proxy-suite-1.9.2.4/0000755000000000000000000000000010170747407014142 5ustar rootroot00000000000000proxy-suite-1.9.2.4/AUTHORS0000644000000000000000000000056207372066213015214 0ustar rootroot00000000000000# # $Id$ # The SuSE Proxy Suite has been designed and programmed by: Jens-Gero Boehm Programming support Pieter Hollants Documentation Marius Tomaschewski Test environment, programming Volker Wiegand General program design and programming /proc/net/ftp_proxy interface proxy-suite-1.9.2.4/COPYING0000644000000000000000000004311006765230136015175 0ustar rootroot00000000000000 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) 19yy This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) 19yy name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. proxy-suite-1.9.2.4/CREDITS0000644000000000000000000000276410170463545015171 0ustar rootroot00000000000000# # $Id: CREDITS,v 1.4.2.1 2004/03/22 12:39:00 mt Exp $ # # This file contains credit information. # # If you feel you should be included or mentioned # (for providing hints, patches, or other input) # then please feel free to drop us a note or patch # this file and send it to the authors. # # Volker Wiegand, September 1999 # Lutz Pressler ftp-proxy: Use and semantics of AllowMagicUser. Marc Heuse common: Symlink-protecting debug/log files. Rogier Wolff idea and a first implementation of rand-usage for port bind's Antoniu-George Savu patch for infinite-loop bug in telnet control handling patch for useless exit in socket_sck2addr and on client fork failure patch for clean up the PID of a child in daemon array (MaxClients) Andrea Dell'Amico patch fixing a socket_sck2addr return value, a CTAGS_OPTS typo in configure.in, changing config_int in config_bool for SockBindRand Stefan Landvoigt patch for FIONREAD problems on Solaris (broken pipe) Dirk Roloff patch fixing socket_gets to wait for a complete line if no EOL found Pascal Gienger testing and patch for I_NREAD / FINOREAD problems on Solaris Ralph Tremmel testing of I_NREAD / FINOREAD problems on Solaris Juha Litola initial implementation of UserNameRule regex checks, pass-through support for RCMD command proxy-suite-1.9.2.4/INSTALL0000644000000000000000000001247307464226772015213 0ustar rootroot00000000000000# # $Id: INSTALL,v 1.1 1999/09/15 14:06:22 wiegand Exp $ # This file describes how to install the FTP-Proxy. FTP-Proxy is part of the SuSE Proxy-Suite. If you are planning to install this software from the source archive, you can simply execute the following steps: cd ./configure [options, see below] make cd ftp-proxy su make install and to install additional documentation: make install.doc Further, the 'INST_ROOT' Makefile variable can be set to an directory, that you want to prepend to all bellow directory settings while installation, i.e. in RPM spec files: INST_ROOT=$RPM_BUILD_ROOT make install Note: On some systems you may use 'gmake' or 'gnumake' instead of 'make' to compile successfully - yes, you need GNU make. The options in the 'configure' command above are the standard options for a GNU autoconf based installation, plus the following package specific ones (see also 'configure --help') : --prefix=PREFIX install architecture-independent files in PREFIX [/usr/local] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [same as prefix] --sbindir=DIR system admin executables in DIR [EPREFIX/sbin] --> 'ftp-proxy' will be installed into $(sbindir)/ftp-proxy --sysconfdir=DIR read-only single-machine data in DIR [PREFIX/etc] --> 'ftp-proxy.conf' will be installed into the 'proxy-suite' sub-directory of sysconfdir: $(sysconfdir)/proxy-suite/ftp-proxy.conf --mandir=DIR man documentation in DIR [PREFIX/man] --> manual pages will be installed into $(mandir)/man5 and $(mandir)/man8 used by the optional 'install.doc' Makefile target: --datadir=DIR read-only architecture-independent data in DIR [PREFIX/share] --> documentation will be installed into the 'doc/proxy-suite' sub-directory of datadir. This directrory is also accessible via Makefile variable docdir=$(datadir)/doc/proxy-suite/ You can override it using 'docdir=DIR make ...' --enable-debug enable generation of debugging output --enable-ctags enable generation of (c)tags files --enable-static enable static linkage (see note bellow) --enable-warnings enable compiler warnings --> enabled per default for gcc --enable-so-linger enable setting SO_LINGER socket option --enable-proc-mods enable (Linux) /proc diagnostic modules (not completely implemented yet) --enable-rfc1579 enable RFC 1579 (FW-FTP) extensions (not completely implemented yet) --enable-rfc2428 enable RFC 2428 (FTP for IPv6) extensions (not completely implemented yet) --with-regex[=PATH] compile in regular expressions support --> enabled, if possible to autodetect --with-libwrap[=PATH] compile in libwrap (TCP Wrapper) support --> enabled, if possible to autodetect --with-libldap[=PATH] compile in LDAP support --with-crypt[=PATH] compile in crypt support for encrypted password in user authentication --> enabled/autodetect, if ldap active --with-ssl[=PATH] compile in SSL, Secure Socket Layer support (not completely implemented yet) Note: - Static linkage (--enable-static) uses the -static option for gcc; this enables at least static linking against additional libraries, i.e. libwrap or libregex (if not a libc builtin). Newer libc implementations, like glibc on Linux does not allow an full static linkage. The main reason is the usage of dynamic NSS (Name Service Switch) modules (implemented as shared libraries on most systems). See also 'man nsswitch.conf' and /etc/nsswitch.conf for more informations. It is recommended to compile the program without debug for production environments, but debugging is anyway only used when switched on with the '-v ' command line switch. The next step after the installation, is to edit the configuration file. Please refer to the sample file, it is well documented. You may also want to consult the two manual pages ftp-proxy(8) and ftp-proxy.conf(5) for further informations. Last but not least there is an overview of all implemented syslog(3) message formats and tags, plus a white paper with a more in depth discussion of the concepts and ideas behind the FTP-Proxy. To use the FTP-Proxy, you should first decide how to activate it. You can either run it from the internet super daemon (inetd or xinetd) or as a daemon of its own. In the first case you have to edit the (x)inetd config file, in the latter case the 'ftp' entry must be removed from this file so that FTP-Proxy can open the port itself for listening. It is always a good idea to consider sending syslog(3) output to another machine, so an intruder will find it more difficult to wipe out his trail. Enjoy! proxy-suite-1.9.2.4/Makefile.in0000644000000000000000000000665607464233261016224 0ustar rootroot00000000000000# # $Id: Makefile.in,v 1.7 2002/05/02 12:53:05 mt Exp $ # # Makefile (Template) for SuSE Proxy Suite -- Top Level # # Please do NOT edit this file if its name is just Makefile. # Instead, edit Makefile.in and run "./configure [options]". # # Author(s): Jens-Gero Boehm # Pieter Hollants # Marius Tomaschewski # Volker Wiegand # # This file is part of the SuSE Proxy Suite # See also http://proxy-suite.suse.de/ # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version # 2 of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the # Free Software Foundation, Inc., 59 Temple Place - Suite 330, # Boston, MA 02111-1307, USA. # # A history log can be found at the end of this file. # prefix= @prefix@ exec_prefix= @exec_prefix@ datadir= @datadir@ docdir?= $(datadir)/doc/proxy-suite INSTALL= @INSTALL@ INSTALL_DATA= @INSTALL_DATA@ SHELL= /bin/sh @SET_MAKE@ SUBDIRS= doc common ftp-proxy DOCS= AUTHORS COPYING CREDITS ############################################################ all install: @for i in $(SUBDIRS); \ do \ echo ""; \ echo "::::::::::::: make '$@' in ./$$i"; \ cd $$i && $(MAKE) $@ && cd .. || exit 1; \ done install.doc: $(INSTALL) -d $(INST_ROOT)$(docdir) $(INSTALL_DATA) $(DOCS) $(INST_ROOT)$(docdir) @for i in $(SUBDIRS); \ do \ echo ""; \ echo "::::::::::::: make '$@' in ./$$i"; \ cd $$i && $(MAKE) $@ && cd .. || exit 1; \ done ############################################################ clean: @for i in $(SUBDIRS); \ do \ echo ""; \ echo "::::::::::::: make '$@' in ./$$i"; \ cd $$i \ && $(MAKE) -f Makefile.in $@ \ && cd .. || exit 1; \ done distclean: rm -f config.status config.cache config.log rm -f Makefile config.h @for i in $(SUBDIRS); \ do \ echo ""; \ echo "::::::::::::: make '$@' in ./$$i"; \ cd $$i \ && $(MAKE) -f Makefile.in $@ \ && cd .. || exit 1; \ done realclean: rm -f config.status config.cache config.log rm -f Makefile config.h config.h.in configure @for i in $(SUBDIRS); \ do \ echo ""; \ echo "::::::::::::: make '$@' in ./$$i"; \ cd $$i \ && $(MAKE) -f Makefile.in $@ \ && cd .. || exit 1; \ done ############################################################ # $Log: Makefile.in,v $ # Revision 1.7 2002/05/02 12:53:05 mt # merged with 1.8.2.2 # # Revision 1.6.2.1 2002/01/27 21:20:38 mt # fixed Makefiles to use INST_ROOT, added install.doc targets # # Revision 1.6 2002/01/14 19:50:54 mt # added rm -f config.cache in clean target # # Revision 1.5 1999/09/23 08:06:56 wiegand # code cleanup, added installation target # # Revision 1.4 1999/09/16 16:31:06 wiegand # new definition of XXXXclean targets # # Revision 1.3 1999/09/15 14:08:03 wiegand # added doc directory to SUBDIRS # # Revision 1.2 1999/09/15 13:20:35 wiegand # new structure: with subdirectories # ############################################################ proxy-suite-1.9.2.4/acconfig.h0000644000000000000000000000607410170463546016072 0ustar rootroot00000000000000/* * $Id: acconfig.h,v 1.5.2.1 2003/05/07 11:16:24 mt Exp $ * * acconfig.h - template used by autoheader to create config.h.in * config.h.in - used by autoconf to create config.h * config.h - created by autoconf; defines generated by autoconf * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_ACCONFIG_H_) #define _ACCONFIG_H_ /* ------------------------------------------------------------ */ @TOP@ /* Define to the canonical name of your host type */ #undef HOSTTYPE /* Define if sys/syslog.h is needed on top of syslog.h */ #undef NEED_SYS_SYSLOG_H /* Define if you want to enable the SO_LINGER option */ #undef ENABLE_SO_LINGER /* Define to include crypt password support */ #undef HAVE_CRYPT /* Define to include POSIX Regular Expressions */ #undef HAVE_REGEX /* Define to include libwrap (tcp_wrappers) support */ #undef HAVE_LIBWRAP /* Define to include LDAP for access configuration */ #undef HAVE_LIBLDAP /* Define if you want to use RFC 1579 extensions */ #undef ENABLE_RFC1579 /* Define if you want to use RFC 2428 extensions */ #undef ENABLE_RFC2428 /* */ /* Define if you want to use SSL functionality */ #undef ENABLE_SSL /* */ /* Define as type suitable for network ports */ #undef u_int16_t /* Define as type suitable for socket addresses */ #undef u_int32_t @BOTTOM@ /* ------------------------------------------------------------ */ #endif /* defined(_ACCONFIG_H_) */ /* ------------------------------------------------------------ * $Log: acconfig.h,v $ * Revision 1.5.2.1 2003/05/07 11:16:24 mt * removed HAVE_LDAP_UMICH, HAVE_LDAP_NETSCAPE variables * * Revision 1.5 2002/05/02 12:17:50 mt * added HAVE_CRYPT option * * Revision 1.4 1999/09/23 08:06:56 wiegand * code cleanup, added installation target * * Revision 1.3 1999/09/17 16:32:28 wiegand * changes from source code review * added POSIX regular expressions * * Revision 1.2 1999/09/15 13:20:35 wiegand * new structure: with subdirectories * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/changelog0000755000000000000000000000663610170747240016025 0ustar rootroot00000000000000#!/bin/sh ################################################################## # # $Id: changelog,v 1.9.2.4 2005/01/11 13:03:28 mt Exp $ # # Funny enough, this changelog is executable. # It provides version numbers and build dates. # The actual entries start further down ... # # A version update (with log entry) can always be # enforced by executing "cvs commit -f changelog". # #__VERS__ = $Revision: 1.9.2.4 $ #__DATE__ = $Date: 2005/01/11 13:03:28 $ # VERS=`grep "^#__VERS__" $0 | sed -e 's/.*: //' -e 's/ \\$//g'` DATE=`grep "^#__DATE__" $0 | sed -e 's/.*: //' -e 's/ \\$//g'` cat <<-EOF > ftp-proxy/ftp-vers.c /* ** Version number and build date. ** Created automatically by changelog. ** Please do not edit this file. */ static char prog_vers[] = "$VERS"; static char prog_date[] = "$DATE"; EOF echo "The new version is: '$VERS - $DATE'" exit 0 ################################################################## # # And here the actual change log begins ... # # $Log: changelog,v $ # Revision 1.9.2.4 2005/01/11 13:03:28 mt # FTP: fixed default UserNameRule regex # # Revision 1.9.2.3 2005/01/10 11:47:23 mt # FTP: included sys/param.h required FreeBSD 6-CURRENT to compile # # Revision 1.9.2.2 2004/03/30 10:42:46 mt # FTP: added pass-through support for RCMD command # FTP: added UserNameRule option instead of hard coded defaults # FTP: added LDAPPreBindDN, LDAPPreBindDNPW options for LDAPBindDN=auto # # Revision 1.9.2.1 2003/05/11 20:39:33 mt # FTP: improved ldap support to allow authentication via ldap-bind # FTP: improved parsing of the ftp USER command magic strings # FTP: applied OpenBSD pf-nat transparent proxy support patch # # Revision 1.9 2002/05/02 15:14:55 mt # FTP: implemented simple user authentication # # Revision 1.8.2.2 2002/04/23 14:52:14 mt # FTP: fixed transfer abort race conditions in particular for solaris # FTP: fixed permissions of debug-file as documented in ftp-proxy(8) # # Revision 1.8.2.1 2002/04/04 13:53:37 mt # FTP: fixed Makefiles to use INST_ROOT, added install.doc targed # FTP: implemented config file wildcard-section names matching # # Revision 1.8 2002/01/14 20:09:00 mt # FTP: fixed chroot, uid/gid dropping, socket_gets line handling # FTP: implemented iptables and BSD ipnat transparent proxying # FTP: extended log messages to provide basic transfer statistics # FTP: improved auto-configure checks, actualized manual pages # FTP: see ftp-proxy/NEWS file for more detailed release news # # Revision 1.7.8.1 2001/11/06 23:06:20 mt # FTP: applied / merged with transparent proxy patches v8 # FTP: see ftp-proxy/NEWS for more detailed release news # # Revision 1.7 1999/10/22 09:22:47 wiegand # FTP: added -static to GNU C options if required # FTP: port range also used for control connection to host # # Revision 1.6 1999/10/10 18:37:01 wiegand # FTP: Documentation updates # # Revision 1.5 1999/10/04 11:55:39 wiegand # FTP: first public release # # Revision 1.4 1999/09/30 12:07:42 wiegand # FTP: dynamic TranslatedAddress # FTP: several minor bugfixes # # Revision 1.3 1999/09/24 19:30:55 wiegand # FTP: enabled Regular Expressions for all commands # FTP: enabled the AllowMagicUser for outgoing FTP # FTP: some bug fixes and documentation improvements # # Revision 1.2 1999/09/24 19:30:33 wiegand # version for customer shipment on 1999/09/21 # # Revision 1.1 1999/09/24 19:30:19 wiegand # initial checkin # ################################################################## proxy-suite-1.9.2.4/common/0000755000000000000000000000000010170747407015432 5ustar rootroot00000000000000proxy-suite-1.9.2.4/common/Makefile.in0000644000000000000000000000706710170463546017510 0ustar rootroot00000000000000# # $Id: Makefile.in,v 1.6.2.1 2003/05/07 11:15:26 mt Exp $ # # Makefile (Template) for SuSE Proxy Suite -- Common Files # # Please do NOT edit this file if its name is just Makefile. # Instead, edit Makefile.in and run "../configure [options]". # # Author(s): Jens-Gero Boehm # Pieter Hollants # Marius Tomaschewski # Volker Wiegand # # This file is part of the SuSE Proxy Suite # See also http://proxy-suite.suse.de/ # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version # 2 of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the # Free Software Foundation, Inc., 59 Temple Place - Suite 330, # Boston, MA 02111-1307, USA. # # A history log can be found at the end of this file. # prefix= @prefix@ exec_prefix= @exec_prefix@ SHELL= /bin/sh CC= @CC@ CFLAGS= @CFLAGS@ CPPFLAGS= @CPPFLAGS@ RANLIB= @RANLIB@ AR= @AR@ RM= @RM@ COM_LIB= libcommon.a TAGS= @TAGS@ CTAGS= @CTAGS@ CTAGS_OPTS= @CTAGS_OPTS@ COM_SRCS= com-config.c \ com-debug.c \ com-misc.c \ com-socket.c \ com-syslog.c COM_HDRS= com-config.h \ com-debug.h \ com-misc.h \ com-socket.h \ com-syslog.h COM_OBJS= com-config.o \ com-debug.o \ com-misc.o \ com-socket.o \ com-syslog.o ############################################################ all: $(TAGS) $(COM_LIB) ifneq (,$(CTAGS)) $(TAGS): $(wildcard $(COM_SRCS) $(COM_HDRS)) $(CTAGS) $(CTAGS_OPTS) $^ @echo "" else $(TAGS): endif $(COM_LIB): $(COM_LIB)($(COM_OBJS)) $(RANLIB) $@ ############################################################ $(COM_LIB)(com-config.o): com-config.c $(COM_HDRS) $(COM_LIB)(com-debug.o): com-debug.c $(COM_HDRS) $(COM_LIB)(com-misc.o): com-misc.c $(COM_HDRS) $(COM_LIB)(com-socket.o): com-socket.c $(COM_HDRS) $(COM_LIB)(com-syslog.o): com-syslog.c $(COM_HDRS) .c.a: $(CC) $(CFLAGS) $(CPPFLAGS) -I. -I.. -c $< $(AR) r $@ $*.o $(RM) $*.o ############################################################ install: install.doc: ############################################################ clean: rm -f *.o *.a *~ tags core distclean: clean rm -f Makefile realclean: distclean ############################################################ # $Log: Makefile.in,v $ # Revision 1.6.2.1 2003/05/07 11:15:26 mt # added CPPFLAGS variable # # Revision 1.6 2002/05/02 12:55:01 mt # merged with v1.8.2.2 # # Revision 1.5.2.1 2002/01/27 21:20:38 mt # fixed Makefiles to use INST_ROOT, added install.doc targets # # Revision 1.5 2002/01/14 18:31:18 mt # fixed ctags handling - it needs to be enabled by configure now # # Revision 1.4 2001/11/06 23:04:43 mt # applied / merged with transparent proxy patches v8 # see ftp-proxy/NEWS for more detailed release news # # Revision 1.3 1999/09/23 08:09:10 wiegand # delete Makefile on distclean, not only realclean # added (empty) install target # # Revision 1.2 1999/09/16 05:53:15 wiegand # added the missing com-debug.o rule # # Revision 1.1 1999/09/15 14:05:38 wiegand # initial checkin # ############################################################ proxy-suite-1.9.2.4/common/com-config.c0000644000000000000000000005467507464233646017647 0ustar rootroot00000000000000/* * $Id: com-config.c,v 1.7 2002/05/02 12:57:10 mt Exp $ * * Common functions for configuration reading * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: com-config.c,v 1.7 2002/05/02 12:57:10 mt Exp $"; #endif #include #if defined(STDC_HEADERS) # include # include # include # include # include #endif #if defined(HAVE_UNISTD_H) # include #endif #include #include #include #include "com-config.h" #include "com-debug.h" #include "com-misc.h" #include "com-socket.h" #include "com-syslog.h" /* ------------------------------------------------------------ */ typedef struct config_t { struct config_t *next; /* Next config option in chain */ char *name; /* Config option name */ char *data; /* Config value as string */ } CONFIG; typedef struct section_t { struct section_t *next; /* Next config section in chain */ char *name; /* Section name (NULL=global) */ CONFIG *conf; /* Chained config option list */ } SECTION; /* ** The next are used for configuration name display */ #define MAX_CONF_NAME 128 /* Max display size */ #define MIN_CONF_NAME 24 /* Display column size */ /* ------------------------------------------------------------ */ static void config_cleanup(void); static char *config_line (FILE *fp); /* ------------------------------------------------------------ */ static int initflag = 0; /* Have we been initialized? */ static SECTION *sechead = NULL; /* Chain of config sections */ /* ------------------------------------------------------------ ** ** ** Function......: config_cleanup ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Clean up the config list. ** ** ------------------------------------------------------------ */ static void config_cleanup(void) { SECTION *sect; CONFIG *conf; #if defined(COMPILE_DEBUG) debug(3, "config_cleanup"); #endif for (sect = sechead; sect != NULL; ) { if (sect->name != NULL) misc_free(FL, sect->name); for (conf = sect->conf; conf != NULL; ) { sect->conf = conf->next; if (conf->name != NULL) misc_free(FL, conf->name); if (conf->data != NULL) misc_free(FL, conf->data); misc_free(FL, conf); conf = sect->conf; } sechead = sect->next; misc_free(FL, sect); sect = sechead; } } /* ------------------------------------------------------------ ** ** ** Function......: config_line ** ** Parameters....: fp Pointer to the FILE ** ** Return........: Pointer to next line from file ** ** Purpose.......: Read the next complete line from a file. ** Filter out empty or comment lines. The ** comment character is defined as '#'. ** ** ------------------------------------------------------------ */ static char *config_line(FILE *fp) { static char line[MAX_PATH_SIZE * 2]; char *p; size_t len; if (fp == NULL) /* Basic sanity check */ misc_die(FL, "config_line: ?fp?"); for (;;) { memset(line, 0, sizeof(line)); for (len = 0; ; ) { /* ** Read the first or next line */ if (fgets(line + len, sizeof(line) - len, fp) == NULL) { if (line[0] == '\0') return NULL; /* End of file */ break; } /* ** Beautifier: cut leading blanks */ p = line + len; if (*p == ' ' || *p == '\t') { while (*p == ' ' || *p == '\t') p++; memmove(line + len, p, strlen(p) + 1); } /* ** Cut off the newline */ if ((p = strchr(line, '\n')) != NULL) *p = '\0'; /* ** Skip empty lines */ if ((len = strlen(line)) == 0) continue; /* ** Sanity check: truncate lines too long */ if (len > (sizeof(line) - 64)) break; /* ** If the line continues, read on */ if (line[--len] != '\\') break; line[len] = '\0'; } /* ** We have a line now, see if it contains data */ for (p = line; *p == ' ' || *p == '\t'; p++) ; if (*p != '\0' && *p != '#') break; } #if defined(COMPILE_DEBUG) debug(3, "config_line: '%.*s'", MAX_PATH_SIZE, p); #endif return p; } /* ------------------------------------------------------------ ** ** ** Function......: config_read ** ** Parameters....: name Config file name ** dflg Flag to dump contents ** ** Return........: (none), exits program on error ** ** Purpose.......: Read the configuration file and keep ** the values for later usage. If dflg is ** set, the contents of the config file ** are displayed and the program exits. ** ** ------------------------------------------------------------ */ void config_read(char *file, int dflg) { FILE *fp; char *name, *data; SECTION *sect, *tmps; CONFIG *conf, *tmpc; if (file == NULL) /* Basic sanity check */ misc_die(FL, "config_read: ?file?"); if (initflag == 0) { atexit(config_cleanup); initflag = 1; } if (sechead != NULL) config_cleanup(); if ((fp = fopen(file, "r")) == NULL) { syslog_error("can't open config file '%.*s'", MAX_PATH_SIZE, file); exit(EXIT_FAILURE); } /* ** Prepare the global section */ sect = (SECTION *) misc_alloc(FL, sizeof(SECTION)); sect->next = NULL; sect->name = NULL; sect->conf = NULL; sechead = sect; /* ** Now read the file and store sections and options */ while ((name = config_line(fp)) != NULL) { /* ** Check if this is a section */ if (*name == '[') { if ((data = strchr(name, ']')) != NULL) *data = '\0'; name = misc_strtrim(name + 1); /* ** Do not accept empty sections or ** sections begining with a wildcard... */ if('\0' == name[0] || '*' == name[0]) { misc_die(FL, "config_read: invalid section"); } /* ** The global section is outstanding */ if (strcasecmp(name, "-global-") == 0) { sect = sechead; continue; } /* ** Check if the section is already allocated */ for (tmps = sechead->next; tmps; tmps = tmps->next) { if (strcasecmp(name, tmps->name) == 0) break; } if (tmps != NULL) { sect = tmps; /* Make it current */ continue; } /* ** Create a new section */ sect = (SECTION *) misc_alloc(FL, sizeof(SECTION)); sect->name = misc_strdup(FL, name); sect->conf = NULL; /* ** Keep the sections sorted alphabetically */ for (tmps = sechead; tmps; tmps = tmps->next) { if (tmps->next == NULL) break; if (strcasecmp(name, tmps->next->name) < 0) break; } sect->next = tmps->next; tmps->next = sect; continue; } /* ** Not a section, must be an ordinary line */ for (data = name; *data != ' ' && *data != '\t'; data++) ; if (*data == '\0') { syslog_write(T_WRN, "no config value for '%.*s'", MAX_CONF_NAME, name); continue; /* Ignore: missing value */ } /* ** The following is more or less a sanity check */ *data++ = '\0'; if ((name = misc_strtrim(name)) == NULL) continue; if ((data = misc_strtrim(data)) == NULL) continue; if (*name == '\0' || *data == '\0') continue; /* ** Check if the option is already allocated */ for (conf = sect->conf; conf; conf = conf->next) { if (strcasecmp(name, conf->name) == 0) break; } if (conf != NULL) { if (conf->data) misc_free(FL, conf->data); conf->data = misc_strdup(FL, data); continue; } /* ** Create a new config option */ conf = (CONFIG *) misc_alloc(FL, sizeof(CONFIG)); conf->name = misc_strdup(FL, name); conf->data = misc_strdup(FL, data); /* ** Keep the config list sorted alphabetically */ if (sect->conf == NULL || strcasecmp(name, sect->conf->name) < 0) { conf->next = sect->conf; sect->conf = conf; } else { for (tmpc = sect->conf; tmpc; tmpc = tmpc->next) { if (tmpc->next == NULL) break; if (strcasecmp(name, tmpc->next->name) < 0) break; } conf->next = tmpc->next; tmpc->next = conf; } } fclose(fp); /* ** Do we just want to validate the interpretation? */ if (dflg != 0) { printf("Config-File: '%.*s'\n", MAX_PATH_SIZE, file); for (sect = sechead; sect; sect = sect->next) { printf("Config-Section ------ '%.*s'\n", MAX_CONF_NAME, sect->name ? sect->name : "(-global-)"); for (conf = sect->conf; conf; conf = conf->next) { printf("Config: %-*.*s = '%.*s'\n", MIN_CONF_NAME, MAX_CONF_NAME, conf->name, MAX_PATH_SIZE, conf->data); } } exit(EXIT_SUCCESS); } /* ** Inform the possible auditor */ syslog_write(T_INF, "Config-File: '%.*s'", MAX_PATH_SIZE, file); for (sect = sechead; sect; sect = sect->next) { syslog_write(T_INF, "Config-Section ------ '%.*s'", MAX_CONF_NAME, sect->name ? sect->name : "(-global-)"); for (conf = sect->conf; conf; conf = conf->next) { syslog_write(T_INF, "Config: %-*.*s = '%.*s'", MIN_CONF_NAME, MAX_CONF_NAME, conf->name, MAX_PATH_SIZE, conf->data); } } } void config_dump(FILE *fd) { SECTION *sect; CONFIG *conf; if(NULL == fd) return; for (sect = sechead; sect; sect = sect->next) { fprintf(fd, "[%.*s]\n", MAX_CONF_NAME, sect->name ? sect->name : "-Global-"); for (conf = sect->conf; conf; conf = conf->next) { fprintf(fd, "%-*.*s %.*s\n", MIN_CONF_NAME, MAX_CONF_NAME, conf->name, MAX_PATH_SIZE, conf->data); } fprintf(fd, "\n"); } } /* ------------------------------------------------------------ ** ** ** Function......: config_sect ** ** Parameters....: snam Section (NULL=global) ** ** Return........: 1=section exists, 0=no such section ** ** Purpose.......: Check if a section exists. ** ** ------------------------------------------------------------ */ int config_sect(char *snam) { SECTION *sect; /* ** Find the relevant section */ for (sect = sechead; sect; sect = sect->next) { if (misc_strcaseequ(snam, sect->name)) return 1; } return 0; } /* ------------------------------------------------------------ ** ** ** Function......: config_sect_find ** ** Parameters....: snam Section (NULL=global) ** ** Return........: pointer to the found the section or NULL ** ** Purpose.......: find a config section by name; if snam ** is NULL the global section matches! ** ** ------------------------------------------------------------ */ static SECTION* config_sect_find(char *snam) { SECTION *sect; char *wild; /* ** Find the relevant section */ for(sect = sechead; sect; sect = sect->next) { if(sect->name && (wild = strchr(sect->name, '*'))) { #if defined(COMPILE_DEBUG) debug(3, "config_sect_find: wildcard-sect='%.*s*'\n", wild - sect->name, sect->name); #endif if (misc_strncaseequ(sect->name, snam, wild - sect->name)) break; } else { if (misc_strcaseequ(sect->name, snam)) break; } } return sect; } /* ------------------------------------------------------------ ** ** ** Function......: config_int ** ** Parameters....: snam Section (NULL=global) ** name Config option name ** dflt Default value ** ** Return........: Integer value for config option ** ** Purpose.......: Retrieve a numeric config value. ** ** ------------------------------------------------------------ */ int config_int(char *snam, char *name, int dflt) { SECTION *sect; CONFIG *conf; char *p; int i; if (name == NULL) /* Basic sanity check */ misc_die(FL, "config_int: ?name?"); #if defined(COMPILE_DEBUG) debug(3, "config_int: s='%.*s' n='%.*s' d=%d", MAX_CONF_NAME, NIL(snam), MAX_CONF_NAME, name, dflt); #endif /* ** Find the relevant section */ sect = config_sect_find(snam); if (sect == NULL) return (snam ? config_int(NULL, name, dflt) : dflt); /* ** Now look for the desired value */ for (conf = sect->conf, p = NULL; conf; conf = conf->next) { if (strcasecmp(conf->name, name) == 0) { p = conf->data; break; } } if (conf == NULL) return (snam ? config_int(NULL, name, dflt) : dflt); /* ** Evaluate the found string */ i = atoi(p); /* ** Return the value found */ #if defined(COMPILE_DEBUG) debug(3, "config_int: result=%d", i); #endif return i; } /* ------------------------------------------------------------ ** ** ** Function......: config_bool ** ** Parameters....: snam Section (NULL=global) ** name Config option name ** dflt Default value ** ** Return........: 0/1 value for config option ** ** Purpose.......: Retrieve a boolean config value. ** ** ------------------------------------------------------------ */ int config_bool(char *snam, char *name, int dflt) { SECTION *sect; CONFIG *conf; char *p; int i; if (name == NULL) /* Basic sanity check */ misc_die(FL, "config_bool: ?name?"); dflt = (dflt != 0); /* Normalize value */ #if defined(COMPILE_DEBUG) debug(3, "config_bool: s='%.*s' n='%.*s' d=%d", MAX_CONF_NAME, NIL(snam), MAX_CONF_NAME, name, dflt); #endif /* ** Find the relevant section */ sect = config_sect_find(snam); if (sect == NULL) return (snam ? config_bool(NULL, name, dflt) : dflt); /* ** Now look for the desired value */ for (conf = sect->conf, p = NULL; conf; conf = conf->next) { if (strcasecmp(conf->name, name) == 0) { p = conf->data; break; } } if (conf == NULL) return (snam ? config_bool(NULL, name, dflt) : dflt); /* ** Evaluate the found string */ if (strcasecmp(p, "y") == 0) i = 1; else if (strcasecmp(p, "on") == 0) i = 1; else if (strcasecmp(p, "yes") == 0) i = 1; else if (strcasecmp(p, "true") == 0) i = 1; else if (*p >= '0' && *p <= '9') i = (atoi(p) != 0); else i = 0; /* ** Return the value found */ #if defined(COMPILE_DEBUG) debug(3, "config_bool: result=%d", i); #endif return i; } /* ------------------------------------------------------------ ** ** ** Function......: config_str ** ** Parameters....: snam Section (NULL=global) ** name Config option name ** dflt Default value ** ** Return........: String value for config option ** ** Purpose.......: Retrieve a textual config value. ** ** ------------------------------------------------------------ */ char *config_str(char *snam, char *name, char *dflt) { SECTION *sect; CONFIG *conf; char *p; if (name == NULL) /* Basic sanity check */ misc_die(FL, "config_str: ?name?"); #if defined(COMPILE_DEBUG) debug(3, "config_str: s='%.*s' n='%.*s' d='%.*s'", MAX_CONF_NAME, NIL(snam), MAX_CONF_NAME, name, MAX_PATH_SIZE, NIL(dflt)); #endif /* ** Find the relevant section */ sect = config_sect_find(snam); if (sect == NULL) return (snam ? config_str(NULL, name, dflt) : dflt); /* ** Now look for the desired value */ for (conf = sect->conf, p = NULL; conf; conf = conf->next) { if (strcasecmp(conf->name, name) == 0) { p = conf->data; break; } } if (conf == NULL) return (snam ? config_str(NULL, name, dflt) : dflt); /* ** Return the value found */ #if defined(COMPILE_DEBUG) debug(3, "config_str: result='%.*s'", MAX_PATH_SIZE, NIL(p)); #endif return p; } /* ------------------------------------------------------------ ** ** ** Function......: config_addr ** ** Parameters....: snam Section (NULL=global) ** name Config option name ** dflt Default value ** ** Return........: IP Address value for config option ** (returned in host byte order) ** ** Purpose.......: Retrieve an IP Address config value. ** ** ------------------------------------------------------------ */ u_int32_t config_addr(char *snam, char *name, u_int32_t dflt) { SECTION *sect; CONFIG *conf; char *p; u_int32_t addr; if (name == NULL) /* Basic sanity check */ misc_die(FL, "config_addr: ?name?"); #if defined(COMPILE_DEBUG) debug(3, "config_addr: s='%.*s' n='%.*s' d='%s'", MAX_CONF_NAME, NIL(snam), MAX_CONF_NAME, name, socket_addr2str(dflt)); #endif /* ** Find the relevant section */ sect = config_sect_find(snam); if (sect == NULL) return (snam ? config_addr(NULL, name, dflt) : dflt); /* ** Now look for the desired value */ for (conf = sect->conf, p = NULL; conf; conf = conf->next) { if (strcasecmp(conf->name, name) == 0) { p = conf->data; break; } } if (conf == NULL) return (snam ? config_addr(NULL, name, dflt) : dflt); /* ** Evaluate the found string */ addr = socket_str2addr(p, dflt); /* ** Return the value found */ #if defined(COMPILE_DEBUG) debug(3, "config_addr: result='%s'", socket_addr2str(addr)); #endif return addr; } /* ------------------------------------------------------------ ** ** ** Function......: config_port ** ** Parameters....: snam Section (NULL=global) ** name Config option name ** dflt Default value ** ** Return........: TCP Port value for config option ** (returned in host byte order) ** ** Purpose.......: Retrieve a TCP Port config value. ** ** ------------------------------------------------------------ */ u_int16_t config_port(char *snam, char *name, u_int16_t dflt) { SECTION *sect; CONFIG *conf; char *p; u_int16_t port; if (name == NULL) /* Basic sanity check */ misc_die(FL, "config_port: ?name?"); #if defined(COMPILE_DEBUG) debug(3, "config_port: s='%.*s' n='%.*s' d=%d", MAX_CONF_NAME, NIL(snam), MAX_CONF_NAME, name, (int) dflt); #endif /* ** Find the relevant section */ sect = config_sect_find(snam); if (sect == NULL) return (snam ? config_port(NULL, name, dflt) : dflt); /* ** Now look for the desired value */ for (conf = sect->conf, p = NULL; conf; conf = conf->next) { if (strcasecmp(conf->name, name) == 0) { p = conf->data; break; } } if (conf == NULL) return (snam ? config_port(NULL, name, dflt) : dflt); /* ** Evaluate the found string */ port = socket_str2port(p, dflt); /* ** Return the value found */ #if defined(COMPILE_DEBUG) debug(3, "config_port: result=%d", (int) port); #endif return port; } /* ------------------------------------------------------------ ** ** ** Function......: config_uid ** ** Parameters....: snam Section (NULL=global) ** name Config option name ** dflt Default value ** ** Return........: User-ID value for config option ** ** Purpose.......: Retrieve a User-ID config value. ** ** ------------------------------------------------------------ */ uid_t config_uid(char *snam, char *name, uid_t dflt) { SECTION *sect; CONFIG *conf; char *p; struct passwd *pwd; uid_t uid; if (name == NULL) /* Basic sanity check */ misc_die(FL, "config_uid: ?name?"); #if defined(COMPILE_DEBUG) debug(3, "config_uid: s='%.*s' n='%.*s' d=%d", MAX_CONF_NAME, NIL(snam), MAX_CONF_NAME, name, (int) dflt); #endif /* ** Find the relevant section */ sect = config_sect_find(snam); if (sect == NULL) return (snam ? config_uid(NULL, name, dflt) : dflt); /* ** Now look for the desired value */ for (conf = sect->conf, p = NULL; conf; conf = conf->next) { if (strcasecmp(conf->name, name) == 0) { p = conf->data; break; } } if (conf == NULL) return (snam ? config_uid(NULL, name, dflt) : dflt); /* ** Evaluate the found string */ if (*p == '-' || (*p >= '0' && *p <= '9')) uid = (uid_t) atoi(p); else { uid = dflt; setpwent(); while ((pwd = getpwent()) != NULL) { if (strcasecmp(pwd->pw_name, p) == 0) { uid = pwd->pw_uid; break; } } endpwent(); } /* ** Return the value found */ #if defined(COMPILE_DEBUG) debug(3, "config_uid: result=%d", (int) uid); #endif return uid; } /* ------------------------------------------------------------ ** ** ** Function......: config_gid ** ** Parameters....: snam Section (NULL=global) ** name Config option name ** dflt Default value ** ** Return........: Group-ID value for config option ** ** Purpose.......: Retrieve a Group-ID config value. ** ** ------------------------------------------------------------ */ gid_t config_gid(char *snam, char *name, gid_t dflt) { SECTION *sect; CONFIG *conf; char *p; struct group *grp; gid_t gid; if (name == NULL) /* Basic sanity check */ misc_die(FL, "config_gid: ?name?"); #if defined(COMPILE_DEBUG) debug(3, "config_gid: s='%.*s' n='%.*s' d=%d", MAX_CONF_NAME, NIL(snam), MAX_CONF_NAME, name, (int) dflt); #endif /* ** Find the relevant section */ sect = config_sect_find(snam); if (sect == NULL) return (snam ? config_gid(NULL, name, dflt) : dflt); /* ** Now look for the desired value */ for (conf = sect->conf, p = NULL; conf; conf = conf->next) { if (strcasecmp(conf->name, name) == 0) { p = conf->data; break; } } if (conf == NULL) return (snam ? config_gid(NULL, name, dflt) : dflt); /* ** Evaluate the found string */ if (*p == '-' || (*p >= '0' && *p <= '9')) gid = (gid_t) atoi(p); else { gid = dflt; setgrent(); while ((grp = getgrent()) != NULL) { if (strcasecmp(grp->gr_name, p) == 0) { gid = grp->gr_gid; break; } } endgrent(); } /* ** Return the value found */ #if defined(COMPILE_DEBUG) debug(3, "config_gid: result=%d", (int) gid); #endif return gid; } /* ------------------------------------------------------------ * $Log: com-config.c,v $ * Revision 1.7 2002/05/02 12:57:10 mt * merged with v1.8.2.2 * * Revision 1.6.2.2 2002/04/04 10:00:07 mt * fixed bug done while last changes * * Revision 1.6.2.1 2002/01/28 01:55:58 mt * implemented wildcard-section support * * Revision 1.6 2002/01/14 18:12:20 mt * implemented config_dump function to dump in-memory config to a FILE stream * * Revision 1.5 1999/09/23 18:34:44 wiegand * remove white space at line start (incl. continuation lines) * * Revision 1.4 1999/09/21 05:42:28 wiegand * syslog / abort review * * Revision 1.3 1999/09/17 06:32:28 wiegand * buffer length and overflow protection review * * Revision 1.2 1999/09/16 14:26:33 wiegand * minor code review and cleanup * * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/common/com-config.h0000644000000000000000000000457407420617604017635 0ustar rootroot00000000000000/* * $Id: com-config.h,v 1.2 2002/01/14 18:12:20 mt Exp $ * * Header for common functions for configuration reading * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_COM_CONFIG_H_) #define _COM_CONFIG_H_ #include #if defined(STDC_HEADERS) # include #endif /* ------------------------------------------------------------ */ void config_read(char *file, int dflg); void config_dump(FILE *fd); int config_sect(char *snam); int config_int (char *snam, char *name, int dflt); int config_bool(char *snam, char *name, int dflt); char *config_str (char *snam, char *name, char *dflt); u_int32_t config_addr(char *snam, char *name, u_int32_t dflt); u_int16_t config_port(char *snam, char *name, u_int16_t dflt); uid_t config_uid (char *snam, char *name, uid_t dflt); gid_t config_gid (char *snam, char *name, gid_t dflt); /* ------------------------------------------------------------ */ #endif /* defined(_COM_CONFIG_H_) */ /* ------------------------------------------------------------ * $Log: com-config.h,v $ * Revision 1.2 2002/01/14 18:12:20 mt * implemented config_dump function to dump in-memory config to a FILE stream * * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/common/com-debug.c0000644000000000000000000001476607464233770017463 0ustar rootroot00000000000000/* * $Id: com-debug.c,v 1.5 2002/05/02 12:58:32 mt Exp $ * * Common debugging functions * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: com-debug.c,v 1.5 2002/05/02 12:58:32 mt Exp $"; #endif #include #if defined(STDC_HEADERS) # include # include # include # include # include #endif #include #if defined(HAVE_UNISTD_H) # include #endif #if TIME_WITH_SYS_TIME # include # include #else # if HAVE_SYS_TIME_H # include # else # include # endif #endif #if defined(HAVE_FCNTL_H) # include #elif defined(HAVE_SYS_FCNTL_H) # include #endif #include #include "com-debug.h" #include "com-misc.h" #if defined(COMPILE_DEBUG) /* ------------------------------------------------------------ */ #if !defined(O_NOFOLLOW) # define O_NOFOLLOW 0 #endif #define OPEN_NEW (O_RDWR | O_APPEND | O_CREAT | O_EXCL) #define OPEN_OLD (O_RDWR | O_APPEND | O_NOFOLLOW) /* ------------------------------------------------------------ */ static void debug_cleanup(void); /* ------------------------------------------------------------ */ static int dbg_lvl = 0; /* Current debug level */ static char *dbg_out = NULL; /* Debug out file name */ /* ------------------------------------------------------------ ** ** ** Function......: debug_init ** ** Parameters....: level Debug level to set ** file Output file for debug ** ** Return........: Newly set debug level ** ** Purpose.......: Initialize debugging. The output file ** is chmod'ed to 0666 so that it can be ** written also after setuid/setgid !!! ** ** ------------------------------------------------------------ */ int debug_init(int level, char *file) { if (level >= 0 && level <= 4 && file && *file) { if (dbg_out == NULL) atexit(debug_cleanup); dbg_lvl = level; dbg_out = file; debug(1, "############# %s startup #############", misc_getprog()); } else { misc_die(FL, "invalid debug settings %d / %.*s", level, MAX_PATH_SIZE, NIL(file)); } return dbg_lvl; } /* ------------------------------------------------------------ ** ** ** Function......: debug_level ** ** Parameters....: (none) ** ** Return........: Current debug level ** ** Purpose.......: Retrieve the current debug level. ** ** ------------------------------------------------------------ */ int debug_level(void) { return dbg_lvl; } /* ------------------------------------------------------------ ** ** ** Function......: debug ** ** Parameters....: level Debug level to use ** fmt Printf-string with message ** ** Return........: (none) ** ** Purpose.......: Write debugging output. ** CAVEAT: *DO NOT* call syslog or die. ** ** ------------------------------------------------------------ */ void debug(int level, char *fmt, ...) { int tmperr = errno; /* Save errno for later */ va_list aptr; FILE *fp; int fd; struct stat st; time_t now; struct tm *t; mode_t omask; /* ** Check if debug output is wanted */ if (level <= 0 || level > dbg_lvl) return; if (!dbg_out || !*dbg_out || !fmt || !*fmt) return; /* ** Check that the debug file has not been tampered with */ memset(&st, 0, sizeof(st)); if (lstat(dbg_out, &st) < 0) { /* ** Note: we adjust the umask temporary to force ** open to create a world-writeable debug file. ** See also notes in ftp-proxy(8) manual page ** and INSTALL file for compilation options. */ omask = umask(0); fd = open(dbg_out, OPEN_NEW, 0666); umask(omask); if (fd < 0) return; } else { if ((S_ISLNK(st.st_mode)) || (st.st_nlink > 1)) return; if ((fd = open(dbg_out, OPEN_OLD)) < 0) return; } /* ** All seems well, go and do your job */ if ((fp = fdopen(fd, "a")) != NULL) { time(&now); t = localtime(&now); fprintf(fp, "%02d:%02d:%02d <%5d> ", t->tm_hour, t->tm_min, t->tm_sec, (int) getpid()); va_start(aptr, fmt); vfprintf(fp, fmt, aptr); va_end(aptr); fprintf(fp, "\n"); fclose(fp); } else close(fd); errno = tmperr; /* Restore errno */ } /* ------------------------------------------------------------ ** ** ** Function......: debug_forget ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Forget cleanup's (for forked children). ** ** ------------------------------------------------------------ */ void debug_forget(void) { dbg_lvl = 0; dbg_out = NULL; } /* ------------------------------------------------------------ ** ** ** Function......: debug_cleanup ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Finish the debugging tasks. ** ** ------------------------------------------------------------ */ static void debug_cleanup(void) { debug(1, "------------- %s exiting -------------", misc_getprog()); } #endif /* ------------------------------------------------------------ * $Log: com-debug.c,v $ * Revision 1.5 2002/05/02 12:58:32 mt * merged with v1.8.2.2 * * Revision 1.4.2.1 2002/04/04 14:27:29 mt * added umask(0) before opening new debug log file * * Revision 1.4 2002/01/14 18:14:03 mt * fixed minor format bug * * Revision 1.3 1999/09/26 13:25:05 wiegand * protection of debug/pid/log files against attacks * * Revision 1.2 1999/09/17 06:32:28 wiegand * buffer length and overflow protection review * * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/common/com-debug.h0000644000000000000000000000344506767723662017471 0ustar rootroot00000000000000/* * $Id: com-debug.h,v 1.1 1999/09/15 14:05:38 wiegand Exp $ * * Header for common debugging functions * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_COM_DEBUG_H_) #define _COM_DEBUG_H_ /* ------------------------------------------------------------ */ #if defined(COMPILE_DEBUG) int debug_init (int level, char *file); int debug_level (void); void debug (int level, char *fmt, ...); void debug_forget(void); #endif /* ------------------------------------------------------------ */ #endif /* defined(_COM_DEBUG_H_) */ /* ------------------------------------------------------------ * $Log: com-debug.h,v $ * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/common/com-misc.c0000644000000000000000000004470710170463547017321 0ustar rootroot00000000000000/* * $Id: com-misc.c,v 1.9.2.1 2003/05/07 11:15:05 mt Exp $ * * Common miscellaneous functions * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: com-misc.c,v 1.9.2.1 2003/05/07 11:15:05 mt Exp $"; #endif #include #if defined(STDC_HEADERS) # include # include # include # include # include #endif #include #if defined(HAVE_UNISTD_H) # include #endif #if TIME_WITH_SYS_TIME # include # include #else # if HAVE_SYS_TIME_H # include # else # include # endif #endif #if defined(HAVE_FCNTL_H) # include #elif defined(HAVE_SYS_FCNTL_H) # include #endif #include "com-config.h" #include "com-debug.h" #include "com-misc.h" #include "com-syslog.h" /* ------------------------------------------------------------ */ static void misc_cleanup(void); /* ------------------------------------------------------------ */ static int initflag = 0; /* Have we been initialized? */ static char p_name[512] = "[unknown name]"; static char p_vers[512] = "[unknown version]"; static char p_date[512] = "[unknown date]"; static char **use_ptr = NULL; /* Usage information array */ static char *pid_name = NULL; /* Name of ProcID file */ /* ------------------------------------------------------------ ** ** ** Function......: misc_cleanup ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Clean up at program exit. ** ** ------------------------------------------------------------ */ static void misc_cleanup(void) { if (pid_name != NULL) { void *tmp = (void *) pid_name; unlink(pid_name); pid_name = NULL; misc_free(FL, tmp); } } /* ------------------------------------------------------------ ** ** ** Function......: misc_forget ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Forget cleanup's (for forked children). ** ** ------------------------------------------------------------ */ void misc_forget(void) { if (pid_name != NULL) { void *tmp = (void *) pid_name; pid_name = NULL; misc_free(FL, tmp); } } /* ------------------------------------------------------------ ** ** ** Function......: misc_setprog / misc_getprog ** ** Parameters....: prog_str Program name ** usage_arr Usage info string array ** ** Return........: Program basename ** ** Purpose.......: Makes the prog-name known to logging, ** provides a short name without path. ** ** ------------------------------------------------------------ */ char *misc_setprog(char *prog_str, char *usage_arr[]) { char *p; if (prog_str == NULL) p = "[unknown name]"; else if ((p = strrchr(prog_str, '/')) != NULL) p++; else p = prog_str; misc_strncpy(p_name, p, sizeof(p_name)); if (usage_arr != NULL) use_ptr = usage_arr; return p_name; } char *misc_getprog(void) { return p_name; } /* ------------------------------------------------------------ ** ** ** Function......: misc_setvers / misc_getvers ** misc_setdate / misc_getdate ** misc_getvsdt ** ** Parameters....: version Program version ** ** Return........: Program version ** ** Purpose.......: Sets and retrieves the program version ** and program compilation date and time. ** And a "standard version + date" thing. ** ** ------------------------------------------------------------ */ void misc_setvers(char *vers_str) { if (vers_str == NULL) vers_str = "[unknown version]"; misc_strncpy(p_vers, vers_str, sizeof(p_vers)); } char *misc_getvers(void) { return p_vers; } void misc_setdate(char *date_str) { if (date_str == NULL) date_str = "[unknown date]"; misc_strncpy(p_date, date_str, sizeof(p_date)); } char *misc_getdate(void) { return p_date; } char *misc_getvsdt(void) { static char str[MAX_PATH_SIZE * 2]; #if defined(HAVE_SNPRINTF) snprintf(str, sizeof(str), "Version %s - %s", p_vers, p_date); #else sprintf(str, "Version %s - %s", p_vers, p_date); #endif return str; } /* ------------------------------------------------------------ ** ** ** Function......: misc_alloc ** ** Parameters....: file Filename of requestor ** line Line number of requestor ** len Number of bytes requested ** ** Return........: Pointer to memory ** ** Purpose.......: Allocate memory with malloc. The program ** dies if no memory is available. ** The memory is automatically zero'ed. ** ** ------------------------------------------------------------ */ void *misc_alloc(char *file, int line, size_t len) { void *ptr; if (file == NULL) /* Sanity check */ file = "[unknown file]"; if (len == 0) /* Another check ... */ misc_die(file, line, "misc_alloc: ?len?"); if ((ptr = malloc(len)) == NULL) misc_die(file, line, "out of memory"); #if defined(COMPILE_DEBUG) debug(4, "alloc %u (%.*s:%d): %p", (unsigned) len, MAX_PATH_SIZE, file, line, ptr); #endif memset(ptr, 0, len); return ptr; } /* ------------------------------------------------------------ ** ** ** Function......: misc_strdup ** ** Parameters....: file Filename of requestor ** line Line number of requestor ** str Pointer to original string ** ** Return........: Pointer to allocated string ** ** Purpose.......: Allocate memory for a copy of the given ** string with misc_alloc and copy the ** string in place. ** ** ------------------------------------------------------------ */ char *misc_strdup(char *file, int line, char *str) { char *ptr; int len; /* Basic sanity check */ if (str == NULL) misc_die(file, line, "misc_strdup: ?str?"); len = strlen(str); ptr = (char *) misc_alloc(file, line, len + 1); strncpy(ptr, str, len); return ptr; } /* ------------------------------------------------------------ ** ** ** Function......: misc_free ** ** Parameters....: file Filename of requestor ** line Line number of requestor ** ptr Memory area to be freed ** ** Return........: (none) ** ** Purpose.......: Free memory allocated with misc_alloc. ** ** ------------------------------------------------------------ */ void misc_free(char *file, int line, void *ptr) { if (file == NULL) /* Sanity check */ file = "[unknown file]"; #if defined(COMPILE_DEBUG) debug(4, "free %p (%.*s:%d)", ptr, MAX_PATH_SIZE, file, line); #else line = line; /* Calm down picky compilers... */ #endif if (ptr != NULL) free(ptr); } /* ------------------------------------------------------------ ** ** ** Function......: misc_usage ** ** Parameters....: fmt Printf-string with usage ** ** Return........: (none) ** ** Purpose.......: Print a usage info and terminate. ** ** ------------------------------------------------------------ */ void misc_usage(char *fmt, ...) { va_list aptr; int i; if (use_ptr != NULL) { for (i = 0; use_ptr[i] != NULL; i++) fprintf(stderr, "%s\n", use_ptr[i]); } if (fmt != NULL && *fmt != '\0') { fprintf(stderr, "%s Error: ", p_name); va_start(aptr, fmt); vfprintf(stderr, fmt, aptr); va_end(aptr); fprintf(stderr, "\n\n"); } exit(EXIT_FAILURE); } /* ------------------------------------------------------------ ** ** ** Function......: misc_die ** ** Parameters....: fmt Printf-string with message ** ** Return........: (none) ** ** Purpose.......: Print an error message and terminate. ** ** ------------------------------------------------------------ */ void misc_die(char *file, int line, char *fmt, ...) { int tmperr = errno; /* Save errno for later */ char str[MAX_PATH_SIZE * 4]; va_list aptr; size_t len; if (file == NULL) /* Sanity check */ file = "[unknown file]"; memset(str, 0, sizeof(str)); #if defined(HAVE_SNPRINTF) snprintf(str, sizeof(str), "%s (%.*s:%d): ", p_name, MAX_PATH_SIZE, file, line); #else sprintf(str, "%s (%.*s:%d): ", p_name, MAX_PATH_SIZE, file, line); #endif len = strlen(str); if (fmt != NULL && *fmt != '\0') { va_start(aptr, fmt); #if defined(HAVE_VSNPRINTF) vsnprintf(str + len, sizeof(str)-len, fmt, aptr); #else vsprintf(str + len, fmt, aptr); #endif va_end(aptr); len = strlen(str); } if (tmperr) { #if defined(HAVE_SNPRINTF) snprintf(str + len, sizeof(str)-len, " (errno=%d [%.256s])", tmperr, strerror(tmperr)); #else sprintf(str + len, " (errno=%d [%.256s])", tmperr, strerror(tmperr)); #endif } fprintf(stderr, "%s\n", str); syslog_write(T_FTL, "%s", str); errno = tmperr; /* Restore errno */ exit(EXIT_FAILURE); } /* ------------------------------------------------------------ ** ** ** Function......: misc_pidfile ** ** Parameters....: name Desired PID-file name ** ** Return........: (none) ** ** Purpose.......: Create a file with the Process-ID. ** ** ------------------------------------------------------------ */ void misc_pidfile(char *name) { FILE *fp; int fd; if (initflag == 0) { atexit(misc_cleanup); initflag = 1; } /* ** Do some housekeeping (maybe it's just a close) */ if (misc_strequ(name, pid_name)) return; if (pid_name != NULL) { void *tmp = (void *) pid_name; unlink(pid_name); pid_name = NULL; misc_free(FL, tmp); } /* ** Do we have a real filename now? */ if (name != NULL) { if (unlink(name) < 0 && errno != ENOENT) { syslog_error("can't remove pidfile '%.*s'", MAX_PATH_SIZE, name); exit(EXIT_FAILURE); } if ((fd = open(name, O_RDWR | O_CREAT | O_EXCL, 0644)) < 0) { syslog_error("can't open pidfile '%.*s'", MAX_PATH_SIZE, name); exit(EXIT_FAILURE); } if ((fp = fdopen(fd, "w")) == NULL) { syslog_error("can't open pidfile '%.*s'", MAX_PATH_SIZE, name); exit(EXIT_FAILURE); } fprintf(fp, "%d\n", (int) getpid()); fclose(fp); pid_name = misc_strdup(FL, name); } #if defined(COMPILE_DEBUG) debug(2, "pid-file: '%s'", NIL(pid_name)); #endif } /* ------------------------------------------------------------ ** ** ** Function......: misc_strtrim ** ** Parameters....: s String to be trimmed ** ** Return........: String without leading or trailing space ** ** Purpose.......: Trims white space at the beginning and end ** of a given string (this is done in-place). ** ** ------------------------------------------------------------ */ char *misc_strtrim(char *s) { char *p; if (s == NULL) return NULL; while (*s == ' ' || *s == '\t') s++; p = s + strlen(s); while (p > s && (p[-1] == ' ' || p[-1] == '\t' || p[-1] == '\n' || p[-1] == '\r')) *--p = '\0'; return s; } /* ------------------------------------------------------------ ** ** ** Function......: misc_strequ / misc_strcaseequ ** ** Parameters....: s1 First string to compare ** s2 Second string to compare ** ** Return........: 1=strings are equal, 0=strings differ ** ** Purpose.......: Check if two strings are equal. The ** strings could well be NULL pointers. ** And strcasecmp ignores upper/lower case. ** ** ------------------------------------------------------------ */ int misc_strequ(const char *s1, const char *s2) { if (s1 == NULL && s2 == NULL) return 1; if (s1 == NULL && s2 != NULL) return 0; if (s1 != NULL && s2 == NULL) return 0; return (strcmp(s1, s2) == 0); } int misc_strcaseequ(const char *s1, const char *s2) { if (s1 == NULL && s2 == NULL) return 1; if (s1 == NULL && s2 != NULL) return 0; if (s1 != NULL && s2 == NULL) return 0; return (strcasecmp(s1, s2) == 0); } /* ------------------------------------------------------------ ** ** ** Function......: misc_strnequ / misc_strncaseequ ** ** Parameters....: s1 First string to compare ** s2 Second string to compare ** n number of characters in ** in s1 to compare ** ** Return........: 1=strings are equal, 0=strings differ ** ** Purpose.......: Check if two strings are equal. The ** strings could well be NULL pointers. ** strncasecmp ignores upper/lower case. ** ** ------------------------------------------------------------ */ int misc_strnequ(const char *s1, const char *s2, size_t n) { if (s1 == NULL && s2 == NULL) return 1; if (s1 == NULL && s2 != NULL) return 0; if (s1 != NULL && s2 == NULL) return 0; return (strncmp(s1, s2, n) == 0); } int misc_strncaseequ(const char *s1, const char *s2, size_t n) { if (s1 == NULL && s2 == NULL) return 1; if (s1 == NULL && s2 != NULL) return 0; if (s1 != NULL && s2 == NULL) return 0; return (strncasecmp(s1, s2, n) == 0); } /* ------------------------------------------------------------ ** ** ** Function......: misc_strncpy ** ** Parameters....: s1 Destination pointer ** s2 Source pointer ** len Size of Destination buffer ** ** Return........: Destination pointer ** ** Purpose.......: Copies at most (len - 1) bytes from source ** to destination and fills the residual space ** of the destination buffer with null bytes. ** ** ------------------------------------------------------------ */ char *misc_strncpy(char *s1, const char *s2, size_t len) { size_t cnt; /* ** Prepare the destination buffer */ if (s1 == NULL) return NULL; memset(s1, 0, len); /* ** Check the source and get its size */ if (s2 == NULL || (cnt = strlen(s2)) == 0) return s1; /* ** Copy at most (len - 1) bytes */ if (cnt >= len) cnt = len - 1; memcpy(s1, s2, cnt); /* ** Done -- return destination pointer */ return s1; } /* ------------------------------------------------------------ ** ** ** Function......: misc_chroot ** ** Parameters....: dir chroot directory ** ** Return........: 0 on success, -1 if dir argument ** was emtpy; exits program on error ** ** Purpose.......: change root into specified directory ** ** ------------------------------------------------------------ */ int misc_chroot (char *dir) { if(dir && *dir) { chdir("/"); if (chroot(dir)) { syslog_error("can't chroot to '%.1024s'", dir); exit(EXIT_FAILURE); } chdir("/"); return 0; } return -1; } /* ------------------------------------------------------------ ** ** ** Function......: misc_uidgid ** ** Parameters....: uid UID (-1 -> use config_uid) ** gid GID (-1 -> use config_gid) ** ** Return........: (none), exits program on error ** ** Purpose.......: Set the UID and GID for the current process. ** If the parameters are -1, use the config ** file's "User" and "Group" variables. ** ** ------------------------------------------------------------ */ void misc_uidgid(uid_t uid, gid_t gid) { #if defined(COMPILE_DEBUG) debug(2, "uid-gid desired: uid=%d gid=%d", (int) uid, (int) gid); #endif if (gid == CONFIG_GID) { if(config_str(NULL, "Group", NULL)) { /* ** if config defines a group, use it ** or complain (not found in system) */ gid = config_gid(NULL, "Group", CONFIG_GID); } else { gid = getgid(); } } if (gid == CONFIG_GID) { syslog_error("can't determine Group-ID to use"); exit(EXIT_FAILURE); } if (setgid(gid) < 0) { syslog_error("can't set Group-ID to %d", (int) gid); exit(EXIT_FAILURE); } if (getegid() != gid) { syslog_error("can't set Group-ID to %d", (int) gid); exit(EXIT_FAILURE); } if (uid == CONFIG_UID) { if(config_str(NULL, "User", NULL)) { /* ** if config defines a user, use it ** or complain (not found in system) */ uid = config_uid(NULL, "User", CONFIG_UID); } else { uid = getuid(); } } if (uid == CONFIG_UID) { syslog_error("can't determine User-ID to use"); exit(EXIT_FAILURE); } if (setuid(uid) < 0) { syslog_error("can't set User-ID to %d", (int) uid); exit(EXIT_FAILURE); } if (geteuid() != uid) { syslog_error("can't set User-ID to %d", (int) uid); exit(EXIT_FAILURE); } #if defined(COMPILE_DEBUG) debug(2, "uid-gid adopted: uid=%d gid=%d", (int) getuid(), (int) getgid()); #endif } /* ------------------------------------------------------------ ** ** ** Function......: misc_rand ** ** Parameters....: lower range mark ** upper range mark ** ** Return........: random number between lower and upper mark ** ** Purpose.......: generates a random number in specified range. ** ** ------------------------------------------------------------ */ int misc_rand (int lrng, int urng) { struct timeval t; if (lrng == urng) return lrng; if (lrng > urng) { /* swap values */ lrng ^= urng; urng ^= lrng; lrng ^= urng; } gettimeofday (&t, NULL); srand (t.tv_usec); return (lrng + (rand () % (urng - lrng + 1))); } /* ------------------------------------------------------------ * $Log: com-misc.c,v $ * Revision 1.9.2.1 2003/05/07 11:15:05 mt * misc_strdup: changed to allow empty strings * misc_rand: removed sequence in lrng/urng swapping * * Revision 1.9 2002/05/02 12:59:00 mt * merged with v1.8.2.2 * * Revision 1.8.2.1 2002/01/28 01:53:07 mt * implemented misc_strnequ misc_strncaseequ wrappers * * Revision 1.8 2002/01/14 18:18:50 mt * implemented misc_chroot wrapper function * added checks in misc_uidgid if User/Group are set in config * added snprintf usage if supported, replaced all strcpy with strncpy * * Revision 1.7 2001/11/06 23:04:43 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.6 1999/09/30 09:49:45 wiegand * updated string trim function to trim also newlines * * Revision 1.5 1999/09/26 13:25:05 wiegand * protection of debug/pid/log files against attacks * * Revision 1.4 1999/09/21 05:42:28 wiegand * syslog / abort review * * Revision 1.3 1999/09/17 06:32:28 wiegand * buffer length and overflow protection review * * Revision 1.2 1999/09/16 14:26:33 wiegand * minor code review and cleanup * * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/common/com-misc.h0000644000000000000000000000756607464234052017327 0ustar rootroot00000000000000/* * $Id: com-misc.h,v 1.5 2002/05/02 12:59:22 mt Exp $ * * Header for common miscellaneous functions * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_COM_MISC_H_) #define _COM_MISC_H_ /* ------------------------------------------------------------ */ #define FL __FILE__, __LINE__ #define NIL(p) (p) ? (p) : "(nil)" /* ** we are treating an -1 UID/GID as invalid ** _and_ as flag to read it from config file */ #define CONFIG_UID ((uid_t)(-1)) /* use cfg-file UID */ #define CONFIG_GID ((gid_t)(-1)) /* use cfg-file GID */ /* ------------------------------------------------------------ */ #if !defined(MAX_PATH_SIZE) # define MAX_PATH_SIZE 4096 #endif #if defined(PATH_MAX) && (PATH_MAX > MAX_PATH_SIZE) # define MAX_PATH_SIZE PATH_MAX #endif #if defined(MAXPATHLEN) && (MAXPATHLEN > MAX_PATH_SIZE) # define MAX_PATH_SIZE MAXPATHLEN #endif /* ------------------------------------------------------------ */ void misc_forget (void); char *misc_setprog(char *prog_str, char *usage_arr[]); char *misc_getprog(void); void misc_setvers(char *vers_str); char *misc_getvers(void); void misc_setdate(char *date_str); char *misc_getdate(void); char *misc_getvsdt(void); void *misc_alloc (char *file, int line, size_t len); char *misc_strdup (char *file, int line, char *str); void misc_free (char *file, int line, void *ptr); void misc_usage (char *fmt, ...); void misc_die (char *file, int line, char *fmt, ...); void misc_pidfile(char *name); char *misc_strtrim (char *s); int misc_strequ (const char *s1, const char *s2); int misc_strcaseequ(const char *s1, const char *s2); int misc_strnequ (const char *s1, const char *s2, size_t n); int misc_strncaseequ(const char *s1, const char *s2, size_t n); char *misc_strncpy (char *s1, const char *s2, size_t len); int misc_chroot (char *dir); void misc_uidgid (uid_t uid, gid_t gid); int misc_rand (int lrng, int urng); /* ------------------------------------------------------------ */ #endif /* defined(_COM_MISC_H_) */ /* ------------------------------------------------------------ * $Log: com-misc.h,v $ * Revision 1.5 2002/05/02 12:59:22 mt * merged with v1.8.2.2 * * Revision 1.4.2.1 2002/01/28 01:53:07 mt * implemented misc_strnequ misc_strncaseequ wrappers * * Revision 1.4 2002/01/14 18:18:50 mt * implemented misc_chroot wrapper function * added checks in misc_uidgid if User/Group are set in config * added snprintf usage if supported, replaced all strcpy with strncpy * * Revision 1.3 2001/11/06 23:04:43 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.2 1999/09/17 06:32:28 wiegand * buffer length and overflow protection review * * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/common/com-socket.c0000644000000000000000000015075210170464400017641 0ustar rootroot00000000000000/* * $Id: com-socket.c,v 1.7.2.2 2005/01/10 11:37:36 mt Exp $ * * Common functions for TCP/IP sockets * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: com-socket.c,v 1.7.2.2 2005/01/10 11:37:36 mt Exp $"; #endif #include #if defined(STDC_HEADERS) # include # include # include # include # include #endif #if defined(HAVE_UNISTD_H) # include #endif #if defined(TIME_WITH_SYS_TIME) # include # include #else # if defined(HAVE_SYS_TIME_H) # include # else # include # endif #endif #if defined(HAVE_SYS_SELECT_H) # include #endif #if defined(HAVE_FCNTL_H) # include #elif defined(HAVE_SYS_FCNTL_H) # include #endif #include #if defined(HAVE_SYS_FILIO_H) #include #endif #include #include #if defined(HAVE_NETINET_IN_SYSTM_H) # include #endif #include #include #if defined(HAVE_STROPTS_H) # include #endif #if defined(HAVE_SYS_PARAM_H) # include #endif #if defined(HAVE_SYS_CONF_H) # include #endif #if defined(HAVE_SYS_SOCKIO_H) # include #endif #if defined(I_NREAD) && (defined(__sun__) || !defined(FIONREAD)) # define FIONREAD I_NREAD #endif #if defined(HAVE_NET_IF_H) # include #endif #if defined(HAVE_NET_PFVAR_H) # include #endif #if defined(HAVE_NETINET_IP_H) # include #endif #if defined(HAVE_NETINET_IP_COMPAT_H) # include #endif #if defined(HAVE_NETINET_IP_FIL_COMPAT_H) # include #endif #if defined(HAVE_NETINET_IP_FIL_H) # include #endif #if defined(HAVE_NETINET_IP_NAT_H) # include #endif #if defined(HAVE_LINUX_NETFILTER_IPV4_H) # include #endif #if defined(HAVE_LIBWRAP) # if defined(HAVE_SYSLOG_H) # include # endif # if defined(NEED_SYS_SYSLOG_H) # include # endif # include #endif #include "com-config.h" #include "com-debug.h" #include "com-misc.h" #include "com-socket.h" #include "com-syslog.h" /* ------------------------------------------------------------ */ #if !defined(SOMAXCONN) # define SOMAXCONN 5 /* Default accept queue size */ #endif #if !defined(NETSIZ) # define NETSIZ 8192 /* Default network buffer size */ #endif /* ------------------------------------------------------------ */ static void socket_cleanup (void); static void socket_accept (void); static void socket_ll_read (HLS *hls); static void socket_ll_write(HLS *hls); /* ------------------------------------------------------------ */ static int initflag = 0; /* Have we been initialized? */ static int lsock = -1; /* Daemon: listening socket */ static ACPT_CB acpt_fp = NULL; /* Call back function pointer */ static HLS *hlshead = NULL; /* Chain of HighLevSock's */ #if defined(HAVE_LIBWRAP) int allow_severity = LOG_INFO; /* TCP Wrapper log levels */ int deny_severity = LOG_WARNING; #endif static int maxrecv_bufsiz = -1; /* max receive buffer size */ /* ------------------------------------------------------------ ** ** ** Function......: socket_cleanup ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Clean up the socket related data. ** ** ------------------------------------------------------------ */ static void socket_cleanup(void) { socket_lclose(1); while (hlshead != NULL) socket_kill(hlshead); } /* ------------------------------------------------------------ ** ** ** Function......: socket_listen ** ** Parameters....: addr IP address where to listen ** port TCP port where to listen ** ** Return........: 0=success, -1=failure (EADDRINUSE) ** Other errors make the program die. ** ** Purpose.......: Opens a listening port. ** ** ------------------------------------------------------------ */ int socket_listen(u_int32_t addr, u_int16_t port, ACPT_CB func) { struct sockaddr_in saddr; if (initflag == 0) { atexit(socket_cleanup); initflag = 1; /* ** Check if we should limit the recv buffer size... ** (because the link on the write side is much slower) */ if(maxrecv_bufsiz < 0) { maxrecv_bufsiz = config_int(NULL, "MaxRecvBufSize", 0); if(maxrecv_bufsiz < 0) maxrecv_bufsiz = 0; } } /* ** Remember whom to call back for accept */ acpt_fp = func; /* ** Prepare and open the listening socket */ memset(&saddr, 0, sizeof(saddr)); saddr.sin_addr.s_addr = htonl(addr); saddr.sin_family = AF_INET; saddr.sin_port = htons(port); #if defined(COMPILE_DEBUG) debug(2, "about to listen: %s:%d", inet_ntoa(saddr.sin_addr), (int) port); #endif if ((lsock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { syslog_error("can't create listener socket"); exit(EXIT_FAILURE); } socket_opts(lsock, SK_LISTEN); if (bind(lsock, (struct sockaddr *) &saddr, sizeof(saddr)) < 0) { if (errno == EADDRINUSE) { syslog_write(T_WRN, "port %d is in use...", (int) port); return -1; } syslog_error("can't bind to %s:%d", inet_ntoa(saddr.sin_addr), (int) port); exit(EXIT_FAILURE); } listen(lsock, SOMAXCONN); return 0; } /* ------------------------------------------------------------ ** ** ** Function......: socket_lclose ** ** Parameters....: shut Call shutdown if non-zero ** ** Return........: (none) ** ** Purpose.......: Close the listening socket. ** ** ------------------------------------------------------------ */ void socket_lclose(int shut) { if (lsock != -1) { if (shut) shutdown(lsock, 2); close(lsock); lsock = -1; } } /* ------------------------------------------------------------ ** ** ** Function......: socket_accept ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Accept a new client connection. ** ** ------------------------------------------------------------ */ static void socket_accept(void) { char peer[PEER_LEN] = {0}; char dest[PEER_LEN] = {0}; struct sockaddr_in saddr; int nsock, len; /* ** Let the show begin ... */ memset(&saddr, 0, sizeof(saddr)); len = sizeof(saddr); nsock = accept(lsock, (struct sockaddr *) &saddr, &len); if (nsock < 0) { syslog_error("can't accept client"); return; } misc_strncpy(peer, inet_ntoa(saddr.sin_addr), sizeof(peer)); memset(&saddr, 0, sizeof(saddr)); if( !getsockname(nsock, (struct sockaddr *)&saddr, &len)) { misc_strncpy(dest, inet_ntoa(saddr.sin_addr), sizeof(dest)); } #if defined(COMPILE_DEBUG) debug(2, "accepted %d=%s on %s", nsock, NIL(peer), NIL(dest)); #endif #if defined(HAVE_LIBWRAP) /* ** Use the TCP Wrapper to control access */ if (config_bool(NULL, "TCPWrapper", 0)) { struct request_info req; char *wn; wn = config_str(NULL, "TCPWrapperName", misc_getprog()); if( !(wn && *wn)) wn = "ftp-proxy"; /* fall back... */ request_init(&req, RQ_DAEMON, wn, RQ_FILE, nsock, NULL); fromhost(&req); if (hosts_access(&req) == 0) { close(nsock); syslog_write(U_ERR, "%s reject: '%s' (Wrap)", wn, peer); return; } } #endif /* ** Setup some basic socket options */ socket_opts(nsock, SK_CONTROL); /* ** Perform user level initialization */ if (acpt_fp) (*acpt_fp)(nsock); } /* ------------------------------------------------------------ ** ** ** Function......: socket_init ** ** Parameters....: sock Accepted new socket ** Can be -1 (e.g. for ** accepting sockets) ** ** Return........: Pointer to newly created Channel ** ** Purpose.......: Allocate and initialize a new High ** Level Socket (HLS). ** ** ------------------------------------------------------------ */ HLS *socket_init(int sock) { HLS *hls; if (initflag == 0) { atexit(socket_cleanup); initflag = 1; /* ** Check if we should limit the recv buffer size... ** (because the link on the write side is much slower) */ if(maxrecv_bufsiz < 0) { maxrecv_bufsiz = config_int(NULL, "MaxRecvBufSize", 0); if(maxrecv_bufsiz < 0) maxrecv_bufsiz = 0; } } hls = (HLS *) misc_alloc(FL, sizeof(HLS)); hls->next = hlshead; hlshead = hls; if ((hls->sock = sock) != -1) { hls->addr = socket_sck2addr(sock, REM_END, &(hls->port)); misc_strncpy(hls->peer, socket_addr2str(hls->addr), sizeof(hls->peer)); } else { hls->addr = 0; hls->port = 0; memset(hls->peer, 0, sizeof(hls->peer)); } hls->kill = 0; hls->ernr = 0; hls->retr = 0; hls->flag = 0; hls->more = 0; hls->ctyp = "HLS-TYPE"; hls->wbuf = NULL; hls->rbuf = NULL; hls->wcnt = 0; hls->rcnt = 0; #if defined(COMPILE_DEBUG) debug(2, "created HLS for %d=%s:%d", hls->sock, hls->peer, (int) hls->port); #endif return hls; } /* ------------------------------------------------------------ ** ** ** Function......: socket_opts ** ** Parameters....: sock Socket to be worked upon ** kind SK_... value (a "Macro") ** ** Return........: (none) ** ** Purpose.......: Setup socket options according to the ** intended use (listen, control, data). ** ** ------------------------------------------------------------ */ void socket_opts(int sock, int kind) { #if defined(ENABLE_SO_LINGER) struct linger lin; #endif int opt, len; opt = 1; len = sizeof(opt); setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &opt, len); #if defined(ENABLE_SO_LINGER) if (kind == SK_LISTEN) { lin.l_onoff = 0; lin.l_linger = 0; } else { lin.l_onoff = 1; lin.l_linger = 60; } len = sizeof(lin); setsockopt(sock, SOL_SOCKET, SO_LINGER, &lin, len); #endif #if defined(SO_OOBINLINE) if (kind == SK_CONTROL) { opt = 1; len = sizeof(opt); setsockopt(sock, SOL_SOCKET, SO_OOBINLINE, &opt, len); } #endif if (kind != SK_LISTEN) { opt = 1; len = sizeof(opt); setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, &opt, len); } #if defined(IPTOS_THROUGHPUT) && defined(IPTOS_LOWDELAY) if (kind == SK_DATA) opt = IPTOS_THROUGHPUT; else opt = IPTOS_LOWDELAY; len = sizeof(opt); setsockopt(sock, IPPROTO_IP, IP_TOS, &opt, len); #endif } /* ------------------------------------------------------------ ** ** ** Function......: socket_kill ** ** Parameters....: hls Pointer to HighLevSock ** ** Return........: (none) ** ** Purpose.......: Destroy a High Level Socket. ** ** ------------------------------------------------------------ */ void socket_kill(HLS *hls) { HLS *curr, *prev; BUF *buf; if (hls == NULL) /* Basic sanity check */ misc_die(FL, "socket_kill: ?hls?"); #if defined(COMPILE_DEBUG) debug(2, "deleting HLS %s %d=%s:%d", NIL(hls->ctyp), hls->sock, hls->peer, (int) hls->port); #endif /* ** Find and de-chain the socket */ for (curr = hlshead, prev = NULL; curr != NULL; ) { if (curr == hls) { if (prev == NULL) hlshead = curr->next; else prev->next = curr->next; break; } prev = curr; curr = curr->next; } /* ** Now destroy the socket itself */ if (hls->sock != -1) close(hls->sock); for (buf = hls->wbuf; buf != NULL; ) { hls->wbuf = buf->next; misc_free(FL, buf); buf = hls->wbuf; } for (buf = hls->rbuf; buf != NULL; ) { hls->rbuf = buf->next; misc_free(FL, buf); buf = hls->rbuf; } misc_free(FL, hls); } /* ------------------------------------------------------------ ** ** ** Function......: socket_gets ** ** Parameters....: hls Pointer to HighLevSock ** ptr Pointer to read buffer ** len Size of buf to be filled ** (includes trailing zero) ** ** Return........: Pointer to filled buf ** ** Purpose.......: Read one line of input from a HighLevSock. ** This function waits for complete lines with ** (CR)LF at the end, which will be discarded. ** ** ------------------------------------------------------------ */ char *socket_gets(HLS *hls, char *ptr, int len) { int cnt; BUF *buf; if (hls == NULL || ptr == NULL || len <= 0) misc_die(FL, "socket_gets: ?hls? ?ptr? ?len?"); if (hls->rbuf == NULL) { errno = 0; return NULL; } len--; /* Account for the trailing null byte */ /* ** Transfer at most one line of data */ hls->more = 0; for (buf = hls->rbuf, cnt = 0; buf != NULL && cnt < len; ) { if (buf->cur >= buf->len) { hls->rbuf = buf->next; misc_free(FL, buf); if(NULL == (buf = hls->rbuf)) { /* ** last buffer in HLS and no EOL found; ** restore the data into the HLS and ** exit to wait to read more */ hls->more = 1; hls->rbuf = (BUF *)misc_alloc(FL, sizeof(BUF) + cnt); hls->rbuf->len = cnt; hls->rbuf->cur = 0; memcpy(hls->rbuf->dat, ptr, cnt); #if defined(COMPILE_DEBUG) debug(4, "preread %d bytes while waiting " "for end-of-line: '%.128s'%s", cnt, hls->rbuf->dat, (cnt > 128) ? "..." : ""); #endif return NULL; } continue; } if (buf->dat[buf->cur] == '\r') break; if (buf->dat[buf->cur] == '\n') break; ptr[cnt++] = buf->dat[buf->cur++]; } ptr[cnt] = '\0'; /* Add the trailing null byte */ /* ** Remove possible newline and used up buffer */ if (buf != NULL) { while (buf->cur < buf->len && buf->dat[buf->cur] == '\r') buf->cur++; while (buf->cur < buf->len && buf->dat[buf->cur] == '\n') buf->cur++; if (buf->cur >= buf->len) { hls->rbuf = buf->next; misc_free(FL, buf); buf = hls->rbuf; } } #if defined(COMPILE_DEBUG) debug(2, "gets %s %d=%s: %d bytes '%.128s'%s", hls->ctyp, hls->sock, hls->peer, cnt, ptr, (cnt > 128) ? "..." : ""); #endif return ptr; } /* ------------------------------------------------------------ ** ** ** Function......: socket_flag ** ** Parameters....: hls Pointer to HighLevSock ** flag Flags to be applied ** ** Return........: (none) ** ** Purpose.......: Set the send() flags for the next write. ** They will be reset with the write/printf ** function. ** ** ------------------------------------------------------------ */ void socket_flag(HLS *hls, int flag) { if (hls == NULL) /* Basic sanity check */ misc_die(FL, "socket_flag: ?hls?"); /* ** Store for the next write / printf call */ hls->flag = flag; } /* ------------------------------------------------------------ ** ** ** Function......: socket_write ** ** Parameters....: hls Pointer to HighLevSock ** ptr Pointer to write buffer ** len Number of bytes to write ** ** Return........: 0=success, -1=failure ** ** Purpose.......: Write to High Level Socket. ** ** ------------------------------------------------------------ */ int socket_write(HLS *hls, char *ptr, int len) { BUF *buf, *tmp; if (hls == NULL || ptr == NULL) misc_die(FL, "socket_write: ?hls? ?ptr?"); if (hls->kill != 0) /* Socket already doomed? */ return 0; #if defined(COMPILE_DEBUG) debug(2, "write %s %d=%s: %d bytes", hls->ctyp, hls->sock, hls->peer, len); #endif /* ** Allocate a new buffer for the data */ buf = (BUF *) misc_alloc(FL, sizeof(BUF) + len); buf->len = len; buf->cur = 0; memcpy(buf->dat, ptr, len); buf->flg = hls->flag; hls->flag = 0; /* ** Chain the newly filled buffer */ if (hls->wbuf == NULL) hls->wbuf = buf; else { for (tmp = hls->wbuf; tmp->next; tmp = tmp->next) ; tmp->next = buf; } buf->next = NULL; return 0; } /* ------------------------------------------------------------ ** ** ** Function......: socket_printf ** ** Parameters....: hls Pointer to HighLevSock ** fmt Format string for output ** ** Return........: 0=success, -1=failure ** ** Purpose.......: Write to High Level Socket. ** ** ------------------------------------------------------------ */ int socket_printf(HLS *hls, char *fmt, ...) { va_list aptr; char str[NETSIZ]; int len; BUF *buf, *tmp; if (hls == NULL || fmt == NULL) misc_die(FL, "socket_printf: ?hls? ?fmt?"); if (hls->kill != 0) /* Socket already doomed? */ return 0; /* ** Prepare the new stuff to be written */ memset(str, 0, sizeof(str)); va_start(aptr, fmt); #if defined(HAVE_VSNPRINTF) vsnprintf(str, sizeof(str), fmt, aptr); #else vsprintf(str, fmt, aptr); #endif va_end(aptr); len = strlen(str); #if defined(COMPILE_DEBUG) while (len > 0) { if (str[len-1] == '\r' || str[len-1] == '\n') len--; else break; } if (len > 128) { fmt = "..."; len = 128; } else fmt = ""; debug(2, "printf %s %d=%s: %d bytes '%.*s'%s", hls->ctyp, hls->sock, hls->peer, strlen(str), len, str, fmt); len = strlen(str); #endif /* ** Allocate a new buffer for the data */ buf = (BUF *) misc_alloc(FL, sizeof(BUF) + len); buf->len = len; buf->cur = 0; memcpy(buf->dat, str, len); buf->flg = hls->flag; hls->flag = 0; /* ** Chain the newly filled buffer */ if (hls->wbuf == NULL) hls->wbuf = buf; else { for (tmp = hls->wbuf; tmp->next; tmp = tmp->next) ; tmp->next = buf; } buf->next = NULL; return 0; } /* ------------------------------------------------------------ ** ** ** Function......: socket_file ** ** Parameters....: hls Pointer to HighLevSock ** file Name of file to print ** crlf 0=send LF, 1=send CRLF ** ** Return........: 0=success, -1=failure ** ** Purpose.......: Output the contents of a file to the ** High Level Socket. The line end can ** either be LF or CRLF. ** ** ------------------------------------------------------------ */ int socket_file(HLS *hls, char *file, int crlf) { char buf[1024], *p, *lend; FILE *fp; if (hls == NULL || file == NULL) misc_die(FL, "socket_file: ?hls? ?file?"); lend = (crlf ? "\r\n" : "\n"); if ((fp = fopen(file, "r")) == NULL) return -1; while (fgets(buf, sizeof(buf), fp) != NULL) { if ((p = strchr(buf, '\n')) != NULL) *p = '\0'; socket_printf(hls, "%s%s", buf, lend); } fclose(fp); return 0; } /* ------------------------------------------------------------ ** ** ** Function......: socket_exec ** ** Parameters....: timeout Maximum seconds to wait ** close_flag Pointer to close_flag ** ** Return........: 0=timeout, 1=activity, -1=error ** ** Purpose.......: Prepare all relevant sockets, call the ** select function (main waiting point), ** and handle the outstanding actions. ** ** ------------------------------------------------------------ */ int socket_exec(int timeout, int *close_flag) { HLS *hls; fd_set rfds, wfds; int fdcnt, i; struct timeval tv; /* ** Prepare the select() input structures */ fdcnt = -1; FD_ZERO(&rfds); FD_ZERO(&wfds); /* ** Allow the daemon listening socket to accept */ if (lsock != -1) { fdcnt = lsock; FD_SET(lsock, &rfds); } /* ** Last but not least walk through the connections */ for (hls = hlshead; hls != NULL; hls = hls->next) { if (hls->sock == -1) continue; if (hls->kill != 0 && hls->wbuf == NULL) { close(hls->sock); hls->sock = -1; #if defined(COMPILE_DEBUG) debug(4, "FD_CLR %s", hls->ctyp); #endif /* ** The following return ensures that ** killed sockets will be detected. */ return 1; } if (hls->sock > fdcnt) fdcnt = hls->sock; if (hls->wbuf != NULL && hls->peer[0] != '\0') { FD_SET(hls->sock, &wfds); #if defined(COMPILE_DEBUG) debug(4, "FD_SET %s for W", hls->ctyp); #endif } if(hls->more >= 0) { FD_SET(hls->sock, &rfds); #if defined(COMPILE_DEBUG) debug(4, "FD_SET %s for R", hls->ctyp); #endif } } /* ** If not a single descriptor remains, we are doomed */ if (fdcnt == -1) { if (close_flag) *close_flag = 1; return 1; /* Return as non-defect situation */ } /* ** Wait for the next event */ tv.tv_sec = timeout; tv.tv_usec = 0; i = select(fdcnt + 1, &rfds, &wfds, NULL, &tv); if (i == 0) { #if defined(COMPILE_DEBUG) debug(2, "select: timeout (%d)", (int) time(NULL)); #endif return 0; } if (i < 0) { if (errno == EINTR) return 1; syslog_error("can't execute select"); return -1; } /* ** Check the various sources of events */ if (lsock != -1 && FD_ISSET(lsock, &rfds)) socket_accept(); for (hls = hlshead; hls != NULL; hls = hls->next) { if (hls->sock == -1) continue; if (FD_ISSET(hls->sock, &wfds)) socket_ll_write(hls); if (hls->sock == -1) /* May be dead by now */ continue; if (FD_ISSET(hls->sock, &rfds)) socket_ll_read(hls); if (hls->sock == -1) /* May be dead by now */ continue; if (hls->kill != 0 && hls->wbuf == NULL) { close(hls->sock); hls->sock = -1; } } return 1; } /* ------------------------------------------------------------ ** ** ** Function......: socket_ll_read ** ** Parameters....: hls Pointer to HighLevSock ** ** Return........: (none) ** ** Purpose.......: Socket low level read routine. If ** peer is not set, we are listening. ** ** ------------------------------------------------------------ */ static void socket_ll_read(HLS *hls) { int len, cnt, nsock; BUF *buf, *tmp; struct sockaddr_in saddr; if (hls == NULL) misc_die(FL, "socket_ll_read: ?hls?"); /* ** If the peer is not (yet) filled, this is a listening ** socket. In this case we need to accept() the (data) ** connection (e.g. FTP passive client or active server). */ if (hls->peer[0] == '\0') { memset(&saddr, 0, sizeof(saddr)); len = sizeof(saddr); nsock = accept(hls->sock, (struct sockaddr *) &saddr, &len); if (nsock < 0) { hls->ernr = errno; syslog_error("can't accept %s", hls->ctyp); shutdown(hls->sock, 2); close(hls->sock); hls->sock = -1; return; } socket_opts(nsock, SK_DATA); /* ** Update the High Level Socket */ shutdown(hls->sock, 2); /* the "acceptor" */ close(hls->sock); hls->sock = nsock; hls->addr = socket_sck2addr(nsock, REM_END, &(hls->port)); misc_strncpy(hls->peer, socket_addr2str(hls->addr), sizeof(hls->peer)); #if defined(COMPILE_DEBUG) debug(2, "accept %s (%d) from %s", hls->ctyp, hls->sock, hls->peer); #endif return; } /* ** Get the number of bytes waiting to be read */ len = 0; if( (cnt=ioctl(hls->sock, FIONREAD, &len)) < 0) { hls->ernr = errno; syslog_error("can't get num of bytes: %s %d=%s", hls->ctyp, hls->sock, hls->peer); close(hls->sock); hls->sock = -1; return; } #if defined(COMPILE_DEBUG) debug(4, "ll_read: FIONREAD reported %d bytes for %s %d=%s", len, hls->ctyp, hls->sock, hls->peer); #endif /* ** Check if the socket has been closed */ if (len == 0) { #if defined(I_NREAD) && defined(__sun__) /* ** solaris powers up select and returns "no data" ** (both, len == cnt == 0) in the middle of a data ** transfer; this was interpreted as EOF and has ** caused transfer aborts on bigger files. ** wait and retry before we assume this is a EOF. */ if((0 == cnt) && (++hls->retr < MAX_RETRIES)) { syslog_write(T_DBG, "zero bytes to read reported: %s %d=%s", hls->ctyp, hls->sock, hls->peer); usleep(10000); return; } #endif /* ** OK, EOF recived - should be cnt>0 and len == 0 ** on solaris / I_NREAD according to streamio(7I) */ #if defined(COMPILE_DEBUG) debug(1, "closed: %s %d=%s, len=%d, cnt=%d", hls->ctyp, hls->sock, hls->peer, len, cnt); #endif close(hls->sock); hls->sock = -1; return; } /* ** else reset retry counter on success */ hls->retr = 0; /* ** Limit the receive buffer sizes */ if(maxrecv_bufsiz > 0 && len > maxrecv_bufsiz) len = maxrecv_bufsiz; /* ** Now read the data that is waiting */ buf = (BUF *) misc_alloc(FL, sizeof(BUF) + len); do { errno = 0; cnt = recv(hls->sock, buf->dat, len, 0); } while (cnt == -1 && EINTR == errno); if (cnt != len) { if(cnt > 0) { /* ** hmm... seems to be solaris, isn't? :-) */ syslog_write(T_DBG, "recvd %d bytes while %d reported: %s %d=%s", cnt, len, hls->ctyp, hls->sock, hls->peer); } else { /* ** report as error because we use FIONREAD ** above and handle EOF's (len = 0) there... */ hls->ernr = errno; syslog_error("can't ll_read: %s %d=%s", hls->ctyp, hls->sock, hls->peer); close(hls->sock); hls->sock = -1; misc_free(FL, buf); return; } } buf->len = cnt; buf->cur = 0; buf->flg = 0; /* ** Update byte conter */ hls->rcnt += cnt; /* ** Chain the newly filled buffer */ if (hls->rbuf == NULL) hls->rbuf = buf; else { for (tmp = hls->rbuf; tmp->next; tmp = tmp->next) ; tmp->next = buf; } buf->next = NULL; #if defined(COMPILE_DEBUG) debug(3, "ll_read %s %d=%s: %d/%d bytes", hls->ctyp, hls->sock, hls->peer, cnt, hls->rcnt); #endif } /* ------------------------------------------------------------ ** ** ** Function......: socket_ll_write ** ** Parameters....: hls Pointer to HighLevSock ** ** Return........: (none) ** ** Purpose.......: Socket low level write routine. ** ** ------------------------------------------------------------ */ static void socket_ll_write(HLS *hls) { int cnt, tot; BUF *buf; if (hls == NULL) misc_die(FL, "socket_ll_write: ?hls?"); /* ** Try to send as much as possible */ for (buf = hls->wbuf, tot = 0; buf != NULL; ) { do cnt = send(hls->sock, buf->dat + buf->cur, buf->len - buf->cur, buf->flg); while (cnt == -1 && errno == EINTR); /* ** Did we write anything? */ if (cnt < 0) { if (tot == 0) { hls->ernr = errno; syslog_error("can't ll_write: %s %d=%s", hls->ctyp, hls->sock, hls->peer); close(hls->sock); hls->sock = -1; return; } break; /* At least the first write was ok */ } #if defined(COMPILE_DEBUG) debug(4, "ll_write %s %d=%s: sent %d bytes", hls->ctyp, hls->sock, hls->peer, cnt); #endif /* ** Update byte conter */ tot += cnt; hls->wcnt += cnt; /* ** Advance the write pointers */ if ((buf->cur += cnt) < buf->len) break; /* Partly sent, try again later */ /* ** This buffer is done, try and send next one */ hls->wbuf = buf->next; misc_free(FL, buf); buf = hls->wbuf; } #if defined(COMPILE_DEBUG) debug(3, "ll_write %s %d=%s: %d/%d bytes", hls->ctyp, hls->sock, hls->peer, tot, hls->wcnt); #endif } /* ------------------------------------------------------------ ** ** ** Function......: socket_msgline ** ** Parameters....: fmt String to expand ** ** Return........: Pointer to expanded string ** (Gets overwritten by subsequent calls) ** ** Purpose.......: Compose a message line, by copying the ** given string and expanding % escapes. ** ** ------------------------------------------------------------ */ char *socket_msgline(char *fmt) { static char str[1024]; char tmp[1024]; size_t i, j; time_t now; struct tm *t; if (fmt == NULL) /* Basic sanity check */ misc_die(FL, "socket_msgline: ?fmt?"); time(&now); t = localtime(&now); for (i = 0; (*fmt != '\0') && (i < (sizeof(str) - 64)); fmt++) { if (*fmt != '%') { str[i++] = *fmt; continue; } /* ** Escape alert ... */ memset(tmp, 0, sizeof(tmp)); switch (*++fmt) { case 'b': case 'B': strncpy(tmp, misc_getdate(), sizeof(tmp)-1); break; case 'd': case 'D': #if defined(HAVE_SNPRINTF) snprintf(tmp, sizeof(tmp), "%04d/%02d/%02d", t->tm_year + 1900, t->tm_mon + 1, t->tm_mday); #else sprintf(tmp, "%04d/%02d/%02d", t->tm_year + 1900, t->tm_mon + 1, t->tm_mday); #endif break; case 'h': case 'H': if (gethostname(tmp, sizeof(tmp)) < 0) strncpy(tmp, "[unknown host]", sizeof(tmp)-1); break; case 'n': case 'N': if (getfqdomainname(tmp, sizeof(tmp)) < 0) strncpy(tmp, "[unknown network]", sizeof(tmp)-1); break; case 't': case 'T': #if defined(HAVE_SNPRINTF) snprintf(tmp, sizeof(tmp), "%02d:%02d:%02d", t->tm_hour, t->tm_min, t->tm_sec); #else sprintf(tmp, "%02d:%02d:%02d", t->tm_hour, t->tm_min, t->tm_sec); #endif break; case 'v': case 'V': strncpy(tmp, misc_getvers(), sizeof(tmp)-1); break; case '%': tmp[0] = '%'; break; default: break; } tmp[sizeof(tmp)-1] = '\0'; /* paranoia :-) */ j = strlen(tmp); if ((i + j) < (sizeof(str) - 64)) { memcpy(str + i, tmp, j); i += j; } } return str; } /* ------------------------------------------------------------ ** ** ** Function......: socket_d_bind ** ** Parameters....: sock socket descriptor ** addr IP address we want to bind ** lrng Lower TCP port range limit ** urng Upper TCP port range limit ** incr use rand or increment mode ** ** Return........: bound port, 0 (INPORT_ANY) on failure ** ** Purpose.......: Binds a socket, taking care of a given ** port range using rand or incrementing ** the port number. ** Note: this function covers also dynamic ** ports assigning with a 0 range: ** lrng = urng = 0 ( = INPORT_ANY) ** ** ------------------------------------------------------------ */ u_int16_t socket_d_bind(int sock, u_int32_t addr, u_int16_t lrng, u_int16_t urng, int incr) { struct sockaddr_in saddr; u_int16_t port = INPORT_ANY; int retry= MAX_RETRIES, err = -1; /* Sanity check */ if(sock < 0) return INPORT_ANY; /* check port range */ if( !(lrng<=urng)) { #if defined(COMPILE_DEBUG) debug(2, "socket_d_bind: invalid port range %d-%d", lrng, urng); #endif return INPORT_ANY; } memset(&saddr, 0, sizeof(saddr)); saddr.sin_addr.s_addr = htonl(addr); saddr.sin_family = AF_INET; #if defined(COMPILE_DEBUG) debug(4, "socket_d_bind using %s", incr ? "increment" : "random"); #endif if(incr) { for (port = lrng; err && (port <= urng); port++) { saddr.sin_port = htons(port); while(0 <= retry--) { errno = 0; err = bind(sock, (struct sockaddr *)&saddr, sizeof(saddr)); #if defined(COMPILE_DEBUG) debug(2, "bind %s:%d result: %d, status: %s", socket_addr2str(addr), port, err, strerror(errno)); #endif if(0 == err) { /* bind succeed */ #if defined(COMPILE_DEBUG) debug(2, "bind succeeded," "port: %d, result: %d", port, err); #endif retry = -1; break; } else { /* bind failed: fatal error? */ if( !(EINTR == errno || EAGAIN == errno || EADDRINUSE == errno)) { #if defined(COMPILE_DEBUG) debug(4, "bind failed," "result: %d, error %s", err, strerror(errno)); #endif return INPORT_ANY; } } } } } else { int port_range = (urng - lrng) + 1; while(err && (0 < port_range--)) { port = misc_rand(lrng, urng); saddr.sin_port = htons(port); while(0 <= retry--) { err = bind(sock, (struct sockaddr *)&saddr, sizeof(saddr)); #if defined(COMPILE_DEBUG) debug(2, "bind %s:%d, result: %d, status: %s", socket_addr2str(addr), port, err, strerror(errno)); #endif if(0 == err) { /* bind succeed */ #if defined(COMPILE_DEBUG) debug(2, "bind succeeded, port: %d," "result: %d", port, err); #endif retry = -1; break; } else { /* bind failed: fatal error? */ if( !(EINTR == errno || EAGAIN == errno || EADDRINUSE == errno)) { #if defined(COMPILE_DEBUG) debug(2, "bind failed, " "result: %d, error %s", err, strerror(errno)); #endif return INPORT_ANY; } } } } } if((0 == err) && (INADDR_NONE != socket_sck2addr(sock, LOC_END, &port))) { #if defined(COMPILE_DEBUG) debug(2, "bound socket to port %d", port); #endif return port; } #if defined(COMPILE_DEBUG) debug(2, "bind error - port %d, IP %d", port, socket_sck2addr(sock, LOC_END, NULL)); #endif return INPORT_ANY; } /* ------------------------------------------------------------ ** ** ** Function......: socket_d_listen ** ** Parameters....: addr IP address we want to bind ** lrng Lower TCP port range limit ** urng Upper TCP port range limit ** phls Pointer where HLS will go ** ctyp Desired comms type identifier ** incr use rand or incremental bind ** ** Return........: Listening port (0=failure) ** ** Purpose.......: Open a listening socket, suitable for ** an additional data connection (e.g. FTP). ** ** ------------------------------------------------------------ */ u_int16_t socket_d_listen(u_int32_t addr, u_int16_t lrng, u_int16_t urng, HLS **phls, char *ctyp, int incr) { int sock; u_int16_t port; if (phls == NULL || ctyp == NULL) /* Sanity check */ misc_die(FL, "socket_d_listen: ?phls? ?ctyp?"); /* ** Create the socket and prepare it for binding */ if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { syslog_error("can't create %s socket", ctyp); exit(EXIT_FAILURE); } socket_opts(sock, SK_LISTEN); port = socket_d_bind(sock, addr, lrng, urng, incr); if (INPORT_ANY == port) { /* nothing found? */ close(sock); return 0; } listen(sock, 1); /* ** Allocate the corresponding High Level Socket */ if ((*phls = socket_init(-1)) == NULL) misc_die(FL, "socket_d_listen: ?*phls?"); (*phls)->sock = sock; (*phls)->ctyp = ctyp; #if defined(COMPILE_DEBUG) debug(2, "listen: %s (fd=%d) %s:%d", (*phls)->ctyp, (*phls)->sock, socket_addr2str(addr), (int)port); #endif return port; } /* ------------------------------------------------------------ ** ** ** Function......: socket_d_connect ** ** Parameters....: addr Destination IP address ** port Destination TCP port ** ladr Local IP address ** lrng Lower TCP port range limit ** urng Upper TCP port range limit ** phls Pointer where HLS will go ** ctyp Desired comms type identifier ** incr use rand or incremental bind ** ** Return........: Local end of connected port (0=failure) ** ** Purpose.......: Open a connecting socket, suitable for ** an additional data connection (e.g. FTP). ** ** ------------------------------------------------------------ */ u_int16_t socket_d_connect(u_int32_t addr, u_int16_t port, u_int32_t ladr, u_int16_t lrng, u_int16_t urng, HLS **phls, char *ctyp, int incr) { struct sockaddr_in saddr; int sock = -1; /* mark socket invalid */ int retry = MAX_RETRIES; u_int16_t lprt = lrng; if (phls == NULL || ctyp == NULL) /* Sanity check */ misc_die(FL, "socket_d_connect: ?phls? ?ctyp?"); while(0 <= retry--) { /* ** First of all, get a socket */ if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { syslog_error("can't create %s socket", ctyp); exit(EXIT_FAILURE); } socket_opts(sock, SK_DATA); /* ** check if we have to use a port range */ if( !(INPORT_ANY == lrng && INPORT_ANY == urng)) { /* ** Bind the socket, taking care of a given port range */ if(incr) { #if defined(COMPILE_DEBUG) debug(2, "%s: about to bind to %s:range(%d-%d)", ctyp, socket_addr2str(ladr), lprt, urng); #endif lprt = socket_d_bind(sock, ladr, lprt, urng, incr); } else { #if defined(COMPILE_DEBUG) debug(2, "%s: about to bind to %s:range(%d-%d)", ctyp, socket_addr2str(ladr), lrng, urng); #endif lprt = socket_d_bind(sock, ladr, lrng, urng, incr); } if (INPORT_ANY == lprt) { /* nothing found? */ close(sock); return 0; } } else lprt = INPORT_ANY; /* ** Actually connect the socket */ memset(&saddr, 0, sizeof(saddr)); saddr.sin_addr.s_addr = htonl(addr); saddr.sin_family = AF_INET; saddr.sin_port = htons(port); if (connect(sock, (struct sockaddr *) &saddr, sizeof(saddr)) < 0) { #if defined(COMPILE_DEBUG) debug(2, "%s: connect failed with '%s'", ctyp, strerror(errno)); #endif close(sock); sock = -1; /* check if is makes sense to retry? ** perhaps we only need an other ** local port (EADDRNOTAVAIL) for ** this destination? */ if( !(EINTR == errno || EAGAIN == errno || EADDRINUSE == errno || EADDRNOTAVAIL == errno)) { /* ** an other (real) error ocurred */ return 0; } else if(incr && INPORT_ANY != lprt) { /* ** increment lower range if we use ** increment mode and have a range */ if(lprt < urng) { lprt++; /* incr lower range */ } else { /* ** no more ports in range we can try */ return 0; } } } else break; } /* ** check if we have a valid, connected socket */ if(-1 == sock) { close(sock); return 0; } /* ** Allocate the corresponding High Level Socket */ if ((*phls = socket_init(sock)) == NULL) misc_die(FL, "socket_d_connect: ?*phls?"); (*phls)->ctyp = ctyp; (void) socket_sck2addr(sock, LOC_END, &port); #if defined(COMPILE_DEBUG) debug(2, "connect: %s fd=%d", (*phls)->ctyp, (*phls)->sock); #endif return port; } /* ------------------------------------------------------------ ** ** ** Function......: socket_str2addr ** ** Parameters....: name Host name or address ** dflt Default value ** ** Return........: Resolved address or default ** ** Purpose.......: Resolver for DNS names / IP addresses. ** ** ------------------------------------------------------------ */ u_int32_t socket_str2addr(char *name, u_int32_t dflt) { struct hostent *hptr; struct in_addr iadr; #if defined(COMPILE_DEBUG) debug(3, "str2addr: in='%.1024s'", NIL(name)); #endif if (name == NULL) /* Basic sanity check */ return dflt; memset(&iadr, 0, sizeof(iadr)); /* ** Try to interpret as dotted decimal */ if (*name >= '0' && *name <= '9') { if (inet_aton(name, &iadr) == 0) return dflt; /* Can't be valid ... */ return ntohl(iadr.s_addr); } /* ** Try to resolve the host as a DNS name */ if ((hptr = gethostbyname(name)) != NULL) { memcpy(&iadr.s_addr, hptr->h_addr, sizeof(iadr.s_addr)); return (u_int32_t) ntohl(iadr.s_addr); } /* ** Well, then return the default */ return dflt; } /* ------------------------------------------------------------ ** ** ** Function......: socket_str2port ** ** Parameters....: name Host name or address ** dflt Default value ** ** Return........: Resolved port or default ** ** Purpose.......: Resolver for TCP ports. ** ** ------------------------------------------------------------ */ u_int16_t socket_str2port(char *name, u_int16_t dflt) { struct servent *sptr; if (name == NULL) /* Basic sanity check */ return dflt; /* ** Try to interpret as numeric port value */ if (*name >= '0' && *name <= '9') return (u_int16_t) atoi(name); /* ** Try to resolve from /etc/services, NIS, etc. */ if ((sptr = getservbyname(name, "tcp")) != NULL) return (u_int16_t) ntohs(sptr->s_port); /* ** Well, then return the default */ return dflt; } /* ------------------------------------------------------------ ** ** ** Function......: socket_addr2str ** ** Parameters....: addr IP address in host order ** ** Return........: Dotted decimal string for addr ** ** Purpose.......: Convert IP address (host byte order) into ** human readable form. ** The buffer is reused in subsequent calls, ** so the caller better move the result away. ** ** ------------------------------------------------------------ */ char *socket_addr2str(u_int32_t addr) { struct in_addr iadr; static char str[PEER_LEN]; memset(&iadr, 0, sizeof(iadr)); iadr.s_addr = htonl(addr); misc_strncpy(str, inet_ntoa(iadr), sizeof(str)); return str; } /* ------------------------------------------------------------ ** ** ** Function......: socket_sck2addr ** ** Parameters....: sock Socket descriptor ** peer LOC_END or REM_END ** port Pointer to port ** ** Return........: IP address in host byte order ** or INADDR_NONE on failure ** ** Purpose.......: Retrieve the IP address of a socket, ** for either the peer or the local end ** in host byte order. ** ** ------------------------------------------------------------ */ u_int32_t socket_sck2addr(int sock, int peer, u_int16_t *port) { struct sockaddr_in saddr; int len, r; char *s; /* ** Retrieve the actual values */ memset(&saddr, 0, sizeof(saddr)); len = sizeof(saddr); if (peer == LOC_END) { r = getsockname(sock, (struct sockaddr *) &saddr, &len); s = "sock"; } else { r = getpeername(sock, (struct sockaddr *) &saddr, &len); s = "peer"; } if (r < 0) { syslog_error("can't get %sname for socket %d", s, sock); return INADDR_NONE; } /* ** Return the port if requested */ if (port != NULL) *port = (u_int16_t) ntohs(saddr.sin_port); /* ** Return the address part */ return (u_int32_t) ntohl(saddr.sin_addr.s_addr); } /* ------------------------------------------------------------ ** ** ** Function......: socket_chkladdr ** ** Parameters....: addr ip address to check ** ** Return........: 0 if not found, 1 if found, -1 on error ** ** Purpose.......: Check if addr (in network byte order) ** is used on an local network interface. ** ** ------------------------------------------------------------ */ int socket_chkladdr(u_int32_t addr) { #define DEFAULT_IFNUM 512 struct ifconf ifc; int ifn = DEFAULT_IFNUM; int i, sock; sock = socket(AF_INET, SOCK_DGRAM, 0); if(-1 == sock) { #if defined(COMPILE_DEBUG) debug(2, "can not create socket: %s", NIL(strerror(errno))); #endif return -1; } #if defined(SIOCGIFNUM) if( ioctl(sock, SIOCGIFNUM, (char *) &ifn) < 0) { #if defined(COMPILE_DEBUG) debug(2, "ioctl SIOCGIFNUM failed: %s", NIL(strerror(errno))); #endif ifn = DEFAULT_IFNUM; /* ignore failure */ } #endif /* SIOCGIFNUM */ ifc.ifc_len = ifn * sizeof (struct ifreq); ifc.ifc_buf = malloc(ifc.ifc_len); if( !ifc.ifc_buf) { #if defined(COMPILE_DEBUG) debug(2, "malloc(ifc.ifc_len=%d) failed: %s", ifc.ifc_len, NIL(strerror(errno))); #endif close(sock); return -1; } memset(ifc.ifc_buf, 0, ifc.ifc_len); if( ioctl(sock, SIOCGIFCONF, (char *)&ifc) < 0) { #if defined(COMPILE_DEBUG) debug(2, "ioctl SIOCGIFCONF failed: %s", NIL(strerror(errno))); #endif free(ifc.ifc_buf); close(sock); return -1; } close(sock); for( i=0; iifr_addr; i += sizeof( *ifr); if(AF_INET != ifr->ifr_addr.sa_family || INADDR_ANY == sa->sin_addr.s_addr || INADDR_NONE == sa->sin_addr.s_addr) continue; #if defined(COMPILE_DEBUG) debug(4, "interface %s has ip-address: %s", ifr->ifr_name, inet_ntoa(sa->sin_addr)); #endif if( sa->sin_addr.s_addr == addr) { #if defined(COMPILE_DEBUG) debug(2, "found local ip addr: %s", inet_ntoa(sa->sin_addr)); #endif free(ifc.ifc_buf); return 1; } } free(ifc.ifc_buf); #if defined(COMPILE_DEBUG) debug(2, "requested ip addr is not a local one"); #endif return 0; } /* ------------------------------------------------------------ ** ** ** Function......: socket_orgdst ** ** Parameters....: phls pointer to high-level socket ** addr pointer to in_addr_t ** port pointer to in_port_t ** ** Return........: 0 on success, -1 on error ** ** Purpose.......: get the original (transparent) destination ** addr and port the peer / client wanted to ** connect (network byte order!). ** ** ------------------------------------------------------------ */ int socket_orgdst(HLS *phls, u_int32_t *addr, u_int16_t *port) { struct sockaddr_in name; #if defined(HAVE_LINUX_NETFILTER_IPV4_H) && defined(SO_ORIGINAL_DST) struct sockaddr_in dest; #endif #if defined(HAVE_NETINET_IP_NAT_H) && defined(SIOCGNATL) natlookup_t natlook, *nlptr = &natlook; int rc, nat_fd = -1; #endif #if defined(HAVE_NET_PFVAR_H) int rc, nat_fd = -1; struct protoent *proto; struct sockaddr_in peer; struct pfioc_natlook natlook; #endif socklen_t len; /* ** sanity args checks */ if( !(phls && -1 != phls->sock && addr && port)) return -1; len = sizeof(name); memset(&name, 0, len); if(getsockname(phls->sock, (struct sockaddr *)&name, &len) < 0) { syslog_error("can't get sockname for socket %d", phls->sock); return -1; } syslog_write(T_DBG, "socket name address is %s:%d", socket_addr2str(ntohl(name.sin_addr.s_addr)), ntohs(name.sin_port)); #if defined(HAVE_LINUX_NETFILTER_IPV4_H) && defined(SO_ORIGINAL_DST) /* ** IP-Tables uses SO_ORIGINAL_DST getsockopt call */ len = sizeof(dest); memset(&dest, 0, len); if(getsockopt(phls->sock, SOL_IP, SO_ORIGINAL_DST, &dest, &len) < 0) { switch(errno) { case ENOPROTOOPT: /* ** no iptables support / 2.2 kernel ** ==> use getsockname dst bellow */ break; case ENOENT: /* ** 2.4 kernel without iptables support ** ==> getsockname does not work here */ syslog_write(T_WRN, "iptables not supported or ipchains support active"); return -1; break; default: syslog_error( "can't get iptables transparent destination"); return -1; break; } } else { if((name.sin_port == dest.sin_port) && (name.sin_addr.s_addr == dest.sin_addr.s_addr)) { syslog_write(T_DBG, "iptables transparent destination %s:%d is local", socket_addr2str(ntohl(dest.sin_addr.s_addr)), ntohs(dest.sin_port)); return -1; } syslog_write(T_DBG, "iptables transparent destination: %s:%d", socket_addr2str(ntohl(dest.sin_addr.s_addr)), ntohs(dest.sin_port)); *addr = dest.sin_addr.s_addr; *port = dest.sin_port; return 0; } #endif #if defined(HAVE_NET_PFVAR_H) /* ** OpenBSD PF table lookup */ len = sizeof(peer); memset(&peer, 0, len); if(getpeername(phls->sock, (struct sockaddr *)&peer, &len) < 0) { syslog_error("can't get peername for socket %d", phls->sock); return -1; } syslog_write(T_DBG, "socket peer address is %s:%d", socket_addr2str(ntohl(peer.sin_addr.s_addr)), ntohs(peer.sin_port)); if(!(proto = getprotobyname("tcp"))) { syslog_error("can't get protocol number for tcp"); return -1; } if((nat_fd = open("/dev/pf", O_RDWR, 0)) < 0) { endprotoent(); syslog_error("can't open pf device '/dev/pf'"); return -1; } memset(&natlook, 0, sizeof(natlook)); natlook.af = AF_INET; natlook.proto = proto->p_proto; natlook.direction = PF_OUT; natlook.saddr.v4.s_addr = peer.sin_addr.s_addr; /* peer */ natlook.sport = peer.sin_port; natlook.daddr.v4.s_addr = name.sin_addr.s_addr; /* sock */ natlook.dport = name.sin_port; endprotoent(); rc = ioctl(nat_fd, DIOCNATLOOK, &natlook); close(nat_fd); if(rc < 0) { if(errno != ENOENT) { syslog_error("can't get pfnat transparent destination"); } return -1; } #if defined(COMPILE_DEBUG) debug(2, "pfnat transparent proxy destination: %s:%d", socket_addr2str(ntohl(natlook.rdaddr.v4.s_addr)), ntohs(natlook.rdport)); #endif if((natlook.rdport == name.sin_port) && (natlook.rdaddr.v4.s_addr == name.sin_addr.s_addr)) { syslog_write(T_DBG, "pfnat proxy destination %s:%d is local", socket_addr2str(ntohl(natlook.rdaddr.v4.s_addr)), ntohs(natlook.rdport)); return -1; } syslog_write(T_DBG, "pfnat transparent destination: %s:%d", socket_addr2str(ntohl(natlook.rdaddr.v4.s_addr)), ntohs(natlook.rdport)); *addr = natlook.rdaddr.v4.s_addr; *port = natlook.rdport; return 0; #endif #if defined(HAVE_NETINET_IP_NAT_H) && defined(SIOCGNATL) /* ** BSD ipnat table lookup */ if ((nat_fd = open(IPL_NAT, O_RDONLY, 0)) < 0) { syslog_error("can't open ipnat device '%.*s'", MAX_PATH_SIZE, IPL_NAT); return -1; } memset(&natlook, 0, sizeof(natlook)); natlook.nl_flags = IPN_TCP; natlook.nl_inip.s_addr = name.sin_addr.s_addr; natlook.nl_inport = name.sin_port; natlook.nl_outip.s_addr = htonl(phls->addr); natlook.nl_outport = htons(phls->port); /* ** handle versions differences... */ rc = 0; if(63 == (SIOCGNATL & 0xff)) { rc = ioctl(nat_fd, SIOCGNATL, &nlptr); #if defined(COMPILE_DEBUG) debug(2, "SIOCGNATL using &natlookptr: rc=%d", rc); #endif } else { rc = ioctl(nat_fd, SIOCGNATL, &natlook); #if defined(COMPILE_DEBUG) debug(2, "SIOCGNATL using &natlook: rc=%d", rc); #endif } close(nat_fd); if(rc < 0) { if(errno != ESRCH) { syslog_error("can't get ipnat transparent destination"); } return -1; } if((natlook.nl_realport == name.sin_port) && (natlook.nl_realip.s_addr == name.sin_addr.s_addr)) { syslog_write(T_DBG, "ipnat transparent destination %s:%d is local", socket_addr2str(ntohl(natlook.nl_realip.s_addr)), ntohs(natlook.nl_realport)); return -1; } syslog_write(T_DBG, "ipnat transparent destination: %s:%d", socket_addr2str(ntohl(natlook.nl_realip.s_addr)), ntohs(natlook.nl_realport)); *addr = natlook.nl_realip.s_addr; *port = natlook.nl_realport; return 0; #else /* !BSD-IPNAT */ /* ** IP-Chains uses getsockname, as "transparent address" */ syslog_write(T_DBG, "ipchains transparent destination: %s:%d", socket_addr2str(ntohl(name.sin_addr.s_addr)), ntohs(name.sin_port)); *addr = name.sin_addr.s_addr; *port = name.sin_port; #endif return 0; } /* ------------------------------------------------------------ ** ** ** Function......: getfqhostname ** ** Parameters....: fqhost buffer to store the host name ** n size of the buffer ** ** Return........: 0 on success, -1 on error ** ** Purpose.......: get the full qualified (resolved) ** host name of the current/local host ** ** ------------------------------------------------------------ */ int getfqhostname(char *fqhost, size_t n) { char hname[MAXHOSTNAMELEN]; struct hostent *hp; if( !(n > 0 && fqhost)) return -1; memset(hname, 0, sizeof(hname)); if( gethostname(hname, sizeof(hname)-1)) return -1; if( !(hp = gethostbyname(hname))) return -1; misc_strncpy(fqhost, hp->h_name, n); return 0; } /* ------------------------------------------------------------ ** ** ** Function......: getfqdomainname ** ** Parameters....: fqhost buffer to store the domain name ** n size of the buffer ** ** Return........: 0 on success, -1 on error ** ** Purpose.......: get the full qualified (resolved) ** domain name of the current/local host ** ** ------------------------------------------------------------ */ int getfqdomainname(char *fqdomain, size_t n) { char hname[MAXHOSTNAMELEN], *p; if( !