfile" # make sure the fragment doesn't end with a backslash rm -f "$tmpdepfile" ;; msvc7msys) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; #nosideeffect) # This comment above is used by automake to tell side-effect # dependency tracking mechanisms from slower ones. dashmstdout) # Important note: in order to support this mode, a compiler *must* # always write the preprocessed file to stdout, regardless of -o. "$@" || exit $? # Remove the call to Libtool. if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi # Remove '-o $object'. IFS=" " for arg do case $arg in -o) shift ;; $object) shift ;; *) set fnord "$@" "$arg" shift # fnord shift # $arg ;; esac done test -z "$dashmflag" && dashmflag=-M # Require at least two characters before searching for ':' # in the target name. This is to cope with DOS-style filenames: # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise. "$@" $dashmflag | sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile" rm -f "$depfile" cat < "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process this sed invocation # correctly. Breaking it into two sed invocations is a workaround. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; dashXmstdout) # This case only exists to satisfy depend.m4. It is never actually # run, as this mode is specially recognized in the preamble. exit 1 ;; makedepend) "$@" || exit $? # Remove any Libtool call if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi # X makedepend shift cleared=no eat=no for arg do case $cleared in no) set ""; shift cleared=yes ;; esac if test $eat = yes; then eat=no continue fi case "$arg" in -D*|-I*) set fnord "$@" "$arg"; shift ;; # Strip any option that makedepend may not understand. Remove # the object too, otherwise makedepend will parse it as a source file. -arch) eat=yes ;; -*|$object) ;; *) set fnord "$@" "$arg"; shift ;; esac done obj_suffix=`echo "$object" | sed 's/^.*\././'` touch "$tmpdepfile" ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" rm -f "$depfile" # makedepend may prepend the VPATH from the source file name to the object. # No need to regex-escape $object, excess matching of '.' is harmless. sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process the last invocation # correctly. Breaking it into two sed invocations is a workaround. sed '1,2d' "$tmpdepfile" \ | tr ' ' "$nl" \ | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" "$tmpdepfile".bak ;; cpp) # Important note: in order to support this mode, a compiler *must* # always write the preprocessed file to stdout. "$@" || exit $? # Remove the call to Libtool. if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi # Remove '-o $object'. IFS=" " for arg do case $arg in -o) shift ;; $object) shift ;; *) set fnord "$@" "$arg" shift # fnord shift # $arg ;; esac done "$@" -E \ | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ | sed '$ s: \\$::' > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" cat < "$tmpdepfile" >> "$depfile" sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; msvisualcpp) # Important note: in order to support this mode, a compiler *must* # always write the preprocessed file to stdout. "$@" || exit $? # Remove the call to Libtool. if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi IFS=" " for arg do case "$arg" in -o) shift ;; $object) shift ;; "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") set fnord "$@" shift shift ;; *) set fnord "$@" "$arg" shift shift ;; esac done "$@" -E 2>/dev/null | sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile" echo "$tab" >> "$depfile" sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile" rm -f "$tmpdepfile" ;; msvcmsys) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; none) exec "$@" ;; *) echo "Unknown depmode $depmode" 1>&2 exit 1 ;; esac exit 0 # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/build-aux/test-driver0000755000175000017500000001104013006223057013622 00000000000000#! /bin/sh # test-driver - basic testsuite driver script. scriptversion=2013-07-13.22; # UTC # Copyright (C) 2011-2014 Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # This file is maintained in Automake, please report # bugs to or send patches to # . # Make unconditional expansion of undefined variables an error. This # helps a lot in preventing typo-related bugs. set -u usage_error () { echo "$0: $*" >&2 print_usage >&2 exit 2 } print_usage () { cat <$log_file 2>&1 estatus=$? if test $enable_hard_errors = no && test $estatus -eq 99; then tweaked_estatus=1 else tweaked_estatus=$estatus fi case $tweaked_estatus:$expect_failure in 0:yes) col=$red res=XPASS recheck=yes gcopy=yes;; 0:*) col=$grn res=PASS recheck=no gcopy=no;; 77:*) col=$blu res=SKIP recheck=no gcopy=yes;; 99:*) col=$mgn res=ERROR recheck=yes gcopy=yes;; *:yes) col=$lgn res=XFAIL recheck=no gcopy=yes;; *:*) col=$red res=FAIL recheck=yes gcopy=yes;; esac # Report the test outcome and exit status in the logs, so that one can # know whether the test passed or failed simply by looking at the '.log' # file, without the need of also peaking into the corresponding '.trs' # file (automake bug#11814). echo "$res $test_name (exit status: $estatus)" >>$log_file # Report outcome to console. echo "${col}${res}${std}: $test_name" # Register the test result, and other relevant metadata. echo ":test-result: $res" > $trs_file echo ":global-test-result: $res" >> $trs_file echo ":recheck: $recheck" >> $trs_file echo ":copy-in-global-log: $gcopy" >> $trs_file # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/build-aux/compile0000755000175000017500000001624513006223057013016 00000000000000#! /bin/sh # Wrapper for compilers which do not understand '-c -o'. scriptversion=2012-10-14.11; # UTC # Copyright (C) 1999-2014 Free Software Foundation, Inc. # Written by Tom Tromey . # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # This file is maintained in Automake, please report # bugs to or send patches to # . nl=' ' # We need space, tab and new line, in precisely that order. Quoting is # there to prevent tools from complaining about whitespace usage. IFS=" "" $nl" file_conv= # func_file_conv build_file lazy # Convert a $build file to $host form and store it in $file # Currently only supports Windows hosts. If the determined conversion # type is listed in (the comma separated) LAZY, no conversion will # take place. func_file_conv () { file=$1 case $file in / | /[!/]*) # absolute file, and not a UNC file if test -z "$file_conv"; then # lazily determine how to convert abs files case `uname -s` in MINGW*) file_conv=mingw ;; CYGWIN*) file_conv=cygwin ;; *) file_conv=wine ;; esac fi case $file_conv/,$2, in *,$file_conv,*) ;; mingw/*) file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` ;; cygwin/*) file=`cygpath -m "$file" || echo "$file"` ;; wine/*) file=`winepath -w "$file" || echo "$file"` ;; esac ;; esac } # func_cl_dashL linkdir # Make cl look for libraries in LINKDIR func_cl_dashL () { func_file_conv "$1" if test -z "$lib_path"; then lib_path=$file else lib_path="$lib_path;$file" fi linker_opts="$linker_opts -LIBPATH:$file" } # func_cl_dashl library # Do a library search-path lookup for cl func_cl_dashl () { lib=$1 found=no save_IFS=$IFS IFS=';' for dir in $lib_path $LIB do IFS=$save_IFS if $shared && test -f "$dir/$lib.dll.lib"; then found=yes lib=$dir/$lib.dll.lib break fi if test -f "$dir/$lib.lib"; then found=yes lib=$dir/$lib.lib break fi if test -f "$dir/lib$lib.a"; then found=yes lib=$dir/lib$lib.a break fi done IFS=$save_IFS if test "$found" != yes; then lib=$lib.lib fi } # func_cl_wrapper cl arg... # Adjust compile command to suit cl func_cl_wrapper () { # Assume a capable shell lib_path= shared=: linker_opts= for arg do if test -n "$eat"; then eat= else case $1 in -o) # configure might choose to run compile as 'compile cc -o foo foo.c'. eat=1 case $2 in *.o | *.[oO][bB][jJ]) func_file_conv "$2" set x "$@" -Fo"$file" shift ;; *) func_file_conv "$2" set x "$@" -Fe"$file" shift ;; esac ;; -I) eat=1 func_file_conv "$2" mingw set x "$@" -I"$file" shift ;; -I*) func_file_conv "${1#-I}" mingw set x "$@" -I"$file" shift ;; -l) eat=1 func_cl_dashl "$2" set x "$@" "$lib" shift ;; -l*) func_cl_dashl "${1#-l}" set x "$@" "$lib" shift ;; -L) eat=1 func_cl_dashL "$2" ;; -L*) func_cl_dashL "${1#-L}" ;; -static) shared=false ;; -Wl,*) arg=${1#-Wl,} save_ifs="$IFS"; IFS=',' for flag in $arg; do IFS="$save_ifs" linker_opts="$linker_opts $flag" done IFS="$save_ifs" ;; -Xlinker) eat=1 linker_opts="$linker_opts $2" ;; -*) set x "$@" "$1" shift ;; *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) func_file_conv "$1" set x "$@" -Tp"$file" shift ;; *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) func_file_conv "$1" mingw set x "$@" "$file" shift ;; *) set x "$@" "$1" shift ;; esac fi shift done if test -n "$linker_opts"; then linker_opts="-link$linker_opts" fi exec "$@" $linker_opts exit 1 } eat= case $1 in '') echo "$0: No command. Try '$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: compile [--help] [--version] PROGRAM [ARGS] Wrapper for compilers which do not understand '-c -o'. Remove '-o dest.o' from ARGS, run PROGRAM with the remaining arguments, and rename the output as expected. If you are trying to build a whole package this is not the right script to run: please start by reading the file 'INSTALL'. Report bugs to . EOF exit $? ;; -v | --v*) echo "compile $scriptversion" exit $? ;; cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) func_cl_wrapper "$@" # Doesn't return... ;; esac ofile= cfile= for arg do if test -n "$eat"; then eat= else case $1 in -o) # configure might choose to run compile as 'compile cc -o foo foo.c'. # So we strip '-o arg' only if arg is an object. eat=1 case $2 in *.o | *.obj) ofile=$2 ;; *) set x "$@" -o "$2" shift ;; esac ;; *.c) cfile=$1 set x "$@" "$1" shift ;; *) set x "$@" "$1" shift ;; esac fi shift done if test -z "$ofile" || test -z "$cfile"; then # If no '-o' option was seen then we might have been invoked from a # pattern rule where we don't need one. That is ok -- this is a # normal compilation that the losing compiler can handle. If no # '.c' file was seen then we are probably linking. That is also # ok. exec "$@" fi # Name of file we expect compiler to create. cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` # Create the lock directory. # Note: use '[/\\:.-]' here to ensure that we don't use the same name # that we are using for the .o file. Also, base the name on the expected # object file name, since that is what matters with a parallel build. lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d while true; do if mkdir "$lockdir" >/dev/null 2>&1; then break fi sleep 1 done # FIXME: race condition here if user kills between mkdir and trap. trap "rmdir '$lockdir'; exit 1" 1 2 15 # Run the compile. "$@" ret=$? if test -f "$cofile"; then test "$cofile" = "$ofile" || mv "$cofile" "$ofile" elif test -f "${cofile}bj"; then test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" fi rmdir "$lockdir" exit $ret # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/build-aux/install-sh0000755000175000017500000003546313006223057013447 00000000000000#!/bin/sh # install - install a program, script, or datafile scriptversion=2014-09-12.12; # UTC # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the # following copyright and license. # # Copyright (C) 1994 X Consortium # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to # deal in the Software without restriction, including without limitation the # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or # sell copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in # all copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN # AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC- # TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. # # Except as contained in this notice, the name of the X Consortium shall not # be used in advertising or otherwise to promote the sale, use or other deal- # ings in this Software without prior written authorization from the X Consor- # tium. # # # FSF changes to this file are in the public domain. # # Calling this script install-sh is preferred over install.sh, to prevent # 'make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. tab=' ' nl=' ' IFS=" $tab$nl" # Set DOITPROG to "echo" to test this script. doit=${DOITPROG-} doit_exec=${doit:-exec} # Put in absolute file names if you don't have them in your path; # or use environment vars. chgrpprog=${CHGRPPROG-chgrp} chmodprog=${CHMODPROG-chmod} chownprog=${CHOWNPROG-chown} cmpprog=${CMPPROG-cmp} cpprog=${CPPROG-cp} mkdirprog=${MKDIRPROG-mkdir} mvprog=${MVPROG-mv} rmprog=${RMPROG-rm} stripprog=${STRIPPROG-strip} posix_mkdir= # Desired mode of installed file. mode=0755 chgrpcmd= chmodcmd=$chmodprog chowncmd= mvcmd=$mvprog rmcmd="$rmprog -f" stripcmd= src= dst= dir_arg= dst_arg= copy_on_change=false is_target_a_directory=possibly usage="\ Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE or: $0 [OPTION]... SRCFILES... DIRECTORY or: $0 [OPTION]... -t DIRECTORY SRCFILES... or: $0 [OPTION]... -d DIRECTORIES... In the 1st form, copy SRCFILE to DSTFILE. In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. In the 4th, create DIRECTORIES. Options: --help display this help and exit. --version display version info and exit. -c (ignored) -C install only if different (preserve the last data modification time) -d create directories instead of installing files. -g GROUP $chgrpprog installed files to GROUP. -m MODE $chmodprog installed files to MODE. -o USER $chownprog installed files to USER. -s $stripprog installed files. -t DIRECTORY install into DIRECTORY. -T report an error if DSTFILE is a directory. Environment variables override the default commands: CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG " while test $# -ne 0; do case $1 in -c) ;; -C) copy_on_change=true;; -d) dir_arg=true;; -g) chgrpcmd="$chgrpprog $2" shift;; --help) echo "$usage"; exit $?;; -m) mode=$2 case $mode in *' '* | *"$tab"* | *"$nl"* | *'*'* | *'?'