(n > 0 && fqdomain)) return -1; if(getfqhostname(hname, sizeof(hname))) return -1; p = strchr(hname, (int)'.'); if(p && *(p+1)) { misc_strncpy(fqdomain, p+1, n); return 0; } return -1; } /* ------------------------------------------------------------ * $Log: com-socket.c,v $ * Revision 1.7.2.2 2005/01/10 11:37:36 mt * added sys/param.h inclusion * * Revision 1.7.2.1 2003/05/07 11:14:08 mt * added OpenBSD pf-nat transparent proxy support * fixed to use hls->retr instead of a static retry counter * * Revision 1.7 2002/05/02 13:01:08 mt * merged with v1.8.2.2 * * Revision 1.6.2.2 2002/04/04 14:44:30 mt * added waiting and retrying on "no data" but no EOF in I_NREAD * added check for buffer len difference on ioctl and recv * added remembering of i/o failures in hls->ernr for loging * added and improved transparent proxy log messages * * Revision 1.6.2.1 2002/01/28 01:51:21 mt * replaced question marks sequences that may be misinterpreted as trigraphs * * Revision 1.6 2002/01/14 18:26:55 mt * implemented socket_orgdst to read transparent proxying destinations * implemented a MaxRecvBufSize option limiting max recv buffer size * implemented workarround for Netscape (4.x) directory symlink handling * extended log messages to provide basic transfer statistics data * fixed socket_gets to wait for a complete line if no EOL found * added snprintf usage, replaced strcpy/strncpy with misc_strncpy * * Revision 1.5 2001/11/06 23:04:43 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.4 1999/09/21 05:42:28 wiegand * syslog / abort review * * Revision 1.3 1999/09/17 06:32:28 wiegand * buffer length and overflow protection review * * Revision 1.2 1999/09/16 14:26:33 wiegand * minor code review and cleanup * * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/common/com-socket.h0000644000000000000000000001365510170463547017661 0ustar rootroot00000000000000/* * $Id: com-socket.h,v 1.5.2.1 2003/05/07 11:13:34 mt Exp $ * * Header for common functions for TCP/IP sockets * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_COM_SOCKET_H_) #define _COM_SOCKET_H_ /* ------------------------------------------------------------ */ #include #include #if !defined(INADDR_NONE) # if defined(INADDR_BROADCAST) # define INADDR_NONE INADDR_BROADCAST # else # define INADDR_NONE ((uint32_t) 0xffffffffU) # endif #endif #if !defined(INPORT_ANY) # define INPORT_ANY 0 #endif #if !defined(MAXHOSTNAMELEN) # define MAXHOSTNAMELEN 256 #endif /* ------------------------------------------------------------ */ #define SK_LISTEN 1 /* Kind: listening socket */ #define SK_CONTROL 2 /* Kind: control connection */ #define SK_DATA 3 /* Kind: data transfer */ #define LOC_END 1 /* Local end of connection */ #define REM_END 2 /* Remote end of connection */ #define PEER_LEN 32 /* Storage for dotted decimal */ #define MAX_RETRIES 6 /* bind retries on EADDRINUSE */ typedef void (*ACPT_CB)(int); /* Accept callback function */ /* ------------------------------------------------------------ */ /* ** Definition of a "High Level Socket" */ typedef struct buf_t { struct buf_t *next; /* Next one in the chain */ size_t len; /* Number of bytes at ptr */ size_t cur; /* Currently used offset */ int flg; /* Flag for send() (e.g. OOB) */ char dat[8]; /* Beginning of data (Guard) */ } BUF; typedef struct hls_t { struct hls_t *next; /* Next one in the chain */ int sock; /* The corresponding socket */ int kill; /* 1=kill socket after send */ int ernr; /* socket i/o error number */ int retr; /* recv i/o retry counter */ int flag; /* Flag for send() (e.g. OOB) */ int more; /* 1=read more to complete line */ u_int32_t addr; /* Peer's address (host order) */ u_int16_t port; /* Peer's port (host order) */ char peer[PEER_LEN]; /* Peer's readable address */ char *ctyp; /* Connection type identifier */ BUF *wbuf; /* Write buffer chain */ BUF *rbuf; /* Read buffer chain */ size_t wcnt; /* write bytes counter */ size_t rcnt; /* read bytes counter */ } HLS; /* ------------------------------------------------------------ */ int socket_listen (u_int32_t addr, u_int16_t port, ACPT_CB func); void socket_lclose (int shut); HLS *socket_init (int sock); void socket_opts (int sock, int kind); void socket_kill (HLS *hls); char *socket_gets (HLS *hls, char *ptr, int len); void socket_flag (HLS *hls, int flag); int socket_write (HLS *hls, char *ptr, int len); int socket_printf(HLS *hls, char *fmt, ...); int socket_file (HLS *hls, char *file, int crlf); int socket_exec (int timeout, int *close_flag); char *socket_msgline(char *fmt); u_int16_t socket_d_bind (int sock, u_int32_t addr, u_int16_t lrng, u_int16_t urng, int incr); u_int16_t socket_d_listen (u_int32_t addr, u_int16_t lrng, u_int16_t urng, HLS **phls, char *ctyp, int incr); u_int16_t socket_d_connect(u_int32_t addr, u_int16_t port, u_int32_t ladr, u_int16_t lrng, u_int16_t urng, HLS **phls, char *ctyp, int incr); u_int32_t socket_str2addr(char *name, u_int32_t dflt); u_int16_t socket_str2port(char *name, u_int16_t dflt); char *socket_addr2str(u_int32_t addr); u_int32_t socket_sck2addr(int sock, int peer, u_int16_t *port); int socket_chkladdr(u_int32_t addr); int socket_orgdst(HLS *phls, u_int32_t *addr, u_int16_t *port); int getfqhostname(char *fqhost, size_t n); int getfqdomainname(char *fqdomain, size_t n); /* ------------------------------------------------------------ */ #endif /* defined(_COM_SOCKET_H_) */ /* ------------------------------------------------------------ * $Log: com-socket.h,v $ * Revision 1.5.2.1 2003/05/07 11:13:34 mt * added hls->retr -- recv i/o retry counter * * Revision 1.5 2002/05/02 13:01:32 mt * merged with v1.8.2.2 * * Revision 1.4.2.1 2002/04/04 14:33:17 mt * added ernr flag in hls needed to remember failures * * Revision 1.4 2002/01/14 18:26:55 mt * implemented socket_orgdst to read transparent proxying destinations * implemented a MaxRecvBufSize option limiting max recv buffer size * implemented workarround for Netscape (4.x) directory symlink handling * extended log messages to provide basic transfer statistics data * fixed socket_gets to wait for a complete line if no EOL found * added snprintf usage, replaced strcpy/strncpy with misc_strncpy * * Revision 1.3 2001/11/06 23:04:43 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.2 1999/09/17 06:32:28 wiegand * buffer length and overflow protection review * * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/common/com-syslog.c0000644000000000000000000003640110170463547017676 0ustar rootroot00000000000000/* * $Id: com-syslog.c,v 1.6.2.1 2003/05/07 11:14:34 mt Exp $ * * Common file/syslog logging functions * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: com-syslog.c,v 1.6.2.1 2003/05/07 11:14:34 mt Exp $"; #endif #include #if defined(STDC_HEADERS) # include # include # include # include # include #endif #if defined(HAVE_UNISTD_H) # include #endif #if TIME_WITH_SYS_TIME # include # include #else # if HAVE_SYS_TIME_H # include # else # include # endif #endif #if defined(HAVE_FCNTL_H) # include #elif defined(HAVE_SYS_FCNTL_H) # include #endif #if defined(HAVE_SYSLOG_H) # include # if defined(NEED_SYS_SYSLOG_H) # include # endif #endif #include #include #include "com-debug.h" #include "com-misc.h" #include "com-syslog.h" /* ** default log level is LOG_INFO (verbose) */ #if !defined(DEFAULT_LOG_LEVEL) #define DEFAULT_LOG_LEVEL LOG_INFO #endif /* ------------------------------------------------------------ */ typedef struct { char *name; /* Syslog facility name */ int code; /* The corresponding code */ } FACIL; /* ------------------------------------------------------------ */ static int initflag = 0; /* Have we been initialized? */ static int log_level = DEFAULT_LOG_LEVEL; static char *log_name = NULL; static FILE *log_file = NULL; static FILE *log_pipe = NULL; static FACIL *log_syslog = NULL; static FACIL facilities[] = { #ifdef LOG_AUTH { "auth", LOG_AUTH }, #endif #ifdef LOG_CRON { "cron", LOG_CRON }, #endif #ifdef LOG_DAEMON { "daemon", LOG_DAEMON }, #endif #ifdef LOG_FTP { "ftp", LOG_FTP }, #endif #ifdef LOG_KERN { "kern", LOG_KERN }, #endif #ifdef LOG_LOCAL0 { "local0", LOG_LOCAL0 }, #endif #ifdef LOG_LOCAL1 { "local1", LOG_LOCAL1 }, #endif #ifdef LOG_LOCAL2 { "local2", LOG_LOCAL2 }, #endif #ifdef LOG_LOCAL3 { "local3", LOG_LOCAL3 }, #endif #ifdef LOG_LOCAL4 { "local4", LOG_LOCAL4 }, #endif #ifdef LOG_LOCAL5 { "local5", LOG_LOCAL5 }, #endif #ifdef LOG_LOCAL6 { "local6", LOG_LOCAL6 }, #endif #ifdef LOG_LOCAL7 { "local7", LOG_LOCAL7 }, #endif #ifdef LOG_LPR { "lpr", LOG_LPR }, #endif #ifdef LOG_MAIL { "mail", LOG_MAIL }, #endif #ifdef LOG_NEWS { "news", LOG_NEWS }, #endif #ifdef LOG_USER { "user", LOG_USER }, #endif #ifdef LOG_UUCP { "uucp", LOG_UUCP }, #endif { NULL, 0 } }; /* ------------------------------------------------------------ ** ** ** Function......: syslog_stderr ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Assign log destination to stderr. ** This allows to print errors durring the ** initialization phase - before the first ** syslog_open call is done ** ** ------------------------------------------------------------ */ void syslog_stderr() { syslog_close(); log_file = stderr; log_level = LOG_ERR; } /* ------------------------------------------------------------ ** ** ** Function......: syslog_open ** ** Parameters....: name Logfile or syslog name ** Parameters....: level log level name (optional) ** ** Return........: (none) ** ** Purpose.......: Open a logfile, logpipe or syslog. ** ** ------------------------------------------------------------ */ void syslog_open(char *name, char *level) { int fd; if (initflag == 0) { if(stderr == log_file) { log_file = NULL; } atexit(syslog_close); initflag = 1; } if (misc_strequ(name, log_name)) { /* ** log destination hasn't changed ** rotate, if a log file is used */ if(log_file) { syslog_rotate(); } return; } if (NULL != log_name && NULL != name && '\0' != name[0]) { /* ** this is a reopen - write a message with ** the new log destination into the old one */ syslog_write(T_INF, "reopening log - new destination is '%.*s'", MAX_PATH_SIZE, name); } syslog_close(); if (NULL == name || '\0' == name[0]) { /* ** hmm... it was a close... */ return; } if(level && *level) { if( !strcasecmp("FLT", level)) { log_level = LOG_CRIT; } else if( !strcasecmp("ERR", level)) { log_level = LOG_ERR; } else if( !strcasecmp("WRN", level)) { log_level = LOG_WARNING; } else if( !strcasecmp("INF", level)) { log_level = LOG_INFO; } else if( !strcasecmp("DBG", level)) { log_level = LOG_DEBUG; } else { misc_die(FL, "invalid log level '%.3s'"); } } /* ** So we do have a destination now ... */ if (*name == '/') { char tmp_name[MAX_PATH_SIZE]; /* ** Logging to a regular file */ if(syslog_rename(tmp_name, name, sizeof(tmp_name))<0) { if (unlink(name) != 0 && errno != ENOENT) { misc_die(FL, "can't remove logfile '%.*s'", MAX_PATH_SIZE, name); } } if ((fd = open(name, O_RDWR | O_CREAT | O_EXCL, 0640)) < 0) { misc_die(FL, "can't open logfile '%.*s'", MAX_PATH_SIZE, name); } if ((log_file = fdopen(fd, "w")) == NULL) { misc_die(FL, "can't open logfile '%.*s'", MAX_PATH_SIZE, name); } } else if (*name == '|') { /* ** Logging to a command pipe */ for (++name; *name == ' ' || *name == '\t'; name++) ; if ((log_pipe = popen(name, "w")) == NULL) { misc_die(FL, "can't open logpipe '%.*s'", MAX_PATH_SIZE, name); } } else { /* ** Must be syslog, go and check the facility */ for (log_syslog = facilities; log_syslog->name; log_syslog++) { if (strcmp(name, log_syslog->name) == 0) break; } if (log_syslog->name == NULL) { log_syslog = NULL; misc_usage("invalid syslog facility '%.64s'", name); } openlog(misc_getprog(), LOG_PID | LOG_CONS | LOG_NDELAY, log_syslog->code); setlogmask(LOG_UPTO(log_level)); } log_name = misc_strdup(FL, name); } /* ------------------------------------------------------------ ** ** ** Function......: syslog_write ** ** Parameters....: level Loglevel (similar to syslog) ** fmt Format string for output ** ** Return........: (none) ** ** Purpose.......: Write a message to the current log. ** Do not call misc_die() to avoid loops. ** ** ------------------------------------------------------------ */ void syslog_write(int level, char *fmt, ...) { int tmperr = errno; /* Save errno for later */ va_list aptr; int loglvl, dbglvl; FILE *fp; time_t now; struct tm *t; char *logstr, buf[32], str[MAX_PATH_SIZE * 4]; va_start(aptr, fmt); #if defined(HAVE_VSNPRINTF) vsnprintf(str, sizeof(str), fmt, aptr); #else vsprintf(str, fmt, aptr); #endif va_end(aptr); switch (level) { case T_DBG: loglvl = LOG_DEBUG; logstr = "TECH-DBG"; dbglvl = 3; break; case T_INF: loglvl = LOG_INFO; logstr = "TECH-INF"; dbglvl = 2; break; case T_WRN: loglvl = LOG_WARNING; logstr = "TECH-WRN"; dbglvl = 1; break; case T_ERR: loglvl = LOG_ERR; logstr = "TECH-ERR"; dbglvl = 1; break; case T_FTL: loglvl = LOG_CRIT; logstr = "TECH-FTL"; dbglvl = 1; break; case U_DBG: loglvl = LOG_DEBUG; logstr = "USER-DBG"; dbglvl = 3; break; case U_INF: loglvl = LOG_INFO; logstr = "USER-INF"; dbglvl = 2; break; case U_WRN: loglvl = LOG_WARNING; logstr = "USER-WRN"; dbglvl = 1; break; case U_ERR: loglvl = LOG_ERR; logstr = "USER-ERR"; dbglvl = 1; break; case U_FTL: loglvl = LOG_CRIT; logstr = "USER-FTL"; dbglvl = 1; break; default: loglvl = LOG_CRIT; logstr = "TECH-FLT"; dbglvl = 1; } #if defined(COMPILE_DEBUG) debug(dbglvl, "%s %s", logstr, str); #endif if (log_level < loglvl) { errno = tmperr; /* Restore errno */ return; } if (log_syslog) { syslog(loglvl, "%s %s", logstr, str); errno = tmperr; /* Restore errno */ return; } if ((fp = (log_file ? log_file : log_pipe)) == NULL) { errno = tmperr; /* Restore errno */ return; } time(&now); t = localtime(&now); #if defined(HAVE_SNPRINTF) snprintf(buf, sizeof(buf), "%02d/%02d-%02d:%02d:%02d", t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); #else sprintf(buf, "%02d/%02d-%02d:%02d:%02d", t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); #endif fprintf(fp, "%s [%d] <%s> %s %s\n", misc_getprog(), (int) getpid(), buf, logstr, str); fflush(fp); errno = tmperr; /* Restore errno */ } /* ------------------------------------------------------------ ** ** ** Function......: syslog_error ** ** fmt Format string for output ** ** Return........: (none) ** ** Purpose.......: Write a message to the current log. ** Tag is ERR. Also write a debug info. ** ** ------------------------------------------------------------ */ void syslog_error(char *fmt, ...) { int tmperr = errno; /* Save errno for later */ va_list aptr; FILE *fp; time_t now; struct tm *t; char buf[32], str[MAX_PATH_SIZE * 4]; va_start(aptr, fmt); #if defined(HAVE_VSNPRINTF) vsnprintf(str, sizeof(str), fmt, aptr); #else vsprintf(str, fmt, aptr); #endif va_end(aptr); #if defined(COMPILE_DEBUG) if (tmperr == 0) debug(1, "TECH-ERR %s", str); else debug(1, "TECH-ERR %s (errno=%d [%.200s])", str, tmperr, strerror(tmperr)); #endif if (log_level < LOG_ERR) { errno = tmperr; /* Restore errno */ return; } if (log_syslog) { if (tmperr == 0) syslog(LOG_ERR, "TECH-ERR %s", str); else syslog(LOG_ERR, "TECH-ERR %s (errno=%d [%.256s])", str, tmperr, strerror(tmperr)); errno = tmperr; /* Restore errno */ return; } if ((fp = (log_file ? log_file : log_pipe)) == NULL) { errno = tmperr; /* Restore errno */ return; } time(&now); t = localtime(&now); #if defined(HAVE_SNPRINTF) snprintf(buf, sizeof(buf), "%02d/%02d-%02d:%02d:%02d", t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); #else sprintf(buf, "%02d/%02d-%02d:%02d:%02d", t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); #endif fprintf(fp, "%s [%d] <%s> TECH-ERR %s\n", misc_getprog(), (int) getpid(), buf, str); fflush(fp); errno = tmperr; /* Restore errno */ } /* ------------------------------------------------------------ ** ** ** Function......: syslog_rename ** ** Parameters....: new_name, log_name, len ** ** Return........: -1 on error, 0 on success, ** 1 if log_name does not exists ** ** Purpose.......: if file specified as log_name exists, ** rename it to new_name with a maximal ** length given in len. ** ** ------------------------------------------------------------ */ int syslog_rename(char *new_name, char *log_name, size_t len) { time_t now; struct tm *t; struct stat st; if( initflag == 0) return -1; if( !(new_name && log_name && len > (strlen(log_name) + 17))) return -1; time(&now); t = localtime(&now); memset(new_name, 0, len); #if defined(HAVE_SNPRINTF) snprintf(new_name, len, "%.*s.%d%02d%02d-%02d%02d%02d", (int)len-17, log_name, t->tm_year + 1900, t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); #else sprintf(new_name, "%.*s.%d%02d%02d-%02d%02d%02d", (int)len-17, log_name, t->tm_year + 1900, t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); #endif if( lstat(log_name, &st)) return 1; if( !lstat(new_name, &st)) { if( !(S_ISREG(st.st_mode) || S_ISLNK(st.st_mode))) { return -1; } unlink(new_name); } if (rename(log_name, new_name)) { return -1; } return 0; } /* ------------------------------------------------------------ ** ** ** Function......: syslog_rotate ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Rotate the log, if logging to a file. ** ** ------------------------------------------------------------ */ void syslog_rotate(void) { char tmp_name[MAX_PATH_SIZE]; int fd; if( initflag == 0) return; /* Only useful if logging to file */ if (log_file == NULL) return; #if defined(COMPILE_DEBUG) debug(2, "rotating log file '%.*s'", MAX_PATH_SIZE, log_name); #endif syslog_write(T_INF, "rotating log file '%.*s'", MAX_PATH_SIZE, log_name); fclose(log_file); log_file = NULL; if(syslog_rename(tmp_name, log_name, sizeof(tmp_name))<0) { misc_die(FL, "can't rotate logfile '%.*s'", MAX_PATH_SIZE, log_name); } if ((fd = open(log_name, O_RDWR | O_CREAT | O_EXCL, 0640)) < 0) { misc_die(FL, "can't open logfile '%.*s'", MAX_PATH_SIZE, log_name); } if ((log_file = fdopen(fd, "w")) == NULL) { misc_die(FL, "can't open logfile '%.*s'", MAX_PATH_SIZE, log_name); } } /* ------------------------------------------------------------ ** ** ** Function......: syslog_close ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Clean up at program exit. ** ** ------------------------------------------------------------ */ void syslog_close(void) { if (log_syslog) { closelog(); log_syslog = NULL; } if (log_file) { if(stderr != log_file) fclose(log_file); log_file = NULL; } if (log_pipe) { pclose(log_pipe); log_pipe = NULL; } if (log_name) { void *tmp = (void *) log_name; log_name = NULL; misc_free(FL, tmp); } log_level = DEFAULT_LOG_LEVEL; } /* ------------------------------------------------------------ * $Log: com-syslog.c,v $ * Revision 1.6.2.1 2003/05/07 11:14:34 mt * added check for empty name in log_open * * Revision 1.6 2002/05/02 13:01:58 mt * merged with v1.8.2.2 * * Revision 1.5.2.2 2002/04/04 14:28:53 mt * replaced stat with lstat for rename check in log rotation * * Revision 1.5.2.1 2002/01/28 01:51:21 mt * replaced question marks sequences that may be misinterpreted as trigraphs * * Revision 1.5 2002/01/14 18:30:15 mt * implemented syslog_stderr function to redirect log to stderr * added LogLevel option handling allowing to set the maximal level * added snprintf usage, replaced strcpy/strncpy with misc_strncpy * * Revision 1.4 2001/11/06 23:04:43 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.3 1999/09/26 13:25:05 wiegand * protection of debug/pid/log files against attacks * * Revision 1.2 1999/09/17 06:32:28 wiegand * buffer length and overflow protection review * * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/common/com-syslog.h0000644000000000000000000000552207420621667017706 0ustar rootroot00000000000000/* * $Id: com-syslog.h,v 1.3 2002/01/14 18:30:15 mt Exp $ * * Header for common file/syslog logging functions * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_COM_SYSLOG_H_) #define _COM_SYSLOG_H_ /* ------------------------------------------------------------ */ #define T_DBG 1 /* Technical log level DEBUG */ #define T_INF 2 /* Technical log level INFO */ #define T_WRN 3 /* Technical log level WARNING */ #define T_ERR 4 /* Technical log level ERROR */ #define T_FTL 5 /* Technical log level FATAL */ #define U_DBG 11 /* User rel. log level DEBUG */ #define U_INF 12 /* User rel. log level INFO */ #define U_WRN 13 /* User rel. log level WARNING */ #define U_ERR 14 /* User rel. log level ERROR */ #define U_FTL 15 /* User rel. log level FATAL */ /* ------------------------------------------------------------ */ void syslog_stderr(void); void syslog_open (char *name, char *level); void syslog_write (int level, char *fmt, ...); void syslog_error (char *fmt, ...); int syslog_rename(char *new_name, char *log_name, size_t len); void syslog_rotate(void); void syslog_close (void); /* ------------------------------------------------------------ */ #endif /* defined(_COM_SYSLOG_H_) */ /* ------------------------------------------------------------ * $Log: com-syslog.h,v $ * Revision 1.3 2002/01/14 18:30:15 mt * implemented syslog_stderr function to redirect log to stderr * added LogLevel option handling allowing to set the maximal level * added snprintf usage, replaced strcpy/strncpy with misc_strncpy * * Revision 1.2 2001/11/06 23:04:43 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.1 1999/09/15 14:05:38 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/config.guess0000755000000000000000000011351607464230624016471 0ustar rootroot00000000000000#! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 # Free Software Foundation, Inc. timestamp='2001-08-21' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Written by Per Bothner . # Please send patches to . # # This script attempts to guess a canonical system name similar to # config.sub. If it succeeds, it prints the system name on stdout, and # exits with 0. Otherwise, it exits with 1. # # The plan is that this can be called by configure scripts if you # don't specify an explicit build system type. me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] Output the configuration name of the system \`$me' is run on. Operation modes: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try \`$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit 0 ;; --version | -v ) echo "$version" ; exit 0 ;; --help | --h* | -h ) echo "$usage"; exit 0 ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" >&2 exit 1 ;; * ) break ;; esac done if test $# != 0; then echo "$me: too many arguments$help" >&2 exit 1 fi dummy=dummy-$$ trap 'rm -f $dummy.c $dummy.o $dummy.rel $dummy; exit 1' 1 2 15 # CC_FOR_BUILD -- compiler used by this script. # Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still # use `HOST_CC' if defined, but it is deprecated. set_cc_for_build='case $CC_FOR_BUILD,$HOST_CC,$CC in ,,) echo "int dummy(){}" > $dummy.c ; for c in cc gcc c89 ; do ($c $dummy.c -c -o $dummy.o) >/dev/null 2>&1 ; if test $? = 0 ; then CC_FOR_BUILD="$c"; break ; fi ; done ; rm -f $dummy.c $dummy.o $dummy.rel ; if test x"$CC_FOR_BUILD" = x ; then CC_FOR_BUILD=no_compiler_found ; fi ;; ,,*) CC_FOR_BUILD=$CC ;; ,*,*) CC_FOR_BUILD=$HOST_CC ;; esac' # This is needed to find uname on a Pyramid OSx when run in the BSD universe. # (ghazi@noc.rutgers.edu 1994-08-24) if (test -f /.attbin/uname) >/dev/null 2>&1 ; then PATH=$PATH:/.attbin ; export PATH fi UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown case "${UNAME_MACHINE}" in i?86) test -z "$VENDOR" && VENDOR=pc ;; *) test -z "$VENDOR" && VENDOR=unknown ;; esac test -f /etc/SuSE-release && VENDOR=suse # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:NetBSD:*:*) # Netbsd (nbsd) targets should (where applicable) match one or # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # switched to ELF, *-*-netbsd* would select the old # object file format. This provides both forward # compatibility and a consistent mechanism for selecting the # object file format. # Determine the machine/vendor (is the vendor relevant). case "${UNAME_MACHINE}" in amiga) machine=m68k-unknown ;; arm32) machine=arm-unknown ;; atari*) machine=m68k-atari ;; sun3*) machine=m68k-sun ;; mac68k) machine=m68k-apple ;; macppc) machine=powerpc-apple ;; hp3[0-9][05]) machine=m68k-hp ;; ibmrt|romp-ibm) machine=romp-ibm ;; *) machine=${UNAME_MACHINE}-unknown ;; esac # The Operating System including object format, if it has switched # to ELF recently, or will in the future. case "${UNAME_MACHINE}" in i386|sparc|amiga|arm*|hp300|mvme68k|vax|atari|luna68k|mac68k|news68k|next68k|pc532|sun3*|x68k) eval $set_cc_for_build if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep __ELF__ >/dev/null then # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). # Return netbsd for either. FIX? os=netbsd else os=netbsdelf fi ;; *) os=netbsd ;; esac # The OS release release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: # contains redundant information, the shorter form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit 0 ;; alpha:OSF1:*:*) if test $UNAME_RELEASE = "V4.0"; then UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` fi # A Vn.n version is a released version. # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. cat <$dummy.s .data \$Lformat: .byte 37,100,45,37,120,10,0 # "%d-%x\n" .text .globl main .align 4 .ent main main: .frame \$30,16,\$26,0 ldgp \$29,0(\$27) .prologue 1 .long 0x47e03d80 # implver \$0 lda \$2,-1 .long 0x47e20c21 # amask \$2,\$1 lda \$16,\$Lformat mov \$0,\$17 not \$1,\$18 jsr \$26,printf ldgp \$29,0(\$26) mov 0,\$16 jsr \$26,exit .end main EOF eval $set_cc_for_build $CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null if test "$?" = 0 ; then case `./$dummy` in 0-0) UNAME_MACHINE="alpha" ;; 1-0) UNAME_MACHINE="alphaev5" ;; 1-1) UNAME_MACHINE="alphaev56" ;; 1-101) UNAME_MACHINE="alphapca56" ;; 2-303) UNAME_MACHINE="alphaev6" ;; 2-307) UNAME_MACHINE="alphaev67" ;; 2-1307) UNAME_MACHINE="alphaev68" ;; esac fi rm -f $dummy.s $dummy echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` exit 0 ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # Should we change UNAME_MACHINE based on the output of uname instead # of the specific Alpha model? echo alpha-pc-interix exit 0 ;; 21064:Windows_NT:50:3) echo alpha-dec-winnt3.5 exit 0 ;; Amiga*:UNIX_System_V:4.0:*) echo m68k-unknown-sysv4 exit 0;; amiga:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; *:[Aa]miga[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-amigaos exit 0 ;; arc64:OpenBSD:*:*) echo mips64el-unknown-openbsd${UNAME_RELEASE} exit 0 ;; arc:OpenBSD:*:*) echo mipsel-unknown-openbsd${UNAME_RELEASE} exit 0 ;; hkmips:OpenBSD:*:*) echo mips-unknown-openbsd${UNAME_RELEASE} exit 0 ;; pmax:OpenBSD:*:*) echo mipsel-unknown-openbsd${UNAME_RELEASE} exit 0 ;; sgi:OpenBSD:*:*) echo mips-unknown-openbsd${UNAME_RELEASE} exit 0 ;; wgrisc:OpenBSD:*:*) echo mipsel-unknown-openbsd${UNAME_RELEASE} exit 0 ;; *:OS/390:*:*) echo i370-ibm-openedition exit 0 ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit 0;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) echo hppa1.1-hitachi-hiuxmpp exit 0;; Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. if test "`(/bin/universe) 2>/dev/null`" = att ; then echo pyramid-pyramid-sysv3 else echo pyramid-pyramid-bsd fi exit 0 ;; NILE*:*:*:dcosx) echo pyramid-pyramid-svr4 exit 0 ;; sun4H:SunOS:5.*:*) echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; i86pc:SunOS:5.*:*) echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize # SunOS6. Hard to guess exactly what SunOS6 will be like, but # it's likely to be more like Solaris than SunOS4. echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; sun4*:SunOS:*:*) case "`/usr/bin/arch -k`" in Series*|S4*) UNAME_RELEASE=`uname -v` ;; esac # Japanese Language versions have a version number like `4.1.3-JL'. echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` exit 0 ;; sun3*:SunOS:*:*) echo m68k-sun-sunos${UNAME_RELEASE} exit 0 ;; sun*:*:4.2BSD:*) UNAME_RELEASE=`(head -1 /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 case "`/bin/arch`" in sun3) echo m68k-sun-sunos${UNAME_RELEASE} ;; sun4) echo sparc-sun-sunos${UNAME_RELEASE} ;; esac exit 0 ;; aushp:SunOS:*:*) echo sparc-auspex-sunos${UNAME_RELEASE} exit 0 ;; sparc*:NetBSD:*) echo `uname -p`-unknown-netbsd${UNAME_RELEASE} exit 0 ;; atari*:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; # The situation for MiNT is a little confusing. The machine name # can be virtually everything (everything which is not # "atarist" or "atariste" at least should have a processor # > m68000). The system name ranges from "MiNT" over "FreeMiNT" # to the lowercase version "mint" (or "freemint"). Finally # the system name "TOS" denotes a system which is actually not # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit 0 ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit 0 ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} exit 0 ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) echo m68k-milan-mint${UNAME_RELEASE} exit 0 ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) echo m68k-hades-mint${UNAME_RELEASE} exit 0 ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) echo m68k-unknown-mint${UNAME_RELEASE} exit 0 ;; sun3*:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; mac68k:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; mvme68k:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; mvme88k:OpenBSD:*:*) echo m88k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; powerpc:machten:*:*) echo powerpc-apple-machten${UNAME_RELEASE} exit 0 ;; RISC*:Mach:*:*) echo mips-dec-mach_bsd4.3 exit 0 ;; RISC*:ULTRIX:*:*) echo mips-dec-ultrix${UNAME_RELEASE} exit 0 ;; VAX*:ULTRIX*:*:*) echo vax-dec-ultrix${UNAME_RELEASE} exit 0 ;; 2020:CLIX:*:* | 2430:CLIX:*:*) echo clipper-intergraph-clix${UNAME_RELEASE} exit 0 ;; mips:*:*:UMIPS | mips:*:*:RISCos) sed 's/^ //' << EOF >$dummy.c #ifdef __cplusplus #include /* for printf() prototype */ int main (int argc, char *argv[]) { #else int main (argc, argv) int argc; char *argv[]; { #endif #if defined (host_mips) && defined (MIPSEB) #if defined (SYSTYPE_SYSV) printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); #endif #if defined (SYSTYPE_SVR4) printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); #endif #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); #endif #endif exit (-1); } EOF eval $set_cc_for_build $CC_FOR_BUILD $dummy.c -o $dummy \ && ./$dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \ && rm -f $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy echo mips-mips-riscos${UNAME_RELEASE} exit 0 ;; Motorola:PowerMAX_OS:*:*) echo powerpc-motorola-powermax exit 0 ;; Night_Hawk:Power_UNIX:*:*) echo powerpc-harris-powerunix exit 0 ;; m88k:CX/UX:7*:*) echo m88k-harris-cxux7 exit 0 ;; m88k:*:4*:R4*) echo m88k-motorola-sysv4 exit 0 ;; m88k:*:3*:R3*) echo m88k-motorola-sysv3 exit 0 ;; AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] then if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ [ ${TARGET_BINARY_INTERFACE}x = x ] then echo m88k-dg-dgux${UNAME_RELEASE} else echo m88k-dg-dguxbcs${UNAME_RELEASE} fi else echo i586-dg-dgux${UNAME_RELEASE} fi exit 0 ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 exit 0 ;; M88*:*:R3*:*) # Delta 88k system running SVR3 echo m88k-motorola-sysv3 exit 0 ;; XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) echo m88k-tektronix-sysv3 exit 0 ;; Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) echo m68k-tektronix-bsd exit 0 ;; *:IRIX*:*:*) echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` exit 0 ;; ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX ' i*86:AIX:*:*) echo i386-ibm-aix exit 0 ;; ia64:AIX:*:*) if [ -x /usr/bin/oslevel ] ; then IBM_REV=`/usr/bin/oslevel` else IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} exit 0 ;; *:AIX:2:3) if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then sed 's/^ //' << EOF >$dummy.c #include main() { if (!__power_pc()) exit(1); puts("powerpc-ibm-aix3.2.5"); exit(0); } EOF eval $set_cc_for_build $CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm -f $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy echo rs6000-ibm-aix3.2.5 elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then echo rs6000-ibm-aix3.2.4 else echo rs6000-ibm-aix3.2 fi exit 0 ;; *:AIX:*:[45]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | head -1 | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then IBM_ARCH=rs6000 else IBM_ARCH=powerpc fi if [ -x /usr/bin/oslevel ] ; then IBM_REV=`/usr/bin/oslevel` else IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${IBM_ARCH}-ibm-aix${IBM_REV} exit 0 ;; *:AIX:*:*) echo rs6000-ibm-aix exit 0 ;; ibmrt:4.4BSD:*|romp-ibm:BSD:*) echo romp-ibm-bsd4.4 exit 0 ;; ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to exit 0 ;; # report: romp-ibm BSD 4.3 *:BOSX:*:*) echo rs6000-bull-bosx exit 0 ;; DPX/2?00:B.O.S.:*:*) echo m68k-bull-sysv3 exit 0 ;; 9000/[34]??:4.3bsd:1.*:*) echo m68k-hp-bsd exit 0 ;; hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) echo m68k-hp-bsd4.4 exit 0 ;; 9000/[34678]??:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` case "${UNAME_MACHINE}" in 9000/31? ) HP_ARCH=m68000 ;; 9000/[34]?? ) HP_ARCH=m68k ;; 9000/[678][0-9][0-9]) case "${HPUX_REV}" in 11.[0-9][0-9]) if [ -x /usr/bin/getconf ]; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` case "${sc_cpu_version}" in 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 532) # CPU_PA_RISC2_0 case "${sc_kernel_bits}" in 32) HP_ARCH="hppa2.0n" ;; 64) HP_ARCH="hppa2.0w" ;; esac ;; esac fi ;; esac if [ "${HP_ARCH}" = "" ]; then sed 's/^ //' << EOF >$dummy.c #define _HPUX_SOURCE #include #include int main () { #if defined(_SC_KERNEL_BITS) long bits = sysconf(_SC_KERNEL_BITS); #endif long cpu = sysconf (_SC_CPU_VERSION); switch (cpu) { case CPU_PA_RISC1_0: puts ("hppa1.0"); break; case CPU_PA_RISC1_1: puts ("hppa1.1"); break; case CPU_PA_RISC2_0: #if defined(_SC_KERNEL_BITS) switch (bits) { case 64: puts ("hppa2.0w"); break; case 32: puts ("hppa2.0n"); break; default: puts ("hppa2.0"); break; } break; #else /* !defined(_SC_KERNEL_BITS) */ puts ("hppa2.0"); break; #endif default: puts ("hppa1.0"); break; } exit (0); } EOF eval $set_cc_for_build (CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null ) && HP_ARCH=`./$dummy` if test -z "$HP_ARCH"; then HP_ARCH=hppa; fi rm -f $dummy.c $dummy fi ;; esac echo ${HP_ARCH}-hp-hpux${HPUX_REV} exit 0 ;; ia64:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` echo ia64-hp-hpux${HPUX_REV} exit 0 ;; 3050*:HI-UX:*:*) sed 's/^ //' << EOF >$dummy.c #include int main () { long cpu = sysconf (_SC_CPU_VERSION); /* The order matters, because CPU_IS_HP_MC68K erroneously returns true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct results, however. */ if (CPU_IS_PA_RISC (cpu)) { switch (cpu) { case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; default: puts ("hppa-hitachi-hiuxwe2"); break; } } else if (CPU_IS_HP_MC68K (cpu)) puts ("m68k-hitachi-hiuxwe2"); else puts ("unknown-hitachi-hiuxwe2"); exit (0); } EOF eval $set_cc_for_build $CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm -f $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy echo unknown-hitachi-hiuxwe2 exit 0 ;; 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) echo hppa1.1-hp-bsd exit 0 ;; 9000/8??:4.3bsd:*:*) echo hppa1.0-hp-bsd exit 0 ;; *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) echo hppa1.0-hp-mpeix exit 0 ;; hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) echo hppa1.1-hp-osf exit 0 ;; hp8??:OSF1:*:*) echo hppa1.0-hp-osf exit 0 ;; i*86:OSF1:*:*) if [ -x /usr/sbin/sysversion ] ; then echo ${UNAME_MACHINE}-unknown-osf1mk else echo ${UNAME_MACHINE}-unknown-osf1 fi exit 0 ;; parisc*:Lites*:*:*) echo hppa1.1-hp-lites exit 0 ;; hppa*:OpenBSD:*:*) echo hppa-unknown-openbsd exit 0 ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd exit 0 ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi exit 0 ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd exit 0 ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd exit 0 ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd exit 0 ;; CRAY*X-MP:*:*:*) echo xmp-cray-unicos exit 0 ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY*[A-Z]90:*:*:*) echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY*TS:*:*:*) echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY*T3D:*:*:*) echo alpha-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY*T3E:*:*:*) echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY*SV1:*:*:*) echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit 0 ;; CRAY-2:*:*:*) echo cray2-cray-unicos exit 0 ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit 0 ;; hp300:OpenBSD:*:*) echo m68k-unknown-openbsd${UNAME_RELEASE} exit 0 ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} exit 0 ;; sparc*:BSD/OS:*:*) echo sparc-unknown-bsdi${UNAME_RELEASE} exit 0 ;; *:BSD/OS:*:*) echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit 0 ;; *:FreeBSD:*:*) echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit 0 ;; *:OpenBSD:*:*) echo ${UNAME_MACHINE}-unknown-openbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` exit 0 ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit 0 ;; i*:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit 0 ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit 0 ;; i*:Windows_NT*:* | Pentium*:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we # UNAME_MACHINE based on the output of uname instead of i386? echo i386-pc-interix exit 0 ;; i*:UWIN*:*) echo ${UNAME_MACHINE}-pc-uwin exit 0 ;; p*:CYGWIN*:*) echo powerpcle-unknown-cygwin exit 0 ;; prep*:SunOS:5.*:*) echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit 0 ;; *:GNU:*:*) echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit 0 ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit 0 ;; arm*:Linux:*:*) echo ${UNAME_MACHINE}-${VENDOR}-linux exit 0 ;; ia64:Linux:*:*) echo ${UNAME_MACHINE}-${VENDOR}-linux exit 0 ;; m68*:Linux:*:*) echo ${UNAME_MACHINE}-${VENDOR}-linux exit 0 ;; mips:Linux:*:*) case `sed -n '/^byte/s/^.*: \(.*\) endian/\1/p' < /proc/cpuinfo` in big) echo mips-${VENDOR}-linux && exit 0 ;; little) echo mipsel-${VENDOR}-linux && exit 0 ;; esac case `sed -n '/^system type/s/^.*: \([^ ]*\).*/\1/p' < /proc/cpuinfo` in SGI|sgi) echo mips-${VENDOR}-linux-gnu && exit 0 ;; esac ;; ppc:Linux:*:*|ppc64:Linux:*:*) echo powerpc-${VENDOR}-linux exit 0 ;; ppc64:Linux:*:*) echo powerpc64-unknown-linux-gnu exit 0 ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in EV5) UNAME_MACHINE=alphaev5 ;; EV56) UNAME_MACHINE=alphaev56 ;; PCA56) UNAME_MACHINE=alphapca56 ;; PCA57) UNAME_MACHINE=alphapca56 ;; EV6) UNAME_MACHINE=alphaev6 ;; EV67) UNAME_MACHINE=alphaev67 ;; EV68*) UNAME_MACHINE=alphaev68 ;; esac objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi echo ${UNAME_MACHINE}-${VENDOR}-linux${LIBC} exit 0 ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in PA7*) echo hppa1.1-${VENDOR}-linux ;; PA8*) echo hppa2.0-${VENDOR}-linux ;; *) echo hppa-${VENDOR}-linux ;; esac exit 0 ;; parisc64:Linux:*:* | hppa64:Linux:*:*) echo hppa64-${VENDOR}-linux exit 0 ;; s390:Linux:*:* | s390x:Linux:*:*) echo ${UNAME_MACHINE}-ibm-linux exit 0 ;; sh*:Linux:*:*) echo ${UNAME_MACHINE}-${VENDOR}-linux exit 0 ;; sparc:Linux:*:* | sparc64:Linux:*:*) echo ${UNAME_MACHINE}-${VENDOR}-linux exit 0 ;; x86_64:Linux:*:*) echo x86_64-${VENDOR}-linux exit 0 ;; i*86:Linux:*:*) # The BFD linker knows what the default object file format is, so # first see if it will tell us. cd to the root directory to prevent # problems with other programs or directories called `ld' in the path. ld_supported_targets=`cd /; ld --help 2>&1 \ | sed -ne '/supported targets:/!d s/[ ][ ]*/ /g s/.*supported targets: *// s/ .*// p'` case "$ld_supported_targets" in elf32-i386) TENTATIVE="${UNAME_MACHINE}-${VENDOR}-linux" ;; a.out-i386-linux) echo "${UNAME_MACHINE}-${VENDOR}-linuxaout" exit 0 ;; coff-i386) echo "${UNAME_MACHINE}-${VENDOR}-linuxcoff" exit 0 ;; "") # Either a pre-BFD a.out linker (linuxoldld) or # one that does not give us useful --help. echo "${UNAME_MACHINE}-${VENDOR}-linuxoldld" exit 0 ;; esac # Determine whether the default compiler is a.out or elf cat >$dummy.c < #ifdef __cplusplus #include /* for printf() prototype */ int main (int argc, char *argv[]) { #else int main (argc, argv) int argc; char *argv[]; { #endif #ifdef __ELF__ # ifdef __GLIBC__ # if __GLIBC__ >= 2 printf ("%s-${VENDOR}-linux\n", argv[1]); # else printf ("%s-${VENDOR}-linuxlibc1\n", argv[1]); # endif # else printf ("%s-${VENDOR}-linuxlibc1\n", argv[1]); # endif #else printf ("%s-${VENDOR}-linuxaout\n", argv[1]); #endif return 0; } EOF eval $set_cc_for_build $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm -f $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0 ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both # sysname and nodename. echo i386-sequent-sysv4 exit 0 ;; i*86:UNIX_SV:4.2MP:2.*) # Unixware is an offshoot of SVR4, but it has its own version # number series starting with 2... # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} exit 0 ;; i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} else echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} fi exit 0 ;; i*86:*:5:[78]*) case `/bin/uname -X | grep "^Machine"` in *486*) UNAME_MACHINE=i486 ;; *Pentium) UNAME_MACHINE=i586 ;; *Pent*|*Celeron) UNAME_MACHINE=i686 ;; esac echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} exit 0 ;; i*86:*:3.2:*) if test -f /usr/options/cb.name; then UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')` (/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486 (/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \ && UNAME_MACHINE=i586 (/bin/uname -X|egrep '^Machine.*Pent ?II' >/dev/null) \ && UNAME_MACHINE=i686 (/bin/uname -X|egrep '^Machine.*Pentium Pro' >/dev/null) \ && UNAME_MACHINE=i686 echo ${UNAME_MACHINE}-pc-sco$UNAME_REL else echo ${UNAME_MACHINE}-pc-sysv32 fi exit 0 ;; i*86:*DOS:*:*) echo ${UNAME_MACHINE}-pc-msdosdjgpp exit 0 ;; pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about # the processor, so we play safe by assuming i386. echo i386-pc-msdosdjgpp exit 0 ;; Intel:Mach:3*:*) echo i386-pc-mach3 exit 0 ;; paragon:*:*:*) echo i860-intel-osf1 exit 0 ;; i860:*:4.*:*) # i860-SVR4 if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 else # Add other i860-SVR4 vendors below as they are discovered. echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 fi exit 0 ;; mini*:CTIX:SYS*5:*) # "miniframe" echo m68010-convergent-sysv exit 0 ;; M68*:*:R3V[567]*:*) test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;; 3[34]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 4850:*:4.0:3.0) OS_REL='' test -r /etc/.relid \ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && echo i486-ncr-sysv4.3${OS_REL} && exit 0 /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ && echo i486-ncr-sysv4 && exit 0 ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) echo m68k-unknown-lynxos${UNAME_RELEASE} exit 0 ;; mc68030:UNIX_System_V:4.*:*) echo m68k-atari-sysv4 exit 0 ;; i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) echo i386-unknown-lynxos${UNAME_RELEASE} exit 0 ;; TSUNAMI:LynxOS:2.*:*) echo sparc-unknown-lynxos${UNAME_RELEASE} exit 0 ;; rs6000:LynxOS:2.*:*) echo rs6000-unknown-lynxos${UNAME_RELEASE} exit 0 ;; PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) echo powerpc-unknown-lynxos${UNAME_RELEASE} exit 0 ;; SM[BE]S:UNIX_SV:*:*) echo mips-dde-sysv${UNAME_RELEASE} exit 0 ;; RM*:ReliantUNIX-*:*:*) echo mips-sni-sysv4 exit 0 ;; RM*:SINIX-*:*:*) echo mips-sni-sysv4 exit 0 ;; *:SINIX-*:*:*) if uname -p 2>/dev/null >/dev/null ; then UNAME_MACHINE=`(uname -p) 2>/dev/null` echo ${UNAME_MACHINE}-sni-sysv4 else echo ns32k-sni-sysv fi exit 0 ;; PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort # says echo i586-unisys-sysv4 exit 0 ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm echo hppa1.1-stratus-sysv4 exit 0 ;; *:*:*:FTX*) # From seanf@swdc.stratus.com. echo i860-stratus-sysv4 exit 0 ;; *:VOS:*:*) # From Paul.Green@stratus.com. echo hppa1.1-stratus-vos exit 0 ;; mc68*:A/UX:*:*) echo m68k-apple-aux${UNAME_RELEASE} exit 0 ;; news*:NEWS-OS:6*:*) echo mips-sony-newsos6 exit 0 ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then echo mips-nec-sysv${UNAME_RELEASE} else echo mips-unknown-sysv${UNAME_RELEASE} fi exit 0 ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos exit 0 ;; BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. echo powerpc-apple-beos exit 0 ;; BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos exit 0 ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit 0 ;; SX-5:SUPER-UX:*:*) echo sx5-nec-superux${UNAME_RELEASE} exit 0 ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} exit 0 ;; *:Rhapsody:*:*) echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} exit 0 ;; *:Darwin:*:*) echo `uname -p`-apple-darwin${UNAME_RELEASE} exit 0 ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) if test "${UNAME_MACHINE}" = "x86pc"; then UNAME_MACHINE=pc fi echo `uname -p`-${UNAME_MACHINE}-nto-qnx exit 0 ;; *:QNX:*:4*) echo i386-pc-qnx exit 0 ;; NSR-[KW]:NONSTOP_KERNEL:*:*) echo nsr-tandem-nsk${UNAME_RELEASE} exit 0 ;; *:NonStop-UX:*:*) echo mips-compaq-nonstopux exit 0 ;; BS2000:POSIX*:*:*) echo bs2000-siemens-sysv exit 0 ;; DS/*:UNIX_System_V:*:*) echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} exit 0 ;; *:Plan9:*:*) # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 # operating systems. if test "$cputype" = "386"; then UNAME_MACHINE=i386 else UNAME_MACHINE="$cputype" fi echo ${UNAME_MACHINE}-unknown-plan9 exit 0 ;; i*86:OS/2:*:*) # If we were able to find `uname', then EMX Unix compatibility # is probably installed. echo ${UNAME_MACHINE}-pc-os2-emx exit 0 ;; *:TOPS-10:*:*) echo pdp10-unknown-tops10 exit 0 ;; *:TENEX:*:*) echo pdp10-unknown-tenex exit 0 ;; KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) echo pdp10-dec-tops20 exit 0 ;; XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) echo pdp10-xkl-tops20 exit 0 ;; *:TOPS-20:*:*) echo pdp10-unknown-tops20 exit 0 ;; *:ITS:*:*) echo pdp10-unknown-its exit 0 ;; i*86:XTS-300:*:STOP) echo ${UNAME_MACHINE}-unknown-stop exit 0 ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 #echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 cat >$dummy.c < # include #endif main () { #if defined (sony) #if defined (MIPSEB) /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, I don't know.... */ printf ("mips-sony-bsd\n"); exit (0); #else #include printf ("m68k-sony-newsos%s\n", #ifdef NEWSOS4 "4" #else "" #endif ); exit (0); #endif #endif #if defined (__arm) && defined (__acorn) && defined (__unix) printf ("arm-acorn-riscix"); exit (0); #endif #if defined (hp300) && !defined (hpux) printf ("m68k-hp-bsd\n"); exit (0); #endif #if defined (NeXT) #if !defined (__ARCHITECTURE__) #define __ARCHITECTURE__ "m68k" #endif int version; version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; if (version < 4) printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); else printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); exit (0); #endif #if defined (MULTIMAX) || defined (n16) #if defined (UMAXV) printf ("ns32k-encore-sysv\n"); exit (0); #else #if defined (CMU) printf ("ns32k-encore-mach\n"); exit (0); #else printf ("ns32k-encore-bsd\n"); exit (0); #endif #endif #endif #if defined (__386BSD__) printf ("i386-pc-bsd\n"); exit (0); #endif #if defined (sequent) #if defined (i386) printf ("i386-sequent-dynix\n"); exit (0); #endif #if defined (ns32000) printf ("ns32k-sequent-dynix\n"); exit (0); #endif #endif #if defined (_SEQUENT_) struct utsname un; uname(&un); if (strncmp(un.version, "V2", 2) == 0) { printf ("i386-sequent-ptx2\n"); exit (0); } if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ printf ("i386-sequent-ptx1\n"); exit (0); } printf ("i386-sequent-ptx\n"); exit (0); #endif #if defined (vax) # if !defined (ultrix) # include # if defined (BSD) # if BSD == 43 printf ("vax-dec-bsd4.3\n"); exit (0); # else # if BSD == 199006 printf ("vax-dec-bsd4.3reno\n"); exit (0); # else printf ("vax-dec-bsd\n"); exit (0); # endif # endif # else printf ("vax-dec-bsd\n"); exit (0); # endif # else printf ("vax-dec-ultrix\n"); exit (0); # endif #endif #if defined (alliant) && defined (i860) printf ("i860-alliant-bsd\n"); exit (0); #endif exit (1); } EOF eval $set_cc_for_build $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy && rm -f $dummy.c $dummy && exit 0 rm -f $dummy.c $dummy # Apollos put the system type in the environment. test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; } # Convex versions that predate uname can use getsysinfo(1) if [ -x /usr/convex/getsysinfo ] then case `getsysinfo -f cpu_type` in c1*) echo c1-convex-bsd exit 0 ;; c2*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi exit 0 ;; c34*) echo c34-convex-bsd exit 0 ;; c38*) echo c38-convex-bsd exit 0 ;; c4*) echo c4-convex-bsd exit 0 ;; esac fi cat >&2 < in order to provide the needed information to handle your system. config.guess timestamp = $timestamp uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` /bin/uname -X = `(/bin/uname -X) 2>/dev/null` hostinfo = `(hostinfo) 2>/dev/null` /bin/universe = `(/bin/universe) 2>/dev/null` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` /bin/arch = `(/bin/arch) 2>/dev/null` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` UNAME_MACHINE = ${UNAME_MACHINE} UNAME_RELEASE = ${UNAME_RELEASE} UNAME_SYSTEM = ${UNAME_SYSTEM} UNAME_VERSION = ${UNAME_VERSION} EOF exit 1 # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" # End: proxy-suite-1.9.2.4/config.h.in0000644000000000000000000002056310170466241016165 0ustar rootroot00000000000000/* config.h.in. Generated from configure.in by autoheader. */ /* * $Id: acconfig.h,v 1.5.2.1 2003/05/07 11:16:24 mt Exp $ * * acconfig.h - template used by autoheader to create config.h.in * config.h.in - used by autoconf to create config.h * config.h - created by autoconf; defines generated by autoconf * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_ACCONFIG_H_) #define _ACCONFIG_H_ /* ------------------------------------------------------------ */ /* Define to the canonical name of your host type */ #undef HOSTTYPE /* Define if sys/syslog.h is needed on top of syslog.h */ #undef NEED_SYS_SYSLOG_H /* Define if you want to enable the SO_LINGER option */ #undef ENABLE_SO_LINGER /* Define to include crypt password support */ #undef HAVE_CRYPT /* Define to include POSIX Regular Expressions */ #undef HAVE_REGEX /* Define to include libwrap (tcp_wrappers) support */ #undef HAVE_LIBWRAP /* Define to include LDAP for access configuration */ #undef HAVE_LIBLDAP /* Define if you want to use RFC 1579 extensions */ #undef ENABLE_RFC1579 /* Define if you want to use RFC 2428 extensions */ #undef ENABLE_RFC2428 /* */ /* Define if you want to use SSL functionality */ #undef ENABLE_SSL /* */ /* Define as type suitable for network ports */ #undef u_int16_t /* Define as type suitable for socket addresses */ #undef u_int32_t /* Define to 1 if you have the header file. */ #undef HAVE_FCNTL_H /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H /* Define to 1 if you have the `ldap_get_lderrno' function. */ #undef HAVE_LDAP_GET_LDERRNO /* Define to 1 if you have the `ldap_get_option' function. */ #undef HAVE_LDAP_GET_OPTION /* Define to 1 if you have the `ldap_set_option' function. */ #undef HAVE_LDAP_SET_OPTION /* Define to 1 if you have the `nsl' library (-lnsl). */ #undef HAVE_LIBNSL /* Define to 1 if you have the `resolv' library (-lresolv). */ #undef HAVE_LIBRESOLV /* Define to 1 if you have the `socket' library (-lsocket). */ #undef HAVE_LIBSOCKET /* Define to 1 if you have the header file. */ #undef HAVE_LINUX_NETFILTER_IPV4_H /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IN_SYSTM_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IP_COMPAT_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IP_FIL_COMPAT_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IP_FIL_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IP_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IP_NAT_H /* Define to 1 if you have the header file. */ #undef HAVE_NET_IF_H /* Define to 1 if you have the header file. */ #undef HAVE_NET_PFVAR_H /* Define to 1 if you have the header file. */ #undef HAVE_PATHS_H /* Define to 1 if you have the `setsid' function. */ #undef HAVE_SETSID /* Define to 1 if you have the `snprintf' function. */ #undef HAVE_SNPRINTF /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H /* Define to 1 if you have the header file. */ #undef HAVE_STRING_H /* Define to 1 if you have the header file. */ #undef HAVE_STROPTS_H /* Define to 1 if you have the header file. */ #undef HAVE_SYSLOG_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_CONF_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_FCNTL_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_FILIO_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_PARAM_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SELECT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SOCKIO_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TIME_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H /* Define to 1 if you have that is POSIX.1 compatible. */ #undef HAVE_SYS_WAIT_H /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H /* Define to 1 if you have the `vsnprintf' function. */ #undef HAVE_VSNPRINTF /* Define to 1 if you have the `wait3' system call. Deprecated, you should no longer depend upon `wait3'. */ #undef HAVE_WAIT3 /* Define to 1 if you have the `waitpid' function. */ #undef HAVE_WAITPID /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT /* Define to the full name of this package. */ #undef PACKAGE_NAME /* Define to the full name and version of this package. */ #undef PACKAGE_STRING /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME /* Define to the version of this package. */ #undef PACKAGE_VERSION /* Define as the return type of signal handlers (`int' or `void'). */ #undef RETSIGTYPE /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS /* Define to 1 if you can safely include both and . */ #undef TIME_WITH_SYS_TIME /* Define to 1 if on AIX 3. System headers sometimes define this. We just want to avoid a redefinition error message. */ #ifndef _ALL_SOURCE # undef _ALL_SOURCE #endif /* Number of bits in a file offset, on hosts where this is settable. */ #undef _FILE_OFFSET_BITS /* Define for large files, on AIX-style hosts. */ #undef _LARGE_FILES /* Define to empty if `const' does not conform to ANSI C. */ #undef const /* Define to `int' if doesn't define. */ #undef gid_t /* Define to `__inline__' or `__inline' if that's what the C compiler calls it, or to nothing if 'inline' is not supported under any name. */ #ifndef __cplusplus #undef inline #endif /* Define to `int' if does not define. */ #undef mode_t /* Define to `int' if does not define. */ #undef pid_t /* Define to `unsigned' if does not define. */ #undef size_t /* Define to `unsigned short' if does not define. */ #undef u_int16_t /* Define to `unsigned int' if does not define. */ #undef u_int32_t /* Define to `int' if doesn't define. */ #undef uid_t /* ------------------------------------------------------------ */ #endif /* defined(_ACCONFIG_H_) */ /* ------------------------------------------------------------ * $Log: acconfig.h,v $ * Revision 1.5.2.1 2003/05/07 11:16:24 mt * removed HAVE_LDAP_UMICH, HAVE_LDAP_NETSCAPE variables * * Revision 1.5 2002/05/02 12:17:50 mt * added HAVE_CRYPT option * * Revision 1.4 1999/09/23 08:06:56 wiegand * code cleanup, added installation target * * Revision 1.3 1999/09/17 16:32:28 wiegand * changes from source code review * added POSIX regular expressions * * Revision 1.2 1999/09/15 13:20:35 wiegand * new structure: with subdirectories * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/config.sub0000755000000000000000000006672207464230624016142 0ustar rootroot00000000000000#! /bin/sh # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 # Free Software Foundation, Inc. timestamp='2001-08-13' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software # can handle that machine. It does not imply ALL GNU software can. # # This file is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, # Boston, MA 02111-1307, USA. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Please send patches to . # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. # If it is invalid, we print an error message on stderr and exit with code 1. # Otherwise, we print the canonical config type on stdout and succeed. # This file is supposed to be the same for all GNU packages # and recognize all the CPU types, system types and aliases # that are meaningful with *any* GNU software. # Each package is responsible for reporting which valid configurations # it does not support. The user should be able to distinguish # a failure to support a valid configuration from a meaningless # configuration. # The goal of this file is to map all the various variations of a given # machine specification into a single specification in the form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM # or in some cases, the newer four-part form: # CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM # It is wrong to echo any other type of specification. me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] CPU-MFR-OPSYS $0 [OPTION] ALIAS Canonicalize a configuration name. Operation modes: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.sub ($timestamp) Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try \`$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit 0 ;; --version | -v ) echo "$version" ; exit 0 ;; --help | --h* | -h ) echo "$usage"; exit 0 ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" exit 1 ;; *local*) # First pass through any local machine types. echo $1 exit 0;; * ) break ;; esac done case $# in 0) echo "$me: missing argument$help" >&2 exit 1;; 1) ;; *) echo "$me: too many arguments$help" >&2 exit 1;; esac # Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | storm-chaos* | os2-emx* | windows32-*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; *) basic_machine=`echo $1 | sed 's/-[^-]*$//'` if [ $basic_machine != $1 ] then os=`echo $1 | sed 's/.*-/-/'` else os=; fi ;; esac ### Let's recognize common machines as not being operating systems so ### that things like config.sub decstation-3100 work. We also ### recognize some manufacturers as not being operating systems, so we ### can provide default operating systems below. case $os in -sun*os*) # Prevent following clause from handling this invalid input. ;; -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ -apple | -axis) os= basic_machine=$1 ;; -sim | -cisco | -oki | -wec | -winbond) os= basic_machine=$1 ;; -scout) ;; -wrs) os=-vxworks basic_machine=$1 ;; -chorusos*) os=-chorusos basic_machine=$1 ;; -chorusrdb) os=-chorusrdb basic_machine=$1 ;; -hiux*) os=-hiuxwe2 ;; -sco5) os=-sco3.2v5 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco4) os=-sco3.2v4 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco3.2.[4-9]*) os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco3.2v[4-9]*) # Don't forget version if it is 3.2v4 or newer. basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -sco*) os=-sco3.2v2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -udk*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -isc) os=-isc2.2 basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -clix*) basic_machine=clipper-intergraph ;; -isc*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; -lynx*) os=-lynxos ;; -ptx*) basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` ;; -windowsnt*) os=`echo $os | sed -e 's/windowsnt/winnt/'` ;; -psos*) os=-psos ;; -mint | -mint[0-9]*) basic_machine=m68k-atari os=-mint ;; esac # Decode aliases for certain CPU-COMPANY combinations. case $basic_machine in # Recognize the basic CPU types without company name. # Some are omitted here because they have special meanings below. 1750a | 580 \ | a29k \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \ | c4x | clipper \ | d10v | d30v | dsp16xx \ | fr30 \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ | m32r | m68000 | m68k | m88k | mcore \ | mips16 | mips64 | mips64el | mips64orion | mips64orionel \ | mips64vr4100 | mips64vr4100el | mips64vr4300 \ | mips64vr4300el | mips64vr5000 | mips64vr5000el \ | mipsbe | mipsel | mipsle | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ | ns16k | ns32k \ | openrisc \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ | pyramid \ | s390 | s390x \ | sh | sh[34] | sh[34]eb | shbe | shle \ | sparc | sparc64 | sparclet | sparclite | sparcv9 | sparcv9b \ | strongarm \ | tahoe | thumb | tic80 | tron \ | v850 \ | we32k \ | x86 | xscale \ | z8k) basic_machine=$basic_machine-unknown ;; m6811 | m68hc11 | m6812 | m68hc12) # Motorola 68HC11/12. basic_machine=$basic_machine-unknown os=-none ;; m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) ;; # We use `pc' rather than `unknown' # because (1) that's what they normally are, and # (2) the word "unknown" tends to confuse beginning users. i*86 | x86_64) basic_machine=$basic_machine-pc ;; # Object if more than one company name word. *-*-*) echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 exit 1 ;; # Recognize the basic CPU types with company name. 580-* \ | a29k-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alphapca5[67]-* | arc-* \ | arm-* | armbe-* | armle-* | armv*-* \ | bs2000-* \ | c[123]* | c30-* | [cjt]90-* | c54x-* \ | clipper-* | cray2-* | cydra-* \ | d10v-* | d30v-* \ | elxsi-* \ | f30[01]-* | f700-* | fr30-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | i*86-* | i860-* | i960-* | ia64-* \ | m32r-* \ | m68000-* | m680[01234]0-* | m68360-* | m683?2-* | m68k-* \ | m88110-* | m88k-* | mcore-* \ | mips-* | mips16-* | mips64-* | mips64el-* | mips64orion-* \ | mips64orionel-* | mips64vr4100-* | mips64vr4100el-* \ | mips64vr4300-* | mips64vr4300el-* | mipsbe-* | mipsel-* \ | mipsle-* | mipstx39-* | mipstx39el-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ | pyramid-* \ | romp-* | rs6000-* \ | s390-* | s390x-* \ | sh-* | sh[34]-* | sh[34]eb-* | shbe-* | shle-* \ | sparc-* | sparc64-* | sparc86x-* | sparclite-* \ | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* \ | t3e-* | tahoe-* | thumb-* | tic30-* | tic54x-* | tic80-* | tron-* \ | v850-* | vax-* \ | we32k-* \ | x86-* | x86_64-* | xmp-* | xps100-* | xscale-* \ | ymp-* \ | z8k-*) ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. 386bsd) basic_machine=i386-unknown os=-bsd ;; 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) basic_machine=m68000-att ;; 3b*) basic_machine=we32k-att ;; a29khif) basic_machine=a29k-amd os=-udi ;; adobe68k) basic_machine=m68010-adobe os=-scout ;; alliant | fx80) basic_machine=fx80-alliant ;; altos | altos3068) basic_machine=m68k-altos ;; am29k) basic_machine=a29k-none os=-bsd ;; amdahl) basic_machine=580-amdahl os=-sysv ;; amiga | amiga-*) basic_machine=m68k-unknown ;; amigaos | amigados) basic_machine=m68k-unknown os=-amigaos ;; amigaunix | amix) basic_machine=m68k-unknown os=-sysv4 ;; apollo68) basic_machine=m68k-apollo os=-sysv ;; apollo68bsd) basic_machine=m68k-apollo os=-bsd ;; aux) basic_machine=m68k-apple os=-aux ;; balance) basic_machine=ns32k-sequent os=-dynix ;; convex-c1) basic_machine=c1-convex os=-bsd ;; convex-c2) basic_machine=c2-convex os=-bsd ;; convex-c32) basic_machine=c32-convex os=-bsd ;; convex-c34) basic_machine=c34-convex os=-bsd ;; convex-c38) basic_machine=c38-convex os=-bsd ;; cray | ymp) basic_machine=ymp-cray os=-unicos ;; cray2) basic_machine=cray2-cray os=-unicos ;; [cjt]90) basic_machine=${basic_machine}-cray os=-unicos ;; crds | unos) basic_machine=m68k-crds ;; cris | cris-* | etrax*) basic_machine=cris-axis ;; da30 | da30-*) basic_machine=m68k-da30 ;; decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) basic_machine=mips-dec ;; delta | 3300 | motorola-3300 | motorola-delta \ | 3300-motorola | delta-motorola) basic_machine=m68k-motorola ;; delta88) basic_machine=m88k-motorola os=-sysv3 ;; dpx20 | dpx20-*) basic_machine=rs6000-bull os=-bosx ;; dpx2* | dpx2*-bull) basic_machine=m68k-bull os=-sysv3 ;; ebmon29k) basic_machine=a29k-amd os=-ebmon ;; elxsi) basic_machine=elxsi-elxsi os=-bsd ;; encore | umax | mmax) basic_machine=ns32k-encore ;; es1800 | OSE68k | ose68k | ose | OSE) basic_machine=m68k-ericsson os=-ose ;; fx2800) basic_machine=i860-alliant ;; genix) basic_machine=ns32k-ns ;; gmicro) basic_machine=tron-gmicro os=-sysv ;; go32) basic_machine=i386-pc os=-go32 ;; h3050r* | hiux*) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; h8300hms) basic_machine=h8300-hitachi os=-hms ;; h8300xray) basic_machine=h8300-hitachi os=-xray ;; h8500hms) basic_machine=h8500-hitachi os=-hms ;; harris) basic_machine=m88k-harris os=-sysv3 ;; hp300-*) basic_machine=m68k-hp ;; hp300bsd) basic_machine=m68k-hp os=-bsd ;; hp300hpux) basic_machine=m68k-hp os=-hpux ;; hp3k9[0-9][0-9] | hp9[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k2[0-9][0-9] | hp9k31[0-9]) basic_machine=m68000-hp ;; hp9k3[2-9][0-9]) basic_machine=m68k-hp ;; hp9k6[0-9][0-9] | hp6[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k7[0-79][0-9] | hp7[0-79][0-9]) basic_machine=hppa1.1-hp ;; hp9k78[0-9] | hp78[0-9]) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[0-9][13679] | hp8[0-9][13679]) basic_machine=hppa1.1-hp ;; hp9k8[0-9][0-9] | hp8[0-9][0-9]) basic_machine=hppa1.0-hp ;; hppa-next) os=-nextstep3 ;; hppaosf) basic_machine=hppa1.1-hp os=-osf ;; hppro) basic_machine=hppa1.1-hp os=-proelf ;; i370-ibm* | ibm*) basic_machine=i370-ibm ;; # I'm not sure what "Sysv32" means. Should this be sysv3.2? i*86v32) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv32 ;; i*86v4*) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv4 ;; i*86v) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv ;; i*86sol2) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-solaris2 ;; i386mach) basic_machine=i386-mach os=-mach ;; i386-vsta | vsta) basic_machine=i386-unknown os=-vsta ;; iris | iris4d) basic_machine=mips-sgi case $os in -irix*) ;; *) os=-irix4 ;; esac ;; isi68 | isi) basic_machine=m68k-isi os=-sysv ;; m88k-omron*) basic_machine=m88k-omron ;; magnum | m3230) basic_machine=mips-mips os=-sysv ;; merlin) basic_machine=ns32k-utek os=-sysv ;; mingw32) basic_machine=i386-pc os=-mingw32 ;; miniframe) basic_machine=m68000-convergent ;; *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) basic_machine=m68k-atari os=-mint ;; mipsel*-linux*) basic_machine=mipsel-unknown ;; mips*-linux*) basic_machine=mips-unknown ;; mips3*-*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` ;; mips3*) basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown ;; mmix*) basic_machine=mmix-knuth os=-mmixware ;; monitor) basic_machine=m68k-rom68k os=-coff ;; msdos) basic_machine=i386-pc os=-msdos ;; mvs) basic_machine=i370-ibm os=-mvs ;; ncr3000) basic_machine=i486-ncr os=-sysv4 ;; netbsd386) basic_machine=i386-unknown os=-netbsd ;; netwinder) basic_machine=armv4l-rebel os=-linux ;; news | news700 | news800 | news900) basic_machine=m68k-sony os=-newsos ;; news1000) basic_machine=m68030-sony os=-newsos ;; news-3600 | risc-news) basic_machine=mips-sony os=-newsos ;; necv70) basic_machine=v70-nec os=-sysv ;; next | m*-next ) basic_machine=m68k-next case $os in -nextstep* ) ;; -ns2*) os=-nextstep2 ;; *) os=-nextstep3 ;; esac ;; nh3000) basic_machine=m68k-harris os=-cxux ;; nh[45]000) basic_machine=m88k-harris os=-cxux ;; nindy960) basic_machine=i960-intel os=-nindy ;; mon960) basic_machine=i960-intel os=-mon960 ;; nonstopux) basic_machine=mips-compaq os=-nonstopux ;; np1) basic_machine=np1-gould ;; nsr-tandem) basic_machine=nsr-tandem ;; op50n-* | op60c-*) basic_machine=hppa1.1-oki os=-proelf ;; OSE68000 | ose68000) basic_machine=m68000-ericsson os=-ose ;; os68k) basic_machine=m68k-none os=-os68k ;; pa-hitachi) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; paragon) basic_machine=i860-intel os=-osf ;; pbd) basic_machine=sparc-tti ;; pbb) basic_machine=m68k-tti ;; pc532 | pc532-*) basic_machine=ns32k-pc532 ;; pentium | p5 | k5 | k6 | nexgen) basic_machine=i586-pc ;; pentiumpro | p6 | 6x86 | athlon) basic_machine=i686-pc ;; pentiumii | pentium2) basic_machine=i686-pc ;; pentium-* | p5-* | k5-* | k6-* | nexgen-*) basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentiumpro-* | p6-* | 6x86-* | athlon-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pentiumii-* | pentium2-*) basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` ;; pn) basic_machine=pn-gould ;; power) basic_machine=power-ibm ;; ppc) basic_machine=powerpc-unknown ;; ppc64) basic_machine=powerpc-unknown ;; ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle | ppc-le | powerpc-little) basic_machine=powerpcle-unknown ;; ppcle-* | powerpclittle-*) basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64) basic_machine=powerpc64-unknown ;; ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppc64le | powerpc64little | ppc64-le | powerpc64-little) basic_machine=powerpc64le-unknown ;; ppc64le-* | powerpc64little-*) basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ps2) basic_machine=i386-ibm ;; pw32) basic_machine=i586-unknown os=-pw32 ;; rom68k) basic_machine=m68k-rom68k os=-coff ;; rm[46]00) basic_machine=mips-siemens ;; rtpc | rtpc-*) basic_machine=romp-ibm ;; sa29200) basic_machine=a29k-amd os=-udi ;; sequent) basic_machine=i386-sequent ;; sh) basic_machine=sh-hitachi os=-hms ;; sparclite-wrs) basic_machine=sparclite-wrs os=-vxworks ;; sps7) basic_machine=m68k-bull os=-sysv2 ;; spur) basic_machine=spur-unknown ;; st2000) basic_machine=m68k-tandem ;; stratus) basic_machine=i860-stratus os=-sysv4 ;; sun2) basic_machine=m68000-sun ;; sun2os3) basic_machine=m68000-sun os=-sunos3 ;; sun2os4) basic_machine=m68000-sun os=-sunos4 ;; sun3os3) basic_machine=m68k-sun os=-sunos3 ;; sun3os4) basic_machine=m68k-sun os=-sunos4 ;; sun4os3) basic_machine=sparc-sun os=-sunos3 ;; sun4os4) basic_machine=sparc-sun os=-sunos4 ;; sun4sol2) basic_machine=sparc-sun os=-solaris2 ;; sun3 | sun3-*) basic_machine=m68k-sun ;; sun4) basic_machine=sparc-sun ;; sun386 | sun386i | roadrunner) basic_machine=i386-sun ;; sv1) basic_machine=sv1-cray os=-unicos ;; symmetry) basic_machine=i386-sequent os=-dynix ;; t3e) basic_machine=t3e-cray os=-unicos ;; tic54x | c54x*) basic_machine=tic54x-unknown os=-coff ;; tx39) basic_machine=mipstx39-unknown ;; tx39el) basic_machine=mipstx39el-unknown ;; tower | tower-32) basic_machine=m68k-ncr ;; udi29k) basic_machine=a29k-amd os=-udi ;; ultra3) basic_machine=a29k-nyu os=-sym1 ;; v810 | necv810) basic_machine=v810-nec os=-none ;; vaxv) basic_machine=vax-dec os=-sysv ;; vms) basic_machine=vax-dec os=-vms ;; vpp*|vx|vx-*) basic_machine=f301-fujitsu ;; vxworks960) basic_machine=i960-wrs os=-vxworks ;; vxworks68) basic_machine=m68k-wrs os=-vxworks ;; vxworks29k) basic_machine=a29k-wrs os=-vxworks ;; w65*) basic_machine=w65-wdc os=-none ;; w89k-*) basic_machine=hppa1.1-winbond os=-proelf ;; windows32) basic_machine=i386-pc os=-windows32-msvcrt ;; xmp) basic_machine=xmp-cray os=-unicos ;; xps | xps100) basic_machine=xps100-honeywell ;; z8k-*-coff) basic_machine=z8k-unknown os=-sim ;; none) basic_machine=none-none os=-none ;; # Here we handle the default manufacturer of certain CPU types. It is in # some cases the only manufacturer, in others, it is the most popular. w89k) basic_machine=hppa1.1-winbond ;; op50n) basic_machine=hppa1.1-oki ;; op60c) basic_machine=hppa1.1-oki ;; mips) case $os in linux*) basic_machine=mips-unknown ;; *) basic_machine=mips-mips ;; esac ;; romp) basic_machine=romp-ibm ;; rs6000) basic_machine=rs6000-ibm ;; vax) basic_machine=vax-dec ;; pdp10) # there are many clones, so DEC is not a safe bet basic_machine=pdp10-unknown ;; pdp11) basic_machine=pdp11-dec ;; we32k) basic_machine=we32k-att ;; sh3 | sh4 | sh3eb | sh4eb) basic_machine=sh-unknown ;; sparc | sparcv9 | sparcv9b) basic_machine=sparc-sun ;; cydra) basic_machine=cydra-cydrome ;; orion) basic_machine=orion-highlevel ;; orion105) basic_machine=clipper-highlevel ;; mac | mpw | mac-mpw) basic_machine=m68k-apple ;; pmac | pmac-mpw) basic_machine=powerpc-apple ;; c4x*) basic_machine=c4x-none os=-coff ;; *-unknown) # Make sure to match an already-canonicalized machine name. ;; *) echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 exit 1 ;; esac # Here we canonicalize certain aliases for manufacturers. case $basic_machine in *-digital*) basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` ;; *-commodore*) basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` ;; *) ;; esac # Decode manufacturer-specific aliases for certain operating systems. if [ x"$os" != x"" ] then case $os in # First match some system type aliases # that might get confused with valid system types. # -solaris* is a basic system type, with this one exception. -solaris1 | -solaris1.*) os=`echo $os | sed -e 's|solaris1|sunos4|'` ;; -solaris) os=-solaris2 ;; -svr4*) os=-sysv4 ;; -unixware*) os=-sysv4.2uw ;; -gnu/linux*) os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` ;; # First accept the basic system types. # The portable systems comes first. # Each alternative MUST END IN A *, to match a version number. # -sysv* is not here because it comes later, after sysvr4. -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ | -aos* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -netbsd* | -openbsd* | -freebsd* | -riscix* \ | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -mingw32* | -linux* | -uxpv* | -beos* | -mpeix* | -udk* \ | -interix* | -uwin* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ | -os2* | -vos*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) case $basic_machine in x86-* | i*86-*) ;; *) os=-nto$os ;; esac ;; -nto*) os=-nto-qnx ;; -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ | -windows* | -osx | -abug | -netware* | -os9* | -beos* \ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) ;; -mac*) os=`echo $os | sed -e 's|mac|macos|'` ;; -sunos5*) os=`echo $os | sed -e 's|sunos5|solaris2|'` ;; -sunos6*) os=`echo $os | sed -e 's|sunos6|solaris3|'` ;; -opened*) os=-openedition ;; -wince*) os=-wince ;; -osfrose*) os=-osfrose ;; -osf*) os=-osf ;; -utek*) os=-bsd ;; -dynix*) os=-bsd ;; -acis*) os=-aos ;; -386bsd) os=-bsd ;; -ctix* | -uts*) os=-sysv ;; -ns2 ) os=-nextstep2 ;; -nsk*) os=-nsk ;; # Preserve the version number of sinix5. -sinix5.*) os=`echo $os | sed -e 's|sinix|sysv|'` ;; -sinix*) os=-sysv4 ;; -triton*) os=-sysv3 ;; -oss*) os=-sysv3 ;; -svr4) os=-sysv4 ;; -svr3) os=-sysv3 ;; -sysvr4) os=-sysv4 ;; # This must come after -sysvr4. -sysv*) ;; -ose*) os=-ose ;; -es1800*) os=-ose ;; -xenix) os=-xenix ;; -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) os=-mint ;; -none) ;; *) # Get rid of the `-' at the beginning of $os. os=`echo $os | sed 's/[^-]*-//'` echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 exit 1 ;; esac else # Here we handle the default operating systems that come with various machines. # The value should be what the vendor currently ships out the door with their # machine or put another way, the most popular os provided with the machine. # Note that if you're going to try to match "-MANUFACTURER" here (say, # "-sun"), then you have to tell the case statement up towards the top # that MANUFACTURER isn't an operating system. Otherwise, code above # will signal an error saying that MANUFACTURER isn't an operating # system, and we'll never get to this point. case $basic_machine in *-acorn) os=-riscix1.2 ;; arm*-rebel) os=-linux ;; arm*-semi) os=-aout ;; pdp10-*) os=-tops20 ;; pdp11-*) os=-none ;; *-dec | vax-*) os=-ultrix4.2 ;; m68*-apollo) os=-domain ;; i386-sun) os=-sunos4.0.2 ;; m68000-sun) os=-sunos3 # This also exists in the configure program, but was not the # default. # os=-sunos4 ;; m68*-cisco) os=-aout ;; mips*-cisco) os=-elf ;; mips*-*) os=-elf ;; *-tti) # must be before sparc entry or we get the wrong os. os=-sysv3 ;; sparc-* | *-sun) os=-sunos4.1.1 ;; *-be) os=-beos ;; *-ibm) os=-aix ;; *-wec) os=-proelf ;; *-winbond) os=-proelf ;; *-oki) os=-proelf ;; *-hp) os=-hpux ;; *-hitachi) os=-hiux ;; i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) os=-sysv ;; *-cbm) os=-amigaos ;; *-dg) os=-dgux ;; *-dolphin) os=-sysv3 ;; m68k-ccur) os=-rtu ;; m88k-omron*) os=-luna ;; *-next ) os=-nextstep ;; *-sequent) os=-ptx ;; *-crds) os=-unos ;; *-ns) os=-genix ;; i370-*) os=-mvs ;; *-next) os=-nextstep3 ;; *-gould) os=-sysv ;; *-highlevel) os=-bsd ;; *-encore) os=-bsd ;; *-sgi) os=-irix ;; *-siemens) os=-sysv4 ;; *-masscomp) os=-rtu ;; f30[01]-fujitsu | f700-fujitsu) os=-uxpv ;; *-rom68k) os=-coff ;; *-*bug) os=-coff ;; *-apple) os=-macos ;; *-atari*) os=-mint ;; *) os=-none ;; esac fi # Here we handle the case where we know the os, and the CPU type, but not the # manufacturer. We pick the logical manufacturer. vendor=unknown case $basic_machine in *-unknown) case $os in -riscix*) vendor=acorn ;; -sunos*) vendor=sun ;; -aix*) vendor=ibm ;; -beos*) vendor=be ;; -hpux*) vendor=hp ;; -mpeix*) vendor=hp ;; -hiux*) vendor=hitachi ;; -unos*) vendor=crds ;; -dgux*) vendor=dg ;; -luna*) vendor=omron ;; -genix*) vendor=ns ;; -mvs* | -opened*) vendor=ibm ;; -ptx*) vendor=sequent ;; -vxsim* | -vxworks*) vendor=wrs ;; -aux*) vendor=apple ;; -hms*) vendor=hitachi ;; -mpw* | -macos*) vendor=apple ;; -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) vendor=atari ;; -vos*) vendor=stratus ;; esac basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` ;; esac echo $basic_machine$os exit 0 # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" # End: proxy-suite-1.9.2.4/configure0000755000000000000000000107412210170466246016057 0ustar rootroot00000000000000#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.59. # # Copyright (C) 2003 Free Software Foundation, Inc. # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## --------------------- ## ## M4sh Initialization. ## ## --------------------- ## # Be Bourne compatible if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then set -o posix fi DUALCASE=1; export DUALCASE # for MKS sh # Support unset when possible. if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then as_unset=unset else as_unset=false fi # Work around bugs in pre-3.0 UWIN ksh. $as_unset ENV MAIL MAILPATH PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. for as_var in \ LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ LC_TELEPHONE LC_TIME do if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then eval $as_var=C; export $as_var else $as_unset $as_var fi done # Required to use basename. if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr else as_expr=false fi if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi # Name of the executable. as_me=`$as_basename "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)$' \| \ . : '\(.\)' 2>/dev/null || echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; } /^X\/\(\/\/\)$/{ s//\1/; q; } /^X\/\(\/\).*/{ s//\1/; q; } s/.*/./; q'` # PATH needs CR, and LINENO needs CR and PATH. # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then echo "#! /bin/sh" >conf$$.sh echo "exit 0" >>conf$$.sh chmod +x conf$$.sh if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then PATH_SEPARATOR=';' else PATH_SEPARATOR=: fi rm -f conf$$.sh fi as_lineno_1=$LINENO as_lineno_2=$LINENO as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" || { # Find who we are. Look in the path if we contain no path at all # relative or not. case $0 in *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then { echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2 { (exit 1); exit 1; }; } fi case $CONFIG_SHELL in '') as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for as_base in sh bash ksh sh5; do case $as_dir in /*) if ("$as_dir/$as_base" -c ' as_lineno_1=$LINENO as_lineno_2=$LINENO as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; } $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; } CONFIG_SHELL=$as_dir/$as_base export CONFIG_SHELL exec "$CONFIG_SHELL" "$0" ${1+"$@"} fi;; esac done done ;; esac # Create $as_me.lineno as a copy of $as_myself, but with $LINENO # uniformly replaced by the line number. The first 'sed' inserts a # line-number line before each line; the second 'sed' does the real # work. The second script uses 'N' to pair each line-number line # with the numbered line, and appends trailing '-' during # substitution so that $LINENO is not a special case at line end. # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-) sed '=' <$as_myself | sed ' N s,$,-, : loop s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3, t loop s,-$,, s,^['$as_cr_digits']*\n,, ' >$as_me.lineno && chmod +x $as_me.lineno || { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 { (exit 1); exit 1; }; } # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensible to this). . ./$as_me.lineno # Exit status is that of the last command. exit } case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in *c*,-n*) ECHO_N= ECHO_C=' ' ECHO_T=' ' ;; *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;; *) ECHO_N= ECHO_C='\c' ECHO_T= ;; esac if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr else as_expr=false fi rm -f conf$$ conf$$.exe conf$$.file echo >conf$$.file if ln -s conf$$.file conf$$ 2>/dev/null; then # We could just check for DJGPP; but this test a) works b) is more generic # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04). if test -f conf$$.exe; then # Don't use ln at all; we don't have any links as_ln_s='cp -p' else as_ln_s='ln -s' fi elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.file if mkdir -p . 2>/dev/null; then as_mkdir_p=: else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_executable_p="test -f" # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" # IFS # We need space, tab and new line, in precisely that order. as_nl=' ' IFS=" $as_nl" # CDPATH. $as_unset CDPATH # Name of the host. # hostname on some systems (SVR3.2, Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` exec 6>&1 # # Initializations. # ac_default_prefix=/usr/local ac_config_libobj_dir=. cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= SHELL=${CONFIG_SHELL-/bin/sh} # Maximum number of lines to put in a shell here document. # This variable seems obsolete. It should probably be removed, and # only ac_max_sed_lines should be used. : ${ac_max_here_lines=38} # Identity of this package. PACKAGE_NAME= PACKAGE_TARNAME= PACKAGE_VERSION= PACKAGE_STRING= PACKAGE_BUGREPORT= ac_unique_file="common/com-syslog.c" # Factoring default headers for most tests. ac_includes_default="\ #include #if HAVE_SYS_TYPES_H # include #endif #if HAVE_SYS_STAT_H # include #endif #if STDC_HEADERS # include # include #else # if HAVE_STDLIB_H # include # endif #endif #if HAVE_STRING_H # if !STDC_HEADERS && HAVE_MEMORY_H # include # endif # include #endif #if HAVE_STRINGS_H # include #endif #if HAVE_INTTYPES_H # include #else # if HAVE_STDINT_H # include # endif #endif #if HAVE_UNISTD_H # include #endif" ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA SET_MAKE RANLIB ac_ct_RANLIB AR RM CPP EGREP build build_cpu build_vendor build_os host host_cpu host_vendor host_os CTAGS SGML2HTML SGML2LATEX PS2PDF OPT TAGS CTAGS_OPTS LIB_CRYPT LIB_REGEX LIB_WRAP LIB_LDAP PROC_FTP BINDIR SBINDIR SYSCONFDIR LIBOBJS LTLIBOBJS' ac_subst_files='' # Initialize some variables set by options. ac_init_help= ac_init_version=false # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null exec_prefix=NONE no_create= no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= verbose= x_includes=NONE x_libraries=NONE # Installation directory options. # These are left unexpanded so users can "make install exec_prefix=/foo" # and all the variables that are supposed to be based on exec_prefix # by default will actually change. # Use braces instead of parens because sh, perl, etc. also accept them. bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datadir='${prefix}/share' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' libdir='${exec_prefix}/lib' includedir='${prefix}/include' oldincludedir='/usr/include' infodir='${prefix}/info' mandir='${prefix}/man' ac_prev= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval "$ac_prev=\$ac_option" ac_prev= continue fi ac_optarg=`expr "x$ac_option" : 'x[^=]*=\(.*\)'` # Accept the important Cygnus configure options, so we can diagnose typos. case $ac_option in -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir=$ac_optarg ;; -build | --build | --buil | --bui | --bu) ac_prev=build_alias ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build_alias=$ac_optarg ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file=$ac_optarg ;; --config-cache | -C) cache_file=config.cache ;; -datadir | --datadir | --datadi | --datad | --data | --dat | --da) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \ | --da=*) datadir=$ac_optarg ;; -disable-* | --disable-*) ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid feature name: $ac_feature" >&2 { (exit 1); exit 1; }; } ac_feature=`echo $ac_feature | sed 's/-/_/g'` eval "enable_$ac_feature=no" ;; -enable-* | --enable-*) ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_feature" : ".*[^-_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid feature name: $ac_feature" >&2 { (exit 1); exit 1; }; } ac_feature=`echo $ac_feature | sed 's/-/_/g'` case $ac_option in *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;; *) ac_optarg=yes ;; esac eval "enable_$ac_feature='$ac_optarg'" ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix=$ac_optarg ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he | -h) ac_init_help=long ;; -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) ac_init_help=recursive ;; -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) ac_init_help=short ;; -host | --host | --hos | --ho) ac_prev=host_alias ;; -host=* | --host=* | --hos=* | --ho=*) host_alias=$ac_optarg ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir=$ac_optarg ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir=$ac_optarg ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir=$ac_optarg ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir=$ac_optarg ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst \ | --locals | --local | --loca | --loc | --lo) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* \ | --locals=* | --local=* | --loca=* | --loc=* | --lo=*) localstatedir=$ac_optarg ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir=$ac_optarg ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir=$ac_optarg ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix=$ac_optarg ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix=$ac_optarg ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix=$ac_optarg ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name=$ac_optarg ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir=$ac_optarg ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir=$ac_optarg ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site=$ac_optarg ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir=$ac_optarg ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir=$ac_optarg ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target_alias ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target_alias=$ac_optarg ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers | -V) ac_init_version=: ;; -with-* | --with-*) ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid package name: $ac_package" >&2 { (exit 1); exit 1; }; } ac_package=`echo $ac_package| sed 's/-/_/g'` case $ac_option in *=*) ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"`;; *) ac_optarg=yes ;; esac eval "with_$ac_package='$ac_optarg'" ;; -without-* | --without-*) ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_package" : ".*[^-_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid package name: $ac_package" >&2 { (exit 1); exit 1; }; } ac_package=`echo $ac_package | sed 's/-/_/g'` eval "with_$ac_package=no" ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes=$ac_optarg ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; -*) { echo "$as_me: error: unrecognized option: $ac_option Try \`$0 --help' for more information." >&2 { (exit 1); exit 1; }; } ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null && { echo "$as_me: error: invalid variable name: $ac_envvar" >&2 { (exit 1); exit 1; }; } ac_optarg=`echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` eval "$ac_envvar='$ac_optarg'" export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} ;; esac done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` { echo "$as_me: error: missing argument to $ac_option" >&2 { (exit 1); exit 1; }; } fi # Be sure to have absolute paths. for ac_var in exec_prefix prefix do eval ac_val=$`echo $ac_var` case $ac_val in [\\/$]* | ?:[\\/]* | NONE | '' ) ;; *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 { (exit 1); exit 1; }; };; esac done # Be sure to have absolute paths. for ac_var in bindir sbindir libexecdir datadir sysconfdir sharedstatedir \ localstatedir libdir includedir oldincludedir infodir mandir do eval ac_val=$`echo $ac_var` case $ac_val in [\\/$]* | ?:[\\/]* ) ;; *) { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 { (exit 1); exit 1; }; };; esac done # There might be people who depend on the old broken behavior: `$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias # FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. If a cross compiler is detected then cross compile mode will be used." >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi fi ac_tool_prefix= test -n "$host_alias" && ac_tool_prefix=$host_alias- test "$silent" = yes && exec 6>/dev/null # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then its parent. ac_confdir=`(dirname "$0") 2>/dev/null || $as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$0" : 'X\(//\)[^/]' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$0" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` srcdir=$ac_confdir if test ! -r $srcdir/$ac_unique_file; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r $srcdir/$ac_unique_file; then if test "$ac_srcdir_defaulted" = yes; then { echo "$as_me: error: cannot find sources ($ac_unique_file) in $ac_confdir or .." >&2 { (exit 1); exit 1; }; } else { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2 { (exit 1); exit 1; }; } fi fi (cd $srcdir && test -r ./$ac_unique_file) 2>/dev/null || { echo "$as_me: error: sources are in $srcdir, but \`cd $srcdir' does not work" >&2 { (exit 1); exit 1; }; } srcdir=`echo "$srcdir" | sed 's%\([^\\/]\)[\\/]*$%\1%'` ac_env_build_alias_set=${build_alias+set} ac_env_build_alias_value=$build_alias ac_cv_env_build_alias_set=${build_alias+set} ac_cv_env_build_alias_value=$build_alias ac_env_host_alias_set=${host_alias+set} ac_env_host_alias_value=$host_alias ac_cv_env_host_alias_set=${host_alias+set} ac_cv_env_host_alias_value=$host_alias ac_env_target_alias_set=${target_alias+set} ac_env_target_alias_value=$target_alias ac_cv_env_target_alias_set=${target_alias+set} ac_cv_env_target_alias_value=$target_alias ac_env_CC_set=${CC+set} ac_env_CC_value=$CC ac_cv_env_CC_set=${CC+set} ac_cv_env_CC_value=$CC ac_env_CFLAGS_set=${CFLAGS+set} ac_env_CFLAGS_value=$CFLAGS ac_cv_env_CFLAGS_set=${CFLAGS+set} ac_cv_env_CFLAGS_value=$CFLAGS ac_env_LDFLAGS_set=${LDFLAGS+set} ac_env_LDFLAGS_value=$LDFLAGS ac_cv_env_LDFLAGS_set=${LDFLAGS+set} ac_cv_env_LDFLAGS_value=$LDFLAGS ac_env_CPPFLAGS_set=${CPPFLAGS+set} ac_env_CPPFLAGS_value=$CPPFLAGS ac_cv_env_CPPFLAGS_set=${CPPFLAGS+set} ac_cv_env_CPPFLAGS_value=$CPPFLAGS ac_env_CPP_set=${CPP+set} ac_env_CPP_value=$CPP ac_cv_env_CPP_set=${CPP+set} ac_cv_env_CPP_value=$CPP # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures this package to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this help and exit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit -q, --quiet, --silent do not print \`checking...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or \`..'] _ACEOF cat <<_ACEOF Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify an installation prefix other than \`$ac_default_prefix' using \`--prefix', for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --datadir=DIR read-only architecture-independent data [PREFIX/share] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] --infodir=DIR info documentation [PREFIX/info] --mandir=DIR man documentation [PREFIX/man] _ACEOF cat <<\_ACEOF System types: --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] _ACEOF fi if test -n "$ac_init_help"; then cat <<\_ACEOF Optional Features: --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --disable-largefile omit support for large files --enable-warnings enable compiler warnings default=yes --enable-static enable static linkage default=no --enable-debug enable generation of debugging output default=no --enable-ctags generate (c)tags files default=no --enable-proc-mods enable Linux /proc module default=n/a --enable-rfc1579 enable RFC 1579 FW-FTP extensions default=n/a --enable-rfc2428 enable RFC 2428 IPv6 extensions default=n/a --enable-so-linger enable SO_LINGER socket option default=no Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-regex=PATH compile in RegEx support default=yes --with-libwrap=PATH compile in TCP wrapper support default=yes --with-libldap=PATH compile in LDAP support default=no --with-crypt=PATH compile in crypt support default=no --with-ssl=PATH compile in SSL (sftp) support default=n/a Some influential environment variables: CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory CPPFLAGS C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. _ACEOF fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. ac_popdir=`pwd` for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue test -d $ac_dir || continue ac_builddir=. if test "$ac_dir" != .; then ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` # A "../" for each directory in $ac_dir_suffix. ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'` else ac_dir_suffix= ac_top_builddir= fi case $srcdir in .) # No --srcdir option. We are building in place. ac_srcdir=. if test -z "$ac_top_builddir"; then ac_top_srcdir=. else ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'` fi ;; [\\/]* | ?:[\\/]* ) # Absolute path. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ;; *) # Relative path. ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_builddir$srcdir ;; esac # Do not use `cd foo && pwd` to compute absolute paths, because # the directories may not exist. case `pwd` in .) ac_abs_builddir="$ac_dir";; *) case "$ac_dir" in .) ac_abs_builddir=`pwd`;; [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; *) ac_abs_builddir=`pwd`/"$ac_dir";; esac;; esac case $ac_abs_builddir in .) ac_abs_top_builddir=${ac_top_builddir}.;; *) case ${ac_top_builddir}. in .) ac_abs_top_builddir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; esac;; esac case $ac_abs_builddir in .) ac_abs_srcdir=$ac_srcdir;; *) case $ac_srcdir in .) ac_abs_srcdir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; esac;; esac case $ac_abs_builddir in .) ac_abs_top_srcdir=$ac_top_srcdir;; *) case $ac_top_srcdir in .) ac_abs_top_srcdir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; esac;; esac cd $ac_dir # Check for guested configure; otherwise get Cygnus style configure. if test -f $ac_srcdir/configure.gnu; then echo $SHELL $ac_srcdir/configure.gnu --help=recursive elif test -f $ac_srcdir/configure; then echo $SHELL $ac_srcdir/configure --help=recursive elif test -f $ac_srcdir/configure.ac || test -f $ac_srcdir/configure.in; then echo $ac_configure --help else echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi cd $ac_popdir done fi test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF Copyright (C) 2003 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit 0 fi exec 5>config.log cat >&5 <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by $as_me, which was generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ _ACEOF { cat <<_ASUNAME ## --------- ## ## Platform. ## ## --------- ## hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` /bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` /bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` hostinfo = `(hostinfo) 2>/dev/null || echo unknown` /bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` _ASUNAME as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. echo "PATH: $as_dir" done } >&5 cat >&5 <<_ACEOF ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. # Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= ac_configure_args0= ac_configure_args1= ac_sep= ac_must_keep_next=false for ac_pass in 1 2 do for ac_arg do case $ac_arg in -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) continue ;; *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;; 2) ac_configure_args1="$ac_configure_args1 '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else case $ac_arg in *=* | --config-cache | -C | -disable-* | --disable-* \ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ | -with-* | --with-* | -without-* | --without-* | --x) case "$ac_configure_args0 " in "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; esac ;; -* ) ac_must_keep_next=true ;; esac fi ac_configure_args="$ac_configure_args$ac_sep'$ac_arg'" # Get rid of the leading space. ac_sep=" " ;; esac done done $as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; } $as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; } # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there # would cause problems or look ugly. # WARNING: Be sure not to use single quotes in there, as some shells, # such as our DU 5.0 friend, will then `close' the trap. trap 'exit_status=$? # Save into config.log some information that might help in debugging. { echo cat <<\_ASBOX ## ---------------- ## ## Cache variables. ## ## ---------------- ## _ASBOX echo # The following way of writing the cache mishandles newlines in values, { (set) 2>&1 | case `(ac_space='"'"' '"'"'; set | grep ac_space) 2>&1` in *ac_space=\ *) sed -n \ "s/'"'"'/'"'"'\\\\'"'"''"'"'/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='"'"'\\2'"'"'/p" ;; *) sed -n \ "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" ;; esac; } echo cat <<\_ASBOX ## ----------------- ## ## Output variables. ## ## ----------------- ## _ASBOX echo for ac_var in $ac_subst_vars do eval ac_val=$`echo $ac_var` echo "$ac_var='"'"'$ac_val'"'"'" done | sort echo if test -n "$ac_subst_files"; then cat <<\_ASBOX ## ------------- ## ## Output files. ## ## ------------- ## _ASBOX echo for ac_var in $ac_subst_files do eval ac_val=$`echo $ac_var` echo "$ac_var='"'"'$ac_val'"'"'" done | sort echo fi if test -s confdefs.h; then cat <<\_ASBOX ## ----------- ## ## confdefs.h. ## ## ----------- ## _ASBOX echo sed "/^$/d" confdefs.h | sort echo fi test "$ac_signal" != 0 && echo "$as_me: caught signal $ac_signal" echo "$as_me: exit $exit_status" } >&5 rm -f core *.core && rm -rf conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -rf conftest* confdefs.h # AIX cpp loses on an empty file, so make sure it contains at least a newline. echo >confdefs.h # Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF #define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_VERSION "$PACKAGE_VERSION" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_STRING "$PACKAGE_STRING" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" _ACEOF # Let the site file select an alternate cache file if it wants to. # Prefer explicitly selected file to automatically selected ones. if test -z "$CONFIG_SITE"; then if test "x$prefix" != xNONE; then CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site" else CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" fi fi for ac_site_file in $CONFIG_SITE; do if test -r "$ac_site_file"; then { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5 echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" fi done if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special # files actually), so we avoid doing that. if test -f "$cache_file"; then { echo "$as_me:$LINENO: loading cache $cache_file" >&5 echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . $cache_file;; *) . ./$cache_file;; esac fi else { echo "$as_me:$LINENO: creating cache $cache_file" >&5 echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false for ac_var in `(set) 2>&1 | sed -n 's/^ac_env_\([a-zA-Z_0-9]*\)_set=.*/\1/p'`; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val="\$ac_cv_env_${ac_var}_value" eval ac_new_val="\$ac_env_${ac_var}_value" case $ac_old_set,$ac_new_set in set,) { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5 echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 echo "$as_me: former value: $ac_old_val" >&2;} { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 echo "$as_me: current value: $ac_new_val" >&2;} ac_cache_corrupted=: fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?\"\']*) ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. *) ac_configure_args="$ac_configure_args '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5 echo "$as_me: error: changes in the environment can compromise the build" >&2;} { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;} { (exit 1); exit 1; }; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_config_headers="$ac_config_headers config.h" if test "${prefix}" = "NONE"; then prefix=/usr/local fi if test "${exec_prefix}" = "NONE"; then exec_prefix=$prefix fi # Hmmm, the following is a bit of a kludge ... #if test "${sysconfdir}" = "\${prefix}/etc"; then # sysconfdir=$prefix/etc/proxy-suite #fi #if test "${mandir}" = "\${prefix}/man"; then # mandir=$prefix/man #fi #if test "${sbindir}" = "\${exec_prefix}/sbin"; then # sbindir=$exec_prefix/sbin #fi ############################################################ # setup compiler and machine dependent stuff ############################################################ ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 echo "${ECHO_T}$ac_ct_CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi CC=$ac_ct_CC else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="cc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 echo "${ECHO_T}$ac_ct_CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi CC=$ac_ct_CC else CC="$ac_cv_prog_CC" fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then echo "$as_me:$LINENO: result: $CC" >&5 echo "${ECHO_T}$CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 echo "${ECHO_T}$ac_ct_CC" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi test -n "$ac_ct_CC" && break done CC=$ac_ct_CC fi fi test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH See \`config.log' for more details." >&5 echo "$as_me: error: no acceptable C compiler found in \$PATH See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } # Provide some information about the compiler. echo "$as_me:$LINENO:" \ "checking for C compiler version" >&5 ac_compiler=`set X $ac_compile; echo $2` { (eval echo "$as_me:$LINENO: \"$ac_compiler --version &5\"") >&5 (eval $ac_compiler --version &5) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } { (eval echo "$as_me:$LINENO: \"$ac_compiler -v &5\"") >&5 (eval $ac_compiler -v &5) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } { (eval echo "$as_me:$LINENO: \"$ac_compiler -V &5\"") >&5 (eval $ac_compiler -V &5) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { ; return 0; } _ACEOF ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files a.out a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. echo "$as_me:$LINENO: checking for C compiler default output file name" >&5 echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6 ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` if { (eval echo "$as_me:$LINENO: \"$ac_link_default\"") >&5 (eval $ac_link_default) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then # Find the output, starting from the most likely. This scheme is # not robust to junk in `.', hence go to wildcards (a.*) only as a last # resort. # Be careful to initialize this variable, since it used to be cached. # Otherwise an old cache value of `no' led to `EXEEXT = no' in a Makefile. ac_cv_exeext= # b.out is created by i960 compilers. for ac_file in a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) ;; conftest.$ac_ext ) # This is the source file. ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` # FIXME: I believe we export ac_cv_exeext for Libtool, # but it would be cool to find out if it's true. Does anybody # maintain Libtool? --akim. export ac_cv_exeext break;; * ) break;; esac done else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { echo "$as_me:$LINENO: error: C compiler cannot create executables See \`config.log' for more details." >&5 echo "$as_me: error: C compiler cannot create executables See \`config.log' for more details." >&2;} { (exit 77); exit 77; }; } fi ac_exeext=$ac_cv_exeext echo "$as_me:$LINENO: result: $ac_file" >&5 echo "${ECHO_T}$ac_file" >&6 # Check the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. echo "$as_me:$LINENO: checking whether the C compiler works" >&5 echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6 # FIXME: These cross compiler hacks should be removed for Autoconf 3.0 # If not cross compiling, check that we can run a simple program. if test "$cross_compiling" != yes; then if { ac_try='./$ac_file' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else { { echo "$as_me:$LINENO: error: cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details." >&5 echo "$as_me: error: cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi fi fi echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 rm -f a.out a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save # Check the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. echo "$as_me:$LINENO: checking whether we are cross compiling" >&5 echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6 echo "$as_me:$LINENO: result: $cross_compiling" >&5 echo "${ECHO_T}$cross_compiling" >&6 echo "$as_me:$LINENO: checking for suffix of executables" >&5 echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6 if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with # `rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` export ac_cv_exeext break;; * ) break;; esac done else { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link See \`config.log' for more details." >&5 echo "$as_me: error: cannot compute suffix of executables: cannot compile and link See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi rm -f conftest$ac_cv_exeext echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5 echo "${ECHO_T}$ac_cv_exeext" >&6 rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT echo "$as_me:$LINENO: checking for suffix of object files" >&5 echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6 if test "${ac_cv_objext+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.o conftest.obj if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; then for ac_file in `(ls conftest.o conftest.obj; ls conftest.*) 2>/dev/null`; do case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile See \`config.log' for more details." >&5 echo "$as_me: error: cannot compute suffix of object files: cannot compile See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_objext" >&5 echo "${ECHO_T}$ac_cv_objext" >&6 OBJEXT=$ac_cv_objext ac_objext=$OBJEXT echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6 if test "${ac_cv_c_compiler_gnu+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_compiler_gnu=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_compiler_gnu=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5 echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6 GCC=`test $ac_compiler_gnu = yes && echo yes` ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS CFLAGS="-g" echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5 echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6 if test "${ac_cv_prog_cc_g+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_prog_cc_g=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_prog_cc_g=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 echo "${ECHO_T}$ac_cv_prog_cc_g" >&6 if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi echo "$as_me:$LINENO: checking for $CC option to accept ANSI C" >&5 echo $ECHO_N "checking for $CC option to accept ANSI C... $ECHO_C" >&6 if test "${ac_cv_prog_cc_stdc+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_prog_cc_stdc=no ac_save_CC=$CC cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include #include /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); static char *e (p, i) char **p; int i; { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not '\xHH' hex character constants. These don't provoke an error unfortunately, instead are silently treated as 'x'. The following induces an error, until -std1 is added to get proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an array size at least. It's necessary to write '\x00'==0 to get something that's true only with -std1. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); int argc; char **argv; int main () { return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF # Don't try gcc -ansi; that turns off useful extensions and # breaks some systems' header files. # AIX -qlanglvl=ansi # Ultrix and OSF/1 -std1 # HP-UX 10.20 and later -Ae # HP-UX older versions -Aa -D_HPUX_SOURCE # SVR4 -Xc -D__EXTENSIONS__ for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_prog_cc_stdc=$ac_arg break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext done rm -f conftest.$ac_ext conftest.$ac_objext CC=$ac_save_CC fi case "x$ac_cv_prog_cc_stdc" in x|xno) echo "$as_me:$LINENO: result: none needed" >&5 echo "${ECHO_T}none needed" >&6 ;; *) echo "$as_me:$LINENO: result: $ac_cv_prog_cc_stdc" >&5 echo "${ECHO_T}$ac_cv_prog_cc_stdc" >&6 CC="$CC $ac_cv_prog_cc_stdc" ;; esac # Some people use a C++ compiler to compile C. Since we use `exit', # in C++ we need to declare it. In case someone uses the same compiler # for both compiling C and C++ we need to have the C++ compiler decide # the declaration of exit, since it's the most demanding environment. cat >conftest.