* | *'['*) echo "$0: invalid mode: $mode" >&2 exit 1;; esac shift;; -o) chowncmd="$chownprog $2" shift;; -s) stripcmd=$stripprog;; -t) is_target_a_directory=always dst_arg=$2 # Protect names problematic for 'test' and other utilities. case $dst_arg in -* | [=\(\)!]) dst_arg=./$dst_arg;; esac shift;; -T) is_target_a_directory=never;; --version) echo "$0 $scriptversion"; exit $?;; --) shift break;; -*) echo "$0: invalid option: $1" >&2 exit 1;; *) break;; esac shift done # We allow the use of options -d and -T together, by making -d # take the precedence; this is for compatibility with GNU install. if test -n "$dir_arg"; then if test -n "$dst_arg"; then echo "$0: target directory not allowed when installing a directory." >&2 exit 1 fi fi if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then # When -d is used, all remaining arguments are directories to create. # When -t is used, the destination is already specified. # Otherwise, the last argument is the destination. Remove it from $@. for arg do if test -n "$dst_arg"; then # $@ is not empty: it contains at least $arg. set fnord "$@" "$dst_arg" shift # fnord fi shift # arg dst_arg=$arg # Protect names problematic for 'test' and other utilities. case $dst_arg in -* | [=\(\)!]) dst_arg=./$dst_arg;; esac done fi if test $# -eq 0; then if test -z "$dir_arg"; then echo "$0: no input file specified." >&2 exit 1 fi # It's OK to call 'install-sh -d' without argument. # This can happen when creating conditional directories. exit 0 fi if test -z "$dir_arg"; then if test $# -gt 1 || test "$is_target_a_directory" = always; then if test ! -d "$dst_arg"; then echo "$0: $dst_arg: Is not a directory." >&2 exit 1 fi fi fi if test -z "$dir_arg"; then do_exit='(exit $ret); exit $ret' trap "ret=129; $do_exit" 1 trap "ret=130; $do_exit" 2 trap "ret=141; $do_exit" 13 trap "ret=143; $do_exit" 15 # Set umask so as not to create temps with too-generous modes. # However, 'strip' requires both read and write access to temps. case $mode in # Optimize common cases. *644) cp_umask=133;; *755) cp_umask=22;; *[0-7]) if test -z "$stripcmd"; then u_plus_rw= else u_plus_rw='% 200' fi cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;; *) if test -z "$stripcmd"; then u_plus_rw= else u_plus_rw=,u+rw fi cp_umask=$mode$u_plus_rw;; esac fi for src do # Protect names problematic for 'test' and other utilities. case $src in -* | [=\(\)!]) src=./$src;; esac if test -n "$dir_arg"; then dst=$src dstdir=$dst test -d "$dstdir" dstdir_status=$? else # Waiting for this to be detected by the "$cpprog $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if test ! -f "$src" && test ! -d "$src"; then echo "$0: $src does not exist." >&2 exit 1 fi if test -z "$dst_arg"; then echo "$0: no destination specified." >&2 exit 1 fi dst=$dst_arg # If destination is a directory, append the input filename; won't work # if double slashes aren't ignored. if test -d "$dst"; then if test "$is_target_a_directory" = never; then echo "$0: $dst_arg: Is a directory" >&2 exit 1 fi dstdir=$dst dst=$dstdir/`basename "$src"` dstdir_status=0 else dstdir=`dirname "$dst"` test -d "$dstdir" dstdir_status=$? fi fi obsolete_mkdir_used=false if test $dstdir_status != 0; then case $posix_mkdir in '') # Create intermediate dirs using mode 755 as modified by the umask. # This is like FreeBSD 'install' as of 1997-10-28. umask=`umask` case $stripcmd.$umask in # Optimize common cases. *[2367][2367]) mkdir_umask=$umask;; .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;; *[0-7]) mkdir_umask=`expr $umask + 22 \ - $umask % 100 % 40 + $umask % 20 \ - $umask % 10 % 4 + $umask % 2 `;; *) mkdir_umask=$umask,go-w;; esac # With -d, create the new directory with the user-specified mode. # Otherwise, rely on $mkdir_umask. if test -n "$dir_arg"; then mkdir_mode=-m$mode else mkdir_mode= fi posix_mkdir=false case $umask in *[123567][0-7][0-7]) # POSIX mkdir -p sets u+wx bits regardless of umask, which # is incompatible with FreeBSD 'install' when (umask & 300) != 0. ;; *) # $RANDOM is not portable (e.g. dash); use it when possible to # lower collision chance tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$ trap 'ret=$?; rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null; exit $ret' 0 # As "mkdir -p" follows symlinks and we work in /tmp possibly; so # create the $tmpdir first (and fail if unsuccessful) to make sure # that nobody tries to guess the $tmpdir name. if (umask $mkdir_umask && $mkdirprog $mkdir_mode "$tmpdir" && exec $mkdirprog $mkdir_mode -p -- "$tmpdir/a/b") >/dev/null 2>&1 then if test -z "$dir_arg" || { # Check for POSIX incompatibilities with -m. # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or # other-writable bit of parent directory when it shouldn't. # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. test_tmpdir="$tmpdir/a" ls_ld_tmpdir=`ls -ld "$test_tmpdir"` case $ls_ld_tmpdir in d????-?r-*) different_mode=700;; d????-?--*) different_mode=755;; *) false;; esac && $mkdirprog -m$different_mode -p -- "$test_tmpdir" && { ls_ld_tmpdir_1=`ls -ld "$test_tmpdir"` test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1" } } then posix_mkdir=: fi rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" else # Remove any dirs left behind by ancient mkdir implementations. rmdir ./$mkdir_mode ./-p ./-- "$tmpdir" 2>/dev/null fi trap '' 0;; esac;; esac if $posix_mkdir && ( umask $mkdir_umask && $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir" ) then : else # The umask is ridiculous, or mkdir does not conform to POSIX, # or it failed possibly due to a race condition. Create the # directory the slow way, step by step, checking for races as we go. case $dstdir in /*) prefix='/';; [-=\(\)!]*) prefix='./';; *) prefix='';; esac oIFS=$IFS IFS=/ set -f set fnord $dstdir shift set +f IFS=$oIFS prefixes= for d do test X"$d" = X && continue prefix=$prefix$d if test -d "$prefix"; then prefixes= else if $posix_mkdir; then (umask=$mkdir_umask && $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break # Don't fail if two instances are running concurrently. test -d "$prefix" || exit 1 else case $prefix in *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;; *) qprefix=$prefix;; esac prefixes="$prefixes '$qprefix'" fi fi prefix=$prefix/ done if test -n "$prefixes"; then # Don't fail if two instances are running concurrently. (umask $mkdir_umask && eval "\$doit_exec \$mkdirprog $prefixes") || test -d "$dstdir" || exit 1 obsolete_mkdir_used=true fi fi fi if test -n "$dir_arg"; then { test -z "$chowncmd" || $doit $chowncmd "$dst"; } && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } && { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false || test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1 else # Make a couple of temp file names in the proper directory. dsttmp=$dstdir/_inst.$$_ rmtmp=$dstdir/_rm.$$_ # Trap to clean up those temp files at exit. trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 # Copy the file name to the temp name. (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && # and set any options; do chmod last to preserve setuid bits. # # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $cpprog $src $dsttmp" command. # { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && # If -C, don't bother to copy if it wouldn't change the file. if $copy_on_change && old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && set -f && set X $old && old=:$2:$4:$5:$6 && set X $new && new=:$2:$4:$5:$6 && set +f && test "$old" = "$new" && $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 then rm -f "$dsttmp" else # Rename the file to the real destination. $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || # The rename failed, perhaps because mv can't rename something else # to itself, or perhaps because mv is so ancient that it does not # support -f. { # Now remove or move aside any old file at destination location. # We try this two ways since rm can't unlink itself on some # systems and the destination file might be busy for other # reasons. In this case, the final cleanup might fail but the new # file should still install successfully. { test ! -f "$dst" || $doit $rmcmd -f "$dst" 2>/dev/null || { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } } || { echo "$0: cannot unlink or rename $dst" >&2 (exit 1); exit 1 } } && # Now rename the file to the real destination. $doit $mvcmd "$dsttmp" "$dst" } fi || exit 1 trap '' 0 fi done # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/build-aux/missing0000755000175000017500000001533013006223057013031 00000000000000#! /bin/sh # Common wrapper for a few potentially missing GNU programs. scriptversion=2013-10-28.13; # UTC # Copyright (C) 1996-2014 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard , 1996. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. if test $# -eq 0; then echo 1>&2 "Try '$0 --help' for more information" exit 1 fi case $1 in --is-lightweight) # Used by our autoconf macros to check whether the available missing # script is modern enough. exit 0 ;; --run) # Back-compat with the calling convention used by older automake. shift ;; -h|--h|--he|--hel|--help) echo "\ $0 [OPTION]... PROGRAM [ARGUMENT]... Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due to PROGRAM being missing or too old. Options: -h, --help display this help and exit -v, --version output version information and exit Supported PROGRAM values: aclocal autoconf autoheader autom4te automake makeinfo bison yacc flex lex help2man Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and 'g' are ignored when checking the name. Send bug reports to ." exit $? ;; -v|--v|--ve|--ver|--vers|--versi|--versio|--version) echo "missing $scriptversion (GNU Automake)" exit $? ;; -*) echo 1>&2 "$0: unknown '$1' option" echo 1>&2 "Try '$0 --help' for more information" exit 1 ;; esac # Run the given program, remember its exit status. "$@"; st=$? # If it succeeded, we are done. test $st -eq 0 && exit 0 # Also exit now if we it failed (or wasn't found), and '--version' was # passed; such an option is passed most likely to detect whether the # program is present and works. case $2 in --version|--help) exit $st;; esac # Exit code 63 means version mismatch. This often happens when the user # tries to use an ancient version of a tool on a file that requires a # minimum version. if test $st -eq 63; then msg="probably too old" elif test $st -eq 127; then # Program was missing. msg="missing on your system" else # Program was found and executed, but failed. Give up. exit $st fi perl_URL=http://www.perl.org/ flex_URL=http://flex.sourceforge.net/ gnu_software_URL=http://www.gnu.org/software program_details () { case $1 in aclocal|automake) echo "The '$1' program is part of the GNU Automake package:" echo "<$gnu_software_URL/automake>" echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:" echo "<$gnu_software_URL/autoconf>" echo "<$gnu_software_URL/m4/>" echo "<$perl_URL>" ;; autoconf|autom4te|autoheader) echo "The '$1' program is part of the GNU Autoconf package:" echo "<$gnu_software_URL/autoconf/>" echo "It also requires GNU m4 and Perl in order to run:" echo "<$gnu_software_URL/m4/>" echo "<$perl_URL>" ;; esac } give_advice () { # Normalize program name to check for. normalized_program=`echo "$1" | sed ' s/^gnu-//; t s/^gnu//; t s/^g//; t'` printf '%s\n' "'$1' is $msg." configure_deps="'configure.ac' or m4 files included by 'configure.ac'" case $normalized_program in autoconf*) echo "You should only need it if you modified 'configure.ac'," echo "or m4 files included by it." program_details 'autoconf' ;; autoheader*) echo "You should only need it if you modified 'acconfig.h' or" echo "$configure_deps." program_details 'autoheader' ;; automake*) echo "You should only need it if you modified 'Makefile.am' or" echo "$configure_deps." program_details 'automake' ;; aclocal*) echo "You should only need it if you modified 'acinclude.m4' or" echo "$configure_deps." program_details 'aclocal' ;; autom4te*) echo "You might have modified some maintainer files that require" echo "the 'autom4te' program to be rebuilt." program_details 'autom4te' ;; bison*|yacc*) echo "You should only need it if you modified a '.y' file." echo "You may want to install the GNU Bison package:" echo "<$gnu_software_URL/bison/>" ;; lex*|flex*) echo "You should only need it if you modified a '.l' file." echo "You may want to install the Fast Lexical Analyzer package:" echo "<$flex_URL>" ;; help2man*) echo "You should only need it if you modified a dependency" \ "of a man page." echo "You may want to install the GNU Help2man package:" echo "<$gnu_software_URL/help2man/>" ;; makeinfo*) echo "You should only need it if you modified a '.texi' file, or" echo "any other file indirectly affecting the aspect of the manual." echo "You might want to install the Texinfo package:" echo "<$gnu_software_URL/texinfo/>" echo "The spurious makeinfo call might also be the consequence of" echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might" echo "want to install GNU make:" echo "<$gnu_software_URL/make/>" ;; *) echo "You might have modified some files without having the proper" echo "tools for further handling them. Check the 'README' file, it" echo "often tells you about the needed prerequisites for installing" echo "this package. You may also peek at any GNU archive site, in" echo "case some other package contains this missing '$1' program." ;; esac } give_advice "$1" | sed -e '1s/^/WARNING: /' \ -e '2,$s/^/ /' >&2 # Propagate the correct exit status (expected to be 127 for a program # not found, 63 for a program that failed due to version mismatch). exit $st # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/build-aux/ylwrap0000755000175000017500000001531213006223057012676 00000000000000#! /bin/sh # ylwrap - wrapper for lex/yacc invocations. scriptversion=2013-01-12.17; # UTC # Copyright (C) 1996-2014 Free Software Foundation, Inc. # # Written by Tom Tromey . # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # This file is maintained in Automake, please report # bugs to or send patches to # . get_dirname () { case $1 in */*|*\\*) printf '%s\n' "$1" | sed -e 's|\([\\/]\)[^\\/]*$|\1|';; # Otherwise, we want the empty string (not "."). esac } # guard FILE # ---------- # The CPP macro used to guard inclusion of FILE. guard () { printf '%s\n' "$1" \ | sed \ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/' \ -e 's/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ]/_/g' \ -e 's/__*/_/g' } # quote_for_sed [STRING] # ---------------------- # Return STRING (or stdin) quoted to be used as a sed pattern. quote_for_sed () { case $# in 0) cat;; 1) printf '%s\n' "$1";; esac \ | sed -e 's|[][\\.*]|\\&|g' } case "$1" in '') echo "$0: No files given. Try '$0 --help' for more information." 1>&2 exit 1 ;; --basedir) basedir=$2 shift 2 ;; -h|--h*) cat <<\EOF Usage: ylwrap [--help|--version] INPUT [OUTPUT DESIRED]... -- PROGRAM [ARGS]... Wrapper for lex/yacc invocations, renaming files as desired. INPUT is the input file OUTPUT is one file PROG generates DESIRED is the file we actually want instead of OUTPUT PROGRAM is program to run ARGS are passed to PROG Any number of OUTPUT,DESIRED pairs may be used. Report bugs to . EOF exit $? ;; -v|--v*) echo "ylwrap $scriptversion" exit $? ;; esac # The input. input=$1 shift # We'll later need for a correct munging of "#line" directives. input_sub_rx=`get_dirname "$input" | quote_for_sed` case $input in [\\/]* | ?:[\\/]*) # Absolute path; do nothing. ;; *) # Relative path. Make it absolute. input=`pwd`/$input ;; esac input_rx=`get_dirname "$input" | quote_for_sed` # Since DOS filename conventions don't allow two dots, # the DOS version of Bison writes out y_tab.c instead of y.tab.c # and y_tab.h instead of y.tab.h. Test to see if this is the case. y_tab_nodot=false if test -f y_tab.c || test -f y_tab.h; then y_tab_nodot=true fi # The parser itself, the first file, is the destination of the .y.c # rule in the Makefile. parser=$1 # A sed program to s/FROM/TO/g for all the FROM/TO so that, for # instance, we rename #include "y.tab.h" into #include "parse.h" # during the conversion from y.tab.c to parse.c. sed_fix_filenames= # Also rename header guards, as Bison 2.7 for instance uses its header # guard in its implementation file. sed_fix_header_guards= while test $# -ne 0; do if test x"$1" = x"--"; then shift break fi from=$1 # Handle y_tab.c and y_tab.h output by DOS if $y_tab_nodot; then case $from in "y.tab.c") from=y_tab.c;; "y.tab.h") from=y_tab.h;; esac fi shift to=$1 shift sed_fix_filenames="${sed_fix_filenames}s|"`quote_for_sed "$from"`"|$to|g;" sed_fix_header_guards="${sed_fix_header_guards}s|"`guard "$from"`"|"`guard "$to"`"|g;" done # The program to run. prog=$1 shift # Make any relative path in $prog absolute. case $prog in [\\/]* | ?:[\\/]*) ;; *[\\/]*) prog=`pwd`/$prog ;; esac dirname=ylwrap$$ do_exit="cd '`pwd`' && rm -rf $dirname > /dev/null 2>&1;"' (exit $ret); exit $ret' trap "ret=129; $do_exit" 1 trap "ret=130; $do_exit" 2 trap "ret=141; $do_exit" 13 trap "ret=143; $do_exit" 15 mkdir $dirname || exit 1 cd $dirname case $# in 0) "$prog" "$input" ;; *) "$prog" "$@" "$input" ;; esac ret=$? if test $ret -eq 0; then for from in * do to=`printf '%s\n' "$from" | sed "$sed_fix_filenames"` if test -f "$from"; then # If $2 is an absolute path name, then just use that, # otherwise prepend '../'. case $to in [\\/]* | ?:[\\/]*) target=$to;; *) target=../$to;; esac # Do not overwrite unchanged header files to avoid useless # recompilations. Always update the parser itself: it is the # destination of the .y.c rule in the Makefile. Divert the # output of all other files to a temporary file so we can # compare them to existing versions. if test $from != $parser; then realtarget=$target target=tmp-`printf '%s\n' "$target" | sed 's|.*[\\/]||g'` fi # Munge "#line" or "#" directives. Don't let the resulting # debug information point at an absolute srcdir. Use the real # output file name, not yy.lex.c for instance. Adjust the # include guards too. sed -e "/^#/!b" \ -e "s|$input_rx|$input_sub_rx|" \ -e "$sed_fix_filenames" \ -e "$sed_fix_header_guards" \ "$from" >"$target" || ret=$? # Check whether files must be updated. if test "$from" != "$parser"; then if test -f "$realtarget" && cmp -s "$realtarget" "$target"; then echo "$to is unchanged" rm -f "$target" else echo "updating $to" mv -f "$target" "$realtarget" fi fi else # A missing file is only an error for the parser. This is a # blatant hack to let us support using "yacc -d". If -d is not # specified, don't fail when the header file is "missing". if test "$from" = "$parser"; then ret=1 fi fi done fi # Remove the directory. cd .. rm -rf $dirname exit $ret # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/README.md0000644000175000017500000000104012710627110011007 00000000000000hitch TLS proxy =============== [![Build Status](https://travis-ci.org/varnish/hitch.svg?branch=master)](https://travis-ci.org/varnish/hitch) [![Coverity Scan Build Status](https://scan.coverity.com/projects/5137/badge.svg)](https://scan.coverity.com/projects/hitch) `hitch` is a network proxy that terminates TLS/SSL connections and forwards the unencrypted traffic to some backend. It's designed to handle 10s of thousands of connections efficiently on multicore machines. See the [web page](https://hitch-tls.org) for more information. hitch-1.4.4/aclocal.m40000644000175000017500000015143413026747413011417 00000000000000# generated automatically by aclocal 1.15 -*- Autoconf -*- # Copyright (C) 1996-2014 Free Software Foundation, Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],, [m4_warning([this file was generated for autoconf 2.69. You have another version of autoconf. It may work, but is not guaranteed to. If you have problems, you may need to regenerate the build system entirely. To do so, use the procedure documented by the package, typically 'autoreconf'.])]) dnl pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- dnl serial 11 (pkg-config-0.29) dnl dnl Copyright © 2004 Scott James Remnant . dnl Copyright © 2012-2015 Dan Nicholson dnl dnl This program is free software; you can redistribute it and/or modify dnl it under the terms of the GNU General Public License as published by dnl the Free Software Foundation; either version 2 of the License, or dnl (at your option) any later version. dnl dnl This program is distributed in the hope that it will be useful, but dnl WITHOUT ANY WARRANTY; without even the implied warranty of dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU dnl General Public License for more details. dnl dnl You should have received a copy of the GNU General Public License dnl along with this program; if not, write to the Free Software dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA dnl 02111-1307, USA. dnl dnl As a special exception to the GNU General Public License, if you dnl distribute this file as part of a program that contains a dnl configuration script generated by Autoconf, you may include it under dnl the same distribution terms that you use for the rest of that dnl program. dnl PKG_PREREQ(MIN-VERSION) dnl ----------------------- dnl Since: 0.29 dnl dnl Verify that the version of the pkg-config macros are at least dnl MIN-VERSION. Unlike PKG_PROG_PKG_CONFIG, which checks the user's dnl installed version of pkg-config, this checks the developer's version dnl of pkg.m4 when generating configure. dnl dnl To ensure that this macro is defined, also add: dnl m4_ifndef([PKG_PREREQ], dnl [m4_fatal([must install pkg-config 0.29 or later before running autoconf/autogen])]) dnl dnl See the "Since" comment for each macro you use to see what version dnl of the macros you require. m4_defun([PKG_PREREQ], [m4_define([PKG_MACROS_VERSION], [0.29]) m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1, [m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])]) ])dnl PKG_PREREQ dnl PKG_PROG_PKG_CONFIG([MIN-VERSION]) dnl ---------------------------------- dnl Since: 0.16 dnl dnl Search for the pkg-config tool and set the PKG_CONFIG variable to dnl first found in the path. Checks that the version of pkg-config found dnl is at least MIN-VERSION. If MIN-VERSION is not specified, 0.9.0 is dnl used since that's the first version where most current features of dnl pkg-config existed. AC_DEFUN([PKG_PROG_PKG_CONFIG], [m4_pattern_forbid([^_?PKG_[A-Z_]+$]) m4_pattern_allow([^PKG_CONFIG(_(PATH|LIBDIR|SYSROOT_DIR|ALLOW_SYSTEM_(CFLAGS|LIBS)))?$]) m4_pattern_allow([^PKG_CONFIG_(DISABLE_UNINSTALLED|TOP_BUILD_DIR|DEBUG_SPEW)$]) AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility]) AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path]) AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path]) if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) fi if test -n "$PKG_CONFIG"; then _pkg_min_version=m4_default([$1], [0.9.0]) AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) PKG_CONFIG="" fi fi[]dnl ])dnl PKG_PROG_PKG_CONFIG dnl PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) dnl ------------------------------------------------------------------- dnl Since: 0.18 dnl dnl Check to see whether a particular set of modules exists. Similar to dnl PKG_CHECK_MODULES(), but does not set variables or print errors. dnl dnl Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG]) dnl only at the first occurence in configure.ac, so if the first place dnl it's called might be skipped (such as if it is within an "if", you dnl have to call PKG_CHECK_EXISTS manually AC_DEFUN([PKG_CHECK_EXISTS], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl if test -n "$PKG_CONFIG" && \ AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then m4_default([$2], [:]) m4_ifvaln([$3], [else $3])dnl fi]) dnl _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) dnl --------------------------------------------- dnl Internal wrapper calling pkg-config via PKG_CONFIG and setting dnl pkg_failed based on the result. m4_define([_PKG_CONFIG], [if test -n "$$1"; then pkg_cv_[]$1="$$1" elif test -n "$PKG_CONFIG"; then PKG_CHECK_EXISTS([$3], [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes ], [pkg_failed=yes]) else pkg_failed=untried fi[]dnl ])dnl _PKG_CONFIG dnl _PKG_SHORT_ERRORS_SUPPORTED dnl --------------------------- dnl Internal check to see if pkg-config supports short errors. AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED], [AC_REQUIRE([PKG_PROG_PKG_CONFIG]) if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then _pkg_short_errors_supported=yes else _pkg_short_errors_supported=no fi[]dnl ])dnl _PKG_SHORT_ERRORS_SUPPORTED dnl PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], dnl [ACTION-IF-NOT-FOUND]) dnl -------------------------------------------------------------- dnl Since: 0.4.0 dnl dnl Note that if there is a possibility the first call to dnl PKG_CHECK_MODULES might not happen, you should be sure to include an dnl explicit call to PKG_PROG_PKG_CONFIG in your configure.ac AC_DEFUN([PKG_CHECK_MODULES], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl pkg_failed=no AC_MSG_CHECKING([for $1]) _PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) _PKG_CONFIG([$1][_LIBS], [libs], [$2]) m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS and $1[]_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details.]) if test $pkg_failed = yes; then AC_MSG_RESULT([no]) _PKG_SHORT_ERRORS_SUPPORTED if test $_pkg_short_errors_supported = yes; then $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1` else $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1` fi # Put the nasty error message in config.log where it belongs echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD m4_default([$4], [AC_MSG_ERROR( [Package requirements ($2) were not met: $$1_PKG_ERRORS Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. _PKG_TEXT])[]dnl ]) elif test $pkg_failed = untried; then AC_MSG_RESULT([no]) m4_default([$4], [AC_MSG_FAILURE( [The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. _PKG_TEXT To get pkg-config, see .])[]dnl ]) else $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS $1[]_LIBS=$pkg_cv_[]$1[]_LIBS AC_MSG_RESULT([yes]) $3 fi[]dnl ])dnl PKG_CHECK_MODULES dnl PKG_CHECK_MODULES_STATIC(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], dnl [ACTION-IF-NOT-FOUND]) dnl --------------------------------------------------------------------- dnl Since: 0.29 dnl dnl Checks for existence of MODULES and gathers its build flags with dnl static libraries enabled. Sets VARIABLE-PREFIX_CFLAGS from --cflags dnl and VARIABLE-PREFIX_LIBS from --libs. dnl dnl Note that if there is a possibility the first call to dnl PKG_CHECK_MODULES_STATIC might not happen, you should be sure to dnl include an explicit call to PKG_PROG_PKG_CONFIG in your dnl configure.ac. AC_DEFUN([PKG_CHECK_MODULES_STATIC], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl _save_PKG_CONFIG=$PKG_CONFIG PKG_CONFIG="$PKG_CONFIG --static" PKG_CHECK_MODULES($@) PKG_CONFIG=$_save_PKG_CONFIG[]dnl ])dnl PKG_CHECK_MODULES_STATIC dnl PKG_INSTALLDIR([DIRECTORY]) dnl ------------------------- dnl Since: 0.27 dnl dnl Substitutes the variable pkgconfigdir as the location where a module dnl should install pkg-config .pc files. By default the directory is dnl $libdir/pkgconfig, but the default can be changed by passing dnl DIRECTORY. The user can override through the --with-pkgconfigdir dnl parameter. AC_DEFUN([PKG_INSTALLDIR], [m4_pushdef([pkg_default], [m4_default([$1], ['${libdir}/pkgconfig'])]) m4_pushdef([pkg_description], [pkg-config installation directory @<:@]pkg_default[@:>@]) AC_ARG_WITH([pkgconfigdir], [AS_HELP_STRING([--with-pkgconfigdir], pkg_description)],, [with_pkgconfigdir=]pkg_default) AC_SUBST([pkgconfigdir], [$with_pkgconfigdir]) m4_popdef([pkg_default]) m4_popdef([pkg_description]) ])dnl PKG_INSTALLDIR dnl PKG_NOARCH_INSTALLDIR([DIRECTORY]) dnl -------------------------------- dnl Since: 0.27 dnl dnl Substitutes the variable noarch_pkgconfigdir as the location where a dnl module should install arch-independent pkg-config .pc files. By dnl default the directory is $datadir/pkgconfig, but the default can be dnl changed by passing DIRECTORY. The user can override through the dnl --with-noarch-pkgconfigdir parameter. AC_DEFUN([PKG_NOARCH_INSTALLDIR], [m4_pushdef([pkg_default], [m4_default([$1], ['${datadir}/pkgconfig'])]) m4_pushdef([pkg_description], [pkg-config arch-independent installation directory @<:@]pkg_default[@:>@]) AC_ARG_WITH([noarch-pkgconfigdir], [AS_HELP_STRING([--with-noarch-pkgconfigdir], pkg_description)],, [with_noarch_pkgconfigdir=]pkg_default) AC_SUBST([noarch_pkgconfigdir], [$with_noarch_pkgconfigdir]) m4_popdef([pkg_default]) m4_popdef([pkg_description]) ])dnl PKG_NOARCH_INSTALLDIR dnl PKG_CHECK_VAR(VARIABLE, MODULE, CONFIG-VARIABLE, dnl [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) dnl ------------------------------------------- dnl Since: 0.28 dnl dnl Retrieves the value of the pkg-config variable for the given module. AC_DEFUN([PKG_CHECK_VAR], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl AC_ARG_VAR([$1], [value of $3 for $2, overriding pkg-config])dnl _PKG_CONFIG([$1], [variable="][$3]["], [$2]) AS_VAR_COPY([$1], [pkg_cv_][$1]) AS_VAR_IF([$1], [""], [$5], [$4])dnl ])dnl PKG_CHECK_VAR # Copyright (C) 2002-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_AUTOMAKE_VERSION(VERSION) # ---------------------------- # Automake X.Y traces this macro to ensure aclocal.m4 has been # generated from the m4 files accompanying Automake X.Y. # (This private macro should not be called outside this file.) AC_DEFUN([AM_AUTOMAKE_VERSION], [am__api_version='1.15' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. m4_if([$1], [1.15], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) # _AM_AUTOCONF_VERSION(VERSION) # ----------------------------- # aclocal traces this macro to find the Autoconf version. # This is a private macro too. Using m4_define simplifies # the logic in aclocal, which can simply ignore this definition. m4_define([_AM_AUTOCONF_VERSION], []) # AM_SET_CURRENT_AUTOMAKE_VERSION # ------------------------------- # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], [AM_AUTOMAKE_VERSION([1.15])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) # AM_AUX_DIR_EXPAND -*- Autoconf -*- # Copyright (C) 2001-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets # $ac_aux_dir to '$srcdir/foo'. In other projects, it is set to # '$srcdir', '$srcdir/..', or '$srcdir/../..'