$ac_ext <<_ACEOF #ifndef __cplusplus choke me #endif _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then for ac_declaration in \ '' \ 'extern "C" void std::exit (int) throw (); using std::exit;' \ 'extern "C" void std::exit (int); using std::exit;' \ 'extern "C" void exit (int) throw ();' \ 'extern "C" void exit (int);' \ 'void exit (int);' do cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_declaration #include int main () { exit (42); ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then : else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 continue fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_declaration int main () { exit (42); ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext done rm -f conftest* if test -n "$ac_declaration"; then echo '#ifdef __cplusplus' >>confdefs.h echo $ac_declaration >>confdefs.h echo '#endif' >>confdefs.h fi else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_aux_dir= for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do if test -f $ac_dir/install-sh; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" break elif test -f $ac_dir/install.sh; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install.sh -c" break elif test -f $ac_dir/shtool; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/shtool install -c" break fi done if test -z "$ac_aux_dir"; then { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5 echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;} { (exit 1); exit 1; }; } fi ac_config_guess="$SHELL $ac_aux_dir/config.guess" ac_config_sub="$SHELL $ac_aux_dir/config.sub" ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure. # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install # SunOS /usr/etc/install # IRIX /sbin/install # AIX /bin/install # AmigaOS /C/install, which installs bootblocks on floppy discs # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6 if test -z "$INSTALL"; then if test "${ac_cv_path_install+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. # Account for people who put trailing slashes in PATH elements. case $as_dir/ in ./ | .// | /cC/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. # Don't use installbsd from OSF since it installs stuff as root # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : elif test $ac_prog = install && grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # program-specific install script used by HP pwplus--don't use. : else ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" break 3 fi fi done done ;; esac done fi if test "${ac_cv_path_install+set}" = set; then INSTALL=$ac_cv_path_install else # As a last resort, use the slow shell script. We don't cache a # path for INSTALL within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the path is relative. INSTALL=$ac_install_sh fi fi echo "$as_me:$LINENO: result: $INSTALL" >&5 echo "${ECHO_T}$INSTALL" >&6 # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5 echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6 set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y,:./+-,___p_,'` if eval "test \"\${ac_cv_prog_make_${ac_make}_set+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.make <<\_ACEOF all: @echo 'ac_maketemp="$(MAKE)"' _ACEOF # GNU make sometimes prints "make[1]: Entering...", which would confuse us. eval `${MAKE-make} -f conftest.make 2>/dev/null | grep temp=` if test -n "$ac_maketemp"; then eval ac_cv_prog_make_${ac_make}_set=yes else eval ac_cv_prog_make_${ac_make}_set=no fi rm -f conftest.make fi if eval "test \"`echo '$ac_cv_prog_make_'${ac_make}_set`\" = yes"; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 SET_MAKE= else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 SET_MAKE="MAKE=${MAKE-make}" fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. set dummy ${ac_tool_prefix}ranlib; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_RANLIB+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then echo "$as_me:$LINENO: result: $RANLIB" >&5 echo "${ECHO_T}$RANLIB" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi fi if test -z "$ac_cv_prog_RANLIB"; then ac_ct_RANLIB=$RANLIB # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done test -z "$ac_cv_prog_ac_ct_RANLIB" && ac_cv_prog_ac_ct_RANLIB=":" fi fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5 echo "${ECHO_T}$ac_ct_RANLIB" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi RANLIB=$ac_ct_RANLIB else RANLIB="$ac_cv_prog_RANLIB" fi # Extract the first word of "ar", so it can be a program name with args. set dummy ar; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_AR+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else case $AR in [\\/]* | ?:[\\/]*) ac_cv_path_AR="$AR" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_AR="$as_dir/$ac_word$ac_exec_ext" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done test -z "$ac_cv_path_AR" && ac_cv_path_AR="ar" ;; esac fi AR=$ac_cv_path_AR if test -n "$AR"; then echo "$as_me:$LINENO: result: $AR" >&5 echo "${ECHO_T}$AR" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi # Extract the first word of "rm", so it can be a program name with args. set dummy rm; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_path_RM+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else case $RM in [\\/]* | ?:[\\/]*) ac_cv_path_RM="$RM" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_RM="$as_dir/$ac_word$ac_exec_ext" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done test -z "$ac_cv_path_RM" && ac_cv_path_RM="rm" ;; esac fi RM=$ac_cv_path_RM if test -n "$RM"; then echo "$as_me:$LINENO: result: $RM" >&5 echo "${ECHO_T}$RM" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5 echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6 # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if test "${ac_cv_prog_CPP+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else # Double quotes because CPP needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" do ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then : else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 # Broken: fails on valid input. continue fi rm -f conftest.err conftest.$ac_ext # OK, works on sane cases. Now check whether non-existent headers # can be detected and how. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then # Broken: success on invalid input. continue else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.err conftest.$ac_ext if $ac_preproc_ok; then break fi done ac_cv_prog_CPP=$CPP fi CPP=$ac_cv_prog_CPP else ac_cv_prog_CPP=$CPP fi echo "$as_me:$LINENO: result: $CPP" >&5 echo "${ECHO_T}$CPP" >&6 ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then : else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 # Broken: fails on valid input. continue fi rm -f conftest.err conftest.$ac_ext # OK, works on sane cases. Now check whether non-existent headers # can be detected and how. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then # Broken: success on invalid input. continue else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details." >&5 echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details." >&2;} { (exit 1); exit 1; }; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu echo "$as_me:$LINENO: checking for egrep" >&5 echo $ECHO_N "checking for egrep... $ECHO_C" >&6 if test "${ac_cv_prog_egrep+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if echo a | (grep -E '(a|b)') >/dev/null 2>&1 then ac_cv_prog_egrep='grep -E' else ac_cv_prog_egrep='egrep' fi fi echo "$as_me:$LINENO: result: $ac_cv_prog_egrep" >&5 echo "${ECHO_T}$ac_cv_prog_egrep" >&6 EGREP=$ac_cv_prog_egrep echo "$as_me:$LINENO: checking for AIX" >&5 echo $ECHO_N "checking for AIX... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #ifdef _AIX yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "yes" >/dev/null 2>&1; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define _ALL_SOURCE 1 _ACEOF else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi rm -f conftest* echo "$as_me:$LINENO: checking for library containing strerror" >&5 echo $ECHO_N "checking for library containing strerror... $ECHO_C" >&6 if test "${ac_cv_search_strerror+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_func_search_save_LIBS=$LIBS ac_cv_search_strerror=no cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char strerror (); int main () { strerror (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_search_strerror="none required" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext if test "$ac_cv_search_strerror" = no; then for ac_lib in cposix; do LIBS="-l$ac_lib $ac_func_search_save_LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char strerror (); int main () { strerror (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_search_strerror="-l$ac_lib" break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext done fi LIBS=$ac_func_search_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_search_strerror" >&5 echo "${ECHO_T}$ac_cv_search_strerror" >&6 if test "$ac_cv_search_strerror" != no; then test "$ac_cv_search_strerror" = "none required" || LIBS="$ac_cv_search_strerror $LIBS" fi # Check whether --enable-largefile or --disable-largefile was given. if test "${enable_largefile+set}" = set; then enableval="$enable_largefile" fi; if test "$enable_largefile" != no; then echo "$as_me:$LINENO: checking for special C compiler options needed for large files" >&5 echo $ECHO_N "checking for special C compiler options needed for large files... $ECHO_C" >&6 if test "${ac_cv_sys_largefile_CC+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_sys_largefile_CC=no if test "$GCC" != yes; then ac_save_CC=$CC while :; do # IRIX 6.2 and later do not support large files by default, # so use the C compiler's -n32 option if that helps. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext CC="$CC -n32" rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sys_largefile_CC=' -n32'; break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext break done CC=$ac_save_CC rm -f conftest.$ac_ext fi fi echo "$as_me:$LINENO: result: $ac_cv_sys_largefile_CC" >&5 echo "${ECHO_T}$ac_cv_sys_largefile_CC" >&6 if test "$ac_cv_sys_largefile_CC" != no; then CC=$CC$ac_cv_sys_largefile_CC fi echo "$as_me:$LINENO: checking for _FILE_OFFSET_BITS value needed for large files" >&5 echo $ECHO_N "checking for _FILE_OFFSET_BITS value needed for large files... $ECHO_C" >&6 if test "${ac_cv_sys_file_offset_bits+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else while :; do ac_cv_sys_file_offset_bits=no cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #define _FILE_OFFSET_BITS 64 #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sys_file_offset_bits=64; break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext break done fi echo "$as_me:$LINENO: result: $ac_cv_sys_file_offset_bits" >&5 echo "${ECHO_T}$ac_cv_sys_file_offset_bits" >&6 if test "$ac_cv_sys_file_offset_bits" != no; then cat >>confdefs.h <<_ACEOF #define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits _ACEOF fi rm -f conftest* echo "$as_me:$LINENO: checking for _LARGE_FILES value needed for large files" >&5 echo $ECHO_N "checking for _LARGE_FILES value needed for large files... $ECHO_C" >&6 if test "${ac_cv_sys_large_files+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else while :; do ac_cv_sys_large_files=no cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #define _LARGE_FILES 1 #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_sys_large_files=1; break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext break done fi echo "$as_me:$LINENO: result: $ac_cv_sys_large_files" >&5 echo "${ECHO_T}$ac_cv_sys_large_files" >&6 if test "$ac_cv_sys_large_files" != no; then cat >>confdefs.h <<_ACEOF #define _LARGE_FILES $ac_cv_sys_large_files _ACEOF fi rm -f conftest* fi echo "$as_me:$LINENO: checking for inline" >&5 echo $ECHO_N "checking for inline... $ECHO_C" >&6 if test "${ac_cv_c_inline+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_c_inline=no for ac_kw in inline __inline__ __inline; do cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #ifndef __cplusplus typedef int foo_t; static $ac_kw foo_t static_foo () {return 0; } $ac_kw foo_t foo () {return 0; } #endif _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_c_inline=$ac_kw; break else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext done fi echo "$as_me:$LINENO: result: $ac_cv_c_inline" >&5 echo "${ECHO_T}$ac_cv_c_inline" >&6 case $ac_cv_c_inline in inline | yes) ;; *) case $ac_cv_c_inline in no) ac_val=;; *) ac_val=$ac_cv_c_inline;; esac cat >>confdefs.h <<_ACEOF #ifndef __cplusplus #define inline $ac_val #endif _ACEOF ;; esac echo "$as_me:$LINENO: checking for an ANSI C-conforming const" >&5 echo $ECHO_N "checking for an ANSI C-conforming const... $ECHO_C" >&6 if test "${ac_cv_c_const+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { /* FIXME: Include the comments suggested by Paul. */ #ifndef __cplusplus /* Ultrix mips cc rejects this. */ typedef int charset[2]; const charset x; /* SunOS 4.1.1 cc rejects this. */ char const *const *ccp; char **p; /* NEC SVR4.0.2 mips cc rejects this. */ struct point {int x, y;}; static struct point const zero = {0,0}; /* AIX XL C 1.02.0.0 rejects this. It does not let you subtract one const X* pointer from another in an arm of an if-expression whose if-part is not a constant expression */ const char *g = "string"; ccp = &g + (g ? g-g : 0); /* HPUX 7.0 cc rejects these. */ ++ccp; p = (char**) ccp; ccp = (char const *const *) p; { /* SCO 3.2v4 cc rejects this. */ char *t; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; } { /* Someone thinks the Sun supposedly-ANSI compiler will reject this. */ int x[] = {25, 17}; const int *foo = &x[0]; ++foo; } { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */ typedef const int *iptr; iptr p = 0; ++p; } { /* AIX XL C 1.02.0.0 rejects this saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ struct s { int j; const int *ap[3]; }; struct s *b; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; } #endif ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_c_const=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_c_const=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_c_const" >&5 echo "${ECHO_T}$ac_cv_c_const" >&6 if test $ac_cv_c_const = no; then cat >>confdefs.h <<\_ACEOF #define const _ACEOF fi # Make sure we can run config.sub. $ac_config_sub sun4 >/dev/null 2>&1 || { { echo "$as_me:$LINENO: error: cannot run $ac_config_sub" >&5 echo "$as_me: error: cannot run $ac_config_sub" >&2;} { (exit 1); exit 1; }; } echo "$as_me:$LINENO: checking build system type" >&5 echo $ECHO_N "checking build system type... $ECHO_C" >&6 if test "${ac_cv_build+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_build_alias=$build_alias test -z "$ac_cv_build_alias" && ac_cv_build_alias=`$ac_config_guess` test -z "$ac_cv_build_alias" && { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5 echo "$as_me: error: cannot guess build type; you must specify one" >&2;} { (exit 1); exit 1; }; } ac_cv_build=`$ac_config_sub $ac_cv_build_alias` || { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_build_alias failed" >&5 echo "$as_me: error: $ac_config_sub $ac_cv_build_alias failed" >&2;} { (exit 1); exit 1; }; } fi echo "$as_me:$LINENO: result: $ac_cv_build" >&5 echo "${ECHO_T}$ac_cv_build" >&6 build=$ac_cv_build build_cpu=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` build_vendor=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` build_os=`echo $ac_cv_build | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` echo "$as_me:$LINENO: checking host system type" >&5 echo $ECHO_N "checking host system type... $ECHO_C" >&6 if test "${ac_cv_host+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_cv_host_alias=$host_alias test -z "$ac_cv_host_alias" && ac_cv_host_alias=$ac_cv_build_alias ac_cv_host=`$ac_config_sub $ac_cv_host_alias` || { { echo "$as_me:$LINENO: error: $ac_config_sub $ac_cv_host_alias failed" >&5 echo "$as_me: error: $ac_config_sub $ac_cv_host_alias failed" >&2;} { (exit 1); exit 1; }; } fi echo "$as_me:$LINENO: result: $ac_cv_host" >&5 echo "${ECHO_T}$ac_cv_host" >&6 host=$ac_cv_host host_cpu=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` host_vendor=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` host_os=`echo $ac_cv_host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` cat >>confdefs.h <<_ACEOF #define HOSTTYPE "$host" _ACEOF # # set some known host-specific settings/defaults # case "$host" in *-*-hpux*) if test -z "$GCC"; then CFLAGS="$CFLAGS -Ae" CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE" fi ;; *-ibm-aix*) if test -z "$GCC"; then CFLAGS="$CFLAGS -qlanglvl=ansi" fi ;; *-*-linux*) ;; *) ;; esac # ****************************************************** # devel_only will be set to "yes" if developemenet only # options or not full implemented features are used # ****************************************************** devel_only=no echo "$as_me:$LINENO: checking whether to enable compiler warnings" >&5 echo $ECHO_N "checking whether to enable compiler warnings... $ECHO_C" >&6 # Check whether --enable-warnings or --disable-warnings was given. if test "${enable_warnings+set}" = set; then enableval="$enable_warnings" fi; if test "$enable_warnings" != no ; then case "$CC" in gcc) echo "$as_me:$LINENO: result: -W -Wall" >&5 echo "${ECHO_T}-W -Wall" >&6 CFLAGS="$CFLAGS -W -Wall" CPPFLAGS="$CPPFLAGS -Dlint" ;; *) echo "$as_me:$LINENO: result: n/a" >&5 echo "${ECHO_T}n/a" >&6 enable_warnings="n/a" ;; esac else enable_warnings="no" echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi echo "$as_me:$LINENO: checking whether to enable static linkage" >&5 echo $ECHO_N "checking whether to enable static linkage... $ECHO_C" >&6 # Check whether --enable-static or --disable-static was given. if test "${enable_static+set}" = set; then enableval="$enable_static" fi; if test "$enable_static" = yes ; then if test -n "$GCC" && test "$GCC" = yes ; then echo "$as_me:$LINENO: result: -static" >&5 echo "${ECHO_T}-static" >&6 LDFLAGS="$LDFLAGS -static" else echo "$as_me:$LINENO: result: n/a" >&5 echo "${ECHO_T}n/a" >&6 enable_static="n/a" fi else enable_static="no" echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi echo "$as_me:$LINENO: checking whether to enable debugging output" >&5 echo $ECHO_N "checking whether to enable debugging output... $ECHO_C" >&6 # Check whether --enable-debug or --disable-debug was given. if test "${enable_debug+set}" = set; then enableval="$enable_debug" fi; if test "$enable_debug" = yes ; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 CPPFLAGS="$CPPFLAGS -DCOMPILE_DEBUG" devel_only="yes" else enable_debug="no" echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi echo "$as_me:$LINENO: checking whether to generate (c)tags files" >&5 echo $ECHO_N "checking whether to generate (c)tags files... $ECHO_C" >&6 # Check whether --enable-ctags or --disable-ctags was given. if test "${enable_ctags+set}" = set; then enableval="$enable_ctags" fi; if test "$enable_ctags" = yes ; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 for ac_prog in gnuctags ctags do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_CTAGS+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$CTAGS"; then ac_cv_prog_CTAGS="$CTAGS" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CTAGS="$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi CTAGS=$ac_cv_prog_CTAGS if test -n "$CTAGS"; then echo "$as_me:$LINENO: result: $CTAGS" >&5 echo "${ECHO_T}$CTAGS" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi test -n "$CTAGS" && break done if test -n "$CTAGS"; then test "$CTAGS" = gnutags && CTAG_OPTS="-w" else { { echo "$as_me:$LINENO: error: unable to find a ctags tool" >&5 echo "$as_me: error: unable to find a ctags tool" >&2;} { (exit 1); exit 1; }; } fi else enable_ctags="no" echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi # allow overrige the default ctags file name test -n "$TAGS" || TAGS=tags ############################################################ # check for header files ############################################################ for ac_prog in sgml2html do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_SGML2HTML+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$SGML2HTML"; then ac_cv_prog_SGML2HTML="$SGML2HTML" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_SGML2HTML="$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi SGML2HTML=$ac_cv_prog_SGML2HTML if test -n "$SGML2HTML"; then echo "$as_me:$LINENO: result: $SGML2HTML" >&5 echo "${ECHO_T}$SGML2HTML" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi test -n "$SGML2HTML" && break done for ac_prog in sgml2latex do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_SGML2LATEX+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$SGML2LATEX"; then ac_cv_prog_SGML2LATEX="$SGML2LATEX" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_SGML2LATEX="$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi SGML2LATEX=$ac_cv_prog_SGML2LATEX if test -n "$SGML2LATEX"; then echo "$as_me:$LINENO: result: $SGML2LATEX" >&5 echo "${ECHO_T}$SGML2LATEX" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi test -n "$SGML2LATEX" && break done for ac_prog in ps2pdf do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 echo "$as_me:$LINENO: checking for $ac_word" >&5 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6 if test "${ac_cv_prog_PS2PDF+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test -n "$PS2PDF"; then ac_cv_prog_PS2PDF="$PS2PDF" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if $as_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_PS2PDF="$ac_prog" echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done fi fi PS2PDF=$ac_cv_prog_PS2PDF if test -n "$PS2PDF"; then echo "$as_me:$LINENO: result: $PS2PDF" >&5 echo "${ECHO_T}$PS2PDF" >&6 else echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi test -n "$PS2PDF" && break done ############################################################ # check for header files ############################################################ echo "$as_me:$LINENO: checking for ANSI C header files" >&5 echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6 if test "${ac_cv_header_stdc+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include #include int main () { ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_header_stdc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_header_stdc=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) \ (('a' <= (c) && (c) <= 'i') \ || ('j' <= (c) && (c) <= 'r') \ || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); exit (0); } _ACEOF rm -f conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then : else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ( exit $ac_status ) ac_cv_header_stdc=no fi rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi fi fi echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 echo "${ECHO_T}$ac_cv_header_stdc" >&6 if test $ac_cv_header_stdc = yes; then cat >>confdefs.h <<\_ACEOF #define STDC_HEADERS 1 _ACEOF fi # On IRIX 5.3, sys/types and inttypes.h are conflicting. for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_Header=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 eval "$as_ac_Header=no" fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in unistd.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in memory.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in syslog.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done echo "$as_me:$LINENO: checking whether sys/syslog.h is needed" >&5 echo $ECHO_N "checking whether sys/syslog.h is needed... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include int main () { int level = LOG_KERN; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define NEED_SYS_SYSLOG_H 1 _ACEOF fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6 if test "${ac_cv_header_time+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include int main () { if ((struct tm *) 0) return 0; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_header_time=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_header_time=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 echo "${ECHO_T}$ac_cv_header_time" >&6 if test $ac_cv_header_time = yes; then cat >>confdefs.h <<\_ACEOF #define TIME_WITH_SYS_TIME 1 _ACEOF fi for ac_header in sys/time.h sys/select.h fcntl.h sys/fcntl.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in sys/filio.h sys/param.h sys/conf.h sys/sockio.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in paths.h stropts.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in net/if.h net/pfvar.h netinet/in_systm.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in netinet/ip.h netinet/ip_fil.h netinet/ip_nat.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in netinet/ip_compat.h netinet/ip_fil_compat.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in linux/netfilter_ipv4.h do as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` if eval "test \"\${$as_ac_Header+set}\" = set"; then echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 else # Is the header compilable? echo "$as_me:$LINENO: checking $ac_header usability" >&5 echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default #include <$ac_header> _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_header_compiler=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_compiler=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 echo "${ECHO_T}$ac_header_compiler" >&6 # Is the header present? echo "$as_me:$LINENO: checking $ac_header presence" >&5 echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include <$ac_header> _ACEOF if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } >/dev/null; then if test -s conftest.err; then ac_cpp_err=$ac_c_preproc_warn_flag ac_cpp_err=$ac_cpp_err$ac_c_werror_flag else ac_cpp_err= fi else ac_cpp_err=yes fi if test -z "$ac_cpp_err"; then ac_header_preproc=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_header_preproc=no fi rm -f conftest.err conftest.$ac_ext echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 echo "${ECHO_T}$ac_header_preproc" >&6 # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in yes:no: ) { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} ac_header_preproc=yes ;; no:yes:* ) { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} ( cat <<\_ASBOX ## ------------------------------------------ ## ## Report this to the AC_PACKAGE_NAME lists. ## ## ------------------------------------------ ## _ASBOX ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac echo "$as_me:$LINENO: checking for $ac_header" >&5 echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 if eval "test \"\${$as_ac_Header+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else eval "$as_ac_Header=\$ac_header_preproc" fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 fi if test `eval echo '${'$as_ac_Header'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done echo "$as_me:$LINENO: checking for sys/wait.h that is POSIX.1 compatible" >&5 echo $ECHO_N "checking for sys/wait.h that is POSIX.1 compatible... $ECHO_C" >&6 if test "${ac_cv_header_sys_wait_h+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #ifndef WEXITSTATUS # define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8) #endif #ifndef WIFEXITED # define WIFEXITED(stat_val) (((stat_val) & 255) == 0) #endif int main () { int s; wait (&s); s = WIFEXITED (s) ? WEXITSTATUS (s) : 1; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_header_sys_wait_h=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_header_sys_wait_h=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_header_sys_wait_h" >&5 echo "${ECHO_T}$ac_cv_header_sys_wait_h" >&6 if test $ac_cv_header_sys_wait_h = yes; then cat >>confdefs.h <<\_ACEOF #define HAVE_SYS_WAIT_H 1 _ACEOF fi ############################################################ # check for specific functions ############################################################ echo "$as_me:$LINENO: checking for wait3 that fills in rusage" >&5 echo $ECHO_N "checking for wait3 that fills in rusage... $ECHO_C" >&6 if test "${ac_cv_func_wait3_rusage+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else if test "$cross_compiling" = yes; then ac_cv_func_wait3_rusage=no else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #include #include /* HP-UX has wait3 but does not fill in rusage at all. */ int main () { struct rusage r; int i; /* Use a field that we can force nonzero -- voluntary context switches. For systems like NeXT and OSF/1 that don't set it, also use the system CPU time. And page faults (I/O) for Linux. */ r.ru_nvcsw = 0; r.ru_stime.tv_sec = 0; r.ru_stime.tv_usec = 0; r.ru_majflt = r.ru_minflt = 0; switch (fork ()) { case 0: /* Child. */ sleep(1); /* Give up the CPU. */ _exit(0); break; case -1: /* What can we do? */ _exit(0); break; default: /* Parent. */ wait3(&i, 0, &r); /* Avoid "text file busy" from rm on fast HP-UX machines. */ sleep(2); exit (r.ru_nvcsw == 0 && r.ru_majflt == 0 && r.ru_minflt == 0 && r.ru_stime.tv_sec == 0 && r.ru_stime.tv_usec == 0); } } _ACEOF rm -f conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='./conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_wait3_rusage=yes else echo "$as_me: program exited with status $ac_status" >&5 echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ( exit $ac_status ) ac_cv_func_wait3_rusage=no fi rm -f core *.core gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi fi echo "$as_me:$LINENO: result: $ac_cv_func_wait3_rusage" >&5 echo "${ECHO_T}$ac_cv_func_wait3_rusage" >&6 if test $ac_cv_func_wait3_rusage = yes; then cat >>confdefs.h <<\_ACEOF #define HAVE_WAIT3 1 _ACEOF fi for ac_func in waitpid do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define $ac_func to an innocuous variant, in case declares $ac_func. For example, HP-UX 11i declares gettimeofday. */ #define $ac_func innocuous_$ac_func /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $ac_func /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else char (*f) () = $ac_func; #endif #ifdef __cplusplus } #endif int main () { return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 eval "$as_ac_var=no" fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done for ac_func in setsid do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define $ac_func to an innocuous variant, in case declares $ac_func. For example, HP-UX 11i declares gettimeofday. */ #define $ac_func innocuous_$ac_func /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $ac_func /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else char (*f) () = $ac_func; #endif #ifdef __cplusplus } #endif int main () { return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 eval "$as_ac_var=no" fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done for ac_func in snprintf do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define $ac_func to an innocuous variant, in case declares $ac_func. For example, HP-UX 11i declares gettimeofday. */ #define $ac_func innocuous_$ac_func /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $ac_func /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else char (*f) () = $ac_func; #endif #ifdef __cplusplus } #endif int main () { return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 eval "$as_ac_var=no" fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done for ac_func in vsnprintf do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define $ac_func to an innocuous variant, in case declares $ac_func. For example, HP-UX 11i declares gettimeofday. */ #define $ac_func innocuous_$ac_func /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $ac_func /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else char (*f) () = $ac_func; #endif #ifdef __cplusplus } #endif int main () { return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 eval "$as_ac_var=no" fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done ############################################################ # check for types to be defined ############################################################ echo "$as_me:$LINENO: checking for mode_t" >&5 echo $ECHO_N "checking for mode_t... $ECHO_C" >&6 if test "${ac_cv_type_mode_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default int main () { if ((mode_t *) 0) return 0; if (sizeof (mode_t)) return 0; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_mode_t=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_type_mode_t=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_mode_t" >&5 echo "${ECHO_T}$ac_cv_type_mode_t" >&6 if test $ac_cv_type_mode_t = yes; then : else cat >>confdefs.h <<_ACEOF #define mode_t int _ACEOF fi echo "$as_me:$LINENO: checking for pid_t" >&5 echo $ECHO_N "checking for pid_t... $ECHO_C" >&6 if test "${ac_cv_type_pid_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default int main () { if ((pid_t *) 0) return 0; if (sizeof (pid_t)) return 0; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_pid_t=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_type_pid_t=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_pid_t" >&5 echo "${ECHO_T}$ac_cv_type_pid_t" >&6 if test $ac_cv_type_pid_t = yes; then : else cat >>confdefs.h <<_ACEOF #define pid_t int _ACEOF fi echo "$as_me:$LINENO: checking for size_t" >&5 echo $ECHO_N "checking for size_t... $ECHO_C" >&6 if test "${ac_cv_type_size_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default int main () { if ((size_t *) 0) return 0; if (sizeof (size_t)) return 0; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_size_t=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_type_size_t=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5 echo "${ECHO_T}$ac_cv_type_size_t" >&6 if test $ac_cv_type_size_t = yes; then : else cat >>confdefs.h <<_ACEOF #define size_t unsigned _ACEOF fi echo "$as_me:$LINENO: checking for uid_t in sys/types.h" >&5 echo $ECHO_N "checking for uid_t in sys/types.h... $ECHO_C" >&6 if test "${ac_cv_type_uid_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "uid_t" >/dev/null 2>&1; then ac_cv_type_uid_t=yes else ac_cv_type_uid_t=no fi rm -f conftest* fi echo "$as_me:$LINENO: result: $ac_cv_type_uid_t" >&5 echo "${ECHO_T}$ac_cv_type_uid_t" >&6 if test $ac_cv_type_uid_t = no; then cat >>confdefs.h <<\_ACEOF #define uid_t int _ACEOF cat >>confdefs.h <<\_ACEOF #define gid_t int _ACEOF fi echo "$as_me:$LINENO: checking return type of signal handlers" >&5 echo $ECHO_N "checking return type of signal handlers... $ECHO_C" >&6 if test "${ac_cv_type_signal+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ #include #include #ifdef signal # undef signal #endif #ifdef __cplusplus extern "C" void (*signal (int, void (*)(int)))(int); #else void (*signal ()) (); #endif int main () { int i; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_signal=void else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_type_signal=int fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_signal" >&5 echo "${ECHO_T}$ac_cv_type_signal" >&6 cat >>confdefs.h <<_ACEOF #define RETSIGTYPE $ac_cv_type_signal _ACEOF echo "$as_me:$LINENO: checking for u_int16_t" >&5 echo $ECHO_N "checking for u_int16_t... $ECHO_C" >&6 if test "${ac_cv_type_u_int16_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default int main () { if ((u_int16_t *) 0) return 0; if (sizeof (u_int16_t)) return 0; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_u_int16_t=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_type_u_int16_t=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int16_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int16_t" >&6 if test $ac_cv_type_u_int16_t = yes; then : else cat >>confdefs.h <<_ACEOF #define u_int16_t unsigned short _ACEOF fi echo "$as_me:$LINENO: checking for u_int32_t" >&5 echo $ECHO_N "checking for u_int32_t... $ECHO_C" >&6 if test "${ac_cv_type_u_int32_t+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ $ac_includes_default int main () { if ((u_int32_t *) 0) return 0; if (sizeof (u_int32_t)) return 0; ; return 0; } _ACEOF rm -f conftest.$ac_objext if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 (eval $ac_compile) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest.$ac_objext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_type_u_int32_t=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_type_u_int32_t=no fi rm -f conftest.err conftest.$ac_objext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_type_u_int32_t" >&5 echo "${ECHO_T}$ac_cv_type_u_int32_t" >&6 if test $ac_cv_type_u_int32_t = yes; then : else cat >>confdefs.h <<_ACEOF #define u_int32_t unsigned int _ACEOF fi ############################################################ # check for libraries to scan ############################################################ #AC_CHECK_LIB(compat, main) echo "$as_me:$LINENO: checking for connect in -lsocket" >&5 echo $ECHO_N "checking for connect in -lsocket... $ECHO_C" >&6 if test "${ac_cv_lib_socket_connect+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char connect (); int main () { connect (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_socket_connect=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_socket_connect=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_socket_connect" >&5 echo "${ECHO_T}$ac_cv_lib_socket_connect" >&6 if test $ac_cv_lib_socket_connect = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_LIBSOCKET 1 _ACEOF LIBS="-lsocket $LIBS" fi echo "$as_me:$LINENO: checking for gethostbyname" >&5 echo $ECHO_N "checking for gethostbyname... $ECHO_C" >&6 if test "${ac_cv_func_gethostbyname+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define gethostbyname to an innocuous variant, in case declares gethostbyname. For example, HP-UX 11i declares gettimeofday. */ #define gethostbyname innocuous_gethostbyname /* System header to define __stub macros and hopefully few prototypes, which can conflict with char gethostbyname (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef gethostbyname /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char gethostbyname (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_gethostbyname) || defined (__stub___gethostbyname) choke me #else char (*f) () = gethostbyname; #endif #ifdef __cplusplus } #endif int main () { return f != gethostbyname; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_gethostbyname=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_func_gethostbyname=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_func_gethostbyname" >&5 echo "${ECHO_T}$ac_cv_func_gethostbyname" >&6 if test $ac_cv_func_gethostbyname = yes; then : else echo "$as_me:$LINENO: checking for gethostbyname in -lnsl" >&5 echo $ECHO_N "checking for gethostbyname in -lnsl... $ECHO_C" >&6 if test "${ac_cv_lib_nsl_gethostbyname+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lnsl $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char gethostbyname (); int main () { gethostbyname (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_nsl_gethostbyname=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_nsl_gethostbyname=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_gethostbyname" >&5 echo "${ECHO_T}$ac_cv_lib_nsl_gethostbyname" >&6 if test $ac_cv_lib_nsl_gethostbyname = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_LIBNSL 1 _ACEOF LIBS="-lnsl $LIBS" else echo "$as_me:$LINENO: checking for gethostbyname in -lresolv" >&5 echo $ECHO_N "checking for gethostbyname in -lresolv... $ECHO_C" >&6 if test "${ac_cv_lib_resolv_gethostbyname+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lresolv $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char gethostbyname (); int main () { gethostbyname (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_resolv_gethostbyname=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_resolv_gethostbyname=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_resolv_gethostbyname" >&5 echo "${ECHO_T}$ac_cv_lib_resolv_gethostbyname" >&6 if test $ac_cv_lib_resolv_gethostbyname = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_LIBRESOLV 1 _ACEOF LIBS="-lresolv $LIBS" fi fi fi echo "$as_me:$LINENO: checking for inet_aton" >&5 echo $ECHO_N "checking for inet_aton... $ECHO_C" >&6 if test "${ac_cv_func_inet_aton+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define inet_aton to an innocuous variant, in case declares inet_aton. For example, HP-UX 11i declares gettimeofday. */ #define inet_aton innocuous_inet_aton /* System header to define __stub macros and hopefully few prototypes, which can conflict with char inet_aton (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef inet_aton /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char inet_aton (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_inet_aton) || defined (__stub___inet_aton) choke me #else char (*f) () = inet_aton; #endif #ifdef __cplusplus } #endif int main () { return f != inet_aton; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_inet_aton=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_func_inet_aton=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_func_inet_aton" >&5 echo "${ECHO_T}$ac_cv_func_inet_aton" >&6 if test $ac_cv_func_inet_aton = yes; then : else echo "$as_me:$LINENO: checking for inet_aton in -lnsl" >&5 echo $ECHO_N "checking for inet_aton in -lnsl... $ECHO_C" >&6 if test "${ac_cv_lib_nsl_inet_aton+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lnsl $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char inet_aton (); int main () { inet_aton (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_nsl_inet_aton=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_nsl_inet_aton=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_inet_aton" >&5 echo "${ECHO_T}$ac_cv_lib_nsl_inet_aton" >&6 if test $ac_cv_lib_nsl_inet_aton = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_LIBNSL 1 _ACEOF LIBS="-lnsl $LIBS" else echo "$as_me:$LINENO: checking for inet_aton in -lresolv" >&5 echo $ECHO_N "checking for inet_aton in -lresolv... $ECHO_C" >&6 if test "${ac_cv_lib_resolv_inet_aton+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lresolv $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char inet_aton (); int main () { inet_aton (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_resolv_inet_aton=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_resolv_inet_aton=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_resolv_inet_aton" >&5 echo "${ECHO_T}$ac_cv_lib_resolv_inet_aton" >&6 if test $ac_cv_lib_resolv_inet_aton = yes; then cat >>confdefs.h <<_ACEOF #define HAVE_LIBRESOLV 1 _ACEOF LIBS="-lresolv $LIBS" fi fi fi ############################################################ # check whether to enable /proc modules ############################################################ echo "$as_me:$LINENO: checking whether to enable Linux /proc diagnostic module" >&5 echo $ECHO_N "checking whether to enable Linux /proc diagnostic module... $ECHO_C" >&6 # Check whether --enable-proc-mods or --disable-proc-mods was given. if test "${enable_proc_mods+set}" = set; then enableval="$enable_proc_mods" fi; PROC_FTP="" if test "$enable_proc_mods" = yes ; then case "$host" in *-*-linux*) echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 PROC_FTP="proc_ftp.o" { echo "$as_me:$LINENO: WARNING: *** linux /proc module is not complete yet" >&5 echo "$as_me: WARNING: *** linux /proc module is not complete yet" >&2;} devel_only=yes ;; *) echo "$as_me:$LINENO: result: n/a" >&5 echo "${ECHO_T}n/a" >&6 { { echo "$as_me:$LINENO: error: /proc module not avaliable on $host" >&5 echo "$as_me: error: /proc module not avaliable on $host" >&2;} { (exit 1); exit 1; }; } ;; esac else enable_proc_mods="no" echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi ############################################################ # check whether to enable RFC 1579 handling ############################################################ echo "$as_me:$LINENO: checking whether to enable RFC 1579 FW-FTP extensions" >&5 echo $ECHO_N "checking whether to enable RFC 1579 FW-FTP extensions... $ECHO_C" >&6 # Check whether --enable-rfc1579 or --disable-rfc1579 was given. if test "${enable_rfc1579+set}" = set; then enableval="$enable_rfc1579" fi; if test "$enable_rfc1579" = yes ; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define ENABLE_RFC1579 1 _ACEOF { echo "$as_me:$LINENO: WARNING: *** RFC 1579 FW-FTP extensions are not complete yet" >&5 echo "$as_me: WARNING: *** RFC 1579 FW-FTP extensions are not complete yet" >&2;} devel_only=yes else enable_rfc1579="no" echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi ############################################################ # check whether to enable RFC 2428 handling ############################################################ echo "$as_me:$LINENO: checking whether to enable RFC 2428 IPv6 extensions" >&5 echo $ECHO_N "checking whether to enable RFC 2428 IPv6 extensions... $ECHO_C" >&6 # Check whether --enable-rfc2428 or --disable-rfc2428 was given. if test "${enable_rfc2428+set}" = set; then enableval="$enable_rfc2428" fi; if test "$enable_rfc2428" = yes ; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define ENABLE_RFC2428 1 _ACEOF { echo "$as_me:$LINENO: WARNING: *** RFC 1579 IPv6 extensions are not complete yet" >&5 echo "$as_me: WARNING: *** RFC 1579 IPv6 extensions are not complete yet" >&2;} devel_only=yes else enable_rfc2428="no" echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi ############################################################ # check whether to enable SO_LINGER ############################################################ echo "$as_me:$LINENO: checking whether to enable SO_LINGER socket options" >&5 echo $ECHO_N "checking whether to enable SO_LINGER socket options... $ECHO_C" >&6 # Check whether --enable-so-linger or --disable-so-linger was given. if test "${enable_so_linger+set}" = set; then enableval="$enable_so_linger" fi; if test "$enable_so_linger" = yes ; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define ENABLE_SO_LINGER 1 _ACEOF else enable_so_linger="no" echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi ############################################################ # check whether to compile in POSIX RegEx support ############################################################ echo "$as_me:$LINENO: checking whether to use regular expressions" >&5 echo $ECHO_N "checking whether to use regular expressions... $ECHO_C" >&6 # Check whether --with-regex or --without-regex was given. if test "${with_regex+set}" = set; then withval="$with_regex" fi; case "$with_regex" in no) echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 ;; yes|"") echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 echo "$as_me:$LINENO: checking for regcomp" >&5 echo $ECHO_N "checking for regcomp... $ECHO_C" >&6 if test "${ac_cv_func_regcomp+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define regcomp to an innocuous variant, in case declares regcomp. For example, HP-UX 11i declares gettimeofday. */ #define regcomp innocuous_regcomp /* System header to define __stub macros and hopefully few prototypes, which can conflict with char regcomp (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef regcomp /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char regcomp (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_regcomp) || defined (__stub___regcomp) choke me #else char (*f) () = regcomp; #endif #ifdef __cplusplus } #endif int main () { return f != regcomp; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_regcomp=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_func_regcomp=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_func_regcomp" >&5 echo "${ECHO_T}$ac_cv_func_regcomp" >&6 if test $ac_cv_func_regcomp = yes; then cat >>confdefs.h <<\_ACEOF #define HAVE_REGEX 1 _ACEOF with_regex="yes" else echo "$as_me:$LINENO: checking for regcomp in -lregex" >&5 echo $ECHO_N "checking for regcomp in -lregex... $ECHO_C" >&6 if test "${ac_cv_lib_regex_regcomp+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lregex $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char regcomp (); int main () { regcomp (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_regex_regcomp=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_regex_regcomp=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_regex_regcomp" >&5 echo "${ECHO_T}$ac_cv_lib_regex_regcomp" >&6 if test $ac_cv_lib_regex_regcomp = yes; then LIB_REGEX="-lregex" cat >>confdefs.h <<\_ACEOF #define HAVE_REGEX 1 _ACEOF with_regex="yes" else # fail if explicitely requested.... if test "$with_regex" = yes ; then { { echo "$as_me:$LINENO: error: unable to find regex support" >&5 echo "$as_me: error: unable to find regex support" >&2;} { (exit 1); exit 1; }; } fi with_regex="no" fi fi ;; *) echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define HAVE_REGEX 1 _ACEOF if test -d "$withval"; then LIB_REGEX="-L$withval -lregex" else LIB_REGEX="$withval" fi OLDLIBS="$LIBS" LIBS="$LIB_REGEX $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int main () { regcomp(); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then : else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { echo "$as_me:$LINENO: error: unable to find libregex" >&5 echo "$as_me: error: unable to find libregex" >&2;} { (exit 1); exit 1; }; } fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS="$OLDLIBS" ;; esac ############################################################ # check whether to compile in TCP Wrapper support ############################################################ echo "$as_me:$LINENO: checking whether to use libwrap TCP wrapper" >&5 echo $ECHO_N "checking whether to use libwrap TCP wrapper... $ECHO_C" >&6 # Check whether --with-libwrap or --without-libwrap was given. if test "${with_libwrap+set}" = set; then withval="$with_libwrap" fi; case "$with_libwrap" in no) echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 ;; yes|"") echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 echo "$as_me:$LINENO: checking for request_init in -lwrap" >&5 echo $ECHO_N "checking for request_init in -lwrap... $ECHO_C" >&6 if test "${ac_cv_lib_wrap_request_init+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lwrap $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char request_init (); int main () { request_init (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_wrap_request_init=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_wrap_request_init=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_wrap_request_init" >&5 echo "${ECHO_T}$ac_cv_lib_wrap_request_init" >&6 if test $ac_cv_lib_wrap_request_init = yes; then LIB_WRAP="-lwrap" cat >>confdefs.h <<\_ACEOF #define HAVE_LIBWRAP 1 _ACEOF fi # fail if explicitely requested if test "$with_libwrap" = yes ; then test "$ac_cv_func_regcomp" != yes && \ { { echo "$as_me:$LINENO: error: unable to find tcp wrapper support" >&5 echo "$as_me: error: unable to find tcp wrapper support" >&2;} { (exit 1); exit 1; }; } fi with_libwrap="yes" ;; *) echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define HAVE_LIBWRAP 1 _ACEOF if test -d "$withval"; then LIB_WRAP="-L$withval -lwrap" else LIB_WRAP="$withval" fi OLDLIBS="$LIBS" LIBS="$LIB_WRAP $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ int allow_severity; int deny_severity; int main () { hosts_access(); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then : else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { echo "$as_me:$LINENO: error: unable to find libwrap" >&5 echo "$as_me: error: unable to find libwrap" >&2;} { (exit 1); exit 1; }; } fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS="$OLDLIBS" ;; esac ############################################################ # check whether to compile in LDAP support ############################################################ echo "$as_me:$LINENO: checking whether to use LDAP support" >&5 echo $ECHO_N "checking whether to use LDAP support... $ECHO_C" >&6 # Check whether --with-libldap or --without-libldap was given. if test "${with_libldap+set}" = set; then withval="$with_libldap" fi; case "$with_libldap" in no|"") echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 with_libldap="no" ;; yes) echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 # check ldap and lber libs echo "$as_me:$LINENO: checking for ber_init in -lldap" >&5 echo $ECHO_N "checking for ber_init in -lldap... $ECHO_C" >&6 if test "${ac_cv_lib_ldap_ber_init+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lldap $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char ber_init (); int main () { ber_init (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_ldap_ber_init=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_ldap_ber_init=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_ldap_ber_init" >&5 echo "${ECHO_T}$ac_cv_lib_ldap_ber_init" >&6 if test $ac_cv_lib_ldap_ber_init = yes; then LIB_LDAP="-lldap" cat >>confdefs.h <<\_ACEOF #define HAVE_LIBLDAP 1 _ACEOF with_libldap="yes" else echo "$as_me:$LINENO: checking for ber_init in -llber" >&5 echo $ECHO_N "checking for ber_init in -llber... $ECHO_C" >&6 if test "${ac_cv_lib_lber_ber_init+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-llber $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char ber_init (); int main () { ber_init (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_lber_ber_init=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_lber_ber_init=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_lber_ber_init" >&5 echo "${ECHO_T}$ac_cv_lib_lber_ber_init" >&6 if test $ac_cv_lib_lber_ber_init = yes; then LIB_LDAP="-lldap -llber" cat >>confdefs.h <<\_ACEOF #define HAVE_LIBLDAP 1 _ACEOF with_libldap="yes" else { { echo "$as_me:$LINENO: error: unable to find ldap support" >&5 echo "$as_me: error: unable to find ldap support" >&2;} { (exit 1); exit 1; }; } fi fi # check some ldap features OLDLIBS="$LIBS" LIBS="$LIB_LDAP $OLDLIBS" for ac_func in ldap_set_option ldap_get_option ldap_get_lderrno do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define $ac_func to an innocuous variant, in case declares $ac_func. For example, HP-UX 11i declares gettimeofday. */ #define $ac_func innocuous_$ac_func /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $ac_func /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else char (*f) () = $ac_func; #endif #ifdef __cplusplus } #endif int main () { return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 eval "$as_ac_var=no" fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done LIBS="$OLDLIBS" ;; *) echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 if test -d "$withval"; then LIB_LDAP="-L$withval -lldap" else LIB_LDAP="$withval" fi OLDLIBS="$LIBS" LIBS="$LIB_LDAP $OLDLIBS" echo "$as_me:$LINENO: checking for ber_init in $LIB_LDAP" >&5 echo $ECHO_N "checking for ber_init in $LIB_LDAP... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ void* ber_init(void *); int main () { ber_init(0); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define HAVE_LIBLDAP 1 _ACEOF with_libldap="yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 LIB_LDAP="$LIB_LDAP -llber" LIBS="$LIB_LDAP $OLDLIBS" echo "$as_me:$LINENO: checking for ber_init in $LIB_LDAP" >&5 echo $ECHO_N "checking for ber_init in $LIB_LDAP... $ECHO_C" >&6 cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ void* ber_init(void *); int main () { ber_init(0); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define HAVE_LIBLDAP 1 _ACEOF with_libldap="yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 { { echo "$as_me:$LINENO: error: Could not find libldap" >&5 echo "$as_me: error: Could not find libldap" >&2;} { (exit 1); exit 1; }; } fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext # check more ldap features for ac_func in ldap_set_option ldap_get_option ldap_get_lderrno do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` echo "$as_me:$LINENO: checking for $ac_func" >&5 echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 if eval "test \"\${$as_ac_var+set}\" = set"; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define $ac_func to an innocuous variant, in case declares $ac_func. For example, HP-UX 11i declares gettimeofday. */ #define $ac_func innocuous_$ac_func /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $ac_func (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $ac_func /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char $ac_func (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_$ac_func) || defined (__stub___$ac_func) choke me #else char (*f) () = $ac_func; #endif #ifdef __cplusplus } #endif int main () { return f != $ac_func; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then eval "$as_ac_var=yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 eval "$as_ac_var=no" fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 if test `eval echo '${'$as_ac_var'}'` = yes; then cat >>confdefs.h <<_ACEOF #define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done LIBS="$OLDLIBS" ;; esac ############################################################ # check whether to compile in crypt support ############################################################ if test x$with_libldap = xyes ; then echo "$as_me:$LINENO: checking whether to use crypt passwd support" >&5 echo $ECHO_N "checking whether to use crypt passwd support... $ECHO_C" >&6 # Check whether --with-crypt or --without-crypt was given. if test "${with_crypt+set}" = set; then withval="$with_crypt" fi; case "$with_crypt" in no) echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 ;; yes|"") echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 echo "$as_me:$LINENO: checking for crypt" >&5 echo $ECHO_N "checking for crypt... $ECHO_C" >&6 if test "${ac_cv_func_crypt+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Define crypt to an innocuous variant, in case declares crypt. For example, HP-UX 11i declares gettimeofday. */ #define crypt innocuous_crypt /* System header to define __stub macros and hopefully few prototypes, which can conflict with char crypt (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef crypt /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" { #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char crypt (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined (__stub_crypt) || defined (__stub___crypt) choke me #else char (*f) () = crypt; #endif #ifdef __cplusplus } #endif int main () { return f != crypt; ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_func_crypt=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_func_crypt=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi echo "$as_me:$LINENO: result: $ac_cv_func_crypt" >&5 echo "${ECHO_T}$ac_cv_func_crypt" >&6 if test $ac_cv_func_crypt = yes; then cat >>confdefs.h <<\_ACEOF #define HAVE_CRYPT 1 _ACEOF with_crypt="yes" else echo "$as_me:$LINENO: checking for crypt in -lcrypt" >&5 echo $ECHO_N "checking for crypt in -lcrypt... $ECHO_C" >&6 if test "${ac_cv_lib_crypt_crypt+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lcrypt $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ /* Override any gcc2 internal prototype to avoid an error. */ #ifdef __cplusplus extern "C" #endif /* We use char because int might match the return type of a gcc2 builtin and then its argument prototype would still apply. */ char crypt (); int main () { crypt (); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then ac_cv_lib_crypt_crypt=yes else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_cv_lib_crypt_crypt=no fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi echo "$as_me:$LINENO: result: $ac_cv_lib_crypt_crypt" >&5 echo "${ECHO_T}$ac_cv_lib_crypt_crypt" >&6 if test $ac_cv_lib_crypt_crypt = yes; then LIB_CRYPT="-lcrypt" cat >>confdefs.h <<\_ACEOF #define HAVE_CRYPT 1 _ACEOF with_crypt="yes" else # fail if explicitely requested.... if test "$with_crypt" = yes ; then { { echo "$as_me:$LINENO: error: unable to find crypt support" >&5 echo "$as_me: error: unable to find crypt support" >&2;} { (exit 1); exit 1; }; } fi fi fi ;; *) echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 if test -d "$withval"; then LIB_CRYPT="-L$withval -lcrypt" else LIB_CRYPT="$withval" fi OLDLIBS="$LIBS" LIBS="$LIB_CRYPT $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF cat confdefs.h >>conftest.$ac_ext cat >>conftest.$ac_ext <<_ACEOF /* end confdefs.h. */ char *crypt(char *, char *); int main () { crypt("", ""); ; return 0; } _ACEOF rm -f conftest.$ac_objext conftest$ac_exeext if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 (eval $ac_link) 2>conftest.er1 ac_status=$? grep -v '^ *+' conftest.er1 >conftest.err rm -f conftest.er1 cat conftest.err >&5 echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } && { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; } && { ac_try='test -s conftest$ac_exeext' { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 (eval $ac_try) 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); }; }; then cat >>confdefs.h <<\_ACEOF #define HAVE_CRYPT 1 _ACEOF with_crypt="yes" else echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { echo "$as_me:$LINENO: error: unable to find libcrypt" >&5 echo "$as_me: error: unable to find libcrypt" >&2;} { (exit 1); exit 1; }; } fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS="$OLDLIBS" ;; esac else with_crypt="no" fi # ############################################################ # check whether to compile in SSL support ############################################################ echo "$as_me:$LINENO: checking whether to use SSL (sftp) support" >&5 echo $ECHO_N "checking whether to use SSL (sftp) support... $ECHO_C" >&6 # Check whether --with-ssl or --without-ssl was given. if test "${with_ssl+set}" = set; then withval="$with_ssl" fi; if test "$with_ssl" = yes ; then echo "$as_me:$LINENO: result: yes" >&5 echo "${ECHO_T}yes" >&6 cat >>confdefs.h <<\_ACEOF #define ENABLE_SSL 1 _ACEOF { echo "$as_me:$LINENO: WARNING: *** SSL support (sftp) is not complete yet" >&5 echo "$as_me: WARNING: *** SSL support (sftp) is not complete yet" >&2;} devel_only=yes else with_ssl="no" echo "$as_me:$LINENO: result: no" >&5 echo "${ECHO_T}no" >&6 fi # ############################################################ # resolve some paths (needed i.e. for manual pages) ############################################################ eval SBINDIR=${sbindir} eval SYSCONFDIR=${sysconfdir} ############################################################ # Done, now generate the output files ############################################################ ac_config_files="$ac_config_files Makefile doc/Makefile common/Makefile ftp-proxy/Makefile ftp-proxy/ftp-proxy.conf.5 ftp-proxy/ftp-proxy.8 ftp-proxy/rc.script" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, don't put newlines in cache variables' values. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. { (set) 2>&1 | case `(ac_space=' '; set | grep ac_space) 2>&1` in *ac_space=\ *) # `set' does not quote correctly, so add quotes (double-quote # substitution turns \\\\ into \\, and sed turns \\ into \). sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n \ "s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1=\\2/p" ;; esac; } | sed ' t clear : clear s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ t end /^ac_cv_env/!s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ : end' >>confcache if diff $cache_file confcache >/dev/null 2>&1; then :; else if test -w $cache_file; then test "x$cache_file" != "x/dev/null" && echo "updating cache $cache_file" cat confcache >$cache_file else echo "not updating unwritable cache $cache_file" fi fi rm -f confcache test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' # VPATH may cause trouble with some makes, so we remove $(srcdir), # ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=/{ s/:*\$(srcdir):*/:/; s/:*\${srcdir}:*/:/; s/:*@srcdir@:*/:/; s/^\([^=]*=[ ]*\):*/\1/; s/:*$//; s/^[^=]*=[ ]*$//; }' fi DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_i=`echo "$ac_i" | sed 's/\$U\././;s/\.o$//;s/\.obj$//'` # 2. Add them. ac_libobjs="$ac_libobjs $ac_i\$U.$ac_objext" ac_ltlibobjs="$ac_ltlibobjs $ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs : ${CONFIG_STATUS=./config.status} ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" { echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5 echo "$as_me: creating $CONFIG_STATUS" >&6;} cat >$CONFIG_STATUS <<_ACEOF #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. debug=false ac_cs_recheck=false ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF ## --------------------- ## ## M4sh Initialization. ## ## --------------------- ## # Be Bourne compatible if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' elif test -n "${BASH_VERSION+set}" && (set -o posix) >/dev/null 2>&1; then set -o posix fi DUALCASE=1; export DUALCASE # for MKS sh # Support unset when possible. if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then as_unset=unset else as_unset=false fi # Work around bugs in pre-3.0 UWIN ksh. $as_unset ENV MAIL MAILPATH PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. for as_var in \ LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ LC_TELEPHONE LC_TIME do if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then eval $as_var=C; export $as_var else $as_unset $as_var fi done # Required to use basename. if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr else as_expr=false fi if (basename /) >/dev/null 2>&1 && test "X`basename / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi # Name of the executable. as_me=`$as_basename "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)$' \| \ . : '\(.\)' 2>/dev/null || echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/; q; } /^X\/\(\/\/\)$/{ s//\1/; q; } /^X\/\(\/\).*/{ s//\1/; q; } s/.*/./; q'` # PATH needs CR, and LINENO needs CR and PATH. # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then echo "#! /bin/sh" >conf$$.sh echo "exit 0" >>conf$$.sh chmod +x conf$$.sh if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then PATH_SEPARATOR=';' else PATH_SEPARATOR=: fi rm -f conf$$.sh fi as_lineno_1=$LINENO as_lineno_2=$LINENO as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" || { # Find who we are. Look in the path if we contain no path at all # relative or not. case $0 in *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then { { echo "$as_me:$LINENO: error: cannot find myself; rerun with an absolute path" >&5 echo "$as_me: error: cannot find myself; rerun with an absolute path" >&2;} { (exit 1); exit 1; }; } fi case $CONFIG_SHELL in '') as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for as_base in sh bash ksh sh5; do case $as_dir in /*) if ("$as_dir/$as_base" -c ' as_lineno_1=$LINENO as_lineno_2=$LINENO as_lineno_3=`(expr $as_lineno_1 + 1) 2>/dev/null` test "x$as_lineno_1" != "x$as_lineno_2" && test "x$as_lineno_3" = "x$as_lineno_2" ') 2>/dev/null; then $as_unset BASH_ENV || test "${BASH_ENV+set}" != set || { BASH_ENV=; export BASH_ENV; } $as_unset ENV || test "${ENV+set}" != set || { ENV=; export ENV; } CONFIG_SHELL=$as_dir/$as_base export CONFIG_SHELL exec "$CONFIG_SHELL" "$0" ${1+"$@"} fi;; esac done done ;; esac # Create $as_me.lineno as a copy of $as_myself, but with $LINENO # uniformly replaced by the line number. The first 'sed' inserts a # line-number line before each line; the second 'sed' does the real # work. The second script uses 'N' to pair each line-number line # with the numbered line, and appends trailing '-' during # substitution so that $LINENO is not a special case at line end. # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the # second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-) sed '=' <$as_myself | sed ' N s,$,-, : loop s,^\(['$as_cr_digits']*\)\(.*\)[$]LINENO\([^'$as_cr_alnum'_]\),\1\2\1\3, t loop s,-$,, s,^['$as_cr_digits']*\n,, ' >$as_me.lineno && chmod +x $as_me.lineno || { { echo "$as_me:$LINENO: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&5 echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2;} { (exit 1); exit 1; }; } # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensible to this). . ./$as_me.lineno # Exit status is that of the last command. exit } case `echo "testing\c"; echo 1,2,3`,`echo -n testing; echo 1,2,3` in *c*,-n*) ECHO_N= ECHO_C=' ' ECHO_T=' ' ;; *c*,* ) ECHO_N=-n ECHO_C= ECHO_T= ;; *) ECHO_N= ECHO_C='\c' ECHO_T= ;; esac if expr a : '\(a\)' >/dev/null 2>&1; then as_expr=expr else as_expr=false fi rm -f conf$$ conf$$.exe conf$$.file echo >conf$$.file if ln -s conf$$.file conf$$ 2>/dev/null; then # We could just check for DJGPP; but this test a) works b) is more generic # and c) will remain valid once DJGPP supports symlinks (DJGPP 2.04). if test -f conf$$.exe; then # Don't use ln at all; we don't have any links as_ln_s='cp -p' else as_ln_s='ln -s' fi elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.file if mkdir -p . 2>/dev/null; then as_mkdir_p=: else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_executable_p="test -f" # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" # IFS # We need space, tab and new line, in precisely that order. as_nl=' ' IFS=" $as_nl" # CDPATH. $as_unset CDPATH exec 6>&1 # Open the log real soon, to keep \$[0] and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. Logging --version etc. is OK. exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX } >&5 cat >&5 <<_CSEOF This file was extended by $as_me, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ _CSEOF echo "on `(hostname || uname -n) 2>/dev/null | sed 1q`" >&5 echo >&5 _ACEOF # Files that config.status was made for. if test -n "$ac_config_files"; then echo "config_files=\"$ac_config_files\"" >>$CONFIG_STATUS fi if test -n "$ac_config_headers"; then echo "config_headers=\"$ac_config_headers\"" >>$CONFIG_STATUS fi if test -n "$ac_config_links"; then echo "config_links=\"$ac_config_links\"" >>$CONFIG_STATUS fi if test -n "$ac_config_commands"; then echo "config_commands=\"$ac_config_commands\"" >>$CONFIG_STATUS fi cat >>$CONFIG_STATUS <<\_ACEOF ac_cs_usage="\ \`$as_me' instantiates files from templates according to the current configuration. Usage: $0 [OPTIONS] [FILE]... -h, --help print this help, then exit -V, --version print version number, then exit -q, --quiet do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] instantiate the configuration file FILE --header=FILE[:TEMPLATE] instantiate the configuration header FILE Configuration files: $config_files Configuration headers: $config_headers Report bugs to ." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ config.status configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" Copyright (C) 2003 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." srcdir=$srcdir INSTALL="$INSTALL" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF # If no file are specified by the user, then we need to provide default # value. By we need to know if files were specified by the user. ac_need_defaults=: while test $# != 0 do case $1 in --*=*) ac_option=`expr "x$1" : 'x\([^=]*\)='` ac_optarg=`expr "x$1" : 'x[^=]*=\(.*\)'` ac_shift=: ;; -*) ac_option=$1 ac_optarg=$2 ac_shift=shift ;; *) # This is not an option, so the user has probably given explicit # arguments. ac_option=$1 ac_need_defaults=false;; esac case $ac_option in # Handling of the options. _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --vers* | -V ) echo "$ac_cs_version"; exit 0 ;; --he | --h) # Conflict between --help and --header { { echo "$as_me:$LINENO: error: ambiguous option: $1 Try \`$0 --help' for more information." >&5 echo "$as_me: error: ambiguous option: $1 Try \`$0 --help' for more information." >&2;} { (exit 1); exit 1; }; };; --help | --hel | -h ) echo "$ac_cs_usage"; exit 0 ;; --debug | --d* | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift CONFIG_FILES="$CONFIG_FILES $ac_optarg" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg" ac_need_defaults=false;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. -*) { { echo "$as_me:$LINENO: error: unrecognized option: $1 Try \`$0 --help' for more information." >&5 echo "$as_me: error: unrecognized option: $1 Try \`$0 --help' for more information." >&2;} { (exit 1); exit 1; }; } ;; *) ac_config_targets="$ac_config_targets $1" ;; esac shift done ac_configure_extra_args= if $ac_cs_silent; then exec 6>/dev/null ac_configure_extra_args="$ac_configure_extra_args --silent" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF if \$ac_cs_recheck; then echo "running $SHELL $0 " $ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 exec $SHELL $0 $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion fi _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF for ac_config_target in $ac_config_targets do case "$ac_config_target" in # Handling of arguments. "Makefile" ) CONFIG_FILES="$CONFIG_FILES Makefile" ;; "doc/Makefile" ) CONFIG_FILES="$CONFIG_FILES doc/Makefile" ;; "common/Makefile" ) CONFIG_FILES="$CONFIG_FILES common/Makefile" ;; "ftp-proxy/Makefile" ) CONFIG_FILES="$CONFIG_FILES ftp-proxy/Makefile" ;; "ftp-proxy/ftp-proxy.conf.5" ) CONFIG_FILES="$CONFIG_FILES ftp-proxy/ftp-proxy.conf.5" ;; "ftp-proxy/ftp-proxy.8" ) CONFIG_FILES="$CONFIG_FILES ftp-proxy/ftp-proxy.8" ;; "ftp-proxy/rc.script" ) CONFIG_FILES="$CONFIG_FILES ftp-proxy/rc.script" ;; "config.h" ) CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 echo "$as_me: error: invalid argument: $ac_config_target" >&2;} { (exit 1); exit 1; }; };; esac done # If the user did not use the arguments to specify the items to instantiate, # then the envvar interface is used. Set only those that are not. # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers fi # Have a temporary directory for convenience. Make it in the build tree # simply because there is no reason to put it here, and in addition, # creating and moving files from /tmp can sometimes cause problems. # Create a temporary directory, and hook for its removal unless debugging. $debug || { trap 'exit_status=$?; rm -rf $tmp && exit $exit_status' 0 trap '{ (exit 1); exit 1; }' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d -q "./confstatXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" } || { tmp=./confstat$$-$RANDOM (umask 077 && mkdir $tmp) } || { echo "$me: cannot create a temporary directory in ." >&2 { (exit 1); exit 1; } } _ACEOF cat >>$CONFIG_STATUS <<_ACEOF # # CONFIG_FILES section. # # No need to generate the scripts if there are no CONFIG_FILES. # This happens for instance when ./config.status config.h if test -n "\$CONFIG_FILES"; then # Protect against being on the right side of a sed subst in config.status. sed 's/,@/@@/; s/@,/@@/; s/,;t t\$/@;t t/; /@;t t\$/s/[\\\\&,]/\\\\&/g; s/@@/,@/; s/@@/@,/; s/@;t t\$/,;t t/' >\$tmp/subs.sed <<\\CEOF s,@SHELL@,$SHELL,;t t s,@PATH_SEPARATOR@,$PATH_SEPARATOR,;t t s,@PACKAGE_NAME@,$PACKAGE_NAME,;t t s,@PACKAGE_TARNAME@,$PACKAGE_TARNAME,;t t s,@PACKAGE_VERSION@,$PACKAGE_VERSION,;t t s,@PACKAGE_STRING@,$PACKAGE_STRING,;t t s,@PACKAGE_BUGREPORT@,$PACKAGE_BUGREPORT,;t t s,@exec_prefix@,$exec_prefix,;t t s,@prefix@,$prefix,;t t s,@program_transform_name@,$program_transform_name,;t t s,@bindir@,$bindir,;t t s,@sbindir@,$sbindir,;t t s,@libexecdir@,$libexecdir,;t t s,@datadir@,$datadir,;t t s,@sysconfdir@,$sysconfdir,;t t s,@sharedstatedir@,$sharedstatedir,;t t s,@localstatedir@,$localstatedir,;t t s,@libdir@,$libdir,;t t s,@includedir@,$includedir,;t t s,@oldincludedir@,$oldincludedir,;t t s,@infodir@,$infodir,;t t s,@mandir@,$mandir,;t t s,@build_alias@,$build_alias,;t t s,@host_alias@,$host_alias,;t t s,@target_alias@,$target_alias,;t t s,@DEFS@,$DEFS,;t t s,@ECHO_C@,$ECHO_C,;t t s,@ECHO_N@,$ECHO_N,;t t s,@ECHO_T@,$ECHO_T,;t t s,@LIBS@,$LIBS,;t t s,@CC@,$CC,;t t s,@CFLAGS@,$CFLAGS,;t t s,@LDFLAGS@,$LDFLAGS,;t t s,@CPPFLAGS@,$CPPFLAGS,;t t s,@ac_ct_CC@,$ac_ct_CC,;t t s,@EXEEXT@,$EXEEXT,;t t s,@OBJEXT@,$OBJEXT,;t t s,@INSTALL_PROGRAM@,$INSTALL_PROGRAM,;t t s,@INSTALL_SCRIPT@,$INSTALL_SCRIPT,;t t s,@INSTALL_DATA@,$INSTALL_DATA,;t t s,@SET_MAKE@,$SET_MAKE,;t t s,@RANLIB@,$RANLIB,;t t s,@ac_ct_RANLIB@,$ac_ct_RANLIB,;t t s,@AR@,$AR,;t t s,@RM@,$RM,;t t s,@CPP@,$CPP,;t t s,@EGREP@,$EGREP,;t t s,@build@,$build,;t t s,@build_cpu@,$build_cpu,;t t s,@build_vendor@,$build_vendor,;t t s,@build_os@,$build_os,;t t s,@host@,$host,;t t s,@host_cpu@,$host_cpu,;t t s,@host_vendor@,$host_vendor,;t t s,@host_os@,$host_os,;t t s,@CTAGS@,$CTAGS,;t t s,@SGML2HTML@,$SGML2HTML,;t t s,@SGML2LATEX@,$SGML2LATEX,;t t s,@PS2PDF@,$PS2PDF,;t t s,@OPT@,$OPT,;t t s,@TAGS@,$TAGS,;t t s,@CTAGS_OPTS@,$CTAGS_OPTS,;t t s,@LIB_CRYPT@,$LIB_CRYPT,;t t s,@LIB_REGEX@,$LIB_REGEX,;t t s,@LIB_WRAP@,$LIB_WRAP,;t t s,@LIB_LDAP@,$LIB_LDAP,;t t s,@PROC_FTP@,$PROC_FTP,;t t s,@BINDIR@,$BINDIR,;t t s,@SBINDIR@,$SBINDIR,;t t s,@SYSCONFDIR@,$SYSCONFDIR,;t t s,@LIBOBJS@,$LIBOBJS,;t t s,@LTLIBOBJS@,$LTLIBOBJS,;t t CEOF _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF # Split the substitutions into bite-sized pieces for seds with # small command number limits, like on Digital OSF/1 and HP-UX. ac_max_sed_lines=48 ac_sed_frag=1 # Number of current file. ac_beg=1 # First line for current file. ac_end=$ac_max_sed_lines # Line after last line for current file. ac_more_lines=: ac_sed_cmds= while $ac_more_lines; do if test $ac_beg -gt 1; then sed "1,${ac_beg}d; ${ac_end}q" $tmp/subs.sed >$tmp/subs.frag else sed "${ac_end}q" $tmp/subs.sed >$tmp/subs.frag fi if test ! -s $tmp/subs.frag; then ac_more_lines=false else # The purpose of the label and of the branching condition is to # speed up the sed processing (if there are no `@' at all, there # is no need to browse any of the substitutions). # These are the two extra sed commands mentioned above. (echo ':t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b' && cat $tmp/subs.frag) >$tmp/subs-$ac_sed_frag.sed if test -z "$ac_sed_cmds"; then ac_sed_cmds="sed -f $tmp/subs-$ac_sed_frag.sed" else ac_sed_cmds="$ac_sed_cmds | sed -f $tmp/subs-$ac_sed_frag.sed" fi ac_sed_frag=`expr $ac_sed_frag + 1` ac_beg=$ac_end ac_end=`expr $ac_end + $ac_max_sed_lines` fi done if test -z "$ac_sed_cmds"; then ac_sed_cmds=cat fi fi # test -n "$CONFIG_FILES" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF for ac_file in : $CONFIG_FILES; do test "x$ac_file" = x: && continue # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". case $ac_file in - | *:- | *:-:* ) # input from stdin cat >$tmp/stdin ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; * ) ac_file_in=$ac_file.in ;; esac # Compute @srcdir@, @top_srcdir@, and @INSTALL@ for subdirectories. ac_dir=`(dirname "$ac_file") 2>/dev/null || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` { if $as_mkdir_p; then mkdir -p "$ac_dir" else as_dir="$ac_dir" as_dirs= while test ! -d "$as_dir"; do as_dirs="$as_dir $as_dirs" as_dir=`(dirname "$as_dir") 2>/dev/null || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` done test ! -n "$as_dirs" || mkdir $as_dirs fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} { (exit 1); exit 1; }; }; } ac_builddir=. if test "$ac_dir" != .; then ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` # A "../" for each directory in $ac_dir_suffix. ac_top_builddir=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,../,g'` else ac_dir_suffix= ac_top_builddir= fi case $srcdir in .) # No --srcdir option. We are building in place. ac_srcdir=. if test -z "$ac_top_builddir"; then ac_top_srcdir=. else ac_top_srcdir=`echo $ac_top_builddir | sed 's,/$,,'` fi ;; [\\/]* | ?:[\\/]* ) # Absolute path. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ;; *) # Relative path. ac_srcdir=$ac_top_builddir$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_builddir$srcdir ;; esac # Do not use `cd foo && pwd` to compute absolute paths, because # the directories may not exist. case `pwd` in .) ac_abs_builddir="$ac_dir";; *) case "$ac_dir" in .) ac_abs_builddir=`pwd`;; [\\/]* | ?:[\\/]* ) ac_abs_builddir="$ac_dir";; *) ac_abs_builddir=`pwd`/"$ac_dir";; esac;; esac case $ac_abs_builddir in .) ac_abs_top_builddir=${ac_top_builddir}.;; *) case ${ac_top_builddir}. in .) ac_abs_top_builddir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_top_builddir=${ac_top_builddir}.;; *) ac_abs_top_builddir=$ac_abs_builddir/${ac_top_builddir}.;; esac;; esac case $ac_abs_builddir in .) ac_abs_srcdir=$ac_srcdir;; *) case $ac_srcdir in .) ac_abs_srcdir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_srcdir=$ac_srcdir;; *) ac_abs_srcdir=$ac_abs_builddir/$ac_srcdir;; esac;; esac case $ac_abs_builddir in .) ac_abs_top_srcdir=$ac_top_srcdir;; *) case $ac_top_srcdir in .) ac_abs_top_srcdir=$ac_abs_builddir;; [\\/]* | ?:[\\/]* ) ac_abs_top_srcdir=$ac_top_srcdir;; *) ac_abs_top_srcdir=$ac_abs_builddir/$ac_top_srcdir;; esac;; esac case $INSTALL in [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; *) ac_INSTALL=$ac_top_builddir$INSTALL ;; esac if test x"$ac_file" != x-; then { echo "$as_me:$LINENO: creating $ac_file" >&5 echo "$as_me: creating $ac_file" >&6;} rm -f "$ac_file" fi # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ if test x"$ac_file" = x-; then configure_input= else configure_input="$ac_file. " fi configure_input=$configure_input"Generated from `echo $ac_file_in | sed 's,.*/,,'` by configure." # First look for the input files in the build tree, otherwise in the # src tree. ac_file_inputs=`IFS=: for f in $ac_file_in; do case $f in -) echo $tmp/stdin ;; [\\/$]*) # Absolute (can't be DOS-style, as IFS=:) test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } echo "$f";; *) # Relative if test -f "$f"; then # Build tree echo "$f" elif test -f "$srcdir/$f"; then # Source tree echo "$srcdir/$f" else # /dev/null tree { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } fi;; esac done` || { (exit 1); exit 1; } _ACEOF cat >>$CONFIG_STATUS <<_ACEOF sed "$ac_vpsub $extrasub _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s,@configure_input@,$configure_input,;t t s,@srcdir@,$ac_srcdir,;t t s,@abs_srcdir@,$ac_abs_srcdir,;t t s,@top_srcdir@,$ac_top_srcdir,;t t s,@abs_top_srcdir@,$ac_abs_top_srcdir,;t t s,@builddir@,$ac_builddir,;t t s,@abs_builddir@,$ac_abs_builddir,;t t s,@top_builddir@,$ac_top_builddir,;t t s,@abs_top_builddir@,$ac_abs_top_builddir,;t t s,@INSTALL@,$ac_INSTALL,;t t " $ac_file_inputs | (eval "$ac_sed_cmds") >$tmp/out rm -f $tmp/stdin if test x"$ac_file" != x-; then mv $tmp/out $ac_file else cat $tmp/out rm -f $tmp/out fi done _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF # # CONFIG_HEADER section. # # These sed commands are passed to sed as "A NAME B NAME C VALUE D", where # NAME is the cpp macro being defined and VALUE is the value it is being given. # # ac_d sets the value in "#define NAME VALUE" lines. ac_dA='s,^\([ ]*\)#\([ ]*define[ ][ ]*\)' ac_dB='[ ].*$,\1#\2' ac_dC=' ' ac_dD=',;t' # ac_u turns "#undef NAME" without trailing blanks into "#define NAME VALUE". ac_uA='s,^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' ac_uB='$,\1#\2define\3' ac_uC=' ' ac_uD=',;t' for ac_file in : $CONFIG_HEADERS; do test "x$ac_file" = x: && continue # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". case $ac_file in - | *:- | *:-:* ) # input from stdin cat >$tmp/stdin ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; *:* ) ac_file_in=`echo "$ac_file" | sed 's,[^:]*:,,'` ac_file=`echo "$ac_file" | sed 's,:.*,,'` ;; * ) ac_file_in=$ac_file.in ;; esac test x"$ac_file" != x- && { echo "$as_me:$LINENO: creating $ac_file" >&5 echo "$as_me: creating $ac_file" >&6;} # First look for the input files in the build tree, otherwise in the # src tree. ac_file_inputs=`IFS=: for f in $ac_file_in; do case $f in -) echo $tmp/stdin ;; [\\/$]*) # Absolute (can't be DOS-style, as IFS=:) test -f "$f" || { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } # Do quote $f, to prevent DOS paths from being IFS'd. echo "$f";; *) # Relative if test -f "$f"; then # Build tree echo "$f" elif test -f "$srcdir/$f"; then # Source tree echo "$srcdir/$f" else # /dev/null tree { { echo "$as_me:$LINENO: error: cannot find input file: $f" >&5 echo "$as_me: error: cannot find input file: $f" >&2;} { (exit 1); exit 1; }; } fi;; esac done` || { (exit 1); exit 1; } # Remove the trailing spaces. sed 's/[ ]*$//' $ac_file_inputs >$tmp/in _ACEOF # Transform confdefs.h into two sed scripts, `conftest.defines' and # `conftest.undefs', that substitutes the proper values into # config.h.in to produce config.h. The first handles `#define' # templates, and the second `#undef' templates. # And first: Protect against being on the right side of a sed subst in # config.status. Protect against being in an unquoted here document # in config.status. rm -f conftest.defines conftest.undefs # Using a here document instead of a string reduces the quoting nightmare. # Putting comments in sed scripts is not portable. # # `end' is used to avoid that the second main sed command (meant for # 0-ary CPP macros) applies to n-ary macro definitions. # See the Autoconf documentation for `clear'. cat >confdef2sed.sed <<\_ACEOF s/[\\&,]/\\&/g s,[\\$`],\\&,g t clear : clear s,^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*\)\(([^)]*)\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1\2${ac_dC}\3${ac_dD},gp t end s,^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)$,${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD},gp : end _ACEOF # If some macros were called several times there might be several times # the same #defines, which is useless. Nevertheless, we may not want to # sort them, since we want the *last* AC-DEFINE to be honored. uniq confdefs.h | sed -n -f confdef2sed.sed >conftest.defines sed 's/ac_d/ac_u/g' conftest.defines >conftest.undefs rm -f confdef2sed.sed # This sed command replaces #undef with comments. This is necessary, for # example, in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. cat >>conftest.undefs <<\_ACEOF s,^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*,/* & */, _ACEOF # Break up conftest.defines because some shells have a limit on the size # of here documents, and old seds have small limits too (100 cmds). echo ' # Handle all the #define templates only if necessary.' >>$CONFIG_STATUS echo ' if grep "^[ ]*#[ ]*define" $tmp/in >/dev/null; then' >>$CONFIG_STATUS echo ' # If there are no defines, we may have an empty if/fi' >>$CONFIG_STATUS echo ' :' >>$CONFIG_STATUS rm -f conftest.tail while grep . conftest.defines >/dev/null do # Write a limited-size here document to $tmp/defines.sed. echo ' cat >$tmp/defines.sed <>$CONFIG_STATUS # Speed up: don't consider the non `#define' lines. echo '/^[ ]*#[ ]*define/!b' >>$CONFIG_STATUS # Work around the forget-to-reset-the-flag bug. echo 't clr' >>$CONFIG_STATUS echo ': clr' >>$CONFIG_STATUS sed ${ac_max_here_lines}q conftest.defines >>$CONFIG_STATUS echo 'CEOF sed -f $tmp/defines.sed $tmp/in >$tmp/out rm -f $tmp/in mv $tmp/out $tmp/in ' >>$CONFIG_STATUS sed 1,${ac_max_here_lines}d conftest.defines >conftest.tail rm -f conftest.defines mv conftest.tail conftest.defines done rm -f conftest.defines echo ' fi # grep' >>$CONFIG_STATUS echo >>$CONFIG_STATUS # Break up conftest.undefs because some shells have a limit on the size # of here documents, and old seds have small limits too (100 cmds). echo ' # Handle all the #undef templates' >>$CONFIG_STATUS rm -f conftest.tail while grep . conftest.undefs >/dev/null do # Write a limited-size here document to $tmp/undefs.sed. echo ' cat >$tmp/undefs.sed <>$CONFIG_STATUS # Speed up: don't consider the non `#undef' echo '/^[ ]*#[ ]*undef/!b' >>$CONFIG_STATUS # Work around the forget-to-reset-the-flag bug. echo 't clr' >>$CONFIG_STATUS echo ': clr' >>$CONFIG_STATUS sed ${ac_max_here_lines}q conftest.undefs >>$CONFIG_STATUS echo 'CEOF sed -f $tmp/undefs.sed $tmp/in >$tmp/out rm -f $tmp/in mv $tmp/out $tmp/in ' >>$CONFIG_STATUS sed 1,${ac_max_here_lines}d conftest.undefs >conftest.tail rm -f conftest.undefs mv conftest.tail conftest.undefs done rm -f conftest.undefs cat >>$CONFIG_STATUS <<\_ACEOF # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ if test x"$ac_file" = x-; then echo "/* Generated by configure. */" >$tmp/config.h else echo "/* $ac_file. Generated by configure. */" >$tmp/config.h fi cat $tmp/in >>$tmp/config.h rm -f $tmp/in if test x"$ac_file" != x-; then if diff $ac_file $tmp/config.h >/dev/null 2>&1; then { echo "$as_me:$LINENO: $ac_file is unchanged" >&5 echo "$as_me: $ac_file is unchanged" >&6;} else ac_dir=`(dirname "$ac_file") 2>/dev/null || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` { if $as_mkdir_p; then mkdir -p "$ac_dir" else as_dir="$ac_dir" as_dirs= while test ! -d "$as_dir"; do as_dirs="$as_dir $as_dirs" as_dir=`(dirname "$as_dir") 2>/dev/null || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| \ . : '\(.\)' 2>/dev/null || echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/; q; } /^X\(\/\/\)[^/].*/{ s//\1/; q; } /^X\(\/\/\)$/{ s//\1/; q; } /^X\(\/\).*/{ s//\1/; q; } s/.*/./; q'` done test ! -n "$as_dirs" || mkdir $as_dirs fi || { { echo "$as_me:$LINENO: error: cannot create directory \"$ac_dir\"" >&5 echo "$as_me: error: cannot create directory \"$ac_dir\"" >&2;} { (exit 1); exit 1; }; }; } rm -f $ac_file mv $tmp/config.h $ac_file fi else cat $tmp/config.h rm -f $tmp/config.h fi done _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF { (exit 0); exit 0; } _ACEOF chmod +x $CONFIG_STATUS ac_clean_files=$ac_clean_files_save # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open # by configure, so config.status won't be able to write to it; its # output is simply discarded. So we exec the FD to /dev/null, # effectively closing config.log, so it can be properly (re)opened and # appended to by config.status. When coming back to configure, we # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: ac_config_status_args= test "$silent" = yes && ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. $ac_cs_success || { (exit 1); exit 1; } fi if test "$verbose" = yes ; then echo "" echo "===== configuration summary =====" echo "" echo "compilation options :" echo " compiler flags : $CFLAGS" echo " preprocessor flags : $CPPFLAGS" echo " linker flags : $LDFLAGS" echo " libraries : $LIBS" echo " additional libs : $LIB_CRYPT $LIB_REGEX $LIB_WRAP $LIB_LDAP $LIB_SSL" echo "" echo "options / features :" echo " ctags usage : $enable_ctags" echo " so-linger option : $enable_so_linger" echo " rfc1579, FW-FTP : $enable_rfc1579" echo " rfc2428, IPv6 : $enable_rfc2428" echo " /proc module : $enable_proc_mods" echo "" echo " regex support : $with_regex" echo " tcp-wrapper : $with_libwrap" echo " ldap support : $with_libldap" echo " crypt support : $with_crypt" echo " ssl support : $with_ssl" echo "" fi if test "$devel_only" != no ; then echo "" echo "*** developement-only options are enabled ***" echo "*** !! do not use this build in production !! ***" echo "" fi ############################################################ # $Log: configure.in,v $ # Revision 1.10.2.2 2005/01/10 11:35:01 mt # added sys/param.h to AC_CHECK_HEADERS # # Revision 1.10.2.1 2003/05/07 11:16:02 mt # fixed ldap and crypt library checks # moved defines from CFLAGS to CPPFLAGS # added OpenBSD pf-nat header checks # # Revision 1.10 2002/05/02 12:28:08 mt # added --with-crypt option for crypted passwords # # Revision 1.9.2.1 2002/04/04 09:53:50 mt # added large file support option # improved checks for common functions # # Revision 1.9 2002/01/14 19:46:58 mt # improved checks for enable/with options # added netfilter, BSD ipf/ipnat header checks # # Revision 1.8 2001/11/06 23:04:43 mt # applied / merged with transparent proxy patches v8 # see ftp-proxy/NEWS for more detailed release news # # Revision 1.7 1999/10/19 11:19:03 wiegand # added -static as option for GCC # # Revision 1.6 1999/09/23 08:06:56 wiegand # code cleanup, added installation target # # Revision 1.5 1999/09/20 05:45:12 wiegand # added support for man pages # # Revision 1.4 1999/09/17 16:32:29 wiegand # changes from source code review # added POSIX regular expressions # # Revision 1.3 1999/09/15 14:08:03 wiegand # added doc directory to SUBDIRS # # Revision 1.2 1999/09/15 13:20:35 wiegand # new structure: with subdirectories # ############################################################ proxy-suite-1.9.2.4/configure.in0000644000000000000000000004257210170464145016460 0ustar rootroot00000000000000############################################################ # # $Id: configure.in,v 1.10.2.2 2005/01/10 11:35:01 mt Exp $ # # Configuration template file (for use with GNU AutoConf) # # Author(s): Jens-Gero Boehm # Pieter Hollants # Marius Tomaschewski # Volker Wiegand # # This file is part of the SuSE Proxy Suite # See also http://proxy-suite.suse.de/ # # This file is an input file used by the GNU "autoconf" program # to generate the file "configure", which is run during package # installation to configure the system for the local environment. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version # 2 of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the # Free Software Foundation, Inc., 59 Temple Place - Suite 330, # Boston, MA 02111-1307, USA. # # A history log can be found at the end of this file. # AC_INIT(common/com-syslog.c) AC_CONFIG_HEADER(config.h) if test "${prefix}" = "NONE"; then prefix=/usr/local fi if test "${exec_prefix}" = "NONE"; then exec_prefix=$prefix fi # Hmmm, the following is a bit of a kludge ... #if test "${sysconfdir}" = "\${prefix}/etc"; then # sysconfdir=$prefix/etc/proxy-suite #fi #if test "${mandir}" = "\${prefix}/man"; then # mandir=$prefix/man #fi #if test "${sbindir}" = "\${exec_prefix}/sbin"; then # sbindir=$exec_prefix/sbin #fi ############################################################ # setup compiler and machine dependent stuff ############################################################ AC_PROG_CC AC_PROG_INSTALL AC_PROG_MAKE_SET AC_PROG_RANLIB AC_PATH_PROG(AR, ar, ar) AC_PATH_PROG(RM, rm, rm) AC_AIX AC_ISC_POSIX AC_SYS_LARGEFILE AC_C_INLINE AC_C_CONST AC_CANONICAL_HOST AC_DEFINE_UNQUOTED(HOSTTYPE, "$host") # # set some known host-specific settings/defaults # case "$host" in *-*-hpux*) if test -z "$GCC"; then CFLAGS="$CFLAGS -Ae" CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE" fi ;; *-ibm-aix*) if test -z "$GCC"; then CFLAGS="$CFLAGS -qlanglvl=ansi" fi ;; *-*-linux*) ;; *) ;; esac # ****************************************************** # devel_only will be set to "yes" if developemenet only # options or not full implemented features are used # ****************************************************** devel_only=no AC_MSG_CHECKING([whether to enable compiler warnings]) AC_ARG_ENABLE(warnings, [ --enable-warnings enable compiler warnings [default=yes]]) if test "$enable_warnings" != no ; then case "$CC" in gcc) AC_MSG_RESULT(-W -Wall) CFLAGS="$CFLAGS -W -Wall" CPPFLAGS="$CPPFLAGS -Dlint" ;; *) AC_MSG_RESULT(n/a) enable_warnings="n/a" ;; esac else enable_warnings="no" AC_MSG_RESULT(no) fi AC_MSG_CHECKING([whether to enable static linkage]) AC_ARG_ENABLE(static, [ --enable-static enable static linkage [default=no ]]) if test "$enable_static" = yes ; then if test -n "$GCC" && test "$GCC" = yes ; then AC_MSG_RESULT(-static) LDFLAGS="$LDFLAGS -static" else AC_MSG_RESULT(n/a) enable_static="n/a" fi else enable_static="no" AC_MSG_RESULT(no) fi AC_MSG_CHECKING(whether to enable debugging output) AC_ARG_ENABLE(debug, [ --enable-debug enable generation of debugging output [default=no ]]) if test "$enable_debug" = yes ; then AC_MSG_RESULT(yes) CPPFLAGS="$CPPFLAGS -DCOMPILE_DEBUG" devel_only="yes" else enable_debug="no" AC_MSG_RESULT(no) fi AC_MSG_CHECKING(whether to generate (c)tags files) AC_ARG_ENABLE(ctags, [ --enable-ctags generate (c)tags files [default=no ]]) if test "$enable_ctags" = yes ; then AC_MSG_RESULT(yes) AC_CHECK_PROGS(CTAGS, gnuctags ctags) if test -n "$CTAGS"; then test "$CTAGS" = gnutags && CTAG_OPTS="-w" else AC_MSG_ERROR(unable to find a ctags tool) fi else enable_ctags="no" AC_MSG_RESULT(no) fi # allow overrige the default ctags file name test -n "$TAGS" || TAGS=tags ############################################################ # check for header files ############################################################ AC_CHECK_PROGS(SGML2HTML, sgml2html) AC_CHECK_PROGS(SGML2LATEX, sgml2latex) AC_CHECK_PROGS(PS2PDF, ps2pdf) ############################################################ # check for header files ############################################################ AC_HEADER_STDC AC_CHECK_HEADERS(unistd.h) AC_CHECK_HEADERS(memory.h) AC_CHECK_HEADERS(syslog.h) AC_MSG_CHECKING(whether sys/syslog.h is needed) AC_TRY_COMPILE([#include ], [ int level = LOG_KERN; ], AC_MSG_RESULT(no), AC_MSG_RESULT(yes) AC_DEFINE(NEED_SYS_SYSLOG_H) ) AC_HEADER_TIME AC_CHECK_HEADERS(sys/time.h sys/select.h fcntl.h sys/fcntl.h) AC_CHECK_HEADERS(sys/filio.h sys/param.h sys/conf.h sys/sockio.h) AC_CHECK_HEADERS(paths.h stropts.h) AC_CHECK_HEADERS(net/if.h net/pfvar.h netinet/in_systm.h) AC_CHECK_HEADERS(netinet/ip.h netinet/ip_fil.h netinet/ip_nat.h) AC_CHECK_HEADERS(netinet/ip_compat.h netinet/ip_fil_compat.h) AC_CHECK_HEADERS(linux/netfilter_ipv4.h) AC_HEADER_SYS_WAIT ############################################################ # check for specific functions ############################################################ AC_FUNC_WAIT3 AC_CHECK_FUNCS(waitpid) AC_CHECK_FUNCS(setsid) AC_CHECK_FUNCS(snprintf) AC_CHECK_FUNCS(vsnprintf) dnl AC_CHECK_FUNCS(getdomainname) ############################################################ # check for types to be defined ############################################################ AC_TYPE_MODE_T AC_TYPE_PID_T AC_TYPE_SIZE_T AC_TYPE_UID_T AC_TYPE_SIGNAL AC_CHECK_TYPE(u_int16_t, unsigned short) AC_CHECK_TYPE(u_int32_t, unsigned int) ############################################################ # check for libraries to scan ############################################################ #AC_CHECK_LIB(compat, main) AC_CHECK_LIB(socket, connect) AC_CHECK_FUNC(gethostbyname,,[ AC_CHECK_LIB(nsl, gethostbyname,,[ AC_CHECK_LIB(resolv, gethostbyname)])]) AC_CHECK_FUNC(inet_aton,,[ AC_CHECK_LIB(nsl, inet_aton,,[ AC_CHECK_LIB(resolv, inet_aton)])]) ############################################################ # check whether to enable /proc modules ############################################################ AC_MSG_CHECKING(whether to enable Linux /proc diagnostic module) AC_ARG_ENABLE(proc-mods, [ --enable-proc-mods enable Linux /proc module [default=n/a]]) PROC_FTP="" if test "$enable_proc_mods" = yes ; then case "$host" in *-*-linux*) AC_MSG_RESULT(yes) PROC_FTP="proc_ftp.o" AC_MSG_WARN(*** linux /proc module is not complete yet) devel_only=yes ;; *) AC_MSG_RESULT(n/a) AC_MSG_ERROR(/proc module not avaliable on $host) ;; esac else enable_proc_mods="no" AC_MSG_RESULT(no) fi ############################################################ # check whether to enable RFC 1579 handling ############################################################ AC_MSG_CHECKING(whether to enable RFC 1579 FW-FTP extensions) AC_ARG_ENABLE(rfc1579, [ --enable-rfc1579 enable RFC 1579 FW-FTP extensions [default=n/a]]) if test "$enable_rfc1579" = yes ; then AC_MSG_RESULT(yes) AC_DEFINE(ENABLE_RFC1579) AC_MSG_WARN(*** RFC 1579 FW-FTP extensions are not complete yet) devel_only=yes else enable_rfc1579="no" AC_MSG_RESULT(no) fi ############################################################ # check whether to enable RFC 2428 handling ############################################################ AC_MSG_CHECKING(whether to enable RFC 2428 IPv6 extensions) AC_ARG_ENABLE(rfc2428, [ --enable-rfc2428 enable RFC 2428 IPv6 extensions [default=n/a]]) if test "$enable_rfc2428" = yes ; then AC_MSG_RESULT(yes) AC_DEFINE(ENABLE_RFC2428) AC_MSG_WARN(*** RFC 1579 IPv6 extensions are not complete yet) devel_only=yes else enable_rfc2428="no" AC_MSG_RESULT(no) fi ############################################################ # check whether to enable SO_LINGER ############################################################ AC_MSG_CHECKING(whether to enable SO_LINGER socket options) AC_ARG_ENABLE(so-linger, [ --enable-so-linger enable SO_LINGER socket option [default=no ]]) if test "$enable_so_linger" = yes ; then AC_MSG_RESULT(yes) AC_DEFINE(ENABLE_SO_LINGER) else enable_so_linger="no" AC_MSG_RESULT(no) fi ############################################################ # check whether to compile in POSIX RegEx support ############################################################ AC_MSG_CHECKING(whether to use regular expressions) AC_ARG_WITH(regex, [ --with-regex[=PATH] compile in RegEx support [default=yes]]) case "$with_regex" in no) AC_MSG_RESULT(no) ;; yes|"") AC_MSG_RESULT(yes) AC_CHECK_FUNC(regcomp, [ AC_DEFINE(HAVE_REGEX) with_regex="yes" ], [ AC_CHECK_LIB(regex, regcomp, [ LIB_REGEX="-lregex" AC_DEFINE(HAVE_REGEX) with_regex="yes" ], [ # fail if explicitely requested.... if test "$with_regex" = yes ; then AC_MSG_ERROR(unable to find regex support) fi with_regex="no" ]) ]) ;; *) AC_MSG_RESULT(yes) AC_DEFINE(HAVE_REGEX) if test -d "$withval"; then LIB_REGEX="-L$withval -lregex" else LIB_REGEX="$withval" fi OLDLIBS="$LIBS" LIBS="$LIB_REGEX $LIBS" AC_TRY_LINK([], [ regcomp(); ],, [ AC_MSG_ERROR(unable to find libregex) ] ) LIBS="$OLDLIBS" ;; esac ############################################################ # check whether to compile in TCP Wrapper support ############################################################ AC_MSG_CHECKING(whether to use libwrap TCP wrapper) AC_ARG_WITH(libwrap, [ --with-libwrap[=PATH] compile in TCP wrapper support [default=yes]]) case "$with_libwrap" in no) AC_MSG_RESULT(no) ;; yes|"") AC_MSG_RESULT(yes) AC_CHECK_LIB(wrap, request_init, [ LIB_WRAP="-lwrap" AC_DEFINE(HAVE_LIBWRAP) ] ) # fail if explicitely requested if test "$with_libwrap" = yes ; then test "$ac_cv_func_regcomp" != yes && \ AC_MSG_ERROR(unable to find tcp wrapper support) fi with_libwrap="yes" ;; *) AC_MSG_RESULT(yes) AC_DEFINE(HAVE_LIBWRAP) if test -d "$withval"; then LIB_WRAP="-L$withval -lwrap" else LIB_WRAP="$withval" fi OLDLIBS="$LIBS" LIBS="$LIB_WRAP $LIBS" AC_TRY_LINK([ int allow_severity; int deny_severity; ], [ hosts_access(); ], [], [ AC_MSG_ERROR(unable to find libwrap) ] ) LIBS="$OLDLIBS" ;; esac ############################################################ # check whether to compile in LDAP support ############################################################ AC_MSG_CHECKING(whether to use LDAP support) AC_ARG_WITH(libldap, [ --with-libldap[=PATH] compile in LDAP support [default=no ]]) case "$with_libldap" in no|"") AC_MSG_RESULT(no) with_libldap="no" ;; yes) AC_MSG_RESULT(yes) # check ldap and lber libs AC_CHECK_LIB(ldap, ber_init, [ LIB_LDAP="-lldap" AC_DEFINE(HAVE_LIBLDAP) with_libldap="yes" ], [ AC_CHECK_LIB(lber, ber_init, [ LIB_LDAP="-lldap -llber" AC_DEFINE(HAVE_LIBLDAP) with_libldap="yes" ], [ AC_MSG_ERROR(unable to find ldap support) ]) ]) # check some ldap features OLDLIBS="$LIBS" LIBS="$LIB_LDAP $OLDLIBS" AC_CHECK_FUNCS(ldap_set_option ldap_get_option ldap_get_lderrno) LIBS="$OLDLIBS" ;; *) AC_MSG_RESULT(yes) if test -d "$withval"; then LIB_LDAP="-L$withval -lldap" else LIB_LDAP="$withval" fi OLDLIBS="$LIBS" LIBS="$LIB_LDAP $OLDLIBS" AC_MSG_CHECKING([for ber_init in $LIB_LDAP]) AC_TRY_LINK([void* ber_init(void *); ], [ ber_init(0); ], [ AC_MSG_RESULT(yes) AC_DEFINE(HAVE_LIBLDAP) with_libldap="yes" ], [ AC_MSG_RESULT(no) LIB_LDAP="$LIB_LDAP -llber" LIBS="$LIB_LDAP $OLDLIBS" AC_MSG_CHECKING([for ber_init in $LIB_LDAP]) AC_TRY_LINK([void* ber_init(void *); ], [ ber_init(0); ], [ AC_MSG_RESULT(yes) AC_DEFINE(HAVE_LIBLDAP) with_libldap="yes" ], [ AC_MSG_RESULT(no) AC_MSG_ERROR(Could not find libldap) ]) ]) # check more ldap features AC_CHECK_FUNCS(ldap_set_option ldap_get_option ldap_get_lderrno) LIBS="$OLDLIBS" ;; esac ############################################################ # check whether to compile in crypt support ############################################################ if test x$with_libldap = xyes ; then AC_MSG_CHECKING(whether to use crypt passwd support) AC_ARG_WITH(crypt, [ --with-crypt[=PATH] compile in crypt support [default=no ]]) case "$with_crypt" in no) AC_MSG_RESULT(no) ;; yes|"") AC_MSG_RESULT(yes) AC_CHECK_FUNC(crypt, [ AC_DEFINE(HAVE_CRYPT) with_crypt="yes" ], [ AC_CHECK_LIB(crypt, crypt, [ LIB_CRYPT="-lcrypt" AC_DEFINE(HAVE_CRYPT) with_crypt="yes" ], [ # fail if explicitely requested.... if test "$with_crypt" = yes ; then AC_MSG_ERROR(unable to find crypt support) fi ]) ]) ;; *) AC_MSG_RESULT(yes) if test -d "$withval"; then LIB_CRYPT="-L$withval -lcrypt" else LIB_CRYPT="$withval" fi OLDLIBS="$LIBS" LIBS="$LIB_CRYPT $LIBS" AC_TRY_LINK([char *crypt(char *, char *); ], [ crypt("", ""); ], [ AC_DEFINE(HAVE_CRYPT) with_crypt="yes" ], [ AC_MSG_ERROR(unable to find libcrypt) ]) LIBS="$OLDLIBS" ;; esac else with_crypt="no" fi # ############################################################ # check whether to compile in SSL support ############################################################ AC_MSG_CHECKING(whether to use SSL (sftp) support) AC_ARG_WITH(ssl, [ --with-ssl[=PATH] compile in SSL (sftp) support [default=n/a]]) if test "$with_ssl" = yes ; then AC_MSG_RESULT(yes) AC_DEFINE(ENABLE_SSL) AC_MSG_WARN(*** SSL support (sftp) is not complete yet) devel_only=yes else with_ssl="no" AC_MSG_RESULT(no) fi # ############################################################ # resolve some paths (needed i.e. for manual pages) ############################################################ eval SBINDIR=${sbindir} eval SYSCONFDIR=${sysconfdir} ############################################################ # Done, now generate the output files ############################################################ AC_SUBST(CC) AC_SUBST(OPT) AC_SUBST(DEFS) AC_SUBST(CFLAGS) AC_SUBST(CPPFLAGS) AC_SUBST(LDFLAGS) AC_SUBST(TAGS) AC_SUBST(CTAGS) AC_SUBST(CTAGS_OPTS) AC_SUBST(LIB_CRYPT) AC_SUBST(LIB_REGEX) AC_SUBST(LIB_WRAP) AC_SUBST(LIB_LDAP) AC_SUBST(PROC_FTP) AC_SUBST(BINDIR) AC_SUBST(SBINDIR) AC_SUBST(SYSCONFDIR) AC_OUTPUT( Makefile \ doc/Makefile \ common/Makefile \ ftp-proxy/Makefile \ ftp-proxy/ftp-proxy.conf.5 \ ftp-proxy/ftp-proxy.8 \ ftp-proxy/rc.script \ ) if test "$verbose" = yes ; then echo "" echo "===== configuration summary =====" echo "" echo "compilation options :" echo " compiler flags : $CFLAGS" echo " preprocessor flags : $CPPFLAGS" echo " linker flags : $LDFLAGS" echo " libraries : $LIBS" echo " additional libs : $LIB_CRYPT $LIB_REGEX $LIB_WRAP $LIB_LDAP $LIB_SSL" echo "" echo "options / features :" echo " ctags usage : $enable_ctags" echo " so-linger option : $enable_so_linger" echo " rfc1579, FW-FTP : $enable_rfc1579" echo " rfc2428, IPv6 : $enable_rfc2428" echo " /proc module : $enable_proc_mods" echo "" echo " regex support : $with_regex" echo " tcp-wrapper : $with_libwrap" echo " ldap support : $with_libldap" echo " crypt support : $with_crypt" echo " ssl support : $with_ssl" echo "" fi if test "$devel_only" != no ; then echo "" echo "*** developement-only options are enabled ***" echo "*** !! do not use this build in production !! ***" echo "" fi ############################################################ # $Log: configure.in,v $ # Revision 1.10.2.2 2005/01/10 11:35:01 mt # added sys/param.h to AC_CHECK_HEADERS # # Revision 1.10.2.1 2003/05/07 11:16:02 mt # fixed ldap and crypt library checks # moved defines from CFLAGS to CPPFLAGS # added OpenBSD pf-nat header checks # # Revision 1.10 2002/05/02 12:28:08 mt # added --with-crypt option for crypted passwords # # Revision 1.9.2.1 2002/04/04 09:53:50 mt # added large file support option # improved checks for common functions # # Revision 1.9 2002/01/14 19:46:58 mt # improved checks for enable/with options # added netfilter, BSD ipf/ipnat header checks # # Revision 1.8 2001/11/06 23:04:43 mt # applied / merged with transparent proxy patches v8 # see ftp-proxy/NEWS for more detailed release news # # Revision 1.7 1999/10/19 11:19:03 wiegand # added -static as option for GCC # # Revision 1.6 1999/09/23 08:06:56 wiegand # code cleanup, added installation target # # Revision 1.5 1999/09/20 05:45:12 wiegand # added support for man pages # # Revision 1.4 1999/09/17 16:32:29 wiegand # changes from source code review # added POSIX regular expressions # # Revision 1.3 1999/09/15 14:08:03 wiegand # added doc directory to SUBDIRS # # Revision 1.2 1999/09/15 13:20:35 wiegand # new structure: with subdirectories # ############################################################ proxy-suite-1.9.2.4/doc/0000755000000000000000000000000010170747407014707 5ustar rootroot00000000000000proxy-suite-1.9.2.4/doc/Makefile.in0000644000000000000000000000730107464234462016761 0ustar rootroot00000000000000# # $Id: Makefile.in,v 1.5 2002/05/02 13:03:46 mt Exp $ # # Makefile (Template) for SuSE Proxy Suite -- Documentation # # Please do NOT edit this file if its name is just Makefile. # Instead, edit Makefile.in and run "../configure [options]". # # Generates HTML and Postscript from SGML source. # Requires sgmltools 1.0.x (1.1.x and 2.x will NOT work!). # # Author(s): Jens-Gero Boehm # Pieter Hollants # Marius Tomaschewski # Volker Wiegand # # This file is part of the SuSE Proxy Suite # See also http://proxy-suite.suse.de/ # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version # 2 of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the # Free Software Foundation, Inc., 59 Temple Place - Suite 330, # Boston, MA 02111-1307, USA. # # A history log can be found at the end of this file. # SHELL= /bin/sh prefix= @prefix@ datadir= @datadir@ docdir?= $(datadir)/doc/proxy-suite PS2PDF= @PS2PDF@ SGML2HTML= @SGML2HTML@ SGML2LATEX= @SGML2LATEX@ INSTALL= @INSTALL@ INSTALL_DATA= @INSTALL_DATA@ ############################################################ FTP_SGML= src/ftp-proxy.sgml FTP_HTML= ftp-proxy.html FTP_PDF= ftp-proxy.pdf FTP_PS= ftp-proxy.ps ############################################################ all: ps pdf html ps: $(FTP_PS) pdf: $(FTP_PDF) html: $(FTP_HTML) $(FTP_PS): $(FTP_SGML) @if [ -n "$(SGML2LATEX)" ] ; then \ $(SGML2LATEX) --output=ps $< ; \ else echo "$@: SGML2LATEX not avaliable" ; \ fi $(FTP_PDF): $(FTP_PS) @if [ -n "$(PS2PDF)" ] && [ -f "$<" ] ; then \ $(PS2PDF) $< $@ ; \ else echo "$@: PS2PDF not avaliable" ; \ fi $(FTP_HTML): $(FTP_SGML) @if [ -n "$(SGML2HTML)" ] ; then \ $(SGML2HTML) $< ; \ else echo "$@: SGML2HTML not avaliable" ; \ fi ############################################################ install: install.doc: install.ps install.pdf install.html install.ps: $(FTP_PS) @test -d $(INST_ROOT)$(docdir) || \ $(INSTALL) -d $(INST_ROOT)$(docdir) $(INSTALL_DATA) $(FTP_PS) $(INST_ROOT)$(docdir)/ install.pdf: $(FTP_PDF) @test -d $(INST_ROOT)$(docdir) || \ $(INSTALL) -d $(INST_ROOT)$(docdir) $(INSTALL_DATA) $(FTP_PDF) $(INST_ROOT)$(docdir)/ install.html: $(FTP_HTML) @test -d $(INST_ROOT)/$(docdir) || \ $(INSTALL) -d $(INST_ROOT)$(docdir) $(INSTALL_DATA) *.html $(INST_ROOT)$(docdir)/ ############################################################ clean: distclean: clean rm -f Makefile realclean: distclean rm -f *.html *.ps *.pdf ############################################################ # $Log: Makefile.in,v $ # Revision 1.5 2002/05/02 13:03:46 mt # merged with v1.8.2.2 # # Revision 1.4.2.1 2002/01/27 21:20:38 mt # fixed Makefiles to use INST_ROOT, added install.doc targets # # Revision 1.4 2002/01/14 18:35:18 mt # changed to (re-)build only build-platform supported formats # added PDF generation, added optional install.doc target(s) # # Revision 1.3 1999/09/23 08:10:01 wiegand # delete Makefile on distclean, not only realclean # added (empty) install target # # Revision 1.2 1999/09/21 08:00:59 wiegand # checked in with new directory structure # ############################################################ proxy-suite-1.9.2.4/doc/ftp-proxy-1.html0000644000000000000000000001006110170747373017703 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Introduction Next Previous Contents