. # # Of course, Automake must honor this variable whenever it calls a # tool from the auxiliary directory. The problem is that $srcdir (and # therefore $ac_aux_dir as well) can be either absolute or relative, # depending on how configure is run. This is pretty annoying, since # it makes $ac_aux_dir quite unusable in subdirectories: in the top # source directory, any form will work fine, but in subdirectories a # relative path needs to be adjusted first. # # $ac_aux_dir/missing # fails when called from a subdirectory if $ac_aux_dir is relative # $top_srcdir/$ac_aux_dir/missing # fails if $ac_aux_dir is absolute, # fails when called from a subdirectory in a VPATH build with # a relative $ac_aux_dir # # The reason of the latter failure is that $top_srcdir and $ac_aux_dir # are both prefixed by $srcdir. In an in-source build this is usually # harmless because $srcdir is '.', but things will broke when you # start a VPATH build or use an absolute $srcdir. # # So we could use something similar to $top_srcdir/$ac_aux_dir/missing, # iff we strip the leading $srcdir from $ac_aux_dir. That would be: # am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"` # and then we would define $MISSING as # MISSING="\${SHELL} $am_aux_dir/missing" # This will work as long as MISSING is not called from configure, because # unfortunately $(top_srcdir) has no meaning in configure. # However there are other variables, like CC, which are often used in # configure, and could therefore not use this "fixed" $ac_aux_dir. # # Another solution, used here, is to always expand $ac_aux_dir to an # absolute PATH. The drawback is that using absolute paths prevent a # configured tree to be moved without reconfiguration. AC_DEFUN([AM_AUX_DIR_EXPAND], [AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl # Expand $ac_aux_dir to an absolute path. am_aux_dir=`cd "$ac_aux_dir" && pwd` ]) # AM_CONDITIONAL -*- Autoconf -*- # Copyright (C) 1997-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_CONDITIONAL(NAME, SHELL-CONDITION) # ------------------------------------- # Define a conditional. AC_DEFUN([AM_CONDITIONAL], [AC_PREREQ([2.52])dnl m4_if([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl AC_SUBST([$1_TRUE])dnl AC_SUBST([$1_FALSE])dnl _AM_SUBST_NOTMAKE([$1_TRUE])dnl _AM_SUBST_NOTMAKE([$1_FALSE])dnl m4_define([_AM_COND_VALUE_$1], [$2])dnl if $2; then $1_TRUE= $1_FALSE='#' else $1_TRUE='#' $1_FALSE= fi AC_CONFIG_COMMANDS_PRE( [if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then AC_MSG_ERROR([[conditional "$1" was never defined. Usually this means the macro was only invoked conditionally.]]) fi])]) # Copyright (C) 1999-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be # written in clear, in which case automake, when reading aclocal.m4, # will think it sees a *use*, and therefore will trigger all it's # C support machinery. Also note that it means that autoscan, seeing # CC etc. in the Makefile, will ask for an AC_PROG_CC use... # _AM_DEPENDENCIES(NAME) # ---------------------- # See how the compiler implements dependency checking. # NAME is "CC", "CXX", "OBJC", "OBJCXX", "UPC", or "GJC". # We try a few techniques and use that to set a single cache variable. # # We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was # modified to invoke _AM_DEPENDENCIES(CC); we would have a circular # dependency, and given that the user is not expected to run this macro, # just rely on AC_PROG_CC. AC_DEFUN([_AM_DEPENDENCIES], [AC_REQUIRE([AM_SET_DEPDIR])dnl AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl AC_REQUIRE([AM_MAKE_INCLUDE])dnl AC_REQUIRE([AM_DEP_TRACK])dnl m4_if([$1], [CC], [depcc="$CC" am_compiler_list=], [$1], [CXX], [depcc="$CXX" am_compiler_list=], [$1], [OBJC], [depcc="$OBJC" am_compiler_list='gcc3 gcc'], [$1], [OBJCXX], [depcc="$OBJCXX" am_compiler_list='gcc3 gcc'], [$1], [UPC], [depcc="$UPC" am_compiler_list=], [$1], [GCJ], [depcc="$GCJ" am_compiler_list='gcc3 gcc'], [depcc="$$1" am_compiler_list=]) AC_CACHE_CHECK([dependency style of $depcc], [am_cv_$1_dependencies_compiler_type], [if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up # making a dummy file named 'D' -- because '-MD' means "put the output # in D". rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir # We will build objects and dependencies in a subdirectory because # it helps to detect inapplicable dependency modes. For instance # both Tru64's cc and ICC support -MD to output dependencies as a # side effect of compilation, but ICC will put the dependencies in # the current directory while Tru64 will put them in the object # directory. mkdir sub am_cv_$1_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` fi am__universal=false m4_case([$1], [CC], [case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac], [CXX], [case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac]) for depmode in $am_compiler_list; do # Setup a source with many dependencies, because some compilers # like to wrap large dependency lists on column 80 (with \), and # we should not choose a depcomp mode which is confused by this. # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with # Solaris 10 /bin/sh. echo '/* dummy */' > sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf # We check with '-c' and '-o' for the sake of the "dashmstdout" # mode. It turns out that the SunPro C++ compiler does not properly # handle '-M -o', and we need to detect this. Also, some Intel # versions had trouble with output in subdirs. am__obj=sub/conftest.${OBJEXT-o} am__minus_obj="-o $am__obj" case $depmode in gcc) # This depmode causes a compiler race in universal mode. test "$am__universal" = false || continue ;; nosideeffect) # After this tag, mechanisms are not by side-effect, so they'll # only be used when explicitly requested. if test "x$enable_dependency_tracking" = xyes; then continue else break fi ;; msvc7 | msvc7msys | msvisualcpp | msvcmsys) # This compiler won't grok '-c -o', but also, the minuso test has # not run yet. These depmodes are late enough in the game, and # so weak that their functioning should not be impacted. am__obj=conftest.${OBJEXT-o} am__minus_obj= ;; none) break ;; esac if depmode=$depmode \ source=sub/conftest.c object=$am__obj \ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ >/dev/null 2>conftest.err && grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && grep $am__obj sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then # icc doesn't choke on unknown options, it will just issue warnings # or remarks (even with -Werror). So we grep stderr for any message # that says an option was ignored or not supported. # When given -MP, icc 7.0 and 7.1 complain thusly: # icc: Command line warning: ignoring option '-M'; no argument required # The diagnosis changed in icc 8.0: # icc: Command line remark: option '-MP' not supported if (grep 'ignoring option' conftest.err || grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else am_cv_$1_dependencies_compiler_type=$depmode break fi fi done cd .. rm -rf conftest.dir else am_cv_$1_dependencies_compiler_type=none fi ]) AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type]) AM_CONDITIONAL([am__fastdep$1], [ test "x$enable_dependency_tracking" != xno \ && test "$am_cv_$1_dependencies_compiler_type" = gcc3]) ]) # AM_SET_DEPDIR # ------------- # Choose a directory name for dependency files. # This macro is AC_REQUIREd in _AM_DEPENDENCIES. AC_DEFUN([AM_SET_DEPDIR], [AC_REQUIRE([AM_SET_LEADING_DOT])dnl AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl ]) # AM_DEP_TRACK # ------------ AC_DEFUN([AM_DEP_TRACK], [AC_ARG_ENABLE([dependency-tracking], [dnl AS_HELP_STRING( [--enable-dependency-tracking], [do not reject slow dependency extractors]) AS_HELP_STRING( [--disable-dependency-tracking], [speeds up one-time build])]) if test "x$enable_dependency_tracking" != xno; then am_depcomp="$ac_aux_dir/depcomp" AMDEPBACKSLASH='\' am__nodep='_no' fi AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) AC_SUBST([AMDEPBACKSLASH])dnl _AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl AC_SUBST([am__nodep])dnl _AM_SUBST_NOTMAKE([am__nodep])dnl ]) # Generate code to set up dependency tracking. -*- Autoconf -*- # Copyright (C) 1999-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_OUTPUT_DEPENDENCY_COMMANDS # ------------------------------ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], [{ # Older Autoconf quotes --file arguments for eval, but not when files # are listed without --file. Let's play safe and only enable the eval # if we detect the quoting. case $CONFIG_FILES in *\'*) eval set x "$CONFIG_FILES" ;; *) set x $CONFIG_FILES ;; esac shift for mf do # Strip MF so we end up with the name of the file. mf=`echo "$mf" | sed -e 's/:.*$//'` # Check whether this is an Automake generated Makefile or not. # We used to match only the files named 'Makefile.in', but # some people rename them; so instead we look at the file content. # Grep'ing the first line is not enough: some people post-process # each Makefile.in and add a new line on top of each file to say so. # Grep'ing the whole file is not good either: AIX grep has a line # limit of 2048, but all sed's we know have understand at least 4000. if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then dirpart=`AS_DIRNAME("$mf")` else continue fi # Extract the definition of DEPDIR, am__include, and am__quote # from the Makefile without running 'make'. DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` test -z "$DEPDIR" && continue am__include=`sed -n 's/^am__include = //p' < "$mf"` test -z "$am__include" && continue am__quote=`sed -n 's/^am__quote = //p' < "$mf"` # Find all dependency output files, they are included files with # $(DEPDIR) in their names. We invoke sed twice because it is the # simplest approach to changing $(DEPDIR) to its actual value in the # expansion. for file in `sed -n " s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do # Make sure the directory exists. test -f "$dirpart/$file" && continue fdir=`AS_DIRNAME(["$file"])` AS_MKDIR_P([$dirpart/$fdir]) # echo "creating $dirpart/$file" echo '# dummy' > "$dirpart/$file" done done } ])# _AM_OUTPUT_DEPENDENCY_COMMANDS # AM_OUTPUT_DEPENDENCY_COMMANDS # ----------------------------- # This macro should only be invoked once -- use via AC_REQUIRE. # # This code is only required when automatic dependency tracking # is enabled. FIXME. This creates each '.P' file that we will # need in order to bootstrap the dependency handling code. AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], [AC_CONFIG_COMMANDS([depfiles], [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], [AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"]) ]) # Do all the work for Automake. -*- Autoconf -*- # Copyright (C) 1996-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This macro actually does too much. Some checks are only needed if # your package does certain things. But this isn't really a big deal. dnl Redefine AC_PROG_CC to automatically invoke _AM_PROG_CC_C_O. m4_define([AC_PROG_CC], m4_defn([AC_PROG_CC]) [_AM_PROG_CC_C_O ]) # AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) # AM_INIT_AUTOMAKE([OPTIONS]) # ----------------------------------------------- # The call with PACKAGE and VERSION arguments is the old style # call (pre autoconf-2.50), which is being phased out. PACKAGE # and VERSION should now be passed to AC_INIT and removed from # the call to AM_INIT_AUTOMAKE. # We support both call styles for the transition. After # the next Automake release, Autoconf can make the AC_INIT # arguments mandatory, and then we can depend on a new Autoconf # release and drop the old call support. AC_DEFUN([AM_INIT_AUTOMAKE], [AC_PREREQ([2.65])dnl dnl Autoconf wants to disallow AM_ names. We explicitly allow dnl the ones we care about. m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl AC_REQUIRE([AC_PROG_INSTALL])dnl if test "`cd $srcdir && pwd`" != "`pwd`"; then # Use -I$(srcdir) only when $(srcdir) != ., so that make's output # is not polluted with repeated "-I." AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl # test to see if srcdir already configured if test -f $srcdir/config.status; then AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) fi fi # test whether we have cygpath if test -z "$CYGPATH_W"; then if (cygpath --version) >/dev/null 2>/dev/null; then CYGPATH_W='cygpath -w' else CYGPATH_W=echo fi fi AC_SUBST([CYGPATH_W]) # Define the identity of the package. dnl Distinguish between old-style and new-style calls. m4_ifval([$2], [AC_DIAGNOSE([obsolete], [$0: two- and three-arguments forms are deprecated.]) m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl AC_SUBST([PACKAGE], [$1])dnl AC_SUBST([VERSION], [$2])], [_AM_SET_OPTIONS([$1])dnl dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. m4_if( m4_ifdef([AC_PACKAGE_NAME], [ok]):m4_ifdef([AC_PACKAGE_VERSION], [ok]), [ok:ok],, [m4_fatal([AC_INIT should be called with package and version arguments])])dnl AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl _AM_IF_OPTION([no-define],, [AC_DEFINE_UNQUOTED([PACKAGE], ["$PACKAGE"], [Name of package]) AC_DEFINE_UNQUOTED([VERSION], ["$VERSION"], [Version number of package])])dnl # Some tools Automake needs. AC_REQUIRE([AM_SANITY_CHECK])dnl AC_REQUIRE([AC_ARG_PROGRAM])dnl AM_MISSING_PROG([ACLOCAL], [aclocal-${am__api_version}]) AM_MISSING_PROG([AUTOCONF], [autoconf]) AM_MISSING_PROG([AUTOMAKE], [automake-${am__api_version}]) AM_MISSING_PROG([AUTOHEADER], [autoheader]) AM_MISSING_PROG([MAKEINFO], [makeinfo]) AC_REQUIRE([AM_PROG_INSTALL_SH])dnl AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl AC_REQUIRE([AC_PROG_MKDIR_P])dnl # For better backward compatibility. To be removed once Automake 1.9.x # dies out for