1. Introduction

*** Note: this document is work in progress and by no means complete. It is included just for the sake of "Release early and often." ***

FTP-Proxy is a transparent, application-level proxy server for FTP connections, designed to protect FTP servers against attacks based on the FTP protocol.

Due to the dual TCP connection nature of the FTP protocol, special handling is required to allow secure transfers. Data connections are usually opened by the FTP server (the FTP protocol specification calls this "active" transfers) or optionally by the FTP client ("passive" transfers). The data ports to be used are determined dynamically and announced as part of the protocol. This makes it very difficult for static packet filters to handle FTP correctly.

Most routers and firewalls know about this procedure when NAT is performed. E.g. Linux provides a special kernel module for FTP (and other protocols). However such code usually only works in "outbound" direction, allowing FTP access from the inner network to FTP servers on the outer network, but not in the other direction.

This is a design restriction: TCP/IP packets originating from the inner network can be marked with special information that allows for correct routing of response packets from the outer network. For instance, if a WWW client on host 192.168.168.27 on your internal network requests a web page from Web server 194.112.123.200, the router maintains internal information when it rewrites the headers of the request packets. If a response packet arrives (with a "From" address of 194.112.123.200), the router is then able to replace the public IP address in the "To" field with the private IP address of the appropriate client, in this case 192.168.168.27.

Of course, if a connection originates from the outer network, the router does not have this additional information and it can't forward incoming IP packets since it has no idea which host on the inner network is to be addressed. One solution could be to enable port forwarding on the router (if supported), so that FTP clients on the outer network could connect to port X on the router to reach server Y on the inner network, however this fails because of the restrictions in the FTP protocol outlined above.

A proxy server is an elegant way to circumvent these restrictions, but there are other benefits of using FTP-Proxy as well:

  • Simple forwarding of all traffic destined for the inner FTP server leaves that server nearly as vulnerable as if it had a "direct" connection to the outer network (without the firewall in front of it). In that case the FTP server would still be open to Denial-of-Service and similar attacks on the IP level. As FTP-Proxy runs on the application level, it doesn't forward the original IP packets but only maintains the information within. For instance, a packet containing not only a valid FTP command but also information to exploit an FTP server's bugs will never reach the server because only the FTP command itself is forwarded, within a completely new IP packet. Of course, FTP-Proxy could be subject to an attack itself. However, FTP-Proxy is much less complex than any current FTP server, has been designed with great care and performs chroot(), setuid() and setgid() to avoid such vulnerability.

  • Using a circuit-level proxy server like SOCKS requires that all FTP clients support SOCKS. This seems to be too restrictive. FTP-Proxy, on the other hand, is completely transparent to FTP clients because it is fully RFC 959 compliant.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-10.html0000644000000000000000000000257710170747373020000 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Copyright and License Next Previous Contents

10. Copyright and License

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the

Free Software Foundation, Inc. 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-11.html0000644000000000000000000000336510170747373017775 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Authors Next Previous Contents

11. Authors

FTP-Proxy is part of the SuSE Proxy-Suite project and was written by

Volker Wiegand (programming, wiegand@suse.de),

Jens-Gero Boehm (project management, Jens-Gero.Boehm@suse.de),

Pieter Hollants (documentation, Pieter.Hollants@suse.de), and

Marius Tomaschewski (maintainance, programming, mt@suse.de).

A Mailing List has been installed for the discussion of SuSE Proxy-Suite. To subscribe, send an empty E-Mail to proxy-suite-subscribe@suse.com.

We have also installed an announcement mailing list. Here you will be informed about updates and other major issues. To subscribe, send an empty E-Mail to proxy-suite-announce-subscribe@suse.com.

Last but not least you may send bug reports to the following address: proxy-suite-bugs@suse.com.

Please visit the SuSE Proxy-Suite Homepage at http://proxy-suite.suse.de/.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-2.html0000644000000000000000000001611610170747373017713 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Installation Next Previous Contents

2. Installation

The following discussion assumes that you have obtained the tarball distribution and want to compile and install the FTP-Proxy package from ground up. Let's assume you have received a file named proxy-suite-x.y.tar.gz, where 'x' is the major and 'y' is the minor version number.

  1. Decide where to install and compile the source code. Say you want to install it in /usr/src/proxy-suite-x.y. Then do the following to unpack the source (assuming the tarball is available in the current directory when calling gunzip): 
    cd /usr/src
gunzip -c proxy-suite-x.y.tar.gz | tar xvf -
    If you do not have a copy of GZIP, look at the GNU archive or one of its numerous mirrors. It's free.

  2. After unpacking the source you need to run the configure shell script which performs the customization for you operating system and local environment. This script is based upon the GNU AutoConf package. Change your current directory to be the root of the Proxy-Suite: 
    cd proxy-suite-x.y
    The configure script understands a number of options which control the customization process. To see a complete list of all options simply run: 
    ./configure --help
    The following options are most likely to be involved: 
    --prefix=<directory>
    This is the root directory for the installation. If none of the other directory related directives further down is also given, all files will be installed in subdirectories under this one. The default is /usr/local/proxy-suite/. 
    --exec-prefix=<directory>
    A second top level installation directory, this one is used as the basis for all executables. Defaults to the same as PREFIX. 
    --mandir=<directory>
    The FTP-Proxy comes with two manual pages: ftp-proxy(8) for the program and ftp-proxy.conf(5) for the configuration file format. These will be installed under the man5 and man8 subdirectories of the given one, or under PREFIX/man if not specified. 
    --sbindir=<directory>
    The next directory specifies the location where the ftp-proxy executable itself will be installed. The default is EXEC-PREFIX/sbin if this option does not request otherwise. 
    --sysconfdir=<directory>
    The last directory related option (others may be given, but have no effect) deals with the proxy-suite/ftp-proxy.conf configuration file. Again there is a default if the option is not provided, PREFIX/etc. Please note that the location of the config file can be selected at run time with the -f flag, but if the file is installed at the default location, this flag is redundant. 
    --enable-debug
    This option allows the generation of debugging output and is mainly included for evaluation (and development) purposes. It is recommended not to specify this option for deployment of the FTP-Proxy into production environments. 
    --enable-warnings
    If compiling with the GNU GCC compiler, this flag increases the warning level. This is useful to detect programming errors or incompatibilities with the target platform. Our recommendation is to enable it anyway. 
    --enable-so-linger
    It is strongly recommended to enable this option for all systems. Only if the target does have problems with SO_LINGER handling, it should be disabled. 
    --with-regex[=PATH]
    This option is mainly needed to provide the location of the POSIX 1002.3 regular expression library if it is not included in the standard C library. Regular expressions are used to scan the arguments of the various FTP commands received from clients. If your system does not include the required support, you can download the latest version from the GNU archive. Again, it's free. GNU RegEx is known to work with FTP-Proxy. If the option is not given, regular expression support is not installed at all and arguments will not be investigated any further. 
    --with-libwrap[=PATH]
    If running as a standalone background daemon, FTP-Proxy can be instructed to make use of the TCP Wrapper library. If this is compiled in and enabled in the configuration file, the /etc/hosts.allow and /etc/hosts.deny files will be consulted to decide if a client will be served. 
    --with-libldap[=PATH]
    If you want to supply the user specific configuration values (not the basic ones) via an LDAP directory, compile in LDAP support. The configure script can determine without further manual intervention whether to use the OpenLDAP, the University of Michigan or the Netscape version of the API. OpenLDAP is the preferred API. 
    --with-crypt[=PATH]
    This option enables support for crypted passwords in user authentication (curently ldap based only). See also the LDAPAuthPWType configuration file option.
  3. After configure has completed successfully, it is now time to run make (GNU make). It will read the Makefile generated by configure in the previous step and perform the compilation process. The program should not display any warnings or errors.

  4. When the executables have been generated, a final call to make install will copy the FTP-Proxy files into their appropriate places. Usually root privileges are required in order to install the files in their proper places.

  5. Currently, you'll have to modify your system manually so that ftp-proxy is run at system bootup or from inetd (depending on which mode you choose in the configuration file or command line). We provide an sample run level script rc.script for (SuSE) Linux; see also description in rc.script.txt.

  6. The last step is the configuration of the installed FTP-Proxy; see following Configuration section.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-3.html0000644000000000000000000000465210170747373017716 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Configuration Next Previous Contents

3. Configuration

The following section describes the fundamental configuration of the FTP-Proxy. It assumes, that you have successfully compiled and installed the FTP-Proxy.

The proxy uses a configuration file ftp-proxy.conf you have to edit before the proxy can be used - it is needed to configure at least the variables described in this section. For a complete list of valid configuration options consult the ftp-proxy.conf(5) manual page and the sample configuration file ftp-proxy.conf.sample file which comes with the distribution.

First, you have to choose, if you wand to start the proxy as a stand-alone daemon or via "(x)inetd" super daemon using the ServerType configuration option (or the start arguments). If nothing specified, "inetd" mode is assumed. See also section Local System Security. In stand-alone daemon mode, the proxy defaults to listen on the FTP port 21 and all interfaces. You can override this using the Port and Listen configuration options.

The next step you have to do, is to choose, if the Proxy should run in "inbound" or in "outbound" mode. See the section Inbound and Outbound FTP Traffic.

Now, the proxy should be able to run and serve the client requests. The proxy follows the FTP transfer mode the client has choosed.

You can override this behaviour setting the option DestinationTransferMode to either active or passive instead of the default client, and the proxy will be forced to use the specified FTP transfer mode for all transfers it does between the proxy and the ftp server. Most common usage is to force the proxy to use passive transfers only.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-4.html0000644000000000000000000000516410170747373017716 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Local System Security Next Previous Contents

4. Local System Security

FTP-Proxy comes with several configuration features that help to increase local system security, namely ServerRoot, User and Group.

The way FTP-Proxy is being called needs to be considered. One possible way is via the system's inetd (or xinetd) Internet Super Daemon. In this case FTP-Proxy will not fork or become a daemon. It will serve the client and terminate itself after delivery. When configuring (x)inetd to include the ftp-proxy executable, ServerRoot (chroot) should be used. The User and Group need not be given if they are specified in the inetd configuration itself.

The User and Group options should actually be considered for standalone operations. In this case the ftp-proxy will bind the listening socket to the port number set using the Port and Listen options, preform the chroot operation if ServerRoot is used, drop privileges to the UID/GID set with User and Group options and open log.

It might be a good idea to create a new user (e.g. "ftpproxy") as well as a group (e.g. "ftpproxy") in order to reach a better granularity for the user administration.

When using ServerRoot, please note that usually other files needs to be installed into the runtime environment as well, e.g. the /dev/null device, system databases like /etc/services, /etc/hosts, libraries like libc and possibly other (e.g. libcrypt under AIX 4.3, a resolver library like libresolv or libnss libraries on systems using the NameServiceSwitch - see also nsswitch.conf(5)). If you are using the User and Group options, you may also need the /etc/passwd and /etc/group files.

The sample run level script rc.script for (SuSE) Linux supports the preparation of a chroot runtime environment - see description in rc.script.txt.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-5.html0000644000000000000000000000552510170747373017720 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Inbound and Outbound FTP Traffic Next Previous Contents

5. Inbound and Outbound FTP Traffic

The most common use of FTP-Proxy will probably be "inbound" FTP traffic. This means that clients from an "outside" world seek access to a "local" FTP server specified in the DestinationAddress variable.

Nevertheless, FTP-Proxy supports also an "outbound" mode, where clients have more control over the FTP connections. The FTP-Proxy implements two concepts of "outbound" traffic.

  • MagicUser

    The first one is based on the increased level of trust that users enjoy. When setting the AllowMagicUser config option to "yes" and allowing the "@" (see also UseMagicChar option) and ":" characters as part of the USER command argument, users can determine the destination server's address and port with the USER command. All they have to do is to append the host name, separated by the "@" sign (or other set using UseMagicChar option), optionally followed by a colon and the port. These components will be removed from the name and evaluated as destination.

  • Transparent-Proxy

    The second one is based on IP-NAT packet redirections, commonly called transparent proxying. This method is currently implemented for Linux ipchains (2.2 kernel) and iptables (2.4 kernel), as well as for BSD ipnat, tested on OpenBSD 2.9 and FreeBSD 4.4. A description how to setup the redirections is provided in the TransProxy-Mini-Howto.txt file.

    When setting the AllowTransProxy config option to "yes", the proxy will evaluate the original destination address and port the client wanted connect as destination. If AllowMagicUser is enabled as well, the users are still able to provide a different destination using the USER command argument.

If AllowTransProxy and AllowMagicUser are not used, the FTP-Proxy runs in the "inbound" mode and the DestinationAddress is mandatory.

In "outbound" mode, DestinationAddress is used as default or fallback destination, that will be used if no other destination is found using Transparent-Proxy or Magic-User mechanisms.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-6.html0000644000000000000000000000525710170747373017723 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Command Restriction Next Previous Contents

6. Command Restriction

The FTP-Proxy allows to define a space separated list of allowed FTP commands using the ValidCommands configuration variable in global and in a per user context. If this variable is not used (default), no command restriction will take place and all of the following commands are allowed: 

  ABOR ACCT ALLO APPE CDUP CWD
  DELE HELP LIST MAIL MDTM MKD
  MLFL MODE MRCP MRSQ MSAM MSND
  MSOM NLST NOOP PASS PASV PORT
  PWD  QUIT REIN REST RETR RMD
  RNFR RNTO SITE SIZE SMNT STAT
  STOR STOU STRU SYST TYPE USER
  XCUP XCWD XMKD XPWD XRMD

Otherwise, only commands included in the list are allowed and all other denied.

Further, if the FTP-Proxy is compiled with regular expression support (see --with-regex switch), each command may be followed by an optional equal sign and a POSIX 1003.2 Extended Regular Expression (RE) that describes the valid argument(s) for the command.

If the whole string is to be matched, the pattern has to start with a caret (^) and end with a dollar ($). If no pattern follows a command, its arguments are not checked.

An example for a name would be the pattern ^[a-zA-Z0-9]{1,16}$, i.e. as expresion for the USER command: 

  USER=^[a-zA-Z0-9]{1,16}$
This definition specifies, that the argument is mandatory and may consist of up to 16 letters or digits only.

A command that does not allow any arguments can also easily be represented, i.e: 

  QUIT=^$

Please note that the regular expression is "pre-processed". This means that a pattern in the form %xx will be interpreted as a hexadecimal constant and will be replaced by the value of that constant. This looks a bit like HTML and helps to include characters that might not be handled as expected, like %20 for space or %5c (equivalent to %5C) for backslash. The space is especially important because it is the separator for the commands within the list itself.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-7.html0000644000000000000000000000416110170747373017715 0ustar rootroot00000000000000 The FTP-Proxy White Paper: User Authentication Next Previous Contents

7. User Authentication

Since proxy-suite Version 1.9 the ftp-proxy supports user authentication. To enable it, the UserAuthType configuration option have to be set to the name of the mechanism used, i.e. ldap (currently the only one).

For more information on LDAP based authentication, see also the Using an LDAP Directory section.

Per default, the normal "ftpuser" and "ftppass" from USER and PASS FTP commands are used for the authentication. This may be usefull especially in "inbound" mode of the proxy.

In "outbound" mode, it may be usefull to use an extended enconding of an "authuser" and "authpass" additionally to the normal "ftpuser" and "ftppass" using the UserAuthMagic option supported by some FTP clients, i.e. "@auth" for NcFTP, type 5.

The UserAuthMagic configuration variable can be set to either auth@ or @auth, where "@" is an encoding separator character and can also be set to an different one, i.e. to ":", using auth: or :auth.

If the "auth" keyword is prepended by the separator character, the USER command will be parsed as "ftpuser@authuser" or in combination with the AllowMagicUser as "ftpuser@authuser@host:port" and the PASS FTP command as "ftppass@authpass".

If the "auth" keyword is followed by the separator character, the parsing is done in the different order as "authuser@ftpuser".

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-8.html0000644000000000000000000001134310170747373017716 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Using an LDAP Directory Next Previous Contents

8. Using an LDAP Directory

The main option to use an LDAP directory is the LDAPServer configuration option. If given, it specifies the hostname of the directory server (optionally followed by port number separated by a colon).

The program will bind the directory using LDAPBindDN (and LDAPBindPW) and retrive the values having an object class of LDAPObjectClass and identified by the LDAPIdentifier.

The LDAPBindDN and LDAPBindPW option defines the distinguished name and credentials (password) needed to access the data in the directory service. It is allowed to include one %s in LDAPBindDN - it will be replaced with the user name. If UserAuthMagic is used, the special "authuser" and "authpass" are used, otherwise normal "ftpuser" and "ftppass" from USER and PASS ftp commands. If no LDAPBindDN specified, a annonymous bind will be used.

Additionally the directory tree root should be specified using the LDAPBaseDN or LDAPAuthDN option. You can also use both options set to differen root's if your profile data is stored in a different tree than the authentication data. One of both options is mandatory.

  • LDAP User-Profiles

    In order to gain more flexibiliy for the user management, the user dependent parts of the configuration can also be supplied with an LDAP directory.

    The following configuration options will be tryed to retrieve from the tree root specified by the LDAPBaseDN option: 

     DestinationAddress, DestinationPort, DestinationTransferMode,
 DestinationMinPort, DestinationMaxPort, ActiveMinDataPort,
 ActiveMaxDataPort, PassiveMinDataPort, PassiveMaxDataPort,
 SameAddress, TimeOut, ValidCommands.

    For example, if your user (USERNAME) dependent configuration is stored as uid=USERNAME,ou=FTPProxy,dc=domain,dc=top in the directory, the setup may be as follows: 

      LDAPServer      ldap.domain.top:389
  LDAPBaseDN      ou=FTPProxy,dc=domain,dc=top
  LDAPIdentifier  uid
    If a non-anonymous bind is needed to access the tree, a LDAPBind can be specified either to an specific user, i.e. "proxyuser": 
      LDAPBindDN      uid=proxyuser,ou=FTPProxy,dc=domain,dc=top
    or also the user who want to login (ftp-user or auth-user name depending on UserAuthMagic): 
      LDAPBindDN      uid=%s,ou=FTPProxy,dc=domain,dc=top

  • User-Authentication

    Since proxy-suite Version 1.9 the ftp-proxy supports also LDAP based user authentication.

    To activate it, you have to set the UserAuthType configuration option to ldap and define the authentication tree root using the LDAPAuthDN configuration option. If no LDAPAuthDN option is set, LDAPBaseDN is used instead.

    If you only want to check, if an user is allowed to use the ftp-proxy service or not, you can define the LDAPAuthOKFlag option to an attribute name and its value, separated with an equal character. The program will check, if the value for the given attribute exists - the attribute may contain multiple values. Example: 

    LDAPAuthOKFlag   AllowedService=ftpProxy
    .

    Further it is also possible to preform an password authentication using the LDAPAuthPWAttr and LDAPAuthPWType options. The LDAPAuthPWAttr defines the name of the password attribute. A common name for this attribute is userPassword.

    The LDAPAuthPWType option defined the type of the password stored in the directory service. Supported password types are plain for plain-text passwords, crypt for crypted passwords and {crypt} for crypted passwords prefixed with a {crypt} string (a scheme specification). The type may be followed by the number 0-9 of minimal allowed passord length, i.e. 

    LDAPAuthPWType   plain
    This definition means, the directory contains plain-text password with the default minimal length of at least 5 characters.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy-9.html0000644000000000000000000001362610170747373017725 0ustar rootroot00000000000000 The FTP-Proxy White Paper: Logging and Auditing Next Previous Contents

9. Logging and Auditing

All possible log messages with their exact wording have been collected and listed in the file SYSLOG which is part of the FTP-Proxy distribution. You can find it in the ftp-proxy subdirectory.

The FTP-Proxy logs can be sent to a file, to a pipe, or to the syslogd(8) daemon for further evaluation and handling. It is strongly recommended to use syslog because it is the only way to send logging messages to another machine as they are generated.

This off shore logging is especially important for FTP-Proxy servers located in exposed areas, like the Demilitarized Zone of a firewall. Anything that is stored on the computer itself can easily be manipulated in the case of a hostile takeover. And when the auditor stops by on his weekly audit tour, all traces have long since been wiped out. In order to implement remote logging the syslog.conf(5) file has to include an entry for the selected facility using a target starting with the letter '@' followed by the DNS name or IP address of the external log host. Usually this loghost may be not part of the DMZ, but be located on the intranet or dedicated administration network. The UDP syslog traffic is then allowed to pass through the internal firewall router. Note that the syslogd on the log host usually has to be started with the "-r" option to enable the reception of logging information from another machine.

The FTP-Proxy syslog messages have been created in a way that should ease the task of scanning and evaluating. Each message contains a tag that can easily be recognized. It consists of a prefix that is either TECH or USER, followed by a hyphen and one of DBG, INF, WRN, ERR, or FTL.

Using the LogLevel configuration option, you can skip message levels not interesting for you. For example, 

LogLevel  WRN
will cause skipping of all DBG and INF messages and displaying only the WRN, ERR and FLT level messages. Default level is INF - no DBG messages will get logged.

The possible combinations can be interpreted as follows: 

TECH-DBG
Messages with this tag carry some technical informations usefull for diagnostics purposes with no need to react to them. 

TECH-INF
Messages with this tag carry some technical information with no need to react to them. They might display the contents of the configuration file or the start or stop of the program. These messages are generated with the INFO syslog severity. 

TECH-WRN
Messages with this tag display some mild technical problem or inconsistency. E.g. a configuration variable with no value given or a temporary resource shortage would be sent in this context. Also if an FTP server closed a connection without being instructed by the client or proxy would generate this kind of message. These messages are generated with the WARNING syslog severity. 

TECH-ERR
Messages with this tag usually mean a severe error condition that will lead to the termination of the emitting process. Problems that fall under this category include the inability to open the configuration file, internal security handling, network problems like ports already in use by other processes, input/output errors or other communication faults. It is strongly advised that all such messages shall be investigated and further action is taken. These messages are generated with the ERROR syslog severity. 

TECH-FTL
Messages with this tag should be very rare. They are reserved for really weird situations which reveal bugs in the internal FTP-Proxy programming. Please report any such occurrance to the Proxy-Suite development team, it requires the programmer's attention. These messages are generated with the CRIT syslog severity. 

USER-DBG
Messages with this tag are currently not being used. 

USER-INF
Messages with this tag will be the majority of all messages. They are generated for all regular user actions like logging in, sending commands and transfer statistics. Their main purpose is to provide a complete audit trail for every user interaction. These messages are generated with the INFO syslog severity. 

USER-WRN
Messages with this tag indicate some sort of unforeseen user action, but need not be taken too seriously. Only if there is a pattern of regular or frequent messages of this kind, you might want to look a bit closer. These messages are generated with the WARNING syslog severity. 

USER-ERR
Messages with this tag mean that the user has been rejected. Currently no other message has been defined with this tag, although this might be changed in the future. These messages are generated with the ERROR syslog severity. 

USER-FTL
Messages with this tag are currently not being used.

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy.html0000644000000000000000000000333010170747373017546 0ustar rootroot00000000000000 The FTP-Proxy White Paper Next Previous Contents

The FTP-Proxy White Paper

The SuSE Proxy-Suite Core Development Team

$Revision: 1.7 $ ($Date: 2002/05/02 13:05:28 $)

FTP-Proxy is SuSE Proxy-Suite's application-level proxy for FTP connections. It provides support for both active and passive transfers and for user-specific configuration directives. Configuration data can be obtained either from a local configuration file or from an LDAP directory.

1. Introduction

2. Installation

3. Configuration

4. Local System Security

5. Inbound and Outbound FTP Traffic

6. Command Restriction

7. User Authentication

8. Using an LDAP Directory

9. Logging and Auditing

10. Copyright and License

11. Authors

Next Previous Contents proxy-suite-1.9.2.4/doc/ftp-proxy.pdf0000644000000000000000000047312010170747373017363 0ustar rootroot00000000000000%PDF-1.2 %庆彚 6 0 obj <> stream x湑X tW啋&=Z樚杔牷3;;;,仢載'Y%]%刴硱柌  H&礘M惔楔PJ愱谥众J+qC "奅荀ff骃O8x箢竭w飡肰翴1蟯褴t暃坢溯J0鴷鵛'紤\z9-状p牽.J N$"-瀠遂9#u宫劧D昼:w;鍱73o^4q涘]蝭享顴[啈=尺均( y蝀渨鐍栉9 nC塔p箉Q囦p墧H孌夝`艐(瘹K+7湟&燺薨誈淌醌赜! 8蕧3\XHX蒃w賷⑴w佗嬶^獍鉪]湜嘦 4硅J秢纫ニH飏咊擻f-'諃"V,$諣\庲rq侷詩袊+`稭饑i猇+G>鷳斋姣-- 咲)Y-瘧(h4磫籓翉盏鳘钞哪 妓鸸F瓜Xs橽瘱?灧B^n7,香+*謐b7m傎糷 谀9y貌!5Z-吹陙砥烒骧-&馰![蠪緣$庪敳滞\嬕马纈c篖辑捩x1c,謎; l丘&[M櫐%i )菡Vg圬~?樊c}Nk 寯滾撢𯫡n烽泻搃Pr| 莊M5v`ge擿-7 巻6畢kIB﹒mo.俑镉澩≈}fg@ㄓ虂HV缷蛙涡罴ib貏鳬嫆苶哅L揩 58皦瀇锥x  -I/瓽u筁f鯷[ q~36紮渞$Y *v砙勹o奼〕隗*遫涐囩櫓~8x演\歇{揗:m +驏GP vw6 j磝摷戄豕嶠:鞶&椖M淣S廭p:蚩C/nv襾禾gDD>鷜蕾7}ヽ齻6` 匞ポ>勓H湜`絝_c縕鹸遄:酗鱊闸棁均峊飥z躷をh銨|hx0Z軓龉閅.巔 幸O俶鹮顯鼊酴岌FN晷葼e﹂) :Mo抩讉U鍂N澊<氼菨1O泘\YO邁篺p1t<觰﹃:爭谖~鳈猀19j垵1欟;7諔>?巍\z煭佁彾鱓果劦魁洒織>Z9鄛禿孝犮箖峡餦 骨f$z铐壘D暇tv.鳋覐zFm (噺捎6-^4}2Y/?鵦谨yB/鈗u;荀J`U_m怠+齑b瞏镄-^瀶T翶?罤輶毻C#龝'噻O椉杶ョ鵫獾辍崦 bz@師鵢a$=熥z憒⺋八 構髝君H逍0 頾?9冑 G寴e@螽3]@嗳I双i葙>Qy<>奭q9ダ螛k癲觇P带P礗 ぢ焛5;鉟<代 }䴖s闂xL凓[h稭:鮔湛泷鲞4+XF玷Q箻鱷< 輸掅 朩&Da#4肦靫狧+蟽C 踽奒 tLOT eV粐/+v殞囬pGPh欗WlF酢; X)J)/锄$ 擧蘩6烌鶍 K3鋴磒犯靂ヘ+6 &'暭Η篺X7F'仅哱衑犁G0M枹鑦徬镪Z喫7P亚浃臧A$領rp,唩q艸烵-,\睬}5{蓙:儅⑶預﹪凰,($勦D鮶W0YΑ鷔o0)7謢 z椝り,覮O醤R涤柁cG伤8赺平`c h:綩鮶啸聺G含歽Cぉ1\圕芶痭瘡]喺 瑇淼锹塦虿 *膵pQOP廙芈+ZPH馤炝u87儉2歰~aHz椴"+檱袌43lp鈙,,抚d蓻  !O|XP"`偺曡v8貨孎2呷醍0]f侟RB=x軨hXrih棲Q=省[%TBgf;祯$*t閛()4$A阞蕭#姻+ j 珣v|kc钢 X@#鴀i赋F婣V喈:!в売鵾站lU~&耫⒀鈒炓[)觊W鮄QR 0牃. 7:虗﹤]凭瑎驮ck;j)5> 紁卻]纙萌伜W愷%=g+夌陕)'aR坋搁刑Z闹顙\肋c 蓍7,盵寘昶`胶葌5;F/湐? ?P傭|PG_唘貾r扳7笗\yx`ㄦVJ.倚前v衘/擯# 寲餚6%旦)2 G|阍嗦赢 +HL弡媊65港袀1犺2!穿8Ci>舡!M)愇硔愹Q!7+蹱省8謬&w嬫!虃4vs- 疜厴嗿ps> stream x湧Z]l譽N[苪蔂,S7訏気!wijwv鏾gF 升!w﹗4圧X%\(鳈傍`@2(CME>訣摷鸾|記]"戆"氈q妦畿欋\JVLr魑界烍濓|鐚逹驓開痼鹝斤艟?U叛=蛈撬蹥嵋妑7讀C鳅_翩n(zo甆)黨T暞糁5lM達S 焦iEWZ结塝14[q髖蚏謟渠狨吙焱U穆边 <;<叼缃c获+伉i鉭瓱趔弤瘩邑Oh礶佴挼x軲 kL]盠馫譼j橽r眇甗r<璕?U洕jiW焞:岛z4餷颾b黂硆X>,'~煽u騨Δgi;蓥芾 7Ж-zΞ&藱蛕+贯灤礲︳蓘浻雠N~邧蒄︿穛鎺['礲蕋K$炃Z%擕淞i鶻7suU+簺嶹?繧$_莧妌3s]振2鉷猛95璛焈`cぅ婈mф窙3规o;担b}嚰躌&绗瀥遐潒儣'KK?氶oW>)翷竷.鑨G樦jv鐳疙~啶甙盨乕櫠鋿久F砈x4枩気oq逬惭=<歌鏵钺",馐複抱y.韮G7}D缌妵Q琰Q^窤 L謶蒙辏a瓁2E哙纞\稿o'gZ| 靅=泍 僋_廈7 噉嵫N齪 钰垔Х飫o儹 笎脹5%蝟鬣_驏m柅濻K栯秢K3彝0U硄陴ui籛遤瑀S]痄Ⅷgq吺竢 ^p敉蕸=扮盦並蕴".n9=W颎@ム?"嚌,黰i冰蕮v瞸鼧TL瞿\欚{扜>弃ホ睌)繱篿矼巛蟹t[冖礟籢籍4駍韋鐊-緭m喚綴黱窕mu6 :№枤E倯?罹漵4鵧)Q漂'汬狑]傔鏚G5$f9斥:眇e敜髉T%拭蹪礛7鸳煗L49シ慔圠?K逫9J遡錆縷爿 髥媧!o)Y凎72E瑫蒳崄免k7X,v债失琰A璼2xM_KCQ鼮棡篆0穆~腩┩nZ嶦c\6%剥q硈琕k蒥筏-拠g躁*頫琲x鶊7z8&Tzし嘂P矟H齝6翘氩S咧x!*Qv囙cD[-wfp孲浘J鳫n2朁-8F4;3 ;灍YOn纋/侉W艿+々`鱍恔T 蟋R紨lv考B嘻 蟒+;蝒扆fz!j 儢隈菨小'藝e&蓝r:朱k<^D鮩6.U0軣|癡n(S$NZ;濄 艩缔546<@ 罡毹/:义)m絮 O.JT*隙_^6奔粡G踈e贵麙苌珞瞓'塮'骋]+摕f笘韗厧3C窒Q:蹾聝顒傯鞒鯑峨院3籇HN韕Ej淨郿*鲃T踦/n櫹煏d>*鎇'劮搆輠R餾"鏐o∏a搤N+Vk7﹢蒥!愜藔=聖塥z蒊檓-y>羮v凘嬇u肫籃?桼慩膹a③哘q(\蠦6Y柜u],y 楛MXx繥軓弥3靇 芷E喦K鴥~)珇垏#狵u/A彄詴x,g浣そ>$噐剋随>8嶔陫玊爕飰d'Q鷽驱义f1E r鲣mN蝶/敂-埾P暑>>fj+B& 嚢汕d^w伷嘩Q+M 7#:(w骇園.K殲7岹1 纙Pj齭2倄d鉾踼荑╕{tX唺^9蹾┏摔-@"'=_r-栯m8+鶖J,4bㄎw唰y 簉艟忓愫鶞侘烏賦尽4+~馍D睶酹u ▃O F钹fKq臚卉KIP挌.螦籩~#i菦槨W(QSa? 案N还蘆箨=C\`F壹G犧崳a楫8Q\p0k堆蕫4}*媯扨v.Q"样 R偮軅鮸偄螊K/屵 p8SJ┤餙" 鶅苂,訅*贆$堙A蔽浆 w澚 昱玮,YNT'q攻v!D仿i轈:叜碶' 天76u}磱?橇锩g8戁囙OC榒妩.w崜躌lSs侜齭S 蒍翱蔧 &侉毐捃伂乿嚈c潪 X2:眺Ak▅/靄F斳嵓I鞝I!嫾蹒_Vx^=熥砝髜G狦侳-喑%Ay!z鍌6%b2Y┬L羮t>茕Y6╩8+栅徣沲 /褑UT內ユ辤:憺鎬x濱q兇!z瞭沺卐胅搫!遾┠}浂N`P4齖"芝卤Eb遑黣k$B笻@!朿+萗hya熮#i伖X]_;詡h>!啤`0@6.S0脡i婨鑓璻l<"湫.萜G堃15鯺u姳嗝;n戭;;弁嘯2榎魫tIF谩這萿赶o$蚨1 眽fV荒聛$%1MMP}t灇F 嚶臎2耶┲碳T埜2y:熫R箹隢r}漜_骼门豫`L聧銴C粭欳_磹 OiP27锁rm憽m.'斁鋱]K/綖4濱d笛馾>Й屘E硂渘-嵸r颳傲A揗瓮RR篗A簫Y袃垆幋j屵泩2藗F8,%裇U^CZ晍褶*鞰(寝沑 W捴┲,橒嗙(-鲺事t2A 錨'zE舗牉斶b榐4sK'碁)O炞邡s付B'<觬紶尝y-#朩酖4浴 !vv味1aq/ea"崢枨9s嗝0 +-[磒烓亢護 敇彷鄎 嫋iY裬復By ,/! 9g媗;\.N 紁 0~Q)1汽B垙0目 圞U3#H/0-栯椥蠚7軧偮<6h^$硅嶆肪#9ii 赊)uh禫鵧,錫魳鯈k诅E蒮V8蟐鍽菰噍V毲i 嬉[L9-紁祅‥S楞&陸hF$樿S6潣+^GY閊慃ab鬾槷 3; 胤>e揽'Ld矼桱.\怱 倿+6忔M飌X癫5桤 &柹蜢嘰邦"iN45=&軳剺繁6X嗕骬2w瘅漜曛h?%詛}4zA欮fS枼噏黈閑8俢.厺^_萹7兏\K_瀫涉I+PAW洕@5 頨 _瀈iU扴 9隀偲粹nw&*6鴧F4vrIxE|0埴`$嶆掁櫋j 实^# 玡endstream endobj 274 0 obj 4346 endobj 325 0 obj <> stream x湹X]L64外h睫d[`<鰧缦33破&n3,!媕淀4"RP3Jx圱伳J捡R愍M祷}蓒y隱驃T; 褔T9w~榢Ej汜谓珑;啭谓x)?篌帕{凎エ摟L救h⒘:晽t\Qi 蚠2縚跘# 黁q汛欦kMl#z涾/2曵燩fD'骜M釻F/x卛/fr谍籄£-烃=蛘O詩餠7冑?畖y黼鎃蚾躱焲瞰鏌燑⿹W+*1y叕鹵t芳"J眼br404:渄,v擪К蘕绐6>朘骓{I硅寻煠渑$帽複%Qdあ穒寜晸3樢蓈畮 '笱]詡啼幮璙楑R趍竇櫗 輏-7鈃)刀47:靌酧SQ灟聄x7甋z臼p跐s襕岖 Uro7u ,滐U.l'疰tB"跒昺稏=麟 鱒谽Gp氻+#讀\氉De3|僲瞜璂瘋;9黄籪状7v>j-5{7隲h愍#h喎^谑Yi畄驠*比墱 鄐Y嘝y'鴀U<M懲l8伹~偪烕!踝婥T偭Hj4賁G 5坂?_誮 亥vp湷丞:E}/摥;号0涴歓6e揮飚S精嗪H蜬u博 C鑂'泊DYn昤 ,'/鋻Llx敚8陿\I<鮇汇l.0.{塛yS哧蔤-'皨?t9A:忁缍  酌(你N牒熮垌拷xy促  版椛g%穡f呖梅C鸨.仚Q`Yq.W佴硋 湾bo%7咤0峠郈乽~嗬0劳仆鉱鹛扮^笑硟涚0蹥褕C鋍灉w4wl@:浗螾 __计I墻鄕 漡0橂3b5踶楳\y簸禍鎙C焷簣fM/狶^bA枮y=b3錴@D?謰蠗鴵閉h姍 褱郟:-止踄 襻G$~蛴K?叔s燑忡籫鱄^1楈,;3Y&]G1 酒.u翲xI淺T0s釕鑉g镽j4莨淁祿3`0E HX石輧*06恹劦bd蝊讻鞰碋s宲檃?E.婹\uO玃N4s%倽勃+乆nB)o乔K(螪&/胄Ⅳ唥育麨螿*ZDK5 驴PsG穳7!畔抐c税j5魴:嬒I攄U$汢qp饐R H;扰(刦k蒲#鑭塌#糟X鏆褛匘U燸P靌3數Z#@卭Y阊c [t& 啎偑Ш\わ!沩宇8S$ 冧^3l˙/Zl孈 砫刪涢ds濎 P荽46聙=2趹鍼h豪 ` 付bG>廈 U +懺C捶]yН+{=<寭.姃x螤D)8@1f颠1Y4(劃曜&潽畲荊顆e>5 4瑵玦瀕璜KO.Y5垹龠`gfF'/=Jz褊趢 褊阑p诋 ξ撀G-w綰<晧-⒐q階,`HQ>尦>9T窂or衝c屰嵘n缅鱥蓠潘_/|队呅x8泘虻B寗斅鉁埄)!擠M崊jJ頉i3G鷧'.1H卄鞕勑8'眜B'樞IB!矱:墴t_2閄k懦 滒T[薖F璋;漅k 鍓I 槛愪 廕$X圴B彨d杭^蝖5 qw龢哢^"厰+$碸喗瀛?I裷翊Z陔cy靽牁6豈H?萢.g针%}\兯5耣;a8鏮莵Ev`誶c 禖Xㄦ馾8窰牔兩稕螦+k<溬鰍4tg'?4;w?( 倐浢ssV=潍88曵/IEbq:嗿赜:軾馒K@椈蜦篴砏&馌 勰,Q3鴅澝餒ωC畂^<$乕{$#錯(裶tV馌"漞D厷Rx;冨崲竐9+犘7> stream x溑Z輔'$膵X侰{w佪蠃軝agc{考雔媚 條〈kQd禑-じH葨 ﹊荮~╦*#*-y┆T 葕[W)憐谓w苨mCZ5m卍{w钴弒~鐆~鏫Y~=蓣N;倯成稡&'X#鄱`9)k6(蛀蝉 邲欭N_鰝狏ek钑郬,扉7`昇聗=-泒A氻> i!貖?浻}┻渘~/[s宩~/祰|薧O穬縣锂緯鍩叠抽_}邊6蘚Nd傊震 CQ5列槌韼U:蔻滿d分^s-.堳^QvGc1盭kw%鞭]冻2p颣鍔豲 迬衰猲g ?眫Mv觕 缝攐zYM鱮vA,幃z舊x儦mBF o2鷘 中n[晰e\G\ 7漖+夡vЙ薎鳖醷]A誷%≥PGJ釶禎问%卅#謅顸潕遑Y,Ta秥j嫌{熧鬈诚風U3m癘绻#郳s譃CS玆撝:飁IvR鵍饔鸔q&+4鎴 胼q,誴4AWT测`+5H灃弰К砱臆se<1x鎑j旙綹臭f闆:笨¢趟o Сb}81椌!$侷滝r艣fo頴蒄铩巷K)xMh/傦嚴$5I瀮繙Z籛,;(1&|轌櫌x簺琬仆6鸰飫64$+:郷`1+$l緖 t泤^墤%鹖%$郐]@凯f9廜褍0倥袭煀燍Go0鞪 骲輗 躁萆鮧8>q蹑 炉V钵 ?|餻媸皀鷅-荙豄\`蹔惕螌3d芡咄z;閑RUR@DY痪崧"pk懏$熆覣@蔲庙)啦9Xw瑶嶵LOy膬p4鄳雁0-嗰&哱@8篡鄽┺Z衰醊鬰劝駡0渐 4譒B0佂!冡t梅∽A嘆皶8nI) n<[.駰0, 毭後纏o L蘣 樑D躢未*k%#K绐%5草甠磄 汝:O鯕獈匧=嶏鍨栂騭[?筛91﨣|啺l搧媎 S{L8夆婿Da`J莦>]HH5┲哷栔5J轕c柛%,頏!"N辭7J僵簧5辤w79d鴜|c[7寚,林=Hs礝繫1鈒牁t6斫k#5軆3;k竪]:蔜!芄 1沽X溴鐝焫3cn泰撥又塘鳤n@\<G撣X:X5"T嶶%#渆西)必D 牲'郪饙汘◢唝铣膢鸔F6ㄒh吡p^︷t樣5j狶!-珩+R`_:嵊?柷iY('悉$M~θ釭荮S3佑{汰o区H貛&w"{"媫>90rJ怫┇>? V陗+%鯟遗叹Lw s垿A跣+Z鋍汁跛嵙P%*葘xVS`}8銑$%)v*B雪?▓g~pd楌挅S^2^襃2'锾nJX{$X0,乂\!W躾砼j#*VB6d嬚 譎r[ Cr憅旕碬冈?挻*峐 0N#@I閊3.9%糨暷欍]潑$銫箶蝚汿^﹫`nNW䥇ネ輻6篗5cX2p|c豪湕? DF鈉钯3F1醂M%纲琐(WAE,夳 D< 藅a4F尡贠椹46,o~lp9zT甗3QHC1觕n'A儂zu邼-7 ,撲辈3q坽9椽禵f<95 pO>; %撉鵿!韅鞙2榍皿妩E鵬[)坋~闂&g箔7@"E鵘1R# 9揯錰P崯A育良 齢+3駃tx;鮍@ L{%u欋~k3{{jed~c/铌A烱\1:佀敦R$j2辪r素{w7%g1y~鰕S倗觪3T挀鈘~k.穒5鱡,l:.巈匤窌薀;9 礡'臆窿[]峹℉檧D踤梯)閅玅 覧.=譀gbl7QE瀲忆N篜S4PZ漈V咊>(藴葛A瘶@_鎭碶緜蚍胜隫旳s ?!鯶笸I(梹钱xYyr'7逑qGy[bO隣摇`R尥KT=須 Gc躣0 DO[忛&AfuYfX裈崾G贖薶樠5f樂赲弓j晤卣v卓O>糛 d憻",+7Z┹覓靂A頜峊+E倖廝熙皐傚"f恔め霅&k摛旫10A人汸繦5.5M貅牡.S黆)縘-伐@/勄>祍塌泛t 皁梲檩娼3(Dn椦y.瓺禔ux坰鄲?锶鲶禦喹'裳g1摤a鸄BЛ>齱MG+寔m0-8召≠"H>/辛 m嘦'H誶%襇/寏A^Y 晙:衦庺Qu啯z:癡洉窎%s`h>ē÷$M7蓠矴‥=A:% 5P6Tm倀6VQС琹7=l髏Pfaq灋谥呦槡-h D*史ゾ+藦 襈6;AKN-s飭m#联儣罽P3gas胢,<"U椲繧 曾犯[%Vぶ硘璾vH"y.珉Vm滽贩1(魫 6H;迹S禕H物"e@N悧禍鋮6u1饬"\^疽p{E槃>┖,@谷堤 p懍菶NE泤墦瞜鲹,T餱兡鏼m貆芭M桉b7催p坞D殆'俫麄肞P;Y9NPY"x栓P檏*淀筏骛<*z9 刜/捨3缜Ц雯Dln! 鑘L!n璤>gUoQ颖'諭(羄/閽'脈棍$` 繺启R諐$bU%﹠+F赼泱m]qM1鼅 ?g肞汘 US傸ff嶊 ^稝)t?筐v 衕(:箵殌D箟 濻&=!勤&5rE勓鱄>&螹偍b叓c撧~売 A8s刻圌'劉灋叭mL5墬d葀癓r`6 QX%瘈*藃:W + 鍝.m7;'c鳴$22qv 8辗z.舐眮d":恖潪V唌鞿徝鶕 ]8淦爫媥Lg嬺鷫\ 偢胕#焲8`gH瑟q;)mq馅 愺C9n隧)0抨,*d虖伿mV%伎 (;馃頷醨f+骹搱賳/鹨伬z醐 俏伮&=7袾傸綌Gm躿椨夻 Uu荭f玴鶫拟酤鄰箎峍5ng+汎# %n苈Oy2[茊U+5尼'媞{燣-忹Q;OS*Iz呰運吳熰徦TQ彀~h1P熵纋96J屃:v沒搀 蜜"I5/扦--定胓%怛潍诔m圧$矫俥鞇:孉!E+O颋c1=窤BT彳瑲/q[W[3軆妗cん~ I门Z3G4筎0K漶>T%骉笁40:勡p粌鋨"'%鄑w腋l莶3xy琘荌郲&咛瓔fl䲣柊忦眨滸銇韹鬾椵過 訰>L.垯.杜V僬B沢o搌LJ7& 虂泶䌷r闸潡蒗qXc?wo3汫!,!Q"_*M釐>O槪endstream endobj 365 0 obj 3933 endobj 404 0 obj <> stream x溄Z]l譽NSV惫6肴茶栐pv筀嫽;?3c螁濑q椱Ya瑽H粍*P墥蟿f |陇/i言@摷窶'觉Mzhj3.MRc".79甾4yK潇絯=鐋啭喂擲T)過靰击m(X鬞$S藪L;梂4 G劫7たYZ揿湦鰂滕W-?崐籁辥C&,2E?過擩辰 I昮劢3鴥)篸錼!.輿-硜肳緿框y猧连倏䲢?螅驈?欪賩?燍縃+5s迱熭鵈闓?茗婚脜熴嚭i浈孉繀2FAW%Cg徍獼罐v成x鍈k墒Jm欈^ao消K奉禆.:楎_}錜靕8D绥鳪棑WJq沟ty<憀軰睫z5躗dxgr饭RO%跰爸n栧宝Sowv"剔t矼g2RkWly擌>,'汩bs攀歎农飤匫;稙邫i浟助hk澖,衍*洬[20鴒4ㄆ枻1[齉!eK後+_SmA鏧達撯孑顐Δ􃗩贯畀68f䦶;澑Yu7琹篽贕恧 33婯@霢桠粝1眙 l<鞈贛u聭72o+)%飊儒摱i遜c鰲薞V賡 諦s%澋(*n绽姎拥鵩on泌E2>h甌pq鵙'轡疝佲で'Rf礗qhtm钭聡6鳚\f琤鏤a島7採ZkX.培?遙餵G.M芵#扫粊+螕齀OnV翓4禓&2恏 faj 堵穆髿7/畀d汹?戃k烍炌軬[憹#坍 k琠 晱菎tK`,啶犈o;鮣g鑢(J灹擤N\vN2D@=~垞%4軷y\篭:TR$y J!$魛2ZKa邫y㳠豦1X丅}溱嶔Bs圯m b 8囊i肄u墔2娇yr6pc蛂T;徚騐se@ 捳y悓4親g料禗 =r憧蛏讣埄 俫炩e跥u1,@袉ML筩[t嗊@>]8w 趋 t 羽褪- z刔賋 rc亘哏褆┉hv餦愑虲勬活殺D仢B'R些郣t*$積ff勌ベE:N ?酻憲&"鼂Q鈭瓃傇+ 陸 %uq*q*m訜;v鲔ブ饃kX虥V0 爗 7眺蒑,遻)(5忈/ Dゞx:拧u寙W襎O ^ 7<8愇(,畺朌r觓i/\9mJ 峟褂/懀隼帆H$睹颯s9忩E璻A搮8$滭的菶酓16j0pck慯璁蕥8P9吏!35緐JU\9(;<叢晢@ F9摟蒥)L*簺惄out%X(_ 鸎r 0誒o@;@莤L秦>䦷暛RA1稽?牑 荜g2F壗9逍憌F▁{鼡曝閖mn:w貭圸.+0济O賤7鄶%邇`1<+抧2f 莴^ /gC哑傞换遽遄^b獨a+笨濝䦛.1B,/癬g黗頁/V3率US 挳#鈦耵z嗃驃_挫稷6y eY1䥺Oa虒6Л"縍璢}帬戤 T瓣6:膼SYr碃 I嘙騄#I猼W%i铚|T嚭wn 3 ?^! 胜燖鸶"T d厜覫EQ_&jTH9覽$馸鞊e!x.髦yE`l(-]l綉jsM x棫p吐n簁g癌j!3n摩(SQN"g,综镕ы,;娛C圧7P+7O錕璓(p鍀-②=倮wG{乨y飞SB燕冭[K朑款歘]屉L +弾湈 ;眼c牘槣/掖*鈒>頦wf#01W闆愼$谙[f尗-6燨*犂s琈"=瘅&Z噶8N辪顄 巌2旫'ON_"q硖sc!槁J埯d釁旣L,p纀Fs)F 偦8)徲鼮昘=7牦鋖頯5ㄇC>拲2臓]&垧杚騖Q絥<AD.錿T瓷8評L扈-臆嚚`)ㄊ呓*'衜蹟^0鐘T篱E飭歿1郔灍.始吘&>hO#薨帮牊 攳骅z?擪L4辞M╣遢S籂溩洶td|/锺H坆;.W稡盫爤R煮壜8颬 爰z璼郄黶8恚5(Zz歟l~$廑P]劮V7堦3`悱cq3鐌壎kS_+0挚傽=绱盜!@颺!2¬;>Q闯M蔳=缘c僄昑w嵊2竕x歈绾桌X採蒣G萯S@.%k娠瓻傤摓S鮬O ,"擝?p'&泌嚽Hk樅 .騶講') p"UJ︶ 嵓 毎a(O橏WW诒0$贗H慡 ` 塪藍'3贏崍隕犌(鄦;吔Q~/奥!R?Rz%}) 鵲狪坠,驓XK?G特箂奶誗埖乡堵Y!u鮽铥梄t媦毒嘝<宺渲┥榠枼5堲赣:zg沘粂 藏6_y鎘旆顟嘕闈y縁薡^駔豧敡缥n 裸BS[捖X儚= 馨?奍2= $颅=灮线n[诛鱮疞:7乣霭"︺捝 pc底尠抩兇窃ad橨S I羣怾 q#N5漀湐J淨X3 紈..)驐d}| 9C烯 仧L租袳Ⅳ駔[A韰=6D0佴lR誺3唰Rz閶6 kw w懓ch蝩,眕=:褪銄j1穩俓鯫!K k詙QsV惢旚P瘫昂zrGf函鄔/荒-谁4z"?3鞪咭-晌;竕浣$耰糾:jSm疯b柂~耆蟀*堫"雫禴鼺鉂}姎 蟝*U冒俻B儹萷桓钛.*猘奣獷<^s鄑茹vl隖鐼鶽 ㄦ&5F齸扣0M o杚巔 T藶>8V嵕z戟剳挦邳>)77¬蝏K揇:诗赝? 抋O!b妌F遉6T)謆熫e冤錼9_f7 ,w剞1Y7/y秴hZLP򨻓飗We5憿凲B62鑊`蜁蔧wC箙?g貑捹霐6埋栖O*咿庚铎'O弌h愝^铙煳蛆擘馄黄肴9Y镺Oe%0疂晻rg肴襂J+梦k燿涇艗枌扷nq认砙&寍6磋n霴u鎖=.T鴣g乿m洆G凇[曄盿6玜-}.B?偀JX>穲n诎k羣4倳QZU i釪.}sy欯坺> D"s?:毿[o屴C(;_d;儵{鋘銆遰z肸pY撲怽B卹艌瞨加w踭<~懯俔 '遏頲G%鍀纚#d"尕y~Tv毌~溸m0皱瑲N颧.珧-vk.枽^d龣~瑚乔y┻Bz@评ww>摞揶艟4駳0v绛%] n黿Kl1烍NoL\n軰$嚾j箿邹KR皐堕wK嘢b缢锄'紐-`3憎& kn襑XE?񮺳瀔偲x*1r歴貾4M<旑*B0矺8/餆籙魡襸/0 糅眍熟-琚Q鋃闏逥獉 u}芴駗苤$;.~樐篁9棓E藁M┾蔺諼PBJ焠侐+=(奺*#l8涍'Z4&x澉籎榈S綁=类|紥+聈槳檍鐱:]圲鬮9鰾LH"隶8]j \儠夿犻z趬iJ祑A 遺9燬4v怈絒S轈違b刋#蟽铼/却}暹騶k趨矼1聚e留0住鍝~亯诟}乜1VtG鶙嵵;i械?A鶀巆t峘?)汕!+壓%骝惟6tJ跡軎鬠恻\t赚漫ú1} dg紪『]藷緧}l釐箭f^J哽? 鱜圸endstream endobj 405 0 obj 4556 endobj 427 0 obj <> stream x溚[]l譽v,啋竸朘刹h赵瞵竆嫽3s鏦-升镸碽 B%TLT|b>+  $L鷲碋" 匭/偄O}餕2鑂i5Q祦 糗煓3R捽嘊V3s锕鳛燂拪&鶪鼅o$彃篿撤杉櫞TG俄ゅ(啲賢D┺S''嬿ěp+j舣R ?鮆驆瀓=y权湀轇4軸O閂彿b烚靡d=i+ =叫擙抚PM FMaO 鯲L晓鎜圑j6頮wM雊躏Uy/o/軣>,HH7L+欁瓝烀sd窃L潕;R摱暣 貙蓈gc踲,檸茨:蠶舦閾n'=9鈏6薶V8M鉂P n7洑 .=潷彧檠OId>嫺3s)昄K馶惫jn 灛{蜁絍胢{ 礶Uk瓭R -坥*U4^朖晣不.鋳鉡%{>Iu牻"誯7攐h4诩&谙?:踮鏎齺] 癰z>&蠘'6Id鐙蟝I嵖~S{-4bDj钐Sm贤7衂⿺沷.儏 L蟹{l恪蟵o嚜 G1F?窼 d#轤瀩秭wZ鈄O\┢巯fq淄く'繰述翧 瑢:筍1馅D*眪',е6土麉惮F瓝s沎w罭幌wE@9.`y8膅V胢й$W旉蚥!坨苣lVv狲稟谸.b栾薠@( zI鴳`抺恬$`5"I蚍`i稇┅p刿f浫泙{熧y4憜軰% c'搃皱k衿0=0(癕p边搬郳4E眬+[k闲唡痡si^s摘詈诞[O泍賓牍郯~删MEO殴碋-3(疆1uc吥1跐矿枥绱PMpA罩隹/釺e驻咑苻k琎敞衠[Lg&=但Os仺栱 9:(7)6禙=巃)姄班葉 敼t=!Yh'隹+1裍剁灆n琎c漍cj.涨U猴L\e>@A L帒:磶镸M,0MUV^]2i砤悡;q炎彼璜揋%^q岼aCB哑鍛^f粈暅X_p8駖婆,Koi1鸤鎩2昰 蠔柊i伿芥&0e榬磔/p濉韦g8妵D藞 MS嗥cww婵(Cd睩c6豹魒鐟鏚殽儚V'V眢舐UA<0鶞漓訡>N`倭>虤谘x,;'$cew-﹂$窸3 0%ん鳄 S鼔8埻︸!HΤ匍 *V\*QI{7wJ檛<茼勃`膇呉盽臫..rA賘i7Ю3DynU 缽糞mn蔸魞43O6脑f緺N礣;c u-餶颈碐稱缇戣鱴"J偶圇⑤ 乺+ ︳ r\{O帐l9'+鐞8磡欬繿 f#早凗m!爙8`暵%.嘃/徒 Z半饌C訫飥咂鏲埒篍E(a'x* #m;歟-窗u( #▕!尳M紻q鏏に接(鈲#"8S除9鉈&=1脺u鮲趓/ ;k楻犆郪 嵡爋3澬3嫇 $*[篌惲 cG荞淇IgV2&]Ng哖'陲麘翲鞲5r蟁:澄F鏙懇 \违<犛吀 jm6 <房虌x艖蔋謞tR祵肠Yd.撌*媤踊蹏xl+姃音SH艴R萅.8B桯堫Rp=擟nB╃^韊9ゎ砓烐3匲袶拌!$7X屆b)埔@S伷,苢+1+Z誽fB鉫 " !鳅 e $顊aO]vT猇旳DZ昊蒯43圠rΖ军jX 潹滾鯖孆UY縭`EWso竢浟幯メryaY8坳8垪襘8胬攭媯 $█+淪 踊寪#崅釶D4be瘾溶䦟z-&沨頾,%;U{yi鸬颺Di n櫏羣e]嚞鳧鐓E~墱V叁椎"l鑊簐劇fk璎▋4瘅 w0Lc4浯+L/趶3{啉K+y暭=笲.t鬶/# 曝Bg1畞闷2E 揌[滲惍闈,⺁1{ 濾,锔鹫\f湓x岱7C|643歛翇]=萠<;6 "D#Mm p(湿yUgm倔/繠7U;椓屇製 W-倷T>@滆C z葶翂辭茐K@h6媃A +3腝4X>襭3e"8<<秉k廹o夎D溒蒊毎_c5j%NkcB+番O雩j-鳗複輴梮-)7蓾]瘸蚉Q裭)!吜UV 錓^s黝cs鱌*橔?容蹊麿徧S_+珦鷈./E驢7 娔vICkq%23H劭9輫P Q oW79B!1ZUe鮘窎[妇,MS暭f9N扻吾G#帡X弤凧湛磲墫阓鍒乃;麻费v6<笙(O:賺妲1鯎赳oK甥-齪笄LK 堨塲w猑+_堹6鴙姩 z`瞴P$F嶇(4跇k甆鍧诣:g侳b犼嫴拽_敦#<晃4萏S+bj?)倇9} %嶫楞 1te潢vJ渌R抩澮惺 8煸X!ML覫:=姵舜 醕GB%H"觳$艤J湵佫澀76Y>漑峢h镼z C1,S暂Cd'彷5+疠凛鼭GPj暻9f鶋* 瞁镋漊觰z忢b谬聲V&視{2CZ懔8擈cyi.兓旲=v櫯u[;%?62%嘵Q祡|Y'$慯G*淉pv+湹jQy[鰟9;辫,0jU粗橿LX$釓蔵y槀W:"kW7赝of '扚_窦衰E 吏<寢wⅱ)绡挺朝Ac 廼x鏓 痸忢遉wEHA5<砬\1t\泵恃~鱘擪翐(抐獞g鹽vv 5枒ft8囬w!m蓭化凝Q<猵翾B苿罃x5D:4<$瑦騣S廟膘by6:殜i≦4B憝?3LJ壎>l┍睗x$V蹾o䦅趒1<荙s牵斏譚_丬aa觑`6徺e$辴;貢銫谗 脢驭曪逤l^5O8xz実溵碞 -┟Q涚+8蠲ajG卺沾Bh絶Tu;〾$.t嫆+鼣rEC捻Zk8 狣)垇愦B漣羊B{傹m栯瑘\i乞碈 -桶Xy浗汢厔M=aom蒣储肧汞訖VnU ]8竗9)缎篐锞 f蟕!焰惗 翮p擮`鰕zG{ 蘝虱I%呅挴葱,4yJ0丐穀i .:恐?x捾颹 .k坁E+禄.恘k佧"絗襟噜}贎;敹塘*L*札惫7 颾帱鬎h祔穃悱]R厯供鹶2K乞嶓進^:棐RR[Q嵚C醭鯇 ~黇尶苝蘖l}贮祕3I嶬 4O殅/陴逥浼W@RU+揠髢 詒犣~p 针0囗*亮;AR~奴7僕ш趴T占n趋瘼/ 辞摘钆徇孅趧_wY];,茭碮約涊藄K蹹07a7`瑞?c脝.'覶Mz_掋磗e.傍樌硻4珜f鯟C/5YЮ6l踡秛2馅 '厬?k@V悟饞=劖v 糙鷿"8R紏_挢jfy$6o]鴰{缪tJ\(>飆i9!6U`蹟磓嫊朢馊蝮蜕P<尋 9Zk餭锾訓嬾究nr剮n瘾=(i趽臵C6檖o箝⑻牤軪釁鱂 f錛漅S〥簀 媝en~}(笘薰嚬''"T詫rt罠痉貒眅f!;紆$:虉鄤 迚 珰闵浐 塤言閩%jt手к旤菼rA@卦{崖V乁莘Y县釒[E3^隹/氥W缀 O塷b肖Wx鋾C/? ! iO鲔X:叄脢fu焤劉9h&R4 闄熞皼bU%沬KC餐 翋/Q鬗椅-嶝7Wi痛維>y@.づ.X鎝銭姞^dF+朱vl僆m瞢:l萓;%畸顲ǔ #箕賡鱅剴s嚨佚$衇-.峫毸"6,#哦蒩á賛z峙衫 擅犖)V穑瀑a匕秪9i梐崠i5 r zm馸V爻餠Y+S 6E魛Q1彤N'o鲂?xa"endstream endobj 428 0 obj 4755 endobj 463 0 obj <> stream x溑Z]lWvVE%#4ob譳i8E&"嚋媆I)5*癭B峬)竼D,貁P7繠\hzXD>於h7梷Z齺tJ,%债.b9鲝s)JkFB{嫖界灍飢畿麨捬t%仫w楘唠O驴橉麐 G[︺*)媩d):m什 G盠*L^曢+i駃<- 殍S<-学塪88H侠27竄⒆ 2蓞1,E鱩蜴鞹堡Vk咜喓]ih玘Z蓥襃6闙胦T]Hφ阇v$Z糢[M鶎Y幝偿z簽vKZ恫鈻阣=墅 Q嚵湓5雓梯5礪险a幉}Gg_蚟(Q鱒}z* "f+嶛簵旬z淡2A軀2W閡K昢"铞羗-浱M W>'hy莩,7uX曁o }跖篬*鶨|嶆荬/鲧,h优殒l鑡级 b琫⒌B薚y谉篲[-捋] 皡 /W[卭锫皧_,镯囋詔鯗-祕縻賂x*蘌壀1-{悅g!貄f蘓Bu荹$3Vg汱a鉋_媖/旺D 鍑X1]*{怎介柧桃濈槲M SH饴喧&髯S腋噃熤/柺嶛矖致牑祁U4w羦`沍a黠@]b=澎>v俠{鈩霠幓84袮[;祃=/凍k狖ブ噁p+苘z_掆岈&#>2]Oew箨刅H'H.坕鄟E-珥燝%奵q/簐[]鷒{6}礪)x@9捘/K8--cb:_趫yc宯eJ]{o狑杂侍l}A崏M6!J/@啷!uiw徒U魨鹣0(僰fA奸}€jmua .s糺qA]'25$| 2捰-叽吤∽O収履斞z}\凓v砐偣o#(鋴䜩3詭瓨瓽&朊菃i0點Ih墷輳o~鵏绎閃侰M莋3鍳腋侚w%飢件a欤;煰齔2w鍹iT螅+煰齢鸆瞴譸Sе幱P宨刂柞48按酎i吟誮2鲇?/蘆f,}碔Mt瘅^甽糓揢{q蛂T樄>N,汷6疗&!- H-佌V瑟7g啴hs啾 觯哸鱷抟乱<瀉JY岀 縻鳣*7Le狠[浯啋涟Hdz`v>CX毩3Ds棅)9踬`]讌oV抬嵔翲攝3禀湒-僋\尬閾鮽椨(m冎旨+Lt搮4竱呰眽蓨B]眡儰"米yF A%劐䝼X$D哾llP褹p慔龄牑*鼓僰熿鎍i萊钠骯*)琷l>j覎5瞲󃩤 哌F!1И汔& 4ご玕E餩0C鑪崎"畖G4e`0ET#簹玡罧央pi髦n^Xk0姙瑐'o沼氽鯻甛"]B劂寞Iea想翱柁$S)3歸畚顽芪冿\pK犈*f?鸳1, 38`*咱 Jc-` 1o=nU⑻獷树|CfR溾@愡P.#=卧L囃x'蛥 8澦曠#o鎒f0瘽慭鴗?钏>'B&>苋p垂X圡鬌z滹84轕漤v$爉H\i5L喁趜H脊貼]"鮾荆$1gsl?3>醃%$5葚lh扞n儠 0 JV騨 S?x旬顦瞶M4庄镊俚槿V彞蠰銾=!,四 .羨'}鮹4%']H:.楗T銝!ssO&kg!搮uY脢 K1y A 扳8そ*:P堟灏-鲚劖尦3\项"q柭垘<郴渕謴Q87r&M=跅#e9/M-!ROhU2.醊#吪\幤/椶複萃G鎶朇乔ッF⑥@菅絿膋'q#/惱峷>1佦韇k\欰衉3geG6,W| SS)F(>厰 欶 v$痧棽蚺z羠瞔x9YP鮓蠁$靭sPJ孢掱i舁)~U*/tl箫>7窈斄濽邞嫦4蝓驻&/J锟u.轶蹻4夃覦斷W核k霹劀)扈Hv8 e圖3X畑湯 X#G\蚻悔n溙|耉Hr蓖~4O姘"y↖恫僗#\q掿枤'UO兞藄9名8! ?愞)9-桄嫭9l|睅1I蹝袴LkH9 e蟱 ~/怲 0*厦鮄扂 锷u襌佟-A靽=璵釠V詴6,Il9 o@3蒹谋 ≒樈菉x藐鑏q&qjf嚎<4 蠼r5洟悞嶃渉]蜬;[镨s@蛓^恶,j捍(_芺}`菌鸂M蔡Nj賾丞兏釛Y5o目XXl} 跽镕V!+朲{恶劕6x膇独iB皨,kB-^oNS-@府諅#獏狲黐:b膱)dC鑷¥乆*N <淫U慹殏la箁4纏窺潭bz:$| 鷛怳x / 2V矍CV; ?e匬`蒓皮^4摚)鉚P憪 ぬ憟L蔇辿袉e慉茴鶢[犴!OE"继詿憱禃稂ウ鈁纂-ИJT畴幏<8!鸙wC嚊k1杋 +mU鎱姾柀6+S嚕+ 񔵉炇偯H簇w泋熻'p仛淿@ 爀YxㄡgZ\~摒e丂燿8V嘪穒W`y|矖舽t x20衇拲(艾憙仴鸣靱 k/lf5[&楣剚1[蠝敋鵏一c8Vk宽珧G隮嫇鯝M0─绥k熭鵻?候fg-汯;{腲O`榿3[忳!a-肕tt砱iI佥c葩-'榷x珲#飠滒_>='翲瑟鏪顣餦磀栫誋:^;訒ff顰剡+羹$me嫘~,6 礪k恪釟砺msT唚嫡+綮饒:6I劁&乼$颺!膸O0b掻悘蛂0d肹GW!鐡2d佬-撏ZIC慙:涤v箲Lk={8掴bg擶餢j`塐侗F8O呜晔5u悯~焂9#鐂儙294!Wk磴4少%o斫錾懼^鵯龅[3\斁扇勀Lⅳ五$Q7Rc≈ P杉梿zk偠捙犭R}腎 #违e鳎氜K$挫伌麷狆嶿f鋆鰹 九倸砻 m饞D穯S懕薘!l8巪x卅V滾蛯膰鉘T捑鏛0v頗災Xk|鴡N 孺H@编9v谽)徙<^溜檠!└米n+7(isKD .迌遮C括荘络裎腏揱豧 鋔+Zo6 8脗8垲-0;髡邹卸 命徣1l捐4Z0)%潾IA眤 6T<弼泆xW舊瞁9萁][愹(俜Iw趹3B堔)G內}9v鳋堔隺蘮u舴9Uс悊 梂.鞱.鳜邰exRO零炈▋t9綼泀蝞q+h*<埃Ct唑 )j:zW蟬亦喉,腘蝆!PAg諩癱{!7礖?1G捸y陳盢,諅{覐9a 瀀*焢.'簻毾豦笻贁 Y 鷑熘iW瞫D嫁#狸禧嚅w@_竒刜A#儘#紙t臒皫鴆+!- F&0挤鎪鴮 塷6壝LR忤摦嘢→傠L饢'祰鄖痺|Q怞R!癱B2噱餺&筨竄y8鋡濚鵺@║ ! I蹙!'笏R qv涯弦W眱*8. 0bm闇罭g5吡*顢辴V<嫉dk>骨,鏗瀩W儩嗘憗AzY鄼抯袭蒥\蓍添僩%綊嬕8忴.N樜I:L釓鱗D{JnY%-]軯D菌~%,歘w繣器熠*8H屳O抃蠋鐳簴胒75氫=1譟R糋[靆V7B^%c"7 dy季@8p47糆跂=!兀/il舆纁 慌4M僨}c"卻侂e暓笓;*_羝諆#焑ILせv烩簞jc4{]+椧].;吙働埐7杲靾drE糨琈苋筣柅丈0@&笼坺違a咔p閝涱}r蠷雡瘾#+駧'0醳{糥\攆晈^L=endstream endobj 464 0 obj 4739 endobj 486 0 obj <> stream x溚ZhO4K,SG墰膁禣'ERj閠锝;輂瑳mI钉T[疄!劣蘆7,窹锄镄鋸@矨pF 淇畠蛋?砌 6諦 涛痻5撕猴{鬓闉,貼垵伙麋琨沐5E讗⒂?+ =鸡y=U瞴臖巉蹔彖mJQ鋔逿~带zrg該繆^ ~允蕿炆汄癆>8訐汸2屿_桃_,姯腽魈BO/'g~負+鶆y T3唢I颽O鵴凩%嬞?宴顶蔓納樽G~鳎咛~简鐂莣憬3縆齜間 ?o緡~KO$, v鑬岝は:k+馹虏槮傮靟稖:)岇(79&墐!8'戚6朖A' `c0 鎕 H$RD1憐匟瀛"e;+ジC塋Xd闈!+L鸇%Dp姂菵2u阾"呄捈擘H虥輱&Y傭煂痚y螁]8;z"翌 0鲹 !镕馡(槎HB濆莵黵炟傋 礨6| 汵╉v汷 郉?儅唹ぉ箾攓w2Y㈦D邵郦祂U8(P曥B誜洩VU岹pjy婼粯峆掴V倢荭#5睧诐葳籗 U蓭獤A誅Uyn恙瀓E0R蟒┙_鷛:?L昇J嬛紻6覞j$&f 龚碄A掞@G*[咫 A,6N 栧搀<8L掔櫑%yb#蔑1j藕优檓鲎4剴讟1 勘蕝,r1X樉,槉夭9礪訧絇塏潘嶼冥/M娩/-g>@pI+$銓榣z9佃?D忉侔+躳嚶耏-&R崜尺?Fk {鳺F\淠f2燊私崜/3垹\%jm狾璘涴[眏贚;[(砎 U虬y*妥县9k濸"K执&=f0]舡薏澯J櫆喊竖梧E戒叄圅漼[崛NiっY軘靑峉='lD适杧劂4^}V奿l 覘$以 faS埇骬W鉛F\迥削薽8<濈 櫉f,!取 桒浔騫G8蘾)漏?y$vL鈒t攪蓲"uTI萭鋈馘P/∷摸 馮{瞧煶吨壟=,樑抭$Ala* 馛絖pV郟xF啺笣S怅绔膔2甖[昏3.m>癩x2 $ 票d 匏說}U^&M壁G藊祔厀瓉F鸶s幂Z/-昏鷑姑&济f4奎ぞt縟M-键2勎 _鶞⿰J諾MH]OiF惋淎輏m~wo┑烝恁 f4嗈已<-炘塔鍌銏懬耧倀舌貧攷a跮腖塼1L葕8!力m{@P侀%玻貼莻JD+瓏覛赞燃0贋W墑T桏%R5MhV+嫤瘵桲苅QV霉CT 萍诽嗕/続"xV:6昧園笭$?饢a茍O-垠轚帥"湕zz留7d23p壵 \o氯澬囏痲>间m:╒-. \瓇~NW蜟A栠 熥辚7殡3擫36椮備阂墥z~ 阑h焔f`荫)撙想﨑趎J恑tY薄 gd暂#q入;萦妮羠6lF8硋!6&n}塷L甼)"~穄M襍G嗕D`4m躜X浘醭o&T缷麪2. P沊c 5g]X+謼竤dヘ羛 WxW<j{柶7I烋瓍 KSY篲r聨螑薢鋚[K/蕪蔋褥鏶.领0 銈 侱恥-華9掫纘糩5B玸燜H榑Yf6%)巰滮磔pl殬{mb]淎棛"L琁/芵⒍z梑&]祕i' 燜Yy1瑵洒蹱Q<顰(x衖lhmb┒6贩6疿6嗤>>鳧o<7 38駙5z7澺榳豂w`| L塊雎fd(%餮牤~罵酰8媯1妐,]1插0#"竆i輑舄mAG(X崴蹥F毟唲>N+IB駍Pf=钌\)ㄧx泑燧\Tv經褏矒尗ネ+礄?懤蓋頬懂愜~冴驴J>鹜(廞(蝺橕硯墏P巵U槒 鱇垍淑 黌哸v^.0-gc歛誼 世嗄Q鏄1: L狉軤kh侈d 崺u閽*5.1[*+u劊 )L@籕9憣j)霄悩@LR6s﹒2惙w萘G E矍 3x1#钼t抄Na癨{敷恵坟勽簻u敲E崰發筏,4遥|-w膲觧敜膄桲攫-倠c睚P5,#鐆7檚{俕Oz96L揨蓅ik種d碝T,H se圝拐x挩溴架紼 檁龍Op骈鷞簚,嵾拷圔l焫 爪丢戨v隞:撊4黓~k潕6 V卢漖"<賄叏珺 馞zKgt卵>8s墶樐:驁灠 蚩峠羻預犜AD{,狥9鬵德F2El軇茕S%l陟v%浵`+袹攐\矄炏埵?茠&Fs瞝竟L[N^*縎l蔺[4+3S9V)鲨a塿选LV髰+.鴷笜M寚嚗~hD^饩邈D@%Fk夫8Q%4豤m赁BP0缌~1Y|腾yl襗 1d茽鸷8\\%$嗈揽@cK鬵`.图楬%􏣤鑆b巁C麪`仰╇ M姯媒Q<鳚蠀+戦H肬凹鏞ws%)渵巺,mX7>刞建ъ闓AWw甸7%N#暄肅菫.*/ n袺绿熠艑 f劰>I楦w u靈窛恆Z欰疘惌!1 -唽<褷蠧&欃积lC肘?諨骘`;ㄨO炨>蓖裶忲孭]苪z{髝w爟鮩吥刃鈛5績 0))B嗍i杻聼鑞L蹜4K(腁<鸄梒韔 0赍;z郧*~>6/93敢T鏒鐶=骬z●4絆^ZO峤A郉颵驓蒮=U虦閞.嶄曉湺磓〔Z撔6/暓靻坴娅鑷姞U<劫>鬢A0Y朔PA;+] 脿溊[Z赅鯠魲稘.:h-"6&誶窴璀踠鳦鏙*愨灰斠羝r.詶!8D!g-e^嚐3J擒榦W+Q是r3o63;舅0,骵{嗷s[y鑸钁濂?.嚢沞ndstream endobj 487 0 obj 3913 endobj 495 0 obj <> stream x湱Y]Lvbb惮e睳青a6磊倏澷発瘙.拗cw"k臟贓-翿P犒S潺/S鉴\74痛M~0閊垱8hΣ佔嵒梩#5^A袑,栍键^.凰褢奦 蔌l榻F&+殳m 羡W淝邲鷶*怦TF'mi欉^荀敬.刊 \2[14 聳x礣.oDE'铿Z慠Y+節閴:$潀mqЖV潙{酥m;7瑀l@]JEj弓%{|"涢V儋P5鞡Q{袌礪欄*$rxSV澺z跱猻漋-Wiv諯e+xt澐}軇瀁蛼駾4sR`^;=r禊 鋯a/I 2尿絜%b蚽(t9n毴桶鴴5 7k嫳=橷芙h'a芷8w狱鈂<朞h゛}娂&'by耾劝皤.呸壹W啣犉埂叚Bm2醺 L赩譃床6c练朌:鶼崭謽?;杶聒别Kt嫗N塊/濊=)綘瀣5 23朩珗@潦960甮 M裭诅3x閆狼$|4魎螆3绬)*"[癧򍅁=屫赡f-4辈*,4癃,嗹岩-]F莾nF鸒JA嵟兊灖螷Yz鐻繂啢:齤焺R-塒i韃Oc蠡讎"盪7踓絡崧ペb<袁]搀V鱉q 跔/q慆t罖vgQ=蹀峡癎$莆"VQz;喬遉J&a礟殚j祪'ZCM'㎞;I輕V麺胶U-颔Aど2t掜-i脅5M轘竾6*烈澻N慚倌k5M#5遶劮橷D7狒蚰&蕒偛V譲9g迏C烞Y湔QlR罆j r哜淛I+[ 7$憩* 濼 ks#G痄琇庽L,醎赎痆鍓慥謎汢枊-H茏)KcI怮!6鉲蒩@鏞饞5祼v 0壍5v W)鲖6!8S a+K防b炥D潬湪c!1V柜3鷃X飩湕c麈〢FVu鵒建嚪8.蟮庵j6醙:雊U)燸6Zin詯9珴~ll豷躔顼T.U樆NzuNPF]^茤i:喪佐J飅+B&崱层宯枳流戛t鷫剋汜滑橵(!墳恍遇7ndR簭釿洧$瞈瞁(WPIs 諍8阂m苚蒇黒唀k货5>捙篹}R鐊蟷=$騯6i?隱垃譵晻>鎼2騛袲{渏"秭s蚇Q 鴬蔀歱}')AJ=彌 h舸mw)坼L-eZr唝蒁BV憘欑0/vf摥'態#T`~N劰聫i膌e噍(眜_腌A0尝~^<龗t钂o芳2{"xBL#>栏急妾+0捈M2^b裁`箺勚Y鱉韃'6烈Z鱡7歚$慶嗒懅ヵ%k轫鐓#Q讎z"H忓P謨J篕N]睻湮'[K現\quW瓘5慩庳r`ePi扼o誱癨店鈧哳佊kN灂{灏swO诡I?V9鈍烙7蝆E霙Q氦汔¬p5BO搭L致趔NX5茠 "mZ|h鹈-楬L帎p鎃鮜沋5g檲9弈^吳慣Kdt/゛凳鵊=鼗创/GN灼NI罻op僤釵瓾噰矋k/曁瀪8集葱!rl忌劙@佽碔搏+pF24涷f戉H莉Z散S药6厚P:`i;{頬朸嘌篑}﨟.縭欿吗9茇2--g=恤&m橱N4N蟞抲轣c'KGoJ.nち惲O qs供:牘#oH%%輊R%oJAK%圞#桴b9灟嚷祓驛{tD袍倲x舩艹Ct痚道慮yh鐴p皜*OC嚪#)Ib4 韊83拔K璭揎J梩b_v';8e5!紛R銛⒛s5 慁蘯俯=蝌}I楱⒃M鈏}蟈4'詄i擛〃]溉8厨 钘5nsr欼エ閒奞Oヶ趩说~aΜ05v瞣J飞烃:悉掋t.郁a莭<#汝w$簴蝬秗}燮(Rrh檶?玕筝:*;谦鰯j蟲@饱楁泲TyVKB {俀糍d-莭禤鴟痁繟b3kOr7黙)F歠涍>2蜾僙騹恑}迣pb桲W3 ,k谫缊o虠*劷 W38馵Cポs嗃|殓N洣BH㈢M:账]5 Ku玨嚦尧r=Y7 o#u+謘R釃驻抄_d壹@瓒综E:ィ6B馓s僃;k 篰嘨 :OZ寗_袇馜賢n黏n夋垐 僗勯,暓媠q 甇鷖(鐔0 煿7e纁a扜-毤挔}涚坝橷↘犻皀圻C J~_骲`J1x%y{C. X&}溑K鸄価靟碿靟鰲鯽边&p!畨 V覧纔搤sD粇搵ⅹ{"d晀頜`訷gLg_zS堗;秔F!鍲茚耂zx螪B葦wJ.,嫮v脻虓?蝼a昁j{,"瑑lZY汄E砭&0螩 蛁g膒n]酪鰪殈5欐L; 4缢BI薉_uVq翴蛱 Dsh殄yXS擲S场澗熫豇!骫t鯄т鎲8訛0H戕澔"/騭婒'本}y篨鐡w狼騱稃b?H2f袸嚥 +z8;砂俣p2籟郐揟0甍楨>n頚糾鷛A╦ "鶳 m馻#門|伈.LZ堘絈;拄.謳I瀼梧p雏U:H#>>鄙_壱 蚀_任麧侬!bUケ脤蕍5裲蒉韰旯':琽蓧Xhk -鞜鬀汈筨kI鹉<2靑夭歆p鯁歵;陡儞\?12梷H鉬拄滲芭3E遈伧瓌gc鱅5i縶S\}/鲘}n柟7鲰塶,:鸸腿d=!vzxpH抳/皮讧}$h?袼j茉=脔霥牕碉稧t偊'u.䌷]管M 4endstream endobj 496 0 obj 3727 endobj 503 0 obj <> stream x湹Y]lW-i*o勝禞k犕x妻u⑤潩欇潤xWvfv交顠L挞cYB厜L銳蛋煭d"誜B朵H杸唫T~D+"B魤}@馪@ Ru韉jZ曮莨粸霟缎(䴔絪飛匡滙漿齻擭iR汘耧贤跫畜倲蒠飑斕I,K2韙64漏雳障K邩_鳽忷酲x.綰嬕C=オt 觝$ss扴颭螷歍鱷:+&SOY挄N2R}甮茻卧哭:列<膥錹3?铨笫oV~そ鷭_觜崞?W^滚d:&礸枳茂决狱腭W:}dd睄d唥鴧/樱dF矻)c呋+W絺е蝽<~旱0mK暍VAR+辵珋O謆晶泣赽盩歹檙T+挖毀饰yWvy^&訢!昈$7漈锯骩V链Sne躇祴0蛶9攂 3鋄珢Z苆嶰悤 B%h 昨E8=洵泣退E烆婊a(.馰V餶塾C24~>X.S?$;W憍昒簹竃薿救缩!& 礜e>sc鎼q!臒.洗i鍟Js淲<岵螷53拴<'O芅j乾搨Su肹-"嬳(z篚餞蓪瀾鬺0[攠R鋼柃胿x栊 k彯檼n0黕茢掽!件h粼筽N墅f墍,H跨磧燰o燦~ )^i潬J-`[會T⒗2曛O睖; 鳆$u猤氅潾 腖s溃柅杠:岍磀田蚁鰾Tb珌pJ烙烫拪yf窌樳v絈噫8udao菘vl2$-m钃L壾6鑀[,G櫌伕躐矷.5苲癃 炫踣くX.XW輁"牆C仏.fr3㊣啗hwM7埱B匷QAd!獔x攑巟vW0j嵅鱫7#?x铛b襳ieD7BK:瘵p憉;撫X斛纋H1@熷 煥GX联鄋d+賳鸷尥~mq屸C+0%9X餯F M藆氝#?)Pe鷜+元pe宻E薶{愴&燊窣>-瓎揃 \)郕=/ "酉嘩忠漸r4蠒6)7け乌M柫e曊\ 6* 涓A攔Xi2癔禫凝g>輣F佝弶Jd骸圯(0&%/搸 6Je溻鮬諦o︱;7&`X?@T焌氁8緼 麹6e低$ 镚1慥Rt%N唠'梡菚讑6)B踖ZA!&v -儠e<8譫滺凝xN*倷Vw瓸茄稾lN碕鑅誷昝2殽;婊嵠孨F&琅2k[%腭裗疈1Fk脂0&v繂 銇;"樤tYB!撃袖$鷻,X蜜k蹼] 贄C)?譲r石w蚑嘠{j馠亞艁z=O籱鬛A58&(??粿9鬌喳c訃\ a倗U/3wk(倢rAO~"\|>K圊8稣穝涤馲瀹嵗,x:7$}w,g+7<=^_踶)k杯檌桔壏媪R讱浝P<暱砠嬓槔贳\梞{.D冨}~睙)齃>8" 窊i`Y潌鞴8償栭P郿8F F1=氈欖R缻邁把靣G鐝4殮闍o=b僑:k7賟5_塒Tω慻| 鐑紈5H訿誜};嘋惏s脕 K钌i 语 <涱拦u鏑攙掇~惶镂③衧p 3咤9啥 2苖,(J'%ㄦ@朚$Gp1`vf氉暔9噣'v嵃Phe苗咮P银o0暿:bd稔鮦w)3t叓蟊% ,腳Xzch軰寻o;吕噺厯6t2";蜃[o妢槉/韓9呑g'茷>|i騩崤抽湐 礹>挝H舌駴芜嘷n紅/s C 郍X效曰H擄<姦蹈驧+氛弦-旔#勬B俭盜j{晆2Zt訨hc> 5佚J/灰H$搜T滎璿MTy>鍿>鷺)敚0Y儆f灍L陉孝&t1砈挤)4/=s)tH骒儻峵MR\8{uh{6S洱&限r:愰訲4=8幃靴N>澛I毝泮]夺嶜 熂12呒癄5*dU粀:B5膉\闻 k$ {朐椫蓚欹}剖}`軾Tm阗腗Vp?p鎲曃頬媲c颳衟+Y 沉溏卜蔕猜悳g^9 蓗騎N6sEDjr[,q#tM . k悗7H栙壛;р摶儰赖/婝杰i!Ai陌獪瑜L和Y=c樟0瓥 峹'@W償骣幁{жc嵘烀顑/k)>l硌焎篦N 墇<*軤e;嶧劆蔓-鮑%餽x.J侳TY`H糹柺1釪 e=牉挪hSM2欙>3ua鼫皝琺卥聮|d.煞V _*颣孂{b跆CI3暇渦>4昊崗盛匁4觛攣击肧4鳳霝阒]琿:4'Z篠艹B2覈#(跘械育髟sB@怓庫G肧蠏忦霈x霨榲虧i/寢od#2c蛱 魔蠈'鈎n\壮z鴕貤>Rw边Щ畂备rD3蓇G填`琛t【iW> stream x滍X輐U愤v殼崓673轭遁澷;w>钹,1;粵莞抜灰jQ壭`9h FAR夃働∴c均狓 垐涄 ╃迿粷[WI耽贛顪{瞎琪麧sf息倖Q価臒O夕桅"应|錷鋊W9n烈 ,J鯏^8w钯攡 釘^c>阤tW猂G囜<=婮蛿>0j)1蟸q "Z(h&j桅诧挡h>椧6尫刴l>撌~z3锵~鋈蘾蘈Lb翍&x?蕱&2I带S樣暫rq<5|曏W韁Q欨)约碯瑷Zt\童YW縶畑'灁㈤邧&7zF㎡鮑貌玕8/?唣VJ盛x&:.諘嫥黃 u漮泭讽,2#7R魣`胋@梆<E羊 雚r詢 蠜諳'2肷- 坼痘揋8熹h}<橛2{zVD(婛覘夸Φ8陚+幐[篽k铍鍂挅倬 捙7o_蚧"楩衇;x撄㤘>窣尫滅儽j仞rKt鄚欔(T鯟3嚴叭 }宇b盭Ua谍儹坍糂m纜XcWrE鐄獌U絭|-c$Lc膞闂=痽迨窞R螴$斸q曻輢q耓鮮愆々!SW瞶尞壄樻Q+馫踆YLHl` 钽&遑溽q塲4-鍆隌<)&SH辸s+讐"蒾I~HK[憯 慳爪恉鷞辝} %SJ1nH6伄Iw螈0o語F)!u-訉mbT5+髏ajㄡ章F{淥 A潟蝞$N迫隔酝KO &飩 C:撥鍚瀥倜忉J迣&7uW嚀L眾4伦簁"#獦洅G8鵻]"慡 瞷辪訜rhR鍼瘵W8$y ;e昍.Y圆浂J涳c-We煘.辉!Y)フ韇uБyP挜 Z铉 4!蓻'w`l艏胛=#崖窗帽輺t1D頽O,塠梏助pH帍P mS忐鸛摺z咽2Mv" 谞 X0X}D螃瓳E/疁F猂:柽f湕廬傉6擹啲+:┞\狔墏霣AXOY7㈣椧W豿鷢A=w櫩fRy6橺p彊籷媷孊幨 i%躬乿糄鸓仞兙槻J禑a7詍悞Wvマ冼鉑殫脬\Gu*<燰 t>um嘑~A答_1珼 鳑跥蟞K閜- 魰~瓡 t:轩慅厱*《 +.A81G蠜o|5)单]/疺W`#{锘w牑囖 龆矑U枱Q鑍$(z又-山+眄:P覎S忋揘蒵R1,鼜Ui虸U蹡,B1氜a3資驚s載苸垛I_9 憾酞鏺浀嚯u(8焃S !匃亂6砻刪褖9^v陹 n~K鱽頣TN>{黻銝/3弛C@%~N嘑4 碼櫧炐壌Z}^Q趌D y-鸡y &5?筌熰97髢 '虯dE尓*鋾^騋箌挛7 焥],3箌銁,]拫Aj仔瀧zH舙;(祧d蕡洳;沂mo?熑pA<鉉肦点P匌杚K榕搡$佫嶡E32眎丂螥+遍職 軣堕4e磈x殶>瞧r\鰲2\]暘L299(饈\"婰Ui3 8鐻獵 浚vl▋>J嚀#挈w-呔%閵}5杏驻臦揧%簈V荥\瞦B2!颚a暴膷g%eq2ct伱绒餥Y駣}悳掛頬~5烾駄魝7%U哄肈簴痢瞉戫~oW2疣$V哖邘粀H焫华N7&寈竤lh>溵笴俧印褼嘢扃7竖痢endstream endobj 511 0 obj 1861 endobj 5 0 obj <> /Contents 6 0 R >> endobj 272 0 obj <> /Contents 273 0 R >> endobj 324 0 obj <> /Contents 325 0 R >> endobj 363 0 obj <> /Contents 364 0 R >> endobj 403 0 obj <> /Contents 404 0 R >> endobj 426 0 obj <> /Contents 427 0 R >> endobj 462 0 obj <> /Contents 463 0 R >> endobj 485 0 obj <> /Contents 486 0 R >> endobj 494 0 obj <> /Contents 495 0 R >> endobj 502 0 obj <> /Contents 503 0 R >> endobj 509 0 obj <> /Contents 510 0 R >> endobj 3 0 obj << /Type /Pages /Kids [ 5 0 R 272 0 R 324 0 R 363 0 R 403 0 R 426 0 R 462 0 R 485 0 R 494 0 R 502 0 R 509 0 R ] /Count 11 >> endobj 1 0 obj <> endobj 4 0 obj <> endobj 10 0 obj <>stream 0 0 0 0 116 141 d1 116 0 0 141 0 0 cm BI /IM true /W 116 /H 141 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燞HO砅 EI endstream endobj 11 0 obj <>stream 0 0 0 -7 65 141 d1 65 0 0 148 0 -7 cm BI /IM true /W 65 /H 148 /BPC 1 /D[1 0] /F/CCF /DP<> ID &◥K傀揍p吗买Ba}胭 "?5韠 胇 /0^C@~? EI endstream endobj 12 0 obj <> stream 140 0 0 0 0 0 d1 endstream endobj 13 0 obj <>stream 0 0 0 51 70 143 d1 70 0 0 92 0 51 cm BI /IM true /W 70 /H 92 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犞u!槪F佱`悆饍衵xD竪@坙O滳3H翺衺烪AZ_痏鳮鴂觞5F裔圎齵鳟a呿w呥喴韛.肒隺呝q釁祮栋`縜d2肃萢  EI endstream endobj 14 0 obj <> stream 90 0 0 0 0 0 d1 endstream endobj 15 0 obj <>stream 0 0 0 0 81 141 d1 81 0 0 141 0 0 cm BI /IM true /W 81 /H 141 /BPC 1 /D[1 0] /F/CCF /DP<> ID !侊;8蠛@ EI endstream endobj 16 0 obj <> stream 97 0 0 0 0 0 d1 endstream endobj 17 0 obj <>stream 0 0 0 0 91 141 d1 91 0 0 141 0 0 cm BI /IM true /W 91 /H 141 /BPC 1 /D[1 0] /F/CCF /DP<> ID !佮鋽5JX4儍囝崛a┤m+ 噢鴄猁圻~黠黠_耑䲢閕ap 耏  @( 牶倐倰P绽@ EI endstream endobj 18 0 obj <> stream 144 0 0 0 0 0 d1 endstream endobj 19 0 obj <>stream 0 0 0 92 50 102 d1 50 0 0 10 0 92 cm BI /IM true /W 50 /H 10 /BPC 1 /D[1 0] /F/CCF /DP<> ID @ EI endstream endobj 20 0 obj <> stream 104 0 0 0 0 0 d1 endstream endobj 21 0 obj <> stream 82 0 0 0 0 0 d1 endstream endobj 22 0 obj <>stream 0 0 0 52 46 141 d1 46 0 0 89 0 52 cm BI /IM true /W 46 /H 89 /BPC 1 /D[1 0] /F/CCF /DP<> ID &◥  瘕囸龂圅賄縹灭瘃!0 EI endstream endobj 23 0 obj <> stream 118 0 0 0 0 0 d1 endstream endobj 24 0 obj <>stream 0 0 0 51 79 143 d1 79 0 0 92 0 51 cm BI /IM true /W 79 /H 92 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犞C繍 xAzzxD窹鏟1襬A蹙|$瞄魶轷眶oе䶮惆湔 牽m/韜z釁韛 牰裔呟Kz0K 种Xaa咗ad3K脌 EI endstream endobj 25 0 obj <> stream 57 0 0 0 0 0 d1 endstream endobj 26 0 obj <>stream 0 0 0 53 87 141 d1 87 0 0 88 0 53 cm BI /IM true /W 87 /H 88 /BPC 1 /D[1 0] /F/CCF /DP<> ID :\殾棶-皷兑舾k讽牱6.讎[h-胊.譶竔o t蹲案n稫雖耙韛唔-种谶鳽麴灋瀮鋮轸浡薹轸I曣逜魶蠰=|%zM襬Xz 饡酊筏a/M贽沸x EI endstream endobj 27 0 obj <> stream 83 0 0 0 0 0 d1 endstream endobj 28 0 obj <>stream 0 0 0 53 82 182 d1 82 0 0 129 0 53 cm BI /IM true /W 82 /H 129 /BPC 1 /D[1 0] /F/CCF /DP<> ID &$_轺喵竫縳~鼾魁窟~z䶮z䶮驟旅齩'ё_引鳤眶縸o 逬_囈縹/饔䶮_顰?啐翺^痿燓珆z 運w@ EI endstream endobj 29 0 obj <>stream 0 0 0 0 175 141 d1 175 0 0 141 0 0 cm BI /IM true /W 175 /H 141 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犡H惕 暰N鼭d膪鹵}觖脒嚡躔访~亏Az鴡谍胱镲仔_~咍瘏 ?鮹/酷~圐}/亢拂最}/縜劸貘o遌o醻鷩饮z跽醉尽觖V嚡悼嵇膂_空鳺緰嘵镏繃觖齙x}~综醎惦纷齸圎觜x  EI endstream endobj 30 0 obj <> stream 150 0 0 0 0 0 d1 endstream endobj 31 0 obj <>stream 0 0 0 8 14 141 d1 14 0 0 133 0 8 cm BI /IM true /W 14 /H 133 /BPC 1 /D[1 0] /F/CCF /DP<> ID &5 EI endstream endobj 32 0 obj <> stream 96 0 0 0 0 0 d1 endstream endobj 33 0 obj <>stream 0 0 0 28 60 143 d1 60 0 0 115 0 28 cm BI /IM true /W 60 /H 115 /BPC 1 /D[1 0] /F/CCF /DP<> ID &C @凖N*鄨aZ钳鴴&犃 ?@ EI endstream endobj 34 0 obj <> stream 34 0 0 0 0 0 d1 endstream endobj 35 0 obj <> stream 74 0 0 0 0 0 d1 endstream endobj 36 0 obj <>stream 0 0 0 51 64 143 d1 64 0 0 92 0 51 cm BI /IM true /W 64 /H 92 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犵@曾"A饋逜 蚢焸!擽撫'峻垧囲`鼉 $"龄2呬D5杖)揍霒ax4圾ke/%q醯僗k 07愇 b EI endstream endobj 37 0 obj <> stream 108 0 0 0 0 0 d1 endstream endobj 38 0 obj <>stream 0 0 0 52 72 181 d1 72 0 0 129 0 52 cm BI /IM true /W 72 /H 129 /BPC 1 /D[1 0] /F/CCF /DP<> ID &◥萭G嗀膞@~~燓ц'閲@進 }?傀o?/齴牽雉竌{_K韝0絼竌 ^蝸>韝5/ /筐`!8 EI endstream endobj 39 0 obj <> stream 95 0 0 0 0 0 d1 endstream endobj 40 0 obj <> stream 93 0 0 0 0 0 d1 endstream endobj 41 0 obj <>stream 0 0 0 0 65 69 d1 65 0 0 69 0 0 cm BI /IM true /W 65 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犱?萫k 囵_ 騥鴂藿朕'd麲 EI endstream endobj 42 0 obj <>stream 0 0 0 -1 50 69 d1 50 0 0 70 0 -1 cm BI /IM true /W 50 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID &暒is4扣_` 藜呩鸨扫 EI endstream endobj 43 0 obj <> stream 71 0 0 0 0 0 d1 endstream endobj 44 0 obj <>stream 0 0 0 23 39 71 d1 39 0 0 48 0 23 cm BI /IM true /W 39 /H 48 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃8怐鳩b嚟0餓緝艮饮醦%緃 騤_嶙囷_恁陧鹔,=a a坃' EI endstream endobj 45 0 obj <> stream 55 0 0 0 0 0 d1 endstream endobj 46 0 obj <>stream 0 0 0 -2 46 72 d1 46 0 0 74 0 -2 cm BI /IM true /W 46 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ɡ`3>鞍鴤鵃l}?O驴 觖觞?_,Ak !熬Arx. a.偮 ^ D h壤/GP土~桪2惘齲_奥邛籯#; 燑^' EI endstream endobj 47 0 obj <> stream 80 0 0 0 0 0 d1 endstream endobj 48 0 obj <>stream 0 0 0 24 50 71 d1 50 0 0 47 0 24 cm BI /IM true /W 50 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃8嗀巍嶐丰 9A鹂,d_換萮燄 EI endstream endobj 49 0 obj <> stream 53 0 0 0 0 0 d1 endstream endobj 50 0 obj <> stream 58 0 0 0 0 0 d1 endstream endobj 51 0 obj <>stream 0 0 0 0 62 69 d1 62 0 0 69 0 0 cm BI /IM true /W 62 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID +o騤! 嚧C5傀!/瘏﨨名鹂貂餧0J# EI endstream endobj 52 0 obj <>stream 0 0 0 0 60 69 d1 60 0 0 69 0 0 cm BI /IM true /W 60 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID `样5隹.搯~ /齸絶炯跤EB倰# EI endstream endobj 53 0 obj <> stream 101 0 0 0 0 0 d1 endstream endobj 54 0 obj <>stream 0 0 0 24 34 69 d1 34 0 0 45 0 24 cm BI /IM true /W 34 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID *狞殤8k |a>-憔流 `臝〤  EI endstream endobj 55 0 obj <> stream 67 0 0 0 0 0 d1 endstream endobj 56 0 obj <>stream 0 0 0 23 45 71 d1 45 0 0 48 0 23 cm BI /IM true /W 45 /H 48 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃@13蘌鯂zM酊A緹Xz 逻O黽&玙K_ m.马肄傲 !~( EI endstream endobj 57 0 obj <> stream 39 0 0 0 0 0 d1 endstream endobj 58 0 obj <>stream 0 0 0 26 50 69 d1 50 0 0 43 0 26 cm BI /IM true /W 50 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID #湓C(;啱m/]縯番0衇咃跭t翻彲醟组=yO劘V襬I囎<-陥d!1 EI endstream endobj 59 0 obj <> stream 47 0 0 0 0 0 d1 endstream endobj 60 0 obj <>stream 0 0 0 26 48 90 d1 48 0 0 64 0 26 cm BI /IM true /W 48 /H 64 /BPC 1 /D[1 0] /F/CCF /DP<> ID &t栀$脠wa鲼飤湔/0窟?櫙鶰牄 縚鶰鸠%陜覣脑@ EI endstream endobj 61 0 obj <> stream 54 0 0 0 0 0 d1 endstream endobj 62 0 obj <>stream 0 0 0 44 27 50 d1 27 0 0 6 0 44 cm BI /IM true /W 27 /H 6 /BPC 1 /D[1 0] /F/CCF /DP<> ID @ EI endstream endobj 63 0 obj <> stream 52 0 0 0 0 0 d1 endstream endobj 64 0 obj <> stream 37 0 0 0 0 0 d1 endstream endobj 65 0 obj <>stream 0 0 0 2 22 69 d1 22 0 0 67 0 2 cm BI /IM true /W 22 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID 騤D錵X換润=?0 EI endstream endobj 66 0 obj <>stream 0 0 0 8 32 71 d1 32 0 0 63 0 8 cm BI /IM true /W 32 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗檤冮刦o_傸?$$戒震闪绝}  EI endstream endobj 67 0 obj <> stream 27 0 0 0 0 0 d1 endstream endobj 68 0 obj <>stream 0 0 0 -2 60 72 d1 60 0 0 74 0 -2 cm BI /IM true /W 60 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID &C 餌@c6$Xx A 牄襬 &沸}'肼縚輄@麄蔑踹am鹈[k喍仑0彫{D浢燆餫8 EI endstream endobj 69 0 obj <> stream 69 0 0 0 0 0 d1 endstream endobj 70 0 obj <> stream 50 0 0 0 0 0 d1 endstream endobj 71 0 obj <> stream 40 0 0 0 0 0 d1 endstream endobj 72 0 obj <>stream 0 0 0 0 66 69 d1 66 0 0 69 0 0 cm BI /IM true /W 66 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID %`\MD$鰞7峥縪貇镗傀揍庄䲢^楟衉^梽L垈@ EI endstream endobj 73 0 obj <> stream 76 0 0 0 0 0 d1 endstream endobj 74 0 obj <> stream 75 0 0 0 0 0 d1 endstream endobj 75 0 obj <>stream 0 0 0 26 48 71 d1 48 0 0 45 0 26 cm BI /IM true /W 48 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犥75助助}o邊吘焁齩е著O吙鷩獄i脑@ EI endstream endobj 76 0 obj <> stream 44 0 0 0 0 0 d1 endstream endobj 77 0 obj <> stream 51 0 0 0 0 0 d1 endstream endobj 78 0 obj <>stream 0 0 0 -1 22 69 d1 22 0 0 70 0 -1 cm BI /IM true /W 22 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID 騤D錵鸨扫 EI endstream endobj 79 0 obj <> stream 28 0 0 0 0 0 d1 endstream endobj 80 0 obj <>stream 0 0 0 24 49 89 d1 49 0 0 65 0 24 cm BI /IM true /W 49 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID /鼩85".縂? 榴O鼢釃}醲_鸎v枤难4 [铝圧j8`縺 EI endstream endobj 81 0 obj <>stream 0 0 0 24 78 69 d1 78 0 0 45 0 24 cm BI /IM true /W 78 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID 葍?騤D郃80PV /徇赼.f溚醥򟣜L4阀倱Q / EI endstream endobj 82 0 obj <>stream 0 0 0 24 50 69 d1 50 0 0 45 0 24 cm BI /IM true /W 50 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &暒is4-穸[ B換@ EI endstream endobj 83 0 obj <> stream 45 0 0 0 0 0 d1 endstream endobj 84 0 obj <> stream 73 0 0 0 0 0 d1 endstream endobj 85 0 obj <> stream 63 0 0 0 0 0 d1 endstream endobj 86 0 obj <>stream 0 0 0 23 47 71 d1 47 0 0 48 0 23 cm BI /IM true /W 47 /H 48 /BPC 1 /D[1 0] /F/CCF /DP<> ID &料燄F衜<,zA鐭燾嚜7揬?龂瘘~续 箌喪!?蓋ч_鷂艋A K A~A EI endstream endobj 87 0 obj <>stream 0 0 0 -6 39 75 d1 39 0 0 81 0 -6 cm BI /IM true /W 39 /H 81 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗癱悏麴冄痉役醓躏究_犸琉 /忰瘏 餧.皞蠿^垁_Z!䝼腚"g辋x_a狺鸱捉.o 嗮桚l lD/羺' EI endstream endobj 88 0 obj <>stream 0 0 0 0 69 72 d1 69 0 0 72 0 0 cm BI /IM true /W 69 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &爌hP@兀纼BzO扫剙P浀~呺貂鄟x^+醾@73燂眸o_痏 z 麻恾b!AB憄i@ EI endstream endobj 89 0 obj <> stream 48 0 0 0 0 0 d1 endstream endobj 90 0 obj <>stream 0 0 0 23 32 71 d1 32 0 0 48 0 23 cm BI /IM true /W 32 /H 48 /BPC 1 /D[1 0] /F/CCF /DP<> ID 0!燺 ╩8崧 7嚠熅柯_ PU吶/瓸耎%乱衂驕8PD3艨騥龌k堪apbo哊<@ EI endstream endobj 91 0 obj <>stream 0 0 0 26 12 69 d1 12 0 0 43 0 26 cm BI /IM true /W 12 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &!﨧PX0思q騤偭 EI endstream endobj 92 0 obj <> stream 61 0 0 0 0 0 d1 endstream endobj 93 0 obj <>stream 0 0 0 3 34 69 d1 34 0 0 66 0 3 cm BI /IM true /W 34 /H 66 /BPC 1 /D[1 0] /F/CCF /DP<> ID &愪l/=忎'} EI endstream endobj 94 0 obj <>stream 0 0 0 58 12 69 d1 12 0 0 11 0 58 cm BI /IM true /W 12 /H 11 /BPC 1 /D[1 0] /F/CCF /DP<> ID &!﨧PX0 EI endstream endobj 95 0 obj <>stream 0 0 0 2 43 72 d1 43 0 0 70 0 2 cm BI /IM true /W 43 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犵唢傀~ao~鲽yP垌縜嬶窟傀|餧@@ EI endstream endobj 96 0 obj <> stream 25 0 0 0 0 0 d1 endstream endobj 97 0 obj <>stream 0 0 0 -6 24 93 d1 24 0 0 99 0 -6 cm BI /IM true /W 24 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID &〕XZZ -p篯~傄齴/Z_ /﨧w黠黠瘕稃|= 镛廾 還 EI endstream endobj 98 0 obj <> stream 87 0 0 0 0 0 d1 endstream endobj 99 0 obj <>stream 0 0 0 3 41 69 d1 41 0 0 66 0 3 cm BI /IM true /W 41 /H 66 /BPC 1 /D[1 0] /F/CCF /DP<> ID &=鬟鹞廰黯龂{砑7叨蔑o ?貃}眄狲{}睨摸徨OAu[0傦踋啑众X0`羇厫拎 EI endstream endobj 100 0 obj <> stream 68 0 0 0 0 0 d1 endstream endobj 101 0 obj <>stream 0 0 0 3 43 72 d1 43 0 0 69 0 3 cm BI /IM true /W 43 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃1j#3AxX>&鷠 啁逴?[黽揰_4稐齾薨醵柫 b癮` EI endstream endobj 102 0 obj <>stream 0 0 0 -6 39 95 d1 39 0 0 101 0 -6 cm BI /IM true /W 39 /H 101 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ɡi秣秣秣狺窟國秣秣o齄窟窟囷齄飤後窟鴡 EI endstream endobj 103 0 obj <>stream 0 0 0 3 41 72 d1 41 0 0 69 0 3 cm BI /IM true /W 41 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犱嗄剕W厓蠤 >朂8囶肟鴃/鸩8.膻翼. y ^/騼鈑蔑凗h髞B EI endstream endobj 104 0 obj <> stream 81 0 0 0 0 0 d1 endstream endobj 105 0 obj <>stream 0 0 0 3 43 72 d1 43 0 0 69 0 3 cm BI /IM true /W 43 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &bB岦 餏拄z/I }哚揮 忺%纂牶,.A苝 愘L後囖咪君酏?]區恢Kfc\{As@ EI endstream endobj 106 0 obj <>stream 0 0 0 3 43 72 d1 43 0 0 69 0 3 cm BI /IM true /W 43 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴@/!苸xF旅 oA}>俛?躓圍酷jMz踮餕mxa.马 癭偯-掠5ю饟@儅? O挣u嶙豄韯秄*阖,X3@`@ EI endstream endobj 107 0 obj <>stream 0 0 0 -6 24 93 d1 24 0 0 99 0 -6 cm BI /IM true /W 24 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ɡh遻{{>{摸齄瘕艨艨咜ZX_隵緼k纸a.敌Z]iu EI endstream endobj 108 0 obj <>stream 0 0 0 0 44 70 d1 44 0 0 70 0 0 cm BI /IM true /W 44 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID ' /葾8i-  EI endstream endobj 109 0 obj <>stream 0 0 0 0 60 70 d1 60 0 0 70 0 0 cm BI /IM true /W 60 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID &N麳榦@ EI endstream endobj 110 0 obj <>stream 0 0 0 0 50 70 d1 50 0 0 70 0 0 cm BI /IM true /W 50 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID '蓉慞pwrp先(# 摭挚劦醟劜陫*備l EI endstream endobj 111 0 obj <>stream 0 0 0 45 27 51 d1 27 0 0 6 0 45 cm BI /IM true /W 27 /H 6 /BPC 1 /D[1 0] /F/CCF /DP<> ID @ EI endstream endobj 112 0 obj <> stream 56 0 0 0 0 0 d1 endstream endobj 113 0 obj <> stream 41 0 0 0 0 0 d1 endstream endobj 114 0 obj <>stream 0 0 0 24 25 70 d1 25 0 0 46 0 24 cm BI /IM true /W 25 /H 46 /BPC 1 /D[1 0] /F/CCF /DP<> ID 4鼾妙鴓r73骷> stream 62 0 0 0 0 0 d1 endstream endobj 116 0 obj <>stream 0 0 0 23 45 72 d1 45 0 0 49 0 23 cm BI /IM true /W 45 /H 49 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃@13= ^魶O 幱﨧SK瘐胈鸧雔 籢譧耓喍傲~ ,0P EI endstream endobj 117 0 obj <> stream 29 0 0 0 0 0 d1 endstream endobj 118 0 obj <>stream 0 0 0 25 45 70 d1 45 0 0 45 0 25 cm BI /IM true /W 45 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID 'j楰譶肒]タ陧劮Ao]k攵栞o 娳>纂勽|裻&鸱珅&烪0跫+}_ 魺V EI endstream endobj 119 0 obj <> stream 46 0 0 0 0 0 d1 endstream endobj 120 0 obj <>stream 0 0 0 25 43 91 d1 43 0 0 66 0 25 cm BI /IM true /W 43 /H 66 /BPC 1 /D[1 0] /F/CCF /DP<> ID &癆|?餃7>>唼圎|讌旷雧>魁_究?蘅縚痉W卭挲|@ EI endstream endobj 121 0 obj <>stream 0 0 0 1 11 70 d1 11 0 0 69 0 1 cm BI /IM true /W 11 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &)  EI endstream endobj 122 0 obj <>stream 0 0 0 23 33 72 d1 33 0 0 49 0 23 cm BI /IM true /W 33 /H 49 /BPC 1 /D[1 0] /F/CCF /DP<> ID &鼘f<q|.h湔x']`O傕篭--)娩#_喨 羵|{锏2湣個 EI endstream endobj 123 0 obj <>stream 0 0 0 -2 46 73 d1 46 0 0 75 0 -2 cm BI /IM true /W 46 /H 75 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴 惀LkAby 饋拷倊涐?^?/雲耞俌 2 ,]ih-p乭#EC3 ^ 禁!`菮<>鸰  C@ EI endstream endobj 124 0 obj <> stream 70 0 0 0 0 0 d1 endstream endobj 125 0 obj <>stream 0 0 0 25 37 72 d1 37 0 0 47 0 25 cm BI /IM true /W 37 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &' 諼 ~赡A? EI endstream endobj 126 0 obj <>stream 0 0 0 0 47 70 d1 47 0 0 70 0 0 cm BI /IM true /W 47 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID 洮鼱5?騕  EI endstream endobj 127 0 obj <> stream 89 0 0 0 0 0 d1 endstream endobj 128 0 obj <> stream 49 0 0 0 0 0 d1 endstream endobj 129 0 obj <>stream 0 0 0 13 32 72 d1 32 0 0 59 0 13 cm BI /IM true /W 32 /H 59 /BPC 1 /D[1 0] /F/CCF /DP<> ID &爠鈣N冃?騭翤卓!/51 EI endstream endobj 130 0 obj <>stream 0 0 0 23 39 72 d1 39 0 0 49 0 23 cm BI /IM true /W 39 /H 49 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃@_怉楢>>緼魢鷱霋唧@/&鴄譳稐k羵霣诿Xk鹆`聙 EI endstream endobj 131 0 obj <>stream 0 0 0 -2 9 19 d1 9 0 0 21 0 -2 cm BI /IM true /W 9 /H 21 /BPC 1 /D[1 0] /F/CCF /DP<> ID 莎 EI endstream endobj 132 0 obj <>stream 0 0 0 23 37 72 d1 37 0 0 49 0 23 cm BI /IM true /W 37 /H 49 /BPC 1 /D[1 0] /F/CCF /DP<> ID &S须\/8爚鴜5邍叱兠萡儅d3)z看0 0YD@ EI endstream endobj 133 0 obj <>stream 0 0 0 24 40 90 d1 40 0 0 66 0 24 cm BI /IM true /W 40 /H 66 /BPC 1 /D[1 0] /F/CCF /DP<> ID 4﨔N.鏠0䴖狖骺w斛J迈|0倖:%啺羭殎@@ EI endstream endobj 134 0 obj <>stream 0 0 0 -2 9 70 d1 9 0 0 72 0 -2 cm BI /IM true /W 9 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID  EI endstream endobj 135 0 obj <>stream 0 0 0 23 38 72 d1 38 0 0 49 0 23 cm BI /IM true /W 38 /H 49 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴@_凷=勧r@= z魞餍K8_&摭镤6>豝 ' =龆 餶  EI endstream endobj 136 0 obj <>stream 0 0 0 24 37 70 d1 37 0 0 46 0 24 cm BI /IM true /W 37 /H 46 /BPC 1 /D[1 0] /F/CCF /DP<> ID 4 稞鸺8V奥4Kk m|殎@ EI endstream endobj 137 0 obj <>stream 0 0 0 25 43 70 d1 43 0 0 45 0 25 cm BI /IM true /W 43 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴@/ >哼忒齩}+邊醥齕齛魶齕 [麟0绵 EI endstream endobj 138 0 obj <> stream 43 0 0 0 0 0 d1 endstream endobj 139 0 obj <>stream 0 0 0 -3 32 70 d1 32 0 0 73 0 -3 cm BI /IM true /W 32 /H 73 /BPC 1 /D[1 0] /F/CCF /DP<> ID &4麳騤3@_哚[洁鹆@@ EI endstream endobj 140 0 obj <> stream 31 0 0 0 0 0 d1 endstream endobj 141 0 obj <> stream 64 0 0 0 0 0 d1 endstream endobj 142 0 obj <> stream 72 0 0 0 0 0 d1 endstream endobj 143 0 obj <>stream 0 0 0 61 9 70 d1 9 0 0 9 0 61 cm BI /IM true /W 9 /H 9 /BPC 1 /D[1 0] /F/CCF /DP<> ID  EI endstream endobj 144 0 obj <>stream 0 0 0 0 10 70 d1 10 0 0 70 0 0 cm BI /IM true /W 10 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID @ EI endstream endobj 145 0 obj <>stream 0 0 0 -2 41 72 d1 41 0 0 74 0 -2 cm BI /IM true /W 41 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID &@c.ぉ@鷠>鬘H?> <啕 k` -5得  EI endstream endobj 146 0 obj <> stream 66 0 0 0 0 0 d1 endstream endobj 147 0 obj <>stream 0 0 0 -2 40 72 d1 40 0 0 74 0 -2 cm BI /IM true /W 40 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴8?0饋榕荜< 铭 卓{氙齴店旅AC帵塧0_) EI endstream endobj 148 0 obj <>stream 0 0 0 -2 37 70 d1 37 0 0 72 0 -2 cm BI /IM true /W 37 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID 4 稞鸺8V奥4Kk m~D?@ EI endstream endobj 149 0 obj <> stream 42 0 0 0 0 0 d1 endstream endobj 150 0 obj <> stream 77 0 0 0 0 0 d1 endstream endobj 151 0 obj <> stream 30 0 0 0 0 0 d1 endstream endobj 152 0 obj <> stream 60 0 0 0 0 0 d1 endstream endobj 153 0 obj <>stream 0 0 0 -3 44 70 d1 44 0 0 73 0 -3 cm BI /IM true /W 44 /H 73 /BPC 1 /D[1 0] /F/CCF /DP<> ID &鴳湓S@狴懸敖忼0 EI endstream endobj 154 0 obj <>stream 0 0 0 24 46 92 d1 46 0 0 68 0 24 cm BI /IM true /W 46 /H 68 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴悺0侢==(G凥 о兦O騤汌咢0堑咀. 攢鬶 挓焆嬥黠f冸zM酏I龌盎iv侅H@呙5D恀dp EI endstream endobj 155 0 obj <> stream 26 0 0 0 0 0 d1 endstream endobj 156 0 obj <>stream 0 0 0 -2 53 73 d1 53 0 0 75 0 -2 cm BI /IM true /W 53 /H 75 /BPC 1 /D[1 0] /F/CCF /DP<> ID &tK嬺 i鄟樽:吢!唡 弦zA饍ブ縿糊痏痏眠?{鬓眠l員v /},乸x3爌 EI endstream endobj 157 0 obj <> stream 38 0 0 0 0 0 d1 endstream endobj 158 0 obj <> stream 78 0 0 0 0 0 d1 endstream endobj 159 0 obj <> stream 36 0 0 0 0 0 d1 endstream endobj 160 0 obj <>stream 0 0 0 24 64 70 d1 64 0 0 46 0 24 cm BI /IM true /W 64 /H 46 /BPC 1 /D[1 0] /F/CCF /DP<> ID 4 鎬G蒺瞽Π铝偳&稓聾纶k5 8( EI endstream endobj 161 0 obj <> stream 86 0 0 0 0 0 d1 endstream endobj 162 0 obj <> stream 59 0 0 0 0 0 d1 endstream endobj 163 0 obj <> stream 109 0 0 0 0 0 d1 endstream endobj 164 0 obj <>stream 0 0 0 0 42 70 d1 42 0 0 70 0 0 cm BI /IM true /W 42 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID 﨨 _  EI endstream endobj 165 0 obj <> stream 85 0 0 0 0 0 d1 endstream endobj 166 0 obj <>stream 0 0 0 0 56 70 d1 56 0 0 70 0 0 cm BI /IM true /W 56 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID #`\妴p狎!噙 峒>摭锩唣唼唼齸挚呺^絢 a偱T((\崄p EI endstream endobj 167 0 obj <>stream 0 0 0 0 61 70 d1 61 0 0 70 0 0 cm BI /IM true /W 61 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID 45Z秕狲x_顥u藁鎭撤_]圍颻鼹颹颺禁讌 ]膻=邶 EI endstream endobj 168 0 obj <>stream 0 0 0 0 97 102 d1 97 0 0 102 0 0 cm BI /IM true /W 97 /H 102 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牞k /恖萯嬩Kp佱蕗A乸饒i} 0蹙浺~ま〓饤K咓/咘脷湔 y齪犊醡瘙筑置[k鸻`卩众豮~ #K I驉翀A釀鹇y 1g恖0怴8 EI endstream endobj 169 0 obj <>stream 0 0 0 34 70 102 d1 70 0 0 68 0 34 cm BI /IM true /W 70 /H 68 /BPC 1 /D[1 0] /F/CCF /DP<> ID &j 繍nOD 饍袾(| k7ま筏迱a雧>>鳢鸰鳢鳟=o 喕a.譵- a 1 餪奥萬i EI endstream endobj 170 0 obj <> stream 110 0 0 0 0 0 d1 endstream endobj 171 0 obj <>stream 0 0 0 35 80 100 d1 80 0 0 65 0 35 cm BI /IM true /W 80 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▕ 菾坒鏣慢卓?吙)C |2乄嚡b/0A EI endstream endobj 172 0 obj <> stream 79 0 0 0 0 0 d1 endstream endobj 173 0 obj <>stream 0 0 0 9 50 102 d1 50 0 0 93 0 9 cm BI /IM true /W 50 /H 93 /BPC 1 /D[1 0] /F/CCF /DP<> ID &PЯ聑z5涜 0鴁凤 犠膵5> 鼾 EI endstream endobj 174 0 obj <>stream 0 0 0 34 62 102 d1 62 0 0 68 0 34 cm BI /IM true /W 62 /H 68 /BPC 1 /D[1 0] /F/CCF /DP<> ID &u 較<xA鑸鏍o@亣7?A蹩挣f縚_﨤蚡咍呖瘇 ,?絤牷]盎% Y 璥 EI endstream endobj 175 0 obj <>stream 0 0 0 34 53 102 d1 53 0 0 68 0 34 cm BI /IM true /W 53 /H 68 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ㄘ.t?0冟%戮k 䞍|鼵狚畻瑇,I愇%惱п, --羠 . 94亸嗑窥踹颠韠] 繂 .区|儎%3▅@ EI endstream endobj 176 0 obj <>stream 0 0 0 0 40 65 d1 40 0 0 65 0 0 cm BI /IM true /W 40 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &﨟&攘  EI endstream endobj 177 0 obj <>stream 0 0 0 -4 37 65 d1 37 0 0 69 0 -4 cm BI /IM true /W 37 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID 5 u 釯 EI endstream endobj 178 0 obj <> stream 145 0 0 0 0 0 d1 endstream endobj 179 0 obj <>stream 0 0 0 20 59 65 d1 59 0 0 45 0 20 cm BI /IM true /W 59 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID )湓R@g$ 傀:露边癮v+k MBA傼  EI endstream endobj 180 0 obj <>stream 0 0 0 1 36 65 d1 36 0 0 64 0 1 cm BI /IM true /W 36 /H 64 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃@烵 鑶o翽怽麵;騤唗帑匡 EI endstream endobj 181 0 obj <>stream 0 0 0 20 42 65 d1 42 0 0 45 0 20 cm BI /IM true /W 42 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &扫萡<~焗?轋b揚恎劈@ EI endstream endobj 182 0 obj <>stream 0 0 0 20 50 65 d1 50 0 0 45 0 20 cm BI /IM true /W 50 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗恜 饋鑶+&魶 蹩鷠o憧5kAmペ釂 a圼 !傴3 EI endstream endobj 183 0 obj <>stream 0 0 0 -5 57 65 d1 57 0 0 70 0 -5 cm BI /IM true /W 57 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗 \儗鄟馃D1G凙俞&礋_W_5雎罴0竊羛菃U /C.A燝 EI endstream endobj 184 0 obj <>stream 0 0 0 20 59 65 d1 59 0 0 45 0 20 cm BI /IM true /W 59 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃衆.餉酊:< 嚷 Wc!扫I 圑  EI endstream endobj 185 0 obj <>stream 0 0 0 20 43 65 d1 43 0 0 45 0 20 cm BI /IM true /W 43 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗 <,'u> 医oOP鴂!榢_?渥愊 鲂~燐o锩 鹋l,辔亅@ EI endstream endobj 186 0 obj <>stream 0 0 0 -6 26 65 d1 26 0 0 71 0 -6 cm BI /IM true /W 26 /H 71 /BPC 1 /D[1 0] /F/CCF /DP<> ID 5恄 ?﨎'`侀 @ EI endstream endobj 187 0 obj <> stream 32 0 0 0 0 0 d1 endstream endobj 188 0 obj <>stream 0 0 0 0 46 65 d1 46 0 0 65 0 0 cm BI /IM true /W 46 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &蔑钧< ;縨睇眇流 Ao 貆眵縳~鱵s狕貂^/麆 弥_ t@ EI endstream endobj 189 0 obj <> stream 148 0 0 0 0 0 d1 endstream endobj 190 0 obj <>stream 0 0 0 20 38 65 d1 38 0 0 45 0 20 cm BI /IM true /W 38 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID 8! 8f噻P=<+鷒)5 2&惦@淳%XPR4)线 5k胅 憋冧8dw@ EI endstream endobj 191 0 obj <>stream 0 0 0 20 51 65 d1 51 0 0 45 0 20 cm BI /IM true /W 51 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &∩*p癅謨Z:橉@嚷QO唑k囜囸龖! E奎~煚齸眶絰@傌瓍愼@ EI endstream endobj 192 0 obj <>stream 0 0 0 -5 27 65 d1 27 0 0 70 0 -5 cm BI /IM true /W 27 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID 5?鳻5  EI endstream endobj 193 0 obj <> stream 33 0 0 0 0 0 d1 endstream endobj 194 0 obj <>stream 0 0 0 0 48 67 d1 48 0 0 67 0 0 cm BI /IM true /W 48 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴 < xOGAC鎭帗zPk翱阢媵.阂惱N 傸僷餫靼o"昔&鷚韢W鴃梿桋耙_ C@ EI endstream endobj 195 0 obj <>stream 0 0 0 -5 71 67 d1 71 0 0 72 0 -5 cm BI /IM true /W 71 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犜j!朞C@xD竝|8@儂 給 7燗鷠XzO醄P譥鼇巩 趺嶙鳆k论憩?`重\ 鴇竱1'鹇 \ 嗦璡@ EI endstream endobj 196 0 obj <>stream 0 0 0 -5 58 65 d1 58 0 0 70 0 -5 cm BI /IM true /W 58 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID )扫萢湊?鼩寙4O嶷镞猁 >蕅XbC`O萫 EI endstream endobj 197 0 obj <>stream 0 0 0 19 53 86 d1 53 0 0 67 0 19 cm BI /IM true /W 53 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴HSC hz辁x镝?齞 喪+|5嚶閔. 懓c铚5 0鴼肊=惼窢A7O颋稔z鹪-:柳d!d 麬 EI endstream endobj 198 0 obj <> stream 65 0 0 0 0 0 d1 endstream endobj 199 0 obj <>stream 0 0 0 0 50 65 d1 50 0 0 65 0 0 cm BI /IM true /W 50 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犌346&窟埒~叻嘄図眸oo貇~唼鳊=|>锞}鱻 EI endstream endobj 200 0 obj <>stream 0 0 0 -4 60 65 d1 60 0 0 69 0 -4 cm BI /IM true /W 60 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID & @~萯0? EI endstream endobj 201 0 obj <>stream 0 0 0 -5 52 67 d1 52 0 0 72 0 -5 cm BI /IM true /W 52 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ㄘ.t?癅鴃| 4xO7饔鹂侩 鯅` 3嶐耎.K, Z鯛2dfW毭K哵u鹁縚鸹韕!l{#K> 't@ EI endstream endobj 202 0 obj <>stream 0 0 0 20 55 85 d1 55 0 0 65 0 20 cm BI /IM true /W 55 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 兟|8砄}娇&>W嬸雉OO饍?誉C哼 蹩饟䶮齩逬>服俹䶮 塏  EI endstream endobj 203 0 obj <>stream 0 0 0 20 45 65 d1 45 0 0 45 0 20 cm BI /IM true /W 45 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗<,1爖: 餌 儂凖诣' 衚K? 6&雘譨シ]吤 b `铝@ EI endstream endobj 204 0 obj <>stream 0 0 0 20 92 65 d1 92 0 0 45 0 20 cm BI /IM true /W 92 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID )?換I爢萩;& oa襁~𩾂莾A厗aI℉d0蠬?@ EI endstream endobj 205 0 obj <> stream 137 0 0 0 0 0 d1 endstream endobj 206 0 obj <>stream 0 0 0 0 46 67 d1 46 0 0 67 0 0 cm BI /IM true /W 46 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID &@g"01=$ 鶚?I緵揍嗶踹齾豛厭德u哓^ / 缧0紞?蓀贂`鴠萡稔f<@ EI endstream endobj 207 0 obj <>stream 0 0 0 -5 57 65 d1 57 0 0 70 0 -5 cm BI /IM true /W 57 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID &<H6谹1C醎瞄鷒_蹼踯. .變府C義ay忺鯊揚 EI endstream endobj 208 0 obj <>stream 0 0 0 -5 75 67 d1 75 0 0 72 0 -5 cm BI /IM true /W 75 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犘j 邜0O!癒<"0 |} = 醥I& >焄逻 助蹩е鲄龌颻龈zak-皷鯁役K 傲 皒Xb `熶* EI endstream endobj 209 0 obj <> stream 105 0 0 0 0 0 d1 endstream endobj 210 0 obj <> stream 84 0 0 0 0 0 d1 endstream endobj 211 0 obj <>stream 0 0 0 -4 63 65 d1 63 0 0 69 0 -4 cm BI /IM true /W 63 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID %_鼩:啹 豚'&瘏*埊  EI endstream endobj 212 0 obj <>stream 0 0 0 -2 72 65 d1 72 0 0 67 0 -2 cm BI /IM true /W 72 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID &Z !洴颮k颻圊傩<\G EI endstream endobj 213 0 obj <>stream 0 0 0 -4 68 65 d1 68 0 0 69 0 -4 cm BI /IM true /W 68 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID "烙﨧B滳k騐琉|>u> 脋縙縙^梻腢AAJ恎@ EI endstream endobj 214 0 obj <> stream 117 0 0 0 0 0 d1 endstream endobj 215 0 obj <>stream 0 0 0 -5 91 65 d1 91 0 0 70 0 -5 cm BI /IM true /W 91 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID )&!唫@g!麯鼩寙 4O?羽p鴠呡麌鴚6釟b,?X1= 羷D 﨏/R k EI endstream endobj 216 0 obj <>stream 0 0 0 0 48 67 d1 48 0 0 67 0 0 cm BI /IM true /W 48 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID & |aВ>I-=/K羁秕]马/K漃0[靸?鰽埚啐喡豟鴝 0Y EI endstream endobj 217 0 obj <> stream 98 0 0 0 0 0 d1 endstream endobj 218 0 obj <>stream 0 0 0 -4 83 67 d1 83 0 0 71 0 -4 cm BI /IM true /W 83 /H 71 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犔C劝h倆z5浶O&燽䲠? 觚咗鹂艨阴.>4k麽 ?縪~絶 /埁PPR EI endstream endobj 219 0 obj <>stream 0 0 0 0 51 69 d1 51 0 0 69 0 0 cm BI /IM true /W 51 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴鹛鷝z啕符{骶ayX呖丰図铪 /遾靼鋩韵僴 EI endstream endobj 220 0 obj <>stream 0 0 0 -2 80 69 d1 80 0 0 71 0 -2 cm BI /IM true /W 80 /H 71 /BPC 1 /D[1 0] /F/CCF /DP<> ID &·j彁蚖=A冡 [襼A>瘊W8抋俙7  EI endstream endobj 221 0 obj <>stream 0 0 0 -5 79 65 d1 79 0 0 70 0 -5 cm BI /IM true /W 79 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID $?扫C@5礭譳籣鳟_鲄躯_>k籣鳟_鲄絭匡]z薷a岑齾 EI endstream endobj 222 0 obj <>stream 0 0 0 -5 59 65 d1 59 0 0 70 0 -5 cm BI /IM true /W 59 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID )湓R@g$ 傀$&癮}婗/ ,鼩劺@ EI endstream endobj 223 0 obj <>stream 0 0 0 0 48 67 d1 48 0 0 67 0 0 cm BI /IM true /W 48 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃=CA7衋媵迼镒齄^anap栘^羦Xa呣麻ipZ A鲃酂A?M羅 辁鴂嵇岷踽[置癰 鹇萭"  EI endstream endobj 224 0 obj <> stream 102 0 0 0 0 0 d1 endstream endobj 225 0 obj <>stream 0 0 0 -4 78 65 d1 78 0 0 69 0 -4 cm BI /IM true /W 78 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID *a榁A8p湓)3鼇z7麽 ?o縪鹈慢膈ラ豚傶艏 紗q晙PT3 EI endstream endobj 226 0 obj <>stream 0 0 0 0 48 67 d1 48 0 0 67 0 0 cm BI /IM true /W 48 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犲d  铚@鳣6僶扣疬=痑x恘嗀p烵烵P艨醥鶾a皷醵偯  EI endstream endobj 227 0 obj <> stream 149 0 0 0 0 0 d1 endstream endobj 228 0 obj <> stream 94 0 0 0 0 0 d1 endstream endobj 229 0 obj <>stream 0 0 0 0 48 67 d1 48 0 0 67 0 0 cm BI /IM true /W 48 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID &/OD3@儅襬 z逴?>z  ザ薅 +餫d3  EI endstream endobj 230 0 obj <>stream 0 0 0 20 57 85 d1 57 0 0 65 0 20 cm BI /IM true /W 57 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID )&!啹2<>D  鳰>緵唢齷p4⒙羷ⅳF )5 "扅@ EI endstream endobj 231 0 obj <>stream 0 0 0 0 57 94 d1 57 0 0 94 0 0 cm BI /IM true /W 57 /H 94 /BPC 1 /D[1 0] /F/CCF /DP<> ID &鼏?殶(諥p煇責 cL>圐 EI endstream endobj 232 0 obj <>stream 0 0 0 -5 50 94 d1 50 0 0 99 0 -5 cm BI /IM true /W 50 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID 鼩備`c膲 EI endstream endobj 233 0 obj <>stream 0 0 0 35 56 100 d1 56 0 0 65 0 35 cm BI /IM true /W 56 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID "郍﨧B仯抿?O~u_o髦66穧娏)5 攢 EI endstream endobj 234 0 obj <>stream 0 0 0 0 79 102 d1 79 0 0 102 0 0 cm BI /IM true /W 79 /H 102 /BPC 1 /D[1 0] /F/CCF /DP<> ID &t:﨏`9&&  餌`A\RI帗 _H?O飫秣镳\6畸k督呚0竊葊[鴅ipa嗦zx吶*i EI endstream endobj 235 0 obj <>stream 0 0 0 35 80 102 d1 80 0 0 67 0 35 cm BI /IM true /W 80 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID &j!圑C`IV予??H7)敲p氨馃W蔞C9? dt EI endstream endobj 236 0 obj <>stream 0 0 0 34 60 102 d1 60 0 0 68 0 34 cm BI /IM true /W 60 /H 68 /BPC 1 /D[1 0] /F/CCF /DP<> ID &t 軫<z凢| 鳤oXzOみ^壶O_恖5挚挚~C(? 包?拂韱嶝Xa惡a坃C. EI endstream endobj 237 0 obj <> stream 88 0 0 0 0 0 d1 endstream endobj 238 0 obj <>stream 0 0 0 -1 35 100 d1 35 0 0 101 0 -1 cm BI /IM true /W 35 /H 101 /BPC 1 /D[1 0] /F/CCF /DP<> ID &﨎U+9怬=?邶( EI endstream endobj 239 0 obj <>stream 0 0 0 0 39 44 d1 39 0 0 44 0 0 cm BI /IM true /W 39 /H 44 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗癰3胇冃{窢旅 澳/羺 饋鄡7逻KoA`  |@ EI endstream endobj 240 0 obj <>stream 0 0 0 6 67 75 d1 67 0 0 69 0 6 cm BI /IM true /W 67 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID !だJjd0k嗔{^银_鬃/傼K鹂纂齸K饤斛_/膈 鷂阻/ _ 觜縆茻AA>  EI endstream endobj 241 0 obj <>stream 0 0 0 -1 49 71 d1 49 0 0 72 0 -1 cm BI /IM true /W 49 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴897>(|-魞| 槗灅ZA魺齸燒坃鼩窟督吤 .a]醲1^ 衉吶e愐@ EI endstream endobj 242 0 obj <>stream 0 0 0 23 38 71 d1 38 0 0 48 0 23 cm BI /IM true /W 38 /H 48 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴8刯醥HxA7衹&篲}u!僧#=咣镗|0谳0N@ EI endstream endobj 243 0 obj <>stream 0 0 0 26 67 71 d1 67 0 0 45 0 26 cm BI /IM true /W 67 /H 45 /BPC 1 /D[1 0] /F/CCF /DP<> ID &“纆0?厙陔隹龊呦╛At厗圑鼍栅趱口麴熴M醲}P齌'q:腀 EI endstream endobj 244 0 obj <>stream 0 0 0 -1 49 69 d1 49 0 0 70 0 -1 cm BI /IM true /W 49 /H 70 /BPC 1 /D[1 0] /F/CCF /DP<> ID 揜' 涡axA}z閩z齴鳤z_齰近 碉喗囷釃峥縪埙?囸~O 鼩 EI endstream endobj 245 0 obj <> stream 91 0 0 0 0 0 d1 endstream endobj 246 0 obj <>stream 0 0 0 23 46 91 d1 46 0 0 68 0 23 cm BI /IM true /W 46 /H 68 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴悺0侒@0鸢|'翸赳5L/喡镬2+鳽 吷0z3苛_鋸?&魶 䲟缔 v讍语鹉餫! EI endstream endobj 247 0 obj <>stream 0 0 0 -1 49 71 d1 49 0 0 72 0 -1 cm BI /IM true /W 49 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牋+幔ao鄟冺唢7漫䲢//u .翼y歩{^鸺呩鸨扫 EI endstream endobj 248 0 obj <>stream 0 0 0 0 32 69 d1 32 0 0 69 0 0 cm BI /IM true /W 32 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID 騤槟 @ EI endstream endobj 249 0 obj <> stream 35 0 0 0 0 0 d1 endstream endobj 250 0 obj <>stream 0 0 0 2 26 90 d1 26 0 0 88 0 2 cm BI /IM true /W 26 /H 88 /BPC 1 /D[1 0] /F/CCF /DP<> ID &4 鄰0恹絿縟.醖%_'2兀嬄鴎 @ EI endstream endobj 251 0 obj <>stream 0 0 0 -2 34 69 d1 34 0 0 71 0 -2 cm BI /IM true /W 34 /H 71 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ǐ鋑鴳凕殜f棵a>鲒懔厓 EI endstream endobj 252 0 obj <>stream 0 0 0 0 29 37 d1 29 0 0 37 0 0 cm BI /IM true /W 29 /H 37 /BPC 1 /D[1 0] /F/CCF /DP<> ID &`摸龊喓䴙耲  EI endstream endobj 253 0 obj <>stream 0 0 0 0 57 69 d1 57 0 0 69 0 0 cm BI /IM true /W 57 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID #`c騤!4"?瘏﨨 脶}t萳# EI endstream endobj 254 0 obj <>stream 0 0 0 58 13 89 d1 13 0 0 31 0 58 cm BI /IM true /W 13 /H 31 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ɡ焽嘂圻~麽司c脘  EI endstream endobj 255 0 obj <> stream 106 0 0 0 0 0 d1 endstream endobj 256 0 obj <> stream 107 0 0 0 0 0 d1 endstream endobj 257 0 obj <> stream 92 0 0 0 0 0 d1 endstream endobj 258 0 obj <>stream 0 0 0 24 49 89 d1 49 0 0 65 0 24 cm BI /IM true /W 49 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &稠嗀s餏c逻爟~L}>恾魺䶮_汜瘗5睨禁~豞\0h迕a/z'  EI endstream endobj 259 0 obj <> stream 111 0 0 0 0 0 d1 endstream endobj 260 0 obj <> stream 100 0 0 0 0 0 d1 endstream endobj 261 0 obj <> stream 99 0 0 0 0 0 d1 endstream endobj 262 0 obj <>stream 0 0 0 -2 51 69 d1 51 0 0 71 0 -2 cm BI /IM true /W 51 /H 71 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▋/},G鼩奻?愘?O谲 K ,乼@@ EI endstream endobj 263 0 obj <> stream 112 0 0 0 0 0 d1 endstream endobj 264 0 obj <>stream 0 0 0 -2 79 69 d1 79 0 0 71 0 -2 cm BI /IM true /W 79 /H 71 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▋" 憸 6 /羈#﨧E3 a 戧?T踑蹈9/7問0H`xa \D@ EI endstream endobj 265 0 obj <>stream 0 0 0 0 84 69 d1 84 0 0 69 0 0 cm BI /IM true /W 84 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID !O嫂惲咰b0`抖縤?OO醥鳲み鶰Mみ?c蓄!2\7? EI endstream endobj 267 0 obj <>stream 0 0 0 3 67 75 d1 67 0 0 72 0 3 cm BI /IM true /W 67 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID %缽鼩"z嗔丁oo稐鹱_忲尺絲穇=醰膻絭匡_鹱=堑翱隹k鹱@ EI endstream endobj 268 0 obj <>stream 0 0 0 0 55 69 d1 55 0 0 69 0 0 cm BI /IM true /W 55 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID 5v侟7鼢齄Jo  EI endstream endobj 269 0 obj <>stream 0 0 0 0 67 69 d1 67 0 0 69 0 0 cm BI /IM true /W 67 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID b湓B@!媔' 鷋8掆 @ EI endstream endobj 270 0 obj <> endobj 271 0 obj <> endobj 276 0 obj <>stream 0 0 0 49 16 65 d1 16 0 0 16 0 49 cm BI /IM true /W 16 /H 16 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 黖湔/胈@ EI endstream endobj 277 0 obj <>stream 0 0 0 0 97 72 d1 97 0 0 72 0 0 cm BI /IM true /W 97 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &`no[\,?鸧o覱,燉玦_^凤_^0翽?邺鸾k挲跤鷀7OO0狒凕&鴂瘇吁齩鬃 =8掆劯o EI endstream endobj 278 0 obj <>stream 0 0 0 3 43 72 d1 43 0 0 69 0 3 cm BI /IM true /W 43 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &∈D?疡沸a榭図図>浙殇>盔Fd7著I毪P窨䲢莎咡.t番0im牳鹬 ,0  EI endstream endobj 279 0 obj <>stream 0 0 0 3 43 72 d1 43 0 0 69 0 3 cm BI /IM true /W 43 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃8/餉栊`踅 窘[>铱_忒+ KB .\1 Mxaxf3m?=?闽|0K弅 ,僺@ EI endstream endobj 280 0 obj <> stream 131 0 0 0 0 0 d1 endstream endobj 281 0 obj <>stream 0 0 0 2 45 69 d1 45 0 0 67 0 2 cm BI /IM true /W 45 /H 67 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犌 `57骮犘Bj凁~~哌靠名瘙呖呖甙瘙哌繂唼呖强秫} EI endstream endobj 282 0 obj <>stream 0 0 0 0 66 74 d1 66 0 0 74 0 0 cm BI /IM true /W 66 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID &C 愌B%0 <,< @靡oбo 弥鷠oе鷠o [鷠o隹颻絧噮_龌众_恁Av籭a鮾 q 屃個 EI endstream endobj 283 0 obj <>stream 0 0 0 -1 13 30 d1 13 0 0 31 0 -1 cm BI /IM true /W 13 /H 31 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ɡ嗹o麽1跎 餫@@ EI endstream endobj 284 0 obj <>stream 0 0 0 0 69 69 d1 69 0 0 69 0 0 cm BI /IM true /W 69 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID *忺殣"肴J吔z岬 v楙k靶_Xm. m吆 喐n絯泯瓁Z_雉=【縸&饡珃P鳲狒W翸觚镃犙訧@D* EI endstream endobj 285 0 obj <>stream 0 0 0 0 71 69 d1 71 0 0 69 0 0 cm BI /IM true /W 71 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犥恏a?讉*5+}zO鳢耡胍/觶>俹犭组饟雧7}(zh喣涓o EI endstream endobj 289 0 obj <>stream 0 0 0 -69 67 3 d1 67 0 0 72 0 -69 cm BI /IM true /W 67 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犘PRU<"q離A莌&っ医~儀W?蘅W佑8掅 7 EI endstream endobj 290 0 obj <>stream 0 0 0 0 69 69 d1 69 0 0 69 0 0 cm BI /IM true /W 69 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID a騤! 2岴i痏K閦_鴂/A腴}.讎]溟ロk0棻^邛讎鼋績鳇黯図鴒咣鳋丰靠冇@釱 EI endstream endobj 291 0 obj <>stream 0 0 0 0 64 94 d1 64 0 0 94 0 0 cm BI /IM true /W 64 /H 94 /BPC 1 /D[1 0] /F/CCF /DP<> ID j箕}鬟疝>}粉鴡o呖讽 黜鋈f氠<7巨流穯~鳆圬嗹a#粋(' |%揢焯棷h,0awKv 発aa懓"@怮@ EI endstream endobj 292 0 obj <>stream 0 0 0 34 73 102 d1 73 0 0 68 0 34 cm BI /IM true /W 73 /H 68 /BPC 1 /D[1 0] /F/CCF /DP<> ID &嗀藧_\凥兟冇 鄩qCO y怔mn饼狋鼢!圇釃圅%鸟帙  ,啔紓䶮馃咜衉幛窤-*_ 魼@ EI endstream endobj 293 0 obj <>stream 0 0 0 0 36 100 d1 36 0 0 100 0 0 cm BI /IM true /W 36 /H 100 /BPC 1 /D[1 0] /F/CCF /DP<> ID &﨎U吺W怈 EI endstream endobj 294 0 obj <>stream 0 0 0 0 47 65 d1 47 0 0 65 0 0 cm BI /IM true /W 47 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▋騤傸?$坯7 ?緝鹽? /邡\?奠 (:殥&O EI endstream endobj 295 0 obj <>stream 0 0 0 0 46 43 d1 46 0 0 43 0 0 cm BI /IM true /W 46 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &◢ 﨧R葃冞i餫?鎕(cX5&  EI endstream endobj 296 0 obj <>stream 0 0 0 0 43 43 d1 43 0 0 43 0 0 cm BI /IM true /W 43 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴 1<x@E 儂冕>恛ч蹩鷠o鳲鹬鹖v快0K喕旅 %盻祮 P EI endstream endobj 297 0 obj <>stream 0 0 0 0 48 43 d1 48 0 0 43 0 0 cm BI /IM true /W 48 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▽.8|毈."x31.跭捶鲄喴/ケ韒p縹縊嚙疅?饟~滓a開O礞a?  EI endstream endobj 298 0 obj <>stream 0 0 0 0 48 65 d1 48 0 0 65 0 0 cm BI /IM true /W 48 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &TCl> ?糠呪A魁{_7牽~傀轷窥蹩魺鴠究|% "嘷rj( EI endstream endobj 299 0 obj <>stream 0 0 0 18 36 24 d1 36 0 0 6 0 18 cm BI /IM true /W 36 /H 6 /BPC 1 /D[1 0] /F/CCF /DP<> ID &(嚿  EI endstream endobj 300 0 obj <>stream 0 0 0 0 39 43 d1 39 0 0 43 0 0 cm BI /IM true /W 39 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ㄘ"\Q>u 凙z| 谟踔ふ%峝  fB撊蘟滦," :q4 .韭瑟鼝炳|>B闿@ EI endstream endobj 301 0 obj <>stream 0 0 0 0 50 43 d1 50 0 0 43 0 0 cm BI /IM true /W 50 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃@諥'C璾uD酤HMc_揟殌 EI endstream endobj 302 0 obj <>stream 0 0 0 -20 38 43 d1 38 0 0 63 0 -20 cm BI /IM true /W 38 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &〦騤朅y5^?嗦 EI endstream endobj 303 0 obj <>stream 0 0 0 -12 43 43 d1 43 0 0 55 0 -12 cm BI /IM true /W 43 /H 55 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犥$ 镳>[铵黾(^/5K! EI endstream endobj 304 0 obj <>stream 0 0 0 0 43 43 d1 43 0 0 43 0 0 cm BI /IM true /W 43 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &C0兞狱"弬螺 蹊5Z 挜蠁_猴蹩邛籾羵颴a舿羵羵 EI endstream endobj 305 0 obj <>stream 0 0 0 30 14 43 d1 14 0 0 13 0 30 cm BI /IM true /W 14 /H 13 /BPC 1 /D[1 0] /F/CCF /DP<> ID &勽_湔-厗 EI endstream endobj 306 0 obj <>stream 0 0 0 0 48 43 d1 48 0 0 43 0 0 cm BI /IM true /W 48 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &爠" a貉@嘝 # 镞猁:'c娩G4'4礼pA鷌x_饪k偭厗j EI endstream endobj 307 0 obj <>stream 0 0 0 -2 49 66 d1 49 0 0 68 0 -2 cm BI /IM true /W 49 /H 68 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴愱0@馃研;逐坅○凁@馤:鸜5X]痐.+k 吷苀t刊,> 鴞矀0蹙烮窥跦濚=胴0T ,@履5 EI endstream endobj 308 0 obj <>stream 0 0 0 0 44 43 d1 44 0 0 43 0 0 cm BI /IM true /W 44 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &簨騥搧}縸久锩}白~仂=疝選o`瘥{}=>loM靠a麀垅@ EI endstream endobj 309 0 obj <>stream 0 0 0 0 41 79 d1 41 0 0 79 0 0 cm BI /IM true /W 41 /H 79 /BPC 1 /D[1 0] /F/CCF /DP<> ID &拱缨谬窟棵骺~o瘕稂?呓棵鼷黠~哽?呖埤鼷~o啉j  EI endstream endobj 310 0 obj <>stream 0 0 0 0 40 43 d1 40 0 0 43 0 0 cm BI /IM true /W 40 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃 ,熻7荹勇O呰5QCdp営镞 'c A姞 EI endstream endobj 311 0 obj <>stream 0 0 0 26 38 69 d1 38 0 0 43 0 26 cm BI /IM true /W 38 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID _'2j镁鄯 ?}韮<7宽錏ao勖m @ EI endstream endobj 312 0 obj <>stream 0 0 0 -18 48 43 d1 48 0 0 61 0 -18 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &qV4轸=a %仔O欲閨'?_&a咃韛椎哓0\1% / 裹譥趢 EI endstream endobj 313 0 obj <>stream 0 0 0 0 50 43 d1 50 0 0 43 0 0 cm BI /IM true /W 50 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▋%揟Yd圇侩僜妤诿Rj2p`@ EI endstream endobj 314 0 obj <>stream 0 0 0 -27 8 52 d1 8 0 0 79 0 -27 cm BI /IM true /W 8 /H 79 /BPC 1 /D[1 0] /F/CCF /DP<> ID &河鸓 EI endstream endobj 315 0 obj <> stream 103 0 0 0 0 0 d1 endstream endobj 316 0 obj <>stream 0 0 0 0 48 43 d1 48 0 0 43 0 0 cm BI /IM true /W 48 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &“餷勽䶮笞齩醥䶮齛与馃齩醥䶮凾衩k訐U EI endstream endobj 317 0 obj <>stream 0 0 0 -18 41 43 d1 41 0 0 61 0 -18 cm BI /IM true /W 41 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &*祼髪&喝b﨑c鲉  EI endstream endobj 318 0 obj <>stream 0 0 0 -2 68 72 d1 68 0 0 74 0 -2 cm BI /IM true /W 68 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID &H ? 厡"@伄 k傼锹茵撾/I筐縙 _/?!__僟鹍c踹镞踽岬盎k凤5胟陧傡>竫A餪菼嗔y   EI endstream endobj 319 0 obj <>stream 0 0 0 0 51 69 d1 51 0 0 69 0 0 cm BI /IM true /W 51 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &/貮l豠?~飭哌o服唿>囗埤圐飭o?眵=嘅啐嗻w巍熍@ EI endstream endobj 320 0 obj <>stream 0 0 0 -2 67 72 d1 67 0 0 74 0 -2 cm BI /IM true /W 67 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID & dH袬伄饋_]~侓熪纂窟O a'MW棵骺苒貇鼢鲲繃懋烬得 p肁0忺=> 燚鴅 '愒 8 EI endstream endobj 321 0 obj <>stream 0 0 0 0 82 69 d1 82 0 0 69 0 0 cm BI /IM true /W 82 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▌ 砤阶"熋^腽脜飖蝶y鬟脶吙O悯瘥鱛A齸 稞oz撺锟走糜襁/{ !盙 EI endstream endobj 322 0 obj <>stream 0 0 0 0 67 72 d1 67 0 0 72 0 0 cm BI /IM true /W 67 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &爠喋 牋踅 饋凎翸妻rj靠圑?鼾喵徇锎髞?@ EI endstream endobj 323 0 obj <> endobj 328 0 obj <>stream 0 0 0 -18 50 43 d1 50 0 0 61 0 -18 cm BI /IM true /W 50 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▋%揟Yd圇侩僞+鶜鸮餯嗲手?湔( EI endstream endobj 329 0 obj <>stream 0 0 0 -18 42 43 d1 42 0 0 61 0 -18 cm BI /IM true /W 42 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &河谌k鸓 EI endstream endobj 330 0 obj <>stream 0 0 0 2 45 24 d1 45 0 0 22 0 2 cm BI /IM true /W 45 /H 22 /BPC 1 /D[1 0] /F/CCF /DP<> ID &簨渥X+Mu EI endstream endobj 331 0 obj <>stream 0 0 0 -12 41 39 d1 41 0 0 51 0 -12 cm BI /IM true /W 41 /H 51 /BPC 1 /D[1 0] /F/CCF /DP<> ID &—鄡-`竂Ah,K a皞隌癒\ .烤 =`疬嗮绵鲳a飭 ?x{羺 EI endstream endobj 332 0 obj <>stream 0 0 0 -12 41 39 d1 41 0 0 51 0 -12 cm BI /IM true /W 41 /H 51 /BPC 1 /D[1 0] /F/CCF /DP<> ID &眕曾A瘌}饃}噧|x>>鹈 >p{a牳X%燲\ 皸 謧齪竂a@@ EI endstream endobj 333 0 obj <>stream 0 0 0 0 55 43 d1 55 0 0 43 0 0 cm BI /IM true /W 55 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &供鮙;况#鄃優/脟a0魁輌.HG[籑t 罖@ EI endstream endobj 334 0 obj <>stream 0 0 0 -2 47 90 d1 47 0 0 92 0 -2 cm BI /IM true /W 47 /H 92 /BPC 1 /D[1 0] /F/CCF /DP<> ID &4?讶8鴓y5耩秣镳谬窟:N|倝鼷頭轱秣吳祮@ EI endstream endobj 335 0 obj <>stream 0 0 0 6 30 71 d1 30 0 0 65 0 6 cm BI /IM true /W 30 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID & |=0踅[鼢唼狺魁;鼷鼷鲊狺"y5_!g唢唢}瘈 EI endstream endobj 336 0 obj <>stream 0 0 0 24 50 89 d1 50 0 0 65 0 24 cm BI /IM true /W 50 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID 3鼩憼i啕啕%羭L犧眙}眵稞?-w锩鱫嚫^哕5綦n~ /聑卅!a凙 EI endstream endobj 337 0 obj <>stream 0 0 0 44 26 50 d1 26 0 0 6 0 44 cm BI /IM true /W 26 /H 6 /BPC 1 /D[1 0] /F/CCF /DP<> ID W揢 EI endstream endobj 338 0 obj <>stream 0 0 0 24 40 71 d1 40 0 0 47 0 24 cm BI /IM true /W 40 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &~狺唢唢哚6_縟湔p冾?}縫䶮n~ 鳲霺奥 @ EI endstream endobj 339 0 obj <>stream 0 0 0 24 40 71 d1 40 0 0 47 0 24 cm BI /IM true /W 40 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID & g:G=oH>涽站oX唢麌?齄踋猴 桋 ) EI endstream endobj 340 0 obj <>stream 0 0 0 24 48 71 d1 48 0 0 47 0 24 cm BI /IM true /W 48 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &</仰谵伔 囲S扛} +|啕啕猁咪K硇?鹽堪禹=喎юbg损 EI endstream endobj 341 0 obj <>stream 0 0 0 24 43 90 d1 43 0 0 66 0 24 cm BI /IM true /W 43 /H 66 /BPC 1 /D[1 0] /F/CCF /DP<> ID &3 菺@/饚}xX}06黟痫嶏熅饛 }鼾稃摸?頻熱麽鼩鱺埯z{ @ EI endstream endobj 342 0 obj <>stream 0 0 0 -6 37 93 d1 37 0 0 99 0 -6 cm BI /IM true /W 37 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID & zK咜Z醑綧W齄秭眠禁蔑}禁钒髹脈盱<> EI endstream endobj 343 0 obj <>stream 0 0 0 3 45 72 d1 45 0 0 69 0 3 cm BI /IM true /W 45 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 滥#Pl 鬴(=oH7 6閲摭镛镱M呚~痘ペ醿 喴吡皷舿Z]i鑶佱o犆 酏0鳺饔暨积 遖咣 a ,0癭 EI endstream endobj 344 0 obj <>stream 0 0 0 -6 37 93 d1 37 0 0 99 0 -6 cm BI /IM true /W 37 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID 0A脫T餺}絻秭瘥{|>鬟7鹼=o疬骺齄o稂?齸鯀隵梍 EI endstream endobj 345 0 obj <>stream 0 0 0 58 12 69 d1 12 0 0 11 0 58 cm BI /IM true /W 12 /H 11 /BPC 1 /D[1 0] /F/CCF /DP<> ID &鼻A轺考0 EI endstream endobj 346 0 obj <>stream 0 0 0 24 36 71 d1 36 0 0 47 0 24 cm BI /IM true /W 36 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 刯|a >伩勣访黪秣秣 筵棵ol冝诌 薨,喪|@ EI endstream endobj 347 0 obj <>stream 0 0 0 24 50 71 d1 50 0 0 47 0 24 cm BI /IM true /W 50 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &  谿狚}a骶囶B邍喵6?稂;湔_凤>stream 0 0 0 3 46 72 d1 46 0 0 69 0 3 cm BI /IM true /W 46 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &l?= 蹙0魶辇緵~邍|蓰o銱吗啑糤=竌x秣旒貧涓L>眇c  EI endstream endobj 349 0 obj <>stream 0 0 0 -18 43 45 d1 43 0 0 63 0 -18 cm BI /IM true /W 43 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &c( 饋=>C瞄嚡衞I縹亏地\>]~锤0^!u 權筐ax&x盃 EI endstream endobj 350 0 obj <>stream 0 0 0 -20 43 45 d1 43 0 0 65 0 -20 cm BI /IM true /W 43 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴 1餈餈饍勇|/A7郁&蘅跭m.變豠兟噩0_鳣D饧A嚞>I緹&跭缔0]\xkk ,,/ EI endstream endobj 351 0 obj <>stream 0 0 0 8 45 69 d1 45 0 0 61 0 8 cm BI /IM true /W 45 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▓揟9颥 Bo圐0p疬儈z豚椬吺(帯T殺4  EI endstream endobj 352 0 obj <>stream 0 0 0 8 50 71 d1 50 0 0 63 0 8 cm BI /IM true /W 50 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &—|綬p儖A鳢d)鯍業邳艚|婋呑遼/咙7狺 脶/帬$罖 EI endstream endobj 353 0 obj <>stream 0 0 0 8 48 69 d1 48 0 0 61 0 8 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &(嚿鍬豝?嗀3O鎍?揟 EI endstream endobj 354 0 obj <>stream 0 0 0 8 46 69 d1 46 0 0 61 0 8 cm BI /IM true /W 46 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▌憔ふr9螦0O凹鼇岕揟 EI endstream endobj 355 0 obj <>stream 0 0 0 8 37 69 d1 37 0 0 61 0 8 cm BI /IM true /W 37 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &〦騤朇)瑟P EI endstream endobj 356 0 obj <>stream 0 0 0 8 48 69 d1 48 0 0 61 0 8 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ěk>MVO懱醷,0乎埤-n恳[_蝶 隹OA䶮?鸱䲟X}>服曽鸺談j8P齲p@ EI endstream endobj 357 0 obj <>stream 0 0 0 -18 47 43 d1 47 0 0 61 0 -18 cm BI /IM true /W 47 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 1 恹⺷逜焺z韢.邛 }sY吪\/ 憻虻忶5J  EI endstream endobj 358 0 obj <>stream 0 0 0 6 45 71 d1 45 0 0 65 0 6 cm BI /IM true /W 45 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &狆OOA騺>搙_ 媵齗 鮧?聃| 褵鹩魁 麀讅褒癧 .;賄発癘!犿 EI endstream endobj 359 0 obj <>stream 0 0 0 -2 62 69 d1 62 0 0 71 0 -2 cm BI /IM true /W 62 /H 71 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▋"燨﨔ri$`&唭0# 圑活a喼0&<0. 8 EI endstream endobj 360 0 obj <>stream 0 0 0 -2 51 69 d1 51 0 0 71 0 -2 cm BI /IM true /W 51 /H 71 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▋/}換L肎鸤?氚o 扰 ` EI endstream endobj 361 0 obj <>stream 0 0 0 0 50 43 d1 50 0 0 43 0 0 cm BI /IM true /W 50 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &爣k.鳢%□喛魶 沃;湔k EI endstream endobj 362 0 obj <> endobj 367 0 obj <>stream 0 0 0 -2 57 72 d1 57 0 0 74 0 -2 cm BI /IM true /W 57 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID 0N 垷 幔厙伖5A鳲衞埒{O黠p!觚p繍h `F 傖. /. 0\ 8iR哢黠麽鲂{.陟4瘙羷~釆 + EI endstream endobj 368 0 obj <>stream 0 0 0 -2 64 72 d1 64 0 0 74 0 -2 cm BI /IM true /W 64 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗 4G杼S@藙0跫 亙襬б?&O卭港呓國~湔o鱹烤釃}叨Xa嘄锤~h-皷癮劙膛\x`凘@ EI endstream endobj 369 0 obj <>stream 0 0 0 87 58 92 d1 58 0 0 5 0 87 cm BI /IM true /W 58 /H 5 /BPC 1 /D[1 0] /F/CCF /DP<> ID &.鳳 EI endstream endobj 370 0 obj <>stream 0 0 0 0 57 69 d1 57 0 0 69 0 0 cm BI /IM true /W 57 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▍ 奎坮 k? 唢哭砜葵龂囷猁呔  EI endstream endobj 371 0 obj <>stream 0 0 0 0 46 69 d1 46 0 0 69 0 0 cm BI /IM true /W 46 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &7悇l.魁魁魁魁囷猁啕0 EI endstream endobj 372 0 obj <>stream 0 0 0 0 69 69 d1 69 0 0 69 0 0 cm BI /IM true /W 69 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &í傷葒!砞萫?痫扣w 褴?;鹁竎f鼢喵-c?狏C`r  EI endstream endobj 373 0 obj <>stream 0 0 0 0 68 72 d1 68 0 0 72 0 0 cm BI /IM true /W 68 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牔h, (#6珇方菴珄锩稂>拙喵踹 /呧竍箕N0斑卷> 鼾]鶾メ{ 恅樊"俐  EI endstream endobj 374 0 obj <>stream 0 0 0 -27 28 52 d1 28 0 0 79 0 -27 cm BI /IM true /W 28 /H 79 /BPC 1 /D[1 0] /F/CCF /DP<> ID &〦鷻啅驊?&〡@ EI endstream endobj 375 0 obj <>stream 0 0 0 6 48 69 d1 48 0 0 63 0 6 cm BI /IM true /W 48 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ěk>MVO挋 喡_?m/鲆鸧麽肼齩  EI endstream endobj 376 0 obj <>stream 0 0 0 8 48 69 d1 48 0 0 61 0 8 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &∈翱O隹!蚧 膥MPP EI endstream endobj 377 0 obj <>stream 0 0 0 8 48 69 d1 48 0 0 61 0 8 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ěZ﨧RadD鎍'!+婣瑟L( EI endstream endobj 378 0 obj <>stream 0 0 0 -1 29 78 d1 29 0 0 79 0 -1 cm BI /IM true /W 29 /H 79 /BPC 1 /D[1 0] /F/CCF /DP<> ID &窺莎愘?僧@ EI endstream endobj 379 0 obj <>stream 0 0 0 0 63 69 d1 63 0 0 69 0 0 cm BI /IM true /W 63 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▕_F~啕啕啕邍圑齄虔!繃稃浸@##鼽@ EI endstream endobj 380 0 obj <>stream 0 0 0 -2 67 72 d1 67 0 0 74 0 -2 cm BI /IM true /W 67 /H 74 /BPC 1 /D[1 0] /F/CCF /DP<> ID &5d0燄EX4Q8 "瀬O 艮褒魶xA7紁齄脫U镳嗀6君嚲伙猁k嗭mp呙\0衶 #O(>咠 5  EI endstream endobj 381 0 obj <>stream 0 0 0 0 67 69 d1 67 0 0 69 0 0 cm BI /IM true /W 67 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &à 唼唼唼唼摸F<2&娩嗫萮>脋灭遷房遻鴝疫鸾俌赂.( EI endstream endobj 382 0 obj <>stream 0 0 0 0 92 72 d1 92 0 0 72 0 0 cm BI /IM true /W 92 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 唅繲w摸痺衹>>锇呖7镬=锟盱?锟o~埯锩诎o 鳾镞~麽咿镲圑o@ 淗 浜哙 EI endstream endobj 383 0 obj <>stream 0 0 0 24 42 71 d1 42 0 0 47 0 24 cm BI /IM true /W 42 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &>stream 0 0 0 24 36 71 d1 36 0 0 47 0 24 cm BI /IM true /W 36 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 刯GHz儅颃鼷"*d(/{惃餺庙诀繃~遫遧,0ia B萳Ю@ EI endstream endobj 385 0 obj <>stream 0 0 0 0 73 69 d1 73 0 0 69 0 0 cm BI /IM true /W 73 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &〝僔悹1a!︿S~咿>埙鬏烤镞w麌嗺峥啉窟齨筐痋?赺鳤n梾0羭@ EI endstream endobj 386 0 obj <>stream 0 0 0 -3 64 69 d1 64 0 0 72 0 -3 cm BI /IM true /W 64 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &鋒!朏amx魁圅鸧彮鰔鴡~韜郫镞oc匡  EI endstream endobj 387 0 obj <>stream 0 0 0 3 25 71 d1 25 0 0 68 0 3 cm BI /IM true /W 25 /H 68 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 餉桎丰黠唼瘕禁灭鼯>MV黠摸~醣X0_/@^@ EI endstream endobj 388 0 obj <>stream 0 0 0 24 40 71 d1 40 0 0 47 0 24 cm BI /IM true /W 40 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &郍萞tx灧剝坭>凤黠黠符唣鼾~亏6O鬟嚞毉唼圑醱o颹妅  EI endstream endobj 389 0 obj <>stream 0 0 0 24 34 71 d1 34 0 0 47 0 24 cm BI /IM true /W 34 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &> 鸢z7浢觭0漆&珄夂 恡鴀-xXK叝:嚿翇tA/p熯齄锏渺0KXb癭  EI endstream endobj 390 0 obj <>stream 0 0 0 0 92 69 d1 92 0 0 69 0 0 cm BI /IM true /W 92 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID 脹 I|殤8/ E0著{繃锟w;哌筑}筐鼾飋a坑鴑縸呔仅飮哌襬睇颽娇鲲輑 b轆q寛_鳆@ EI endstream endobj 391 0 obj <>stream 0 0 0 -1 47 71 d1 47 0 0 72 0 -1 cm BI /IM true /W 47 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &卑0p'饍a煭锓谨葵?w铟鼢秫r鴡?唼瓏黯近Xg齲1 國唢J|@ EI endstream endobj 392 0 obj <>stream 0 0 0 24 44 90 d1 44 0 0 66 0 24 cm BI /IM true /W 44 /H 66 /BPC 1 /D[1 0] /F/CCF /DP<> ID &塱稹 =図麀齄A駠1?;聗彵瘊 o?8w魁啕w~雘谯醿[退 P2秽 EI endstream endobj 393 0 obj <>stream 0 0 0 8 45 69 d1 45 0 0 61 0 8 cm BI /IM true /W 45 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &簨渥染AG点&簚 EI endstream endobj 394 0 obj <>stream 0 0 0 8 46 69 d1 46 0 0 61 0 8 cm BI /IM true /W 46 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▉8w&珤G嘅龂镝魁耞^窥_閤_Az齲K(V: MPP EI endstream endobj 395 0 obj <>stream 0 0 0 8 50 71 d1 50 0 0 63 0 8 cm BI /IM true /W 50 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &∠>鷌8硧k鴂/颻^隹齵閯@8湔& EI endstream endobj 396 0 obj <>stream 0 0 0 -18 48 43 d1 48 0 0 61 0 -18 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &Q &&D音窘~籢Av楜譱q觞 邝嘄o镓~黯鼕_室?湔( EI endstream endobj 397 0 obj <>stream 0 0 0 8 48 69 d1 48 0 0 61 0 8 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ㄨ騤恆d/鼊坑'溈蹩䶮-馤'手8}湔&@ EI endstream endobj 398 0 obj <>stream 0 0 0 26 13 89 d1 13 0 0 63 0 26 cm BI /IM true /W 13 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ɡ焽嘂圻~麽司c脘 﨧PX0 EI endstream endobj 399 0 obj <>stream 0 0 0 0 67 96 d1 67 0 0 96 0 0 cm BI /IM true /W 67 /H 96 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燶_!溒Cx"T冩燦辫a醥I呋眙翱 /斛酯码K\%氯l錁h齪 5嗔噙oa镛 o﨑"暨O鴝准/鷀偖稏輗/:刋b铝厓$肎萫U EI endstream endobj 400 0 obj <>stream 0 0 0 -1 80 100 d1 80 0 0 101 0 -1 cm BI /IM true /W 80 /H 101 /BPC 1 /D[1 0] /F/CCF /DP<> ID "揚啝5X湓!3鼉W?O鰽 図猃粉 p~o咥匵z萫a傸僙L僥P EI endstream endobj 401 0 obj <>stream 0 0 0 35 72 130 d1 72 0 0 95 0 35 cm BI /IM true /W 72 /H 95 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燻 釿 蕄眯 a喟鷠>仿}a嵇0傡. 纚冕璾译傄⺄亁ArXa 5 扱貱|C坻饋魶襬 浿[捒/K肹趨稐a<<1:!5﨏:k ` EI endstream endobj 402 0 obj <> endobj 407 0 obj <>stream 0 0 0 0 75 47 d1 75 0 0 47 0 0 cm BI /IM true /W 75 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &6鐒L r鹁髹>黠縲鴠?麘 a~怇飺U鸻囷脽O钪马逃埝𩹚窢!亰羷A EI endstream endobj 408 0 obj <>stream 0 0 0 -1 22 71 d1 22 0 0 72 0 -1 cm BI /IM true /W 22 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &'衳#)哭飛鴜5_~齄啕啕呖*傀C  EI endstream endobj 409 0 obj <>stream 0 0 0 6 43 71 d1 43 0 0 65 0 6 cm BI /IM true /W 43 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &拱嘆O閭蜲坿瘗N'惲 窥o勥踝閌.C`虃帔萓xK\-寣  Q@f讌譠/$齲^地24鼂狃萇凹儛尊 EI endstream endobj 410 0 obj <>stream 0 0 0 0 70 95 d1 70 0 0 95 0 0 cm BI /IM true /W 70 /H 95 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牐﨏^兽蟽Q埚鳇?甙靠镬?靠o谬o垧~名鼢鳋?勘锞鼾鼾匡鴛 EI endstream endobj 411 0 obj <>stream 0 0 0 -4 84 95 d1 84 0 0 99 0 -4 cm BI /IM true /W 84 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID &WA?萬岟 F驎 EI endstream endobj 412 0 obj <>stream 0 0 0 0 70 102 d1 70 0 0 102 0 0 cm BI /IM true /W 70 /H 102 /BPC 1 /D[1 0] /F/CCF /DP<> ID 6F/釔!%`儼兞8>:僿蛚=0酁洴 䶮酙隯隲 恗1愒鼉@禓羄C`. a%劦衣\杺P袲 錉32$Pk㑳偊K&Um呑艨艨騤繀吊懑痐 w\6 虯0 餫?<@ EI endstream endobj 413 0 obj <>stream 0 0 0 36 75 129 d1 75 0 0 93 0 36 cm BI /IM true /W 75 /H 93 /BPC 1 /D[1 0] /F/CCF /DP<> ID &  冇慷{峤鴞細醊祒鴡麽辋燓k窥}a馃[V筐恛}(+е襬劘啐(馃[轷8渼  EI endstream endobj 414 0 obj <>stream 0 0 0 35 123 100 d1 123 0 0 65 0 35 cm BI /IM true /W 123 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▕ E Y 簣e楢瑚氉鲠 kar X5L4=xb亰餳5醾 A AC EI endstream endobj 415 0 obj <>stream 0 0 0 8 52 71 d1 52 0 0 63 0 8 cm BI /IM true /W 52 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &“Ё ま鳲 燑殼@ EI endstream endobj 416 0 obj <>stream 0 0 0 6 47 71 d1 47 0 0 65 0 6 cm BI /IM true /W 47 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗爃 d鸄~嚡(.俞}齷组A?苾膻虑5﨏+眶~k豜喐地ax鬟F.聕爧 EI endstream endobj 417 0 obj <>stream 0 0 0 0 64 96 d1 64 0 0 96 0 0 cm BI /IM true /W 64 /H 96 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犥 @L儘a`<| 冎魜鸺$呙?嗊駑噰咈j宽papяX^/}䝼嘁韝4|?坁/^ 朑2瘗 焽遼>癬3蠁燓`6 EI endstream endobj 418 0 obj <>stream 0 0 0 0 79 102 d1 79 0 0 102 0 0 cm BI /IM true /W 79 /H 102 /BPC 1 /D[1 0] /F/CCF /DP<> ID &‘t 瘣濦} @F皦餌珕A!7瘊 暨 魁 裔ペ\0Apa.j鸺1嗦 >?厪湓>  EI endstream endobj 419 0 obj <>stream 0 0 0 0 102 102 d1 102 0 0 102 0 0 cm BI /IM true /W 102 /H 102 /BPC 1 /D[1 0] /F/CCF /DP<> ID &〈S喿萯嶄J0D3 兟0餌`e< A7衸$迵[轸}助|-0I旷鸱黃騤翱鸤=韯哭喕众 =v宽ザ薹厗][ 薅 Ap羦A嘪b !歔 ! ゐ EI endstream endobj 420 0 obj <>stream 0 0 0 1 89 100 d1 89 0 0 99 0 1 cm BI /IM true /W 89 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID &⊕.3鼏 腚>鼘 _ ^?_/齷}}|/ 3el縚 EI endstream endobj 421 0 obj <> stream 139 0 0 0 0 0 d1 endstream endobj 422 0 obj <>stream 0 0 0 3 97 100 d1 97 0 0 97 0 3 cm BI /IM true /W 97 /H 97 /BPC 1 /D[1 0] /F/CCF /DP<> ID &檪 3+ ]犭鲄颻颺结xx]@1 笌# EI endstream endobj 423 0 obj <>stream 0 0 0 1 95 100 d1 95 0 0 99 0 1 cm BI /IM true /W 95 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▍萡g虬22h ~#,邇萯黯7_鹂饤閨/紗X<雮醩蒯涏 EI endstream endobj 424 0 obj <>stream 0 0 0 -1 123 100 d1 123 0 0 101 0 -1 cm BI /IM true /W 123 /H 101 /BPC 1 /D[1 0] /F/CCF /DP<> ID & u愃鸨鼩5Y? 齋 齸w击m胞a喡噌0豲瞈) 褒`臏卄0_]&A并i EI endstream endobj 425 0 obj <> endobj 430 0 obj <>stream 0 0 0 0 66 73 d1 66 0 0 73 0 0 cm BI /IM true /W 66 /H 73 /BPC 1 /D[1 0] /F/CCF /DP<> ID &jR$4L冸 xACT 兢AHKAu证灐> 剚 刦咝|? &)鮄= 濙 育}舴开w孔鼾究k痶l4楈/佰H%韯╙!.豟籡隺劙 地a-梆癮 faW@柑( EI endstream endobj 431 0 obj <>stream 0 0 0 0 61 69 d1 61 0 0 69 0 0 cm BI /IM true /W 61 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID 筊殘H 飄?儈唼名谬縚/疜茵_ q' 帼0睇膈ラx]0擠(Pぐ@ EI endstream endobj 432 0 obj <>stream 0 0 0 0 67 96 d1 67 0 0 96 0 0 cm BI /IM true /W 67 /H 96 /BPC 1 /D[1 0] /F/CCF /DP<> ID &uB XA< |'A坪魶^恾o颣  _鱛_齰\齸^肒藜0+^/ 侙?唋?~~~讽 w a掂 Kb発 5 EI endstream endobj 433 0 obj <>stream 0 0 0 1 113 102 d1 113 0 0 101 0 1 cm BI /IM true /W 113 /H 101 /BPC 1 /D[1 0] /F/CCF /DP<> ID &爔(5鵍D攛'酂匌f 咐[觚鷎䲢鳮_K胄^梻%. 吤淙50  翞~ 埙鴂踽~窘}}/讋怭+u餦.w0l梧rd ~  EI endstream endobj 434 0 obj <>stream 0 0 0 8 48 71 d1 48 0 0 63 0 8 cm BI /IM true /W 48 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &4}[吙&'-O>Ud=Qh?5I EI endstream endobj 435 0 obj <>stream 0 0 0 8 47 69 d1 47 0 0 61 0 8 cm BI /IM true /W 47 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▔dXA湔.鴒哌飮/__府 呥}0儈~腚踵偸)鴧Rj乸 EI endstream endobj 436 0 obj <>stream 0 0 0 6 41 71 d1 41 0 0 65 0 6 cm BI /IM true /W 41 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &∈p"撀 ?0瀐t䶮蹩O邺恁羵颃旅Xad: EI endstream endobj 437 0 obj <>stream 0 0 0 8 48 69 d1 48 0 0 61 0 8 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ㄖ , 湔 律x`/齸讌斛银]a/.邝]络韠~~哌佛?糠黜鴟ai鼩ぴ@ EI endstream endobj 438 0 obj <>stream 0 0 0 6 41 84 d1 41 0 0 78 0 6 cm BI /IM true /W 41 /H 78 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犜燓椺x_鯋:趣饍聑 夹N斞?_腴_+ 鳢m.C 泯厗奥萾 EI endstream endobj 439 0 obj <>stream 0 0 0 8 48 69 d1 48 0 0 61 0 8 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ㄖ>(皟齸MR騘8傀鳮K鴂臊_鷂鵘愼F冡|殼聙 EI endstream endobj 440 0 obj <>stream 0 0 0 8 43 69 d1 43 0 0 61 0 8 cm BI /IM true /W 43 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &河4鬟烤睇 n?忿<>喵房磲圐盹鹽锩庙y濒麀猃眈j  EI endstream endobj 441 0 obj <>stream 0 0 0 8 48 69 d1 48 0 0 61 0 8 cm BI /IM true /W 48 /H 61 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴1O霾? 米魁?褮牤冕~£鮶哭楉蹼饹U愼E湔&@ EI endstream endobj 442 0 obj <>stream 0 0 0 41 50 44 d1 50 0 0 3 0 41 cm BI /IM true /W 50 /H 3 /BPC 1 /D[1 0] /F/CCF /DP<> ID  EI endstream endobj 443 0 obj <>stream 0 0 0 0 78 69 d1 78 0 0 69 0 0 cm BI /IM true /W 78 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▌ `魅 `<|~肒 众黜4扶=vo埙吤]喉p呖絣{X 4OV緭~坳蹩a鹽>?拂牄鴡7=GB愇 EI endstream endobj 444 0 obj <>stream 0 0 0 3 36 69 d1 36 0 0 66 0 3 cm BI /IM true /W 36 /H 66 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▉萒a吤呖魁魁奎?黠;迯?硫4摸肪 EI endstream endobj 445 0 obj <>stream 0 0 0 3 44 72 d1 44 0 0 69 0 3 cm BI /IM true /W 44 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID & ?>aX}7珅'疬z鼷飭鼬a矸哆稔骺鹼?鹵6C. EI endstream endobj 446 0 obj <>stream 0 0 0 3 47 72 d1 47 0 0 69 0 3 cm BI /IM true /W 47 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &l #H図`鷑)簘绝xn 坐h,w流愃 <7蜜>?&迬m繃糨?;瘒慨泐~鲎z貇 0 v+ C, EI endstream endobj 447 0 obj <>stream 0 0 0 3 46 72 d1 46 0 0 69 0 3 cm BI /IM true /W 46 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID 6蟼0冇揟義綤嬅!8=揎二埙麽縫 v鴛7皒}噧廾脁}嚢\o⺪a鷐匡埙葵w哌鼾{齎泖麽扶隸裔厗C/ EI endstream endobj 448 0 obj <>stream 0 0 0 -1 46 71 d1 46 0 0 72 0 -1 cm BI /IM true /W 46 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &<鳣}磗z胈犉迷5饾W名w唼稞窟 ;咣]n5辪p>CGx亏亏崛f EI endstream endobj 449 0 obj <>stream 0 0 0 24 48 71 d1 48 0 0 47 0 24 cm BI /IM true /W 48 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &嵛 0@饛h趱稻橖(v赭瘥魁唑稃黠蛵~MV?o~`z}妅~  EI endstream endobj 450 0 obj <>stream 0 0 0 5 28 21 d1 28 0 0 16 0 5 cm BI /IM true /W 28 /H 16 /BPC 1 /D[1 0] /F/CCF /DP<> ID &筽卮迂[il4鯁翼{ 稏舕-5鸓 EI endstream endobj 451 0 obj <>stream 0 0 0 5 34 21 d1 34 0 0 16 0 5 cm BI /IM true /W 34 /H 16 /BPC 1 /D[1 0] /F/CCF /DP<> ID &估k犘x`籣0偯縦 k ,5鴃 EI endstream endobj 452 0 obj <>stream 0 0 0 6 43 71 d1 43 0 0 65 0 6 cm BI /IM true /W 43 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犃1饋勽'. 7M衹&O鶰馃 /z韜衉 4扣Ka劯龆 @ EI endstream endobj 453 0 obj <>stream 0 0 0 -20 43 45 d1 43 0 0 65 0 -20 cm BI /IM true /W 43 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &a勽搹爟}麀呔衹膺镛惵<#[ 鑥"鳣據O_ 踽陲鹇 aK弅ka`铝咅 EI endstream endobj 454 0 obj <>stream 0 0 0 -63 35 0 d1 35 0 0 63 0 -63 cm BI /IM true /W 35 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &河谌>stream 0 0 0 -13 18 15 d1 18 0 0 28 0 -13 cm BI /IM true /W 18 /H 28 /BPC 1 /D[1 0] /F/CCF /DP<> ID &拱鴠靼疝具镞"kk @ EI endstream endobj 456 0 obj <>stream 0 0 0 -63 43 2 d1 43 0 0 65 0 -63 cm BI /IM true /W 43 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牴 1饋鄟殚轵侓o0熪胝挣锤0Apax艏5傲羺佝唔愌燀狆轲囷砭萩\x}厗発N@ EI endstream endobj 457 0 obj <>stream 0 0 0 -70 41 9 d1 41 0 0 79 0 -70 cm BI /IM true /W 41 /H 79 /BPC 1 /D[1 0] /F/CCF /DP<> ID &OBЁ鳧4y=7纂亏{%醲厫p漚俋] 摕_呴dY-?w梆_雂5婟5<  EI endstream endobj 458 0 obj <>stream 0 0 0 -14 38 1 d1 38 0 0 15 0 -14 cm BI /IM true /W 38 /H 15 /BPC 1 /D[1 0] /F/CCF /DP<> ID &箑燼耟罜 瑟 翀/  ,0癭  EI endstream endobj 459 0 obj <>stream 0 0 0 -1 41 78 d1 41 0 0 79 0 -1 cm BI /IM true /W 41 /H 79 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犘Z鳻-is牴8z 吢Y z]p\{y 蠁=囄備悍x>stream 0 0 0 -70 41 9 d1 41 0 0 79 0 -70 cm BI /IM true /W 41 /H 79 /BPC 1 /D[1 0] /F/CCF /DP<> ID &笯fQ 揶Bi恠峒?a鬆..t'Ap鸶K!4K 咞(  EI endstream endobj 461 0 obj <> endobj 466 0 obj <>stream 0 0 0 -1 45 78 d1 45 0 0 79 0 -1 cm BI /IM true /W 45 /H 79 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 鷦?鲧o俞v款躿颠5醾釒摭縶綤7N狺=;鞯渥振'邶  EI endstream endobj 467 0 obj <>stream 0 0 0 6 43 69 d1 43 0 0 63 0 6 cm BI /IM true /W 43 /H 63 /BPC 1 /D[1 0] /F/CCF /DP<> ID &河奚辆邇噙l5疙>脅<7蜜|7忿鹻釃符黠6狕痏鲆韜.羵 弅 ,5 !剕@ EI endstream endobj 468 0 obj <>stream 0 0 0 0 68 99 d1 68 0 0 99 0 0 cm BI /IM true /W 68 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID &牋5~灋鼾o匡伏>stream 0 0 0 -2 112 99 d1 112 0 0 101 0 -2 cm BI /IM true /W 112 /H 101 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犑Fm佷5膨e窣饍?"ㄖ饌鷠薤鳏z縊鲃燒o~拷 yAD3 EI endstream endobj 470 0 obj <>stream 0 0 0 -1 109 100 d1 109 0 0 101 0 -1 cm BI /IM true /W 109 /H 101 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▔唃 S {鳟醶喡_颺?哭絳貐鴎龉鄇瘕氲t匡k%~趺_鱇胱魁醰竮鸾颸5藿{藁]醶颃豞喛k鼍  EI endstream endobj 471 0 obj <>stream 0 0 0 0 80 100 d1 80 0 0 100 0 0 cm BI /IM true /W 80 /H 100 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▕ 菾坒/u蚄鸄}_ 燯犭丿 / 纞?吺W怈 EI endstream endobj 472 0 obj <>stream 0 0 0 0 69 72 d1 69 0 0 72 0 0 cm BI /IM true /W 69 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &犞l傀?衸轲凤仿}o䶮齛鴡眶 赀 [A铸路䲡鮫a衹B~D8Hn@ EI endstream endobj 473 0 obj <>stream 0 0 0 -2 32 36 d1 32 0 0 38 0 -2 cm BI /IM true /W 32 /H 38 /BPC 1 /D[1 0] /F/CCF /DP<> ID &ɡ`繫鼷呓锩唼唔鴟?=犅 EI endstream endobj 474 0 obj <>stream 0 0 0 -2 64 71 d1 64 0 0 73 0 -2 cm BI /IM true /W 64 /H 73 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燗>餑寥`D,G乖$$C4>坕SH喚h!-/肴/B 鳳燖郁fA舷A1曔鴠7酑凤麌膻瑟铨鴓稔瘥哆葵宽遖筐{F脉谬豝0翼东pxU豣傲咓]雘豠.嘹 `颐置癴懔厫覦@ EI endstream endobj 475 0 obj <>stream 0 0 0 0 67 69 d1 67 0 0 69 0 0 cm BI /IM true /W 67 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &▉葎l.魁魁猁﨨?稔p!/w鼅圎u馂羋T EI endstream endobj 476 0 obj <>stream 0 0 0 58 16 89 d1 16 0 0 31 0 58 cm BI /IM true /W 16 /H 31 /BPC 1 /D[1 0] /F/CCF /DP<> ID 0 5O嚪嗺圻鴡齄|杧C} EI endstream endobj 477 0 obj <>stream 0 0 0 26 20 69 d1 20 0 0 43 0 26 cm BI /IM true /W 20 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &崩匡? 楢鼾飇 @@ EI endstream endobj 478 0 obj <>stream 0 0 0 0 67 96 d1 67 0 0 96 0 0 cm BI /IM true /W 67 /H 96 /BPC 1 /D[1 0] /F/CCF /DP<> ID &燻>CBL傗楢壤~帬¤ o[0魶?^'旷籢氟醾醵餧胊{豬m劮餷[ %菃発 -p杹~>瀳俹M餉涐|躔羽究u醥隹恁棵 a锤avu 澳-厓 U啅愃  EI endstream endobj 479 0 obj <>stream 0 0 0 -4 108 95 d1 108 0 0 99 0 -4 cm BI /IM true /W 108 /H 99 /BPC 1 /D[1 0] /F/CCF /DP<> ID &;爄ga僃wXea嗀q2詙~ 7猃凁oo貇~o鴡__齴/腚閩xK阴饌餕肓2詄l 呂岊仴澙6x EI endstream endobj 480 0 obj <>stream 0 0 0 -20 32 65 d1 32 0 0 85 0 -20 cm BI /IM true /W 32 /H 85 /BPC 1 /D[1 0] /F/CCF /DP<> ID &!噦"'}O銨谇鼇嬃跌0  EI endstream endobj 481 0 obj <>stream 0 0 0 0 67 69 d1 67 0 0 69 0 0 cm BI /IM true /W 67 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &〞寕>"唥7 狘6龂0眍}~锟4/\8% 綒`邌o祸蔺窟?孔胴.Ap  EI endstream endobj 482 0 obj <>stream 0 0 0 -6 71 75 d1 71 0 0 81 0 -6 cm BI /IM true /W 71 /H 81 /BPC 1 /D[1 0] /F/CCF /DP<> ID & 沉)肙皩埒M颫稉H7鬟鲫隹捱摸圅唢踼囎斫wa雒h,;[\8鲒葉羵6饛給榘m囉 絳眇苞蓰筐o鼾匡疬?W迚h/沭摅0杨ot凍梆遡>豇b5@ EI endstream endobj 483 0 obj <>stream 0 0 0 -2 63 90 d1 63 0 0 92 0 -2 cm BI /IM true /W 63 /H 92 /BPC 1 /D[1 0] /F/CCF /DP<> ID &98豴秭﨧}鹫泾?秣?G7滕V 每}啕呖惲_ ^愘}菘噰{懊葛ku EI endstream endobj 484 0 obj <> endobj 489 0 obj <>stream 0 0 0 32 67 56 d1 67 0 0 24 0 32 cm BI /IM true /W 67 /H 24 /BPC 1 /D[1 0] /F/CCF /DP<> ID &笿*3鹪@ EI endstream endobj 490 0 obj <>stream 0 0 0 0 14 43 d1 14 0 0 43 0 0 cm BI /IM true /W 14 /H 43 /BPC 1 /D[1 0] /F/CCF /DP<> ID &勽_湔-厗遂'犫&﹍,5 EI endstream endobj 491 0 obj <>stream 0 0 0 -20 43 45 d1 43 0 0 65 0 -20 cm BI /IM true /W 43 /H 65 /BPC 1 /D[1 0] /F/CCF /DP<> ID &c(=勽 N壛p魞7镲啕陟.?毳義Y .魅(!杶髫x}>燓梌谹r=5, EI endstream endobj 492 0 obj <>stream 0 0 0 24 61 71 d1 61 0 0 47 0 24 cm BI /IM true /W 61 /H 47 /BPC 1 /D[1 0] /F/CCF /DP<> ID &@鎌丘A:侭3l#骢导 LPo菥殅C筐?菘骰wx鱺疰伙瘥Y5[?縓]羁埝酏奱5!咟@ EI endstream endobj 493 0 obj <> endobj 498 0 obj <>stream 0 0 0 0 67 96 d1 67 0 0 96 0 0 cm BI /IM true /W 67 /H 96 /BPC 1 /D[1 0] /F/CCF /DP<> ID &“ _ 簩 鬌僤衸 A;砭 囜鮫符犴~韝镞 戜4 聎GQ雦 逪酏/靧'z 齸块服%唠穂众[h.釂D VX0Xa~C+X EI endstream endobj 499 0 obj <>stream 0 0 0 0 67 69 d1 67 0 0 69 0 0 cm BI /IM true /W 67 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &0燋萻秫~镞镞髅O摟眭昝 麀}0鹂丰雫啁L?o谬艮糠>絒鹈$`h% EI endstream endobj 500 0 obj <>stream 0 0 0 0 82 69 d1 82 0 0 69 0 0 cm BI /IM true /W 82 /H 69 /BPC 1 /D[1 0] /F/CCF /DP<> ID &?悋!攠邍?疳稃w匡亏 2鼾喵啕奎?揎w恅 @ EI endstream endobj 501 0 obj <> endobj 506 0 obj <>stream 0 0 0 0 67 96 d1 67 0 0 96 0 0 cm BI /IM true /W 67 /H 96 /BPC 1 /D[1 0] /F/CCF /DP<> ID &t 瘣nO(|  <$薹娱7o齛酊颻犭龁盎众_恁喴嗔vAa圼X0X0_愃  EI endstream endobj 507 0 obj <>stream 0 0 0 35 79 128 d1 79 0 0 93 0 35 cm BI /IM true /W 79 /H 93 /BPC 1 /D[1 0] /F/CCF /DP<> ID "》湓! "餌鄡q鄟鳤 馃铵鴒 裔u豄50們厗 癮~RjA魛 EI endstream endobj 508 0 obj <> endobj 513 0 obj <>stream 0 0 0 0 43 72 d1 43 0 0 72 0 0 cm BI /IM true /W 43 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &良#P餑=[襬I揪h 媷x5椎 8 EI endstream endobj 514 0 obj <>stream 0 0 0 0 54 72 d1 54 0 0 72 0 0 cm BI /IM true /W 54 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID &啲灴A酚q{pm笼矧k镞泾窟窟秣秣秣衴   EI endstream endobj 515 0 obj <>stream 0 0 0 -1 35 71 d1 35 0 0 72 0 -1 cm BI /IM true /W 35 /H 72 /BPC 1 /D[1 0] /F/CCF /DP<> ID & '0z邌~圇秣遫痫鼷秣郛邝 喐g纸坁K唢轢_ EI endstream endobj 516 0 obj <>stream 0 0 0 -6 59 95 d1 59 0 0 101 0 -6 cm BI /IM true /W 59 /H 101 /BPC 1 /D[1 0] /F/CCF /DP<> ID 0揢秭猁飣窟鴒黠鳆邁峋鬟扣xo~a娇埤囖~黠谨後扣呖嗺秭~鴞峥呔髹鼽@ EI endstream endobj 517 0 obj <> endobj 287 0 obj <> endobj 286 0 obj <>stream x渃d`ab`dd潴 u粜v 44壢恌!敏C柟鹷烳琄~L 粊3#O磗~AeQfzF墏喅ˉス俢njQfrb瀭obIFjnb 悡湡湙ZR┃鄻摚襋擹淶T枤痹9?窢$礖7?%(弫9?漲C C 悎;晛塧 肗Fo葵麳[#s>鉾晄踢8.趠箋徕%s.Z|BO鱀巌洼蹶F螡r拷倩u猾 髃k |9ZZ'vO頀咧駹琜濄w{w`w纩磎筭歐usL熫=mjkwc徏蛣M;鱲呸讲{_缭撼轐S鏩踼﹞9蠩|?煴麌8飣⑦)齠43RRxl蝈;銉'_錉挝X#s藤稥粡v 邜奥{Jv7Gccw腨汾6腗I飇桀煳帏 5;⒎q嗙槁M 抗2籡后9~{皐;wUV欢穟捣w穜4L頌删私r邅瀪={轵3-;障1iR蟃垷t跨+]~!