good. For more background, see: # # AC_SUBST([mkdir_p], ['$(MKDIR_P)']) # We need awk for the "check" target (and possibly the TAP driver). The # system "awk" is bad on some platforms. AC_REQUIRE([AC_PROG_AWK])dnl AC_REQUIRE([AC_PROG_MAKE_SET])dnl AC_REQUIRE([AM_SET_LEADING_DOT])dnl _AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], [_AM_PROG_TAR([v7])])]) _AM_IF_OPTION([no-dependencies],, [AC_PROVIDE_IFELSE([AC_PROG_CC], [_AM_DEPENDENCIES([CC])], [m4_define([AC_PROG_CC], m4_defn([AC_PROG_CC])[_AM_DEPENDENCIES([CC])])])dnl AC_PROVIDE_IFELSE([AC_PROG_CXX], [_AM_DEPENDENCIES([CXX])], [m4_define([AC_PROG_CXX], m4_defn([AC_PROG_CXX])[_AM_DEPENDENCIES([CXX])])])dnl AC_PROVIDE_IFELSE([AC_PROG_OBJC], [_AM_DEPENDENCIES([OBJC])], [m4_define([AC_PROG_OBJC], m4_defn([AC_PROG_OBJC])[_AM_DEPENDENCIES([OBJC])])])dnl AC_PROVIDE_IFELSE([AC_PROG_OBJCXX], [_AM_DEPENDENCIES([OBJCXX])], [m4_define([AC_PROG_OBJCXX], m4_defn([AC_PROG_OBJCXX])[_AM_DEPENDENCIES([OBJCXX])])])dnl ]) AC_REQUIRE([AM_SILENT_RULES])dnl dnl The testsuite driver may need to know about EXEEXT, so add the dnl 'am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This dnl macro is hooked onto _AC_COMPILER_EXEEXT early, see below. AC_CONFIG_COMMANDS_PRE(dnl [m4_provide_if([_AM_COMPILER_EXEEXT], [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl # POSIX will say in a future version that running "rm -f" with no argument # is OK; and we want to be able to make that assumption in our Makefile # recipes. So use an aggressive probe to check that the usage we want is # actually supported "in the wild" to an acceptable degree. # See automake bug#10828. # To make any issue more visible, cause the running configure to be aborted # by default if the 'rm' program in use doesn't match our expectations; the # user can still override this though. if rm -f && rm -fr && rm -rf; then : OK; else cat >&2 <<'END' Oops! Your 'rm' program seems unable to run without file operands specified on the command line, even when the '-f' option is present. This is contrary to the behaviour of most rm programs out there, and not conforming with the upcoming POSIX standard: Please tell bug-automake@gnu.org about your system, including the value of your $PATH and any error possibly output before this message. This can help us improve future automake versions. END if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then echo 'Configuration will proceed anyway, since you have set the' >&2 echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 echo >&2 else cat >&2 <<'END' Aborting the configuration process, to ensure you take notice of the issue. You can download and install GNU coreutils to get an 'rm' implementation that behaves properly: . If you want to complete the configuration process using your problematic 'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM to "yes", and re-run configure. END AC_MSG_ERROR([Your 'rm' program is bad, sorry.]) fi fi dnl The trailing newline in this macro's definition is deliberate, for dnl backward compatibility and to allow trailing 'dnl'-style comments dnl after the AM_INIT_AUTOMAKE invocation. See automake bug#16841. ]) dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further dnl mangled by Autoconf and run in a shell conditional statement. m4_define([_AC_COMPILER_EXEEXT], m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) # When config.status generates a header, we must update the stamp-h file. # This file resides in the same directory as the config header # that is generated. The stamp files are numbered to have different names. # Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the # loop where config.status creates the headers, so we can generate # our stamp files there. AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], [# Compute $1's index in $config_headers. _am_arg=$1 _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) # Copyright (C) 2001-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_PROG_INSTALL_SH # ------------------ # Define $install_sh. AC_DEFUN([AM_PROG_INSTALL_SH], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl if test x"${install_sh+set}" != xset; then case $am_aux_dir in *\ * | *\ *) install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; *) install_sh="\${SHELL} $am_aux_dir/install-sh" esac fi AC_SUBST([install_sh])]) # Copyright (C) 2003-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # Check whether the underlying file-system supports filenames # with a leading dot. For instance MS-DOS doesn't. AC_DEFUN([AM_SET_LEADING_DOT], [rm -rf .tst 2>/dev/null mkdir .tst 2>/dev/null if test -d .tst; then am__leading_dot=. else am__leading_dot=_ fi rmdir .tst 2>/dev/null AC_SUBST([am__leading_dot])]) # Add --enable-maintainer-mode option to configure. -*- Autoconf -*- # From Jim Meyering # Copyright (C) 1996-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_MAINTAINER_MODE([DEFAULT-MODE]) # ---------------------------------- # Control maintainer-specific portions of Makefiles. # Default is to disable them, unless 'enable' is passed literally. # For symmetry, 'disable' may be passed as well. Anyway, the user # can override the default with the --enable/--disable switch. AC_DEFUN([AM_MAINTAINER_MODE], [m4_case(m4_default([$1], [disable]), [enable], [m4_define([am_maintainer_other], [disable])], [disable], [m4_define([am_maintainer_other], [enable])], [m4_define([am_maintainer_other], [enable]) m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])]) AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles]) dnl maintainer-mode's default is 'disable' unless 'enable' is passed AC_ARG_ENABLE([maintainer-mode], [AS_HELP_STRING([--]am_maintainer_other[-maintainer-mode], am_maintainer_other[ make rules and dependencies not useful (and sometimes confusing) to the casual installer])], [USE_MAINTAINER_MODE=$enableval], [USE_MAINTAINER_MODE=]m4_if(am_maintainer_other, [enable], [no], [yes])) AC_MSG_RESULT([$USE_MAINTAINER_MODE]) AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes]) MAINT=$MAINTAINER_MODE_TRUE AC_SUBST([MAINT])dnl ] ) # Check to see how 'make' treats includes. -*- Autoconf -*- # Copyright (C) 2001-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_MAKE_INCLUDE() # ----------------- # Check to see how make treats includes. AC_DEFUN([AM_MAKE_INCLUDE], [am_make=${MAKE-make} cat > confinc << 'END' am__doit: @echo this is the am__doit target .PHONY: am__doit END # If we don't find an include directive, just comment out the code. AC_MSG_CHECKING([for style of include used by $am_make]) am__include="#" am__quote= _am_result=none # First try GNU make style include. echo "include confinc" > confmf # Ignore all kinds of additional output from 'make'. case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=include am__quote= _am_result=GNU ;; esac # Now try BSD make style include. if test "$am__include" = "#"; then echo '.include "confinc"' > confmf case `$am_make -s -f confmf 2> /dev/null` in #( *the\ am__doit\ target*) am__include=.include am__quote="\"" _am_result=BSD ;; esac fi AC_SUBST([am__include]) AC_SUBST([am__quote]) AC_MSG_RESULT([$_am_result]) rm -f confinc confmf ]) # Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- # Copyright (C) 1997-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_MISSING_PROG(NAME, PROGRAM) # ------------------------------ AC_DEFUN([AM_MISSING_PROG], [AC_REQUIRE([AM_MISSING_HAS_RUN]) $1=${$1-"${am_missing_run}$2"} AC_SUBST($1)]) # AM_MISSING_HAS_RUN # ------------------ # Define MISSING if not defined so far and test if it is modern enough. # If it is, set am_missing_run to use it, otherwise, to nothing. AC_DEFUN([AM_MISSING_HAS_RUN], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl AC_REQUIRE_AUX_FILE([missing])dnl if test x"${MISSING+set}" != xset; then case $am_aux_dir in *\ * | *\ *) MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; *) MISSING="\${SHELL} $am_aux_dir/missing" ;; esac fi # Use eval to expand $SHELL if eval "$MISSING --is-lightweight"; then am_missing_run="$MISSING " else am_missing_run= AC_MSG_WARN(['missing' script is too old or missing]) fi ]) # Helper functions for option handling. -*- Autoconf -*- # Copyright (C) 2001-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_MANGLE_OPTION(NAME) # ----------------------- AC_DEFUN([_AM_MANGLE_OPTION], [[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) # _AM_SET_OPTION(NAME) # -------------------- # Set option NAME. Presently that only means defining a flag for this option. AC_DEFUN([_AM_SET_OPTION], [m4_define(_AM_MANGLE_OPTION([$1]), [1])]) # _AM_SET_OPTIONS(OPTIONS) # ------------------------ # OPTIONS is a space-separated list of Automake options. AC_DEFUN([_AM_SET_OPTIONS], [m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) # _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) # ------------------------------------------- # Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. AC_DEFUN([_AM_IF_OPTION], [m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) # Copyright (C) 1999-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_PROG_CC_C_O # --------------- # Like AC_PROG_CC_C_O, but changed for automake. We rewrite AC_PROG_CC # to automatically call this. AC_DEFUN([_AM_PROG_CC_C_O], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl AC_REQUIRE_AUX_FILE([compile])dnl AC_LANG_PUSH([C])dnl AC_CACHE_CHECK( [whether $CC understands -c and -o together], [am_cv_prog_cc_c_o], [AC_LANG_CONFTEST([AC_LANG_PROGRAM([])]) # Make sure it works both with $CC and with simple cc. # Following AC_PROG_CC_C_O, we do the test twice because some # compilers refuse to overwrite an existing .o file with -o, # though they will create one. am_cv_prog_cc_c_o=yes for am_i in 1 2; do if AM_RUN_LOG([$CC -c conftest.$ac_ext -o conftest2.$ac_objext]) \ && test -f conftest2.$ac_objext; then : OK else am_cv_prog_cc_c_o=no break fi done rm -f core conftest* unset am_i]) if test "$am_cv_prog_cc_c_o" != yes; then # Losing compiler, so override with the script. # FIXME: It is wrong to rewrite CC. # But if we don't then we get into trouble of one sort or another. # A longer-term fix would be to have automake use am__CC in this case, # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" CC="$am_aux_dir/compile $CC" fi AC_LANG_POP([C])]) # For backward compatibility. AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])]) # Copyright (C) 2001-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_RUN_LOG(COMMAND) # ------------------- # Run COMMAND, save the exit status in ac_status, and log it. # (This has been adapted from Autoconf's _AC_RUN_LOG macro.) AC_DEFUN([AM_RUN_LOG], [{ echo "$as_me:$LINENO: $1" >&AS_MESSAGE_LOG_FD ($1) >&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD (exit $ac_status); }]) # Check to make sure that the build environment is sane. -*- Autoconf -*- # Copyright (C) 1996-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_SANITY_CHECK # --------------- AC_DEFUN([AM_SANITY_CHECK], [AC_MSG_CHECKING([whether build environment is sane]) # Reject unsafe characters in $srcdir or the absolute working directory # name. Accept space and tab only in the latter. am_lf=' ' case `pwd` in *[[\\\"\#\$\&\'\`$am_lf]]*) AC_MSG_ERROR([unsafe absolute working directory name]);; esac case $srcdir in *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) AC_MSG_ERROR([unsafe srcdir value: '$srcdir']);; esac # Do 'set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( am_has_slept=no for am_try in 1 2; do echo "timestamp, slept: $am_has_slept" > conftest.file set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` if test "$[*]" = "X"; then # -L didn't work. set X `ls -t "$srcdir/configure" conftest.file` fi if test "$[*]" != "X $srcdir/configure conftest.file" \ && test "$[*]" != "X conftest.file $srcdir/configure"; then # If neither matched, then we have a broken ls. This can happen # if, for instance, CONFIG_SHELL is bash and it inherits a # broken ls alias from the environment. This has actually # happened. Such a system could not be considered "sane". AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken alias in your environment]) fi if test "$[2]" = conftest.file || test $am_try -eq 2; then break fi # Just in case. sleep 1 am_has_slept=yes done test "$[2]" = conftest.file ) then # Ok. : else AC_MSG_ERROR([newly created file is older than distributed files! Check your system clock]) fi AC_MSG_RESULT([yes]) # If we didn't sleep, we still need to ensure time stamps of config.status and # generated files are strictly newer. am_sleep_pid= if grep 'slept: no' conftest.file >/dev/null 2>&1; then ( sleep 1 ) & am_sleep_pid=$! fi AC_CONFIG_COMMANDS_PRE( [AC_MSG_CHECKING([that generated files are newer than configure]) if test -n "$am_sleep_pid"; then # Hide warnings about reused PIDs. wait $am_sleep_pid 2>/dev/null fi AC_MSG_RESULT([done])]) rm -f conftest.file ]) # Copyright (C) 2009-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_SILENT_RULES([DEFAULT]) # -------------------------- # Enable less verbose build rules; with the default set to DEFAULT # ("yes" being less verbose, "no" or empty being verbose). AC_DEFUN([AM_SILENT_RULES], [AC_ARG_ENABLE([silent-rules], [dnl AS_HELP_STRING( [--enable-silent-rules], [less verbose build output (undo: "make V=1")]) AS_HELP_STRING( [--disable-silent-rules], [verbose build output (undo: "make V=0")])dnl ]) case $enable_silent_rules in @%:@ ((( yes) AM_DEFAULT_VERBOSITY=0;; no) AM_DEFAULT_VERBOSITY=1;; *) AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);; esac dnl dnl A few 'make' implementations (e.g., NonStop OS and NextStep) dnl do not support nested variable expansions. dnl See automake bug#9928 and bug#10237. am_make=${MAKE-make} AC_CACHE_CHECK([whether $am_make supports nested variables], [am_cv_make_support_nested_variables], [if AS_ECHO([['TRUE=$(BAR$(V)) BAR0=false BAR1=true V=1 am__doit: @$(TRUE) .PHONY: am__doit']]) | $am_make -f - >/dev/null 2>&1; then am_cv_make_support_nested_variables=yes else am_cv_make_support_nested_variables=no fi]) if test $am_cv_make_support_nested_variables = yes; then dnl Using '$V' instead of '$(V)' breaks IRIX make. AM_V='$(V)' AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' else AM_V=$AM_DEFAULT_VERBOSITY AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY fi AC_SUBST([AM_V])dnl AM_SUBST_NOTMAKE([AM_V])dnl AC_SUBST([AM_DEFAULT_V])dnl AM_SUBST_NOTMAKE([AM_DEFAULT_V])dnl AC_SUBST([AM_DEFAULT_VERBOSITY])dnl AM_BACKSLASH='\' AC_SUBST([AM_BACKSLASH])dnl _AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl ]) # Copyright (C) 2001-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_PROG_INSTALL_STRIP # --------------------- # One issue with vendor 'install' (even GNU) is that you can't # specify the program used to strip binaries. This is especially # annoying in cross-compiling environments, where the build's strip # is unlikely to handle the host's binaries. # Fortunately install-sh will honor a STRIPPROG variable, so we # always use install-sh in "make install-strip", and initialize # STRIPPROG with the value of the STRIP variable (set by the user). AC_DEFUN([AM_PROG_INSTALL_STRIP], [AC_REQUIRE([AM_PROG_INSTALL_SH])dnl # Installed binaries are usually stripped using 'strip' when the user # run "make install-strip". However 'strip' might not be the right # tool to use in cross-compilation environments, therefore Automake # will honor the 'STRIP' environment variable to overrule this program. dnl Don't test for $cross_compiling = yes, because it might be 'maybe'. if test "$cross_compiling" != no; then AC_CHECK_TOOL([STRIP], [strip], :) fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" AC_SUBST([INSTALL_STRIP_PROGRAM])]) # Copyright (C) 2006-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_SUBST_NOTMAKE(VARIABLE) # --------------------------- # Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. # This macro is traced by Automake. AC_DEFUN([_AM_SUBST_NOTMAKE]) # AM_SUBST_NOTMAKE(VARIABLE) # -------------------------- # Public sister of _AM_SUBST_NOTMAKE. AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) # Check how to create a tarball. -*- Autoconf -*- # Copyright (C) 2004-2014 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_PROG_TAR(FORMAT) # -------------------- # Check how to create a tarball in format FORMAT. # FORMAT should be one of 'v7', 'ustar', or 'pax'. # # Substitute a variable $(am__tar) that is a command # writing to stdout a FORMAT-tarball containing the directory # $tardir. # tardir=directory && $(am__tar) > result.tar # # Substitute a variable $(am__untar) that extract such # a tarball read from stdin. # $(am__untar) < result.tar # AC_DEFUN([_AM_PROG_TAR], [# Always define AMTAR for backward compatibility. Yes, it's still used # in the wild :-( We should find a proper way to deprecate it ... AC_SUBST([AMTAR], ['$${TAR-tar}']) # We'll loop over all known methods to create a tar archive until one works. _am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' m4_if([$1], [v7], [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'], [m4_case([$1], [ustar], [# The POSIX 1988 'ustar' format is defined with fixed-size fields. # There is notably a 21 bits limit for the UID and the GID. In fact, # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343 # and bug#13588). am_max_uid=2097151 # 2^21 - 1 am_max_gid=$am_max_uid # The $UID and $GID variables are not portable, so we need to resort # to the POSIX-mandated id(1) utility. Errors in the 'id' calls # below are definitely unexpected, so allow the users to see them # (that is, avoid stderr redirection). am_uid=`id -u || echo unknown` am_gid=`id -g || echo unknown` AC_MSG_CHECKING([whether UID '$am_uid' is supported by ustar format]) if test $am_uid -le $am_max_uid; then AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) _am_tools=none fi AC_MSG_CHECKING([whether GID '$am_gid' is supported by ustar format]) if test $am_gid -le $am_max_gid; then AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) _am_tools=none fi], [pax], [], [m4_fatal([Unknown tar format])]) AC_MSG_CHECKING([how to create a $1 tar archive]) # Go ahead even if we have the value already cached. We do so because we # need to set the values for the 'am__tar' and 'am__untar' variables. _am_tools=${am_cv_prog_tar_$1-$_am_tools} for _am_tool in $_am_tools; do case $_am_tool in gnutar) for _am_tar in tar gnutar gtar; do AM_RUN_LOG([$_am_tar --version]) && break done am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' am__untar="$_am_tar -xf -" ;; plaintar) # Must skip GNU tar: if it does not support --format= it doesn't create # ustar tarball either. (tar --version) >/dev/null 2>&1 && continue am__tar='tar chf - "$$tardir"' am__tar_='tar chf - "$tardir"' am__untar='tar xf -' ;; pax) am__tar='pax -L -x $1 -w "$$tardir"' am__tar_='pax -L -x $1 -w "$tardir"' am__untar='pax -r' ;; cpio) am__tar='find "$$tardir" -print | cpio -o -H $1 -L' am__tar_='find "$tardir" -print | cpio -o -H $1 -L' am__untar='cpio -i -H $1 -d' ;; none) am__tar=false am__tar_=false am__untar=false ;; esac # If the value was cached, stop now. We just wanted to have am__tar # and am__untar set. test -n "${am_cv_prog_tar_$1}" && break # tar/untar a dummy directory, and stop if the command works. rm -rf conftest.dir mkdir conftest.dir echo GrepMe > conftest.dir/file AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) rm -rf conftest.dir if test -s conftest.tar; then AM_RUN_LOG([$am__untar /dev/null 2>&1 && break fi done rm -rf conftest.dir AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) AC_MSG_RESULT([$am_cv_prog_tar_$1])]) AC_SUBST([am__tar]) AC_SUBST([am__untar]) ]) # _AM_PROG_TAR hitch-1.4.4/ylwrap0000755000175000017500000001531213006223057011004 00000000000000#! /bin/sh # ylwrap - wrapper for lex/yacc invocations. scriptversion=2013-01-12.17; # UTC # Copyright (C) 1996-2014 Free Software Foundation, Inc. # # Written by Tom Tromey . # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # This file is maintained in Automake, please report # bugs to or send patches to # . get_dirname () { case $1 in */*|*\\*) printf '%s\n' "$1" | sed -e 's|\([\\/]\)[^\\/]*$|\1|';; # Otherwise, we want the empty string (not "."). esac } # guard FILE # ---------- # The CPP macro used to guard inclusion of FILE. guard () { printf '%s\n' "$1" \ | sed \ -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/' \ -e 's/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ]/_/g' \ -e 's/__*/_/g' } # quote_for_sed [STRING] # ---------------------- # Return STRING (or stdin) quoted to be used as a sed pattern. quote_for_sed () { case $# in 0) cat;; 1) printf '%s\n' "$1";; esac \ | sed -e 's|[][\\.*]|\\&|g' } case "$1" in '') echo "$0: No files given. Try '$0 --help' for more information." 1>&2 exit 1 ;; --basedir) basedir=$2 shift 2 ;; -h|--h*) cat <<\EOF Usage: ylwrap [--help|--version] INPUT [OUTPUT DESIRED]... -- PROGRAM [ARGS]... Wrapper for lex/yacc invocations, renaming files as desired. INPUT is the input file OUTPUT is one file PROG generates DESIRED is the file we actually want instead of OUTPUT PROGRAM is program to run ARGS are passed to PROG Any number of OUTPUT,DESIRED pairs may be used. Report bugs to . EOF exit $? ;; -v|--v*) echo "ylwrap $scriptversion" exit $? ;; esac # The input. input=$1 shift # We'll later need for a correct munging of "#line" directives. input_sub_rx=`get_dirname "$input" | quote_for_sed` case $input in [\\/]* | ?:[\\/]*) # Absolute path; do nothing. ;; *) # Relative path. Make it absolute. input=`pwd`/$input ;; esac input_rx=`get_dirname "$input" | quote_for_sed` # Since DOS filename conventions don't allow two dots, # the DOS version of Bison writes out y_tab.c instead of y.tab.c # and y_tab.h instead of y.tab.h. Test to see if this is the case. y_tab_nodot=false if test -f y_tab.c || test -f y_tab.h; then y_tab_nodot=true fi # The parser itself, the first file, is the destination of the .y.c # rule in the Makefile. parser=$1 # A sed program to s/FROM/TO/g for all the FROM/TO so that, for # instance, we rename #include "y.tab.h" into #include "parse.h" # during the conversion from y.tab.c to parse.c. sed_fix_filenames= # Also rename header guards, as Bison 2.7 for instance uses its header # guard in its implementation file. sed_fix_header_guards= while test $# -ne 0; do if test x"$1" = x"--"; then shift break fi from=$1 # Handle y_tab.c and y_tab.h output by DOS if $y_tab_nodot; then case $from in "y.tab.c") from=y_tab.c;; "y.tab.h") from=y_tab.h;; esac fi shift to=$1 shift sed_fix_filenames="${sed_fix_filenames}s|"`quote_for_sed "$from"`"|$to|g;" sed_fix_header_guards="${sed_fix_header_guards}s|"`guard "$from"`"|"`guard "$to"`"|g;" done # The program to run. prog=$1 shift # Make any relative path in $prog absolute. case $prog in [\\/]* | ?:[\\/]*) ;; *[\\/]*) prog=`pwd`/$prog ;; esac dirname=ylwrap$$ do_exit="cd '`pwd`' && rm -rf $dirname > /dev/null 2>&1;"' (exit $ret); exit $ret' trap "ret=129; $do_exit" 1 trap "ret=130; $do_exit" 2 trap "ret=141; $do_exit" 13 trap "ret=143; $do_exit" 15 mkdir $dirname || exit 1 cd $dirname case $# in 0) "$prog" "$input" ;; *) "$prog" "$@" "$input" ;; esac ret=$? if test $ret -eq 0; then for from in * do to=`printf '%s\n' "$from" | sed "$sed_fix_filenames"` if test -f "$from"; then # If $2 is an absolute path name, then just use that, # otherwise prepend '../'. case $to in [\\/]* | ?:[\\/]*) target=$to;; *) target=../$to;; esac # Do not overwrite unchanged header files to avoid useless # recompilations. Always update the parser itself: it is the # destination of the .y.c rule in the Makefile. Divert the # output of all other files to a temporary file so we can # compare them to existing versions. if test $from != $parser; then realtarget=$target target=tmp-`printf '%s\n' "$target" | sed 's|.*[\\/]||g'` fi # Munge "#line" or "#" directives. Don't let the resulting # debug information point at an absolute srcdir. Use the real # output file name, not yy.lex.c for instance. Adjust the # include guards too. sed -e "/^#/!b" \ -e "s|$input_rx|$input_sub_rx|" \ -e "$sed_fix_filenames" \ -e "$sed_fix_header_guards" \ "$from" >"$target" || ret=$? # Check whether files must be updated. if test "$from" != "$parser"; then if test -f "$realtarget" && cmp -s "$realtarget" "$target"; then echo "$to is unchanged" rm -f "$target" else echo "updating $to" mv -f "$target" "$realtarget" fi fi else # A missing file is only an error for the parser. This is a # blatant hack to let us support using "yacc -d". If -d is not # specified, don't fail when the header file is "missing". if test "$from" = "$parser"; then ret=1 fi fi done fi # Remove the directory. cd .. rm -rf $dirname exit $ret # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: hitch-1.4.4/docs/0000755000175000017500000000000013011340200010530 500000000000000hitch-1.4.4/docs/installation.md0000644000175000017500000000162112745650574013532 00000000000000# Installing hitch `hitch` requires: libev >= 4 openssl (recent, >=1.0.0 recommended) hitch currently works on Linux, OpenBSD, FreeBSD, and MacOSX. It has been tested the most heavily on Linux/x86_64. ## Installing from source Install prerequisites on Debian based systems: $ sudo apt-get install libev-dev libssl-dev automake python-docutils flex bison pkg-config To install `hitch`: $ ./bootstrap # if running from git $ ./configure $ make $ sudo make install This will install Hitch to /usr/local/, unless you override the destination with ./configure --prefix=/foo (as usual) ## Installing from packages ``FreeBSD`` From packages: $ pkg install hitch From ports: $ cd /usr/ports/security/hitch && make install clean ## Init scripts Initialization scripts to start hitch automatically can be found in the [wiki](https://github.com/varnish/hitch/wiki). hitch-1.4.4/docs/proxy-protocol.md0000644000175000017500000000243312723521754014044 00000000000000# PROXY protocol PROXY protocol allows hitch to send a short header/message just before the main connection data on the backend connection. The short header describes which IP address and port was used to connect to the proxy (Hitch), and which IP address and port was connected to. The last one is useful if Hitch is listening to more than one IP or port. PROXY exists in two different versions; PROXY1 which is a simple text header, and PROXY2 which is a binary representation (default). Hitch supports both through the global `--write-proxy-v1` and `--write-proxy-v2` configuration keys. Backend servers that support PROXY will read this first and most likely use it instead of the Hitch IP/port for when writing access logs. If Hitch is running on the same machine, the logs would otherwise use "127.0.0.1" which isn't very useful. The upside of using PROXY is that we don't need to know the protocol we're proxying. For HTTP the alternative is to add to X-Forwarded-For, which means we need to understand what HTTP headers are, how they are formatted, how to move the remaining bytes around when adding our content, and so on. By using PROXY we don't have to program that logic into Hitch, and we don't take the performance penalty of doing string search and replace in the bytes we proxy. hitch-1.4.4/docs/configuration.md.pdf0000644000175000017500000005201412771212623014436 00000000000000%PDF-1.4 %“Œ‹ž ReportLab Generated PDF document http://www.reportlab.com 1 0 obj << /F1 2 0 R /F2 4 0 R /F3 5 0 R /F4 7 0 R >> endobj 2 0 obj << /BaseFont /Helvetica /Encoding /WinAnsiEncoding /Name /F1 /Subtype /Type1 /Type /Font >> endobj 3 0 obj << /A << /S /URI /Type /Action /URI (https://mozilla.github.io/server-side-tls/ssl-config-generator/) >> /Border [ 0 0 0 ] /Rect [ 62.69291 429.0236 326.0729 441.0236 ] /Subtype /Link /Type /Annot >> endobj 4 0 obj << /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding /Name /F2 /Subtype /Type1 /Type /Font >> endobj 5 0 obj << /BaseFont /Courier /Encoding /WinAnsiEncoding /Name /F3 /Subtype /Type1 /Type /Font >> endobj 6 0 obj << /Annots [ 3 0 R ] /Contents 14 0 R /MediaBox [ 0 0 595.2756 841.8898 ] /Parent 13 0 R /Resources << /Font 1 0 R /ProcSet [ /PDF /Text /ImageB /ImageC /ImageI ] >> /Rotate 0 /Trans << >> /Type /Page >> endobj 7 0 obj << /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding /Name /F4 /Subtype /Type1 /Type /Font >> endobj 8 0 obj << /A << /S /URI /Type /Action /URI (https://ocsp.example.com) >> /Border [ 0 0 0 ] /Rect [ 123.13 420.0236 239.7271 432.0236 ] /Subtype /Link /Type /Annot >> endobj 9 0 obj << /Annots [ 8 0 R ] /Contents 15 0 R /MediaBox [ 0 0 595.2756 841.8898 ] /Parent 13 0 R /Resources << /Font 1 0 R /ProcSet [ /PDF /Text /ImageB /ImageC /ImageI ] >> /Rotate 0 /Trans << >> /Type /Page >> endobj 10 0 obj << /Contents 16 0 R /MediaBox [ 0 0 595.2756 841.8898 ] /Parent 13 0 R /Resources << /Font 1 0 R /ProcSet [ /PDF /Text /ImageB /ImageC /ImageI ] >> /Rotate 0 /Trans << >> /Type /Page >> endobj 11 0 obj << /Outlines 17 0 R /PageLabels 18 0 R /PageMode /UseNone /Pages 13 0 R /Type /Catalog >> endobj 12 0 obj << /Author () /CreationDate (D:20160923134419-01'00') /Creator (\(unspecified\)) /Keywords () /ModDate (D:20160923134419-01'00') /Producer (ReportLab PDF Library - www.reportlab.com) /Subject (\(unspecified\)) /Title () /Trapped /False >> endobj 13 0 obj << /Count 3 /Kids [ 6 0 R 9 0 R 10 0 R ] /Type /Pages >> endobj 14 0 obj << /Length 8341 >> stream 1 0 0 1 0 0 cm BT /F1 12 Tf 14.4 TL ET q 1 0 0 1 62.69291 753.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (# Configuring Hitch) Tj T* ET Q Q q 1 0 0 1 62.69291 735.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Hitch can be configured either from command line arguments or from a configuration file on disk.) Tj T* ET Q Q q 1 0 0 1 62.69291 705.0236 cm q 0 0 0 rg BT 1 0 0 1 0 14 Tm /F1 10 Tf 12 TL 3.439983 Tw (You can extract the usage description by invoking Hitch with the "--help" argument. An example) Tj T* 0 Tw (configuration file is included in the distribution.) Tj T* ET Q Q q 1 0 0 1 62.69291 687.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (In general Hitch is a protocol agnostic proxy and does not need much configuration.) Tj T* ET Q Q q 1 0 0 1 62.69291 669.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (List of configuration items to consider:) Tj T* ET Q Q q 1 0 0 1 62.69291 663.0236 cm Q q 1 0 0 1 62.69291 591.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 66 cm Q q 1 0 0 1 20 66 cm Q q 1 0 0 1 20 54 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET q 1 0 0 1 6 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL 10.5 0 Td (\177) Tj T* -10.5 0 Td ET Q Q q 1 0 0 1 23 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (PEM files with key and certificate.) Tj T* ET Q Q q Q Q q 1 0 0 1 20 48 cm Q q 1 0 0 1 20 36 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET q 1 0 0 1 6 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL 10.5 0 Td (\177) Tj T* -10.5 0 Td ET Q Q q 1 0 0 1 23 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Listening addresses and ports. Note the semi-odd square brackets for IPv4 addresses.) Tj T* ET Q Q q Q Q q 1 0 0 1 20 30 cm Q q 1 0 0 1 20 18 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET q 1 0 0 1 6 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL 10.5 0 Td (\177) Tj T* -10.5 0 Td ET Q Q q 1 0 0 1 23 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Which backend servers to proxy towards, and if PROXY protocol should be used.) Tj T* ET Q Q q Q Q q 1 0 0 1 20 12 cm Q q 1 0 0 1 20 0 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET q 1 0 0 1 6 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL 10.5 0 Td (\177) Tj T* -10.5 0 Td ET Q Q q 1 0 0 1 23 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Number of workers, usually 1. For larger setups, use one worker per core.) Tj T* ET Q Q q Q Q q 1 0 0 1 20 0 cm Q q Q Q q 1 0 0 1 62.69291 591.0236 cm Q q 1 0 0 1 62.69291 573.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (If you need to support legacy clients, you can consider:) Tj T* ET Q Q q 1 0 0 1 62.69291 567.0236 cm Q q 1 0 0 1 62.69291 531.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 30 cm Q q 1 0 0 1 20 30 cm Q q 1 0 0 1 20 18 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET q 1 0 0 1 6 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL 10.5 0 Td (\177) Tj T* -10.5 0 Td ET Q Q q 1 0 0 1 23 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Enable SSLv3 with "--ssl" \(despite RFC7568.\)) Tj T* ET Q Q q Q Q q 1 0 0 1 20 12 cm Q q 1 0 0 1 20 0 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET q 1 0 0 1 6 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL 10.5 0 Td (\177) Tj T* -10.5 0 Td ET Q Q q 1 0 0 1 23 -3 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Use weaker ciphers.) Tj T* ET Q Q q Q Q q 1 0 0 1 20 0 cm Q q Q Q q 1 0 0 1 62.69291 531.0236 cm Q q 1 0 0 1 62.69291 513.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (## Specifying ciphers) Tj T* ET Q Q q 1 0 0 1 62.69291 495.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (The recommended default is:) Tj T* ET Q Q q 1 0 0 1 62.69291 489.0236 cm Q q 1 0 0 1 62.69291 477.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 0 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL ("EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH") Tj T* ET Q Q q Q Q q 1 0 0 1 62.69291 477.0236 cm Q q 1 0 0 1 62.69291 459.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (If you need to support legacy clients, consider the "HIGH" cipher group.) Tj T* ET Q Q q 1 0 0 1 62.69291 417.0236 cm q BT 1 0 0 1 0 26 Tm 4.527045 Tw 12 TL /F1 10 Tf 0 0 0 rg (Hitch cipher list string format is identical to that of other servers, so you can use tools like) Tj T* 0 Tw 2.189974 Tw 0 0 .501961 rg (https://mozilla.github.io/server-side-tls/ssl-config-generator/ ) Tj 0 0 0 rg (to generate a set of ciphers that suits your) Tj T* 0 Tw (needs.) Tj T* ET Q Q q 1 0 0 1 62.69291 399.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Normally you do not have to change this.) Tj T* ET Q Q q 1 0 0 1 62.69291 381.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (## Run environment) Tj T* ET Q Q q 1 0 0 1 62.69291 351.0236 cm q BT 1 0 0 1 0 14 Tm 1.44311 Tw 12 TL /F1 10 Tf 0 0 0 rg (If you're handling a large number of connections, you'll probably want to raise ) Tj /F2 10 Tf 0 0 0 rg (ulimit -n ) Tj /F1 10 Tf 0 0 0 rg (before running) Tj T* 0 Tw (Hitch.) Tj T* ET Q Q q 1 0 0 1 62.69291 321.0236 cm q BT 1 0 0 1 0 14 Tm 1.260988 Tw 12 TL /F1 10 Tf 0 0 0 rg (If you are listening to ports under 1024 \(443 comes to mind\), you need to start Hitch as root. In those) Tj T* 0 Tw (cases you ) Tj /F2 10 Tf (must ) Tj /F1 10 Tf (use --user/-u to set a non-privileged user ) Tj /F2 10 Tf 0 0 0 rg (hitch ) Tj /F1 10 Tf 0 0 0 rg (can setuid\(\) to.) Tj T* ET Q Q q 1 0 0 1 62.69291 303.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (## Preparing PEM files) Tj T* ET Q Q q 1 0 0 1 62.69291 285.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (PEM files should contain the key file, the certificate from the CA and any intermediate CAs needed.) Tj T* ET Q Q q 1 0 0 1 62.69291 279.0236 cm Q q 1 0 0 1 62.69291 267.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 0 cm q BT 1 0 0 1 0 2 Tm 12 TL /F1 10 Tf 0 0 0 rg ($ cat example.com.key example.com.crt intermediate.pem > example.com.pem) Tj T* ET Q Q q Q Q q 1 0 0 1 62.69291 267.0236 cm Q q 1 0 0 1 62.69291 237.0236 cm q 0 0 0 rg BT 1 0 0 1 0 14 Tm /F1 10 Tf 12 TL .01528 Tw (If you want to use Diffie-Hellman based ciphers for Perfect Forward Secrecy \(PFS\), you need to add some) Tj T* 0 Tw (parameters for that as well:) Tj T* ET Q Q q 1 0 0 1 62.69291 231.0236 cm Q q 1 0 0 1 62.69291 219.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 0 cm q BT 1 0 0 1 0 2 Tm 12 TL /F1 10 Tf 0 0 0 rg ($ openssl dhparam -rand - 2048 >) Tj (> example.com.pem) Tj T* ET Q Q q Q Q q 1 0 0 1 62.69291 219.0236 cm Q q 1 0 0 1 62.69291 201.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Hitch will complain and disable DH unless these parameters are available.) Tj T* ET Q Q q 1 0 0 1 62.69291 183.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (## Automatic OCSP staple retrieval) Tj T* ET Q Q q 1 0 0 1 62.69291 165.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Hitch has support for automated retrieval of OCSP responses from an OCSP responder.) Tj T* ET Q Q q 1 0 0 1 62.69291 147.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (To set this up, specify the following setting in your configuration file:) Tj T* ET Q Q q 1 0 0 1 62.69291 141.0236 cm Q q 1 0 0 1 62.69291 129.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 0 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (ocsp-dir = "/var/lib/hitch-ocsp") Tj T* ET Q Q q Q Q q 1 0 0 1 62.69291 129.0236 cm Q q 1 0 0 1 62.69291 111.0236 cm q BT 1 0 0 1 0 2 Tm 12 TL /F1 10 Tf 0 0 0 rg (This can also be configured via the command line option ) Tj /F3 10 Tf 0 0 0 rg (--ocsp-dir=mydir) Tj /F1 10 Tf 0 0 0 rg (.) Tj T* ET Q Q q 1 0 0 1 62.69291 81.02362 cm q 0 0 0 rg BT 1 0 0 1 0 14 Tm /F1 10 Tf 12 TL 3.015984 Tw (If the loaded certificate contains an OCSP responder address and it also has the required issuer) Tj T* 0 Tw (certificate as part of its chain, Hitch will automatically retrieve and refresh OCSP staples.) Tj T* ET Q Q endstream endobj 15 0 obj << /Length 7281 >> stream 1 0 0 1 0 0 cm BT /F1 12 Tf 14.4 TL ET q 1 0 0 1 62.69291 741.0236 cm q BT 1 0 0 1 0 14 Tm .327485 Tw 12 TL /F1 10 Tf 0 0 0 rg (The ) Tj /F2 10 Tf 0 0 0 rg (ocsp-dir ) Tj /F1 10 Tf 0 0 0 rg (directory must be read/write accessible by the configured hitch user, and should not be read) Tj T* 0 Tw (or write accessible by any other user.) Tj T* ET Q Q q 1 0 0 1 62.69291 711.0236 cm q 0 0 0 rg BT 1 0 0 1 0 14 Tm /F1 10 Tf 12 TL 1.091163 Tw (The staples are fetched asynchronously, and will be loaded and ready for stapling as soon as they are) Tj T* 0 Tw (available.) Tj T* ET Q Q q 1 0 0 1 62.69291 681.0236 cm q BT 1 0 0 1 0 14 Tm .153976 Tw 12 TL /F1 10 Tf 0 0 0 rg (The variables ) Tj /F3 10 Tf 0 0 0 rg (ocsp-connect-tmo ) Tj /F1 10 Tf 0 0 0 rg (and ) Tj /F3 10 Tf 0 0 0 rg (ocsp-resp-tmo ) Tj /F1 10 Tf 0 0 0 rg (controls respectively the connect timeout and) Tj T* 0 Tw (fetch transmission timeout when Hitch is talking to an OCSP responder.) Tj T* ET Q Q q 1 0 0 1 62.69291 663.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (## Verification of OCSP staples) Tj T* ET Q Q q 1 0 0 1 62.69291 645.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Hitch will optionally verify the OCSP staple, this can be done by specifying) Tj T* ET Q Q q 1 0 0 1 62.69291 639.0236 cm Q q 1 0 0 1 62.69291 627.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 0 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (ocsp-verify-staple = on) Tj T* ET Q Q q Q Q q 1 0 0 1 62.69291 627.0236 cm Q q 1 0 0 1 62.69291 609.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (in the configuration file.) Tj T* ET Q Q q 1 0 0 1 62.69291 543.0236 cm q BT 1 0 0 1 0 50 Tm 3.41811 Tw 12 TL /F1 10 Tf 0 0 0 rg (If you are running with a custom CA, the verification certificates can be changed by setting the) Tj T* 0 Tw .37816 Tw /F2 10 Tf 0 0 0 rg (SSL_CERT_FILE ) Tj /F1 10 Tf 0 0 0 rg (or ) Tj /F2 10 Tf 0 0 0 rg (SSL_CERT_DIR ) Tj /F1 10 Tf 0 0 0 rg (environment variables. ) Tj /F2 10 Tf 0 0 0 rg (SSL_CERT_FILE ) Tj /F1 10 Tf 0 0 0 rg (can point to a single pem) Tj T* 0 Tw 2.797126 Tw (file containing a chain of certificates, while the ) Tj /F2 10 Tf 0 0 0 rg (SSL_CERT_DIR ) Tj /F1 10 Tf 0 0 0 rg (can be a comma-separated list of) Tj T* 0 Tw .995868 Tw (directories containing pem file with symlinks by their hash key \(see the man page of c_rehash from the) Tj T* 0 Tw (OpenSSL library for more information\).) Tj T* ET Q Q q 1 0 0 1 62.69291 525.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (## OCSP stapling from manually pre-loaded files) Tj T* ET Q Q q 1 0 0 1 62.69291 483.0236 cm q 0 0 0 rg BT 1 0 0 1 0 26 Tm /F1 10 Tf 12 TL .701751 Tw (Hitch also has support for stapling of OCSP responses loaded from files on disk. If configured, Hitch will) Tj T* 0 Tw 1.614692 Tw (include a stapled OCSP response as part of the handshake when it receives a status request from a) Tj T* 0 Tw (client.) Tj T* ET Q Q q 1 0 0 1 62.69291 453.0236 cm q BT 1 0 0 1 0 14 Tm 2.609318 Tw 12 TL /F1 10 Tf 0 0 0 rg (Retrieving an OCSP response suitable for use with Hitch can be done using the following ) Tj /F2 10 Tf 0 0 0 rg (openssl) Tj T* 0 Tw /F1 10 Tf 0 0 0 rg (command:) Tj T* ET Q Q q 1 0 0 1 62.69291 447.0236 cm Q q 1 0 0 1 62.69291 408.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 27 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F4 10 Tf 12 TL ($ openssl ocsp) Tj T* ET Q Q q 1 0 0 1 20 0 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 14 Tm T* ET q 1 0 0 1 20 0 cm q BT 1 0 0 1 0 14 Tm 3.217109 Tw 12 TL /F1 10 Tf 0 0 0 rg (-url ) Tj 0 0 .501961 rg (https://ocsp.example.com ) Tj 0 0 0 rg (-header Host ocsp.example.com -no_nonce -resp_text -issuer) Tj T* 0 Tw (issuer.pem -cert mycert.pem -respout ocspresp.der) Tj T* ET Q Q q Q Q q Q Q q 1 0 0 1 62.69291 408.0236 cm Q q 1 0 0 1 62.69291 390.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (This will produce a DER-encoded OCSP response which can then be loaded by Hitch.) Tj T* ET Q Q q 1 0 0 1 62.69291 372.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (The URL of the OCSP responder can be retrieved via) Tj T* ET Q Q q 1 0 0 1 62.69291 366.0236 cm Q q 1 0 0 1 62.69291 354.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 0 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL ($ openssl x509 -ocsp_uri -in mycert.pem -noout) Tj T* ET Q Q q Q Q q 1 0 0 1 62.69291 354.0236 cm Q q 1 0 0 1 62.69291 324.0236 cm q BT 1 0 0 1 0 14 Tm .17881 Tw 12 TL /F1 10 Tf 0 0 0 rg (the ) Tj /F2 10 Tf 0 0 0 rg (-issuer ) Tj /F1 10 Tf 0 0 0 rg (argument needs to point to the OCSP issuer certificate. Typically this is the same certificate as) Tj T* 0 Tw (the intermediate that signed the server certificate.) Tj T* ET Q Q q 1 0 0 1 62.69291 294.0236 cm q BT 1 0 0 1 0 14 Tm 1.423318 Tw 12 TL /F1 10 Tf 0 0 0 rg (To configure Hitch to use the OCSP staple, use the following incantation when specifying the ) Tj /F2 10 Tf 0 0 0 rg (pem-file) Tj T* 0 Tw /F1 10 Tf 0 0 0 rg (setting in your Hitch configuration file:) Tj T* ET Q Q q 1 0 0 1 62.69291 288.0236 cm Q q 1 0 0 1 62.69291 243.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 33 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F4 10 Tf 12 TL (pem-file = {) Tj T* ET Q Q q 1 0 0 1 20 18 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 0 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (cert = "mycert.pem" ocsp-resp-file = "mycert-ocsp.der") Tj T* ET Q Q q Q Q q 1 0 0 1 20 0 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (}) Tj T* ET Q Q q Q Q q 1 0 0 1 62.69291 243.0236 cm Q q 1 0 0 1 62.69291 225.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (## ALPN/NPN support) Tj T* ET Q Q q 1 0 0 1 62.69291 195.0236 cm q 0 0 0 rg BT 1 0 0 1 0 14 Tm /F1 10 Tf 12 TL .11811 Tw (Hitch supports both the ALPN and the NPN TLS extension. This allows negotiation of the application layer) Tj T* 0 Tw (protocol that is to be used.) Tj T* ET Q Q q 1 0 0 1 62.69291 177.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (This is useful if Hitch terminates TLS for HTTP/2 traffic.) Tj T* ET Q Q q 1 0 0 1 62.69291 159.0236 cm q BT 1 0 0 1 0 2 Tm 12 TL /F1 10 Tf 0 0 0 rg (To turn this on, you must supply an ) Tj /F2 10 Tf 0 0 0 rg (alpn-protos ) Tj /F1 10 Tf 0 0 0 rg (setting in the configuration file:) Tj T* ET Q Q q 1 0 0 1 62.69291 153.0236 cm Q q 1 0 0 1 62.69291 141.