踥 鞗p藂睒乡彳<媷噥麻 endstream endobj 518 0 obj 533 endobj 512 0 obj <>/FontBBox[0 0 59 107]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 9/Widths[ 0 0 61 0 56 32 38 0 50 37] >> endobj 505 0 obj <>/FontBBox[0 -35 79 96]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 3/Widths[ 0 73 0 78] >> endobj 497 0 obj <>/FontBBox[0 0 82 96]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 4/Widths[ 0 0 70 0 61] >> endobj 488 0 obj <>/FontBBox[0 -32 67 85]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 9/Widths[ 0 50 56 45 0 70 0 37 0 42] >> endobj 465 0 obj <>/FontBBox[0 -58 112 105]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 36/Widths[ 0 118 78 0 54 86 0 0 0 117 0 63 0 80 0 0 43 68 0 41 0 69 60 85 0 55 0 0 95 0 56 0 67 0 87 0 37] >> endobj 429 0 obj <>/FontBBox[0 -41 113 149]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 57/Widths[ 0 45 0 70 56 0 0 140 0 76 0 52 0 57 55 0 53 0 54 0 51 103 104 47 0 49 0 0 30 0 38 0 109 0 50 0 0 28 0 59 41 0 0 40 0 100 0 0 0 0 46 0 0 0 48 0 58 0] >> endobj 406 0 obj <>/FontBBox[0 -36 123 103]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 40/Widths[ 0 0 0 58 0 84 43 0 0 0 100 0 83 0 73 0 47 0 89 94 79 90 70 92 93 85 74 87 0 0 82 0 144 62 0 139 0 0 109 0 78] >> endobj 366 0 obj <>/FontBBox[0 -87 92 106]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 73/Widths[ 0 94 0 64 0 66 0 78 0 62 0 68 0 0 71 0 51 0 53 0 52 0 54 72 0 93 0 0 0 118 0 39 0 56 92 0 61 0 74 75 0 57 0 30 47 0 41 42 0 80 90 0 40 0 26 32 67 55 0 79 0 0 0 0 76 50 0 60 59 0 0 86 0 89] >> endobj 327 0 obj <>/FontBBox[0 -58 62 105]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 66/Widths[ 0 46 0 54 0 0 55 0 0 43 0 78 0 41 0 26 0 58 28 0 0 40 0 44 0 51 0 0 36 0 42 91 0 50 0 30 0 48 45 47 0 37 0 56 0 0 72 0 52 0 53 0 0 59 0 0 71 0 0 90 25 0 96 79 49 0 80] >> endobj 275 0 obj <>/FontBBox[0 -49 97 141]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 85/Widths[ 0 61 0 96 102 0 45 0 46 131 0 50 49 0 0 0 71 0 0 0 70 104 0 0 63 0 79 44 43 0 0 54 0 55 0 0 53 0 59 0 52 0 47 0 0 0 57 0 69 36 35 0 0 0 83 60 92 0 48 0 58 51 68 0 0 0 109 98 56 0 117 85 103 0 0 108 0 67 0 0 90 0 0 89 28 72] >> endobj 266 0 obj <>/FontBBox[0 -3 67 69]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 5/Widths[ 0 74 0 106 0 64] >> endobj 9 0 obj <>/FontBBox[0 -92 175 155]/FontMatrix[1 0 0 1 0 0]/FirstChar 0/LastChar 255/Widths[ 0 0 140 0 90 0 97 0 144 0 104 82 0 118 0 57 0 83 0 0 150 0 96 0 34 74 0 108 0 95 93 0 0 71 0 55 0 80 0 53 58 0 0 101 0 67 0 39 0 47 0 54 0 52 37 0 0 27 0 69 50 40 0 76 75 0 44 51 0 28 0 0 0 45 73 63 0 0 0 48 0 0 61 0 0 0 25 0 87 0 68 0 0 0 81 0 0 0 0 0 0 0 56 41 0 62 0 29 0 46 0 0 0 0 70 0 0 89 49 0 0 0 0 0 0 0 0 0 43 0 31 64 72 0 0 0 66 0 0 42 77 30 60 0 0 26 0 38 78 36 0 86 59 109 0 85 0 0 0 0 110 0 79 0 0 0 0 0 145 0 0 0 0 0 0 0 0 32 0 148 0 0 0 33 0 0 0 0 65 0 0 0 0 0 0 137 0 0 0 105 84 0 0 0 117 0 0 98 0 0 0 0 0 0 102 0 0 149 94 0 0 0 0 0 0 0 0 88 0 0 0 0 0 0 0 91 0 0 0 35 0 0 0 0 0 106 107 92 0 111 100 99 0 112 0 0] >> endobj 288 0 obj <> endobj 8 0 obj <> endobj 2 0 obj <>endobj xref 0 519 0000000000 65535 f 0000043401 00000 n 0000150848 00000 n 0000043261 00000 n 0000043449 00000 n 0000041541 00000 n 0000000015 00000 n 0000002684 00000 n 0000149611 00000 n 0000145217 00000 n 0000043504 00000 n 0000043752 00000 n 0000044036 00000 n 0000044101 00000 n 0000044393 00000 n 0000044457 00000 n 0000044670 00000 n 0000044734 00000 n 0000045002 00000 n 0000045067 00000 n 0000045238 00000 n 0000045303 00000 n 0000045367 00000 n 0000045607 00000 n 0000045672 00000 n 0000045972 00000 n 0000046036 00000 n 0000046343 00000 n 0000046407 00000 n 0000046717 00000 n 0000047143 00000 n 0000047208 00000 n 0000047426 00000 n 0000047490 00000 n 0000047747 00000 n 0000047811 00000 n 0000047875 00000 n 0000048172 00000 n 0000048237 00000 n 0000048550 00000 n 0000048614 00000 n 0000048678 00000 n 0000048905 00000 n 0000049139 00000 n 0000049203 00000 n 0000049436 00000 n 0000049500 00000 n 0000049783 00000 n 0000049847 00000 n 0000050077 00000 n 0000050141 00000 n 0000050205 00000 n 0000050448 00000 n 0000050682 00000 n 0000050747 00000 n 0000050960 00000 n 0000051024 00000 n 0000051259 00000 n 0000051323 00000 n 0000051553 00000 n 0000051617 00000 n 0000051863 00000 n 0000051927 00000 n 0000052094 00000 n 0000052158 00000 n 0000052222 00000 n 0000052428 00000 n 0000052648 00000 n 0000052712 00000 n 0000052982 00000 n 0000053046 00000 n 0000053110 00000 n 0000053174 00000 n 0000053417 00000 n 0000053481 00000 n 0000053545 00000 n 0000053769 00000 n 0000053833 00000 n 0000053897 00000 n 0000054104 00000 n 0000054168 00000 n 0000054415 00000 n 0000054663 00000 n 0000054884 00000 n 0000054948 00000 n 0000055012 00000 n 0000055076 00000 n 0000055326 00000 n 0000055617 00000 n 0000055880 00000 n 0000055944 00000 n 0000056181 00000 n 0000056376 00000 n 0000056440 00000 n 0000056648 00000 n 0000056828 00000 n 0000057055 00000 n 0000057119 00000 n 0000057355 00000 n 0000057419 00000 n 0000057665 00000 n 0000057730 00000 n 0000057977 00000 n 0000058221 00000 n 0000058476 00000 n 0000058541 00000 n 0000058801 00000 n 0000059076 00000 n 0000059315 00000 n 0000059508 00000 n 0000059715 00000 n 0000059933 00000 n 0000060101 00000 n 0000060166 00000 n 0000060231 00000 n 0000060425 00000 n 0000060490 00000 n 0000060725 00000 n 0000060790 00000 n 0000061026 00000 n 0000061091 00000 n 0000061332 00000 n 0000061528 00000 n 0000061764 00000 n 0000062036 00000 n 0000062101 00000 n 0000062302 00000 n 0000062493 00000 n 0000062558 00000 n 0000062623 00000 n 0000062838 00000 n 0000063070 00000 n 0000063246 00000 n 0000063477 00000 n 0000063701 00000 n 0000063875 00000 n 0000064100 00000 n 0000064302 00000 n 0000064524 00000 n 0000064589 00000 n 0000064810 00000 n 0000064875 00000 n 0000064940 00000 n 0000065005 00000 n 0000065170 00000 n 0000065346 00000 n 0000065583 00000 n 0000065648 00000 n 0000065873 00000 n 0000066079 00000 n 0000066144 00000 n 0000066209 00000 n 0000066274 00000 n 0000066339 00000 n 0000066569 00000 n 0000066841 00000 n 0000066906 00000 n 0000067162 00000 n 0000067227 00000 n 0000067292 00000 n 0000067357 00000 n 0000067581 00000 n 0000067646 00000 n 0000067711 00000 n 0000067777 00000 n 0000067963 00000 n 0000068028 00000 n 0000068256 00000 n 0000068500 00000 n 0000068817 00000 n 0000069085 00000 n 0000069151 00000 n 0000069400 00000 n 0000069465 00000 n 0000069711 00000 n 0000069977 00000 n 0000070256 00000 n 0000070465 00000 n 0000070671 00000 n 0000070737 00000 n 0000070958 00000 n 0000071181 00000 n 0000071394 00000 n 0000071626 00000 n 0000071876 00000 n 0000072100 00000 n 0000072332 00000 n 0000072546 00000 n 0000072611 00000 n 0000072858 00000 n 0000072924 00000 n 0000073159 00000 n 0000073401 00000 n 0000073609 00000 n 0000073674 00000 n 0000073934 00000 n 0000074209 00000 n 0000074453 00000 n 0000074732 00000 n 0000074797 00000 n 0000075028 00000 n 0000075250 00000 n 0000075536 00000 n 0000075782 00000 n 0000076017 00000 n 0000076267 00000 n 0000076333 00000 n 0000076591 00000 n 0000076838 00000 n 0000077114 00000 n 0000077180 00000 n 0000077245 00000 n 0000077477 00000 n 0000077707 00000 n 0000077941 00000 n 0000078007 00000 n 0000078283 00000 n 0000078544 00000 n 0000078609 00000 n 0000078872 00000 n 0000079102 00000 n 0000079353 00000 n 0000079600 00000 n 0000079834 00000 n 0000080103 00000 n 0000080169 00000 n 0000080420 00000 n 0000080680 00000 n 0000080746 00000 n 0000080811 00000 n 0000081056 00000 n 0000081300 00000 n 0000081532 00000 n 0000081754 00000 n 0000081984 00000 n 0000082277 00000 n 0000082534 00000 n 0000082796 00000 n 0000082861 00000 n 0000083094 00000 n 0000083332 00000 n 0000083596 00000 n 0000083853 00000 n 0000084084 00000 n 0000084337 00000 n 0000084581 00000 n 0000084646 00000 n 0000084924 00000 n 0000085176 00000 n 0000085382 00000 n 0000085447 00000 n 0000085676 00000 n 0000085903 00000 n 0000086106 00000 n 0000086338 00000 n 0000086534 00000 n 0000086600 00000 n 0000086666 00000 n 0000086731 00000 n 0000086977 00000 n 0000087043 00000 n 0000087109 00000 n 0000087174 00000 n 0000087421 00000 n 0000087487 00000 n 0000087770 00000 n 0000144976 00000 n 0000088054 00000 n 0000088301 00000 n 0000088519 00000 n 0000088752 00000 n 0000088783 00000 n 0000041711 00000 n 0000002704 00000 n 0000007124 00000 n 0000143591 00000 n 0000088823 00000 n 0000089007 00000 n 0000089304 00000 n 0000089562 00000 n 0000089823 00000 n 0000089889 00000 n 0000090124 00000 n 0000090398 00000 n 0000090595 00000 n 0000090862 00000 n 0000137210 00000 n 0000136988 00000 n 0000149137 00000 n 0000091110 00000 n 0000091364 00000 n 0000091625 00000 n 0000091910 00000 n 0000092203 00000 n 0000092430 00000 n 0000092672 00000 n 0000092884 00000 n 0000093113 00000 n 0000093346 00000 n 0000093593 00000 n 0000093767 00000 n 0000094007 00000 n 0000094226 00000 n 0000094442 00000 n 0000094662 00000 n 0000094892 00000 n 0000095074 00000 n 0000095314 00000 n 0000095589 00000 n 0000095805 00000 n 0000096034 00000 n 0000096258 00000 n 0000096480 00000 n 0000096724 00000 n 0000096944 00000 n 0000097144 00000 n 0000097210 00000 n 0000097430 00000 n 0000097651 00000 n 0000097933 00000 n 0000098180 00000 n 0000098459 00000 n 0000098728 00000 n 0000098985 00000 n 0000041866 00000 n 0000007146 00000 n 0000010024 00000 n 0000142486 00000 n 0000099048 00000 n 0000099282 00000 n 0000099490 00000 n 0000099671 00000 n 0000099907 00000 n 0000100145 00000 n 0000100379 00000 n 0000100630 00000 n 0000100858 00000 n 0000101115 00000 n 0000101286 00000 n 0000101512 00000 n 0000101747 00000 n 0000101998 00000 n 0000102261 00000 n 0000102502 00000 n 0000102771 00000 n 0000103011 00000 n 0000103191 00000 n 0000103423 00000 n 0000103675 00000 n 0000103933 00000 n 0000104177 00000 n 0000104445 00000 n 0000104673 00000 n 0000104919 00000 n 0000105143 00000 n 0000105363 00000 n 0000105568 00000 n 0000105815 00000 n 0000106057 00000 n 0000106300 00000 n 0000106562 00000 n 0000106806 00000 n 0000107037 00000 n 0000042021 00000 n 0000010046 00000 n 0000014053 00000 n 0000141277 00000 n 0000107097 00000 n 0000107377 00000 n 0000107653 00000 n 0000107826 00000 n 0000108059 00000 n 0000108278 00000 n 0000108537 00000 n 0000108806 00000 n 0000109005 00000 n 0000109239 00000 n 0000109451 00000 n 0000109681 00000 n 0000109888 00000 n 0000110126 00000 n 0000110403 00000 n 0000110648 00000 n 0000110940 00000 n 0000111185 00000 n 0000111426 00000 n 0000111684 00000 n 0000111932 00000 n 0000112166 00000 n 0000112402 00000 n 0000112640 00000 n 0000112939 00000 n 0000113198 00000 n 0000113457 00000 n 0000113666 00000 n 0000113900 00000 n 0000114153 00000 n 0000114397 00000 n 0000114648 00000 n 0000114861 00000 n 0000115166 00000 n 0000115444 00000 n 0000115773 00000 n 0000042176 00000 n 0000014075 00000 n 0000018705 00000 n 0000140543 00000 n 0000115843 00000 n 0000116123 00000 n 0000116350 00000 n 0000116615 00000 n 0000116871 00000 n 0000117117 00000 n 0000117445 00000 n 0000117727 00000 n 0000118016 00000 n 0000118253 00000 n 0000118502 00000 n 0000118802 00000 n 0000119090 00000 n 0000119414 00000 n 0000119675 00000 n 0000119741 00000 n 0000119994 00000 n 0000120264 00000 n 0000120591 00000 n 0000042331 00000 n 0000018727 00000 n 0000023556 00000 n 0000139561 00000 n 0000120671 00000 n 0000121006 00000 n 0000121258 00000 n 0000121564 00000 n 0000121880 00000 n 0000122115 00000 n 0000122357 00000 n 0000122590 00000 n 0000122839 00000 n 0000123088 00000 n 0000123337 00000 n 0000123563 00000 n 0000123795 00000 n 0000123963 00000 n 0000124231 00000 n 0000124453 00000 n 0000124707 00000 n 0000124974 00000 n 0000125254 00000 n 0000125519 00000 n 0000125768 00000 n 0000125962 00000 n 0000126157 00000 n 0000126404 00000 n 0000126664 00000 n 0000126879 00000 n 0000127077 00000 n 0000127338 00000 n 0000127624 00000 n 0000127825 00000 n 0000128066 00000 n 0000128310 00000 n 0000042486 00000 n 0000023578 00000 n 0000028391 00000 n 0000138878 00000 n 0000128413 00000 n 0000128681 00000 n 0000128921 00000 n 0000129175 00000 n 0000129467 00000 n 0000129755 00000 n 0000130021 00000 n 0000130273 00000 n 0000130487 00000 n 0000130824 00000 n 0000131065 00000 n 0000131262 00000 n 0000131459 00000 n 0000131777 00000 n 0000132076 00000 n 0000132305 00000 n 0000132568 00000 n 0000132898 00000 n 0000133182 00000 n 0000042641 00000 n 0000028413 00000 n 0000032400 00000 n 0000138584 00000 n 0000133295 00000 n 0000133478 00000 n 0000133673 00000 n 0000133929 00000 n 0000134191 00000 n 0000042796 00000 n 0000032422 00000 n 0000036223 00000 n 0000138359 00000 n 0000134314 00000 n 0000134618 00000 n 0000134863 00000 n 0000135114 00000 n 0000042951 00000 n 0000036245 00000 n 0000039562 00000 n 0000138145 00000 n 0000135224 00000 n 0000135504 00000 n 0000135784 00000 n 0000043106 00000 n 0000039584 00000 n 0000041519 00000 n 0000137852 00000 n 0000135894 00000 n 0000136124 00000 n 0000136357 00000 n 0000136604 00000 n 0000136858 00000 n 0000137831 00000 n trailer << /Size 519 /Root 1 0 R /Info 2 0 R >> startxref 150898 %%EOF proxy-suite-1.9.2.4/doc/ftp-proxy.ps0000644000000000000000000042253510170747372017237 0ustar rootroot00000000000000%!PS-Adobe-2.0 %%Creator: dvips(k) 5.92b Copyright 2002 Radical Eye Software %%Title: ftp-proxy.dvi %%Pages: 11 %%PageOrder: Ascend %%BoundingBox: 0 0 596 842 %%DocumentFonts: CMSY10 %%DocumentPaperSizes: a4 %%EndComments %DVIPSWebPage: (www.radicaleye.com) %DVIPSCommandLine: dvips -q -t a4 -o ftp-proxy.ps ftp-proxy.dvi %DVIPSParameters: dpi=600, compressed %DVIPSSource: TeX output 2005.01.11:1404 %%BeginProcSet: texc.pro %! /TeXDict 300 dict def TeXDict begin/N{def}def/B{bind def}N/S{exch}N/X{S N}B/A{dup}B/TR{translate}N/isls false N/vsize 11 72 mul N/hsize 8.5 72 mul N/landplus90{false}def/@rigin{isls{[0 landplus90{1 -1}{-1 1}ifelse 0 0 0]concat}if 72 Resolution div 72 VResolution div neg scale isls{ landplus90{VResolution 72 div vsize mul 0 exch}{Resolution -72 div hsize mul 0}ifelse TR}if Resolution VResolution vsize -72 div 1 add mul TR[ matrix currentmatrix{A A round sub abs 0.00001 lt{round}if}forall round exch round exch]setmatrix}N/@landscape{/isls true N}B/@manualfeed{ statusdict/manualfeed true put}B/@copies{/#copies X}B/FMat[1 0 0 -1 0 0] N/FBB[0 0 0 0]N/nn 0 N/IEn 0 N/ctr 0 N/df-tail{/nn 8 dict N nn begin /FontType 3 N/FontMatrix fntrx N/FontBBox FBB N string/base X array /BitMaps X/BuildChar{CharBuilder}N/Encoding IEn N end A{/foo setfont}2 array copy cvx N load 0 nn put/ctr 0 N[}B/sf 0 N/df{/sf 1 N/fntrx FMat N df-tail}B/dfs{div/sf X/fntrx[sf 0 0 sf neg 0 0]N df-tail}B/E{pop nn A definefont setfont}B/Cw{Cd A length 5 sub get}B/Ch{Cd A length 4 sub get }B/Cx{128 Cd A length 3 sub get sub}B/Cy{Cd A length 2 sub get 127 sub} B/Cdx{Cd A length 1 sub get}B/Ci{Cd A type/stringtype ne{ctr get/ctr ctr 1 add N}if}B/id 0 N/rw 0 N/rc 0 N/gp 0 N/cp 0 N/G 0 N/CharBuilder{save 3 1 roll S A/base get 2 index get S/BitMaps get S get/Cd X pop/ctr 0 N Cdx 0 Cx Cy Ch sub Cx Cw add Cy setcachedevice Cw Ch true[1 0 0 -1 -.1 Cx sub Cy .1 sub]/id Ci N/rw Cw 7 add 8 idiv string N/rc 0 N/gp 0 N/cp 0 N{ rc 0 ne{rc 1 sub/rc X rw}{G}ifelse}imagemask restore}B/G{{id gp get/gp gp 1 add N A 18 mod S 18 idiv pl S get exec}loop}B/adv{cp add/cp X}B /chg{rw cp id gp 4 index getinterval putinterval A gp add/gp X adv}B/nd{ /cp 0 N rw exit}B/lsh{rw cp 2 copy get A 0 eq{pop 1}{A 255 eq{pop 254}{ A A add 255 and S 1 and or}ifelse}ifelse put 1 adv}B/rsh{rw cp 2 copy get A 0 eq{pop 128}{A 255 eq{pop 127}{A 2 idiv S 128 and or}ifelse} ifelse put 1 adv}B/clr{rw cp 2 index string putinterval adv}B/set{rw cp fillstr 0 4 index getinterval putinterval adv}B/fillstr 18 string 0 1 17 {2 copy 255 put pop}for N/pl[{adv 1 chg}{adv 1 chg nd}{1 add chg}{1 add chg nd}{adv lsh}{adv lsh nd}{adv rsh}{adv rsh nd}{1 add adv}{/rc X nd}{ 1 add set}{1 add clr}{adv 2 chg}{adv 2 chg nd}{pop nd}]A{bind pop} forall N/D{/cc X A type/stringtype ne{]}if nn/base get cc ctr put nn /BitMaps get S ctr S sf 1 ne{A A length 1 sub A 2 index S get sf div put }if put/ctr ctr 1 add N}B/I{cc 1 add D}B/bop{userdict/bop-hook known{ bop-hook}if/SI save N @rigin 0 0 moveto/V matrix currentmatrix A 1 get A mul exch 0 get A mul add .99 lt{/QV}{/RV}ifelse load def pop pop}N/eop{ SI restore userdict/eop-hook known{eop-hook}if showpage}N/@start{ userdict/start-hook known{start-hook}if pop/VResolution X/Resolution X 1000 div/DVImag X/IEn 256 array N 2 string 0 1 255{IEn S A 360 add 36 4 index cvrs cvn put}for pop 65781.76 div/vsize X 65781.76 div/hsize X}N /p{show}N/RMat[1 0 0 -1 0 0]N/BDot 260 string N/Rx 0 N/Ry 0 N/V{}B/RV/v{ /Ry X/Rx X V}B statusdict begin/product where{pop false[(Display)(NeXT) (LaserWriter 16/600)]{A length product length le{A length product exch 0 exch getinterval eq{pop true exit}if}{pop}ifelse}forall}{false}ifelse end{{gsave TR -.1 .1 TR 1 1 scale Rx Ry false RMat{BDot}imagemask grestore}}{{gsave TR -.1 .1 TR Rx Ry scale 1 1 false RMat{BDot} imagemask grestore}}ifelse B/QV{gsave newpath transform round exch round exch itransform moveto Rx 0 rlineto 0 Ry neg rlineto Rx neg 0 rlineto fill grestore}B/a{moveto}B/delta 0 N/tail{A/delta X 0 rmoveto}B/M{S p delta add tail}B/b{S p tail}B/c{-4 M}B/d{-3 M}B/e{-2 M}B/f{-1 M}B/g{0 M} B/h{1 M}B/i{2 M}B/j{3 M}B/k{4 M}B/w{0 rmoveto}B/l{p -4 w}B/m{p -3 w}B/n{ p -2 w}B/o{p -1 w}B/q{p 1 w}B/r{p 2 w}B/s{p 3 w}B/t{p 4 w}B/x{0 S rmoveto}B/y{3 2 roll p a}B/bos{/SS save N}B/eos{SS restore}B end %%EndProcSet %%BeginProcSet: bbad153f.enc % Thomas Esser, Dec 2002. public domain % % Encoding for: % cmsy10 cmsy5 cmsy6 cmsy7 cmsy8 cmsy9 % /TeXbbad153fEncoding [ /minus /periodcentered /multiply /asteriskmath /divide /diamondmath /plusminus /minusplus /circleplus /circleminus /circlemultiply /circledivide /circledot /circlecopyrt /openbullet /bullet /equivasymptotic /equivalence /reflexsubset /reflexsuperset /lessequal /greaterequal /precedesequal /followsequal /similar /approxequal /propersubset /propersuperset /lessmuch /greatermuch /precedes /follows /arrowleft /arrowright /arrowup /arrowdown /arrowboth /arrownortheast /arrowsoutheast /similarequal /arrowdblleft /arrowdblright /arrowdblup /arrowdbldown /arrowdblboth /arrownorthwest /arrowsouthwest /proportional /prime /infinity /element /owner /triangle /triangleinv /negationslash /mapsto /universal /existential /logicalnot /emptyset /Rfractur /Ifractur /latticetop /perpendicular /aleph /A /B /C /D /E /F /G /H /I /J /K /L /M /N /O /P /Q /R /S /T /U /V /W /X /Y /Z /union /intersection /unionmulti /logicaland /logicalor /turnstileleft /turnstileright /floorleft /floorright /ceilingleft /ceilingright /braceleft /braceright /angbracketleft /angbracketright /bar /bardbl /arrowbothv /arrowdblbothv /backslash /wreathproduct /radical /coproduct /nabla /integral /unionsq /intersectionsq /subsetsqequal /supersetsqequal /section /dagger /daggerdbl /paragraph /club /diamond /heart /spade /arrowleft /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /minus /periodcentered /multiply /asteriskmath /divide /diamondmath /plusminus /minusplus /circleplus /circleminus /.notdef /.notdef /circlemultiply /circledivide /circledot /circlecopyrt /openbullet /bullet /equivasymptotic /equivalence /reflexsubset /reflexsuperset /lessequal /greaterequal /precedesequal /followsequal /similar /approxequal /propersubset /propersuperset /lessmuch /greatermuch /precedes /follows /arrowleft /spade /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef /.notdef ] def %%EndProcSet %%BeginProcSet: texps.pro %! TeXDict begin/rf{findfont dup length 1 add dict begin{1 index/FID ne 2 index/UniqueID ne and{def}{pop pop}ifelse}forall[1 index 0 6 -1 roll exec 0 exch 5 -1 roll VResolution Resolution div mul neg 0 0]FontType 0 ne{/Metrics exch def dict begin Encoding{exch dup type/integertype ne{ pop pop 1 sub dup 0 le{pop}{[}ifelse}{FontMatrix 0 get div Metrics 0 get div def}ifelse}forall Metrics/Metrics currentdict end def}{{1 index type /nametype eq{exit}if exch pop}loop}ifelse[2 index currentdict end definefont 3 -1 roll makefont/setfont cvx]cvx def}def/ObliqueSlant{dup sin S cos div neg}B/SlantFont{4 index mul add}def/ExtendFont{3 -1 roll mul exch}def/ReEncodeFont{CharStrings rcheck{/Encoding false def dup[ exch{dup CharStrings exch known not{pop/.notdef/Encoding true def}if} forall Encoding{]exch pop}{cleartomark}ifelse}if/Encoding exch def}def end %%EndProcSet %%BeginFont: CMSY10 %!PS-AdobeFont-1.1: CMSY10 1.0 %%CreationDate: 1991 Aug 15 07:20:57 % Copyright (C) 1997 American Mathematical Society. All Rights Reserved. 11 dict begin /FontInfo 7 dict dup begin /version (1.0) readonly def /Notice (Copyright (C) 1997 American Mathematical Society. All Rights Reserved) readonly def /FullName (CMSY10) readonly def /FamilyName (Computer Modern) readonly def /Weight (Medium) readonly def /ItalicAngle -14.035 def /isFixedPitch false def end readonly def /FontName /CMSY10 def /PaintType 0 def /FontType 1 def /FontMatrix [0.001 0 0 0.001 0 0] readonly def /Encoding 256 array 0 1 255 {1 index exch /.notdef put} for dup 0 /.notdef put readonly def /FontBBox{-29 -960 1116 775}readonly def /UniqueID 5000820 def currentdict end currentfile eexec D9D66F633B846A97B686A97E45A3D0AA052F09F9C8ADE9D907C058B87E9B6964 7D53359E51216774A4EAA1E2B58EC3176BD1184A633B951372B4198D4E8C5EF4 A213ACB58AA0A658908035BF2ED8531779838A960DFE2B27EA49C37156989C85 E21B3ABF72E39A89232CD9F4237FC80C9E64E8425AA3BEF7DED60B122A52922A 221A37D9A807DD01161779DDE7D31FF2B87F97C73D63EECDDA4C49501773468A 27D1663E0B62F461F6E40A5D6676D1D12B51E641C1D4E8E2771864FC104F8CBF 5B78EC1D88228725F1C453A678F58A7E1B7BD7CA700717D288EB8DA1F57C4F09 0ABF1D42C5DDD0C384C7E22F8F8047BE1D4C1CC8E33368FB1AC82B4E96146730 DE3302B2E6B819CB6AE455B1AF3187FFE8071AA57EF8A6616B9CB7941D44EC7A 71A7BB3DF755178D7D2E4BB69859EFA4BBC30BD6BB1531133FD4D9438FF99F09 4ECC068A324D75B5F696B8688EEB2F17E5ED34CCD6D047A4E3806D000C199D7C 515DB70A8D4F6146FE068DC1E5DE8BC570317AAEA74A842CFD26F9591866F5A0 9B4EAD7C4B32C31F1CBA38F791DF6C8115177A4A1B8B3441F8BD2E1EAFD9F18C D0B6C066F8B6073508C87FA4C79A9C034FE1669C4E1028E6B6F26699DF4EE2E1 EC6F87EC0443C89EC6B0D024982277C3B07D174FD46DA9272D5CD46A1E82D25A 73309BB508D00A2AEB5400CF430316D5DD4E0370E71154292E935DD63C7D0E1F 1B0AFCB6C8C3557C33B5B85CBA94D7E51EA4E52B73C6733839181D5DFE7E3FF6 0CAD164A2EF73AB26044CF36FF496B388BE7BED7BD8FCC3E1C432EFD34D6B506 AA587A8A448AFD97506EF1D91572C77B534F8268662036A507B568A0AFB6A30A D6C753E07AB18C8C6C75D87807C08CAC037045766D83D02CE258628300B38C00 2B0DDDD747628CE5958FF3A9468A91B3776D15736C41CA9903E708276F5DBC76 EA6478D96AC192A07E3F4AAA31408EA61EFCC8044925E701EF4CF0EFF4E84553 AA52F65AB546E618A0B34E97731710C6A9C1AAF6D36124B8CAB26B73B7E7DDAA 53643A15114FEE6399667A8AD5128EE6875D151DC0A47BE75C23C8BD2FB4E94C EFF56DB24920A557E0A61032745528C523C66A5A4F8142EEC78BF6C3AF135A09 5790204FE856514FFCF5B78548B60E2D9E15E848E4A56A02EEBA536E4EAFD15D 2202F684B45A358ED725F72302597BCA6DC5710838DB2ED52373F4BC7D2EDC74 010A8DF1CEE85D8ED2E63DDEB639F1DCEE4E6E74FBA2D43BBBCF9FEC91CDA941 20CB15CD7E48792D7C97FECF6002F1996CA861BA9881874AB27D20671DCABFE8 7601C77F7F58B38C74CE7419816E945B31531B1DBE0294DAF2E75DE918 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 0000000000000000000000000000000000000000000000000000000000000000 cleartomark %%EndFont TeXDict begin 39158280 55380996 1000 600 600 (ftp-proxy.dvi) @start %DVIPSBitmapFont: Fa ecti1000 10 62 /Fa 62 122 df28 D<3801C0033903E00FC03807F01F120F13E0A21580EBC03FA2001F14001380A2 143E1300147E147C123EA21478123C14F85C5AA200705BA25CEA6001A200E05B12C01A1F 6DBA2A>34 D<150C151C153815F0EC01E0EC03C0EC0780EC0F00141E5C147C5C5C495A13 03495A5C130F49C7FCA2133EA25BA25BA2485AA212035B12075BA2120F5BA2121FA290C8 FCA25AA2123EA2127EA2127CA412FC5AAD1278A57EA3121C121EA2120E7EA26C7E6C7EA2 12001E5274BD22>40 D<140C140E80EC0380A2EC01C015E0A2140015F0A21578A4157C15 3CAB157CA715FCA215F8A21401A215F0A21403A215E0A21407A215C0140F1580A2141F15 00A2143EA25CA25CA2495AA2495A5C1307495A91C7FC5B133E133C5B5B485A12035B48C8 FC120E5A12785A12C01E527FBD22>I44 D<387FFFF8A2B5FCA214F0150579941E>I<120EEA3F80127F12FFA31300127E123C0909 778819>III<1538A2157015F014011403EC07E0140F143F14FF010713C0EB 3FCF141F131001001380A2143FA21500A25CA2147EA214FEA25CA21301A25CA21303A25C A21307A25CA2130FA25CA2131FA25CA2133FA291C7FC497EB61280A31D3777B62A>III<01031438496C13F89138F007F091B512E016804914005D15F815C0D91E1C C7FC011CC8FCA3133C1338A313781370A2147F9038F1FFC09038E783E09038FE01F09038 F800F8485A497F49137C5BC8127EA315FEA414015D121E127F1403485CA248495A12F800 E05C140F4A5A5D6C49C7FC147E00785B387C01F8383E07F0381FFFC06C90C8FCEA03F825 3977B62A>53 D56 D<133C137E13FF5AA313FE13FCEA00701300B2 120EEA3F80127F12FFA31300127E123C102477A319>58 D<0007B812FC4817FECCFCB0B9 12E06C17C03714779E40>61 D64 DI<0107B612FCEFFF8018C0903B000FF0001FF04BEB07F81703021F 15FC17014B14FEA2023F1400A24B1301A2147F18FC92C7120318F84A140718F04AEC0FE0 EF1FC00101ED3F80EF7F004AEB01FEEE07F849B612E05F9139F80007F0EE01FC01076E7E 177F4AEC3F80A2010F16C0171F5CA2131F173F5CA2133FEF7F805C1800017F5D4C5A91C7 485A5F49140FEE1FE0494A5A00014AB45AB748C7FC16F816C037397BB83A>II<0103B612FEEF FFC018F0903B0007F8000FF84BEB03FCEF00FE020F157FF03F804B141F19C0021F150F19 E05D1807143F19F05DA2147FA292C8FCA25C180F5CA2130119E04A151FA2130319C04A15 3FA201071780187F4A1600A2010F16FEA24A4A5A60011F15034D5A4A5D4D5A013F4B5A17 3F4A4AC7FC17FC017FEC03F84C5A91C7EA1FC04949B45A007F90B548C8FCB712F016803C 397CB83F>I<0107B8FCA3903A000FF000034BEB007F183E141F181E5DA2143FA25D181C 147FA29238000380A24A130718004A91C7FC5E13015E4A133E167E49B512FEA25EECF800 0107147C163C4A1338A2010F147818E04A13701701011F16C016004A14031880013F1507 18004A5CA2017F151E173E91C8123C177C4915FC4C5A4914070001ED7FF0B8FCA25F3839 7BB838>I<0107B712FEA3903A000FF000074B1300187C021F153CA25DA2143FA25D1838 147FA292C8FCEE03804A130718004A91C7FCA201015CA24A131E163E010314FE91B5FC5E A2903807F800167C4A1378A2130FA24A1370A2011F14F0A24A90C8FCA2133FA25CA2137F A291CAFCA25BA25B487EB6FCA337397BB836>II<0103B5D8F80FB512E0A390260007 F8C7381FE0004B5DA2020F153F615DA2021F157F96C7FC5DA2023F5D605DA2027F140160 92C7FCA24A1403605CA249B7FC60A202FCC712070103150F605CA20107151F605CA2010F 153F605CA2011F157F95C8FC5CA2013F5D5F5CA2017F14015F91C7FC491403007FD9FE01 B512F8B55BA243397CB83E>I<0103B512F8A390390007F8005DA2140FA25DA2141FA25D A2143FA25DA2147FA292C7FCA25CA25CA21301A25CA21303A25CA21307A25CA2130FA25C A2131FA25CA2133FA25CA2137FA291C8FC497EB6FCA25C25397CB820>I<0207B512F0A3 91390007FC006F5AA215075EA3150F5EA3151F5EA3153F5EA3157F93C7FCA35D5DA31401 5DA314035DA31407A25DA2140FA2003F5C5A141F485CA24A5A12FC00E049C8FC14FE0070 5B495A6C485A381E0FC06CB4C9FCEA01F82C3B78B82C>I<0107B512FCA25E9026000FF8 C7FC5D5D141FA25DA2143FA25DA2147FA292C8FCA25CA25CA21301A25CA21303A25CA213 07A25CA2130F170C4A141CA2011F153C17384A1478A2013F157017F04A14E01601017F14 0317C091C71207160F49EC1F80163F4914FF000102071300B8FCA25E2E397BB834>76 D<902607FFF8923807FFF0614F13E0D9000FEFF0004F5AA2021F167FF1EFC0141DDA1CFC EC01CF023C16DF9538039F800238ED071FA20278ED0E3F97C7FC0270151CA202F04B5AF0 707E14E0037E14E0010117FE4D485A02C0EC0380A20103ED0701610280140EA20107ED1C 0305385B14006F137049160705E05B010EEC01C0A2011E913803800F61011CEC0700A201 3C020E131F4C5C1338ED1FB80178163F04F091C8FC01705CA201F04A5B187E00015DD807 F816FEB500C09039007FFFFC151E150E4C397AB84A>I<902603FFF891B512E0A281D900 07923807F8006F6E5A61020F5E81DA0E7F5DA2021E6D1307033F92C7FC141C82DA3C1F5C 70130EEC380FA202786D131E0307141C147082DAF003143C70133814E0150101016E1378 030014705C8201036E13F0604A1480163F010715C1041F5B91C7FC17E149EC0FE360010E 15F31607011E15FF95C8FC011C80A2013C805F1338160013785F01F8157CEA03FC267FFF E0143CB51538A243397CB83E>II<0107B612F817FF1880903B000FF0003FE04BEB0FF0EF03F8 141FEF01FC5DA2023F15FEA25DA2147FEF03FC92C7FCA24A15F817074A15F0EF0FE01301 EF1FC04AEC3F80EFFE0001034A5AEE0FF091B612C04CC7FCD907F8C9FCA25CA2130FA25C A2131FA25CA2133FA25CA2137FA291CAFCA25BA25B1201B512FCA337397BB838>I<0103 B612F017FEEFFF80903B0007F8003FC04BEB0FF01707020FEC03F8EF01FC5DA2021F15FE A25DA2143FEF03FC5DA2027FEC07F818F092C7120F18E04AEC1FC0EF3F004A14FEEE01F8 0101EC0FE091B6128004FCC7FC9138FC003F0103EC0F80834A6D7E8301071403A25C8301 0F14075F5CA2011F140FA25CA2133F161F4AECE007A2017F160F180E91C7FC49020F131C 007F01FE153CB5913807F078040313F0CAEAFFE0EF3F80383B7CB83D>82 D<92383FC00E913901FFF01C020713FC91391FC07E3C91393F001F7C027CEB0FF84A1307 49481303495A4948EB01F0A2495AA2011F15E091C7FCA34915C0A36E90C7FCA2806D7E14 FCECFF806D13F015FE6D6D7E6D14E0010080023F7F14079138007FFC150F15031501A215 00A2167C120EA3001E15FC5EA3003E4A5AA24B5AA2007F4A5A4B5A6D49C7FC6D133ED8F9 F013FC39F8FC03F839F07FFFE0D8E01F138026C003FCC8FC2F3D7ABA2F>I<0007B812E0 A25AD9F800EB001F01C049EB07C0485AD900011403121E001C5C003C1780140312380078 5C00701607140700F01700485CA2140FC792C7FC5DA2141FA25DA2143FA25DA2147FA292 C9FCA25CA25CA21301A25CA21303A25CA21307A25CA2130FA25CEB3FF0007FB512F8B6FC A2333971B83B>I<003FB539800FFFFEA326007F80C7EA7F8091C8EA3F00173E49153CA2 491538A20001167817705BA2000316F05F5BA2000715015F5BA2000F15035F5BA2001F15 0794C7FC5BA2003F5D160E5BA2007F151E161C90C8FCA2163C4815385A16781670A216F0 4B5A5E1503007E4A5A4BC8FC150E6C143E6C6C5B15F0390FC003E03907F01FC00001B5C9 FC38007FFCEB1FE0373B70B83E>I87 D<49B5D8F007B5FCA3D9000790C713E0DA03FCEC7F00187C020115786F5C 4D5A02005D6F495A4DC7FC6F5BEE801E5F033F5BEEC0705F92381FC1C016E3EEE780DB0F EFC8FC16FE6F5A5EA2150382A2150782150F151CED3CFF5D4B7EDA01E07FEDC03FDA0380 7FEC0700020E131F021E805C4A130F0270805C49481307494880130749C71203011E8113 3E01FE81D807FF1407B500E090387FFFFC93B5FC6040397CB83E>II95 D<14F8EB07FE90381F871C90383E03FE137CEBF801120148486C5A485A120FEBC001001F 5CA2EA3F801403007F5C1300A21407485C5AA2140F5D48ECC1C0A2141F15831680143F15 87007C017F1300ECFF076C485B9038038F8E391F0F079E3907FE03FC3901F000F0222677 A42A>97 D<133FEA1FFFA3C67E137EA313FE5BA312015BA312035BA31207EBE0F8EBE7FE 9038EF0F80390FFC07C013F89038F003E013E0D81FC013F0A21380A2123F1300A214075A 127EA2140F12FE4814E0A2141F15C05AEC3F80A215005C147E5C387801F8007C5B383C03 E0383E07C0381E1F80D80FFEC7FCEA01F01C3B77B926>I<147F903803FFC090380FC1E0 90381F0070017E13784913383901F801F83803F003120713E0120FD81FC013F091C7FC48 5AA2127F90C8FCA35A5AA45AA3153015381578007C14F0007EEB01E0003EEB03C0EC0F80 6CEB3E00380F81F83803FFE0C690C7FC1D2677A426>II<147F903803FFC090380F C1E090383F00F0017E13785B485A485A485A120F4913F8001F14F0383F8001EC07E0EC1F 80397F81FF00EBFFF8148090C8FC5A5AA55AA21530007C14381578007E14F0003EEB01E0 EC03C06CEB0F806CEB3E00380781F83803FFE0C690C7FC1D2677A426>IIIII108 DII<147F903803FFC090380FC1F090 381F00F8017E137C5B4848137E4848133E0007143F5B120F485AA2485A157F127F90C7FC A215FF5A4814FEA2140115FC5AEC03F8A2EC07F015E0140F007C14C0007EEB1F80003EEB 3F00147E6C13F8380F83F03803FFC0C648C7FC202677A42A>I<9039078007C090391FE0 3FF090393CF0787C903938F8E03E9038787FC00170497EECFF00D9F0FE148013E05CEA01 E113C15CA2D80003143FA25CA20107147FA24A1400A2010F5C5E5C4B5A131F5EEC80035E 013F495A6E485A5E6E48C7FC017F133EEC70FC90387E3FF0EC0F8001FEC9FCA25BA21201 A25BA21203A25B1207B512C0A3293580A42A>I<3903C003F0390FF01FFC391E783C0F38 1C7C703A3C3EE03F8038383FC0EB7F800078150000701300151CD8F07E90C7FCEAE0FE5B A2120012015BA312035BA312075BA3120F5BA3121F5BA3123F90C9FC120E212679A423> 114 D<14FE903807FF8090380F83C090383E00E04913F00178137001F813F00001130313 F0A215E00003EB01C06DC7FC7FEBFFC06C13F814FE6C7F6D13807F010F13C01300143F14 1F140F123E127E00FE1480A348EB1F0012E06C133E00705B6C5B381E03E06CB45AD801FE C7FC1C267AA422>II<13 F8D803FEEB01C0D8078FEB03E0390E0F8007121E121C0038140F131F007815C01270013F 131F00F0130000E015805BD8007E133FA201FE14005B5D120149137EA215FE120349EBFC 0EA20201131E161C15F813E0163CD9F003133814070001ECF07091381EF8F03A00F83C78 E090393FF03FC090390FC00F00272679A42D>I<01F0130ED803FC133FD8071EEB7F80EA 0E1F121C123C0038143F49131F0070140FA25BD8F07E140000E08013FEC6485B150E1201 5B151E0003141C5BA2153C000714385B5DA35DA24A5A140300035C6D48C7FC0001130E38 00F83CEB7FF8EB0FC0212679A426>I<01F01507D803FC903903801F80D8071E903907C0 3FC0D80E1F130F121C123C0038021F131F49EC800F00701607A249133FD8F07E168000E0 ED000313FEC64849130718000001147E5B03FE5B0003160E495BA2171E00070101141C01 E05B173C1738A217781770020314F05F0003010713016D486C485A000190391E7C078028 00FC3C3E0FC7FC90393FF81FFE90390FE003F0322679A437>I<903907E007C090391FF8 1FF89039787C383C9038F03E703A01E01EE0FE3803C01F018013C0D8070014FC48148000 0E1570023F1300001E91C7FC121CA2C75AA2147EA214FEA25CA21301A24A1370A2010314 F016E0001C5B007E1401010714C000FEEC0380010F1307010EEB0F0039781CF81E903838 7C3C393FF03FF03907C00FC027267CA427>I<13F0D803FCEB01C0D8071EEB03E0D80E1F 1307121C123C0038140F4914C01270A249131FD8F07E148012E013FEC648133F16001201 5B5D0003147E5BA215FE00075C5BA214015DA314035D14070003130FEBF01F3901F87FE0 38007FF7EB1FC7EB000F5DA2141F003F5C48133F92C7FC147E147C007E13FC387001F8EB 03E06C485A383C1F80D80FFEC8FCEA03F0233679A428>I E %EndDVIPSBitmapFont %DVIPSBitmapFont: Fb ectt1000 10 75 /Fb 75 126 df<130EEB3F80497E3801FFF0487F000F13FE381FFBFFD87FF113C039FFC0 7FE0EB803F38FE000F007CEB07C0007813031B0D77B42D>2 D36 DI44 D<007FB512F0B612F8A36C14F01D0579942C>I<121FEA3F80EA7FC0EAFFE0A5EA7FC0EA 3F80EA1F000B0B708A2C>I<1507ED0F80A2151F16005D153E157E157CA215FC5D14015D 14035D14075D140F5D141F92C7FC5C143EA2147E147C14FC5C13015C13035C13075C130F 5C131F91C8FC5B133EA2137E137C13FC5B12015B12035B12075B120F5B121F90C9FCA25A 123E127E127C12FC5AA2127021417BB92C>II<1307497EA2131FA2133F137F13FF5A1207127FB5FC13DF139FEA7C1F1200B3AE 007FB512E0B612F0A36C14E01C3477B32C>III<000FB512FE4880A35D0180C8FCAD EB83FE90389FFF8090B512E015F8819038FE03FE9038F000FF01C07F49EB3F8090C7121F 6C15C0C8120FA2ED07E0A4123C127EB4FC150F16C0A248141F007EEC3F80007FEC7F006C 6C5B6D485A391FF80FFC6CB55A6C5C000114C06C6C90C7FCEB0FF823347CB22C>53 DI56 DI<121FEA3F80EA7FC0EAFFE0A5EA7FC0EA3F80EA1F00C7FCAE121FEA3F80EA7FC0 EAFFE0A5EA7FC0EA3F80EA1F000B2470A32C>I<1502ED0F80151F157F15FF913803FE00 EC0FFCEC1FF0EC7FE0ECFF80D903FEC7FC495AEB1FF0495AEBFF80000390C8FCEA07FCEA 1FF8EA3FE0EAFF8090C9FCA27FEA3FE0EA1FF8EA07FC6CB4FCC67FEB3FE06D7EEB07FC6D 7E903800FF80EC7FE0EC1FF0EC0FFCEC03FE913800FF80157F151F150FED0200212A7BAD 2C>60 D<007FB612F0B712F8A36C15F0CAFCA8007FB612F0B712F8A36C15F025127DA12C >I<122012F87EB4FC7FEA3FE0EA1FF8EA07FC6CB4FCC67FEB3FE06D7EEB07FC6D7E9038 00FF80EC7FE0EC1FF0EC0FFCEC03FE913800FF80157FA215FF913803FE00EC0FFCEC1FF0 EC7FE0ECFF80D903FEC7FC495AEB1FF0495AEBFF80000390C8FCEA07FCEA1FF8EA3FE0EA FF8090C9FC12FC5A1220212A7BAD2C>I<14FE497EA4497FA214EFA2130781A214C7A201 0F7FA314C390381F83F0A590383F01F8A490387E00FCA549137E90B512FEA34880A29038 F8003FA34848EB1F80A4000715C049130FD87FFEEBFFFC6D5AB514FE6C15FC497E27347E B32C>65 D<007FB512E015F8B612FE6C8016C03903F0003FED0FE0ED07F01503A2ED01F8 A6ED03F0A21507ED0FE0ED1FC0EDFF8090B612005D5D15FF16C09039F0001FE0ED07F0ED 03F81501ED00FCA216FE167EA616FE16FC1501ED03F8150FED3FF0007FB612E016C0B712 806CECFE0015F027337FB22C>I<02FF13700107EBE0F84913F9013F13FD4913FFEBFF81 3901FE007F4848131FD807F0130F1507485A491303485A150148C7FCA25A007EEC00F016 00A212FE5AAB7E127EA3007F15F06CEC01F8A26C7EA26C6C13036D14F06C6C130716E0D8 03FC131F6C6CEB3FC03A00FF81FF806DB512006D5B010F5B6D13F00100138025357DB32C >I<007FB5FCB612C015F0816C803907E003FEEC00FFED7F80153FED1FC0ED0FE0A21507 16F0150316F81501A4ED00FCACED01F8A3150316F0A2150716E0150FED1FC0153FED7F80 EDFF00EC03FE007FB55AB65A5D15C06C91C7FC26337EB22C>I<007FB612F0B712F8A37E 3903F00001A7ED00F01600A4EC01E04A7EA490B5FCA5EBF003A46E5A91C8FCA5163C167E A8007FB612FEB7FCA36C15FC27337EB22C>I<007FB612F8B712FCA37ED803F0C7FCA716 781600A515F04A7EA490B5FCA5EBF001A46E5A92C7FCAD387FFFE0B5FC805C7E26337EB2 2C>I<903901FC038090390FFF87C04913EF017F13FF90B6FC4813073803FC01497E4848 137F4848133F49131F121F5B003F140F90C7FCA2127EED078092C7FCA212FE5AA8913803 FFF84A13FCA27E007E6D13F89138000FC0A36C141FA27F121F6D133F120F6D137F6C7E6C 6C13FF6D5A3801FF076C90B5FC6D13EF011F13CF6DEB0780D901FCC7FC26357DB32C>I< D87FFEEBFFFCB54813FEA36C486C13FCD807E0EB0FC0B190B6FCA59038E0000FB3D87FFE EBFFFCB54813FEA36C486C13FC27337EB22C>I<007FB512F8B612FCA36C14F839000FC0 00B3B3A5007FB512F8B612FCA36C14F81E3379B22C>I75 D<387FFFE0B57EA36C5BD803F0C8FCB3AE16F0ED01F8A800 7FB6FCB7FCA36C15F025337DB22C>IIII<007FB512C0B612F88115FF6C 15802603F00013C0153FED0FE0ED07F0A2150316F81501A6150316F01507A2ED0FE0ED3F C015FF90B61280160015FC5D15C001F0C8FCB0387FFF80B57EA36C5B25337EB22C>II<387FFFFCB67E15E015F86C803907E007FE1401EC007F6F7E151FA26F7EA64B5A A2153F4BC7FCEC01FE140790B55A5D15E081819038E007FCEC01FE1400157F81A8160FEE 1F80A5D87FFEEB1FBFB5ECFF00815E6C486D5AC8EA01F029347EB22C>I<90381FF80790 B5EA0F804814CF000714FF5A381FF01F383FC003497E48C7FC007E147F00FE143F5A151F A46CEC0F00007E91C7FC127F7FEA3FE0EA1FFCEBFFC06C13FC0003EBFFC06C14F06C6C7F 01077F9038007FFEEC07FF02001380153FED1FC0A2ED0FE0A20078140712FCA56CEC0FC0 A26CEC1F806D133F01E0EB7F009038FE01FF90B55A5D00F914F0D8F83F13C0D8700790C7 FC23357CB32C>I<007FB612FCB712FEA43AFC007E007EA70078153CC71400B3AF90383F FFFCA2497F6D5BA227337EB22C>I<3B7FFF803FFFC0B56C4813E0A36C496C13C03B03F0 0001F800B3AF6D130300015DA26D130700005D6D130F017F495A6D6C485AECE0FF6DB5C7 FC6D5B010313F86D5B9038003F802B3480B22C>III<3A3FFF03FFE0484913F0148714076C6D13E03A01F800FE007F 0000495A13FE017E5BEB7F03013F5B1487011F5B14CF010F5B14FF6D5BA26D90C7FCA26D 5AA26D5AA2497EA2497EA2497F81EB0FCF81EB1FC7EC87F0EB3F83EC03F8EB7F01017E7F EBFE00497F0001147E49137F000380491480151FD87FFEEBFFFC6D5AB514FE6C15FC497E 27337EB22C>II<003FB612C04815E0A4007EC7EA1FC0ED3F80A2ED7F00157E15FE4A5A003C5C C712034A5AA24A5A4A5AA24A5A4AC7FCA214FE495AA2495A495AA2495A495AA2495A49C8 FCA213FE485AA24848EB03C049EB07E01207485A5B121F485AA248C7FCB7FCA46C15C023 337CB22C>I<387FFFFCB512FEA314FC00FCC7FCB3B3B3B512FC14FEA36C13FC17416FB9 2C>I<387FFFFCB512FEA37EC7127EB3B3B3387FFFFEB5FCA36C13FC17417DB92C>93 DI<3801FFF0000713FE001F6D7E15E048809038C0 1FF81407EC01FC381F80000006C77EC8127EA3ECFFFE131F90B5FC1203120F48EB807E38 3FF800EA7FC090C7FC12FE5AA47E007F14FEEB8003383FE01F6CB612FC6C15FE6C14BF00 01EBFE1F3A003FF007FC27247CA32C>97 DI<903803FFE0011F13F8017F13FE48B5 FC48804848C6FCEA0FF0485A49137E4848131890C9FC5A127EA25AA8127EA2127F6C140F 6DEB1F806C7E6D133F6C6CEB7F003907FE03FF6CB55A6C5C6C6C5B011F13E0010390C7FC 21247AA32C>II< EB03FE90381FFFC0017F13F048B57E48803907FE03FE390FF800FFD81FE0EB3F805B4848 EB1FC090C7120F5A007E15E015075AB7FCA416C000FCC9FC7E127EA2127F6CEC03C06DEB 07E06C7ED80FF0130F6C6CEB3FC001FF13FF000190B512806C1500013F13FC010F13F001 01138023247CA32C>IIII<1307EB1FC0A2497EA36D5AA20107C7FC90C8FCA738 7FFFC080B5FC7EA2EA0007B3A8007FB512FCB612FEA36C14FC1F3479B32C>I<140EEC3F 80A2EC7FC0A3EC3F80A2EC0E0091C7FCA748B512804814C0A37EC7120FB3B3A2141F003C 1480007E133FB414005CEB01FEEBFFFC6C5B5C001F5B000790C7FC1A467CB32C>II<38 7FFFE0B57EA37EEA0003B3B3A5007FB61280B712C0A36C158022337BB22C>I<3A7F83F0 07E09039CFFC1FF83AFFDFFE3FFCD87FFF13FF91B57E3A07FE1FFC3E01FCEBF83F496C48 7E01F013E001E013C0A301C01380B33B7FFC3FF87FF0027F13FFD8FFFE6D13F8D87FFC49 13F0023F137F2D2481A32C>I<397FF01FE039FFF87FFC9038F9FFFE01FB7F6CB6FC0001 9038F03F80ECC01F02807FEC000F5B5BA25BB3267FFFE0B5FCB500F11480A36C01E01400 29247FA32C>II<397FF01FE039FFF8FFF801FB13FE90B6FC6C158000019038F07F C09138801FE091380007F049EB03F85BED01FC491300A216FE167EA816FE6D14FCA2ED01 F86D13036DEB07F0150F9138801FE09138E07FC091B51280160001FB5B01F813F8EC3FC0 91C8FCAD387FFFE0B57EA36C5B27367FA32C>I114 D<90387FF8700003B512F8120F5A5A387FC00F387E 00034813015AA36CEB00F0007F140013F0383FFFC06C13FE6CEBFF80000314E0C66C13F8 010113FCEB0007EC00FE0078147F00FC143F151F7EA26C143F6D133E6D13FE9038F007FC 90B5FC15F815E000F8148039701FFC0020247AA32C>I<131E133FA9007FB6FCB71280A3 6C1500D8003FC8FCB1ED03C0ED07E0A5EC800F011FEB1FC0ECE07F6DB51280160001035B 6D13F89038003FE0232E7EAD2C>I<3A7FF003FF80486C487FA3007F7F0001EB000FB3A3 151FA2153F6D137F3900FE03FF90B7FC6D15807F6D13CF902603FE07130029247FA32C> I<3A7FFF01FFFCB514FE148314016C15FC3A03E0000F80A26D131F00011500A26D5B0000 143EA26D137E017C137CA2017E13FC013E5BA2EB3F01011F5BA21483010F5BA214C70107 5BA214EF01035BA214FF6D90C7FCA26D5A147C27247EA32C>II<3A3FFF03FFF048018713F8A36C010313F03A00FC007E005D90 387E01F8013F5BEB1F83EC87E090380FCFC0903807EF80EB03FF6D90C7FC5C6D5A147C14 FE130180903803EF80903807CFC0EB0FC7EC83E090381F01F0013F7FEB7E00017C137C49 137E0001803A7FFF01FFFC1483B514FE6C15FC140127247EA32C>I<3A7FFF01FFFCB500 8113FE148314816C010113FC3A03E0000F806C7E151F6D140012005D6D133E137C017E13 7E013E137CA2013F13FC6D5BA2EB0F815DA2EB07C1ECC3E0A2EB03E3ECE7C0130114F75D EB00FFA292C7FC80A2143EA2147E147CA214FC5CA2EA0C01003F5BEA7F83EB87E0EA7E0F 495A387FFF806C90C8FC6C5A6C5AEA07E027367EA32C>I<003FB612E04815F0A4007EC7 EA1FE0ED3FC0ED7F80EDFF004A5A003C495AC7485A4A5A4A5A4A5A4A5A4AC7FCEB01FC49 5AEB0FF0495A495A495A49C8FC4848EB01E04848EB03F0485A485A485A485A485AB7FCA4 6C15E024247DA32C>I<15FF02071380141F147F91B512004913C04AC7FCEB03F85CB313 07EB1FE013FF007F5BB55A49C8FC6D7E6C7FC67F131FEB07F01303B380EB01FEECFFC06D 13FF6E1380141F14070200130021417BB92C>I<127812FCB3B3B3A9127806416DB92C>I< EA7FC0EAFFF813FE6D7E6C7FC67F131FEB07F01303B380EB01FEECFFC06D13FF6E138014 1F147F91B512004913C04AC7FCEB03F85CB31307EB1FE013FF007F5BB55A49C8FC13F8EA 7FC021417BB92C>I E %EndDVIPSBitmapFont /Fc 152[42 42 86[42 15[{ TeXbbad153fEncoding ReEncodeFont }3 83.022 /CMSY10 rf %DVIPSBitmapFont: Fd ecbx1000 10 43 /Fd 43 122 df<913803FFC0027F13F00103B512FC010FEB00FED93FF8133FD97FE0EBFF 8049485A5A1480484A13C04A6C1380A36F1300167E93C7FCA592383FFFC0B8FCA4000390 C7FCB3ABB5D8FC3F13FFA4303A7EB935>28 D<912603FFC0EB7FF8027F9039F00FFFFE49 B5D8FC7F6D7E010F903B007FFFE01FC0D91FF8011F90380007E0D97FE0D97FFCEB1FF049 484948133F485C02805C484E7E02004A6D5AA281735A047F6E5A96C8FCA5953807FFF8BB FCA4000390C7397FE0001FB3ABB5D8FC1FB50087B512E0A44B3A7EB950>30 D46 D<49B4FC011F13F0017F13FC9038FF83FE4848C67E4848EB7F804848EB3FC04848EB1FE0 A2001F15F0A24848EB0FF8A3007F15FCA400FF15FEB3007F15FCA5003F15F86D131FA200 1F15F0A26C6CEB3FE0000715C06C6CEB7F806C6CEBFF003900FF83FE6DB45A011F13F001 0190C7FC27377CB530>48 D<141E143E14FE1307137FB5FCA3138FEA000FB3B3A5007FB6 1280A4213679B530>IIII<001C15C0D81F80 130701F8137F90B61280A216005D5D15F05D15804AC7FC14F090C9FCA7EB03FE90381FFF E0017F13F89038FE07FC9038F003FFD9C0011380496C13C090C7FC000E15E0C8127F16F0 A216F8A3121FEA3FC0487E12FF7FA316F05B15FFD87F8014E0007EC713C0003E5B003F49 13806C6C481300390FF01FFE6CB512F8000114E06C6C1380D90FF8C7FC25377BB530>I< EC0FF8ECFFFE0103EBFF8090390FF80FC090393FE003E090397F8001F09038FF000F48EC 1FF84848133F485A120F5B121FA2003FEC1FF0ED0FE0484890C7FCA31408EC7FF039FFF1 FFFC01F313FFD9F78013809039FF007FC049EB3FE04914F0ED1FF85B16FCA34914FEA412 7FA5123F16FCA26C7E16F8000F143F6D14F0000715E06C6CEB7FC03A01FF81FF806C90B5 1200013F13FC010F13F00101138027377CB530>I<123C123EEA3FE090B71280A4170048 5D5E5E5E5EA2007CC7EA0FC000784A5A4BC7FC00F8147E485C5D14014A5AC7485A4A5AA2 4A5A143F4AC8FCA214FEA213015C1303A21307A2130F5CA2131FA5133FA96D5A6D5A6D5A 29397BB730>I<49B47E010F13F0013F13FC9038FE01FF3A01F8007F804848EB3FC04848 EB1FE0150F484814F01507121FA27F7F7F6D130F01FF14E014C09138E01FC06CEBF83F91 38FE7F806C9038FFFE005D6C14F06C14FC6C14FF6D14806D14C090B612E0D803FD14F026 07F07F13F848487E261FC00F13FC383F8003007F010013FE90C7127F151F00FE14071503 1501A21500A216FC7E6C14016D14F86C6C13036DEB07F06C6CEB0FE0D80FFEEB7FC00003 B61200C614FC013F13F00103138027377CB530>II65 D67 DI70 D73 D76 D79 DI82 DI< 003FB91280A4D9F800EBF003D87FC09238007FC049161F007EC7150FA2007C1707A20078 1703A400F818E0481701A4C892C7FCB3AE010FB7FCA43B387DB742>II97 D<13FFB5FCA412077EAF4AB47E020F13F0023F13 FC9138FE03FFDAF00013804AEB7FC00280EB3FE091C713F0EE1FF8A217FC160FA217FEAA 17FCA3EE1FF8A217F06E133F6EEB7FE06E14C0903AFDF001FF80903AF8FC07FE009039F0 3FFFF8D9E00F13E0D9C00390C7FC2F3A7EB935>I<903801FFC0010F13FC017F13FFD9FF 8013802603FE0013C048485AEA0FF8121F13F0123F6E13804848EB7F00151C92C7FC12FF A9127FA27F123FED01E06C7E15036C6CEB07C06C6C14806C6C131FC69038C07E006DB45A 010F13F00101138023257DA42A>II<903803FF80011F13F0017F13FC3901FF83FE3A03FE007F804848 133F484814C0001FEC1FE05B003FEC0FF0A2485A16F8150712FFA290B6FCA301E0C8FCA4 127FA36C7E1678121F6C6C14F86D14F000071403D801FFEB0FE06C9038C07FC06DB51200 010F13FC010113E025257DA42C>I<161FD907FEEBFFC090387FFFE348B6EAEFE02607FE 07138F260FF801131F48486C138F003F15CF4990387FC7C0EEC000007F81A6003F5DA26D 13FF001F5D6C6C4890C7FC3907FE07FE48B512F86D13E0261E07FEC8FC90CAFCA2123E12 3F7F6C7E90B512F8EDFF8016E06C15F86C816C815A001F81393FC0000F48C8138048157F 5A163FA36C157F6C16006D5C6C6C495AD81FF0EB07FCD807FEEB3FF00001B612C06C6C91 C7FC010713F02B377DA530>103 D<13FFB5FCA412077EAFED7FC0913803FFF8020F13FE 91381F03FFDA3C01138014784A7E4A14C05CA25CA291C7FCB3A3B5D8FC3F13FFA4303A7D B935>II<13FFB5FCA412077EB3B3ACB512FCA4163A7DB91B>108 D<01FED97FE0EB0FFC00FF902601FFFC90383FFF80020701FF90B512E0DA1F81903983F0 3FF0DA3C00903887801F000749DACF007F00034914DE6D48D97FFC6D7E4A5CA24A5CA291 C75BB3A3B5D8FC1FB50083B512F0A44C257DA451>I<01FEEB7FC000FF903803FFF8020F 13FE91381F03FFDA3C011380000713780003497E6D4814C05CA25CA291C7FCB3A3B5D8FC 3F13FFA430257DA435>I<903801FFC0010F13F8017F13FFD9FF807F3A03FE003FE04848 6D7E48486D7E48486D7EA2003F81491303007F81A300FF1680A9007F1600A3003F5D6D13 07001F5DA26C6C495A6C6C495A6C6C495A6C6C6CB45A6C6CB5C7FC011F13FC010113C029 257DA430>I<9039FF01FF80B5000F13F0023F13FC9138FE07FFDAF00113800003496C13 C00280EB7FE091C713F0EE3FF8A2EE1FFCA3EE0FFEAA17FC161FA217F8163F17F06E137F 6E14E06EEBFFC0DAF00313809139FC07FE0091383FFFF8020F13E0020390C7FC91C9FCAC B512FCA42F357EA435>I<9038FE03F000FFEB0FFEEC3FFF91387C7F809138F8FFC00007 5B6C6C5A5CA29138807F80ED3F00150C92C7FC91C8FCB3A2B512FEA422257EA427>114 D<90383FF0383903FFFEF8000F13FF381FC00F383F0003007E1301007C130012FC15787E 7E6D130013FCEBFFE06C13FCECFF806C14C06C14F06C14F81203C614FC131F9038007FFE 140700F0130114007E157E7E157C6C14FC6C14F8EB80019038F007F090B512C000F81400 38E01FF81F257DA426>I<130FA55BA45BA25B5BA25A1207001FEBFFE0B6FCA3000390C7 FCB21578A815F86CEB80F014816CEBC3E090383FFFC06D1380903803FE001D357EB425> I<01FFEC3FC0B5EB3FFFA4000714016C80B3A35DA25DA26C5C6E4813E06CD9C03E13FF90 387FFFFC011F13F00103138030257DA435>I121 D E %EndDVIPSBitmapFont %DVIPSBitmapFont: Fe ecbx1440 14.4 42 /Fe 42 122 df28 D30 D<913803FF80023F13F849B6FC 010715C04901017F903A3FFC007FF8D97FF0EB1FFC49486D7E48496D7E4A7F4817804890 C76C13C0A248486E13E0A2001F17F0A3003F17F8A249157FA2007F17FCA600FF17FEB3A5 007F17FCA6003F17F86D15FFA3001F17F0A3000F17E06D5C6C17C0A26C6D4913806C1700 6E5B6C6D495A6D6C495AD93FFCEB7FF8903A0FFF01FFE06D90B55A010192C7FCD9003F13 F802031380374F7BCD42>48 D<151E153E15FE1403140F147FEB07FF0003B5FCB6FCA3EB F87FEAFC00C7FCB3B3B3A6007FB712FCA52E4E76CD42>II<913807FFC0027F13FC0103B67E010F15E090261FF80313F890267FC0007F01 FEC7EA3FFE48488148486E138013FE486C6C6D13C0804817E080A66C5B18C06C5B6C90C7 5AD80038168090C8FC4C1300A24C5A5F4C5A4B5B4B13C0030F5BDB7FFEC7FC91387FFFF8 16C016FCEEFF80DA000313E09238007FF8EE3FFE707E70138018C07013E018F07013F8A2 18FC82A218FEA3EA03C0EA0FF0EA3FFC487EA2B5FCA218FCA25E18F8A26C4816F0495C49 16E0D83FE04A13C06C485CD80FF04A1380D807FE91387FFE003B03FFE003FFFC6C90B65A 6C6C15E0010F92C7FC010114FCD9001F1380374F7BCD42>I<17FC1601A216031607160F A2161F163F167FA216FF5D5DA25D5D5D167F153E157E15FC15F8EC01F01403EC07E015C0 EC0F80141FEC3F00143E5C14FC495A5C495A1307495A5C49C7FC5B137E137C5B1201485A 5B485A120F485A90C8FC123E127E5ABA1280A5C901FCC7FCAF021FB71280A5394F7CCE42 >I<486C150601F0153E01FEEC01FED9FFF0133F91B65A5F5F5F5F5F94C7FC16FC5E16E0 93C8FC15FC01F0138091CAFCAC913807FF80023F13F891B512FE01F36E7E9026FFFC0113 E09139E0007FF891C76C7E496E7E01F86E7E5B7013804916C0C9FC18E08218F0A418F8A3 1203EA0FE0EA3FF8487EA212FF7FA218F0A25B5E6C4816E05B01C016C06CC85A18806C6C 4A13007FD80FF04A5A6C6CECFFFCD803FE4913F02701FFE00F5B6C6CB612806D92C7FC01 0F14F8010114C09026003FFCC8FC354F7ACD42>II<121F7F7FEBFF 8091B8FCA45A18FE18FC18F818F0A218E018C018804817000180C8123E007EC9127E5F00 7C4B5A4C5A5F16074C5A484B5A4CC7FC167E167CC912FC4B5A4B5AA24B5A150F4B5AA24B 5AA24BC8FC5DA25C5D1403A214075D140FA3141FA2143FA34A5AA414FFA65BAB6D5B6E5A 6E5A6E5A385279D042>I<913803FFC0023F13FC49B67E010715E090260FFC0013F8D93F E0EB1FFCD97F80EB07FE49C76C7E496E1380484880000317C049157F120718E0173F120F A27FA27F7F6E147F02E015C08002FC14FF6C01FF15806F481300EDE0036C9138F807FE6F 485A6C9138FF1FF06CEDFFE017806D4AC7FC7F010F6E7E6D81010115F06D81010315FE01 0F81D93FF71580D97FC115C02701FF807F14E048EB001F48486D14F04848010314F84848 1300496E13FC003F151F491407007F6F13FE491400177F00FF163F49151F170F1707A217 03A218FCA27F127F6DED07F8A26C6CED0FF07F6C6CED1FE06C6CED3FC06C6CEDFF806C01 C0010313006C01FCEB3FFE6C6CB612F8011F15E001071580010002FCC7FC020F13C0374F 7BCD42>I<913807FF80027F13F849B512FE01076E7E90261FFE0113E0903A7FF8003FF0 49486D7E48496D7E48496D7E484980486F138091C7FC486F13C05A18E0485A18F0A27013 F812FFA318FCA618FEA35E127FA4003F5DA26C7E5E7E6C6D5B161E6C7F6C6D5B6C6C6C13 F890393FFC03F06DB55A01074A13FC01001400EC1FF891C8FCA218F85EA301FC16F0487E 2607FF8015E05E486D15C0A24C1380A24C13005F4A131F6C4B5A49C7485A494A5A6C4849 5B6D01075B2701FF803F90C7FC6C90B512FC013F5C6D14C0010791C8FC9038007FF0374F 7BCD42>I<173FA24D7EA34D7EA24C7FA34C7FA24C7FA34C7FA24C7FA34C7F163E83047E 80EE7C3F04FC8016F8830301814C7E03038116E0830307814C7E030F81168083031F8116 00834B81033E80037E82157C8403FC824B800201835D840203834B800207835D92B8FC4A 83A34A8392C9FC4A83143E85027E84027C8202FC845C850101854A820103855C85010785 4A82A2494884D93FF082B600F0020FB712C0A55A547CD363>65 D<932603FFF01407047F 01FF140F0307B600E0131F033F03F8133F92B700FE137F02039126C003FF13FF020F01F8 C7EA3FC1023F01C0EC0FE391B5C80003B5FC4901FC814949814901E082011F4982494982 92CA7E4948834948835A4A83485B4885A24849187FA2485B1B3FA2485B1B1FA25AA21B00 91CDFCA2B5FCAE7EA280A36C1A1FA36C7FA21B3F6C7F1B3E6C7F1B7E6C6D187C6C1AFC6E 18F86C19016D6CEF03F06D7E6FEE07E06D6DEE0FC001076DEE1F806D01F8EE3F006D6D16 FE6D01FF4B5A023F01C0EC07F8020F01FCEC3FF00203903AFFC001FFC0020091B6C7FC03 3F15FC030715F0DB007F1480040301F0C8FC505479D25F>67 DI70 D73 D76 D<93381FFF800303B512FC033FECFFC092B712F00207D9F80113FE021F903A80001FFF80 4A48C700077FDAFFF8020113F049496E7F4901C0ED3FFC49496F7E4990C96C7E4948707F 013F854948707F4948707F48864A8248864A177F48864849717EA3481B804A83481BC0A4 4890CB6C13E0A5B51AF0AF6C1BE06E5FA46C1BC0A26E5F6C1B80A36C6D4D1300A26C6D4D 5AA26C626C6D4C5B6E5E6C626D6C4C5B6E5E6D6D4B5B6D6D4B5B6D6D4B90C7FC6D6D4B5A 01016D4A13F86D01FE02075B91263FFFC0013F13C06ED9F801B55A020790B648C8FC0201 16F8DA003F15C003074AC9FCDB001F1380545479D263>79 DI82 DI<003FBB12FCA59126C0007FEB000301FCC7ED003FD87FF0F00FFE49 180749180349180190C81600A2007E1A7EA3007C1A3EA500FC1A3F481A1FA6C91700B3B3 AC49B912C0A550517BD05B>II97 DI<913803FFE0023F13FE91B67E0103 15E0010F9038003FF8D93FFCEB07FC4948497E4948131F4849497E485B485BA24890C7FC 5A5B003F6F5A705A705A007F92C8FC5BA312FFAD127F7FA3123F7F6CEE0F80A26C6D141F 18006C6D5C6C6D143E6C6D147E6C6D5C6D6C495A6DB4EB07F0010F9038C01FE06D90B512 8001014AC7FCD9003F13F80203138031387CB63A>I<943803FF80040FB5FCA5EE003F17 0FB3A4913803FF80023F13F849B512FE0107ECFF8F011F9038C03FEF90273FFE0007B5FC D97FF8130149487F484980484980484980488291C8FC5A5B123FA2127F5BA312FFAD127F A37F123FA3121F7F6C5E6C6D5C5F6C6D91B5FC6C6D5B6C6D4914E0D97FFCD90FEFEBFF80 D91FFFEB7F8F010790B5120F010114FC6D6C13E00207010049C7FC41547CD249>I<9138 07FF80027F13F849B512FE01076E7E011F010313E0903A3FFC007FF0D97FF06D7E49486D 7E4849130F48496D7E48824890C77E1880485A82003F17C0A3485A18E082A212FFA290B8 FCA401FCCAFCA6127FA37F123FA2EF03E06C7E17076C17C06C6D140F18806C6D141F6C6D EC3F006C6D147ED97FFC495AD91FFFEB07F86D9038E03FF0010390B512C001005D023F01 FCC7FC020113E033387CB63C>I103 DI<133FEBFF C0487F487FA2487FA66C5BA26C5B6C5B013FC7FC90C8FCAEEB1FF8B5FCA512017EB3B3A6 B612F0A51C547CD324>I108 DII<913801FFC0023F13FE91B67E010315E001 0F018013F8903A3FFC001FFED97FF0EB07FF49486D7F48496D7F48496D7F91C8127F4883 488349153F001F83A2003F8349151FA2007F83A400FF1880AC007F1800A3003F5F6D153F A2001F5FA26C6C4B5AA26C6D4A5A6C5F6C6D495B6C6D495B6D6C4990C7FCD93FFCEB1FFE 6DB46CB45A010790B512F0010115C0D9003F49C8FC020313E039387CB642>II<90393FF001FCB590 380FFF804B13E0037F13F09238FE1FF89138F1F83F00019138F07FFC6CEBF3E015C0ECF7 80A2ECFF00EE3FF84AEB1FF0EE0FE093C7FC5CA45CB3ABB612FEA52E367DB535>114 D<903903FFC00E011FEBFC1E90B6127E000315FE3907FE003FD80FF0130F484813034848 1301491300127F90C8127EA248153EA27FA27F01F091C7FC13FCEBFF806C13FEECFFF06C 14FE6F7E6C15E06C816C15FC6C81C681133F010F15801301D9000F14C0EC003F030713E0 150100F880167F6C153FA2161F7EA217C07E6D143F17807F6DEC7F0001F85C6DEB03FE90 39FF801FFC486CB512F0D8F81F14C0D8F00791C7FC39E0007FF02B387CB634>I<147CA6 14FCA41301A31303A21307A2130F131F133F137F13FF1203000F90B512FEB7FCA426007F FCC8FCB3A9EE0F80ABEE1F006D7EA2011F143E806D6D5A6DEBC1F86DEBFFF001005C023F 1380DA03FEC7FC294D7ECB33>II121 D E %EndDVIPSBitmapFont %DVIPSBitmapFont: Ff ecss1000 10 35 /Ff 35 122 df<903901F807F0EB07FE130F131F133FEB7F0EEB7E0201FEC8FC5BA21201 AEB538FE07F0A53801FC00B3AE243D7FBC2C>28 D<12FEA7121E123CA312381278A21270 A212F0071178BB17>39 D45 D<12FEA70707788617>I65 D<913803FF80021F13F891B6FC4915C013075B4948C61380D97FF0130FD9FFC013034A13 014890C9FC485A485A5B120F5B485AA2485AA3485AA448CAFCAC6C7EA46C7EA36C7EA26C 7E7F12077F6C7E6C6C15206C6D14E06E1301D97FF0130FD91FFE137F6DB6FC6D15C00101 15006D5C021F13F0020313802B3E7BBB35>67 DIII<12FFB3B3B3A4083A79B917>73 D76 D80 D83 DI97 D<12FEB3A4EB01FCEB0FFF013F13C090B57EB67E 9038F03FF8EBC007496C7EEB0001486D7EA2157FA3ED3F80AAED7F00A35D5D14016C5CEB 80039038C00FF89038F03FF090B55A485C6D5BD91FFEC7FC380007F8213D7ABB2B>IIII<14FF010313C0130F5B5BEB7F819038 FE004049130012015BA21203ADB512FCA5D803F8C7FCB3AE1A3D7FBC19>I<903907E001 F890383FFC1F90397FFEFFFC48B6FC5A9039F81FF8003907F00FE048486C7EEBC003A248 486C7EA76C6C485AA2EBE0076C6C485A6C6C485A48B5FC5D4849C7FCEB3FFC381F07E090 C9FCA37F7F6CB512C015F815FE6CECFF8016C04815E05A3A3F80007FF048C7120F007EEC 03F8481401A46C1403007E15F0D87F80130F6C6CEB1FE03A1FFC01FFC06CB612806C1500 000114FC6C6C13F0010790C7FC26387EA52A>I<12FEB3A4EB01FC90380FFF804913C001 7F13E090B512F039FFF81FF8EBE007EBC003018013FC14011300A35AB3A71E3C7ABB2B> I<12FFA81200AC127FB3B308397BB814>I<12FEB3B3B3A6073C7ABB14>108 DIIII<14F0EAFC07130F133F137F13FF00FD130013FCEAFF F05B5BA25B90C7FCA35AB3A414267AA51C>114 DII<00FEEB 01FCB3AA1403A214076C131F387F807F90B5FC6C13F914F1000F13C1D803FCC7FC1E267A A42B>II120 DI E %EndDVIPSBitmapFont %DVIPSBitmapFont: Fg ecrm1000 10 81 /Fg 81 123 df<1330137813FC487EEA03CF38078780380F03C0EA0E01381C00E0481370 48133848131C00401308160D76B42B>2 D21 D27 DIII<007C 137C00FE13FEEAFF01A3EAFE00A7007E13FC007C137CA8003C137800381338A700181330 171E77BA2A>34 D36 D<017C166048B416F02607C3801401260F81C014 03D900E04A5A001E01784A5A003E6D141F003C013FEC7F80007C90271BE003FFC7FC0218 B512BF007891381FFC3E00F8011CC75A020C14FC5F4C5A16035F4C5A160F5F4CC8FC021C 5B00780118133E007C5D16FC003C01385B003E90383001F0001EEB70036C01E05B903981 C007C03907C3800F2601FF005BD8007C49C9FC90C748EB07C0033EEB1FF04BEB3C3803FC EBF81C4B497E913A01F001E00602030103130703E0497E912607C0071480020F15011580 DA1F00018013C04A010F1300143E5C14FC5C495A13035C495A130F4A0107130149C701C0 13805B013E1603490203140001FC6F5A49020113064848913800F00E0003705A49ED3C38 49ED1FF06C48ED07C03A437BBD45>I<121C127FEAFF80A213C0A3127F121C1200A41201 1380A2120313005A1206120E5A5A5A12600A1979B917>39 D<146014E0EB01C0EB0380EB 0700130E131E5B5BA25B485AA2485AA212075B120F90C7FCA25A121EA2123EA35AA65AB2 127CA67EA3121EA2121F7EA27F12077F1203A26C7EA26C7E1378A27F7F130E7FEB0380EB 01C0EB00E01460135278BD20>I<12C07E12707E7E7E120F6C7E6C7EA26C7E6C7EA21378 A2137C133C133E131EA2131F7FA21480A3EB07C0A6EB03E0B2EB07C0A6EB0F80A31400A2 5B131EA2133E133C137C1378A25BA2485A485AA2485A48C7FC120E5A5A5A5A5A13527CBD 20>II< 121C127FEAFF80A213C0A3127F121C1200A412011380A2120313005A1206120E5A5A5A12 600A19798817>44 DI<121C127FEAFF80A5EA7F00121C090979 8817>I<1506A2150E150CA2151C151815381530A215701560A215E015C0A214011580A2 140315005C1406A2140E140CA2141C1418A214381430A21470146014E05CA213015CA213 0391C7FCA25B1306A2130E130C131C1318A213381330A213701360A213E05BA212015B12 0390C8FCA25A1206A2120E120CA2121C1218A21238123012701260A212E05AA21F537BBD 2A>IIIII<1538A2157815F8A21401 14031407A2140F141F141B14331473146314C313011483EB030313071306130C131C1318 13301370136013C01201EA038013005A120E120C5A123812305A12E0B712F8A3C73803F8 00AA4A7E0103B512F8A325387EB72A>I<0006140CD80780133C9038F003F890B5FC5D5D 158092C7FC14FC38067FE090C9FCAAEB07F8EB1FFE9038780F809038E007E03907C003F0 496C7E130000066D7E81C8FC8181A21680A4121C127F5A7FA390C713005D12FC00605C12 704A5A6C5C6C1303001E495A6C6C485A3907E03F800001B5C7FC38007FFCEB1FE021397C B62A>II<12301238123E003FB612E0A316C05A16 8016000070C712060060140E5D5D00E014304814705D5DC712014A5A4AC7FC1406140E5C A25C1478147014F05C1301A213035C1307A2130FA3131F5CA2133FA5137FA96DC8FC131E 233A7BB72A>III<121C127FEAFF 80A5EA7F00121CC7FCB2121C127FEAFF80A5EA7F00121C092479A317>I<121C127FEAFF 80A5EA7F00121CC7FCB2121C127FEAFF80A213C0A3127F121C1200A412011380A2120313 005A1206120E5A5A5A12600A3479A317>I64 D<1538A3157CA315FEA34A7E A34A6C7EA202077FEC063FA2020E7FEC0C1FA2021C7FEC180FA202387FEC3007A202707F EC6003A202C07F1501A2D901807F81A249C77F167FA20106810107B6FCA24981010CC712 1FA2496E7EA3496E7EA3496E7EA213E0707E1201486C81D80FFC02071380B56C90B512FE A3373C7DBB3E>II<913A01FF800180020FEBE003027F13F8903A01 FF807E07903A03FC000F0FD90FF0EB039F4948EB01DFD93F80EB00FF49C8127F01FE153F 12014848151F4848150FA248481507A2485A1703123F5B007F1601A35B00FF93C7FCAD12 7F6DED0180A3123F7F001F160318006C7E5F6C7E17066C6C150E6C6C5D00001618017F15 386D6C5CD91FE05C6D6CEB03C0D903FCEB0F80902701FF803FC7FC9039007FFFFC020F13 F002011380313D7BBA3C>IIII III<013FB512E0A39039001FFC00EC07F8B3B3A3123FEA7F80EAFFC0A44A5A1380D8 7F005B0070131F6C5C6C495A6C49C7FC380781FC3801FFF038007F80233B7DB82B>IIIIIII82 D I<003FB812E0A3D9C003EB001F273E0001FE130348EE01F00078160000701770A3006017 30A400E01738481718A4C71600B3B0913807FF80011FB612E0A335397DB83C>IIII<007FB590383FFFFCA3C601F801071380D97FE0D903FCC7FC013FEC01F06D6C5C 5F6D6C5C6D6C13034CC8FC6D6C1306160E6D6C5B6DEB8018163891387FC0306E6C5A16E0 6E6C5A91380FF18015FB6EB4C9FC5D14036E7EA26E7F6F7EA24B7E15DF9138019FF09138 038FF8150F91380607FC91380E03FE140C4A6C7EEC38000230804A6D7E14E04A6D7E4948 6D7E130391C76C7E01066E7E130E010C6E7E011C1401013C8101FE822607FF80010713E0 B500E0013FEBFF80A339397EB83E>I I<003FB7FCA39039FC0001FE01C0130349495A003EC7FC003C4A5A5E0038141F00784A5A 12704B5A5E006014FF4A90C7FCA24A5A5DC712074A5AA24A5A5D143F4A5AA24A5A92C8FC 5B495AA2495A5C130F4948EB0180A2495A5C137F495A16034890C7FC5B1203485AEE0700 485A495C001F5D48485C5E4848495A49130FB8FCA329397BB833>I97 DIIII<147E903803FF8090380FC1E0EB1F8790383F0FF0137EA213 FCA23901F803C091C7FCADB512FCA3D801F8C7FCB3AB487E387FFFF8A31C3B7FBA19>I< ED03F090390FF00FF890393FFC3C3C9039F81F707C3901F00FE03903E007C03A07C003E0 10000FECF000A248486C7EA86C6C485AA200075C6C6C485A6D485A6D48C7FC38073FFC38 060FF0000EC9FCA4120FA213C06CB512C015F86C14FE6CECFF804815C03A0F80007FE048 C7EA0FF0003E140348140116F8481400A56C1401007C15F06CEC03E0003F1407D80F80EB 0F80D807E0EB3F003901FC01FC39007FFFF0010790C7FC26387EA52A>IIIIII<2703F00FF0EB1FE000FFD93FFCEB7FF8913AF03F01E07E903BF1C01F8380 3F3D0FF3800FC7001F802603F70013CE01FE14DC49D907F8EB0FC0A2495CA3495CB3A348 6C496CEB1FE0B500C1B50083B5FCA340257EA445>I<3903F00FF000FFEB3FFCECF03F90 39F1C01F803A0FF3800FC03803F70013FE496D7EA25BA35BB3A3486C497EB500C1B51280 A329257EA42E>II<3903F01FE000FFEB7FF89038F1E07E9039F3801F 803A07F7000FC0D803FEEB07E049EB03F04914F849130116FC150016FEA3167FAA16FEA3 ED01FCA26DEB03F816F06D13076DEB0FE001F614C09039F7803F009038F1E07E9038F0FF F8EC1FC091C8FCAB487EB512C0A328357EA42E>II<3807E01F00FFEB7FC09038E1E3 E09038E387F0380FE707EA03E613EE9038EC03E09038FC0080491300A45BB3A2487EB512 F0A31C257EA421>II<1318A51338A31378A313F8120112031207001FB5FCB6FCA2D801F8C7FCB215 C0A93800FC011580EB7C03017E13006D5AEB0FFEEB01F81A347FB220>IIIIII<00 3FB512FCA2EB8003D83E0013F8003CEB07F00038EB0FE012300070EB1FC0EC3F80006013 7F150014FE495AA2C6485A495AA2495A495A495AA290387F000613FEA2485A485A000714 0E5B4848130C4848131CA24848133C48C7127C48EB03FC90B5FCA21F247EA325>I E %EndDVIPSBitmapFont %DVIPSBitmapFont: Fh ecss2074 20.74 15 /Fh 15 122 df45 D70 D80 D84 D87 D<91380FFF8049B512F0010F14 FC017F14FF48B712C0000782001F824882DAE0007F49C7EA3FFE01F8140FD81FC06E7E90 C86C1380121E00186F13C0001081CAFCEF7FE0A318F0173FAD93B5FC157F0207B6FC143F 49B7FC1307011F153F017FEBF80090B512804801F8C7FC4813C04890C8FCEA0FFC485A48 5A5B485A5BA248C9FCA5177FA26D15FFA26C6C5C6D5C6D140F6C6C5C01FF91B5FC6CEBE0 0791B612BF6CEDFE3F16FC6C15F06C15C06CECFE006C6C13F0D91FFCC9FC344C77CA4C> 97 D101 D104 DI111 DI114 D116 D120 DI E %EndDVIPSBitmapFont end %%EndProlog %%BeginSetup %%Feature: *Resolution 600dpi TeXDict begin %%BeginPaperSize: a4 a4 %%EndPaperSize end %%EndSetup %%Page: 1 1 TeXDict begin 1 0 bop 0 201 a Fh(The)53 b(FTP-Pro)l(xy)f(White)h(P)l (ap)t(er)p 0 315 3900 24 v 0 428 a Fg(The)28 b(SuSE)g(Pro)n(xy-Suite)f (Core)f(Dev)n(elopmen)n(t)h(T)-7 b(eam)393 b($Revision:)36 b(1.7)27 b($)g(\($Date:)37 b(2002/05/02)22 b(13:05:28)j($\))0 734 y Ff(FTP-Pro)n(xy)h(is)e(SuSE)h(Pro)n(xy-Suite's)g (application-level)d(p)n(ro)n(xy)j(fo)n(r)g(FTP)h(connections.)34 b(It)25 b(p)n(rovides)f(supp)r(o)n(rt)h(fo)n(r)g(b)r(oth)f(active)0 848 y(and)e(passive)g(transfers)h(and)f(fo)n(r)g(user-sp)r(eci\034c)g (con\034guration)f(directives.)35 b(Con\034guration)21 b(data)h(can)g(b)r(e)g(obtained)g(either)g(from)0 961 y(a)28 b(lo)r(cal)e(con\034guration)h(\034le)h(o)n(r)f(from)h(an)f(LD)n (AP)h(directo)n(ry)-7 b(.)0 1300 y Fe(Con)l(ten)l(ts)0 1539 y Fd(1)77 b(In)m(tro)s(duction)3201 b(1)0 1779 y(2)77 b(Installation)3252 b(2)0 2018 y(3)77 b(Con\034guration)3153 b(4)0 2258 y(4)77 b(Lo)s(cal)31 b(System)g(Securit)m(y)2797 b(5)0 2497 y(5)77 b(In)m(b)s(ound)31 b(and)i(Outb)s(ound)e(FTP)h(T)-8 b(ra\036c)2218 b(5)0 2736 y(6)77 b(Command)29 b(Restriction)2803 b(6)0 2976 y(7)77 b(User)31 b(Authen)m(tication)2876 b(7)0 3215 y(8)77 b(Using)31 b(an)h(LD)m(AP)h(Directory)2630 b(7)0 3455 y(9)77 b(Logging)30 b(and)i(Auditing)2814 b(9)0 3694 y(10)29 b(Cop)m(yrigh)m(t)j(and)g(License)2741 b(10)0 3934 y(11)29 b(Authors)3340 b(11)0 4272 y Fe(1)131 b(In)l(tro)t(duction)0 4511 y Fg(***)28 b(Note:)41 b(this)30 b(do)r(cumen)n(t)g(is)f(w)n(ork)g(in)h(progress)d(and)i(b)n(y)h(no)f (means)g(complete.)43 b(It)30 b(is)f(included)h(just)h(for)e(the)h(sak) n(e)e(of)0 4624 y("Release)e(early)h(and)g(often.")g(***)0 4781 y(FTP-Pro)n(xy)k(is)g(a)g(transparen)n(t,)g(application-lev)n(el)f (pro)n(xy)g(serv)n(er)g(for)h(FTP)h(connections,)g(designed)f(to)g (protect)g(FTP)0 4894 y(serv)n(ers)25 b(against)i(attac)n(ks)f(based)h (on)g(the)h(FTP)h(proto)r(col.)0 5051 y(Due)j(to)g(the)g(dual)g(TCP)g (connection)f(nature)g(of)h(the)g(FTP)h(proto)r(col,)e(sp)r(ecial)h (handling)f(is)h(required)f(to)g(allo)n(w)g(secure)0 5164 y(transfers.)k(Data)26 b(connections)f(are)g(usually)h(op)r(ened)g (b)n(y)g(the)g(FTP)h(serv)n(er)d(\(the)j(FTP)g(proto)r(col)e(sp)r (eci\034cation)g(calls)h(this)0 5278 y("activ)n(e")34 b(transfers\))g(or)h(optionally)f(b)n(y)h(the)h(FTP)g(clien)n(t)g (\("passiv)n(e")d(transfers\).)59 b(The)36 b(data)f(p)r(orts)g(to)g(b)r (e)h(used)f(are)0 5392 y(determined)25 b(dynamically)e(and)h(announced) g(as)g(part)g(of)g(the)h(proto)r(col.)35 b(This)24 b(mak)n(es)g(it)g(v) n(ery)g(di\036cult)h(for)f(static)g(pac)n(k)n(et)0 5505 y(\034lters)j(to)h(handle)f(FTP)h(correctly)-7 b(.)0 5662 y(Most)38 b(routers)f(and)h(\034rew)n(alls)f(kno)n(w)g(ab)r(out)h (this)g(pro)r(cedure)g(when)g(NA)-7 b(T)39 b(is)f(p)r(erformed.)68 b(E.g.)h(Lin)n(ux)38 b(pro)n(vides)e(a)0 5775 y(sp)r(ecial)27 b(k)n(ernel)f(mo)r(dule)h(for)f(FTP)i(\(and)f(other)f(proto)r(cols\).) 35 b(Ho)n(w)n(ev)n(er)25 b(suc)n(h)i(co)r(de)g(usually)f(only)g(w)n (orks)g(in)h("outb)r(ound")p eop end %%Page: 2 2 TeXDict begin 2 1 bop 0 -167 3900 5 v 0 -200 a Fd(2.)73 b(Installation)3235 b Fg(2)0 162 y(direction,)27 b(allo)n(wing)f(FTP)i (access)e(from)h(the)g(inner)g(net)n(w)n(ork)f(to)h(FTP)h(serv)n(ers)e (on)h(the)g(outer)g(net)n(w)n(ork,)f(but)i(not)f(in)h(the)0 275 y(other)f(direction.)0 432 y(This)f(is)f(a)g(design)g(restriction:) 35 b(TCP/IP)26 b(pac)n(k)n(ets)e(originating)g(from)h(the)h(inner)g (net)n(w)n(ork)e(can)h(b)r(e)h(mark)n(ed)e(with)i(sp)r(ecial)0 545 y(information)36 b(that)h(allo)n(ws)e(for)h(correct)f(routing)h(of) h(resp)r(onse)e(pac)n(k)n(ets)h(from)g(the)h(outer)f(net)n(w)n(ork.)63 b(F)-7 b(or)36 b(instance,)j(if)0 659 y(a)g(WWW)i(clien)n(t)f(on)g (host)f(192.168.168.27)c(on)k(y)n(our)g(in)n(ternal)g(net)n(w)n(ork)f (requests)h(a)h(w)n(eb)f(page)g(from)h(W)-7 b(eb)40 b(serv)n(er)0 772 y(194.112.123.200,)15 b(the)k(router)f(main)n(tains)g(in)n(ternal)g (information)g(when)h(it)h(rewrites)d(the)i(headers)f(of)h(the)g (request)f(pac)n(k)n(ets.)0 886 y(If)31 b(a)g(resp)r(onse)e(pac)n(k)n (et)h(arriv)n(es)f(\(with)i(a)g("F)-7 b(rom")29 b(address)g(of)i (194.112.123.200\),)26 b(the)31 b(router)f(is)h(then)g(able)f(to)h (replace)0 1000 y(the)j(public)g(IP)g(address)e(in)h(the)h("T)-7 b(o")32 b(\034eld)i(with)g(the)g(priv)-5 b(ate)33 b(IP)h(address)e(of)h (the)h(appropriate)e(clien)n(t,)j(in)e(this)h(case)0 1113 y(192.168.168.27.)0 1270 y(Of)41 b(course,)j(if)e(a)e(connection)h (originates)f(from)h(the)g(outer)g(net)n(w)n(ork,)i(the)f(router)e(do)r (es)h(not)g(ha)n(v)n(e)f(this)i(additional)0 1383 y(information)24 b(and)h(it)g(can't)f(forw)n(ard)f(incoming)h(IP)i(pac)n(k)n(ets)d (since)i(it)g(has)f(no)g(idea)h(whic)n(h)f(host)h(on)f(the)h(inner)g (net)n(w)n(ork)e(is)0 1497 y(to)j(b)r(e)h(addressed.)35 b(One)26 b(solution)g(could)g(b)r(e)h(to)f(enable)g(p)r(ort)g(forw)n (arding)e(on)i(the)h(router)e(\(if)i(supp)r(orted\),)g(so)f(that)g(FTP) 0 1610 y(clien)n(ts)i(on)g(the)g(outer)g(net)n(w)n(ork)f(could)h (connect)f(to)i(p)r(ort)e(X)i(on)f(the)g(router)f(to)i(reac)n(h)d(serv) n(er)h(Y)h(on)g(the)h(inner)f(net)n(w)n(ork,)0 1724 y(ho)n(w)n(ev)n(er) d(this)j(fails)g(b)r(ecause)f(of)g(the)h(restrictions)e(in)i(the)g(FTP) h(proto)r(col)d(outlined)i(ab)r(o)n(v)n(e.)0 1880 y(A)38 b(pro)n(xy)f(serv)n(er)f(is)j(an)e(elegan)n(t)h(w)n(a)n(y)e(to)j (circum)n(v)n(en)n(t)e(these)h(restrictions,)h(but)g(there)f(are)f (other)h(b)r(ene\034ts)g(of)g(using)0 1994 y(FTP-Pro)n(xy)27 b(as)g(w)n(ell:)125 2206 y Fc(\017)41 b Fg(Simple)22 b(forw)n(arding)f(of)h(all)g(tra\036c)g(destined)h(for)f(the)h(inner)f (FTP)h(serv)n(er)e(lea)n(v)n(es)f(that)j(serv)n(er)e(nearly)g(as)h (vulnerable)208 2320 y(as)i(if)h(it)g(had)f(a)h("direct")e(connection)h (to)h(the)g(outer)f(net)n(w)n(ork)f(\(without)i(the)g(\034rew)n(all)f (in)h(fron)n(t)f(of)h(it\).)36 b(In)25 b(that)g(case)208 2433 y(the)j(FTP)g(serv)n(er)d(w)n(ould)j(still)f(b)r(e)h(op)r(en)g(to) f(Denial-of-Service)f(and)i(similar)f(attac)n(ks)f(on)h(the)h(IP)g(lev) n(el.)208 2575 y(As)41 b(FTP-Pro)n(xy)g(runs)f(on)i(the)f(application)g (lev)n(el,)j(it)e(do)r(esn't)g(forw)n(ard)d(the)j(original)e(IP)i(pac)n (k)n(ets)e(but)i(only)208 2688 y(main)n(tains)30 b(the)h(information)f (within.)47 b(F)-7 b(or)30 b(instance,)h(a)g(pac)n(k)n(et)e(con)n (taining)h(not)h(only)f(a)g(v)-5 b(alid)31 b(FTP)h(command)208 2802 y(but)25 b(also)f(information)h(to)g(exploit)g(an)g(FTP)h(serv)n (er's)d(bugs)i(will)g(nev)n(er)f(reac)n(h)g(the)i(serv)n(er)d(b)r (ecause)i(only)g(the)g(FTP)208 2915 y(command)i(itself)h(is)f(forw)n (arded,)f(within)i(a)f(completely)h(new)f(IP)h(pac)n(k)n(et.)208 3057 y(Of)d(course,)g(FTP-Pro)n(xy)g(could)h(b)r(e)g(sub)5 b(ject)26 b(to)f(an)h(attac)n(k)e(itself.)37 b(Ho)n(w)n(ev)n(er,)24 b(FTP-Pro)n(xy)h(is)h(m)n(uc)n(h)f(less)h(complex)208 3170 y(than)k(an)n(y)f(curren)n(t)g(FTP)h(serv)n(er,)f(has)g(b)r(een)i (designed)e(with)h(great)f(care)g(and)g(p)r(erforms)h(c)n(hro)r (ot\(\),)g(setuid\(\))g(and)208 3284 y(setgid\(\))d(to)h(a)n(v)n(oid)e (suc)n(h)h(vulnerabilit)n(y)-7 b(.)125 3453 y Fc(\017)41 b Fg(Using)21 b(a)g(circuit-lev)n(el)f(pro)n(xy)g(serv)n(er)g(lik)n(e)h (SOCKS)g(requires)f(that)h(all)h(FTP)g(clien)n(ts)f(supp)r(ort)g (SOCKS.)g(This)h(seems)208 3567 y(to)j(b)r(e)g(to)r(o)g(restrictiv)n (e.)35 b(FTP-Pro)n(xy)-7 b(,)25 b(on)g(the)g(other)g(hand,)g(is)g (completely)g(transparen)n(t)f(to)h(FTP)h(clien)n(ts)f(b)r(ecause)208 3680 y(it)j(is)f(fully)h(RF)n(C)g(959)e(complian)n(t.)0 4014 y Fe(2)131 b(Installation)0 4252 y Fg(The)49 b(follo)n(wing)f (discussion)f(assumes)h(that)h(y)n(ou)f(ha)n(v)n(e)g(obtained)g(the)i (tarball)e(distribution)g(and)h(w)n(an)n(t)f(to)h(com-)0 4366 y(pile)39 b(and)g(install)g(the)h(FTP-Pro)n(xy)e(pac)n(k)-5 b(age)38 b(from)g(ground)h(up.)71 b(Let's)40 b(assume)e(y)n(ou)g(ha)n (v)n(e)g(receiv)n(ed)g(a)h(\034le)g(named)0 4480 y Fb(proxy-suite-x.y.) o(ta)o(r.g)o(z)p Fg(,)21 b(where)27 b('x')h(is)f(the)h(ma)5 b(jor)27 b(and)g('y')h(is)f(the)h(minor)f(v)n(ersion)f(n)n(um)n(b)r (er.)101 4692 y(1.)42 b(Decide)70 b(where)g(to)g(install)g(and)g (compile)g(the)g(source)f(co)r(de.)165 b(Sa)n(y)69 b(y)n(ou)h(w)n(an)n (t)f(to)h(install)g(it)h(in)208 4805 y Fb(/usr/src/proxy-)o(su)o(it)o (e-x)o(.y)o Fg(.)56 b(Then)37 b(do)e(the)i(follo)n(wing)d(to)i(unpac)n (k)g(the)g(source)f(\(assuming)g(the)h(tarball)f(is)208 4919 y(a)n(v)-5 b(ailable)26 b(in)i(the)g(curren)n(t)e(directory)g (when)i(calling)f(gunzip\):)208 5116 y Fb(cd)42 b(/usr/src)208 5230 y(gunzip)f(-c)h(proxy-suite-x.y.t)o(ar)o(.g)o(z)c(|)43 b(tar)f(xvf)g(-)208 5427 y Fg(If)28 b(y)n(ou)e(do)i(not)f(ha)n(v)n(e)g (a)g(cop)n(y)f(of)i(GZIP)-7 b(,)28 b(lo)r(ok)f(at)g(the)h Fa(GNU)g Fg(arc)n(hiv)n(e)d(or)i(one)g(of)h(its)f(n)n(umerous)g (mirrors.)35 b(It's)28 b(free.)101 5596 y(2.)42 b(After)18 b(unpac)n(king)g(the)h(source)e(y)n(ou)h(need)g(to)h(run)f(the)h Fb(configure)14 b Fg(shell)19 b(script)f(whic)n(h)g(p)r(erforms)g(the)h (customization)208 5709 y(for)h(y)n(ou)g(op)r(erating)f(system)i(and)f (lo)r(cal)h(en)n(vironmen)n(t.)33 b(This)21 b(script)f(is)h(based)f(up) r(on)h(the)g(GNU)h(AutoConf)f(pac)n(k)-5 b(age.)208 5823 y(Change)26 b(y)n(our)h(curren)n(t)f(directory)g(to)i(b)r(e)g(the)g(ro) r(ot)f(of)g(the)h(Pro)n(xy-Suite:)p eop end %%Page: 3 3 TeXDict begin 3 2 bop 0 -167 3900 5 v 0 -200 a Fd(2.)73 b(Installation)3235 b Fg(3)208 162 y Fb(cd)42 b(proxy-suite-x.y)208 391 y Fg(The)30 b Fb(configure)c Fg(script)k(understands)g(a)g(n)n(um)n (b)r(er)g(of)g(options)g(whic)n(h)g(con)n(trol)f(the)h(customization)g (pro)r(cess.)43 b(T)-7 b(o)208 505 y(see)27 b(a)g(complete)g(list)h(of) g(all)f(options)g(simply)h(run:)208 735 y Fb(./configure)38 b(--help)208 965 y Fg(The)27 b(follo)n(wing)g(options)g(are)f(most)i (lik)n(ely)f(to)g(b)r(e)h(in)n(v)n(olv)n(ed:)208 1194 y Fb(--prefix=)515 1391 y Fg(This)39 b(is)f(the)i(ro)r(ot)e(directory)f(for)i(the)g(installation.)70 b(If)39 b(none)g(of)g(the)g(other)g(directory)e(related)390 1505 y(directiv)n(es)c(further)h(do)n(wn)f(is)h(also)f(giv)n(en,)h(all) g(\034les)g(will)g(b)r(e)g(installed)g(in)g(sub)r(directories)e(under)i (this)390 1618 y(one.)j(The)27 b(default)h(is)g Fb(/usr/local/prox)o (y-)o(sui)o(te)o(/)p Fg(.)208 1848 y Fb(--exec-prefix=<)o(di)o(re)o (cto)o(ry)o(>)515 2045 y Fg(A)f(second)f(top)h(lev)n(el)g(installation) f(directory)-7 b(,)26 b(this)h(one)g(is)f(used)h(as)g(the)g(basis)f (for)g(all)h(executables.)390 2158 y(Defaults)h(to)g(the)g(same)f(as)f (PREFIX.)208 2388 y Fb(--mandir=)515 2585 y Fg(The)35 b(FTP-Pro)n(xy)f(comes)h(with)g(t)n(w)n(o)g(man)n(ual) f(pages:)51 b Fa(ftp-pr)l(oxy\(8\))39 b Fg(for)c(the)g(program)e(and)i Fa(ftp-)390 2698 y(pr)l(oxy.c)l(onf\(5\))h Fg(for)31 b(the)g(con\034guration)e(\034le)j(format.)46 b(These)31 b(will)g(b)r(e)h(installed)f(under)g(the)g Fb(man5)f Fg(and)390 2812 y Fb(man8)c Fg(sub)r(directories)h(of)g(the)h(giv)n(en) f(one,)g(or)g(under)g Fb(PREFIX/man)c Fg(if)29 b(not)e(sp)r(eci\034ed.) 208 3042 y Fb(--sbindir=)515 3238 y Fg(The)32 b(next)h(directory)e(sp)r(eci\034es)h(the)h(lo)r(cation)e (where)h(the)h Fb(ftp-proxy)c Fg(executable)j(itself)g(will)h(b)r(e)390 3352 y(installed.)k(The)28 b(default)g(is)f Fb(EXEC-PREFIX/sbin)21 b Fg(if)28 b(this)g(option)f(do)r(es)g(not)h(request)f(otherwise.)208 3582 y Fb(--sysconfdir=)515 3778 y Fg(The)34 b(last)g(directory)e(related)i(option)f(\(others)h(ma)n(y)f (b)r(e)i(giv)n(en,)f(but)h(ha)n(v)n(e)e(no)h(e\033ect\))h(deals)e(with) 390 3892 y(the)d Fb(proxy-suite/ftp)o(-p)o(rox)o(y.)o(co)o(nf)23 b Fg(con\034guration)k(\034le.)41 b(Again)29 b(there)g(is)g(a)f (default)i(if)f(the)h(option)390 4005 y(is)e(not)f(pro)n(vided,)g Fb(PREFIX/etc)p Fg(.)32 b(Please)c(note)f(that)h(the)g(lo)r(cation)f (of)g(the)h(con\034g)f(\034le)h(can)f(b)r(e)h(selected)390 4119 y(at)34 b(run)f(time)h(with)g(the)f Fa(-f)52 b Fg(\035ag,)34 b(but)g(if)g(the)g(\034le)f(is)h(installed)f(at)g(the)h(default)g(lo)r (cation,)g(this)g(\035ag)f(is)390 4232 y(redundan)n(t.)208 4462 y Fb(--enable-debug)515 4659 y Fg(This)27 b(option)h(allo)n(ws)e (the)i(generation)f(of)g(debugging)g(output)i(and)e(is)h(mainly)f (included)i(for)e(ev)-5 b(alu-)390 4772 y(ation)27 b(\(and)h(dev)n (elopmen)n(t\))e(purp)r(oses.)36 b(It)28 b(is)f(recommended)g(not)g(to) g(sp)r(ecify)h(this)g(option)f(for)g(deplo)n(y-)390 4886 y(men)n(t)h(of)g(the)f(FTP-Pro)n(xy)g(in)n(to)h(pro)r(duction)f(en)n (vironmen)n(ts.)208 5116 y Fb(--enable-warnin)o(gs)515 5312 y Fg(If)35 b(compiling)f(with)i(the)f(GNU)h(GCC)f(compiler,)h (this)f(\035ag)f(increases)f(the)j(w)n(arning)d(lev)n(el.)58 b(This)390 5426 y(is)34 b(useful)g(to)g(detect)g(programming)d(errors)h (or)g(incompatibilities)i(with)g(the)g(target)f(platform.)55 b(Our)390 5540 y(recommendation)27 b(is)g(to)g(enable)h(it)g(an)n(yw)n (a)n(y)-7 b(.)208 5769 y Fb(--enable-so-lin)o(ge)o(r)p eop end %%Page: 4 4 TeXDict begin 4 3 bop 0 -167 3900 5 v 0 -200 a Fd(3.)73 b(Con\034guration)3136 b Fg(4)515 162 y(It)27 b(is)g(strongly)e (recommended)i(to)g(enable)f(this)h(option)g(for)g(all)f(systems.)36 b(Only)27 b(if)g(the)h(target)e(do)r(es)390 275 y(ha)n(v)n(e)h (problems)f(with)i Fa(SO_LINGER)i Fg(handling,)d(it)h(should)g(b)r(e)g (disabled.)208 504 y Fb(--with-regex[=P)o(AT)o(H])515 699 y Fg(This)23 b(option)g(is)h(mainly)f(needed)h(to)f(pro)n(vide)g (the)h(lo)r(cation)e(of)i(the)g(POSIX)g(1002.3)d(regular)h(expres-)390 813 y(sion)30 b(library)f(if)i(it)g(is)f(not)g(included)h(in)f(the)h (standard)e(C)i(library)-7 b(.)43 b(Regular)30 b(expressions)e(are)h (used)i(to)390 926 y(scan)24 b(the)g(argumen)n(ts)f(of)h(the)g(v)-5 b(arious)23 b(FTP)i(commands)e(receiv)n(ed)g(from)h(clien)n(ts.)36 b(If)24 b(y)n(our)f(system)h(do)r(es)390 1040 y(not)f(include)f(the)h (required)f(supp)r(ort,)h(y)n(ou)f(can)g(do)n(wnload)f(the)i(latest)f (v)n(ersion)f(from)h(the)h Fa(GNU)f Fg(arc)n(hiv)n(e.)390 1153 y(Again,)28 b(it's)h(free.)38 b(GNU)29 b(RegEx)f(is)g(kno)n(wn)g (to)g(w)n(ork)e(with)j(FTP-Pro)n(xy)-7 b(.)38 b(If)29 b(the)f(option)g(is)g(not)g(giv)n(en,)390 1267 y(regular)d(expression)g (supp)r(ort)h(is)h(not)g(installed)f(at)h(all)f(and)g(argumen)n(ts)f (will)i(not)g(b)r(e)g(in)n(v)n(estigated)e(an)n(y)390 1380 y(further.)208 1609 y Fb(--with-libwrap[)o(=P)o(AT)o(H])515 1804 y Fg(If)32 b(running)g(as)f(a)h(standalone)f(bac)n(kground)f (daemon,)i(FTP-Pro)n(xy)f(can)h(b)r(e)g(instructed)g(to)g(mak)n(e)390 1918 y(use)27 b(of)g(the)h Fa(TCP)i(W)-6 b(r)l(app)l(er)37 b Fg(library)-7 b(.)35 b(If)28 b(this)f(is)g(compiled)g(in)g(and)g (enabled)g(in)g(the)h(con\034guration)d(\034le,)390 2031 y(the)g Fb(/etc/hosts.allow)18 b Fg(and)24 b Fb(/etc/hosts.deny)18 b Fg(\034les)24 b(will)h(b)r(e)f(consulted)g(to)h(decide)f(if)h(a)f (clien)n(t)g(will)390 2145 y(b)r(e)k(serv)n(ed.)208 2373 y Fb(--with-libldap[)o(=P)o(AT)o(H])515 2569 y Fg(If)k(y)n(ou)f(w)n(an) n(t)g(to)h(supply)g(the)g(user)f(sp)r(eci\034c)h(con\034guration)e(v)-5 b(alues)32 b(\(not)g(the)g(basic)f(ones\))g(via)h(an)390 2682 y(LD)n(AP)h(directory)-7 b(,)31 b(compile)h(in)g(LD)n(AP)g(supp)r (ort.)50 b(The)31 b Fb(configure)e Fg(script)i(can)g(determine)h (without)390 2796 y(further)e(man)n(ual)f(in)n(terv)n(en)n(tion)g (whether)g(to)h(use)g(the)g Fa(Op)l(enLD)n(AP)9 b Fg(,)29 b(the)h Fa(University)i(of)h(Michigan)38 b Fg(or)390 2909 y(the)28 b Fa(Netsc)l(ap)l(e)34 b Fg(v)n(ersion)26 b(of)i(the)g(API.)g Fa(Op)l(enLD)n(AP)36 b Fg(is)27 b(the)h(preferred)e (API.)208 3138 y Fb(--with-crypt[=P)o(AT)o(H])515 3333 y Fg(This)h(option)g(enables)g(supp)r(ort)h(for)f(crypted)g(passw)n (ords)e(in)j(user)f(authen)n(tication)g(\(curen)n(tly)h(ldap)390 3447 y(based)f(only\).)37 b(See)27 b(also)g(the)h Fb(LDAPAuthPWType)22 b Fg(con\034guration)j(\034le)j(option.)101 3643 y(3.)42 b(After)35 b Fb(configure)c Fg(has)j(completed)h(successfully)-7 b(,)36 b(it)f(is)g(no)n(w)f(time)i(to)e(run)h Fb(make)e Fg(\(GNU)j(mak)n(e\).)58 b(It)35 b(will)g(read)208 3756 y(the)26 b Fb(Makefile)d Fg(generated)h(b)n(y)i Fb(configure)c Fg(in)27 b(the)f(previous)f(step)h(and)g(p)r(erform)f(the)i (compilation)e(pro)r(cess.)35 b(The)208 3870 y(program)25 b(should)i(not)h(displa)n(y)f(an)n(y)f(w)n(arnings)g(or)h(errors.)101 4049 y(4.)42 b(When)24 b(the)g(executables)f(ha)n(v)n(e)g(b)r(een)i (generated,)e(a)h(\034nal)f(call)h(to)g Fb(make)42 b(install)21 b Fg(will)j(cop)n(y)f(the)h(FTP-Pro)n(xy)f(\034les)208 4163 y(in)n(to)30 b(their)g(appropriate)e(places.)45 b(Usually)30 b(ro)r(ot)f(privileges)g(are)g(required)h(in)g(order)f(to) h(install)h(the)f(\034les)h(in)f(their)208 4276 y(prop)r(er)c(places.) 101 4456 y(5.)42 b(Curren)n(tly)-7 b(,)39 b(y)n(ou'll)f(ha)n(v)n(e)e (to)i(mo)r(dify)h(y)n(our)d(system)i(man)n(ually)f(so)g(that)i(ftp-pro) n(xy)e(is)g(run)h(at)g(system)g(b)r(o)r(otup)208 4569 y(or)30 b(from)g(inetd)i(\(dep)r(ending)f(on)g(whic)n(h)g(mo)r(de)g(y)n (ou)f(c)n(ho)r(ose)g(in)h(the)h(con\034guration)d(\034le)i(or)f (command)h(line\).)48 b(W)-7 b(e)208 4683 y(pro)n(vide)21 b(an)g(sample)h(run)g(lev)n(el)g(script)g Fb(rc.script)c Fg(for)k(\(SuSE\))i(Lin)n(ux;)g(see)d(also)g(description)h(in)g Fb(rc.script.txt)p Fg(.)101 4863 y(6.)42 b(The)27 b(last)g(step)h(is)g (the)g(con\034guration)d(of)j(the)g(installed)f(FTP-Pro)n(xy;)g(see)g (follo)n(wing)g(3)g(\(Con\034guration\))f(section.)0 5201 y Fe(3)131 b(Con\034guration)0 5439 y Fg(The)26 b(follo)n(wing)g(section)g(describ)r(es)g(the)g(fundamen)n(tal)h (con\034guration)e(of)h(the)h(FTP-Pro)n(xy)-7 b(.)35 b(It)27 b(assumes,)f(that)h(y)n(ou)e(ha)n(v)n(e)0 5553 y(successfully)i(compiled)h(and)f(installed)g(the)h(FTP-Pro)n(xy)-7 b(.)0 5709 y(The)23 b(pro)n(xy)f(uses)g(a)h(con\034guration)e(\034le)i Fa(ftp-pr)l(oxy.c)l(onf)43 b Fg(y)n(ou)22 b(ha)n(v)n(e)g(to)h(edit)g(b) r(efore)g(the)g(pro)n(xy)f(can)g(b)r(e)i(used)f(-)g(it)g(is)g(needed)0 5823 y(to)i(con\034gure)e(at)i(least)g(the)g(v)-5 b(ariables)24 b(describ)r(ed)g(in)h(this)g(section.)36 b(F)-7 b(or)24 b(a)h(complete)g(list)g(of)g(v)-5 b(alid)25 b(con\034guration)e (options)p eop end %%Page: 5 5 TeXDict begin 5 4 bop 0 -167 3900 5 v 0 -200 a Fd(4.)73 b(Lo)s(cal)32 b(System)f(Securit)m(y)2779 b Fg(5)0 162 y(consult)26 b(the)i Fa(ftp-pr)l(oxy.c)l(onf\(5\))j Fg(man)n(ual)26 b(page)g(and)g(the)h(sample)g(con\034guration)e(\034le)h Fa(ftp-pr)l(oxy.c)l(onf.sample)36 b Fg(\034le)27 b(whic)n(h)0 275 y(comes)g(with)h(the)g(distribution.)0 432 y(First,)j(y)n(ou)e(ha)n (v)n(e)g(to)h(c)n(ho)r(ose,)f(if)i(y)n(ou)e(w)n(and)h(to)g(start)f(the) i(pro)n(xy)d(as)i(a)f(stand-alone)g(daemon)h(or)f(via)g("\(x\)inetd")h (sup)r(er)0 545 y(daemon)g(using)h(the)g Fb(ServerType)26 b Fg(con\034guration)j(option)i(\(or)f(the)h(start)f(argumen)n(ts\).)46 b(If)31 b(nothing)g(sp)r(eci\034ed,)h("inetd")0 659 y(mo)r(de)37 b(is)g(assumed.)65 b(See)37 b(also)f(section)h(4)f(\(Lo)r(cal)h(System) g(Securit)n(y\).)65 b(In)37 b(stand-alone)f(daemon)h(mo)r(de,)i(the)f (pro)n(xy)0 772 y(defaults)30 b(to)g(listen)g(on)g(the)g(FTP)h(p)r(ort) f(21)f(and)h(all)f(in)n(terfaces.)44 b(Y)-7 b(ou)30 b(can)f(o)n(v)n (erride)f(this)i(using)g(the)g Fb(Port)f Fg(and)h Fb(Listen)0 886 y Fg(con\034guration)c(options.)0 1043 y(The)k(next)g(step)g(y)n (ou)g(ha)n(v)n(e)f(to)g(do,)i(is)f(to)g(c)n(ho)r(ose,)f(if)i(the)f(Pro) n(xy)f(should)h(run)g(in)g("in)n(b)r(ound")f(or)g(in)i("outb)r(ound")e (mo)r(de.)0 1156 y(See)f(the)g(section)f(5)g(\(In)n(b)r(ound)h(and)f (Outb)r(ound)h(FTP)g(T)-7 b(ra\036c\).)0 1313 y(No)n(w,)34 b(the)g(pro)n(xy)e(should)h(b)r(e)h(able)f(to)h(run)f(and)g(serv)n(e)f (the)i(clien)n(t)g(requests.)53 b(The)34 b(pro)n(xy)e(follo)n(ws)g(the) i(FTP)g(transfer)0 1426 y(mo)r(de)28 b(the)g(clien)n(t)f(has)g(c)n(ho)r (osed.)0 1583 y(Y)-7 b(ou)34 b(can)f(o)n(v)n(erride)e(this)j(b)r(eha)n (viour)e(setting)h(the)h(option)g Fb(DestinationTran)o(sf)o(erM)o(od)o (e)27 b Fg(to)34 b(either)f Fa(active)41 b Fg(or)33 b Fa(p)l(assive)0 1696 y Fg(instead)h(of)f(the)i(default)f Fa(client)8 b Fg(,)36 b(and)d(the)h(pro)n(xy)f(will)h(b)r(e)g(forced)f (to)h(use)g(the)g(sp)r(eci\034ed)g(FTP)g(transfer)f(mo)r(de)h(for)f (all)0 1810 y(transfers)g(it)h(do)r(es)g(b)r(et)n(w)n(een)g(the)g(pro)n (xy)f(and)h(the)g(ftp)h(serv)n(er.)55 b(Most)34 b(common)f(usage)g(is)h (to)g(force)f(the)i(pro)n(xy)d(to)i(use)0 1923 y Fa(p)l(assive)h Fg(transfers)27 b(only)-7 b(.)0 2256 y Fe(4)131 b(Lo)t(cal)44 b(System)g(Securit)l(y)0 2495 y Fg(FTP-Pro)n(xy)35 b(comes)f(with)i (sev)n(eral)e(con\034guration)f(features)i(that)h(help)g(to)f(increase) f(lo)r(cal)h(system)g(securit)n(y)-7 b(,)36 b(namely)0 2609 y Fb(ServerRoot)p Fg(,)23 b Fb(User)j Fg(and)i Fb(Group)p Fg(.)0 2765 y(The)h(w)n(a)n(y)f(FTP-Pro)n(xy)g(is)h(b)r(eing)g(called)g (needs)g(to)g(b)r(e)g(considered.)40 b(One)29 b(p)r(ossible)g(w)n(a)n (y)f(is)h(via)f(the)i(system's)e(inetd)i(\(or)0 2879 y(xinetd\))j(In)n(ternet)f(Sup)r(er)h(Daemon.)51 b(In)33 b(this)f(case)g(FTP-Pro)n(xy)g(will)g(not)h(fork)e(or)h(b)r(ecome)g(a)g (daemon.)51 b(It)33 b(will)f(serv)n(e)0 2992 y(the)26 b(clien)n(t)f(and)g(terminate)g(itself)h(after)f(deliv)n(ery)-7 b(.)35 b(When)26 b(con\034guring)e(\(x\)inetd)i(to)f(include)h(the)f (ftp-pro)n(xy)g(executable,)0 3106 y Fb(ServerRoot)k Fg(\(c)n(hro)r(ot\))k(should)g(b)r(e)h(used.)54 b(The)34 b Fb(User)e Fg(and)h Fb(Group)e Fg(need)j(not)f(b)r(e)h(giv)n(en)f(if)g (they)h(are)e(sp)r(eci\034ed)i(in)g(the)0 3219 y(inetd)28 b(con\034guration)e(itself.)0 3376 y(The)k Fb(User)e Fg(and)h Fb(Group)f Fg(options)h(should)g(actually)g(b)r(e)h (considered)e(for)h(standalone)g(op)r(erations.)41 b(In)30 b(this)g(case)f(the)h(ftp-)0 3490 y(pro)n(xy)25 b(will)i(bind)g(the)g (listening)g(so)r(c)n(k)n(et)e(to)i(the)g(p)r(ort)f(n)n(um)n(b)r(er)h (set)f(using)h(the)g Fb(Port)e Fg(and)h Fb(Listen)f Fg(options,)h (preform)g(the)0 3603 y(c)n(hro)r(ot)k(op)r(eration)g(if)h Fb(ServerRoot)c Fg(is)k(used,)h(drop)e(privileges)f(to)i(the)h(UID/GID) f(set)g(with)h Fb(User)d Fg(and)i Fb(Group)e Fg(options)0 3717 y(and)e(op)r(en)h(log.)0 3873 y(It)g(migh)n(t)f(b)r(e)h(a)f(go)r (o)r(d)f(idea)h(to)h(create)e(a)h(new)g(user)g(\(e.g.)37 b("ftppro)n(xy"\))26 b(as)g(w)n(ell)h(as)g(a)g(group)f(\(e.g.)37 b("ftppro)n(xy"\))26 b(in)h(order)0 3987 y(to)g(reac)n(h)g(a)g(b)r (etter)h(gran)n(ularit)n(y)d(for)i(the)h(user)f(administration.)0 4143 y(When)g(using)g Fb(ServerRoot)p Fg(,)22 b(please)k(note)h(that)g (usually)f(other)g(\034les)h(needs)f(to)h(b)r(e)g(installed)g(in)n(to)f (the)h(run)n(time)g(en)n(viron-)0 4257 y(men)n(t)33 b(as)g(w)n(ell,)h (e.g.)53 b(the)34 b(/dev/n)n(ull)e(device,)i(system)f(databases)f(lik)n (e)h(/etc/services,)f(/etc/hosts,)h(libraries)f(lik)n(e)h(lib)r(c)0 4370 y(and)24 b(p)r(ossibly)g(other)f(\(e.g.)36 b(lib)r(crypt)24 b(under)g(AIX)h(4.3,)f(a)g(resolv)n(er)e(library)h(lik)n(e)h(libresolv) f(or)g(libnss)h(libraries)f(on)h(systems)0 4484 y(using)i(the)g (NameServiceSwitc)n(h)g(-)g(see)f(also)g(nsswitc)n(h.conf\(5\)\).)37 b(If)26 b(y)n(ou)g(are)f(using)h(the)g Fb(User)f Fg(and)h Fb(Group)e Fg(options,)i(y)n(ou)0 4597 y(ma)n(y)h(also)f(need)i(the)g (/etc/passwd)e(and)h(/etc/group)f(\034les.)0 4754 y(The)39 b(sample)g(run)g(lev)n(el)f(script)h Fb(rc.script)c Fg(for)k(\(SuSE\))h (Lin)n(ux)f(supp)r(orts)g(the)g(preparation)f(of)h(a)f(c)n(hro)r(ot)g (run)n(time)0 4867 y(en)n(vironmen)n(t)26 b(-)i(see)f(description)g(in) h Fb(rc.script.txt)p Fg(.)0 5201 y Fe(5)131 b(In)l(b)t(ound)44 b(and)g(Outb)t(ound)f(FTP)h(T)-11 b(ra\036c)0 5439 y Fg(The)26 b(most)f(common)g(use)h(of)g(FTP-Pro)n(xy)f(will)g(probably)g (b)r(e)h("in)n(b)r(ound")f(FTP)h(tra\036c.)36 b(This)26 b(means)f(that)h(clien)n(ts)f(from)0 5553 y(an)i("outside")g(w)n(orld)f (seek)h(access)f(to)i(a)f("lo)r(cal")f(FTP)i(serv)n(er)e(sp)r (eci\034ed)i(in)g(the)g Fb(DestinationAddr)o(es)o(s)22 b Fg(v)-5 b(ariable.)0 5709 y(Nev)n(ertheless,)24 b(FTP-Pro)n(xy)g (supp)r(orts)h(also)f(an)g("outb)r(ound")g(mo)r(de,)i(where)e(clien)n (ts)h(ha)n(v)n(e)e(more)i(con)n(trol)e(o)n(v)n(er)g(the)i(FTP)0 5823 y(connections.)36 b(The)28 b(FTP-Pro)n(xy)e(implemen)n(ts)i(t)n(w) n(o)f(concepts)g(of)h("outb)r(ound")e(tra\036c.)p eop end %%Page: 6 6 TeXDict begin 6 5 bop 0 -167 3900 5 v 0 -200 a Fd(6.)73 b(Command)30 b(Restriction)2785 b Fg(6)125 162 y Fc(\017)41 b Fa(MagicUser)h Fg(The)33 b(\034rst)f(one)g(is)g(based)g(on)g(the)h (increased)e(lev)n(el)h(of)g(trust)h(that)f(users)g(enjo)n(y)-7 b(.)51 b(When)32 b(setting)h(the)208 275 y Fb(AllowMagicUser)e Fg(con\034g)36 b(option)g(to)h("y)n(es")e(and)i(allo)n(wing)e(the)i ("@")f(\(see)h(also)f Fb(UseMagicChar)31 b Fg(option\))37 b(and)208 389 y(":")28 b(c)n(haracters)f(as)i(part)g(of)h(the)g(USER)g (command)g(argumen)n(t,)f(users)f(can)h(determine)h(the)g(destination)f (serv)n(er's)208 502 y(address)22 b(and)h(p)r(ort)h(with)g(the)g(USER)h (command.)35 b(All)24 b(they)g(ha)n(v)n(e)f(to)g(do)h(is)f(to)h(app)r (end)g(the)g(host)f(name,)h(separated)208 616 y(b)n(y)f(the)h("@")e (sign)h(\(or)g(other)g(set)h(using)f Fb(UseMagicChar)18 b Fg(option\),)25 b(optionally)d(follo)n(w)n(ed)h(b)n(y)g(a)g(colon)g (and)g(the)h(p)r(ort.)208 730 y(These)j(comp)r(onen)n(ts)g(will)h(b)r (e)g(remo)n(v)n(ed)d(from)j(the)g(name)f(and)g(ev)-5 b(aluated)28 b(as)e(destination.)125 907 y Fc(\017)41 b Fa(T)-6 b(r)l(ansp)l(ar)l(ent-Pr)l(oxy)40 b Fg(The)34 b(second)e(one)h(is)h(based)f(on)g(IP-NA)-7 b(T)34 b(pac)n(k)n(et)e (redirections,)i(commonly)f(called)g Fa(tr)l(ans-)208 1021 y(p)l(ar)l(ent)h(pr)l(oxying)7 b Fg(.)52 b(This)33 b(metho)r(d)f(is)h(curren)n(tly)e(implemen)n(ted)i(for)f(Lin)n(ux)g(ip) r(c)n(hains)g(\(2.2)g(k)n(ernel\))g(and)g(iptables)208 1135 y(\(2.4)25 b(k)n(ernel\),)g(as)g(w)n(ell)g(as)g(for)g(BSD)i (ipnat,)f(tested)g(on)f(Op)r(enBSD)h(2.9)f(and)g(F)-7 b(reeBSD)26 b(4.4.)35 b(A)26 b(description)f(ho)n(w)g(to)208 1248 y(setup)i(the)h(redirections)f(is)g(pro)n(vided)f(in)i(the)g Fb(TransProxy-Mini-)o(How)o(to)o(.t)o(xt)21 b Fg(\034le.)208 1394 y(When)32 b(setting)g(the)h Fb(AllowTransProxy)26 b Fg(con\034g)31 b(option)h(to)g("y)n(es",)f(the)i(pro)n(xy)e(will)h (ev)-5 b(aluate)32 b(the)g(original)f(des-)208 1507 y(tination)e (address)g(and)g(p)r(ort)h(the)g(clien)n(t)g(w)n(an)n(ted)f(connect)h (as)f(destination.)43 b(If)31 b Fb(AllowMagicUser)23 b Fg(is)30 b(enabled)g(as)208 1621 y(w)n(ell,)d(the)h(users)f(are)f (still)i(able)f(to)h(pro)n(vide)e(a)h(di\033eren)n(t)h(destination)f (using)g(the)h(USER)h(command)e(argumen)n(t.)0 1855 y(If)33 b Fb(AllowTransProxy)25 b Fg(and)32 b Fb(AllowMagicUser)27 b Fg(are)k(not)h(used,)h(the)g(FTP-Pro)n(xy)e(runs)h(in)g(the)h("in)n (b)r(ound")e(mo)r(de)h(and)0 1969 y(the)c Fb(DestinationAddre)o(ss)21 b Fg(is)27 b(mandatory)-7 b(.)0 2125 y(In)25 b("outb)r(ound")g(mo)r (de,)g Fb(DestinationAddres)o(s)19 b Fg(is)25 b(used)g(as)f(default)i (or)e(fallbac)n(k)g(destination,)i(that)f(will)g(b)r(e)h(used)f(if)g (no)0 2239 y(other)i(destination)g(is)h(found)g(using)f Fa(T)-6 b(r)l(ansp)l(ar)l(ent-Pr)l(oxy)34 b Fg(or)27 b Fa(Magic-User)38 b Fg(mec)n(hanisms.)0 2576 y Fe(6)131 b(Command)43 b(Restriction)0 2815 y Fg(The)26 b(FTP-Pro)n(xy)e(allo)n (ws)h(to)g(de\034ne)h(a)f(space)g(separated)f(list)i(of)f(allo)n(w)n (ed)f(FTP)j(commands)d(using)i(the)g Fb(ValidCommands)0 2928 y Fg(con\034guration)d(v)-5 b(ariable)25 b(in)g(global)f(and)h(in) g(a)g(p)r(er)g(user)g(con)n(text.)35 b(If)26 b(this)g(v)-5 b(ariable)24 b(is)h(not)g(used)g(\(default\),)i(no)e(command)0 3042 y(restriction)h(will)i(tak)n(e)f(place)g(and)h(all)f(of)g(the)h (follo)n(wing)f(commands)g(are)f(allo)n(w)n(ed:)87 3276 y Fb(ABOR)42 b(ACCT)g(ALLO)g(APPE)g(CDUP)g(CWD)87 3390 y(DELE)g(HELP)g(LIST)g(MAIL)g(MDTM)g(MKD)87 3503 y(MLFL)g(MODE)g(MRCP)g (MRSQ)g(MSAM)g(MSND)87 3617 y(MSOM)g(NLST)g(NOOP)g(PASS)g(PASV)g(PORT) 87 3731 y(PWD)86 b(QUIT)42 b(REIN)g(REST)g(RETR)g(RMD)87 3844 y(RNFR)g(RNTO)g(SITE)g(SIZE)g(SMNT)g(STAT)87 3958 y(STOR)g(STOU)g(STRU)g(SYST)g(TYPE)g(USER)87 4071 y(XCUP)g(XCWD)g(XMKD) g(XPWD)g(XRMD)0 4305 y Fg(Otherwise,)27 b(only)g(commands)g(included)h (in)g(the)f(list)h(are)f(allo)n(w)n(ed)f(and)h(all)h(other)f(denied.)0 4462 y(F)-7 b(urther,)34 b(if)g(the)g(FTP-Pro)n(xy)e(is)h(compiled)g (with)h(regular)e(expression)f(supp)r(ort)i(\(see)g(2)g (\(\025with-regex\))f(switc)n(h\),)j(eac)n(h)0 4576 y(command)22 b(ma)n(y)f(b)r(e)i(follo)n(w)n(ed)e(b)n(y)h(an)g(optional)g(equal)f (sign)h(and)g(a)g Fa(POSIX)i(1003.2)k(Extende)l(d)c(R)l(e)l(gular)h (Expr)l(ession)g(\(RE\))0 4689 y Fg(that)j(describ)r(es)f(the)h(v)-5 b(alid)27 b(argumen)n(t\(s\))g(for)g(the)h(command.)0 4846 y(If)h(the)g(whole)f(string)g(is)h(to)g(b)r(e)g(matc)n(hed,)f(the) i(pattern)e(has)g(to)h(start)f(with)h(a)f(caret)g(\(\002\))g(and)g(end) h(with)h(a)e(dollar)f(\($\).)41 b(If)0 4959 y(no)27 b(pattern)h(follo)n (ws)e(a)h(command,)g(its)h(argumen)n(ts)e(are)h(not)h(c)n(hec)n(k)n (ed.)0 5116 y(An)i(example)g(for)f(a)h(name)f(w)n(ould)h(b)r(e)g(the)g (pattern)g Fb(\002[a-zA-Z0-9])p Fc(f)o Fb(1,1)o(6)p Fc(g)o Fb($)p Fg(,)24 b(i.e.)44 b(as)30 b(expresion)e(for)i(the)g(USER)h(com-) 0 5229 y(mand:)87 5448 y Fb(USER=^[a-zA-Z0-9)o(]{1)o(,1)o(6})o($)0 5666 y Fg(This)d(de\034nition)f(sp)r(eci\034es,)h(that)g(the)g(argumen) n(t)e(is)i(mandatory)e(and)h(ma)n(y)g(consist)g(of)g(up)h(to)g(16)e (letters)i(or)e(digits)i(only)-7 b(.)0 5823 y(A)28 b(command)f(that)h (do)r(es)f(not)h(allo)n(w)e(an)n(y)h(argumen)n(ts)f(can)h(also)g (easily)f(b)r(e)i(represen)n(ted,)f(i.e:)p eop end %%Page: 7 7 TeXDict begin 7 6 bop 0 -167 3900 5 v 0 -200 a Fd(7.)73 b(User)32 b(Authen)m(tication)2858 b Fg(7)87 162 y Fb(QUIT=^$)0 382 y Fg(Please)29 b(note)g(that)g(the)h(regular)d(expression)h(is)h ("pre-pro)r(cessed".)38 b(This)29 b(means)g(that)g(a)g(pattern)g(in)h (the)f(form)g Fb(\045xx)f Fg(will)0 495 y(b)r(e)j(in)n(terpreted)f(as)h (a)f(hexadecimal)g(constan)n(t)g(and)h(will)g(b)r(e)g(replaced)f(b)n(y) g(the)i(v)-5 b(alue)30 b(of)h(that)g(constan)n(t.)46 b(This)31 b(lo)r(oks)e(a)0 609 y(bit)f(lik)n(e)e(HTML)h(and)g(helps)g (to)g(include)g(c)n(haracters)e(that)i(migh)n(t)g(not)g(b)r(e)g (handled)g(as)g(exp)r(ected,)g(lik)n(e)g Fb(\04520)e Fg(for)i(space)f(or)0 722 y Fb(\0455c)i Fg(\(equiv)-5 b(alen)n(t)29 b(to)g Fb(\0455C)p Fg(\))f(for)g(bac)n(kslash.)40 b(The)29 b(space)f(is)h(esp)r(ecially)g(imp)r(ortan)n(t)f(b)r(ecause)h (it)g(is)g(the)h(separator)c(for)j(the)0 836 y(commands)e(within)h(the) g(list)g(itself.)0 1174 y Fe(7)131 b(User)44 b(Authen)l(tication)0 1412 y Fg(Since)32 b(pro)n(xy-suite)e(V)-7 b(ersion)31 b(1.9)g(the)h(ftp-pro)n(xy)e(supp)r(orts)h(user)g(authen)n(tication.)49 b(T)-7 b(o)31 b(enable)h(it,)h(the)f Fb(UserAuthType)0 1526 y Fg(con\034guration)26 b(option)h(ha)n(v)n(e)f(to)i(b)r(e)g(set)f (to)h(the)g(name)f(of)h(the)g(mec)n(hanism)f(used,)g(i.e.)37 b Fa(ldap)e Fg(\(curren)n(tly)26 b(the)i(only)f(one\).)0 1682 y(F)-7 b(or)27 b(more)g(information)g(on)g(LD)n(AP)h(based)f (authen)n(tication,)g(see)g(also)g(the)h(8)f(\(Using)h(an)f(LD)n(AP)h (Directory\))f(section.)0 1839 y(P)n(er)33 b(default,)i(the)f(normal)f ("ftpuser")f(and)h("ftppass")g(from)g Fa(USER)j Fg(and)d Fa(P)-6 b(ASS)42 b Fg(FTP)34 b(commands)f(are)f(used)i(for)f(the)0 1952 y(authen)n(tication.)j(This)28 b(ma)n(y)f(b)r(e)h(usefull)g(esp)r (ecially)f(in)g("in)n(b)r(ound")g(mo)r(de)h(of)f(the)h(pro)n(xy)-7 b(.)0 2109 y(In)37 b("outb)r(ound")f(mo)r(de,)k(it)d(ma)n(y)g(b)r(e)g (usefull)g(to)g(use)g(an)g(extended)g(enconding)f(of)h(an)g("auth)n (user")e(and)i("authpass")0 2222 y(additionally)f(to)i(the)f(normal)f ("ftpuser")h(and)g("ftppass")f(using)h(the)g Fb(UserAuthMagic)32 b Fg(option)37 b(supp)r(orted)g(b)n(y)g(some)0 2336 y(FTP)28 b(clien)n(ts,)g(i.e.)37 b Fa("@auth")30 b(for)g(NcFTP,)h(typ)l(e)f(5)11 b Fg(.)0 2492 y(The)29 b Fb(UserAuthMagic)23 b Fg(con\034guration)k(v) -5 b(ariable)28 b(can)g(b)r(e)h(set)g(to)g(either)f Fa(auth@)37 b Fg(or)28 b Fa(@auth)6 b Fg(,)29 b(where)f("@")f(is)i(an)g(enco)r (ding)0 2606 y(separator)c(c)n(haracter)h(and)h(can)g(also)g(b)r(e)h (set)f(to)h(an)f(di\033eren)n(t)h(one,)f(i.e.)37 b(to)27 b(":",)g(using)g Fa(auth:)42 b Fg(or)27 b Fa(:auth)6 b Fg(.)0 2762 y(If)40 b(the)g("auth")e(k)n(eyw)n(ord)f(is)j(prep)r (ended)f(b)n(y)g(the)h(separator)d(c)n(haracter,)j(the)g(USER)g (command)f(will)h(b)r(e)f(parsed)g(as)0 2876 y("ftpuser@auth)n(user")26 b(or)h(in)i(com)n(bination)e(with)i(the)g Fb(AllowMagicUser)22 b Fg(as)28 b("ftpuser@auth)n(user@host:p)r(ort")d(and)j(the)0 2990 y(P)-7 b(ASS)29 b(FTP)f(command)f(as)g("ftppass@authpass".)0 3146 y(If)33 b(the)f("auth")f(k)n(eyw)n(ord)f(is)i(follo)n(w)n(ed)f(b)n (y)h(the)g(separator)e(c)n(haracter,)h(the)i(parsing)d(is)i(done)g(in)g (the)h(di\033eren)n(t)f(order)f(as)0 3260 y("auth)n(user@ftpuser".)0 3597 y Fe(8)131 b(Using)44 b(an)g(LD)l(AP)g(Directory)0 3836 y Fg(The)25 b(main)h(option)f(to)g(use)g(an)h(LD)n(AP)g(directory) e(is)h(the)h Fb(LDAPServer)21 b Fg(con\034guration)j(option.)36 b(If)26 b(giv)n(en,)f(it)g(sp)r(eci\034es)h(the)0 3950 y(hostname)h(of)g(the)h(directory)f(serv)n(er)e(\(optionally)i(follo)n (w)n(ed)g(b)n(y)g(p)r(ort)g(n)n(um)n(b)r(er)h(separated)e(b)n(y)h(a)g (colon\).)0 4106 y(The)i(program)d(will)j(bind)g(the)g(directory)e (using)h Fb(LDAPBindDN)d Fg(\(and)j Fb(LDAPBindPW)p Fg(\))d(and)k (retriv)n(e)e(the)i(v)-5 b(alues)28 b(ha)n(ving)f(an)0 4220 y(ob)5 b(ject)27 b(class)g(of)g Fb(LDAPObjectClass)22 b Fg(and)27 b(iden)n(ti\034ed)h(b)n(y)f(the)h Fb(LDAPIdentifier)p Fg(.)0 4376 y(The)k Fa(LD)n(APBindDN)45 b Fg(and)31 b Fa(LD)n(APBindPW)48 b Fg(option)31 b(de\034nes)h(the)g(distinguished)f (name)h(and)f(creden)n(tials)g(\(passw)n(ord\))0 4490 y(needed)j(to)g(access)f(the)h(data)f(in)i(the)f(directory)f(service.) 55 b(It)34 b(is)g(allo)n(w)n(ed)e(to)i(include)h(one)e(\045s)h(in)g Fa(LD)n(APBindDN)48 b Fg(-)34 b(it)0 4603 y(will)29 b(b)r(e)h(replaced) e(with)i(the)g(user)e(name.)42 b(If)29 b Fa(UserA)n(uthMagic)35 b Fg(is)29 b(used,)h(the)f(sp)r(ecial)g("auth)n(user")f(and)h ("authpass")e(are)0 4717 y(used,)h(otherwise)e(normal)h("ftpuser")g (and)g("ftppass")g(from)g(USER)i(and)e(P)-7 b(ASS)29 b(ftp)f(commands.)37 b(If)28 b(no)f Fa(LD)n(APBindDN)0 4830 y Fg(sp)r(eci\034ed,)h(a)f(annon)n(ymous)f(bind)i(will)g(b)r(e)g (used.)0 4987 y(A)n(dditionally)i(the)h(directory)f(tree)g(ro)r(ot)g (should)g(b)r(e)h(sp)r(eci\034ed)g(using)f(the)h Fb(LDAPBaseDN)c Fg(or)j Fb(LDAPAuthDN)c Fg(option.)46 b(Y)-7 b(ou)0 5100 y(can)36 b(also)f(use)i(b)r(oth)g(options)f(set)g(to)g(di\033eren)h(ro) r(ot's)f(if)h(y)n(our)e(pro\034le)h(data)g(is)g(stored)g(in)g(a)g (di\033eren)n(t)h(tree)f(than)h(the)0 5214 y(authen)n(tication)27 b(data.)36 b(One)28 b(of)f(b)r(oth)h(options)f(is)h(mandatory)-7 b(.)125 5450 y Fc(\017)41 b Fa(LD)n(AP)24 b(User-Pr)l(o\034les)29 b Fg(In)23 b(order)e(to)h(gain)f(more)h(\035exibiliy)g(for)g(the)h (user)e(managemen)n(t,)i(the)f(user)g(dep)r(enden)n(t)h(parts)208 5563 y(of)k(the)h(con\034guration)e(can)h(also)g(b)r(e)g(supplied)h (with)g(an)g(LD)n(AP)g(directory)-7 b(.)208 5709 y(The)43 b(follo)n(wing)g(con\034guration)f(options)h(will)g(b)r(e)h(try)n(ed)f (to)h(retriev)n(e)e(from)h(the)h(tree)g(ro)r(ot)f(sp)r(eci\034ed)g(b)n (y)h(the)208 5823 y Fb(LDAPBaseDN)23 b Fg(option:)p eop end %%Page: 8 8 TeXDict begin 8 7 bop 0 -167 3900 5 v 0 -200 a Fd(8.)73 b(Using)32 b(an)g(LD)m(AP)h(Directory)2612 b Fg(8)251 162 y Fb(DestinationAddre)o(ss)o(,)38 b(DestinationPort)o(,)f (DestinationTransf)o(er)o(Mod)o(e,)251 275 y(DestinationMinPo)o(rt)o(,) h(DestinationMaxP)o(or)o(t,)f(ActiveMinDataPor)o(t,)251 389 y(ActiveMaxDataPor)o(t,)g(PassiveMinDataPo)o(rt)o(,)h (PassiveMaxDataP)o(or)o(t,)251 502 y(SameAddress,)h(TimeOut,)h (ValidCommands.)208 716 y Fg(F)-7 b(or)111 b(example,)133 b(if)113 b(y)n(our)e(user)g(\(USERNAME\))k(dep)r(enden)n(t)e (con\034guration)d(is)i(stored)g(as)208 829 y Fa(uid=USERNAME,ou=FTPPr) l(oxy,dc=domain,dc=top)63 b Fg(in)54 b(the)g(directory)-7 b(,)60 b(the)54 b(setup)g(ma)n(y)g(b)r(e)g(as)f(fol-)208 943 y(lo)n(ws:)295 1156 y Fb(LDAPServer)257 b(ldap.domain.top:)o(38)o (9)295 1270 y(LDAPBaseDN)g(ou=FTPProxy,dc=d)o(om)o(ai)o(n,d)o(c=)o(to)o (p)295 1383 y(LDAPIdentifier)81 b(uid)208 1596 y Fg(If)22 b(a)f(non-anon)n(ymous)e(bind)j(is)g(needed)g(to)f(access)g(the)h (tree,)g(a)g Fa(LD)n(APBind)30 b Fg(can)22 b(b)r(e)g(sp)r(eci\034ed)g (either)f(to)h(an)f(sp)r(eci\034c)208 1710 y(user,)27 b(i.e.)36 b("pro)n(xyuser":)295 1923 y Fb(LDAPBindDN)257 b(uid=proxyuser,ou)o(=F)o(TP)o(Pro)o(xy)o(,d)o(c=d)o(om)o(ain)o(,d)o (c=)o(top)208 2136 y Fg(or)26 b(also)h(the)h(user)f(who)g(w)n(an)n(t)g (to)g(login)g(\(ftp-user)h(or)e(auth-user)h(name)g(dep)r(ending)h(on)f (UserAuthMagic\):)295 2349 y Fb(LDAPBindDN)257 b(uid=\045s,ou=FTPPro)o (xy)o(,d)o(c=d)o(om)o(ai)o(n,d)o(c=)o(top)125 2563 y Fc(\017)41 b Fa(User-A)n(uthentic)l(ation)c Fg(Since)c(pro)n(xy-suite)d (V)-7 b(ersion)32 b(1.9)f(the)h(ftp-pro)n(xy)g(supp)r(orts)f(also)g(LD) n(AP)i(based)f(user)g(au-)208 2676 y(then)n(tication.)208 2823 y(T)-7 b(o)19 b(activ)-5 b(ate)20 b(it,)j(y)n(ou)c(ha)n(v)n(e)g (to)h(set)g(the)h Fb(UserAuthType)15 b Fg(con\034guration)k(option)h (to)g Fa(ldap)27 b Fg(and)20 b(de\034ne)g(the)h(authen)n(tica-)208 2937 y(tion)k(tree)g(ro)r(ot)f(using)h(the)h Fb(LDAPAuthDN)21 b Fg(con\034guration)i(option.)36 b(If)25 b(no)g Fb(LDAPAuthDN)d Fg(option)i(is)h(set,)h Fb(LDAPBaseDN)208 3050 y Fg(is)h(used)h (instead.)208 3197 y(If)35 b(y)n(ou)g(only)g(w)n(an)n(t)f(to)h(c)n(hec) n(k,)i(if)e(an)g(user)g(is)g(allo)n(w)n(ed)f(to)h(use)g(the)h(ftp-pro)n (xy)e(service)g(or)g(not,)k(y)n(ou)c(can)h(de\034ne)208 3311 y(the)f Fb(LDAPAuthOKFlag)29 b Fg(option)k(to)i(an)e(attribute)i (name)f(and)g(its)g(v)-5 b(alue,)36 b(separated)d(with)i(an)e(equal)h (c)n(haracter.)208 3424 y(The)25 b(program)f(will)h(c)n(hec)n(k,)h(if)g (the)g(v)-5 b(alue)25 b(for)g(the)h(giv)n(en)f(attribute)h(exists)f(-)g (the)h(attribute)g(ma)n(y)f(con)n(tain)g(m)n(ultiple)208 3538 y(v)-5 b(alues.)36 b(Example:)208 3751 y Fb(LDAPAuthOKFlag)124 b(AllowedService=ft)o(pP)o(ro)o(xy)208 3964 y Fg(.)208 4111 y(F)-7 b(urther)40 b(it)i(is)f(also)f(p)r(ossible)h(to)g(preform)f (an)h(passw)n(ord)e(authen)n(tication)i(using)f(the)i Fb(LDAPAuthPWAttr)35 b Fg(and)208 4224 y Fb(LDAPAuthPWType)13 b Fg(options.)34 b(The)19 b Fb(LDAPAuthPWAttr)14 b Fg(de\034nes)19 b(the)h(name)f(of)g(the)h(passw)n(ord)e(attribute.)34 b(A)20 b(common)208 4338 y(name)27 b(for)g(this)h(attribute)f(is)h Fa(userPasswor)l(d)9 b Fg(.)208 4485 y(The)19 b Fb(LDAPAuthPWType)14 b Fg(option)19 b(de\034ned)h(the)g(t)n(yp)r(e)f(of)h(the)g(passw)n(ord) d(stored)i(in)h(the)g(directory)e(service.)33 b(Supp)r(orted)208 4598 y(passw)n(ord)21 b(t)n(yp)r(es)j(are)e Fa(plain)31 b Fg(for)23 b(plain-text)h(passw)n(ords,)e Fa(crypt)32 b Fg(for)23 b(crypted)g(passw)n(ords)f(and)h Fc(f)p Fa(crypt)p Fc(g)g Fg(for)g(crypted)208 4712 y(passw)n(ords)29 b(pre\034xed)i(with) i(a)e Fc(f)p Fa(crypt)p Fc(g)h Fg(string)f(\(a)g(sc)n(heme)h(sp)r (eci\034cation\).)49 b(The)32 b(t)n(yp)r(e)g(ma)n(y)f(b)r(e)h(follo)n (w)n(ed)f(b)n(y)h(the)208 4826 y(n)n(um)n(b)r(er)27 b(0-9)f(of)i (minimal)f(allo)n(w)n(ed)g(passord)e(length,)j(i.e.)208 5039 y Fb(LDAPAuthPWType)124 b(plain)208 5252 y Fg(This)30 b(de\034nition)h(means,)g(the)h(directory)d(con)n(tains)h(plain-text)g (passw)n(ord)f(with)i(the)g(default)g(minimal)g(length)g(of)208 5366 y(at)c(least)g(5)g(c)n(haracters.)p eop end %%Page: 9 9 TeXDict begin 9 8 bop 0 -167 3900 5 v 0 -200 a Fd(9.)73 b(Logging)31 b(and)h(Auditing)2796 b Fg(9)0 162 y Fe(9)131 b(Logging)44 b(and)f(Auditing)0 400 y Fg(All)27 b(p)r(ossible)f(log)f (messages)g(with)i(their)f(exact)g(w)n(ording)e(ha)n(v)n(e)i(b)r(een)g (collected)g(and)g(listed)h(in)f(the)h(\034le)g Fa(SYSLOG)32 b Fg(whic)n(h)0 514 y(is)27 b(part)h(of)f(the)h(FTP-Pro)n(xy)f (distribution.)37 b(Y)-7 b(ou)27 b(can)g(\034nd)h(it)g(in)g(the)g Fa(ftp-pr)l(oxy)36 b Fg(sub)r(directory)-7 b(.)0 670 y(The)27 b(FTP-Pro)n(xy)g(logs)f(can)h(b)r(e)h(sen)n(t)f(to)g(a)g (\034le,)h(to)f(a)g(pip)r(e,)h(or)f(to)g(the)h Fa(syslo)l(gd\(8\))k Fg(daemon)27 b(for)f(further)i(ev)-5 b(aluation)26 b(and)0 784 y(handling.)44 b(It)30 b(is)g(strongly)f(recommended)g(to)h(use)g (syslog)e(b)r(ecause)i(it)g(is)g(the)g(only)g(w)n(a)n(y)f(to)h(send)g (logging)e(messages)g(to)0 898 y(another)f(mac)n(hine)g(as)g(they)g (are)g(generated.)0 1054 y(This)40 b(o\033)h(shore)e(logging)g(is)h (esp)r(ecially)g(imp)r(ortan)n(t)g(for)g(FTP-Pro)n(xy)f(serv)n(ers)f (lo)r(cated)i(in)h(exp)r(osed)f(areas,)i(lik)n(e)e(the)0 1168 y(Demilitarized)30 b(Zone)f(of)h(a)g(\034rew)n(all.)43 b(An)n(ything)30 b(that)g(is)g(stored)f(on)h(the)g(computer)g(itself)g (can)g(easily)f(b)r(e)h(manipulated)0 1281 y(in)h(the)h(case)e(of)h(a)g (hostile)g(tak)n(eo)n(v)n(er.)45 b(And)32 b(when)f(the)h(auditor)e (stops)h(b)n(y)g(on)g(his)g(w)n(eekly)f(audit)i(tour,)f(all)g(traces)f (ha)n(v)n(e)0 1395 y(long)h(since)h(b)r(een)h(wip)r(ed)f(out.)51 b(In)32 b(order)e(to)i(implemen)n(t)h(remote)e(logging)g(the)h Fa(syslo)l(g.c)l(onf\(5\))37 b Fg(\034le)c(has)e(to)h(include)g(an)0 1508 y(en)n(try)h(for)f(the)i(selected)f(facilit)n(y)g(using)g(a)g (target)g(starting)f(with)i(the)g(letter)f('@')g(follo)n(w)n(ed)f(b)n (y)h(the)h(DNS)g(name)f(or)g(IP)0 1622 y(address)c(of)i(the)g(external) f(log)g(host.)46 b(Usually)30 b(this)h(loghost)e(ma)n(y)h(b)r(e)h(not)g (part)f(of)h(the)g(DMZ,)g(but)g(b)r(e)g(lo)r(cated)f(on)h(the)0 1735 y(in)n(tranet)g(or)f(dedicated)h(administration)f(net)n(w)n(ork.) 46 b(The)31 b(UDP)h(syslog)e(tra\036c)g(is)h(then)h(allo)n(w)n(ed)d(to) i(pass)f(through)h(the)0 1849 y(in)n(ternal)25 b(\034rew)n(all)f (router.)35 b(Note)26 b(that)g(the)g(syslogd)e(on)h(the)h(log)f(host)g (usually)g(has)g(to)g(b)r(e)h(started)f(with)h(the)g(")p Fa(-r)9 b Fg(")24 b(option)0 1963 y(to)j(enable)h(the)g(reception)f(of) g(logging)f(information)h(from)g(another)g(mac)n(hine.)0 2119 y(The)38 b(FTP-Pro)n(xy)e(syslog)h(messages)e(ha)n(v)n(e)i(b)r (een)h(created)f(in)g(a)h(w)n(a)n(y)e(that)i(should)f(ease)g(the)h (task)f(of)h(scanning)e(and)0 2233 y(ev)-5 b(aluating.)40 b(Eac)n(h)29 b(message)e(con)n(tains)h(a)h(tag)f(that)h(can)g(easily)f (b)r(e)h(recognized.)40 b(It)29 b(consists)f(of)h(a)g(pre\034x)f(that)h (is)g(either)0 2346 y Fa(TECH)42 b Fg(or)27 b Fa(USER)s Fg(,)g(follo)n(w)n(ed)f(b)n(y)i(a)f(h)n(yphen)g(and)h(one)f(of)g Fa(DBG)7 b Fg(,)29 b Fa(INF)11 b Fg(,)27 b Fa(WRN)14 b Fg(,)27 b Fa(ERR)s Fg(,)g(or)g Fa(FTL)p Fg(.)0 2503 y(Using)g(the)h Fb(LogLevel)c Fg(con\034guration)i(option,)h(y)n(ou)g (can)g(skip)g(message)f(lev)n(els)h(not)g(in)n(teresting)g(for)g(y)n (ou.)36 b(F)-7 b(or)27 b(example,)0 2726 y Fb(LogLevel)84 b(WRN)0 2948 y Fg(will)39 b(cause)e(skipping)h(of)h(all)f Fa(DBG)46 b Fg(and)38 b Fa(INF)49 b Fg(messages)37 b(and)h(displa)n (ying)f(only)h(the)h Fa(WRN)14 b Fg(,)38 b Fa(ERR)j Fg(and)d Fa(FL)-6 b(T)50 b Fg(lev)n(el)0 3062 y(messages.)35 b(Default)28 b(lev)n(el)f(is)h Fa(INF)38 b Fg(-)28 b(no)f Fa(DBG)35 b Fg(messages)26 b(will)i(get)f(logged.)0 3219 y(The)h(p)r(ossible)f (com)n(binations)f(can)h(b)r(e)h(in)n(terpreted)f(as)g(follo)n(ws:)0 3458 y Fb(TECH-DBG)332 3697 y Fg(Messages)20 b(with)j(this)f(tag)g (carry)e(some)i(tec)n(hnical)g(informations)f(usefull)h(for)g (diagnostics)f(purp)r(oses)g(with)208 3811 y(no)27 b(need)h(to)f(react) g(to)g(them.)0 4051 y Fb(TECH-INF)332 4290 y Fg(Messages)22 b(with)i(this)h(tag)e(carry)f(some)h(tec)n(hnical)h(information)f(with) h(no)g(need)g(to)g(react)f(to)h(them.)36 b(They)208 4404 y(migh)n(t)c(displa)n(y)f(the)h(con)n(ten)n(ts)f(of)h(the)h (con\034guration)d(\034le)i(or)g(the)g(start)f(or)h(stop)f(of)h(the)h (program.)48 b(These)208 4517 y(messages)25 b(are)i(generated)f(with)i (the)g Fa(INF)n(O)35 b Fg(syslog)26 b(sev)n(erit)n(y)-7 b(.)0 4757 y Fb(TECH-WRN)332 4996 y Fg(Messages)33 b(with)i(this)g(tag) g(displa)n(y)e(some)i(mild)g(tec)n(hnical)f(problem)h(or)e (inconsistency)-7 b(.)58 b(E.g.)h(a)34 b(con-)208 5110 y(\034guration)c(v)-5 b(ariable)31 b(with)i(no)e(v)-5 b(alue)32 b(giv)n(en)g(or)f(a)g(temp)r(orary)g(resource)f(shortage)g(w) n(ould)i(b)r(e)g(sen)n(t)g(in)g(this)208 5223 y(con)n(text.)59 b(Also)35 b(if)g(an)g(FTP)h(serv)n(er)e(closed)g(a)h(connection)g (without)g(b)r(eing)g(instructed)h(b)n(y)f(the)g(clien)n(t)g(or)208 5337 y(pro)n(xy)27 b(w)n(ould)i(generate)f(this)i(kind)f(of)g(message.) 41 b(These)29 b(messages)e(are)i(generated)f(with)i(the)f Fa(W)-8 b(ARNING)208 5450 y Fg(syslog)26 b(sev)n(erit)n(y)-7 b(.)0 5690 y Fb(TECH-ERR)p eop end %%Page: 10 10 TeXDict begin 10 9 bop 0 -167 3900 5 v 0 -200 a Fd(10.)73 b(Cop)m(yrigh)m(t)32 b(and)h(License)2681 b Fg(10)332 162 y(Messages)22 b(with)i(this)g(tag)f(usually)g(mean)g(a)g(sev)n(ere) f(error)g(condition)h(that)h(will)f(lead)h(to)f(the)h(termination)208 275 y(of)j(the)h(emitting)g(pro)r(cess.)36 b(Problems)28 b(that)f(fall)h(under)g(this)g(category)d(include)j(the)g(inabilit)n(y) g(to)f(op)r(en)h(the)208 389 y(con\034guration)23 b(\034le,)j(in)n (ternal)e(securit)n(y)g(handling,)h(net)n(w)n(ork)f(problems)g(lik)n(e) g(p)r(orts)h(already)e(in)j(use)e(b)n(y)h(other)208 502 y(pro)r(cesses,)e(input/output)h(errors)e(or)g(other)i(comm)n (unication)e(faults.)36 b(It)24 b(is)g(strongly)e(advised)h(that)h(all) g(suc)n(h)208 616 y(messages)30 b(shall)h(b)r(e)h(in)n(v)n(estigated)f (and)h(further)g(action)f(is)h(tak)n(en.)49 b(These)31 b(messages)g(are)f(generated)h(with)208 730 y(the)d Fa(ERR)n(OR)h Fg(syslog)d(sev)n(erit)n(y)-7 b(.)0 938 y Fb(TECH-FTL)332 1147 y Fg(Messages)34 b(with)j(this)g(tag)e(should)h(b)r(e)h(v)n(ery)e (rare.)61 b(They)36 b(are)f(reserv)n(ed)g(for)g(really)h(w)n(eird)f (situations)208 1261 y(whic)n(h)30 b(rev)n(eal)f(bugs)h(in)g(the)h(in)n (ternal)f(FTP-Pro)n(xy)f(programming.)43 b(Please)30 b(rep)r(ort)g(an)n(y)f(suc)n(h)h(o)r(ccurrance)208 1374 y(to)h(the)h(Pro)n(xy-Suite)f(dev)n(elopmen)n(t)g(team,)h(it)g (requires)e(the)i(programmer's)d(atten)n(tion.)49 b(These)31 b(messages)208 1488 y(are)26 b(generated)g(with)j(the)e Fa(CRIT)40 b Fg(syslog)26 b(sev)n(erit)n(y)-7 b(.)0 1697 y Fb(USER-DBG)332 1905 y Fg(Messages)26 b(with)i(this)g(tag)f(are)f (curren)n(tly)h(not)g(b)r(eing)h(used.)0 2114 y Fb(USER-INF)332 2323 y Fg(Messages)22 b(with)h(this)h(tag)f(will)g(b)r(e)h(the)f(ma)5 b(jorit)n(y)22 b(of)h(all)g(messages.)34 b(They)23 b(are)g(generated)f (for)g(all)h(regular)208 2436 y(user)k(actions)g(lik)n(e)h(logging)e (in,)i(sending)g(commands)f(and)h(transfer)f(statistics.)38 b(Their)27 b(main)h(purp)r(ose)g(is)g(to)208 2550 y(pro)n(vide)d(a)h (complete)h(audit)g(trail)f(for)g(ev)n(ery)f(user)h(in)n(teraction.)36 b(These)26 b(messages)f(are)h(generated)f(with)i(the)208 2664 y Fa(INF)n(O)34 b Fg(syslog)26 b(sev)n(erit)n(y)-7 b(.)0 2872 y Fb(USER-WRN)332 3081 y Fg(Messages)30 b(with)i(this)g(tag) f(indicate)h(some)f(sort)g(of)h(unforeseen)f(user)g(action,)h(but)g (need)g(not)g(b)r(e)g(tak)n(en)208 3195 y(to)r(o)d(seriously)-7 b(.)43 b(Only)29 b(if)h(there)g(is)g(a)f(pattern)h(of)g(regular)e(or)h (frequen)n(t)h(messages)e(of)i(this)g(kind,)h(y)n(ou)e(migh)n(t)208 3308 y(w)n(an)n(t)d(to)i(lo)r(ok)f(a)g(bit)h(closer.)36 b(These)27 b(messages)f(are)g(generated)h(with)h(the)g Fa(W)-8 b(ARNING)33 b Fg(syslog)26 b(sev)n(erit)n(y)-7 b(.)0 3517 y Fb(USER-ERR)332 3726 y Fg(Messages)22 b(with)j(this)f(tag) g(mean)f(that)i(the)f(user)g(has)f(b)r(een)i(rejected.)35 b(Curren)n(tly)23 b(no)h(other)g(message)e(has)208 3839 y(b)r(een)32 b(de\034ned)h(with)g(this)g(tag,)g(although)f(this)h(migh) n(t)f(b)r(e)h(c)n(hanged)f(in)h(the)f(future.)53 b(These)32 b(messages)f(are)208 3953 y(generated)26 b(with)i(the)g Fa(ERR)n(OR)h Fg(syslog)d(sev)n(erit)n(y)-7 b(.)0 4162 y Fb(USER-FTL)332 4370 y Fg(Messages)26 b(with)i(this)g(tag)f(are)f (curren)n(tly)h(not)g(b)r(eing)h(used.)0 4703 y Fe(10)131 b(Cop)l(yrigh)l(t)45 b(and)f(License)0 4942 y Fg(This)25 b(program)f(is)h(free)g(soft)n(w)n(are;)f(y)n(ou)h(can)g(redistribute)g (it)h(and/or)d(mo)r(dify)j(it)g(under)f(the)h(terms)f(of)g(the)h(GNU)g (General)0 5056 y(Public)34 b(License)e(as)h(published)g(b)n(y)g(the)g (F)-7 b(ree)32 b(Soft)n(w)n(are)g(F)-7 b(oundation;)35 b(either)e(v)n(ersion)f(2)g(of)h(the)g(License,)h(or)e(\(at)h(y)n(our)0 5169 y(option\))28 b(an)n(y)e(later)h(v)n(ersion.)0 5326 y(This)f(program)e(is)i(distributed)h(in)f(the)h(hop)r(e)f(that)g(it)h (will)f(b)r(e)h(useful,)g(but)g(WITHOUT)f(ANY)h(W)-9 b(ARRANTY;)28 b(without)0 5439 y(ev)n(en)h(the)g(implied)h(w)n(arran)n (t)n(y)c(of)j(MER)n(CHANT)-7 b(ABILITY)31 b(or)d(FITNESS)i(F)n(OR)f(A)h (P)-7 b(AR)g(TICULAR)30 b(PURPOSE.)h(See)0 5553 y(the)d(GNU)g(General)f (Public)h(License)g(for)f(more)f(details.)0 5709 y(Y)-7 b(ou)29 b(should)f(ha)n(v)n(e)f(receiv)n(ed)h(a)g(cop)n(y)f(of)i(the)g (GNU)g(General)f(Public)h(License)f(along)g(with)h(this)f(program;)f (if)i(not,)g(write)0 5823 y(to)e(the)p eop end %%Page: 11 11 TeXDict begin 11 10 bop 0 -167 3900 5 v 0 -200 a Fd(11.)73 b(Authors)3281 b Fg(11)332 162 y(F)-7 b(ree)27 b(Soft)n(w)n(are)f(F)-7 b(oundation,)28 b(Inc.)37 b(59)26 b(T)-7 b(emple)28 b(Place)g(-)f (Suite)h(330,)e(Boston,)h(MA)h(02111-1307,)23 b(USA.)0 500 y Fe(11)131 b(Authors)0 739 y Fg(FTP-Pro)n(xy)27 b(is)g(part)g(of)h(the)g(SuSE)g(Pro)n(xy-Suite)f(pro)5 b(ject)27 b(and)g(w)n(as)g(written)g(b)n(y)0 895 y(V)-7 b(olk)n(er)26 b(Wiegand)i(\(programming,)d Fa(wie)l(gand@suse.de)p Fg(\),)0 1052 y(Jens-Gero)h(Bo)r(ehm)h(\(pro)5 b(ject)27 b(managemen)n(t,)g Fa(Jens-Ger)l(o.Bo)l(ehm@suse.de)p Fg(\),)0 1208 y(Pieter)h(Hollan)n(ts)f(\(do)r(cumen)n(tation,)g Fa(Pieter.Hol)t(lants@suse.de)p Fg(\),)j(and)0 1365 y(Marius)d(T)-7 b(omasc)n(hewski)25 b(\(main)n(tainance,)i(programming,)f Fa(mt@suse.de)p Fg(\).)0 1521 y(A)37 b(Mailing)f(List)g(has)g(b)r(een)h (installed)f(for)g(the)h(discussion)e(of)i(SuSE)g(Pro)n(xy-Suite.)62 b(T)-7 b(o)36 b(subscrib)r(e,)j(send)d(an)g(empt)n(y)0 1635 y(E-Mail)28 b(to)f Fa(pr)l(oxy-suite-subscrib)l(e@suse.c)l(om)p Fg(.)0 1791 y(W)-7 b(e)31 b(ha)n(v)n(e)f(also)g(installed)h(an)g (announcemen)n(t)g(mailing)f(list.)48 b(Here)31 b(y)n(ou)f(will)h(b)r (e)h(informed)f(ab)r(out)g(up)r(dates)g(and)g(other)0 1905 y(ma)5 b(jor)26 b(issues.)37 b(T)-7 b(o)27 b(subscrib)r(e,)g(send) g(an)h(empt)n(y)f(E-Mail)h(to)f Fa(pr)l(oxy-suite-announc)l(e-subscrib) l(e@suse.c)l(om)p Fg(.)0 2061 y(Last)g(but)h(not)g(least)f(y)n(ou)g(ma) n(y)g(send)g(bug)g(rep)r(orts)g(to)g(the)h(follo)n(wing)f(address:)35 b Fa(pr)l(oxy-suite-bugs@suse.c)l(om)p Fg(.)0 2218 y(Please)27 b(visit)h(the)g(SuSE)g(Pro)n(xy-Suite)f(Homepage)f(at)i Fa(http://pr)l(oxy-suite.suse.de/)p Fg(.)p eop end %%Trailer userdict /end-hook known{end-hook}if %%EOF proxy-suite-1.9.2.4/doc/src/0000755000000000000000000000000007744300060015467 5ustar rootroot00000000000000proxy-suite-1.9.2.4/doc/src/ftp-proxy.sgml0000644000000000000000000010374007464234630020340 0ustar rootroot00000000000000
The FTP-Proxy White Paper The SuSE Proxy-Suite Core Development Team $Revision: 1.7 $ ($Date: 2002/05/02 13:05:28 $) FTP-Proxy is SuSE Proxy-Suite's application-level proxy for FTP connections. It provides support for both active and passive transfers and for user-specific configuration directives. Configuration data can be obtained either from a local configuration file or from an LDAP directory. Introduction
proxy-suite-1.9.2.4/ftp-proxy/0000755000000000000000000000000010170747407016112 5ustar rootroot00000000000000proxy-suite-1.9.2.4/ftp-proxy/FAQ0000644000000000000000000000007006767723736016461 0ustar rootroot00000000000000# # $Id: FAQ,v 1.1 1999/09/15 14:06:22 wiegand Exp $ # proxy-suite-1.9.2.4/ftp-proxy/Makefile.in0000644000000000000000000001404510170463550020155 0ustar rootroot00000000000000# # $Id: Makefile.in,v 1.12.2.1 2003/05/07 11:12:29 mt Exp $ # # Makefile (Template) for SuSE Proxy Suite -- FTP-Proxy # # Please do NOT edit this file if its name is just Makefile. # Instead, edit Makefile.in and run "../configure [options]". # # Author(s): Jens-Gero Boehm # Pieter Hollants # Marius Tomaschewski # Volker Wiegand # # This file is part of the SuSE Proxy Suite # See also http://proxy-suite.suse.de/ # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version # 2 of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the # Free Software Foundation, Inc., 59 Temple Place - Suite 330, # Boston, MA 02111-1307, USA. # # A history log can be found at the end of this file. # prefix= @prefix@ exec_prefix= @exec_prefix@ sysconfdir= @sysconfdir@ sbindir= @sbindir@ mandir= @mandir@ datadir= @datadir@ docdir?= $(datadir)/doc/proxy-suite INSTALL= @INSTALL@ INSTALL_DATA= @INSTALL_DATA@ SHELL= /bin/sh ETC_DIR= $(sysconfdir)/proxy-suite CONF_SRC= ftp-proxy.conf.sample CONF_DST?= ftp-proxy.conf FTP_MAN5= ftp-proxy.conf.5 FTP_MAN8= ftp-proxy.8 DOCS= FAQ NEWS TODO SYSLOG \ rc.script.txt TransProxy-Mini-Howto.txt TAGS= @TAGS@ CTAGS= @CTAGS@ CTAGS_OPTS= @CTAGS_OPTS@ CC= @CC@ CFLAGS= @CFLAGS@ CPPFLAGS= @CPPFLAGS@ -DETC_DIR=\"$(ETC_DIR)\" LDFLAGS= @LDFLAGS@ LIBS= @LIB_WRAP@ @LIB_LDAP@ @LIB_CRYPT@ @LIB_REGEX@ @LIBS@ COM_LIB= ../common/libcommon.a FTP_LIBS= -L../common -lcommon $(LIBS) PROC_FTP= @PROC_FTP@ FTP_SRCS= ftp-client.c \ ftp-cmds.c \ ftp-daemon.c \ ftp-ldap.c \ ftp-main.c FTP_HDRS= ftp-client.h \ ftp-cmds.h \ ftp-daemon.h \ ftp-ldap.h FTP_OBJS= ftp-client.o \ ftp-cmds.o \ ftp-daemon.o \ ftp-ldap.o \ ftp-main.o COM_HDRS= ../common/com-config.h \ ../common/com-debug.h \ ../common/com-misc.h \ ../common/com-socket.h \ ../common/com-syslog.h ############################################################ all: $(TAGS) progs ifneq (,$(CTAGS)) $(TAGS): $(wildcard $(FTP_SRCS) $(FTP_HDRS) ../common/*.[ch]) $(CTAGS) $(CTAGS_OPTS) $^ @echo "" else $(TAGS): endif progs: ftp-proxy $(PROC_FTP) ftp-proxy: $(COM_LIB) $(FTP_OBJS) rm -f $@ $(CC) -o $@ $(LDFLAGS) $(FTP_OBJS) $(FTP_LIBS) $(COM_LIB): cd ../common && $(MAKE) ############################################################ ftp-client.o: ftp-client.c $(COM_HDRS) $(FTP_HDRS) ftp-cmds.o: ftp-cmds.c $(COM_HDRS) $(FTP_HDRS) ftp-daemon.o: ftp-daemon.c $(COM_HDRS) $(FTP_HDRS) ftp-ldap.o: ftp-ldap.c $(COM_HDRS) $(FTP_HDRS) ftp-main.o: ftp-main.c $(COM_HDRS) $(FTP_HDRS) ftp-vers.c ftp-vers.c: ../changelog @cd .. && $(SHELL) changelog proc_ftp.o: proc_ftp.c $(CC) -g -O2 -c -I. -I.. $< .c.o: $(CC) $(CFLAGS) $(CPPFLAGS) -c -I. -I.. -I../common $< ############################################################ install: progs $(CONF_SRC) $(FTP_MAN5) $(FTP_MAN8) $(INSTALL) -d $(INST_ROOT)$(sbindir) $(INSTALL) -s ftp-proxy $(INST_ROOT)$(sbindir) $(INSTALL) -d $(INST_ROOT)$(ETC_DIR) @if test -f $(INST_ROOT)$(ETC_DIR)/$(CONF_DST) ; then \ echo "$(INST_ROOT)$(ETC_DIR)/$(CONF_DST) exists; file not touched"; \ else \ echo "installing $(CONF_SRC)"; \ echo " to $(INST_ROOT)$(ETC_DIR)/$(CONF_DST); *please edit*"; \ $(INSTALL_DATA) $(CONF_SRC) $(INST_ROOT)$(ETC_DIR)/$(CONF_DST); \ fi $(INSTALL) -d $(INST_ROOT)$(mandir)/man5 @for file in $(FTP_MAN5) ; do \ echo "installing manual page $$file"; \ $(INSTALL_DATA) $$file $(INST_ROOT)$(mandir)/man5; \ done $(INSTALL) -d $(INST_ROOT)$(mandir)/man8 @for file in $(FTP_MAN8) ; do \ echo "installing manual page $$file"; \ $(INSTALL_DATA) $$file $(INST_ROOT)$(mandir)/man8; \ done install.doc: $(INSTALL) -d $(INST_ROOT)$(docdir) $(INSTALL_DATA) $(DOCS) $(INST_ROOT)$(docdir) ############################################################ clean: rm -f *.o *.a *~ tags core ftp-proxy ftp-vers.c distclean: clean rm -f Makefile rc.script realclean: distclean ############################################################ # $Log: Makefile.in,v $ # Revision 1.12.2.1 2003/05/07 11:12:29 mt # added CPPFLAGS variable # # Revision 1.12 2002/05/02 13:06:37 mt # merged with v1.8.2.2, added crypt-lib # # Revision 1.11.2.1 2002/01/27 21:20:38 mt # fixed Makefiles to use INST_ROOT, added install.doc targets # # Revision 1.11 2002/01/14 18:57:25 mt # fixed ctags handling - it needs to be enabled by configure; # changed ftp-proxy.conf handling ('CONF_DST="" make install') # to support BSD $ETC_DIR/ftp-proxy.conf.sample installation # # Revision 1.10 2001/11/06 23:04:43 mt # applied / merged with transparent proxy patches v8 # see ftp-proxy/NEWS for more detailed release news # # Revision 1.9 1999/10/19 11:19:03 wiegand # added -static as option for GCC # # Revision 1.8 1999/09/27 04:20:34 wiegand # include . and .. directories in proc_ftp.c -I # # Revision 1.7 1999/09/26 13:36:36 wiegand # removed warnings for proc_ftp compilation # # Revision 1.6 1999/09/24 19:32:55 wiegand # moved the changelog to the top level directory # # Revision 1.5 1999/09/24 06:40:48 wiegand # rearranged to improve consistency with other makefiles # # Revision 1.4 1999/09/20 05:20:30 wiegand # added the installation section # # Revision 1.3 1999/09/17 16:32:29 wiegand # changes from source code review # added POSIX regular expressions # # Revision 1.2 1999/09/16 16:29:57 wiegand # minor updates improving code quality # # Revision 1.1 1999/09/15 14:06:22 wiegand # initial checkin # ############################################################ proxy-suite-1.9.2.4/ftp-proxy/NEWS0000644000000000000000000001374210170747074016620 0ustar rootroot00000000000000 $Id: NEWS,v 1.4.2.5 2005/01/11 13:01:48 mt Exp $ ================================================== === SuSE Proxy-Suite -- ftp-proxy release news === ================================================== * 1.9.2.4 - released 2005-01-11 ----------------------------------- - fixed default UserNameRule regex rejecting user names where the third character is not alphanumeric; thanks to Sven Paas for the bug report! * 1.9.2.3 - released 2005-01-10 ----------------------------------- - added sys/param.h to configure.in required to compile on FreeBSD 6-CURRENT system; thanks to Thomas Quinot! * 1.9.2.2 - released 2004-03-30 ----------------------------------- - added pass-through support for RCMD command -- jpl - added LDAPPreBindDN, LDAPPreBindDNPW options useable instead of an anonymous bind while LDAPBindDN=auto - added a UserNameRule option allowing a regex based override of the hard coded user name checks Thanx for initial implementation to Juha Litola! - changed awk,grep,logger paths to /bin and ServerRoot to /var/lib/ftp-proxy/rundir (/var/ftp-proxy/rundir) in rc-script and config samples * 1.9.2.1 - released 2003-05-11 ----------------------------------- - improved user-auth to allow auth using ldap-bind as well - improved parsing of the ftp USER command magic strings to allow email-adresses as username if UseMagicChar is @. - removed broken ABOR on error while srv_data xfer still runs - fixed to use hls->retr instead of a static retry counter - applied OpenBSD pf-nat transparent proxy support patch by Matt Messier - thanx Matt! * 1.9 - released 2002-05-02 ----------------------------------- - implemented user authentication - currently ldap based only - updated documentation, merged with v1.8.2.2 fixes * 1.8.2.2 - released 2002-04-23 ----------------------------------- - transfer recv abort race conditions arround I_NREAD / FINOREAD observed in particular on Solaris should be catched propelly now - fixed permissions of debug-file as documented in ftp-proxy(8) * 1.8.2.1 - released 2002-04-04 ----------------------------------- - fixed Makefiles to use INST_ROOT, added install.doc targed - implemented config file wildcard-section names matching - minor and cosmetic fixes from patches flying arround * 1.8.0 - released 2002-01-14 ----------------------------------- - implemented transparent proxying support for Linux ipchains/iptables and BSD ipf/ipnat - read description in TransProxy-Mini-Howto.txt - implemented workarround for Netscape (4.x) to access directories via symbolic link (see also new FailResetsPasv config option) - implemented LDAPBindDN and LDAPBindPW simple bind authorization - fixed ld_errno fetching macro to work with openldap 2.x - fixed build-in chroot and uid/gid dropping - now, the whole daemon runs in the chroot; log is written with uid/gid set in config file - fixed socket_gets to wait for a complete line if no EOL found - added MaxRecvBufSiz config option allowing to limit the revc buffer - added LogLevel config option allowing to set the maximal level - extended log messages to provide basic transfer statistics data - extended / improved auto-configure checks for better portability - actualized manual pages, mini-howto's and installation description * 1.7.8 (tp8) - released 2001-09-19 ----------------------------------- - fixed sample run level script to be LSB compliant (I hope it is now) - added Solaris FIONREAD (broken pipe) patch from Stefan Landvoigt * 1.7.7 (tp7) - released 2001-06-20 ----------------------------------- - the proxy uses ip address fetched with getsockname from the control socket to the client for data communications. In transparent mode, this may cause problems with ip filters, because getsockname returns the address of the ftp server the client means it is connected to (see also "netstat -atn" output). Now, the proxy prefers to use the IP set via listen in the config; if no Listen is set, ip address from getsockname is used, so "Listen" and in some environments also TranslatedAddress should be set. - added socket_sck2addr CTAGS_OPTS typo and SockBindRand config_int vs. config_bool patch from Andrea. thanx! * 1.7.6 (tp6) - released 2001-06-05 ----------------------------------- - added sample rc.config.ftp-proxy and rc.script.ftp-config - implemented LDAPBindDN, LDAPBindPW for authenticated simple bind - autoconf ctags, ftp-proxy.conf.sample cleanups - fixed QUIT to be allowed every time - fixed pid file creation order to be before UID 0 is dropped - fixed ActivePort default to be INPORT_ANY (random port) if not running as UID 0 (root) instead of IPPORT_FTP - 1 (port 20) an no ActiveMinDataPort/ActiveMaxDataPort given - fixed (I hope ;-) bind/connect problems (see also SockBindRand option) - added patch for infinite-loop bug in telnet control handling - added patch for unneeded exit in socket_sck2addr and on client fork failure - added patch for clean up the PID of a child in daemon array (MaxClients) - added contributors to CREDITS file - updated manual page (ftp-proxy.conf.5.in) * 1.7.5 (tp5) - released 2000-10-08 ----------------------------------- - autoconf cleanups - tested on linux, freebsd4.0 and solaris7 - added UseMagicChar config keyword to support other characters than @ as user separators in "AllowMagicUser" mode. * 1.7.4 (tp4) - released 2000-10-03 ----------------------------------- - changed log file opening to rename the log file if it already exists instead of delete it :-) * 1.7.3 (tp3) - released 2000-09-22 ----------------------------------- - fixed ugly daemon-mode bug killing all proxy instances on QUIT * 1.7.2 (tp2) - released 2000-07-14 ----------------------------------- - added checks if destination is a local address; transparent proxying should work fine now * 1.7.1 (tp1) - released 2000-07-01 ----------------------------------- - first implementation of transparent proxying proxy-suite-1.9.2.4/ftp-proxy/SYSLOG0000644000000000000000000003343007464246100017054 0ustar rootroot00000000000000# # $Id: SYSLOG,v 1.8 2002/05/02 14:25:04 mt Exp $ # # These are all currently existing syslog(3) message types # except of the USER-DBG and TECH-DBG levels. # # TECH-FTL are usually internal program errors, where # a function receives no argument or the like. # # TECH-ERR are usually errors which cannot be corrected # and may lead to program termination. If the # errno variable has a non-zero value, it will # appended to the error message in the form: # ... (errno= [err-string]) # # TECH-WRN are usually conditions that indicate some sort # of misbehaviour, but need no immediate action. # # TECH-INF are usually confirmation or progress messages # and can be ignored in terms of auditing. # # USER-FTL do not exist at the time of this writing. # # USER-ERR are usually situations that ask for some kind # of operator investigation. Most likely some # illegal action has been tried and rejected. # # USER-WRN are usually situations that operators might # want to look into just out of curiosity. If # they don't, nothing will happen -- probably. # # USER-INF are usually situations that show some legal # user actions or statistics. They can always # be ignored, but operators might want to keep # them for maintaining an audit trail. # # # The following variables are used in this discussion: # # name of the current program # file, including source file # directory (e.g. for chroot) # source line # "High Level Socket" # HLS "Connection Type": # Cli-Ctrl, Cl-Data, Srv-Ctrl, Srv-Data # symbolic name, incl. config options # value, usually for a config option # UNIX style group ID # UNIX style user ID # IP address in dotted decimal notation # TCP port number as a umber # socket number (sort of file descriptor) # FTP command # argument to an FTP command # FTP user name # number of, i.e. bytes, secs, ... # response code from an FTP server # Telnet option # lower end of a port range # upper end of a port range # POSIX 1002.3 regular expression # # The following paragraphs summarize the exact wording of all # currently implemented syslog(3) messages, sorted by source # file. # # Source file: ++++ common/com-config.c Severity Pattern Text ======== ======== =============================================== crit TECH-FTL (:): config_line: ?fp? crit TECH-FTL (:): config_read: ?file? crit TECH-FTL (:): config_int: ?name? crit TECH-FTL (:): config_bool: ?name? crit TECH-FTL (:): config_str: ?name? crit TECH-FTL (:): config_addr: ?name? crit TECH-FTL (:): config_port: ?name? crit TECH-FTL (:): config_uid: ?name? crit TECH-FTL (:): config_gid: ?name? err TECH-ERR can't open config file '' warn TECH-WRN no config value for '' info TECH-INF Config-File: '' info TECH-INF Config-Section ------ '' info TECH-INF Config: = '' # Source file: ++++ common/com-misc.c Severity Pattern Text ======== ======== =============================================== crit TECH-FTL (:): misc_alloc: ?len? crit TECH-FTL (:): out of memory crit TECH-FTL (:): misc_strdup: ?str? err TECH-ERR can't remove pidfile '' err TECH-ERR can't open pidfile '' err TECH-ERR can't chroot to '' err TECH-ERR can't determine Group-ID to use err TECH-ERR can't set Group-ID to err TECH-ERR can't determine User-ID to use err TECH-ERR can't set User-ID to # Source file: ++++ common/com-socket.c Severity Pattern Text ======== ======== =============================================== crit TECH-FTL (:): socket_kill: ?hls? crit TECH-FTL (:): socket_gets: ?hls? ?ptr? ?len? crit TECH-FTL (:): socket_flag: ?hls? crit TECH-FTL (:): socket_write: ?hls? ?ptr? crit TECH-FTL (:): socket_printf: ?hls? ?fmt? crit TECH-FTL (:): socket_file: ?hls? ?file? crit TECH-FTL (:): socket_ll_read: ?hls? crit TECH-FTL (:): socket_ll_write: ?hls? crit TECH-FTL (:): socket_msgline: ?fmt? crit TECH-FTL (:): socket_d_listen: ?phls? ?ctyp? crit TECH-FTL (:): socket_d_listen: ?*phls? crit TECH-FTL (:): socket_d_connect: ?phls? ?ctyp? crit TECH-FTL (:): socket_d_connect: ?*phls? err TECH-ERR can't create listener socket err TECH-ERR can't bind to : err TECH-ERR can't accept client err TECH-ERR can't execute select err TECH-ERR can't accept err TECH-ERR can't create socket err TECH-ERR can't read from = err TECH-ERR can't ll_read: = err TECH-ERR can't ll_write: = err TECH-ERR can't get num of bytes: = err TECH-ERR can't get sockname for socket err TECH-ERR can't get peername for socket err TECH-ERR can't get iptables transparent destination err TECH-ERR can't get ipnat transparent destination err TECH-ERR can't open ipnat device '' warn TECH-WRN port is in use... err USER-ERR reject: '' (Wrap) # Source file: ++++ common/com-syslog.c Severity Pattern Text ======== ======== =============================================== crit TECH-FTL (:): invalid log level '' crit TECH-FTL (:): can't remove logfile '' crit TECH-FTL (:): can't open logfile '' crit TECH-FTL (:): can't open logpipe '' crit TECH-FTL (:): can't rotate logfile '' info TECH-INF reopening log - new destination is '' info TECH-INF rotating log file '' # Source file: ++++ common/com-debug.c Severity Pattern Text ======== ======== =============================================== crit TECH-FTL (:): invalid debug settings / # Source file: ++++ ftp-proxy/ftp-client.c Severity Pattern Text ======== ======== =============================================== crit TECH-FTL (:): client_run: ?cli_ctrl? err TECH-ERR bad response from server for err TECH-ERR bad PASV 227 response from server for err TECH-ERR can't connect Srv-Data for err TECH-ERR can't connect Cli-Data for err TECH-ERR Srv-Ctrl: can't create socket for err TECH-ERR Srv-Ctrl: can't bind to : for err TECH-ERR Srv-Ctrl: can't connect : for warn TECH-WRN server closed connection for warn TECH-WRN bogus '' from Server-PI for info TECH-INF ' ' sent for info TECH-INF '' sent for err USER-ERR reject: '' (DenyMessage) warn USER-WRN WILL/WONT refused for warn USER-WRN DO/DONT refused for warn USER-WRN from not allowed warn USER-WRN bad arg '' for '' from : warn USER-WRN unknown '' from info USER-INF connect from info USER-INF IAC- from info USER-INF Transfer for : '' read / byte/sec info USER-INF Transfer for : '' send / byte/sec info USER-INF closing connect from after secs - read /, sent / byte/sec # Source file: ++++ ftp-proxy/ftp-cmds.c Severity Pattern Text ======== ======== =============================================== crit TECH-FTL (:): cmds_pthr: ?ctx? crit TECH-FTL (:): cmds_pthr: ?curr_cmd? crit TECH-FTL (:): cmds_user: ?ctx? crit TECH-FTL (:): cmds_user: ?srv_ctrl? crit TECH-FTL (:): cmds_pass: ?ctx? crit TECH-FTL (:): cmds_rein: ?ctx? crit TECH-FTL (:): cmds_quit: ?ctx? crit TECH-FTL (:): cmds_port: ?ctx? crit TECH-FTL (:): cmds_pasv: ?ctx? crit TECH-FTL (:): cmds_xfer: ?ctx? crit TECH-FTL (:): cmds_xfer: ?curr_cmd? crit TECH-FTL (:): cmds_xfer: ?mode ? crit TECH-FTL (:): cmds_abor: ?ctx? crit TECH-FTL (:): cmds_auth: ?ctx? crit TECH-FTL (:): cmds_reg_comp: ?ppre? crit TECH-FTL (:): cmds_reg_exec: ?regex? ?str? crit TECH-FTL (:): cmds_apsv: ?ctx? crit TECH-FTL (:): cmds_eprt: ?ctx? crit TECH-FTL (:): cmds_epsv: ?ctx? err TECH-ERR check of transparent destination failed err TECH-ERR Srv-Data: can't bind to :- for err TECH-ERR Cli-Data: can't bind to :- for err TECH-ERR can't eval RegEx '': warn TECH-WRN can't open NAT file '' info TECH-INF 'PORT :' for info TECH-INF transparent proxy request to : from err USER-ERR unknown destination address warn USER-WRN '' without login from warn USER-WRN 'USER' without name from warn USER-WRN 'USER' without auth from warn USER-WRN bad arg '' for '' from : warn USER-WRN bad 'USER@' dest ':' from warn USER-WRN 'PASS' without login from warn USER-WRN syntax error in 'PORT' from warn USER-WRN different address in 'PORT' from warn USER-WRN killing old PASV socket for warn USER-WRN 'ABOR' from info USER-INF '' from info USER-INF ' ' from info USER-INF 'USER ' dest : from info USER-INF 'USER ' from info USER-INF PASV set to : for # Source file: ++++ ftp-proxy/ftp-daemon.c Severity Pattern Text ======== ======== =============================================== err TECH-ERR can't fork daemon err TECH-ERR can't detach daemon err TECH-ERR can't bind daemon to err TECH-ERR can't write config file into chroot err TECH-ERR child with PID went away (removing it) err TECH-ERR can't fork client warn TECH-WRN can't fork client now err USER-ERR reject: '' (ForkLimit ) err USER-ERR reject: '' (MaxClients ) # Source file: ++++ ftp-proxy/ftp-ldap.c Severity Pattern Text ======== ======== =============================================== crit TECH-FTL (:): ldap_setup_user: ?ctx? crit TECH-FTL (:): ldap_fetch: ?ctx? ?srv? crit TECH-FTL (:): ldap_fetch: ?BaseDN? crit TECH-FTL (:): ldap_fetch: ?ObjectClass? crit TECH-FTL (:): ldap_fetch: ?Identifier? crit TECH-FTL (:): ldap_attrib: ?ld? ?e? ?attr? err TECH-ERR can't read LDAP data for : err TECH-ERR can't eval DestAddr for err TECH-ERR can't eval DestPort for err TECH-ERR can't eval DestMode for err TECH-ERR can't reach LDAP server : err TECH-ERR can't bind LDAP using dn '' err TECH-ERR can't bind LDAP anonymously err TECH-ERR invalid user name or with asterisk err TECH-ERR ldap user auth - prefix missed info USER-INF reading data for '' from LDAP info USER-INF reading data for '' from cfg-file err USER-ERR LDAP user auth failed for from err USER-ERR access denied for # Source file: ++++ ftp-proxy/ftp-main.c Severity Pattern Text ======== ======== =============================================== err TECH-ERR can't run without an destination address ################################################################## # $Log: SYSLOG,v $ # Revision 1.8 2002/05/02 14:25:04 mt # updated to match v1.9 messages, removed debug level # # Revision 1.7 2002/05/02 13:13:31 mt # merged with v1.8.2.2 # # Revision 1.6.2.1 2002/04/04 14:30:44 mt # improved transparent proxy log messages # # Revision 1.6 2002/01/14 19:03:58 mt # added transparent proxying, extended transfer messages, actualized # # Revision 1.5 1999/10/19 10:19:15 wiegand # use port range also for control connection to server # # Revision 1.4 1999/09/30 09:48:57 wiegand # added dynamic TranslatedAddress via file # # Revision 1.3 1999/09/24 06:38:52 wiegand # added regular expressions for all commands # removed character map and length of paths # added flag to reset PASV on every PORT # added "magic" user with built-in destination # added some argument pointer fortification # # Revision 1.2 1999/09/21 07:13:07 wiegand # syslog / abort cleanup and review # # Revision 1.1 1999/09/15 14:06:22 wiegand # initial checkin # ################################################################## proxy-suite-1.9.2.4/ftp-proxy/TODO0000644000000000000000000000201107464235370016577 0ustar rootroot00000000000000# # $Id: TODO,v 1.4 2002/05/02 13:11:20 mt Exp $ # * Implement a destination control (using TCP wrapper?) used in transparent proxy and magic user modes * Implement a simple bandwidth limiter * Implement APSV as defined in rfc1579: - Client sends APSV (all passive) on begin of a session - Proxy allways does a passive open (on client-side) if not preceded by an explicite PORT or PASV - Proxy sends CODE 151 (IP+port) as response for all file transfer requests not preceded by a PORT or PASV - PORT overrides APSV-mode for next transfer operation * Implement IPv6 FTP extensions as defined in rfc2428 * Include support for Kerberos. * Allow also scp (Secure Copy) for both the client and server connection. * Include support for SSL (the OpenSSL example code includes an FTP client and server). Alas, the legal implications have to be considered !!! * Find a way to base the per user rules retrieved from an LDAP server not only on the user name, but also on the client address (with variable masks). proxy-suite-1.9.2.4/ftp-proxy/TransProxy-Mini-Howto.txt0000644000000000000000000001437607464235453023014 0ustar rootroot00000000000000 $Id: TransProxy-Mini-Howto.txt,v 1.2 2002/05/02 13:12:11 mt Exp $ SuSE FTP-Proxy transparent proxying Marius Tomaschewski Transparent proxying support is implemented for Linux ipchains, iptables and BSD ipf/ipnat (http://coombs.anu.edu.au/~avalon/). The BSD implementation is tested on OpenBSD 2.9 and FreeBSD 4.4. Note, that the iptables ipchains-wrapper (getsockname hack) does NOT support transparent proxying (see NAT-HOWTO, Sect 4)! Feel free to port and test it on other platforms! How it works? Its very simple: the ip filter of you kernel redirects all packages the client sends to the ftp port (21) in "external networks" to the proxy and the proxy connects the server the client wanted to go. Note: you have to enable the transparent proxy or ipnat feature in your kernel or load needed modules. Let's start using an example network configuration: internal network - 192.168.1.0/24 (and others) | | | interface: intern0, 192.168.1.1 Firewall/Gateway + Proxy | interface: extern0 | NAT-IP 200.200.200.1 | [Router (NAT)] | | external network I N T E R N E T (0.0.0.0/0) Note: In the above picture, the proxy has two network interfaces; they are named using "symbolic interface names" intern0 and extern0. OF COURSE, you have to replace all occurences of "symbolic interface names" used in this text with the proper real interface names as well as adopt the IP addresses to match your system/network configuration!! The real interface names depends on the system you are using and may be called like kernel drivers, that used for them. See system manuals and the output from "ifconfig -a" and "netstat -rn" to get needed informations about interfaces, ip addresses and routing. i.e. on Linux, the ethernet interfaces have names eth0, eth1, ...; on BSD systems, the driver names are used: de0, rl0, ... Respectively to the above network picture, here is a example config you can start with: # grep -v ^# /etc/proxy-suite/ftp-proxy.conf | grep -v ^$ [-Global-] ServerType standalone LogDestination daemon Listen 192.168.1.1 AllowTransProxy yes AllowMagicUser yes UseMagicChar % PortResetsPasv yes DestinationTransferMode passive # see bellow! If you do _not_ set "DestinationTransferMode passive", because you want to allow active-ftp transfers between the proxy and ftp-server _and_ you have a Router doing NAT/Masquerading behind the proxy (between proxy and the ftp-server), you may also need to set the TranslatedAddress variable to an (externally used) NAT IP, the proxy should use in FTP "PORT" command: # may be needed in NAT'ed/Masqueraded environments #TranslatedAddress 200.200.200.1 If you specifiy "DestinationTransferMode passive" as in the above config, no active-ftp are done and the TranslatedAddress variable is not needed at all. It is also not needed if the proxy does NAT or Masquerading itself (has an official IP) ! Use TranslatedAddress only, if you really known why it's needed! First, test if the proxy works using the MagicUser feature, "AllowMagic yes" ftp-proxy.conf(5) and a connect directly to the proxy: $ ftp 192.168.1.1 Connected to proxy.local. 220 proxy FTP server (Version 1.7.9pre3 - 2001/12/22 12:15:00) ready. Name (proxy:you): ftp%ftp.suse.com 331 Guest login ok, send your complete e-mail address as password. Password: 230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp> quit 221 Goodbye. If the proxy works, you can (must not) disable the MagicUser feature and setup the redirection rules for your ip-filter... the following example rules are the most relevant: 1) protect FTP proxy from extern / internet 2) redirect FTP requests from internal network to the proxy Feel free to use different rules or add other rules as well, but do not complain if the redirection doesn't work or a "bad guy" from the internet is using your proxy because of broken ip filter setup! *** iptables rules *** iptables -A INPUT -i extern0 -p tcp -d 192.168.1.1 --dport 21 -j DROP iptables -t nat -A PREROUTING -i intern0 -p tcp -d ! 192.168.1.1 \ --dport 21 -j REDIRECT --to-ports 21 *** ipchains rules *** ipchains -A input -i extern0 -d 192.168.1.1 21 -p tcp -j DENY ipchains -A input -i intern0 -d ! 192.168.1.1 21 -p tcp -j REDIRECT 21 Note: because of the method ipchains implements transparent proxying, you should set the "Listen" variable in the ftp-proxy.conf to the internal IP. Otherwise the proxy will spoof yor client using the IP of the server for data transfers (in active-ftp mode)... This may be blocked by other ip-filter (spoofing) rules. *** BSD ipnat rules *** # /etc/ipf.rules - see ipf(8): block in on extern0 proto tcp from any to 192.168.1.1 port = 21 # /etc/ipnat.rules - see ipnat(8): rdr intern0 0.0.0.0/0 port 21 -> 192.168.1.1 port 21 tcp Apply the rules i.e. using: ipf -Fa -f /etc/ipf.rules ; ipnat -CF -f /etc/ipnat.rules Read the manual pages / documentation of the filter tools you are using! Now, you should be able to use the ftp-server directly via transparent proxy redirection: $ ftp ftp.suse.com Connected to ftp2.suse.com. 220 proxy FTP server (Version 1.7.9pre3 - 2001/12/22 12:15:00) ready. Name (ftp.suse.com:you): ftp 331 Guest login ok, send your complete e-mail address as password. Password: 230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp> quit 221 Goodbye. Take a look on your messages or log files. You may see a message from the proxy about a transparent proxy destination (in one line): ftp-child[31673]: USER-INF transparent proxy request to 202.58.118.12:21 from 192.168.1.20 ^^^^^^^^^^^^^ ^^^^^^^^^^^^ ftp-server ftp-client If not, double-check your setup! And sure, feel free to set up a chroot environment, etc... Don't forget to have fun! proxy-suite-1.9.2.4/ftp-proxy/ftp-client.c0000644000000000000000000011661210170746721020330 0ustar rootroot00000000000000/* * $Id: ftp-client.c,v 1.9.2.3 2005/01/11 13:00:01 mt Exp $ * * Functions for the FTP Proxy client handling * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: ftp-client.c,v 1.9.2.3 2005/01/11 13:00:01 mt Exp $"; #endif #include #if defined(STDC_HEADERS) # include # include # include # include # include # include #endif #if defined(HAVE_UNISTD_H) # include #endif #if defined(TIME_WITH_SYS_TIME) # include # include #else # if defined(HAVE_SYS_TIME_H) # include # else # include # endif #endif #include #include #include #include #include #include "com-config.h" #include "com-debug.h" #include "com-misc.h" #include "com-socket.h" #include "com-syslog.h" #include "ftp-client.h" #include "ftp-cmds.h" #include "ftp-ldap.h" /* ------------------------------------------------------------ */ static void client_cli_ctrl_read(char *str); static void client_srv_ctrl_read(char *str); static void client_srv_passive (char *arg); static void client_xfer_fireup (void); static int client_setup_file(CONTEXT *ctx, char *who); /* ------------------------------------------------------------ */ static int close_flag = 0; /* Program termination request */ static CONTEXT ctx; /* The general client context */ /* ------------------------------------------------------------ ** ** ** Function......: client_signal ** ** Parameters....: signo Signal to be handled ** ** Return........: (most probably, none) ** ** Purpose.......: Handler for signals, mainly killing. ** ** ------------------------------------------------------------ */ static RETSIGTYPE client_signal(int signo) { #if defined(COMPILE_DEBUG) debug(2, "client signal %d", signo); #endif close_flag = 1; signal(signo, client_signal); #if RETSIGTYPE != void return 0; #endif } /* ------------------------------------------------------------ ** ** ** Function......: client_run ** ** Parameters....: (stdin/stdout is the User-PI) ** ** Return........: (none) ** ** Purpose.......: Main function for client operation. ** ** ------------------------------------------------------------ */ void client_run(void) { int sock, need, diff; char str[MAX_PATH_SIZE * 2]; char *p, *q; FILE *fp; BUF *buf; /* ** Setup client signal handling (mostly graceful exit) */ signal(SIGINT, client_signal); signal(SIGTERM, client_signal); signal(SIGQUIT, client_signal); signal(SIGHUP, client_signal); signal(SIGCHLD, SIG_IGN); signal(SIGUSR1, SIG_IGN); /* ** Prepare our general client context */ memset(&ctx, 0, sizeof(ctx)); ctx.sess_beg = time(NULL); ctx.cli_mode = MOD_ACT_FTP; ctx.expect = EXP_IDLE; ctx.timeout = config_int(NULL, "TimeOut", 900); sock = fileno(stdin); /* "recover" our socket */ /* ** Check whether a DenyMessage file exists. This ** indicates that we are currently not willing ** to serve any clients. */ p = config_str(NULL, "DenyMessage", NULL); if (p != NULL && (fp = fopen(p, "r")) != NULL) { while (fgets(str, sizeof(str) - 4, fp) != NULL) { p = socket_msgline(str); if ((q = strchr(p, '\n')) != NULL) strcpy(q, "\r\n"); else strcat(p, "\r\n"); send(sock, "421-", 4, 0); send(sock, p, strlen(p), 0); } fclose(fp); if ((p = config_str(NULL, "DenyString", NULL)) != NULL) p = socket_msgline(p); else p = "Service not available"; send(sock, "421 ", 4, 0); send(sock, p, strlen(p), 0); send(sock, ".\r\n", 3, 0); p = socket_addr2str(socket_sck2addr(sock, REM_END, NULL)); close(sock); syslog_write(U_ERR, "reject: '%s' (DenyMessage)", p); exit(EXIT_SUCCESS); } /* ** Create a High Level Socket for the client's User-PI */ if ((ctx.cli_ctrl = socket_init(sock)) == NULL) misc_die(FL, "client_run: ?cli_ctrl?"); ctx.cli_ctrl->ctyp = "Cli-Ctrl"; /* ** Announce the connection request */ syslog_write(U_INF, "connect from %s", ctx.cli_ctrl->peer); /* ** Display the welcome message (invite the user to login) */ if ((p = config_str(NULL, "WelcomeString", NULL)) == NULL) p = "%h FTP server (Version %v - %b) ready"; misc_strncpy(str, socket_msgline(p), sizeof(str)); client_respond(220, config_str(NULL, "WelcomeMessage", NULL), str); /* ** Enter the client mainloop */ while (close_flag == 0) { /* ** We need to go into select() only ** if all input has been processed ** or ** we wait for more data to get a line ** complete (partially sent, no EOL). ** ** (data buffers are never splited) */ need = 1; if (ctx.cli_ctrl && ctx.cli_ctrl->rbuf) need = 0; if (ctx.srv_ctrl && ctx.srv_ctrl->rbuf) need = 0; if((ctx.cli_ctrl && ctx.cli_ctrl->more>0) || (ctx.srv_ctrl && ctx.srv_ctrl->more>0)) need = 1; /* ** use higher priority to writes; ** read only if nothing to write... */ if(ctx.srv_data && ctx.cli_data) { if(ctx.srv_data->wbuf) { ctx.cli_data->more = -1; } else { ctx.cli_data->more = 0; } if(ctx.cli_data->wbuf) { ctx.srv_data->more = -1; } else { ctx.srv_data->more = 0; } } if (need != 0) { if (socket_exec(ctx.timeout, &close_flag) <= 0) break; /* Timed out or worse */ } #if defined(COMPILE_DEBUG) debug(4, "client-loop ..."); #endif /* ** Check if any zombie sockets can be removed */ if (ctx.cli_ctrl != NULL && ctx.cli_ctrl->sock == -1) close_flag = 1; /* Oops, forget it ... */ if (ctx.srv_ctrl != NULL && ctx.srv_ctrl->sock == -1) { #if defined(COMPILE_DEBUG) debug(3, "about to destroy Srv-Ctrl"); #endif /* ** If we have any open data connections, ** make really sure they don't survive. */ if (ctx.cli_data != NULL) ctx.cli_data->kill = 1; if (ctx.srv_data != NULL) ctx.srv_data->kill = 1; /* ** Our client should be informed */ if (ctx.cli_ctrl->kill == 0) { client_respond(421, NULL, "Service not available, " "closing control connection"); } /* ** Don't forget to remove the dead socket */ socket_kill(ctx.srv_ctrl); ctx.srv_ctrl = NULL; } if (ctx.cli_data != NULL && ctx.cli_data->sock == -1) { #if defined(COMPILE_DEBUG) debug(3, "about to destroy Cli-Data"); #endif /* ** If we have an outstanding server reply ** (e.g. 226 Transfer complete), send it. */ if (ctx.xfer_rep[0] != '\0') { socket_printf(ctx.cli_ctrl, "%s\r\n", ctx.xfer_rep); memset(ctx.xfer_rep, 0, sizeof(ctx.xfer_rep)); } else { if(ctx.expect == EXP_XFER) ctx.expect = EXP_PTHR; } /* ** Good time for statistics and data reset */ if (ctx.xfer_beg == 0) ctx.xfer_beg = time(NULL); diff = (int) (time(NULL) - ctx.xfer_beg); if (diff < 1) diff = 1; /* ** print our current statistic */ syslog_write(U_INF, "Transfer for %s %s: %s '%s' %s %u/%d byte/sec", ctx.cli_ctrl->peer, ctx.cli_data->ernr ? "failed" : "completed", ctx.xfer_cmd, ctx.xfer_arg, ctx.cli_data->rcnt ? "sent" : "read", ctx.cli_data->rcnt ? ctx.cli_data->rcnt : ctx.cli_data->wcnt, diff); /* ** update session statistics data */ if(ctx.cli_data->rcnt) ctx.xfer_rsec += diff; ctx.xfer_rcnt += ctx.cli_data->rcnt; if(ctx.cli_data->wcnt) ctx.xfer_wsec += diff; ctx.xfer_wcnt += ctx.cli_data->wcnt; /* ** reset data transfer state */ client_data_reset(MOD_RESET); /* ** Doom the corresponding server socket */ if (ctx.srv_data != NULL) ctx.srv_data->kill = 1; /* ** Don't forget to remove the dead socket */ socket_kill(ctx.cli_data); ctx.cli_data = NULL; } if (ctx.srv_data != NULL && ctx.srv_data->sock == -1) { #if defined(COMPILE_DEBUG) debug(3, "about to destroy Srv-Data"); #endif /* ** Doom the corresponding client socket if an ** error occured, FailResetsPasv=yes or we ** expect other response than PASV (Netscape!) */ if(ctx.cli_data != NULL) { if(0 != ctx.srv_data->ernr) { ctx.cli_data->ernr = -1; ctx.cli_data->kill = 1; } if(config_bool(NULL,"FailResetsPasv", 0)) { ctx.cli_data->kill = 1; } else if(ctx.expect != EXP_PASV) { ctx.cli_data->kill = 1; } } /* ** Don't forget to remove the dead socket */ socket_kill(ctx.srv_data); ctx.srv_data = NULL; } /* ** Serve the control connections */ if (ctx.cli_ctrl != NULL && ctx.cli_ctrl->rbuf != NULL) { if (socket_gets(ctx.cli_ctrl, str, sizeof(str)) != NULL) client_cli_ctrl_read(str); } if (ctx.srv_ctrl != NULL && ctx.srv_ctrl->rbuf != NULL) { if (socket_gets(ctx.srv_ctrl, str, sizeof(str)) != NULL) client_srv_ctrl_read(str); } /* ** Serve the data connections. This is a bit tricky, ** since all we do is move the buffer pointers. */ if (ctx.cli_data != NULL && ctx.srv_data != NULL) { if (ctx.cli_data->rbuf != NULL) { #if defined(COMPILE_DEBUG) debug(2, "Cli-Data -> Srv-Data"); #endif if (ctx.srv_data->wbuf == NULL) { ctx.srv_data->wbuf = ctx.cli_data->rbuf; } else { for (buf = ctx.srv_data->wbuf; buf && buf->next; buf = buf->next) ; buf->next = ctx.cli_data->rbuf; } ctx.cli_data->rbuf = NULL; } if (ctx.srv_data->rbuf != NULL) { #if defined(COMPILE_DEBUG) debug(2, "Srv-Data -> Cli-Data"); #endif if (ctx.cli_data->wbuf == NULL) { ctx.cli_data->wbuf = ctx.srv_data->rbuf; } else { for (buf = ctx.cli_data->wbuf; buf && buf->next; buf = buf->next) ; buf->next = ctx.srv_data->rbuf; } ctx.srv_data->rbuf = NULL; } } /* at this point the main loop resumes ... */ } /* ** Display basic session statistics... ** in secs since session begin ** downloads / read (xfer-reads from server) ** uploads / send (xfer-sends from server) */ syslog_write(U_INF, "closing connect from %s after %d secs - " "read %d/%d, sent %d/%d byte/sec", ctx.cli_ctrl ? ctx.cli_ctrl->peer : "unknown peer", time(NULL)-ctx.sess_beg, ctx.xfer_wcnt, ctx.xfer_wsec, ctx.xfer_rcnt, ctx.xfer_rsec); /* ** Free allocated memory */ ctx.magic_auth = NULL; if (ctx.userauth != NULL) { misc_free(FL, ctx.userauth); ctx.userauth = NULL; } if (ctx.username != NULL) { misc_free(FL, ctx.username); ctx.username = NULL; } if(ctx.userpass != NULL) { misc_free(FL, ctx.userpass); ctx.userpass = NULL; } #if defined(COMPILE_DEBUG) debug(1, "}}}}} %s client-exit", misc_getprog()); #endif exit(EXIT_SUCCESS); } /* ------------------------------------------------------------ ** ** ** Function......: client_cli_ctrl_read ** ** Parameters....: str Buffer with data ** ** Return........: (none) ** ** Purpose.......: Decode and execute client PI commands. ** ** ------------------------------------------------------------ */ static void client_cli_ctrl_read(char *str) { char *arg; CMD *cmd; int c; if (str == NULL) { /* Basic sanity check */ #if defined(COMPILE_DEBUG) debug(2, "null User-PI msg: nothing to do"); #endif return; } /* ** Handle a minimum amount of Telnet line control */ while ((arg = strchr(str, IAC)) != NULL) { c = (arg[1] & 255); switch (c) { case WILL: case WONT: /* ** RFC 1123, 4.1.2.12 */ syslog_write(U_WRN, "WILL/WONT refused for %s", ctx.cli_ctrl->peer); socket_printf(ctx.cli_ctrl, "%c%c%c", IAC, DONT, arg[2]); if(arg[2]) memmove(arg, arg + 3, strlen(arg) - 2); else memmove(arg, arg + 1, strlen(arg)); break; case DO: case DONT: /* ** RFC 1123, 4.1.2.12 */ syslog_write(U_WRN, "DO/DONT refused for %s", ctx.cli_ctrl->peer); socket_printf(ctx.cli_ctrl, "%c%c%c", IAC, WONT, arg[2]); if(arg[2]) memmove(arg, arg + 3, strlen(arg) - 2); else memmove(arg, arg + 1, strlen(arg)); break; case IAC: memmove(arg, arg + 1, strlen(arg)); break; case IP: case DM: syslog_write(U_INF, "IAC-%s from %s", (c == IP) ? "IP" : "DM", ctx.cli_ctrl->peer); memmove(arg, arg + 2, strlen(arg) - 1); break; default: memmove(arg, arg + 1, strlen(arg)); } } /* ** If there is nothing left to process, please call again */ if (str[0] == '\0') { #if defined(COMPILE_DEBUG) debug(2, "empty User-PI msg: nothing to do"); #endif return; } /* ** Separate arguments if given */ if ((arg = strchr(str, ' ')) == NULL) arg = strchr(str, '\t'); if (arg == NULL) arg = ""; else { while (*arg == ' ' || *arg == '\t') *arg++ = '\0'; } #if defined(COMPILE_DEBUG) debug(1, "from User-PI (%d): cmd='%.32s' arg='%.512s'", ctx.cli_ctrl->sock, str, NIL(arg)); #endif /* ** Try to execute the given command. The "USER" command ** must be enabled in any case, since it's the one to ** setup allow/deny (let's call it bootstrapping) ... */ for (cmd = cmds_get_list(); cmd->name != NULL; cmd++) { if (strcasecmp("USER", cmd->name) == 0) cmd->legal = 1; /* Need this one! */ if (strcasecmp(str, cmd->name) != 0) continue; if ((cmd->legal == 0) && strcasecmp("QUIT", cmd->name)) { client_respond(502, NULL, "'%.32s': " "command not implemented", str); syslog_write(U_WRN, "'%.32s' from %s not allowed", str, ctx.cli_ctrl->peer); return; } #if defined(HAVE_REGEX) if (cmd->regex != NULL) { char *p; p = cmds_reg_exec(cmd->regex, arg); if (p != NULL) { client_respond(501, NULL, "'%.32s': syntax error " "in arguments", str); syslog_write(U_WRN, "bad arg '%.128s'%s for " "'%s' from %s: %s", arg, (strlen(arg) > 128) ? "..." : "", cmd->name, ctx.cli_ctrl->peer, p); return; } } #endif ctx.curr_cmd = str; (*cmd->func)(&ctx, arg); return; } /* ** Arriving here means the command was not found... */ client_respond(500, NULL, "'%.32s': command unrecognized", str); syslog_write(U_WRN, "unknown '%.32s' from %s", str, ctx.cli_ctrl->peer); } /* ------------------------------------------------------------ ** ** ** Function......: client_srv_ctrl_read ** ** Parameters....: str Buffer with data ** ** Return........: (none) ** ** Purpose.......: Decode and execute server responses. ** ** ------------------------------------------------------------ */ static void client_srv_ctrl_read(char *str) { int code, c1, c2, c3; char *arg; if (str == NULL) /* Basic sanity check */ return; syslog_write(T_DBG, "from Server-PI (%d): '%.512s'", ctx.srv_ctrl->sock, str); #if defined(COMPILE_DEBUG) debug(1, "from Server-PI (%d): '%.512s'", ctx.srv_ctrl->sock, str); #endif /* ** Intermediate responses can usually be forwarded */ if (*str < '2' || *str > '5' || str[3] != ' ') { /* ** If this is the destination host's ** welcome message let's discard it. */ if (ctx.expect == EXP_CONN) return; if (ctx.expect == EXP_USER && UAUTH_NONE != ctx.auth_mode) return; #if defined(COMPILE_DEBUG) debug(2, "'%.4s'... forwarded to %s %d=%s", str, ctx.cli_ctrl->ctyp, ctx.cli_ctrl->sock, ctx.cli_ctrl->peer); #endif socket_printf(ctx.cli_ctrl, "%s\r\n", str); return; } /* ** Consider only valid final response codes */ if ((code = atoi(str)) < 200 || code > 599) { syslog_error("bad response %d from server for %s", code, ctx.srv_ctrl->peer); return; } c1 = code / 100; c2 = (code % 100) / 10; c3 = code % 10; for (arg = str + 3; *arg == ' '; arg++) ; /* ** We have a response code, go see what we expected */ switch (ctx.expect) { case EXP_CONN: /* ** Waiting for a 220 Welcome */ if (c1 == 2) { socket_printf(ctx.srv_ctrl, "USER %s\r\n", ctx.username); ctx.expect = EXP_USER; } else { if(UAUTH_NONE != ctx.auth_mode) { client_respond(530, NULL, "Login incorrect"); } else { socket_printf(ctx.cli_ctrl, "%s\r\n", str); } ctx.expect = EXP_IDLE; ctx.cli_ctrl->kill = 1; } break; case EXP_USER: /* ** Only the following codes are useful: ** 230=logged in, ** 331=need password, ** 332=need password+account */ if(UAUTH_NONE != ctx.auth_mode) { /* ** logged in, NO password needed */ if(c1 == 2 && c2 == 3) { client_respond(230, NULL, "User logged in, proceed."); ctx.expect = EXP_IDLE; break; } else /* ** OK, password (+account) needed */ if(c1 == 3 && c2 == 3) { if(ctx.userpass) { socket_printf(ctx.srv_ctrl, "PASS %s\r\n", ctx.userpass); misc_free(FL, ctx.userpass); ctx.userpass = NULL; } else { socket_printf(ctx.srv_ctrl, "PASS \r\n"); } ctx.expect = EXP_PTHR; break; } } /* ** pass server response through to client */ socket_printf(ctx.cli_ctrl, "%s\r\n", str); if (c1 != 2 && c1 != 3) { ctx.cli_ctrl->kill = 1; } ctx.expect = EXP_IDLE; break; case EXP_ABOR: if (c1 == 2) { client_data_reset(MOD_RESET); ctx.expect = EXP_IDLE; } break; case EXP_PASV: if (code == 227 && *arg != '\0') { client_srv_passive(arg); } else { socket_printf(ctx.cli_ctrl, "%s\r\n", str); client_data_reset(MOD_RESET); ctx.expect = EXP_IDLE; } break; case EXP_PORT: if (code == 200) { client_xfer_fireup(); } else { socket_printf(ctx.cli_ctrl, "%s\r\n", str); client_data_reset(MOD_RESET); ctx.expect = EXP_IDLE; } break; case EXP_XFER: /* ** Distinguish between success and failure */ if (c1 == 2) { misc_strncpy(ctx.xfer_rep, str, sizeof(ctx.xfer_rep)); } else { socket_printf(ctx.cli_ctrl, "%s\r\n", str); if(config_bool(NULL,"FailResetsPasv", 0)) { client_data_reset(MOD_RESET); } else { client_data_reset(ctx.cli_mode); } } ctx.expect = EXP_IDLE; break; case EXP_PTHR: socket_printf(ctx.cli_ctrl, "%s\r\n", str); ctx.expect = EXP_IDLE; break; case EXP_IDLE: socket_printf(ctx.cli_ctrl, "%s\r\n", str); if (code == 421) { syslog_write(T_WRN, "server closed connection " "for %s", ctx.cli_ctrl->peer); ctx.cli_ctrl->kill = 1; } else { syslog_write(T_WRN, "bogus '%.512s' from " "Server-PI for %s", ctx.cli_ctrl->peer, str); } break; } } /* ------------------------------------------------------------ ** ** ** Function......: client_srv_passive ** ** Parameters....: arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Evaluate the 227 response from the server. ** ** ------------------------------------------------------------ */ static void client_srv_passive(char *arg) { int h1, h2, h3, h4, p1, p2; u_int32_t addr, ladr; u_int16_t port; int incr; if (arg == NULL) /* Basic sanity check */ return; /* ** Read the port. According to RFC 1123, 4.1.2.6, ** we have to scan the string for the first digit. */ while (*arg < '0' || *arg > '9') arg++; if (sscanf(arg, "%d,%d,%d,%d,%d,%d", &h1, &h2, &h3, &h4, &p1, &p2) != 6) { syslog_error("bad PASV 277 response from server for %s", ctx.cli_ctrl->peer); client_respond(425, NULL, "Can't open data connection"); client_data_reset(MOD_RESET); ctx.expect = EXP_IDLE; return; } addr = (u_int32_t) ((h1 << 24) + (h2 << 16) + (h3 << 8) + h4); port = (u_int16_t) ((p1 << 8) + p2); syslog_write(T_DBG, "got SRV-PASV %s:%d for %s:%d", socket_addr2str(addr), port, ctx.cli_ctrl->peer, ctx.cli_ctrl->port); /* ** should we bind a rand(port-range) or increment? */ incr = !config_bool(NULL,"SockBindRand", 0); /* ** Open a connection to the server at the given port */ ladr = socket_sck2addr(ctx.srv_ctrl->sock, LOC_END, NULL); if (socket_d_connect(addr, port, ladr, ctx.srv_lrng, ctx.srv_urng, &(ctx.srv_data), "Srv-Data", incr) == 0) { syslog_error("can't connect Srv-Data for %s", ctx.cli_ctrl->peer); client_respond(425, NULL, "Can't open data connection"); client_data_reset(MOD_RESET); ctx.expect = EXP_IDLE; return; } /* ** Finally send the original command from the client */ client_xfer_fireup(); } /* ------------------------------------------------------------ ** ** ** Function......: client_xfer_fireup ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Send a deferred transfer command to the ** server if applicable. If the transfer ** to the client is ACTIVE, we also need to ** connect() to the client. ** ** ------------------------------------------------------------ */ static void client_xfer_fireup(void) { u_int32_t ladr = INADDR_ANY; int incr; /* ** should we bind a rand(port-range) or increment? */ incr = !config_bool(NULL,"SockBindRand", 0); /* ** If appropriate, connect to the client's data port */ if (ctx.cli_mode == MOD_ACT_FTP) { /* ** TransProxy mode: check if we can use our real ** ip instead of the server's one as our local ip, ** we pre-bind the socket/ports to before connect. */ if(config_bool(NULL, "AllowTransProxy", 0)) { ladr = config_addr(NULL, "Listen", (u_int32_t)INADDR_ANY); } if(INADDR_ANY == ladr) { ladr = socket_sck2addr(ctx.cli_ctrl->sock, LOC_END, NULL); } if (socket_d_connect(ctx.cli_addr, ctx.cli_port, ladr, ctx.act_lrng, ctx.act_urng, &(ctx.cli_data), "Cli-Data", incr) == 0) { syslog_error("can't connect Cli-Data for %s", ctx.cli_ctrl->peer); client_respond(425, NULL, "Can't open data connection"); client_data_reset(MOD_RESET); ctx.expect = EXP_IDLE; return; } } /* ** Send the original command from the client */ if (ctx.xfer_arg[0] != '\0') { socket_printf(ctx.srv_ctrl, "%s %s\r\n", ctx.xfer_cmd, ctx.xfer_arg); syslog_write(T_INF, "'%s %s' sent for %s", ctx.xfer_cmd, ctx.xfer_arg, ctx.cli_ctrl->peer); } else { socket_printf(ctx.srv_ctrl, "%s\r\n", ctx.xfer_cmd); syslog_write(T_INF, "'%s' sent for %s", ctx.xfer_cmd, ctx.cli_ctrl->peer); } /* ** Prepare the handling and statistics buffers */ memset(ctx.xfer_rep, 0, sizeof(ctx.xfer_rep)); ctx.xfer_beg = time(NULL); ctx.expect = EXP_XFER; /* Expect 226 complete */ } /* ------------------------------------------------------------ ** ** ** Function......: client_respond ** ** Parameters....: code Return code ** file Optional file with info ** fmt Format string for output ** ** Return........: (none) ** ** Purpose.......: Decode and execute server responses. ** ** ------------------------------------------------------------ */ void client_respond(int code, char *file, char *fmt, ...) { va_list aptr; char str[MAX_PATH_SIZE * 2], *p, *q; FILE *fp; /* ** Display additional info from file if found */ if (file != NULL && (fp = fopen(file, "r")) != NULL) { while (fgets(str, sizeof(str), fp) != NULL) { p = socket_msgline(str); if ((q = strchr(p, '\n')) != NULL) *q = '\0'; socket_printf(ctx.cli_ctrl, "%03d-%s\r\n", code, p); } fclose(fp); } /* ** The last line carries the ultimate reponse code */ va_start(aptr, fmt); #if defined(HAVE_VSNPRINTF) vsnprintf(str, sizeof(str), fmt, aptr); #else vsprintf(str, fmt, aptr); #endif va_end(aptr); socket_printf(ctx.cli_ctrl, "%03d %s.\r\n", code, str); } /* ------------------------------------------------------------ ** ** ** Function......: client_reinit ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Hard-Reset data and server connections. ** ** ------------------------------------------------------------ */ void client_reinit(void) { /* ** Remove any server or data connections */ if (ctx.srv_data != NULL) { socket_kill(ctx.srv_data); ctx.srv_data = NULL; } if (ctx.cli_data != NULL) { socket_kill(ctx.cli_data); ctx.cli_data = NULL; } if (ctx.srv_ctrl != NULL) { socket_kill(ctx.srv_ctrl); ctx.srv_ctrl = NULL; } client_data_reset(MOD_RESET); /* ** Remove the current user and status */ ctx.auth_mode = UAUTH_NONE; ctx.magic_auth = 0; if (ctx.userauth != NULL) { misc_free(FL, ctx.userauth); ctx.userauth = NULL; } if (ctx.username != NULL) { misc_free(FL, ctx.username); ctx.username = NULL; } if(ctx.userpass != NULL) { misc_free(FL, ctx.userpass); ctx.userpass = NULL; } ctx.expect = EXP_IDLE; } /* ------------------------------------------------------------ ** ** ** Function......: client_data_reset ** ** Parameters....: mode reset client transfer mode ** default value is MOD_RESET ** ** Return........: (none) ** ** Purpose.......: Reset variables for data transfer. ** ** ------------------------------------------------------------ */ void client_data_reset(int mode) { memset(ctx.xfer_cmd, 0, sizeof(ctx.xfer_cmd)); memset(ctx.xfer_arg, 0, sizeof(ctx.xfer_arg)); ctx.xfer_beg = 0; /* ** reset client transfer mode to the specified one ** or (mode==MOD_RESET) to default mode MOD_ACT_FTP ** ** Note: a reset to default is the normal behaviour */ ctx.cli_mode = mode ? mode : MOD_ACT_FTP; if (ctx.cli_ctrl != NULL) { ctx.cli_addr = ctx.cli_ctrl->addr; ctx.cli_port = ctx.cli_ctrl->port; } } /* ------------------------------------------------------------ ** ** ** Function......: client_srv_open ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Open control connection to the server. ** ** ------------------------------------------------------------ */ void client_srv_open(void) { struct sockaddr_in saddr; u_int16_t lprt, lowrng, res; int sock, incr, retry; /* ** should we bind a rand(port-range) or increment? */ incr = !config_bool(NULL,"SockBindRand", 0); /* ** mark socket invalid */ sock = -1; /* ** Forward connection to destination */ retry = MAX_RETRIES; lprt = ctx.srv_lrng; while(0 <= retry--) { /* ** First of all, get a socket */ if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0) { syslog_error("Srv-Ctrl: can't create socket for %s", ctx.cli_ctrl->peer); exit(EXIT_FAILURE); } socket_opts(sock, SK_CONTROL); /* ** check if we have to take care to a port range */ if( !(INPORT_ANY == ctx.srv_lrng && INPORT_ANY == ctx.srv_urng)) { u_int32_t ladr = INADDR_ANY; /* ** bind the socket, taking care of a given port range */ if(incr) { lowrng = lprt; #if defined(COMPILE_DEBUG) debug(2, "Srv-Ctrl: " "about to bind to %s:range(%d-%d)", socket_addr2str(ladr), lowrng, ctx.srv_urng); #endif res = socket_d_bind(sock, ladr, lowrng, ctx.srv_urng, incr); } else { lowrng = ctx.srv_lrng; #if defined(COMPILE_DEBUG) debug(2, "Srv-Ctrl: " "about to bind to %s:range(%d-%d)", socket_addr2str(ladr), lowrng, ctx.srv_urng); #endif res = socket_d_bind(sock, ladr, lowrng, ctx.srv_urng, incr); } if (INPORT_ANY == res) { /* nothing found? */ close(sock); syslog_error("Srv-Ctrl: can't bind to" " %s:%d for %s", socket_addr2str(ladr), (int)lprt, ctx.cli_ctrl->peer); exit(EXIT_FAILURE); } else { lprt = res; } } else lprt = INPORT_ANY; /* ** Okay, now try the actual connect to the server */ memset(&saddr, 0, sizeof(saddr)); saddr.sin_addr.s_addr = htonl(ctx.srv_addr); saddr.sin_family = AF_INET; saddr.sin_port = htons(ctx.srv_port); if (connect(sock, (struct sockaddr *)&saddr, sizeof(saddr)) < 0) { #if defined(COMPILE_DEBUG) debug(2, "Srv-Ctrl: connect failed with '%s'", strerror(errno)); #endif close(sock); sock = -1; /* check if is makes sense to retry? ** perhaps we only need an other ** local port (EADDRNOTAVAIL) for ** this destination? */ if( !(EINTR == errno || EAGAIN == errno || EADDRINUSE == errno || EADDRNOTAVAIL == errno)) { /* ** an other (real) error ocurred */ syslog_error("Srv-Ctrl: " "can't connect %s:%d for %s", socket_addr2str(ctx.srv_addr), (int) ctx.srv_port, ctx.cli_ctrl->peer); exit(EXIT_FAILURE); } if(incr && INPORT_ANY != lprt) { /* increment lower range if we use ** increment mode and have a range */ if(lprt < ctx.srv_urng) { lprt++; } else { /* ** no more ports in range we can try */ syslog_error("Srv-Ctrl: " "can't connect %s:%d for %s", socket_addr2str(ctx.srv_addr), (int) ctx.srv_port, ctx.cli_ctrl->peer); exit(EXIT_FAILURE); } } } else break; } /* ** check if we have a valid, connected socket */ if(-1 == sock) { syslog_error("Srv-Ctrl: can't connect %s:%d for %s", socket_addr2str(ctx.srv_addr), (int) ctx.srv_port, ctx.cli_ctrl->peer); exit(EXIT_FAILURE); } if ((ctx.srv_ctrl = socket_init(sock)) == NULL) misc_die(FL, "cmds_user: ?srv_ctrl?"); ctx.srv_ctrl->ctyp = "Srv-Ctrl"; #if defined(COMPILE_DEBUG) debug(2, "Srv-Ctrl is %s:%d", ctx.srv_ctrl->peer, (int) ctx.srv_port); #endif ctx.expect = EXP_CONN; /* Expect Welcome */ } /* ------------------------------------------------------------ ** ** ** Function......: client_setup ** ** Parameters....: pwd client / user password ** ** Return........: 0 on success ** ** Purpose.......: setup user-profile and preform auth ** if configured... ** ** ------------------------------------------------------------ */ int client_setup(char *pwd) { char *type; char *who; /* ** Setup defaults for the client's DTP process */ ctx.cli_mode = MOD_ACT_FTP; ctx.cli_addr = ctx.cli_ctrl->addr; ctx.cli_port = ctx.cli_ctrl->port; ctx.srv_addr = INADDR_ANY; ctx.srv_port = INPORT_ANY; /* ** select the proper name for user specific setup... */ if(NULL != ctx.userauth) { who = ctx.userauth; } else { who = ctx.username; } /* ** don't allow empty or invalid names... */ if(NULL != who && '\0' != who[0]) { char *ptr; #if defined(HAVE_REGEX) char *rule; void *preg = NULL; rule = config_str(NULL, "UserNameRule", "^[[:alnum:]]+([%20@/\\._-][[:alnum:]]+)*$"); syslog_write(T_DBG, "compiling UserNameRule: '%.1024s'", rule); if(NULL == (ptr = cmds_reg_comp(&preg, rule))) { return -1; } syslog_write(T_DBG, "DeHTMLized UserNameRule: '%.1024s'", ptr); ptr = cmds_reg_exec(preg, who); if(NULL != ptr) { syslog_write(U_WRN, "invalid user name '%.128s'%s: %s", who, (strlen(who)>128 ? "..." : ""), ptr); cmds_reg_comp(&preg, NULL); /* free regex ptr */ return -1; } else { cmds_reg_comp(&preg, NULL); /* free regex ptr */ } #else /* ** Simplified "emulation" of the above regex: */ if( !(isalnum(who[0]) && isalnum(who[strlen(who)-1]))) { syslog_write(U_ERR, "invalid user name '%.128s'%s", who, (strlen(who)>128 ? "..." : "")); return 1; } for(ptr=who+1; *ptr; ptr++) { if( !(isalnum(*ptr) || ' ' == *ptr || '@' == *ptr || '/' == *ptr || '.' == *ptr || '_' == *ptr || '-' == *ptr)) { syslog_write(U_ERR, "invalid user name '%.128s'%s", who, (strlen(who)>128 ? "..." : "")); return -1; } } #endif } else { /* HUH ?! */ syslog_write(U_ERR, "empty user name"); return -1; } /* ** user specific setup from config file ** with fallback to default values */ if(0 != client_setup_file(&ctx, who)) { return -1; } /* ** check if we have to authenticate the user ** ** authenticate user and setup user specific ** from ldap server if configured */ type = config_str(NULL, "UserAuthType", NULL); if(NULL != type) { if(0 == strcasecmp(type, "ldap")) { /* ** ldap server is mandatory */ if(NULL == config_str(NULL, "LDAPServer", NULL)) { misc_die(FL, "client_setup: ?LDAPServer?"); } /* ** ldap auth + setup */ if(0 != ldap_setup_user(&ctx, who, pwd ? pwd : "")) return -1; } else { misc_die(FL, "client_setup: unknown ?UserAuthType?"); } } else { /* ** try ldap setup only */ ldap_setup_user(&ctx, who, NULL); } /* ** Evaluate mandatory settings or refuse to run. */ errno = 0; if(INADDR_ANY == ctx.srv_addr || INADDR_BROADCAST == ctx.srv_addr) { syslog_error("can't eval DestAddr for %s", ctx.cli_ctrl->peer); return -1; } if(INPORT_ANY == ctx.srv_port) { syslog_error("can't eval DestPort for %s", ctx.cli_ctrl->peer); return -1; } return 0; /* all right */ } /* ------------------------------------------------------------ ** ** ** Function......: client_setup_file ** ** Parameters....: ctx Pointer to user context ** who Pointer to user name ** ** Return........: 0 on success ** ** Purpose.......: setup user-profile from config file ** ** ------------------------------------------------------------ */ static int client_setup_file(CONTEXT *ctx, char *who) { char *p; u_int16_t l, u; /* ** little bit sanity check */ if( !(ctx && who && *who)) { return -1; } /* ** Inform the auditor that we are using the config file */ syslog_write(U_INF, "reading data for '%s' from cfg-file", who); /* ** Evaluate DestinationAddress, except we have magic_addr */ if (INADDR_ANY != ctx->magic_addr) { ctx->srv_addr = ctx->magic_addr; } else { ctx->srv_addr = config_addr(who, "DestinationAddress", INADDR_ANY); #if defined(COMPILE_DEBUG) debug(2, "file DestAddr for %s: '%s'", ctx->cli_ctrl->peer, socket_addr2str(ctx->srv_addr)); #endif } /* ** Evaluate DestinationPort, except we have magic_port */ if (INPORT_ANY != ctx->magic_port) { ctx->srv_port = ctx->magic_port; } else { ctx->srv_port = config_port(who, "DestinationPort", IPPORT_FTP); #if defined(COMPILE_DEBUG) debug(2, "file DestPort for %s: %d", ctx->cli_ctrl->peer, (int) ctx->srv_port); #endif } /* ** Evaluate the destination transfer mode */ p = config_str(who, "DestinationTransferMode", "client"); if(0 == strcasecmp(p, "active")) { ctx->srv_mode = MOD_ACT_FTP; } else if(0 == strcasecmp(p, "passive")) { ctx->srv_mode = MOD_PAS_FTP; } else if(0 == strcasecmp(p, "client")) { ctx->srv_mode = MOD_CLI_FTP; } else { syslog_error("can't eval DestMode for %s", ctx->cli_ctrl->peer); return -1; } #if defined(COMPILE_DEBUG) debug(2, "file DestMode for %s: %s", ctx->cli_ctrl->peer, p); #endif /* ** Evaluate min/max destination port range */ l = config_port(who, "DestinationMinPort", INPORT_ANY); u = config_port(who, "DestinationMaxPort", INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->srv_lrng = l; ctx->srv_urng = u; } else { ctx->srv_lrng = INPORT_ANY; ctx->srv_urng = INPORT_ANY; } #if defined(COMPILE_DEBUG) debug(2, "file DestRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->srv_lrng, ctx->srv_urng); #endif /* ** Evaluate min/max active port range */ l = config_port(who, "ActiveMinDataPort", INPORT_ANY); u = config_port(who, "ActiveMaxDataPort", INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->act_lrng = l; ctx->act_urng = u; } else { /* do not try to bind a port < 1024 if running as UID != 0 */ if(0 == getuid()) { ctx->act_lrng = (IPPORT_FTP - 1); ctx->act_urng = (IPPORT_FTP - 1); } else { ctx->act_lrng = INPORT_ANY; ctx->act_urng = INPORT_ANY; } } #if defined(COMPILE_DEBUG) debug(2, "file ActiveRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->act_lrng, ctx->act_urng); #endif /* ** Evaluate min/max passive port range */ l = config_port(who, "PassiveMinDataPort", INPORT_ANY); u = config_port(who, "PassiveMaxDataPort", INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->pas_lrng = l; ctx->pas_urng = u; } else { ctx->pas_lrng = INPORT_ANY; ctx->pas_urng = INPORT_ANY; } #if defined(COMPILE_DEBUG) debug(2, "file PassiveRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->pas_lrng, ctx->pas_urng); #endif /* ** Setup other configuration options */ ctx->same_adr = config_bool(who, "SameAddress", 1); ctx->timeout = config_int (who, "TimeOut", 900); #if defined(COMPILE_DEBUG) debug(2, "file SameAddress for %s: %s", ctx->cli_ctrl->peer, ctx->same_adr ? "yes" : "no"); debug(2, "file TimeOut for %s: %d", ctx->cli_ctrl->peer, ctx->timeout); #endif /* ** Adjust the allow/deny flags for the commands */ p = config_str(who, "ValidCommands", NULL); cmds_set_allow(p); return 0; } /* ------------------------------------------------------------ * $Log: ftp-client.c,v $ * Revision 1.9.2.3 2005/01/11 13:00:01 mt * fixed default UserNameRule regexp rejecting user * names where the 3. character is not alphanumeric * * Revision 1.9.2.2 2004/03/22 12:40:13 mt * implemented a UserNameRule option allowing a regex * based override of the builtin user name checks * * Revision 1.9.2.1 2003/05/07 11:11:33 mt * removed broken ABOR sending on error while srv_data xfer still runs * moved user config-profile reading from ftp-ldap to client_setup_file() * changed to use new ctx.auth_mode flags to check if in user-auth mode * * Revision 1.9 2002/05/02 13:15:36 mt * implemented simple (ldap based) user auth * * Revision 1.8.2.1 2002/04/04 14:26:11 mt * added failed/completed transfer log message status * * Revision 1.8 2002/01/14 19:35:44 mt * implemented workarround for Netscape (4.x) directory symlink handling * implemented a MaxRecvBufSize option limiting max recv buffer size * extended log messages to provide basic transfer statistics data * added snprintf usage if supported, replaced strncpy with misc_strncpy * * Revision 1.7 2001/11/06 23:04:43 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.6 1999/10/19 11:04:51 wiegand * make sure transfer time has reasonable value * * Revision 1.5 1999/09/24 06:38:52 wiegand * added regular expressions for all commands * removed character map and length of paths * added flag to reset PASV on every PORT * added "magic" user with built-in destination * added some argument pointer fortification * * Revision 1.4 1999/09/21 07:13:07 wiegand * syslog / abort cleanup and review * * Revision 1.3 1999/09/17 16:32:29 wiegand * changes from source code review * added POSIX regular expressions * * Revision 1.2 1999/09/16 16:29:57 wiegand * minor updates improving code quality * * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-client.h0000644000000000000000000001432110170463551020324 0ustar rootroot00000000000000/* * $Id: ftp-client.h,v 1.6.2.1 2003/05/07 11:12:03 mt Exp $ * * Header for the FTP Proxy client handling * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_FTP_CLIENT_H_) #define _FTP_CLIENT_H_ #include "com-socket.h" /* Make sure we know PEER_LEN */ /* ------------------------------------------------------------ */ /* ** Define the necessary Telnet support */ #if !defined(DM) # define DM 242 /* Data Mark */ #endif #if !defined(IP) # define IP 244 /* Interrupt Process */ #endif #if !defined(WILL) # define WILL 251 /* I will perform option */ #endif #if !defined(WONT) # define WONT 252 /* I won't perform option */ #endif #if !defined(DO) # define DO 253 /* Please do perform option */ #endif #if !defined(DONT) # define DONT 254 /* Please don't perform option */ #endif #if !defined(IAC) # define IAC 255 /* Interpret as Command */ #endif /* ------------------------------------------------------------ */ #if !defined(IPPORT_FTP) # define IPPORT_FTP 21 /* Usually "well known" */ #endif #define MOD_RESET 0 /* Reset mode to Active FTP */ #define MOD_ACT_FTP 1 /* Active FTP mode */ #define MOD_PAS_FTP 2 /* Passive FTP mode */ #define MOD_CLI_FTP 3 /* Same FTP mode as client */ #define EXP_IDLE 0 /* Idle: expect nothing */ #define EXP_CONN 1 /* Connect: expect 220 or 421 */ #define EXP_USER 2 /* USER: expect 230, 331 or 5xx */ #define EXP_ABOR 3 /* ABOR: expect 226 *and* 230 */ #define EXP_PASV 4 /* PASV: expect 227 */ #define EXP_PORT 5 /* PORT: expect 200 */ #define EXP_XFER 6 /* Transfer: expect 226 */ #define EXP_PTHR 7 /* Pass-Through: just relay */ #define UAUTH_NONE 0 /* No user auth used */ #define UAUTH_FTP 1 /* Auth with ftp user + pass */ #define UAUTH_MAU 2 /* Magic auth mode auth%user */ #define UAUTH_MUA 3 /* Magic auth mode user%auth */ typedef struct { HLS *cli_ctrl; /* Control path to the client */ HLS *cli_data; /* Data path to the client */ HLS *srv_ctrl; /* Control path to the server */ HLS *srv_data; /* Data path to the server */ char *username; /* Client's ftp-username */ char *userpass; /* Client's ftp-password */ char *userauth; /* Client's user auth name */ int auth_mode; /* Client auth mode flag */ char *magic_auth; /* Magic-Auth mode string */ u_int32_t magic_addr; /* The "real" destination ... */ u_int16_t magic_port; /* ... and corresponding port */ int cli_mode; /* Transfer mode to client */ u_int32_t cli_addr; /* Address from client PORT */ u_int16_t cli_port; /* TCP port from client PORT */ u_int16_t act_lrng; /* Lower port range (active) */ u_int16_t act_urng; /* Upper port range (active) */ u_int16_t pas_lrng; /* Lower port range (passive) */ u_int16_t pas_urng; /* Upper port range (passive) */ int same_adr; /* 1=PORT to same address only */ int srv_mode; /* Transfer mode to server */ u_int32_t srv_addr; /* Destination server IP addr */ u_int16_t srv_port; /* Destination server port */ u_int16_t srv_lrng; /* Lower port range to server */ u_int16_t srv_urng; /* Upper port range to server */ char *curr_cmd; /* Current outstanding command */ int expect; /* Expected answer from server */ int timeout; /* Inactivity timeout in secs */ time_t sess_beg; /* Start time of session */ char xfer_cmd[16]; /* Outstanding transfer cmd */ char xfer_arg[1024]; /* Argument for xfer_cmd */ char xfer_rep[1024]; /* Outstanding server reply */ time_t xfer_beg; /* Start time of data transfer */ size_t xfer_rcnt; /* bytes, read transfers */ size_t xfer_rsec; /* secs, read transfers */ size_t xfer_wcnt; /* bytes, write transfers */ size_t xfer_wsec; /* secs, write transfers */ } CONTEXT; /* ------------------------------------------------------------ */ void client_run (void); void client_reinit (void); void client_respond(int code, char *file, char *fmt, ...); void client_data_reset(int mode); int client_setup(char *pwd); void client_srv_open(void); /* ------------------------------------------------------------ */ #endif /* defined(_FTP_CLIENT_H_) */ /* ------------------------------------------------------------ * $Log: ftp-client.h,v $ * Revision 1.6.2.1 2003/05/07 11:12:03 mt * added ctx->auth_mode variale and UAUTH_ flags to remember auth mode * * Revision 1.6 2002/05/02 13:15:36 mt * implemented simple (ldap based) user auth * * Revision 1.5 2002/01/14 19:35:44 mt * implemented workarround for Netscape (4.x) directory symlink handling * implemented a MaxRecvBufSize option limiting max recv buffer size * extended log messages to provide basic transfer statistics data * added snprintf usage if supported, replaced strncpy with misc_strncpy * * Revision 1.4 1999/09/24 06:38:52 wiegand * added regular expressions for all commands * removed character map and length of paths * added flag to reset PASV on every PORT * added "magic" user with built-in destination * added some argument pointer fortification * * Revision 1.3 1999/09/17 16:32:29 wiegand * changes from source code review * added POSIX regular expressions * * Revision 1.2 1999/09/16 16:29:57 wiegand * minor updates improving code quality * * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-cmds.c0000644000000000000000000012115110170463551017767 0ustar rootroot00000000000000/* * $Id: ftp-cmds.c,v 1.10.2.2 2004/03/10 16:00:49 mt Exp $ * * FTP Proxy command handling * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: ftp-cmds.c,v 1.10.2.2 2004/03/10 16:00:49 mt Exp $"; #endif #include #if defined(STDC_HEADERS) # include # include # include # include # include # include #endif #if defined(HAVE_UNISTD_H) # include #endif #if defined(TIME_WITH_SYS_TIME) # include # include #else # if defined(HAVE_SYS_TIME_H) # include # else # include # endif #endif #include #include #include #include #if defined(HAVE_REGEX) # include # include #endif #include "com-config.h" #include "com-debug.h" #include "com-misc.h" #include "com-socket.h" #include "com-syslog.h" #include "ftp-client.h" #include "ftp-cmds.h" /* ------------------------------------------------------------ */ static void cmds_pthr(CONTEXT *ctx, char *arg); static void cmds_user(CONTEXT *ctx, char *arg); static void cmds_pass(CONTEXT *ctx, char *arg); static void cmds_quit(CONTEXT *ctx, char *arg); static void cmds_rein(CONTEXT *ctx, char *arg); static void cmds_port(CONTEXT *ctx, char *arg); static void cmds_pasv(CONTEXT *ctx, char *arg); static void cmds_xfer(CONTEXT *ctx, char *arg); static void cmds_abor(CONTEXT *ctx, char *arg); #if defined(ENABLE_SSL) /* */ static void cmds_auth(CONTEXT *ctx, char *arg); #endif /* */ #if defined(ENABLE_RFC1579) static void cmds_apsv(CONTEXT *ctx, char *arg); #endif #if defined(ENABLE_RFC2428) static void cmds_eprt(CONTEXT *ctx, char *arg); static void cmds_epsv(CONTEXT *ctx, char *arg); #endif /* ------------------------------------------------------------ */ static int parse_magic_dest(CONTEXT *ctx, char *dest); static int parse_magic_user(CONTEXT *ctx, char *uarg, char a_sep, int a_first, char u_sep, int u_force); /* ------------------------------------------------------------ */ #if defined(HAVE_REGEX) # define REST NULL, 0, 0 #else # define REST 0, 0 #endif static CMD cmdlist[] = { { "USER", cmds_user, REST }, /* Access control */ { "PASS", cmds_pass, REST }, { "ACCT", cmds_pthr, REST }, { "CWD", cmds_pthr, REST }, { "CDUP", cmds_pthr, REST }, { "SMNT", cmds_pthr, REST }, { "QUIT", cmds_quit, REST }, { "REIN", cmds_rein, REST }, { "PORT", cmds_port, REST }, /* Transfer parameter */ { "PASV", cmds_pasv, REST }, { "TYPE", cmds_pthr, REST }, { "STRU", cmds_pthr, REST }, { "MODE", cmds_pthr, REST }, { "RETR", cmds_xfer, REST }, /* FTP service */ { "STOR", cmds_xfer, REST }, { "STOU", cmds_xfer, REST }, { "APPE", cmds_xfer, REST }, { "ALLO", cmds_pthr, REST }, { "REST", cmds_pthr, REST }, { "RNFR", cmds_pthr, REST }, { "RNTO", cmds_pthr, REST }, { "ABOR", cmds_abor, REST }, { "DELE", cmds_pthr, REST }, { "RMD", cmds_pthr, REST }, { "MKD", cmds_pthr, REST }, { "PWD", cmds_pthr, REST }, { "LIST", cmds_xfer, REST }, { "NLST", cmds_xfer, REST }, { "SITE", cmds_pthr, REST }, { "SYST", cmds_pthr, REST }, { "STAT", cmds_pthr, REST }, { "HELP", cmds_pthr, REST }, { "NOOP", cmds_pthr, REST }, { "SIZE", cmds_pthr, REST }, /* Not found in RFC 959 */ { "MDTM", cmds_pthr, REST }, { "MLFL", cmds_pthr, REST }, { "MAIL", cmds_pthr, REST }, { "MSND", cmds_pthr, REST }, { "MSOM", cmds_pthr, REST }, { "MSAM", cmds_pthr, REST }, { "MRSQ", cmds_pthr, REST }, { "MRCP", cmds_pthr, REST }, { "XCWD", cmds_pthr, REST }, { "XMKD", cmds_pthr, REST }, { "XRMD", cmds_pthr, REST }, { "XPWD", cmds_pthr, REST }, { "XCUP", cmds_pthr, REST }, { "RCMD", cmds_pthr, REST }, #if defined(ENABLE_SSL) /* */ { "AUTH", cmds_auth, REST }, /* Only needed for SSL */ #endif /* */ #if defined(ENABLE_RFC1579) { "APSV", cmds_apsv, REST }, /* As per RFC 1579 */ #endif #if defined(ENABLE_RFC2428) { "EPRT", cmds_eprt, REST }, /* As per RFC 2428 */ { "EPSV", cmds_epsv, REST }, #endif { NULL, NULL, REST } }; /* ------------------------------------------------------------ ** ** ** Function......: cmds_get_list ** ** Parameters....: (none) ** ** Return........: Pointer to command list ** ** Purpose.......: Make command list known to others. ** ** ------------------------------------------------------------ */ CMD *cmds_get_list(void) { return cmdlist; } /* ------------------------------------------------------------ ** ** ** Function......: cmds_set_allow ** ** Parameters....: allow List of allowd commands ** (comma/space delimited) ** ** Return........: (none) ** ** Purpose.......: Setup allowed/forbidden command flags ** according to a "ValidCommands" config ** string (from file or LDAP Server). ** ** ------------------------------------------------------------ */ void cmds_set_allow(char *allow) { CMD *cmd; char *p, *q; int i; /* ** Base line: if no option is given, then anything ** is allowed. But if there is one, everything ** is forbidden except those items on the list. */ if (allow == NULL) { for (cmd = cmdlist; cmd->name != NULL; cmd++) { #if