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 0 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (alpn-protos = "h2,http/1.1") Tj T* ET Q Q q Q Q q 1 0 0 1 62.69291 141.0236 cm Q q 1 0 0 1 62.69291 111.0236 cm q BT 1 0 0 1 0 14 Tm .369987 Tw 12 TL /F1 10 Tf 0 0 0 rg (If the PROXY protocol is enabled \() Tj /F2 10 Tf 0 0 0 rg (write-proxy = on) Tj /F1 10 Tf 0 0 0 rg (\), Hitch will transmit the selected protocol as part of its) Tj T* 0 Tw (PROXY header.) Tj T* ET Q Q q 1 0 0 1 62.69291 93.02362 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (## SSL/TLS protocol setting) Tj T* ET Q Q endstream endobj 16 0 obj << /Length 2697 >> stream 1 0 0 1 0 0 cm BT /F1 12 Tf 14.4 TL ET q 1 0 0 1 62.69291 729.0236 cm q BT 1 0 0 1 0 26 Tm .536303 Tw 12 TL /F1 10 Tf 0 0 0 rg (Hitch supports TLS \(1.0, 1.1 and 1.2\) and SSL 3. By default, only TLS versions 1.1 and 1.2 are enabled,) Tj T* 0 Tw .074987 Tw (while TLS 1.0 and SSLv3 are disabled. The recommended way to to select protocols is to use ) Tj /F2 10 Tf 0 0 0 rg (tls-protos ) Tj /F1 10 Tf 0 0 0 rg (in) Tj T* 0 Tw (the configuration file:) Tj T* ET Q Q q 1 0 0 1 62.69291 723.0236 cm Q q 1 0 0 1 62.69291 711.0236 cm 0 0 0 rg BT /F1 10 Tf 12 TL ET BT 1 0 0 1 0 2 Tm T* ET q 1 0 0 1 20 0 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (tls-protos = TLSv1.1 TLSv1.2) Tj T* ET Q Q q Q Q q 1 0 0 1 62.69291 711.0236 cm Q q 1 0 0 1 62.69291 693.0236 cm q BT 1 0 0 1 0 2 Tm 12 TL /F1 10 Tf 0 0 0 rg (The following tokens are available for the ) Tj /F2 10 Tf 0 0 0 rg (tls-protos ) Tj /F1 10 Tf 0 0 0 rg (option: ) Tj /F2 10 Tf 0 0 0 rg (SSLv3) Tj /F1 10 Tf 0 0 0 rg (, ) Tj /F2 10 Tf 0 0 0 rg (TLSv1.0) Tj /F1 10 Tf 0 0 0 rg (, ) Tj /F2 10 Tf 0 0 0 rg (TLSv1.1 ) Tj /F1 10 Tf 0 0 0 rg (and ) Tj /F2 10 Tf 0 0 0 rg (TLSv1.2) Tj /F1 10 Tf 0 0 0 rg (.) Tj T* ET Q Q q 1 0 0 1 62.69291 675.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (## Uninterrupted configuration reload) Tj T* ET Q Q q 1 0 0 1 62.69291 657.0236 cm q 0 0 0 rg BT 1 0 0 1 0 2 Tm /F1 10 Tf 12 TL (Issuing a SIGHUP signal to the main Hitch process will initiate a reload of Hitch's configuration file.) Tj T* ET Q Q q 1 0 0 1 62.69291 627.0236 cm q BT 1 0 0 1 0 14 Tm 2.533314 Tw 12 TL /F1 10 Tf 0 0 0 rg (Adding, updating and removing PEM files \() Tj /F3 10 Tf 0 0 0 rg (pem-file) Tj /F1 10 Tf 0 0 0 rg (\) and frontend listen endpoints \() Tj /F3 10 Tf 0 0 0 rg (frontend) Tj /F1 10 Tf 0 0 0 rg (\) is) Tj T* 0 Tw (currently supported.) Tj T* ET Q Q q 1 0 0 1 62.69291 597.0236 cm q 0 0 0 rg BT 1 0 0 1 0 14 Tm /F1 10 Tf 12 TL .305777 Tw (Hitch will load the new configuration in its main process, and spawn a new set of child processes with the) Tj T* 0 Tw (new configuration in place if successful.) Tj T* ET Q Q q 1 0 0 1 62.69291 567.0236 cm q 0 0 0 rg BT 1 0 0 1 0 14 Tm /F1 10 Tf 12 TL .074987 Tw (The previous set of child processes will finish their handling of any live connections, and exit after they are) Tj T* 0 Tw (done.) Tj T* ET Q Q q 1 0 0 1 62.69291 537.0236 cm q 0 0 0 rg BT 1 0 0 1 0 14 Tm /F1 10 Tf 12 TL 1.028221 Tw (If the new configuration fails to load, an error message will be written to syslog. Operation will continue) Tj T* 0 Tw (without interruption with the current set of worker processes.) Tj T* ET Q Q endstream endobj 17 0 obj << /Count 0 /Type /Outlines >> endobj 18 0 obj << /Nums [ 0 19 0 R 1 20 0 R 2 21 0 R ] >> endobj 19 0 obj << /S /D /St 1 >> endobj 20 0 obj << /S /D /St 2 >> endobj 21 0 obj << /S /D /St 3 >> endobj xref 0 22 0000000000 65535 f 0000000075 00000 n 0000000139 00000 n 0000000249 00000 n 0000000467 00000 n 0000000585 00000 n 0000000693 00000 n 0000000920 00000 n 0000001035 00000 n 0000001212 00000 n 0000001439 00000 n 0000001649 00000 n 0000001758 00000 n 0000002020 00000 n 0000002096 00000 n 0000010494 00000 n 0000017832 00000 n 0000020586 00000 n 0000020636 00000 n 0000020698 00000 n 0000020735 00000 n 0000020772 00000 n trailer << /ID % ReportLab generated PDF document -- digest (http://www.reportlab.com) [(j\235\(\377}1B\312\361\235\262\222G\321~\003) (j\235\(\377}1B\312\361\235\262\222G\321~\003)] /Info 12 0 R /Root 11 0 R /Size 22 >> startxref 20809 %%EOF hitch-1.4.4/docs/configuration.md0000644000175000017500000001422313011340200013643 00000000000000# Configuring Hitch Hitch can be configured either from command line arguments or from a configuration file on disk. You can extract the usage description by invoking Hitch with the "--help" argument. An example configuration file is included in the distribution. In general Hitch is a protocol agnostic proxy and does not need much configuration. List of configuration items to consider: - PEM files with key and certificate. - Listening addresses and ports. Note the semi-odd square brackets for IPv4 addresses. - Which backend servers to proxy towards, and if PROXY protocol should be used. - Number of workers, usually 1. For larger setups, use one worker per core. If you need to support legacy clients, you can consider: - Enable SSLv3 with "--ssl" (despite RFC7568.) - Use weaker ciphers. ## Specifying ciphers The recommended default is: "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH" If you need to support legacy clients, consider the "HIGH" cipher group. Hitch cipher list string format is identical to that of other servers, so you can use tools like https://mozilla.github.io/server-side-tls/ssl-config-generator/ to generate a set of ciphers that suits your needs. Normally you do not have to change this. ## Run environment If you're handling a large number of connections, you'll probably want to raise `ulimit -n` before running Hitch. If you are listening to ports under 1024 (443 comes to mind), you need to start Hitch as root. In those cases you *must* use --user/-u to set a non-privileged user `hitch` can setuid() to. ## Preparing PEM files PEM files should contain the key file, the certificate from the CA and any intermediate CAs needed. $ cat example.com.key example.com.crt intermediate.pem > example.com.pem If you want to use Diffie-Hellman based ciphers for Perfect Forward Secrecy (PFS), you need to add some parameters for that as well: $ openssl dhparam -rand - 2048 >> example.com.pem Hitch will complain and disable DH unless these parameters are available. ## Automatic OCSP staple retrieval Hitch has support for automated retrieval of OCSP responses from an OCSP responder. If the loaded certificate contains an OCSP responder address and it also has the required issuer certificate as part of its chain, Hitch will automatically retrieve and refresh OCSP staples. The `ocsp-dir` directory must be read/write accessible by the configured hitch user, and should not be read or write accessible by any other user. The staples are fetched asynchronously, and will be loaded and ready for stapling as soon as they are available. The variables ``ocsp-connect-tmo`` and ``ocsp-resp-tmo`` controls respectively the connect timeout and fetch transmission timeout when Hitch is talking to an OCSP responder. Automated OCSP stapling can be disabled by specifying an empty string for the `ocsp-dir` parameter: ocsp-dir = "" ## Verification of OCSP staples Hitch will optionally verify the OCSP staple, this can be done by specifying ocsp-verify-staple = on in the configuration file. If you are running with a custom CA, the verification certificates can be changed by setting the `SSL_CERT_FILE` or `SSL_CERT_DIR` environment variables. `SSL_CERT_FILE` can point to a single pem file containing a chain of certificates, while the `SSL_CERT_DIR` can be a comma-separated list of directories containing pem file with symlinks by their hash key (see the man page of c_rehash from the OpenSSL library for more information). ## OCSP stapling from manually pre-loaded files Hitch also has support for stapling of OCSP responses loaded from files on disk. If configured, Hitch will include a stapled OCSP response as part of the handshake when it receives a status request from a client. Retrieving an OCSP response suitable for use with Hitch can be done using the following `openssl` command: $ openssl ocsp \ -url https://ocsp.example.com \ -header Host ocsp.example.com \ -no_nonce \ -resp_text \ -issuer issuer.pem \ -cert mycert.pem \ -respout ocspresp.der This will produce a DER-encoded OCSP response which can then be loaded by Hitch. The URL of the OCSP responder can be retrieved via $ openssl x509 -ocsp_uri -in mycert.pem -noout the `-issuer` argument needs to point to the OCSP issuer certificate. Typically this is the same certificate as the intermediate that signed the server certificate. To configure Hitch to use the OCSP staple, use the following incantation when specifying the `pem-file` setting in your Hitch configuration file: pem-file = { cert = "mycert.pem" ocsp-resp-file = "mycert-ocsp.der" } ## ALPN/NPN support Hitch supports both the ALPN and the NPN TLS extension. This allows negotiation of the application layer protocol that is to be used. This is useful if Hitch terminates TLS for HTTP/2 traffic. To turn this on, you must supply an `alpn-protos` setting in the configuration file: alpn-protos = "h2,http/1.1" If the PROXY protocol is enabled (`write-proxy = on`), Hitch will transmit the selected protocol as part of its PROXY header. ## SSL/TLS protocol setting Hitch supports TLS (1.0, 1.1 and 1.2) and SSL 3. By default, only TLS versions 1.1 and 1.2 are enabled, while TLS 1.0 and SSLv3 are disabled. The recommended way to to select protocols is to use `tls-protos` in the configuration file: tls-protos = TLSv1.1 TLSv1.2 The following tokens are available for the `tls-protos` option: `SSLv3`, `TLSv1.0`, `TLSv1.1` and `TLSv1.2`. ## Uninterrupted configuration reload Issuing a SIGHUP signal to the main Hitch process will initiate a reload of Hitch's configuration file. Adding, updating and removing PEM files (``pem-file``) and frontend listen endpoints (``frontend``) is currently supported. Hitch will load the new configuration in its main process, and spawn a new set of child processes with the new configuration in place if successful. The previous set of child processes will finish their handling of any live connections, and exit after they are done. If the new configuration fails to load, an error message will be written to syslog. Operation will continue without interruption with the current set of worker processes. hitch-1.4.4/docs/certificates.md0000644000175000017500000000254012723521754013470 00000000000000# Creating a SSL/TLS key and certificate The minimum requirement for hitch to work is a PEM file with: - an RSA key - a certificate - (if you are doing DH ciphers: Diffie-Hellman parameters) For production use, you probably want to buy one from a friendly Certificate Authority (CA) nearby. For testing/playing around with hitch, you can create one using openssl: $ openssl req -newkey rsa:2048 -sha256 -keyout example.com.key -nodes -x509 -days 365 -out example.crt This will write a key file and the self-signed certificate for it. The normal steps of writing a Certificate Signing Request and so on isn't necessary for self-signed certificates. To complete this chain you merge the files into a single PEM file that you give hitch: $ cat example.com.key example.crt > example.pem And then start Hitch: $ hitch --backend=[127.0.0.1]:80 example.pem and you're done! If you are running on a Debian system, there is a shell script available to simplify this in the _ssl-cert_ package: `make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/hitch/testcert.pem` On Redhat systems the OpenSSL package has `/etc/pki/tls/certs/make-dummy-cert` that can be used. If you want to use Diffie-Hellman ciphers for Forward Secrecy, you need to add a bit of randomness to your PEM file as well. How you do this is described in [configuration](configuration.md). hitch-1.4.4/docs/architecture.md0000644000175000017500000000135312710627110013473 00000000000000# Hitch architecture Hitch uses a process-per-core model; a parent process spawns N children who each `accept()` on a common socket to distribute connected clients among them. Within each child, asynchronous socket I/O is conducted across the local connections using `libev` and `OpenSSL`'s nonblocking API. By default, `hitch` has an overhead of ~200KB per connection--it preallocates some buffer space for data in flight between frontend and backend. `hitch` has very few features--it's designed to be paired with an intelligent backend like Varnish Cache. It maintains a strict 1:1 connection pattern with this backend handler so that the backend can dictate throttling behavior, maximum connection behavior, availability of service, etc. hitch-1.4.4/docs/vhosts.md0000644000175000017500000000343612710627110012343 00000000000000# Virtual hosts Running a virtual host setup behind Hitch works fine. If you have reasonable clients (no XP/IE6, no older mobile), you can most likely use a single `--frontend=` stance, and let the Server Name Indication (SNI) sent in the handshake decide which certificate to present to the client. *SNI example*: $ ./hitch --backend=example.com:80 \ --frontend=[*]:443 \ site1.example.com.pem site2.example.com.pem site3.example.com.pem Hitch will automatically try to find the best matching certificate to give to the client. The last PEM file provided will serve as the default if none of them matched. Wild-card certificates work fine, any more specific certificate will be preferred over a wild-card match. If you would rather close the connection than serve a certificate that will yield a warning on the client, you can add the `--sni-nomatch-abort` argument. To avoid the messy long command line with many certificates, you can use multiple "pem-file = cert.pem" stances in a configuration file instead. ## Legacy clients To support older clients, you need to add multiple `--frontend=` stances to your configuration file (or command line) and a separate PEM file for each of them. Usually this means that you need many IP addresses assigned to the hitch server as well. *Legacy client example:* $ ./hitch --ssl --backend=example.com:80 \ "--frontend=[192.0.2.10]:443+certs/site1.example.com" \ "--frontend=[192.0.2.11]:443+certs/site2.example.com" \ certs/default.example.com Remember that hitch is protocol agnostic. It does not know about HTTP, it only passes bytes back and forth. In other words it will not set `X-Forwarded-Proto` or `X-Forwarded-For` on requests seen by the backend server. The PROXY protocol support exists for signalling the real client IP to the backend.