defined(HAVE_REGEX) if (cmd->regex != NULL) { regfree((regex_t *) cmd->regex); misc_free(FL, cmd->regex); cmd->regex = NULL; } #endif cmd->legal = 1; cmd->len = strlen(cmd->name); } #if defined(COMPILE_DEBUG) debug(2, "allowed: '(all)'"); #endif return; } /* ** Initially deny everything */ for (cmd = cmdlist; cmd->name != NULL; cmd++) { #if defined(HAVE_REGEX) if (cmd->regex != NULL) { regfree((regex_t *) cmd->regex); misc_free(FL, cmd->regex); cmd->regex = NULL; } #endif cmd->legal = 0; cmd->len = strlen(cmd->name); } /* ** Scan the allow list and enable accordingly */ for (p = allow; *p != '\0'; ) { while (*p != '\0' && isalpha((int)*p) == 0) p++; if (*p == '\0') break; for (q = p, i = 0; isalpha((int)*q); q++, i++) ; for (cmd = cmdlist; cmd->name; cmd++) { if (cmd->len != i) continue; if (strncasecmp(cmd->name, p, i) != 0) continue; cmd->legal = 1; #if defined(HAVE_REGEX) if (*q == '=') { /* RegEx to follow? */ char *r; r = cmds_reg_comp(&(cmd->regex), ++q); #if defined(COMPILE_DEBUG) debug(2, "allowed: '%s' -> '%s'", cmd->name, NIL(r)); #endif while (*q && *q != ' ' && *q != '\t') q++; break; } #endif #if defined(COMPILE_DEBUG) debug(2, "allowed: '%s'", cmd->name); #endif break; } p = q; } } /* ------------------------------------------------------------ ** ** ** Function......: cmds_pthr ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon pass-through FTP commands. ** ** ------------------------------------------------------------ */ static void cmds_pthr(CONTEXT *ctx, char *arg) { char *cmd; if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_pthr: ?ctx?"); if ((cmd = ctx->curr_cmd) == NULL) misc_die(FL, "cmds_pthr: ?curr_cmd?"); if (ctx->srv_ctrl == NULL) { client_respond(530, NULL, "Not logged in"); syslog_write(U_WRN, "'%s' without login from %s", cmd, ctx->cli_ctrl->peer); return; } if (arg == NULL || *arg == '\0') { socket_printf(ctx->srv_ctrl, "%s\r\n", cmd); syslog_write(U_INF, "'%s' from %s", cmd, ctx->cli_ctrl->peer); } else { socket_printf(ctx->srv_ctrl, "%s %.1024s\r\n", cmd, arg); syslog_write(U_INF, "'%s %.1024s' from %s", cmd, arg, ctx->cli_ctrl->peer); } ctx->expect = EXP_PTHR; /* Expect Response */ } /* ------------------------------------------------------------ ** ** ** Function......: cmds_user ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'USER' command. ** ** ------------------------------------------------------------ */ static void cmds_user(CONTEXT *ctx, char *arg) { CMD *cmd; if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_user: ?ctx?"); /* ** Check for the user name */ if (arg == NULL || *arg == '\0') { client_respond(501, NULL, "Missing user name"); syslog_write(U_WRN, "'USER' without name from %s", ctx->cli_ctrl->peer); return; } /* ** Abort any previous service */ client_reinit(); #if defined(HAVE_REGEX) /* ** Check for a RegEx constraint on the USER command */ cmds_set_allow(config_str(NULL, "ValidCommands", NULL)); for (cmd = cmdlist; cmd->name != NULL; cmd++) { char *p; if (strcasecmp("USER", cmd->name) != 0) continue; if (cmd->regex == NULL) break; if ((p = cmds_reg_exec(cmd->regex, arg)) != NULL) { client_respond(501, NULL, "'USER': syntax error in arguments"); syslog_write(U_WRN, "bad arg '%.128s'%s for " "'USER' from %s: %s", arg, (strlen(arg) > 128) ? "..." : "", ctx->cli_ctrl->peer, p); return; } break; } #endif /* ** Check for permission and existence of "transparent proxy" ** magic destination address and port from the client socket ** ** "fall through" on error and proceed to check magic user ** or use DestinationAddress from config... */ ctx->magic_addr = INADDR_ANY; ctx->magic_port = INPORT_ANY; if(config_bool(NULL, "AllowTransProxy", 0)) { u_int32_t addr = INADDR_ANY; u_int16_t port = INPORT_ANY; if(!socket_orgdst(ctx->cli_ctrl, &addr, &port) && INADDR_ANY != addr && INADDR_NONE != addr && INPORT_ANY != port) { /* ** check if destination is a local IP; ** ignore to loop-protection... */ int rc = socket_chkladdr(addr); switch( rc) { case -1: syslog_write(T_ERR, "check of transparent destination failed"); break; case 0: ctx->magic_addr = ntohl(addr); ctx->magic_port = ntohs(port); syslog_write(T_INF, "transparent proxy request to %s:%d from %s", socket_addr2str(ctx->magic_addr), ctx->magic_port, ctx->cli_ctrl->peer); break; default: syslog_write(T_DBG, "requested transparent destination %s is local", socket_addr2str(ntohl(addr))); break; } } else { syslog_write(T_DBG, "no transparent proxy destination found"); } } /* ** Check if we need auth and should use the auth-user mode */ if(NULL != config_str(NULL, "UserAuthType", NULL)) { ctx->auth_mode = UAUTH_FTP; ctx->magic_auth = config_str(NULL, "UserAuthMagic", NULL); if(NULL != ctx->magic_auth) { if( sizeof("auth") != strlen(ctx->magic_auth)) { syslog_write(T_ERR, "invalid UserAuthMagic"); client_respond(530, NULL, "Not logged in"); client_reinit(); return; } if(strncasecmp(ctx->magic_auth, "auth", sizeof("auth")-1)) ctx->auth_mode = UAUTH_MUA; /* user%auth */ else ctx->auth_mode = UAUTH_MAU; /* auth%user */ } } /* ** Check if we have to parse 'auth' user name... */ if(NULL != ctx->magic_auth) { int is_ok = 1; char a_sep = ctx->auth_mode == UAUTH_MAU ? ctx->magic_auth[sizeof("auth")-1] : ctx->magic_auth[0]; #if defined(COMPILE_DEBUG) debug(2, "parsing '%s' using auth-magic '%.512s'", arg, ctx->magic_auth); #endif if(config_bool(NULL, "ForceMagicUser", 0) != 0) { char *u_sep = config_str(NULL, "UserMagicChar", config_str(NULL, "UseMagicChar", "@")); is_ok = parse_magic_user(ctx, arg, a_sep, ctx->auth_mode == UAUTH_MAU, u_sep[0], 1); } else if(config_bool(NULL, "AllowMagicUser", 0) != 0) { char *u_sep = config_str(NULL, "UserMagicChar", config_str(NULL, "UseMagicChar", "@")); is_ok = parse_magic_user(ctx, arg, a_sep, ctx->auth_mode == UAUTH_MAU, u_sep[0], 0); } else { is_ok = parse_magic_user(ctx, arg, a_sep, ctx->auth_mode == UAUTH_MAU, 0, 0); } if(is_ok || NULL == ctx->userauth || NULL == ctx->username || '\0' == ctx->userauth || '\0' == ctx->username) { if(1 == is_ok) { syslog_write(U_ERR, "missed magic dest in 'USER' from %s", ctx->cli_ctrl->peer); } else { syslog_write(U_ERR, "invalid magic in 'USER' from %s", ctx->cli_ctrl->peer); } client_respond(530, NULL, "Not logged in"); client_reinit(); return; } } else { /* ** USER="user[host[:port]]" */ if(config_bool(NULL, "ForceMagicUser", 0) != 0) { char *p, *u_sep = config_str(NULL, "UserMagicChar", config_str(NULL, "UseMagicChar", "@")); if( (p = strrchr(arg, u_sep[0]))) { *p++ = '\0'; if(-1 == parse_magic_dest(ctx, p)) { syslog_write(U_ERR, "invalid magic in 'USER' from %s", ctx->cli_ctrl->peer); client_respond(530, NULL, "Not logged in"); client_reinit(); return; } } else { syslog_write(U_ERR, "magic dest missed in 'USER' from %s", ctx->cli_ctrl->peer); client_respond(530, NULL, "Not logged in"); client_reinit(); return; } } else if(config_bool(NULL, "AllowMagicUser", 0) != 0) { char *p, *u_sep = config_str(NULL, "UserMagicChar", config_str(NULL, "UseMagicChar", "@")); if( (p = strrchr(arg, u_sep[0]))) { *p++ = '\0'; if(-1 == parse_magic_dest(ctx, p)) { syslog_write(U_ERR, "invalid magic in 'USER' from %s", ctx->cli_ctrl->peer); client_respond(530, NULL, "Not logged in"); client_reinit(); return; } } } ctx->username = misc_strdup(FL, arg); if(NULL == ctx->username || '\0' == ctx->username) { client_respond(501, NULL, "Missing user name"); syslog_write(U_WRN, "'USER' without name from %s", ctx->cli_ctrl->peer); return; } } /* ** Retrieve the relevant user information */ if (ctx->magic_addr != INADDR_ANY && ctx->magic_addr != INADDR_NONE) { syslog_write(U_INF, "'USER %s' dest %s:%d from %s", arg, socket_addr2str(ctx->magic_addr), (int)ctx->magic_port, ctx->cli_ctrl->peer); } else if(config_str(NULL, "DestinationAddress", NULL) == NULL) { syslog_write(U_ERR, "unknown destination address"); client_respond(501, NULL,"Unknown destination address"); client_reinit(); return; } else { syslog_write(U_INF, "'USER %s' from %s", arg, ctx->cli_ctrl->peer); } if(UAUTH_NONE != ctx->auth_mode) { /* ** anable PASS command only... */ cmds_set_allow("PASS"); /* ** hmm... a USER name is there, but we need ** PASS+auth as well, because it may be needed ** for auth itself and for profile reading... */ client_respond(331, NULL, "User name okay, need password."); } else { /* ** read user's profile, connect the server */ if(0 == client_setup(NULL)) { client_srv_open(); } else { /* ** FIXME: client_respond required? checkit!! */ client_respond(530, NULL, "Not logged in"); client_reinit(); } } } /* ------------------------------------------------------------ ** ** ** Function......: cmds_pass ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'PASS' command. ** ** ------------------------------------------------------------ */ static void cmds_pass(CONTEXT *ctx, char *arg) { char *pass = NULL, *q = NULL; if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_pass: ?ctx?"); /* ** inform auditor... */ syslog_write(U_INF, "'PASS XXXX' from %s", ctx->cli_ctrl->peer); /* ** should never be NULL, but ... ** if no password supplied, send none either */ if(NULL == arg) pass = ""; else pass = arg; /* ** Check if we are in auth mode... */ if(UAUTH_NONE != ctx->auth_mode) { /* ** Check if we should do auth using ** the normal FTP PASS comand. */ if(UAUTH_FTP == ctx->auth_mode) { ctx->userpass = misc_strdup(FL, pass); } else /* ** Check if have to parse for magic ** auth pass in the FTP PASS command. */ if(NULL != ctx->magic_auth && pass[0] != '\0') { if(ctx->auth_mode == UAUTH_MAU) { q = strchr(pass, ctx->magic_auth[sizeof("auth")-1]); if(NULL != q) { *q++ = '\0'; ctx->userpass = misc_strdup(FL, q); } } else { q = strrchr(pass, ctx->magic_auth[0]); if(NULL != q) { *q++ = '\0'; ctx->userpass = misc_strdup(FL, pass); pass = q; } } if(NULL == q) { syslog_write(U_ERR, "invalid magic in 'PASS' from %s", ctx->cli_ctrl->peer); client_respond(530, NULL, "Not logged in"); client_reinit(); return; } } /* ** OK, we have all data to auth user, read his ** proxy-profile (if any) and connect to server */ if(0 == client_setup(pass)) { client_srv_open(); } else { client_respond(530, NULL, "Not logged in"); client_reinit(); } } else { /* ** paranoia check... */ if (ctx->srv_ctrl == NULL) { client_respond(530, NULL, "Not logged in"); syslog_write(U_WRN, "'PASS' without login from %s", ctx->cli_ctrl->peer); return; } /* ** Send to server, but do not display */ socket_printf(ctx->srv_ctrl, "PASS %.1024s\r\n", pass); syslog_write(U_INF, "'PASS XXXX' from %s", ctx->cli_ctrl->peer); /* Expect Response */ ctx->expect = EXP_PTHR; } } /* ------------------------------------------------------------ ** ** ** Function......: cmds_rein ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'REIN' command. ** ** ------------------------------------------------------------ */ static void cmds_rein(CONTEXT *ctx, char *arg) { if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_rein: ?ctx?"); arg = arg; /* Calm down picky compilers */ syslog_write(U_INF, "'REIN' from %s", ctx->cli_ctrl->peer); /* ** Abort any running service */ client_reinit(); } /* ------------------------------------------------------------ ** ** ** Function......: cmds_quit ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'QUIT' command. ** ** ------------------------------------------------------------ */ static void cmds_quit(CONTEXT *ctx, char *arg) { if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_quit: ?ctx?"); arg = arg; /* Calm down picky compilers */ /* ** Close all dependent connections */ if (ctx->srv_data != NULL) { socket_kill(ctx->srv_data); ctx->srv_data = NULL; } if (ctx->cli_data != NULL) { socket_kill(ctx->cli_data); ctx->cli_data = NULL; } if (ctx->srv_ctrl != NULL) { socket_printf(ctx->srv_ctrl, "QUIT\r\n"); ctx->srv_ctrl->kill = 1; } /* ** Say good-bye */ client_respond(221, NULL, "Goodbye"); syslog_write(U_INF, "'QUIT' from %s", ctx->cli_ctrl->peer); ctx->expect = EXP_IDLE; ctx->cli_ctrl->kill = 1; } /* ------------------------------------------------------------ ** ** ** Function......: cmds_port ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'PORT' command. ** ** ------------------------------------------------------------ */ static void cmds_port(CONTEXT *ctx, char *arg) { int h1, h2, h3, h4, p1, p2; u_int32_t addr; u_int16_t port; char *peer; if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_port: ?ctx?"); /* ** Evaluate the arguments */ if (arg == NULL || sscanf(arg, "%d,%d,%d,%d,%d,%d", &h1, &h2, &h3, &h4, &p1, &p2) != 6 || h1 < 0 || h1 > 255 || h2 < 0 || h2 > 255 || h3 < 0 || h3 > 255 || h4 < 0 || h4 > 255 || p1 < 0 || p1 > 255 || p2 < 0 || p2 > 255) { client_respond(501, NULL, "Syntax error in arguments"); syslog_write(U_WRN, "syntax error in 'PORT' from %s", ctx->cli_ctrl->peer); client_data_reset(MOD_RESET); return; } addr = (h1 << 24) + (h2 << 16) + (h3 << 8) + h4; port = (p1 << 8) + p2; peer = socket_addr2str(addr); /* ** If requested, validate the IP address */ if (ctx->same_adr != 0 && addr != ctx->cli_ctrl->addr) { client_respond(501, NULL, "PORT address does not match originator"); syslog_write(U_WRN, "different address in 'PORT' from %s", ctx->cli_ctrl->peer); client_data_reset(MOD_RESET); return; } /* ** The common behaviour seems to be that PORT cancels ** a previous PASV. Hmmm, we do it only on "request". */ if (config_bool(NULL, "PortResetsPasv", 1)) { if (ctx->cli_data != NULL) { syslog_write(U_WRN, "killing old PASV socket for %s", ctx->cli_ctrl->peer); socket_kill(ctx->cli_data); ctx->cli_data = NULL; } ctx->cli_mode = MOD_ACT_FTP; } /* ** All is well, memorize and respond. */ ctx->cli_addr = addr; ctx->cli_port = port; client_respond(200, NULL, "PORT command successful"); syslog_write(U_INF, "'PORT %s:%d' from %s", peer, (int) port, ctx->cli_ctrl->peer); } /* ------------------------------------------------------------ ** ** ** Function......: cmds_pasv ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'PASV' command. The BSD ** ftpd.c source says that the 425 code ** has been "blessed by Jon Postel". ** ** ------------------------------------------------------------ */ static void cmds_pasv(CONTEXT *ctx, char *arg) { u_int32_t addr; u_int16_t port; char str[1024], *p, *q; FILE *fp; int incr; if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_pasv: ?ctx?"); arg = arg; /* Calm down picky compilers */ /* ** If we already have a listening socket, kill it */ if (ctx->cli_data != NULL) { syslog_write(U_WRN, "killing old PASV socket for %s", ctx->cli_ctrl->peer); socket_kill(ctx->cli_data); ctx->cli_data = NULL; } /* ** should we bind a rand(port-range) or increment? */ incr = !config_bool(NULL,"SockBindRand", 0); /* ** Open a socket that is good for listening ** ** TransProxy mode: check if we can use our real ** ip instead of the server's one as our local ip, ** we bind the socket/ports to. */ addr = INADDR_ANY; if(config_bool(NULL, "AllowTransProxy", 0)) { addr = config_addr(NULL, "Listen", (u_int32_t)INADDR_ANY); } if(INADDR_ANY == addr) { addr = socket_sck2addr(ctx->cli_ctrl->sock, LOC_END, NULL); } if ((port = socket_d_listen(addr, ctx->pas_lrng, ctx->pas_urng, &(ctx->cli_data), "Cli-Data", incr)) == 0) { syslog_error("Cli-Data: can't bind to %s:%d-%d for %s", socket_addr2str(addr), (int) ctx->pas_lrng, (int) ctx->pas_urng, ctx->cli_ctrl->peer); client_respond(425, NULL, "Can't open data connection"); return; } /* ** Consider address "masquerading" (e.g. within a ** Cisco LocalDirector environment). In this case ** we have to present a different logical address ** to the client. The router will re-translate. */ p = config_str(NULL, "TranslatedAddress", NULL); if (p != NULL) { if (*p == '/') { if ((fp = fopen(p, "r")) != NULL) { while (fgets(str, sizeof(str), fp) != NULL) { q = misc_strtrim(str); if (q == NULL || *q == '#' || *q == '\0') continue; addr = socket_str2addr(q, addr); break; } fclose(fp); } else { syslog_write(U_WRN, "can't open NAT file '%*s'", MAX_PATH_SIZE, p); } } else addr = socket_str2addr(p, addr); } /* ** Tell the user where we are listening */ client_respond(227, NULL, "Entering Passive Mode (%d,%d,%d,%d,%d,%d)", (int) ((addr >> 24) & 0xff), (int) ((addr >> 16) & 0xff), (int) ((addr >> 8) & 0xff), (int) ( addr & 0xff), (int) ((port >> 8) & 0xff), (int) ( port & 0xff)); syslog_write(U_INF, "PASV set to %s:%d for %s", socket_addr2str(addr), (int) port, ctx->cli_ctrl->peer); ctx->cli_mode = MOD_PAS_FTP; } /* ------------------------------------------------------------ ** ** ** Function......: cmds_xfer ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the data transfer commands. ** ** ------------------------------------------------------------ */ static void cmds_xfer(CONTEXT *ctx, char *arg) { int mode = MOD_ACT_FTP; char *cmd; u_int32_t addr; u_int16_t port; if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_xfer: ?ctx?"); if ((cmd = ctx->curr_cmd) == NULL) misc_die(FL, "cmds_xfer: ?curr_cmd?"); if (arg == NULL) /* Protect the strncpy */ arg = ""; /* ** Remember command and arguments for the time when ** we have established the data connection with the ** server. */ if (*arg == '\0') { syslog_write(U_INF, "'%s' from %s", cmd, ctx->cli_ctrl->peer); } else { syslog_write(U_INF, "'%s %.*s' from %s", cmd, MAX_PATH_SIZE, arg, ctx->cli_ctrl->peer); } misc_strncpy(ctx->xfer_cmd, cmd, sizeof(ctx->xfer_cmd)); misc_strncpy(ctx->xfer_arg, arg, sizeof(ctx->xfer_arg)); /* ** Check if we want to follow the client mode */ if ((mode = ctx->srv_mode) == MOD_CLI_FTP) mode = ctx->cli_mode; /* ** In passive mode we wait for the server to listen */ if (mode == MOD_PAS_FTP) { socket_printf(ctx->srv_ctrl, "PASV\r\n"); ctx->expect = EXP_PASV; /* Expect 227 */ return; } /* ** In active mode we listen and the server connects */ if (mode == MOD_ACT_FTP) { /* ** should we bind a rand(port-range) or increment? */ int incr = !config_bool(NULL,"SockBindRand", 0); addr = socket_sck2addr(ctx->srv_ctrl->sock, LOC_END, NULL); if ((port = socket_d_listen(addr, ctx->srv_lrng, ctx->srv_urng, &(ctx->srv_data), "Srv-Data", incr)) == 0) { syslog_error("Srv-Data: can't bind to " "%s:%d-%d for %s", socket_addr2str(addr), (int) ctx->srv_lrng, (int) ctx->srv_urng, ctx->cli_ctrl->peer); client_respond(425, NULL, "Can't open data connection"); client_data_reset(MOD_RESET); return; } /* ** Tell the server where we are listening */ socket_printf(ctx->srv_ctrl, "PORT %d,%d,%d,%d,%d,%d\r\n", (int) ((addr >> 24) & 0xff), (int) ((addr >> 16) & 0xff), (int) ((addr >> 8) & 0xff), (int) ( addr & 0xff), (int) ((port >> 8) & 0xff), (int) ( port & 0xff)); syslog_write(T_INF, "'PORT %s:%d' for %s", socket_addr2str(addr), (int) port, ctx->cli_ctrl->peer); ctx->expect = EXP_PORT; /* Expect 200 */ return; } /* ** Oops, this should not happen ... */ misc_die(FL, "cmds_xfer: ?mode %d?", mode); } /* ------------------------------------------------------------ ** ** ** Function......: cmds_abor ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'ABOR' command. ** ** ------------------------------------------------------------ */ static void cmds_abor(CONTEXT *ctx, char *arg) { if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_abor: ?ctx?"); arg = arg; /* Calm down picky compilers */ /* ** Tell the auditor (with slightly more attention) */ syslog_write(U_WRN, "'ABOR' from %s", ctx->cli_ctrl->peer); /* ** Reset data connection variables (esp. PASV) */ client_data_reset(MOD_RESET); /* ** If no transfer is in progress, don't worry */ if (ctx->cli_data == NULL && ctx->srv_data == NULL) { client_respond(225, NULL, "ABOR command successful"); return; } /* ** If we have a data connection to the client, kill it */ if (ctx->cli_data != NULL) { socket_kill(ctx->cli_data); ctx->cli_data = NULL; client_respond(426, NULL, "Connection closed; transfer aborted"); client_respond(226, NULL, "ABOR command successful"); } /* ** Finally propagate the ABOR to the server ** (We follow the crowd and send only IAC-IP-IAC as OOB) */ if (ctx->srv_ctrl != NULL) { #if defined(MSG_OOB) char str[4]; socket_flag(ctx->srv_ctrl, MSG_OOB); str[0] = IAC; str[1] = IP; str[2] = IAC; socket_write(ctx->srv_ctrl, str, 3); socket_flag(ctx->srv_ctrl, 0); str[0] = DM; socket_write(ctx->srv_ctrl, str, 1); #endif socket_printf(ctx->srv_ctrl, "ABOR\r\n"); ctx->expect = EXP_ABOR; } } #if defined(ENABLE_RFC1579) /* ------------------------------------------------------------ ** ** ** Function......: cmds_apsv ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'APSV' command. ** ** ------------------------------------------------------------ */ static void cmds_apsv(CONTEXT *ctx, char *arg) { if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_apsv: ?ctx?"); arg = arg; /* Calm down picky compilers */ /* TODO */ } #endif #if defined(ENABLE_RFC2428) /* ------------------------------------------------------------ ** ** ** Function......: cmds_eprt ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'EPRT' command. ** ** ------------------------------------------------------------ */ static void cmds_eprt(CONTEXT *ctx, char *arg) { if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_eprt: ?ctx?"); arg = arg; /* Calm down picky compilers */ /* TODO */ } /* ------------------------------------------------------------ ** ** ** Function......: cmds_epsv ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'EPSV' command. ** ** ------------------------------------------------------------ */ static void cmds_epsv(CONTEXT *ctx, char *arg) { if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_epsv: ?ctx?"); arg = arg; /* Calm down picky compilers */ /* TODO */ } #endif #if defined(ENABLE_SSL) /* */ /* ------------------------------------------------------------ ** ** ** Function......: cmds_auth ** ** Parameters....: ctx Pointer to user context ** arg Command argument(s) ** ** Return........: (none) ** ** Purpose.......: Act upon the 'AUTH' command. ** This is for SSL authentication. ** ** ------------------------------------------------------------ */ static void cmds_auth(CONTEXT *ctx, char *arg) { if (ctx == NULL) /* Basic sanity check */ misc_die(FL, "cmds_auth: ?ctx?"); if (arg == NULL || strcasecmp(arg, "SSL") != 0) { client_respond(501, NULL, "Missing or bad auth method"); return; } /* TODO */ } #endif /* */ #if defined(HAVE_REGEX) /* ------------------------------------------------------------ ** ** ** Function......: cmds_reg_comp ** ** Parameters....: ppre Pointer to pattern pointer ** ptr String to be compiled ** ** Return........: Pointer to De-HTML-ized string ** ** Purpose.......: Compiles string as regular expression. ** ** ------------------------------------------------------------ */ char *cmds_reg_comp(void **ppre, char *ptr) { static char str[1024]; char tmp[1024]; int c; size_t i; regex_t *re; if (ppre == NULL) /* Basic sanity check */ misc_die(FL, "cmds_reg_comp: ?ppre?"); /* ** Remove any previous pattern buffer */ if (*ppre != NULL) { regfree((regex_t *) *ppre); misc_free(FL, *ppre); *ppre = NULL; } /* ** If no pattern is given, disable the feature */ if (ptr == NULL) return NULL; /* ** Preprocess the pattern, i.e. "De-HTML-ize" it */ memset(str, 0, sizeof(str)); for (i = 0; *ptr != '\0' && i < (sizeof(str) - 64); ptr++) { if (*ptr == ' ' || *ptr == '\t') break; if (*ptr != '%') { str[i++] = *ptr; continue; } if (isxdigit((int)ptr[1]) && isxdigit((int)ptr[2])) { #if defined(HAVE_SNPRINTF) snprintf(tmp, sizeof(tmp), "%.2s", ptr + 1); #else sprintf(tmp, "%.2s", ptr + 1); #endif sscanf(tmp, "%x", &c); str[i++] = (char) c; ptr += 2; continue; } str[i++] = '%'; /* no special meaning */ } /* ** Time to do the actual compilation */ re = (regex_t *) misc_alloc(FL, sizeof(regex_t)); if ((i = regcomp(re, str, REG_EXTENDED | REG_NEWLINE | REG_NOSUB)) != 0) { regerror(i, re, tmp, sizeof(tmp)); syslog_error("can't eval RegEx '%s': %s", str, tmp); regfree(re); misc_free(FL, (void *) re); return NULL; } /* ** all is well */ *ppre = (void *) re; return str; } /* ------------------------------------------------------------ ** ** ** Function......: cmds_reg_exec ** ** Parameters....: regex Pointer to RegEx pattern ** str String to check ** ** Return........: NULL=success, else pointer to error msg ** ** Purpose.......: Check if a given string (argument) is legal. ** ** ------------------------------------------------------------ */ char *cmds_reg_exec(void *regex, char *str) { static char err[1024]; int i; if (regex == NULL || str == NULL) /* Sanity check */ misc_die(FL, "cmds_reg_exec: ?regex? ?str?"); #if defined(COMPILE_DEBUG) debug(2, "trying RegEx for '%.*s'", MAX_PATH_SIZE, str); #endif if ((i = regexec((regex_t *) regex, str, 0, NULL, 0)) != 0) { regerror(i, (regex_t *) regex, err, sizeof(err)); return err; } /* ** All is well */ return NULL; } #endif /* !HAVE_REGEX */ static int parse_magic_user(CONTEXT *ctx, char *uarg, char a_sep, int a_first, char u_sep, int u_force) { char *p, *q; if(NULL == uarg || '\0' == uarg || '\0' == a_sep) { misc_die(FL, "parse_magic_user: ?uarg? ?a_sep?"); } #if defined(COMPILE_DEBUG) debug(2, "parse_magic_user: uarg='%.512s' as=%c af=%d us=%c uf=%d", uarg, a_sep, a_first, 0 == u_sep? '0' : u_sep, u_force); #endif if('\0' == u_sep) { if(a_first) { /* ** USER="authuser" */ p = strchr(uarg, a_sep); if(NULL == p) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: a_sep => NULL"); #endif return -1; } *p++ = '\0'; if('\0' == p[0] || '\0' == uarg) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: a_sep => ''"); #endif return -1; } ctx->userauth = misc_strdup(FL, uarg); ctx->username = misc_strdup(FL, p); } else { /* ** USER="userauth" */ p = strrchr(uarg, a_sep); if(NULL == p) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: a_sep => NULL"); #endif return -1; } *p++ = '\0'; if('\0' == p[0] || '\0' == uarg) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: a_sep => ''"); #endif return -1; } ctx->username = misc_strdup(FL, uarg); ctx->userauth = misc_strdup(FL, p); } #if defined(COMPILE_DEBUG) debug(2, "magic user='%.256s' auth='%.256s'", NIL(ctx->username), NIL(ctx->userauth)); #endif return 0; } if(a_first) { /* ** USER="authuser[host[:port]]" */ p = strchr(uarg, a_sep); if(NULL == p) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: a_sep => NULL"); #endif return -1; } *p++ = '\0'; if('\0' == p[0] || '\0' == uarg) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: a_sep => ''"); #endif return -1; } q = strrchr(p, u_sep); if(NULL == q) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: u_sep => NULL, user => '%.512s'", p); #endif if(u_force) return 1; } else { *q++ = '\0'; if('\0' == p[0] || '\0' == q[0]) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: u_sep => '', user => '%.512s'", p); #endif return -1; } if(-1 == parse_magic_dest(ctx, q)) return -1; } ctx->userauth = misc_strdup(FL, uarg); ctx->username = misc_strdup(FL, p); #if defined(COMPILE_DEBUG) debug(2, "magic user='%.256s' auth='%.256s'", NIL(ctx->username), NIL(ctx->userauth)); #endif return 0; } /* ** USER="userauth[host[:port]]" */ p = strrchr(uarg, a_sep); if(NULL == p) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: a_sep => NULL"); #endif return -1; } *p++ = '\0'; if('\0' == p[0] || '\0' == uarg) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: a_sep => ''"); #endif return -1; } if(a_sep == u_sep) { q = strrchr(uarg, u_sep); if(NULL == q) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: u_sep => NULL, user => '%.512s', dest => '%.512s'", uarg, p); #endif if(u_force) return 1; ctx->username = misc_strdup(FL, uarg); ctx->userauth = misc_strdup(FL, p); } else { *q++ = '\0'; if('\0' == uarg[0] || '\0' == q[0]) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: u_sep => '', user => '%.512s', auth => '%.512s', dest => '%.512s'", uarg, q, p); #endif return -1; } if(-1 == parse_magic_dest(ctx, p)) return -1; ctx->username = misc_strdup(FL, uarg); ctx->userauth = misc_strdup(FL, q); } } else { q = strchr(p, u_sep); if(NULL == q) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: u_sep => NULL, user => '%.512s', auth => '%.512s'", uarg, p); #endif if(u_force) return 1; } else { *q++ = '\0'; if('\0' == p[0] || '\0' == q[0]) { #if defined(COMPILE_DEBUG) debug(3, "parse_magic_user: u_sep => '', user => '%.512s', auth => '%.512s', dest => '%.512s'", uarg, p, q); #endif return -1; } if(-1 == parse_magic_dest(ctx, q)) return -1; } ctx->username = misc_strdup(FL, uarg); ctx->userauth = misc_strdup(FL, p); } #if defined(COMPILE_DEBUG) debug(2, "magic user='%.256s' auth='%.256s'", NIL(ctx->username), NIL(ctx->userauth)); #endif return 0; } static int parse_magic_dest(CONTEXT *ctx, char *dest) { char *ptr; if(dest && dest[0]) { if( (ptr = strrchr(dest, ':'))) { *ptr++ = '\0'; ctx->magic_port = socket_str2port(ptr, IPPORT_FTP); } else { ctx->magic_port = IPPORT_FTP; } ctx->magic_addr = socket_str2addr(dest, INADDR_ANY); #if defined(COMPILE_DEBUG) debug(2, "parse magic host='%.256s' port='%d'", socket_addr2str(ctx->magic_addr), ctx->magic_port); #endif if(ctx->magic_addr != INADDR_ANY && ctx->magic_addr != INADDR_NONE) { return 0; } #if defined(COMPILE_DEBUG) } else { debug(2, "parse magic dest => NONE"); #endif } return -1; } /* ------------------------------------------------------------ * $Log: ftp-cmds.c,v $ * Revision 1.10.2.2 2004/03/10 16:00:49 mt * added support for RCMD command (pass-through) * * Revision 1.10.2.1 2003/05/07 11:10:45 mt * - fixed user magic parsing to allow emal-address in * username while @ is used as user magic separator * - added ForceUserMagic config variable to enforce * host[:port] presence in FTP USER command * * Revision 1.10 2002/05/02 13:16:35 mt * implemented simple (ldap based) user auth * * Revision 1.9.2.1 2002/04/04 14:23:32 mt * improved transparent proxy log messages * * Revision 1.9 2002/01/14 19:39:30 mt * implemented workarround for Netscape (4.x) directory symlink handling * changed to socket_orgdst usage to get ransparent proxy destination * * Revision 1.8 2001/11/06 23:04:44 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.7 1999/10/19 10:19:15 wiegand * use port range also for control connection to server * * Revision 1.6 1999/09/30 09:48:36 wiegand * added global RegEx check for USER command * added dynamic TranslatedAddress via file * * Revision 1.5 1999/09/24 06:38:52 wiegand * added regular expressions for all commands * removed character map and length of paths * added flag to reset PASV on every PORT * added "magic" user with built-in destination * added some argument pointer fortification * * Revision 1.4 1999/09/21 07:13:34 wiegand * syslog / abort cleanup and review * remove previous PASV socket * * Revision 1.3 1999/09/17 16:32:29 wiegand * changes from source code review * added POSIX regular expressions * * Revision 1.2 1999/09/16 16:29:57 wiegand * minor updates improving code quality * * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-cmds.h0000644000000000000000000000467606772616174020026 0ustar rootroot00000000000000/* * $Id: ftp-cmds.h,v 1.2 1999/09/24 06:38:52 wiegand Exp $ * * Header for FTP Proxy command handling * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_FTP_CMDS_H_) #define _FTP_CMDS_H_ /* ------------------------------------------------------------ */ typedef struct { char *name; /* Name of the FTP command... */ void (*func)(CONTEXT *, char *); /* ..and corresponding function */ #if defined(HAVE_REGEX) void *regex; /* Regular expr. for argument */ #endif int legal; /* 1=command allowed, 0=nope */ int len; /* Length of name (for speed) */ } CMD; /* ------------------------------------------------------------ */ CMD *cmds_get_list(void); void cmds_set_allow(char *allow); #if defined(HAVE_REGEX) char *cmds_reg_comp(void **ppre, char *ptr); char *cmds_reg_exec(void *regex, char *str); #endif /* ------------------------------------------------------------ */ #endif /* defined(_FTP_CMDS_H_) */ /* ------------------------------------------------------------ * $Log: ftp-cmds.h,v $ * Revision 1.2 1999/09/24 06:38:52 wiegand * added regular expressions for all commands * removed character map and length of paths * added flag to reset PASV on every PORT * added "magic" user with built-in destination * added some argument pointer fortification * * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-daemon.c0000644000000000000000000003266407420631002020306 0ustar rootroot00000000000000/* * $Id: ftp-daemon.c,v 1.4 2002/01/14 19:31:14 mt Exp $ * * Functions for the FTP Proxy daemon mode * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: ftp-daemon.c,v 1.4 2002/01/14 19:31:14 mt Exp $"; #endif #include #if defined(STDC_HEADERS) # include # include # include # include # include #endif #if defined(HAVE_UNISTD_H) # include #endif #if defined(TIME_WITH_SYS_TIME) # include # include #else # if defined(HAVE_SYS_TIME_H) # include # else # include # endif #endif #include #include #if defined(HAVE_FCNTL_H) # include #elif defined(HAVE_SYS_FCNTL_H) # include #endif #include #if defined(HAVE_SYS_WAIT_H) # include #endif #if !defined(WEXITSTATUS) # define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8) #endif #if !defined(WIFEXITED) # define WIFEXITED(stat_val) (((stat_val) & 255) == 0) #endif #if defined(HAVE_PATHS_H) # include #endif #if !defined(_PATH_DEVNULL) # define _PATH_DEVNULL "/dev/null" #endif #include #include #include #include #include "com-config.h" #include "com-debug.h" #include "com-misc.h" #include "com-socket.h" #include "com-syslog.h" #include "ftp-client.h" #include "ftp-daemon.h" #include "ftp-main.h" /* ------------------------------------------------------------ */ #define MAX_CLIENTS 512 /* Max. concurrent user limit */ #define LISTEN_WAIT 30 /* Wait up to 30sec for listen */ #define FORK_INTERVAL 60 /* Interval for ForkLimit */ #define MAX_FORKS 40 /* Default fork-resource-limit */ typedef struct { pid_t pid; /* Proc-id of child (0=empty) */ char peer[PEER_LEN]; /* Dotted decimal IP address */ } CLIENT; /* ------------------------------------------------------------ */ static RETSIGTYPE daemon_signal(int signo); static void daemon_cleanup(void); /* ------------------------------------------------------------ */ static int initflag = 0; /* Have we been initialized? */ static pid_t daemon_pid = 0; /* Daemon PID for cleanups, ... */ static time_t last_slice = 0; /* Last time slice with clients */ static int last_count = 0; /* Clients in last_slice */ static CLIENT clients[MAX_CLIENTS]; /* ------------------------------------------------------------ ** ** ** Function......: daemon_signal ** ** Parameters....: signo Signal to be handled ** ** Return........: (none) ** ** Purpose.......: Handler for signals, mainly waiting. ** ** ------------------------------------------------------------ */ static RETSIGTYPE daemon_signal(int signo) { int tmperr = errno; /* Save errno for later */ pid_t pid; int i, status; CLIENT *clp; #if defined(HAVE_WAITPID) while ((pid = waitpid(-1, &status, WNOHANG)) > 0) #elif defined(HAVE_WAIT3) while ((pid = wait3(&status, WNOHANG, NULL)) > 0) #else if ((pid = wait(&status)) > 0) #endif { for (i = 0, clp = clients; i < MAX_CLIENTS; i++, clp++) { if (clp->pid == pid) { clp->pid = (pid_t) 0; #if defined(COMPILE_DEBUG) debug(1, "client pid=%d (%s) gone", (int) pid, clp->peer); #endif memset(clp->peer, 0, PEER_LEN); break; } } } signal(signo, daemon_signal); errno = tmperr; /* Restore errno */ #if RETSIGTYPE != void return 0; #endif } /* ------------------------------------------------------------ ** ** ** Function......: detach_signal ** ** Parameters....: signo Signal to be handled ** ** Return........: (none) ** ** Purpose.......: private signal handler to return proper ** exit status back to the shell about the ** initialization of the detached child in ** daemon_init function. ** ** ------------------------------------------------------------ */ static RETSIGTYPE detach_signal(int signo) { switch(signo) { case SIGHUP: /* ** initialization succeed */ exit(EXIT_SUCCESS); break; case SIGCHLD: /* ** initialization failure */ exit(EXIT_FAILURE); break; } #if RETSIGTYPE != void return 0; #endif } /* ------------------------------------------------------------ ** ** ** Function......: daemon_init ** ** Parameters....: detach Detach from controlling ** terminal if set ** ** Return........: (none) ** ** Purpose.......: Initialize the FTP daemon functions. ** ** ------------------------------------------------------------ */ void daemon_init(int detach) { u_int32_t laddr; u_int16_t lport; pid_t oldpid; char *p; int i; /* ** Cleanup the client array */ for (i = 0; i < MAX_CLIENTS; i++) { clients[i].pid = (pid_t) 0; memset(clients[i].peer, 0, PEER_LEN); } /* ** 1. STEP: Fork, if requested */ oldpid = getpid(); if (detach) { pid_t pid; /* ** set detach init status signals */ signal(SIGHUP, detach_signal); signal(SIGCHLD, detach_signal); pid = fork(); switch (pid) { case -1: syslog_error("can't fork daemon"); exit(EXIT_FAILURE); break; case 0: /******** child ********/ /* ** forget this status signal */ signal(SIGHUP, SIG_DFL); break; default: /******** parent ********/ #if defined(COMPILE_DEBUG) debug_forget(); #endif /* ** wait for client init completed; ** see 2. STEP of detach bellow... */ sleep(10); /* huh?! kill the naughty child! */ kill(pid, SIGTERM); syslog_error("can't detach daemon"); exit(EXIT_FAILURE); break; } #if defined(COMPILE_DEBUG) debug(2, "fork: PID %d --> %d", (int) oldpid, (int) getpid()); #endif } /* ** The initial fork (if any) is done, prepare for exit */ daemon_pid = getpid(); if (initflag == 0) { atexit(daemon_cleanup); initflag = 1; } /* ** Open a listening socket */ laddr = config_addr(NULL, "Listen", (u_int32_t) INADDR_ANY); lport = config_port(NULL, "Port", (u_int16_t) IPPORT_FTP); for (i = 0; i < MAX_RETRIES; i++) { if (socket_listen(laddr, lport, daemon_accept) == 0) break; sleep(LISTEN_WAIT); } if (i >= MAX_RETRIES) { syslog_error("can't bind daemon to %d", (int) lport); exit(EXIT_FAILURE); } /* ** Install the signal handler */ signal(SIGCHLD, daemon_signal); /* ** Create a PID-File if requested */ misc_pidfile(config_str(NULL, "PidFile", NULL)); /* ** Change root directory */ if(0 == misc_chroot(config_str(NULL, "ServerRoot", NULL))) { struct stat st; /* ** dump config file into the chroot ** only if it does not exists there */ if(stat(config_filename(), &st)) { FILE *out; int fd; fd = open(config_filename(), O_WRONLY|O_CREAT, 0644); if(-1 != fd && (out = fdopen(fd, "w"))) { config_dump(out); fflush(out); fclose(out); } else { syslog_error( "can't write config file into chroot"); if(-1 != fd) close(fd); exit(EXIT_FAILURE); } } } /* ** singal parent about successfull init; ** we can still report errors to stderr, ** but are unable to send a signal to ** parent after we've dropped the UID... */ if(detach) { kill(oldpid, SIGHUP); } /* ** Change (drop) user- and group-id if requested */ misc_uidgid(CONFIG_UID, CONFIG_GID); /* ** Open the log if requested */ if ((p = config_str(NULL, "LogDestination", NULL)) != NULL) syslog_open(p, config_str(NULL, "LogLevel", NULL)); else syslog_close(); /* ** 2. STEP: Detach from controlling terminal, if requested */ if(detach) { freopen(_PATH_DEVNULL, "r", stdin); freopen(_PATH_DEVNULL, "w", stdout); freopen(_PATH_DEVNULL, "w", stderr); chdir("/"); #if defined(HAVE_SETSID) setsid(); #endif } syslog_write(T_DBG, "daemon runs in '%.1024s' with uid=%d gid=%d", config_str(NULL, "ServerRoot", "/"), (int) getuid(), (int) getgid()); } /* ------------------------------------------------------------ ** ** ** Function......: daemon_accept ** ** Parameters....: sock Accepted socket descriptor ** ** Return........: (none) ** ** Purpose.......: Callback to accept a client connection. ** ** ------------------------------------------------------------ */ void daemon_accept(int sock) { time_t slice; int cnt, i; CLIENT *clp; char str[1024], *p, *q, *peer; FILE *fp; /* ** Get the peer address for diagnostic output */ peer = socket_addr2str(socket_sck2addr(sock, REM_END, NULL)); /* ** Check whether to limit the number of incoming ** client connections per minute. Use half values ** each to avoid "neighborhood effects". This is ** effectively a Denial of Service prevention. */ if ((cnt = config_int(NULL, "ForkLimit", MAX_FORKS)) > 0) { slice = time(NULL) / (FORK_INTERVAL / 2); if (slice != last_slice) { last_slice = slice; last_count = 0; } if (++last_count >= (cnt / 2)) { close(sock); syslog_write(U_ERR, "reject: '%s' (ForkLimit %d)", peer, cnt); return; } } /* ** Check if we are fully loaded already */ if ((cnt = config_int(NULL, "MaxClients", MAX_CLIENTS)) < 1) cnt = 1; else if (cnt > MAX_CLIENTS) cnt = MAX_CLIENTS; for (i = 0, clp = clients; i < cnt; i++, clp++) { /* ** santoniu@libertysurf.fr: ** Verifying if the child is alive or not. */ if ((clp->pid != (pid_t) 0) && (kill(clp->pid, 0)!=0) ) { syslog_write(T_WRN, "child with PID %d went away (removing it)", (pid_t)clp->pid); clp->pid = 0; break; } if (clp->pid == (pid_t) 0) break; } if (i >= cnt) { p = config_str(NULL, "MaxClientsMessage", NULL); if (p != NULL && (fp = fopen(p, "r")) != NULL) { while (fgets(str, sizeof(str) - 4, fp) != NULL) { p = socket_msgline(str); if ((q = strchr(p, '\n')) != NULL) strcpy(q, "\r\n"); else strcat(p, "\r\n"); send(sock, "421-", 4, 0); send(sock, p, strlen(p), 0); } fclose(fp); } if ((p = config_str(NULL, "MaxClientsString", NULL)) != NULL) p = socket_msgline(p); else p = "Service not available"; send(sock, "421 ", 4, 0); send(sock, p, strlen(p), 0); send(sock, ".\r\n", 3, 0); close(sock); syslog_write(U_ERR, "reject: '%s' (MaxClients %d)", peer, cnt); return; } /* ** Fork a new client process (clp is still valid) */ switch (clp->pid = fork()) { case -1: clp->pid = (pid_t) 0; if (errno != EAGAIN) { syslog_error("can't fork client"); } close(sock); syslog_write(T_WRN, "can't fork client now"); return; case 0: /******** child ********/ break; default: /******** parent ********/ close(sock); strcpy(clp->peer, peer); #if defined(COMPILE_DEBUG) debug(1, "client pid=%d (%s) added", (int) clp->pid, clp->peer); #endif return; } /* ** Maintain the init/exit message balance */ misc_setprog("ftp-child", NULL); #if defined(COMPILE_DEBUG) debug(1, "{{{{{ %s client-fork", misc_getprog()); #endif /* ** To be consistent with inetd-mode, make the client ** socket our standard path. stderr is still /dev/null. */ dup2(sock, fileno(stdin)); dup2(sock, fileno(stdout)); close(sock); /* ** Get out of the daemon's way in terms of cleanup */ misc_forget(); socket_lclose(0); /* ** Well, time to do the client job */ client_run(); } /* ------------------------------------------------------------ ** ** ** Function......: daemon_cleanup ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: Clean up the daemon related data. ** ** ------------------------------------------------------------ */ static void daemon_cleanup(void) { int i; CLIENT *clp; if(getpid() == daemon_pid) /* clean up our childs list */ for (i = 0, clp = clients; i < MAX_CLIENTS; i++, clp++) { if (clp->pid == (pid_t) 0) continue; #if defined(COMPILE_DEBUG) debug(1, "client %d=%s still alive", (int) clp->pid, clp->peer); #endif /* ** Make sure this child does not survive */ kill(clp->pid, SIGTERM); } } /* ------------------------------------------------------------ * $Log: ftp-daemon.c,v $ * Revision 1.4 2002/01/14 19:31:14 mt * reordered chroot, uidgid-dropping, syslog opening in detach_init * implemented waiting for child-init after fork for proper exit code * * Revision 1.3 2001/11/06 23:04:44 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.2 1999/09/21 07:14:19 wiegand * syslog / abort cleanup and review * * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-daemon.h0000644000000000000000000000327306767723736020342 0ustar rootroot00000000000000/* * $Id: ftp-daemon.h,v 1.1 1999/09/15 14:06:22 wiegand Exp $ * * Header for the FTP Proxy daemon mode * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_FTP_DAEMON_H_) #define _FTP_DAEMON_H_ /* ------------------------------------------------------------ */ void daemon_init (int detach); void daemon_accept(int sock); /* ------------------------------------------------------------ */ #endif /* defined(_FTP_DAEMON_H_) */ /* ------------------------------------------------------------ * $Log: ftp-daemon.h,v $ * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-ldap.c0000644000000000000000000006416510170463551017774 0ustar rootroot00000000000000/* * $Id: ftp-ldap.c,v 1.7.2.3 2004/03/10 16:07:13 mt Exp $ * * FTP Proxy LDAP interface handling * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: ftp-ldap.c,v 1.7.2.3 2004/03/10 16:07:13 mt Exp $"; #endif #include #define _GNU_SOURCE /* needed for crypt in Linux... */ #if defined(STDC_HEADERS) # include # include # include # include # include # include #endif #if defined(HAVE_UNISTD_H) # include #endif #if defined(TIME_WITH_SYS_TIME) # include # include #else # if defined(HAVE_SYS_TIME_H) # include # else # include # endif #endif #include #include #include #include #if defined(HAVE_LIBLDAP) # if defined(HAVE_LDAP_UMICH) # include # endif # include # if !defined(LDAP_PORT) # define LDAP_PORT 389 # endif #endif #include "com-config.h" #include "com-debug.h" #include "com-misc.h" #include "com-socket.h" #include "com-syslog.h" #include "ftp-client.h" #include "ftp-cmds.h" #include "ftp-ldap.h" /* ------------------------------------------------------------ */ #if defined(HAVE_LIBLDAP) # if defined(HAVE_LDAP_GET_LDERRNO) /* ** Netscape */ # define GET_LDERROR(ld,le) le = ldap_get_lderrno(ld, NULL, NULL) # elif defined(HAVE_LDAP_GET_OPTION) && defined(LDAP_OPT_ERROR_NUMBER) /* ** OpenLDAP 2.x */ # define GET_LDERROR(ld,le) ldap_get_option(ld,LDAP_OPT_ERROR_NUMBER,&le) # elif defined __sun__ /* ** there is only a forward declaration of the LDAP ** connection handle struct in ldap.h on Solaris7, ** so we have no access to ld_errno. */ # define GET_LDERROR(ld,le) le = LDAP_OTHER # else /* ** UmichLDAP or OpenLDAP 1.x */ # define GET_LDERROR(ld,le) le = (ld)->ld_errno # endif #endif /* ------------------------------------------------------------ */ #if defined(HAVE_LIBLDAP) static int ldap_fetch(LDAP *ld, CONTEXT *ctx, char *who, char *pwd); static char *ldap_attrib(LDAP *ld, LDAPMessage *e, char *attr, char *dflt); static int ldap_exists(LDAP *ld, LDAPMessage *e, char *attr, char *vstr, int cs); static int ldap_auth(LDAP *ld, LDAPMessage *e, char *who, char *pwd); static char* prep_bind_auto(LDAP *ld, char *flt, char *base, char *peer); static char* prep_bind_fmt(char *str, char *who); #endif /* ------------------------------------------------------------ ** ** ** Function......: ldap_setup_user ** ** Parameters....: ctx Pointer to user context ** who Pointer to user auth name ** pwd Pointer to user auth pwd ** ** Return........: 0 on success ** ** Purpose.......: Read the user specific parameters from ** LDAP Server if one is known. ** ** ------------------------------------------------------------ */ int ldap_setup_user(CONTEXT *ctx, char *who, char *pwd) { char *ptr = 0; int ver = 0; /* ** avoid unused... compiler warnings */ ver = ver; ptr = ptr; pwd = pwd; /* ** Basic sanity check */ if( !(ctx && who && *who)) misc_die(FL, "ldap_setup_user: ?ctx? ?who?"); #if defined(HAVE_LIBLDAP) /* ** use configured ldap version or prefer v3 since ** OpenLDAP 2.x library defaults to v2, but the ** server does not accept v2 binds per default... */ #if defined(LDAP_VERSION3) ver = LDAP_VERSION3; #elif defined(LDAP_VERSION2) ver = LDAP_VERSION2; #else ver = 0; #endif ptr = config_str(NULL, "LDAPVersion", NULL); if(NULL != ptr) { ver = atoi(ptr); } /* ** If an LDAP server is configured, insist on using it */ if((ptr = config_str(NULL, "LDAPServer", NULL)) != NULL) { char temp[MAX_PATH_SIZE]; char *host; u_int16_t port; int rc; LDAP *ld; misc_strncpy(temp, ptr, sizeof(temp)); /* ** Determine LDAP server and port */ host = temp; if(NULL != (ptr = strchr(temp, ':'))) { *ptr++ = '\0'; port = (int) socket_str2port(ptr, LDAP_PORT); } else { port = (int) LDAP_PORT; } #if defined(COMPILE_DEBUG) debug(2, "LDAP server: %s:%d", host, port); #endif /* ** Ready to contact the LDAP server */ if((ld = ldap_init(host, port)) == NULL) { syslog_write(T_ERR, "can't reach LDAP server %s:%u for %s", host, port, ctx->cli_ctrl->peer); return -1; } else { syslog_write(T_DBG, "LDAP server %s:%u: initialized for %s", host, port, ctx->cli_ctrl->peer); } if(ver > 0) { #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_PROTOCOL_VERSION) ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ver); #else ld->ld_version = ver; #endif } rc = ldap_fetch(ld, ctx, who, pwd); ldap_unbind(ld); return rc; } #endif return 0; } #if defined(HAVE_LIBLDAP) /* ------------------------------------------------------------ ** ** ** Function......: prep_bind_auto ** ** Parameters....: ld Pointer ldap struct ** flt LDAP search filter ** base BaseDN to search in ** peer Peer name for syslog ** ** Return........: bind-dn or NULL ** ** Purpose.......: Searches using anonymous bind ** for a dn we want to bind later. ** ** ------------------------------------------------------------ */ static char* prep_bind_auto(LDAP *ld, char *flt, char *base, char *peer) { LDAPMessage *result, *e; char *attrs[] = {0, 0}; char *bind_dn, *p, *d; int err; if(NULL == base || '\0' == base[0]) { misc_die(FL,"prep_bind_auto: ?base?"); } /* ** pre-bind (anonymously) */ if((d = config_str(NULL, "LDAPPreBindDN", NULL)) && (p = config_str(NULL, "LDAPPreBindPW", NULL))) { err = ldap_simple_bind_s(ld, d, p); } else { err = ldap_simple_bind_s(ld, 0, 0); } if(LDAP_SUCCESS != err) { syslog_write(T_ERR, "can't bind LDAP anonymously for %s: %.512s", peer, ldap_err2string(err)); return NULL; } result = 0; attrs[0] = config_str(NULL, "LDAPIdentifier", "CN"); err = ldap_search_s(ld, base, LDAP_SCOPE_SUBTREE, flt, attrs, 1, &result); if(LDAP_SUCCESS != err) { syslog_write(T_ERR, "can't find valid bind-dn for %s: %.512s", peer, ldap_err2string(err)); return NULL; } e = ldap_first_entry(ld, result); if(NULL == e) { GET_LDERROR(ld, err); syslog_write(T_ERR, "can't find valid bind-dn for %s", peer); return NULL; } /* ** OK, we have a DN */ if(NULL != (p = ldap_get_dn(ld, e))) { bind_dn = misc_strdup(FL, p); ldap_memfree(p); } else { bind_dn = NULL; } ldap_msgfree(result); syslog_write(T_DBG, "auto bind-dn='%.256s' for %s", NIL(bind_dn), peer); return bind_dn; } /* ------------------------------------------------------------ ** ** ** Function......: prep_bind_fmt ** ** Parameters....: str Bind-DN fmt string ** who Current user name ** ** Return........: bind-dn or NULL ** ** Purpose.......: Checks if str contains a fmt ** and constructs a new base-dn. ** ** ------------------------------------------------------------ */ static char* prep_bind_fmt(char *str, char *who) { char *bind_dn, *p; int fmt = 0; size_t len; /* ** search for exactly one %s; if any other ** fmt's are present report an parse error. */ for(p=str; p && p[0] && (p = strchr(p, '%')); p++) { if(!fmt && ('s' == p[1] || 'S' == p[1])) { fmt = 1; } else { errno = 0; misc_die(FL,"prep_bind_fmt: ?str?"); } } if(fmt) { /* ** constuct LDAPBind DN and PW */ len = strlen(who) + strlen(str); bind_dn = misc_alloc(FL, len); #if defined(HAVE_SNPRINTF) snprintf(bind_dn, len, str, who); #else sprintf(bind_dn, str, who); #endif return bind_dn; } return 0; } /* ------------------------------------------------------------ ** ** ** Function......: ldap_fetch ** ** Parameters....: ld Pointer ldap struct ** ctx Pointer to user context ** who Pointer to user/auth name ** pwd Pointer to user/auth pwd ** ** Return........: 0 on success ** ** Purpose.......: Read the user specific parameters from ** an LDAP Server. ** ** ------------------------------------------------------------ */ static int ldap_fetch(LDAP *ld, CONTEXT *ctx, char *who, char *pwd) { char str[MAX_PATH_SIZE]; char *bind_dn, *bind_pw; char *base_dn, *auth_dn; char *idnt, *objc, *ptr, *p, *q; char lderr, auth_ok; u_int16_t l, u; LDAPMessage *result, *e; /* Basic sanity */ if(ctx == NULL || ld == NULL || who == NULL) { if(ld) ldap_unbind(ld); misc_die(FL, "ldap_fetch: ?ctx? ?ld? ?who?"); } /* ** construct filter for the search ** (by LDAPIdentifier, maybe also ObjectClass) */ idnt = config_str(NULL, "LDAPIdentifier", "CN"); objc = config_str(NULL, "LDAPObjectClass", NULL); if(NULL != objc) { #if defined(HAVE_SNPRINTF) snprintf(str, sizeof(str), "(&(ObjectClass=%.256s)(%.256s=%.256s))", objc, idnt, who); #else sprintf(str, "(&(ObjectClass=%.256s)(%.256s=%.256s))", objc, idnt, who); #endif } else { #if defined(HAVE_SNPRINTF) snprintf(str, sizeof(str), "(%.256s=%.256s)", idnt, who); #else sprintf(str, "(%.256s=%.256s)", idnt, who); #endif } auth_ok = 0; /* OK if non-anonymous bind */ auth_dn = config_str(NULL, "LDAPAuthDN", NULL); base_dn = config_str(NULL, "LDAPBaseDN", NULL); if(NULL != (ptr = config_str(NULL, "LDAPBindDN", NULL))) { /* ** check if we should use auth-/base-dn for bind */ bind_pw = pwd; bind_dn = 0; if(0 == strcasecmp(ptr, "auto")) { bind_dn = prep_bind_auto(ld, str, auth_dn ? auth_dn : base_dn, ctx->cli_ctrl->peer); auth_ok = 1; if(NULL == bind_dn) return -1; } else if(0 == strcasecmp(ptr, "AuthDN")) { bind_dn = prep_bind_auto(ld, str, auth_dn, ctx->cli_ctrl->peer); auth_ok = 1; if(NULL == bind_dn) return -1; } else if(0 == strcasecmp(ptr, "BaseDN")) { bind_dn = prep_bind_auto(ld, str, base_dn, ctx->cli_ctrl->peer); auth_ok = 1; if(NULL == bind_dn) return -1; } else { /* ** check if we have a format in BindDN */ bind_dn = prep_bind_fmt(ptr, who); if(NULL == bind_dn) { /* ** use static LDAPBind DN and PW */ bind_dn = misc_strdup(FL, ptr); bind_pw = config_str(NULL, "LDAPBindPW", NULL); } else { auth_ok = 1; } } /* ** bind usind a dn & pw */ lderr = ldap_simple_bind_s(ld, bind_dn, bind_pw); if(LDAP_SUCCESS != lderr) { syslog_write(U_ERR, "can't bind LDAP dn='%.256s' for %s: %.512s", bind_dn, ctx->cli_ctrl->peer, ldap_err2string(lderr)); return -1; } syslog_write(T_DBG, "LDAP bind to dn='%.256s': succeed", bind_dn); } else { /* ** bind anonymously */ lderr = ldap_simple_bind_s(ld, 0, 0); if(LDAP_SUCCESS != lderr) { syslog_write(T_ERR, "can't bind LDAP anonymously for %s: %.512s", ctx->cli_ctrl->peer, ldap_err2string(lderr)); return -1; } } syslog_write(U_INF, "reading data for '%s' from LDAP", who); if(NULL != base_dn) { syslog_write(T_DBG, "LDAP search: base='%.256s' filter='%.256s'", base_dn, str); result = 0; lderr = ldap_search_s(ld, base_dn, LDAP_SCOPE_SUBTREE, str, NULL, 0, &result); if(LDAP_SUCCESS != lderr) { syslog_write(T_ERR, "can't read LDAP data for %s: %.512s", ctx->cli_ctrl->peer, ldap_err2string(lderr)); return -1; } /* ** Check if we have a user data ** (else return 'error' or 'empty') */ if(NULL == (e = ldap_first_entry(ld, result))) { GET_LDERROR(ld,lderr); syslog_write(T_DBG, "empty LDAP result for %s in base-dn='%s'", ctx->cli_ctrl->peer, base_dn); e = result = NULL; } } else { e = result = NULL; } /* ** Preform auth on userauth if type is ldap */ ptr = config_str(NULL, "UserAuthType", NULL); if( ptr && 0 == strcasecmp(ptr, "ldap")) { LDAPMessage *res=0, *a=e; int rc = 0; /* ** if LDAPAuthDN set, do auth on a different base... */ if(NULL != auth_dn) { syslog_write(T_DBG, "LDAP auth: base='%.256s' filter='%.256s'", auth_dn, str); lderr = ldap_search_s(ld, auth_dn, LDAP_SCOPE_SUBTREE, str, NULL, 0, &res); if(LDAP_SUCCESS != lderr) { syslog_write(T_ERR, "can't read LDAP auth-data for %s: %.512s", ctx->cli_ctrl->peer, ldap_err2string(lderr)); if(result) ldap_msgfree(result); return -1; } if(NULL == (a = ldap_first_entry(ld, res))) { GET_LDERROR(ld,lderr); syslog_write(T_WRN, "empty LDAP result for %s in auth-dn='%s'", ctx->cli_ctrl->peer, auth_dn); if(result) ldap_msgfree(result); return -1; } } else if(NULL == base_dn || NULL == e) { ldap_unbind(ld); misc_die(FL, "ldap_fetch: ?LDAPBaseDN?"); } /* ** OK, let's check the user auth now */ rc = ldap_auth(ld, a, who, pwd); if(res) ldap_msgfree(res); if(0 > rc) { syslog_write(U_ERR, "LDAP user auth failed for %s from %s", who, ctx->cli_ctrl->peer); if(result) ldap_msgfree(result); return -1; } /* ** do not allow to configure UserAuthType=ldap ** and to skip all manual ldap checks without ** an sufficient ldap-bind. */ if(0 == rc && 0 == auth_ok) { syslog_write(T_ERR, "LDAP auth config not sufficient"); if(result) ldap_msgfree(result); return -1; } } /* ** read proxy user profile data ... ** if we have a base_dn and result */ if(NULL == base_dn || NULL == e) { return 0; } /* ** Evaluate the destination FTP server address. */ p = ldap_attrib(ld, e, "DestinationAddress", NULL); if(NULL != p && ctx->magic_addr == INADDR_ANY) { ctx->srv_addr = socket_str2addr(p, INADDR_ANY); if(INADDR_ANY == ctx->srv_addr) { syslog_write(T_ERR, "can't eval DestAddr for %s", ctx->cli_ctrl->peer); ldap_msgfree(result); return -1; } #if defined(COMPILE_DEBUG) debug(2, "ldap DestAddr for %s: '%s'", ctx->cli_ctrl->peer, socket_addr2str(ctx->srv_addr)); #endif } /* ** Evaluate the destination FTP server port */ p = ldap_attrib(ld, e, "DestinationPort", NULL); if(NULL != p && ctx->magic_port == INPORT_ANY) { ctx->srv_port = socket_str2port(p, INPORT_ANY); if(INPORT_ANY == ctx->srv_port) { syslog_write(T_ERR, "can't eval DestPort for %s", ctx->cli_ctrl->peer); ldap_msgfree(result); return -1; } #if defined(COMPILE_DEBUG) debug(2, "ldap DestPort for %s: %u", ctx->cli_ctrl->peer, ctx->srv_port); #endif } /* ** Evaluate the destination transfer mode */ p = ldap_attrib(ld, e, "DestinationTransferMode", NULL); if(NULL != p) { if(strcasecmp(p, "active") == 0) ctx->srv_mode = MOD_ACT_FTP; else if (strcasecmp(p, "passive") == 0) ctx->srv_mode = MOD_PAS_FTP; else if (strcasecmp(p, "client") == 0) ctx->srv_mode = MOD_CLI_FTP; else { syslog_write(T_ERR, "can't eval DestMode for %s", ctx->cli_ctrl->peer); ldap_msgfree(result); return -1; } #if defined(COMPILE_DEBUG) debug(2, "ldap DestMode for %s: %s", ctx->cli_ctrl->peer, p); #endif } /* ** Evaluate the port ranges */ p = ldap_attrib(ld, e, "DestinationMinPort", NULL); q = ldap_attrib(ld, e, "DestinationMaxPort", NULL); if(NULL != p && NULL != q) { l = socket_str2port(p, INPORT_ANY); u = socket_str2port(q, INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->srv_lrng = l; ctx->srv_urng = u; } #if defined(COMPILE_DEBUG) debug(2, "ldap DestRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->srv_lrng, ctx->srv_urng); #endif } p = ldap_attrib(ld, e, "ActiveMinDataPort", NULL); q = ldap_attrib(ld, e, "ActiveMaxDataPort", NULL); if(NULL != p && NULL != q) { l = socket_str2port(p, INPORT_ANY); u = socket_str2port(q, INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->act_lrng = l; ctx->act_urng = u; } #if defined(COMPILE_DEBUG) debug(2, "ActiveRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->act_lrng, ctx->act_urng); #endif } p = ldap_attrib(ld, e, "PassiveMinDataPort", NULL); q = ldap_attrib(ld, e, "PassiveMaxDataPort", NULL); if(NULL != p && NULL != q) { l = socket_str2port(p, INPORT_ANY); u = socket_str2port(q, INPORT_ANY); if (l > 0 && u > 0 && u >= l) { ctx->pas_lrng = l; ctx->pas_urng = u; } #if defined(COMPILE_DEBUG) debug(2, "PassiveRange for %s: %u-%u", ctx->cli_ctrl->peer, ctx->pas_lrng, ctx->pas_urng); #endif } /* ** Setup other configuration options */ p = ldap_attrib(ld, e, "SameAddress", NULL); if(NULL != p) { if (strcasecmp(p, "y") == 0) ctx->same_adr = 1; else if (strcasecmp(p, "on") == 0) ctx->same_adr = 1; else if (strcasecmp(p, "yes") == 0) ctx->same_adr = 1; else if (strcasecmp(p, "true") == 0) ctx->same_adr = 1; else if (*p >= '0' && *p <= '9') ctx->same_adr = (atoi(p) != 0); else ctx->same_adr = 0; #if defined(COMPILE_DEBUG) debug(2, "SameAddress for %s: %s", ctx->cli_ctrl->peer, ctx->same_adr ? "yes" : "no"); #endif } p = ldap_attrib(ld, e, "TimeOut", "900"); if(NULL != p) { if (*p >= '0' && *p <= '9') ctx->timeout = atoi(p); else ctx->timeout = 900; #if defined(COMPILE_DEBUG) debug(2, "TimeOut for %s: %d", ctx->cli_ctrl->peer, ctx->timeout); #endif } /* ** Adjust the allow/deny flags for the commands */ p = ldap_attrib(ld, e, "ValidCommands", NULL); if(NULL != p) { cmds_set_allow(p); } /* ** All relevant attributes have been evaluated */ ldap_msgfree(result); return 0; } /* ------------------------------------------------------------ ** ** ** Function......: ldap_auth ** ** Parameters....: ld Pointer to LDAP struct ** e Pointer to result buffer ** who Pointer to user name ** pwd Pointer to user pwd ** ** Return........: 0 on success ** ** Purpose.......: Preform LDAP userauth ** ** ------------------------------------------------------------ */ static int ldap_auth(LDAP *ld, LDAPMessage *e, char *who, char *pwd) { char str[MAX_PATH_SIZE]; char *v, *p, *q; size_t len; int xrc = 0; if (ld == NULL || e == NULL) misc_die(FL, "ldap_checkauth: ?ld? ?e?"); /* ** check "user enabled" flag if present */ if( (p = config_str(NULL, "LDAPAuthOKFlag", NULL))) { misc_strncpy(str, p, sizeof(str)); if( (v = strchr(str, '='))) *v++ = '\0'; else v = 0; if(v && strlen(v) && strlen(str)) { if(0 != ldap_exists(ld, e, str, v, 0)) { syslog_write(U_WRN, "access denied for %s", NIL(who)); return -1; } else { syslog_write(T_DBG, "LDAP auth ok-check: '%.256s'='%.256s' passed", NIL(str), NIL(v)); xrc = 1; } } else { errno = 0; misc_die(FL, "ldap_auth: ?LDAPAuthOKFlag?"); } } else { syslog_write(T_DBG, "LDAP auth ok-check skipped"); } /* ** check user pass match */ if( (p = config_str(NULL, "LDAPAuthPWAttr", "")) && strlen(p)) { if(NULL == pwd) pwd = ""; v = config_str(NULL, "LDAPAuthPWType", "plain"); q = ldap_attrib(ld, e, p, ""); p = 0; len = 0; if( !strncasecmp(v, "plain", sizeof("plain")-1)) { /* ** plain passwd - no prefix */ len = sizeof("plain")-1; p = pwd; #if defined(HAVE_CRYPT) } else if( !strncasecmp(v, "crypt", sizeof("plain")-1)) { /* ** crypt - no prefix */ len = sizeof("plain")-1; p = crypt(pwd, q); } else if( !strncasecmp(v, "{crypt}", sizeof("{crypt}")-1)) { /* ** crypt - {crypt} prefix */ len = sizeof("{crypt}")-1; if(strncasecmp(q, "{crypt}", len)) { syslog_write(T_ERR, "ldap user auth - prefix missed"); return -1; } q+=len; p = crypt(pwd, q); #endif } else { errno = 0; misc_die(FL, "ldap_auth: ?LDAPAuthPWType?"); } /* ** check if we have different minimal length ** it is coded in latest "char", i.e. plain9 */ if(0 < len && strlen(v) == len+1 && '0' <= v[len] && '9' >= v[len]) { len = (size_t)v[len] - '0'; } else len = PASS_MIN_LEN; syslog_write(T_DBG, "LDAP auth pw-type[%d]='%.256s'", len, v); #if defined(COMPILE_DEBUG) debug(3, "LDAP auth pw-check: '%.256s' ?= '%.256s'", NIL(q), NIL(p)); #endif /* ** check (lenght) and compare passwds; the user ** account is locked if LDAP-PWD is "*" or "!" */ if(p && strlen(p)>=len && strlen(q) == strlen(p) && !(1==strlen(q) && ('*' == q[0] || '!' == q[0]))) { if(0 == strcmp(q, p)) { syslog_write(T_DBG, "LDAP auth pw-check succeed"); return xrc + 2; } } syslog_write(T_DBG, "LDAP auth pw-check failed"); return -1; } else { syslog_write(T_DBG, "LDAP auth pw-check skipped"); } /* ** OK, all configured manual LDAPAuth checks succeed... */ return xrc; } /* ------------------------------------------------------------ ** ** ** Function......: ldap_attrib ** ** Parameters....: ld Pointer to LDAP struct ** e Pointer to result buffer ** attr Name of desired option ** dflt Default value ** ** Return........: Value for attr (or dflt if not found) ** ** Purpose.......: Search the LDAP result message for the ** desired attribute value and return it. ** NEVER return a NULL pointer except if ** the dflt was taken and is NULL itself. ** ** ------------------------------------------------------------ */ static char *ldap_attrib(LDAP *ld, LDAPMessage *e, char *attr, char *dflt) { static char str[MAX_PATH_SIZE]; char **vals; if (ld == NULL || e == NULL || attr == NULL) misc_die(FL, "ldap_attrib: ?ld? ?e? ?attr?"); /* ** See if this attribute has values available */ if ((vals = ldap_get_values(ld, e, attr)) == NULL) { #if defined(COMPILE_DEBUG) debug(3, "LDAP result: '%.256s' - '%.1024s'", attr, NIL(dflt)); #endif return dflt; } /* ** Save value (use the first one) and free memory */ misc_strncpy(str, vals[0], sizeof(str)); ldap_value_free(vals); #if defined(COMPILE_DEBUG) debug(3, "LDAP result: '%.256s' = '%.1024s'", attr, str); #endif return str; } /* ------------------------------------------------------------ ** ** ** Function......: ldap_exists ** ** Parameters....: ld Pointer to LDAP struct ** e Pointer to result buffer ** attr Name of desired option ** vstr Value of desired option ** cs 1 for case sensitive check ** ** Return........: 0 if value found ** ** Purpose.......: Search the LDAP result message for the ** desired (multivalue) attribute and check ** if it contains a value string. ** ** ------------------------------------------------------------ */ static int ldap_exists(LDAP *ld, LDAPMessage *e, char *attr, char *vstr, int cs) { char **vals; int count, at; if (ld == NULL || e == NULL || attr == NULL || vstr == NULL) misc_die(FL, "ldap_exists: ?ld? ?e? ?attr? ?vstr?"); /* ** See if this attribute has values available */ if ((vals = ldap_get_values(ld, e, attr)) == NULL) { #if defined(COMPILE_DEBUG) debug(3, "LDAP result: no values for '%.256s'", attr); #endif return -1; } count = ldap_count_values(vals); if(cs) { for(at=0; at < count; at++) { #if defined(COMPILE_DEBUG) debug(3, "LDAP result: checking[%d:%d] '%.256s'='%.1024s'", count-1, at, attr, vals[at]); #endif if(misc_strequ(vals[at], vstr)) { ldap_value_free(vals); return 0; } } } else { for(at=0; at < count; at++) { #if defined(COMPILE_DEBUG) debug(3, "LDAP result: checking[%d:%d] '%.256s'='%.1024s'", count-1, at, attr, vals[at]); #endif if(misc_strcaseequ(vals[at], vstr)) { ldap_value_free(vals); return 0; } } } ldap_value_free(vals); #if defined(COMPILE_DEBUG) debug(3, "LDAP result: '%.256s'='%.1024s' not found", attr, vstr); #endif return 1; } #endif /* ------------------------------------------------------------ * $Log: ftp-ldap.c,v $ * Revision 1.7.2.3 2004/03/10 16:07:13 mt * added LDAPPreBindDN/LDAPPreBindPW options usable * instead of anonymous bind while LDAPBindDN=auto * * Revision 1.7.2.2 2003/05/11 20:22:17 mt * simplyfied ldap version handling * * Revision 1.7.2.1 2003/05/07 11:10:00 mt * moved user profile-config reading to ftp-client.c * added LDAP_VERSION handling with LDAPv3 default * improved user-auth to support auth via ldap-bind * * Revision 1.7 2002/05/02 13:17:12 mt * implemented simple (ldap based) user auth * * Revision 1.6 2002/01/14 19:26:38 mt * implemented bind_dn and pwd authorized ldap_simple_bind * fixed ld_errno fetching macro to work with openldap 2.x * * Revision 1.5 2001/11/06 23:04:44 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.4 1999/09/24 06:38:52 wiegand * added regular expressions for all commands * removed character map and length of paths * added flag to reset PASV on every PORT * added "magic" user with built-in destination * added some argument pointer fortification * * Revision 1.3 1999/09/21 07:14:43 wiegand * syslog / abort cleanup and review * default PASV port range to 0:0 * * Revision 1.2 1999/09/17 16:32:29 wiegand * changes from source code review * added POSIX regular expressions * * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-ldap.h0000644000000000000000000000474410170463551017776 0ustar rootroot00000000000000/* * $Id: ftp-ldap.h,v 1.4.2.1 2003/05/07 11:09:27 mt Exp $ * * Header for FTP Proxy LDAP interface handling * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_FTP_LDAP_H_) #define _FTP_LDAP_H_ /* ------------------------------------------------------------ */ /* ** default minimal password length used for user auth */ #if !defined(PASS_MIN_LEN) # define PASS_MIN_LEN 5 #endif int ldap_setup_user(CONTEXT *ctx, char *who, char *pwd); /* ------------------------------------------------------------ */ #endif /* defined(_FTP_LDAP_H_) */ /* ------------------------------------------------------------ * $Log: ftp-ldap.h,v $ * Revision 1.4.2.1 2003/05/07 11:09:27 mt * - moved user profile-config reading to ftp-client.c * - added LDAP_VERSION handling with LDAPv3 default * - improved user-auth to support auth via ldap-bind * * Revision 1.4 2002/05/02 13:17:12 mt * implemented simple (ldap based) user auth * * Revision 1.3 1999/09/24 06:38:52 wiegand * added regular expressions for all commands * removed character map and length of paths * added flag to reset PASV on every PORT * added "magic" user with built-in destination * added some argument pointer fortification * * Revision 1.2 1999/09/17 16:32:29 wiegand * changes from source code review * added POSIX regular expressions * * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-main.c0000644000000000000000000002315310170463551017770 0ustar rootroot00000000000000/* * $Id: ftp-main.c,v 1.6.6.1 2003/05/07 11:08:55 mt Exp $ * * Main program of the FTP Proxy * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: ftp-main.c,v 1.6.6.1 2003/05/07 11:08:55 mt Exp $"; #endif #include #if defined(STDC_HEADERS) # include # include # include # include # include #endif #if defined(HAVE_UNISTD_H) # include #endif #if defined(TIME_WITH_SYS_TIME) # include # include #else # if defined(HAVE_SYS_TIME_H) # include # else # include # endif #endif #include #include "com-config.h" #include "com-debug.h" #include "com-misc.h" #include "com-socket.h" #include "com-syslog.h" #include "ftp-client.h" #include "ftp-daemon.h" #include "ftp-main.h" /* ------------------------------------------------------------ */ #include "ftp-vers.c" /* We need the version strings */ #define SELECT_TIMEOUT 60 /* Wake up regularly */ #if defined(COMPILE_DEBUG) # define DEBUG_FILE "/tmp/ftp-proxy.debug" # define OPTS_LIST "cdinf:v:V?" #else # define OPTS_LIST "cdinf:V?" #endif /* ------------------------------------------------------------ */ static char progname[1024]; static char *usage_arr[] = { progname, " -c Dump Config-File contents and exit", " -d Forced to run in standalone mode", " -i Forced to run in inetd mode", " -n Do not detach from controlling terminal", " -f file Name of the configuration file", " (Default: " DEFAULT_CONFIG ")", #if defined(COMPILE_DEBUG) " -v level Send debuging output to " DEBUG_FILE, " (Level: 0 = silence, 4 = chatterbox)", " !!! DO NOT USE -v FOR PRODUCTION !!!", #endif " -V Display program version and exit", "", NULL }; /* ------------------------------------------------------------ */ static RETSIGTYPE main_signal(int signo); static char *cfg_file = 0; /* Name of the config file */ static int close_flag = 0; /* Program termination request */ static int config_flag = 0; /* Config refresh request */ static int rotate_flag = 0; /* Log file rotation request */ /* ------------------------------------------------------------ */ #define ST_NONE 0 /* Unknown ServerType */ #define ST_INETD 1 /* Run from (x)inetd */ #define ST_DAEMON 2 /* Run as daemon */ static int srv_type; /* The actual server type */ /* ------------------------------------------------------------ ** ** ** Function......: config_filename ** ** Parameters....: (none) ** ** Return........: name of current config file ** ** Purpose.......: read-only access to config file name ** ** ------------------------------------------------------------ */ const char* config_filename() { return cfg_file; } /* ------------------------------------------------------------ ** ** ** Function......: main_signal ** ** Parameters....: signo Signal to be handled ** ** Return........: (most probably, none) ** ** Purpose.......: Handler for signals, mainly killing. ** ** ------------------------------------------------------------ */ static RETSIGTYPE main_signal(int signo) { #if defined(COMPILE_DEBUG) debug(2, "server signal %d", signo); #endif switch (signo) { case SIGHUP: config_flag = 1; break; case SIGUSR1: rotate_flag = 1; break; default: close_flag = 1; } signal(signo, main_signal); #if RETSIGTYPE != void return 0; #endif } /* ------------------------------------------------------------ ** ** ** Function......: main ** ** Parameters....: argc & argv As usual ** ** Return........: EXIT_SUCCESS or EXIT_FAILURE ** ** Purpose.......: Yes. ** ** ------------------------------------------------------------ */ int main(int argc, char *argv[]) { int c, detach, cfg_dump; char *p; #if defined(SIGWINCH) /* ** Make sure we don't get confused by resizing windows */ signal(SIGWINCH, SIG_IGN); #endif /* ** Set a reasonable program name for debug/logging */ p = misc_setprog(argv[0], usage_arr); #if defined(HAVE_SNPRINTF) snprintf(progname, sizeof(progname), "Usage: %s [option ...]", p); #else sprintf(progname, "Usage: %s [option ...]", p); #endif misc_setvers(prog_vers); misc_setdate(prog_date); /* ** Preset some variables */ cfg_file = DEFAULT_CONFIG; cfg_dump = 0; srv_type = ST_NONE; /* Undetermined yet */ detach = 1; /* Usually detach from CtlTerm */ /* ** Read the command line options */ while ((c = getopt(argc, argv, OPTS_LIST)) != EOF) { switch (c) { case 'c': cfg_dump = 1; /* Dump config */ break; case 'd': srv_type = ST_DAEMON; /* Force daemon */ break; case 'i': srv_type = ST_INETD; /* Force inetd */ break; case 'n': detach = 0; /* Don't detach (e.g. AIX) */ break; case 'f': cfg_file = misc_strtrim(optarg); break; #if defined(COMPILE_DEBUG) case 'v': debug_init(atoi(misc_strtrim(optarg)), DEBUG_FILE); break; #endif case 'V': fprintf(stderr, "%s\n", misc_getvsdt()); exit(EXIT_SUCCESS); break; case '?': default: misc_usage(NULL); } } /* ** Redirect errors and faults to stderr durring the ** initialisation phase. The log file will be opened ** after the chroot is done and uid/gid are dropped ** (if they are requested....) */ syslog_stderr(); /* ** Read the configuration file (this will die on error) */ config_read(cfg_file, cfg_dump); /* ** Complain if no default DestinationAddress is given ** while the AllowTransProxy feature is disabled... ** ** FIXME: is this really needed? */ if( (NULL == config_str(NULL, "DestinationAddress", NULL)) && (0 == config_bool(NULL, "AllowTransProxy", 0)) && (0 == config_bool(NULL, "AllowMagicUser", 0))) { syslog_error("can't run without an destination address"); exit(EXIT_FAILURE); } /* ** Determine ServerType (inetd/standalone) */ if (srv_type == ST_NONE) { p = config_str(NULL, "ServerType", "inetd"); if (strcasecmp(p, "standalone") == 0) srv_type = ST_DAEMON; else srv_type = ST_INETD; } if (srv_type == ST_INETD) { #if defined(COMPILE_DEBUG) debug(1, "{{{{{ %s client-start", misc_getprog()); #endif /* ** Change root directory */ misc_chroot(config_str(NULL, "ServerRoot", NULL)); /* ** Change our user- and group-id if requested */ misc_uidgid(CONFIG_UID, CONFIG_GID); /* ** Open the log if requested */ if ((p = config_str(NULL, "LogDestination", NULL)) != NULL) syslog_open(p, config_str(NULL, "LogLevel", NULL)); else syslog_close(); client_run(); exit(EXIT_SUCCESS); } #if defined(COMPILE_DEBUG) debug(1, "{{{{{ %s daemon-start", misc_getprog()); #endif /* ** The rest of this file is "daemon only" code ... */ daemon_init(detach); /* ** Setup signal handling (mostly graceful exit) */ signal(SIGINT, main_signal); signal(SIGTERM, main_signal); signal(SIGQUIT, main_signal); signal(SIGHUP, main_signal); signal(SIGUSR1, main_signal); /* ** Well, it's time for the main loop now ... */ while (close_flag == 0) { /* ** Shall we re-read the config file? */ if (config_flag) { /* ** reread config */ config_flag = 0; config_read(cfg_file, 0); /* ** reopen / rotate log */ syslog_open(config_str(NULL, "LogDestination", NULL), config_str(NULL, "LogLevel", NULL)); } /* ** Check for log file rotation */ if (rotate_flag) { rotate_flag = 0; syslog_rotate(); } /* ** Now perform the "real" main loop work */ socket_exec(SELECT_TIMEOUT, &close_flag); } #if defined(COMPILE_DEBUG) debug(1, "}}}}} %s daemon-exit", misc_getprog()); #endif exit(EXIT_SUCCESS); } /* ------------------------------------------------------------ * $Log: ftp-main.c,v $ * Revision 1.6.6.1 2003/05/07 11:08:55 mt * added strtrim arround optarg * * Revision 1.6 2002/01/14 19:24:46 mt * reordered config reading, chroot and syslog opening * added config_filename function for runtime queries * added snprintf usage if supported on built-platform * * Revision 1.5 2001/11/06 23:04:44 mt * applied / merged with transparent proxy patches v8 * see ftp-proxy/NEWS for more detailed release news * * Revision 1.4 1999/09/29 09:58:25 wiegand * complain about missing DestAddr after LogOpen (incl. stderr) * * Revision 1.3 1999/09/21 07:13:07 wiegand * syslog / abort cleanup and review * * Revision 1.2 1999/09/16 16:29:57 wiegand * minor updates improving code quality * * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-main.h0000644000000000000000000000342507420627604020002 0ustar rootroot00000000000000/* * $Id: ftp-main.h,v 1.1 2002/01/14 19:20:36 mt Exp $ * * Header for the FTP Proxy main program * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #if !defined(_FTP_MAIN_H_) #define _FTP_MAIN_H_ /* ------------------------------------------------------------ */ #if !defined(ETC_DIR) #define ETC_DIR "/etc/proxy-suite" #endif #define DEFAULT_CONFIG ETC_DIR"/ftp-proxy.conf" const char* config_filename(); /* ------------------------------------------------------------ */ #endif /* defined(_FTP_MAIN_H_) */ /* ------------------------------------------------------------ * $Log: ftp-main.h,v $ * Revision 1.1 2002/01/14 19:20:36 mt * added header to provide config file name * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/ftp-proxy.80000644000000000000000000001613110170747337020157 0ustar rootroot00000000000000.\" ftp-proxy/ftp-proxy.8. Generated from ftp-proxy.8.in by configure. .\" .\" $Id: ftp-proxy.8.in,v 1.3 2002/01/14 19:18:28 mt Exp $ .\" .\" Manual Page for the ftp-proxy Program .\" .\" Author(s): Jens-Gero Boehm .\" Pieter Hollants .\" Marius Tomaschewski .\" Volker Wiegand .\" .\" This file is part of the SuSE Proxy Suite .\" See also http://proxy-suite.suse.de/ .\" .\" This program is free software; you can redistribute it and/or .\" modify it under the terms of the GNU General Public License .\" as published by the Free Software Foundation; either version .\" 2 of the License, or (at your option) any later version. .\" .\" This program is distributed in the hope that it will be useful, .\" but WITHOUT ANY WARRANTY; without even the implied warranty of .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the .\" GNU General Public License for more details. .\" .\" You should have received a copy of the GNU General Public License .\" along with this program; if not, write to the .\" Free Software Foundation, Inc., 59 Temple Place - Suite 330, .\" Boston, MA 02111-1307, USA. .\" .\" A history log can be found at the end of this file. .\" .TH ftp-proxy 8 "September 20th, 1999" "SuSE" "Proxy-Suite" .SH NAME ftp-proxy \- application level proxy for the FTP protocol .SH SYNOPSIS .B "ftp-proxy [-c] [-d|-i] [-f file] [-n] [-v level] [-V]" .SH DESCRIPTION .B FTP-Proxy acts as an application level gateway between FTP clients and servers. Its main purpose is to secure local FTP servers against possibly insecure clients or malicious attacks. FTP-Proxy is believed to be immune against current known attacks based on the FTP protocol. .PP FTP-Proxy can be started from the inetd (or xinetd, or any other) internet super daemon or executed on its own as a standalone daemon, in which case it will fork child processes to handle connections. The behaviour depends on the .B ftp-proxy.conf(5) configuration option .B ServerType or the .B \-i and .B \-d command line switches, where the latter two take precedence. .PP FTP-Proxy features a rich set of auditing and command restriction capabilities and is specifically suited for deployment in firewall environments. .SH OPTIONS .TP .B \-V Print the program's version information and terminate with exit code 0. .TP .B \-c Read the configuration file, output its contents sorted by section and option name to standard output, and terminate with exit code 0. This option is mostly interesting for diagnostic purposes. .TP .B \-d Force FTP-Proxy to run in standalone (daemon) mode, even if a .B ServerType inetd directive exists in the configuration file. .TP .B \-i Force FTP-Proxy to run in inetd mode, even if a .B ServerType standalone directive exists in the configuration file. .TP .B \-f \fIfilename\fR Specify an alternate configuration file to be read instead of the standard .B /usr/local/etc/proxy-suite/ftp-proxy.conf file. .sp Please note that the default path for the configuration file is a compile time option. It can be changed using the .B \-\-prefix and .B \-\-sysconfdir options when running the .B configure script - see also the .B INSTALL file for usage description. .TP .B \-n Do not detach from the controlling terminal. This prevents the default of becoming a daemon and is ignored if running in .B inetd mode. The main purpose of this option is to support the AIX System Resource Controller or similar setups, where several daemons are controlled by a master daemon. .TP .B \-v \fIlevel\fR Enable diagnostic output to be sent to the file \fB/tmp/ftp-proxy.debug\fR. The given level must be in the range from 0 (no output at all) to 4 (maximum verbosity). See also .B DIAGNOSTICS bellow. .SH SIGNALS .TP .B SIGTERM, SIGQUIT, SIGINT These signals instruct FTP-Proxy to abort any existing transfer, close all connections and terminate the process. If the target of the signal is a running FTP-Proxy daemon, all current child processes wil also be terminated. .TP .B SIGHUP This signal will be accepted if running in daemon mode and ignored in inetd mode. .br It causes the FTP-Proxy to reread its configuration file and to reopen the log destination if it was changed in the configuration file, or rotated if it is a log file. .br See also dedicated rotation singnal .B SIGUSR1 bellow. .TP .B SIGUSR1 This signal will be accepted if running in daemon mode and ignored in inetd mode. .br It causes the FTP-Proxy to close its current logfile, rename it to a date and time derived value, and open a new logfile. This procedure is also known as \fILogfile Rotation\fR. Child processes forked before the reception of this signal and processes run from .B inetd will not be affected. .br See also the .B ServerRoot configuration option in .B ftp-proxy.conf(5). .SH NOTES When running FTP-Proxy in .B inetd mode, it is always an excellent idea to check that the inetd configuration file includes a line that invokes FTP-Proxy. An example for a line in .B /etc/inetd.conf follows: .PP .B ftp stream tcp nowait root /usr/local/sbin/ftp-proxy -i .PP Please note that this is just an example and does not provide much security, like running as a non-privileged user or using the .B TCP Wrapper functionality. .SH DIAGNOSTICS The .B \-v option is is only avaliable if enabled using the .B \-\-enable-debug option when running the configure script - see also the .B INSTALL file for usage description. This option should be used with great care only. It is strongly recommended to not to use it in production environments. .PP If debugging is activated, it always adds output to the file .B /tmp/ftp-proxy.debug which is created with .B 0666 mode. This allows child processes to open and write the file after they have given up their root privileges. .PP If the configuration file contains a .B ServerRoot directive, child processes and processes run from .B inetd will try to open the file within their .B chroot(2) environment. If this fails, e.g. because there is no .B /tmp directory, it is silently ignored and no debug output is generated. .PP Please note that the program makes no attempt to erase the debug file after use. Thus it will stay around with world writeability until the operator manually removes it! .SH FILES /usr/local/etc/proxy-suite/ftp-proxy.conf .br /usr/local/sbin/ftp-proxy .SH "SEE ALSO" ftp-proxy.conf(5) .PP The .B SuSE Proxy-Suite documentation included in the .B doc subdirectory of the package. .SH AUTHORS Jens-Gero Boehm .br Pieter Hollants .br Volker Wiegand .br Marius Tomaschewski .SH COPYRIGHT The whole .B SuSE Proxy-Suite is released under the .br .B GNU General Public License (GPL). .\" ########################################################### .\" $Log: ftp-proxy.8.in,v $ .\" Revision 1.3 2002/01/14 19:18:28 mt .\" actualized chroot and signal handling descriptions .\" .\" Revision 1.2 1999/09/21 07:15:15 wiegand .\" corrected some minor mistakes .\" .\" Revision 1.1 1999/09/20 05:08:52 wiegand .\" initial checkin .\" .\" ########################################################### proxy-suite-1.9.2.4/ftp-proxy/ftp-proxy.8.in0000644000000000000000000001602707420627404020564 0ustar rootroot00000000000000.\" @configure_input@ .\" .\" $Id: ftp-proxy.8.in,v 1.3 2002/01/14 19:18:28 mt Exp $ .\" .\" Manual Page for the ftp-proxy Program .\" .\" Author(s): Jens-Gero Boehm .\" Pieter Hollants .\" Marius Tomaschewski .\" Volker Wiegand .\" .\" This file is part of the SuSE Proxy Suite .\" See also http://proxy-suite.suse.de/ .\" .\" This program is free software; you can redistribute it and/or .\" modify it under the terms of the GNU General Public License .\" as published by the Free Software Foundation; either version .\" 2 of the License, or (at your option) any later version. .\" .\" This program is distributed in the hope that it will be useful, .\" but WITHOUT ANY WARRANTY; without even the implied warranty of .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the .\" GNU General Public License for more details. .\" .\" You should have received a copy of the GNU General Public License .\" along with this program; if not, write to the .\" Free Software Foundation, Inc., 59 Temple Place - Suite 330, .\" Boston, MA 02111-1307, USA. .\" .\" A history log can be found at the end of this file. .\" .TH ftp-proxy 8 "September 20th, 1999" "SuSE" "Proxy-Suite" .SH NAME ftp-proxy \- application level proxy for the FTP protocol .SH SYNOPSIS .B "ftp-proxy [-c] [-d|-i] [-f file] [-n] [-v level] [-V]" .SH DESCRIPTION .B FTP-Proxy acts as an application level gateway between FTP clients and servers. Its main purpose is to secure local FTP servers against possibly insecure clients or malicious attacks. FTP-Proxy is believed to be immune against current known attacks based on the FTP protocol. .PP FTP-Proxy can be started from the inetd (or xinetd, or any other) internet super daemon or executed on its own as a standalone daemon, in which case it will fork child processes to handle connections. The behaviour depends on the .B ftp-proxy.conf(5) configuration option .B ServerType or the .B \-i and .B \-d command line switches, where the latter two take precedence. .PP FTP-Proxy features a rich set of auditing and command restriction capabilities and is specifically suited for deployment in firewall environments. .SH OPTIONS .TP .B \-V Print the program's version information and terminate with exit code 0. .TP .B \-c Read the configuration file, output its contents sorted by section and option name to standard output, and terminate with exit code 0. This option is mostly interesting for diagnostic purposes. .TP .B \-d Force FTP-Proxy to run in standalone (daemon) mode, even if a .B ServerType inetd directive exists in the configuration file. .TP .B \-i Force FTP-Proxy to run in inetd mode, even if a .B ServerType standalone directive exists in the configuration file. .TP .B \-f \fIfilename\fR Specify an alternate configuration file to be read instead of the standard .B @SYSCONFDIR@/proxy-suite/ftp-proxy.conf file. .sp Please note that the default path for the configuration file is a compile time option. It can be changed using the .B \-\-prefix and .B \-\-sysconfdir options when running the .B configure script - see also the .B INSTALL file for usage description. .TP .B \-n Do not detach from the controlling terminal. This prevents the default of becoming a daemon and is ignored if running in .B inetd mode. The main purpose of this option is to support the AIX System Resource Controller or similar setups, where several daemons are controlled by a master daemon. .TP .B \-v \fIlevel\fR Enable diagnostic output to be sent to the file \fB/tmp/ftp-proxy.debug\fR. The given level must be in the range from 0 (no output at all) to 4 (maximum verbosity). See also .B DIAGNOSTICS bellow. .SH SIGNALS .TP .B SIGTERM, SIGQUIT, SIGINT These signals instruct FTP-Proxy to abort any existing transfer, close all connections and terminate the process. If the target of the signal is a running FTP-Proxy daemon, all current child processes wil also be terminated. .TP .B SIGHUP This signal will be accepted if running in daemon mode and ignored in inetd mode. .br It causes the FTP-Proxy to reread its configuration file and to reopen the log destination if it was changed in the configuration file, or rotated if it is a log file. .br See also dedicated rotation singnal .B SIGUSR1 bellow. .TP .B SIGUSR1 This signal will be accepted if running in daemon mode and ignored in inetd mode. .br It causes the FTP-Proxy to close its current logfile, rename it to a date and time derived value, and open a new logfile. This procedure is also known as \fILogfile Rotation\fR. Child processes forked before the reception of this signal and processes run from .B inetd will not be affected. .br See also the .B ServerRoot configuration option in .B ftp-proxy.conf(5). .SH NOTES When running FTP-Proxy in .B inetd mode, it is always an excellent idea to check that the inetd configuration file includes a line that invokes FTP-Proxy. An example for a line in .B /etc/inetd.conf follows: .PP .B ftp stream tcp nowait root @SBINDIR@/ftp-proxy -i .PP Please note that this is just an example and does not provide much security, like running as a non-privileged user or using the .B TCP Wrapper functionality. .SH DIAGNOSTICS The .B \-v option is is only avaliable if enabled using the .B \-\-enable-debug option when running the configure script - see also the .B INSTALL file for usage description. This option should be used with great care only. It is strongly recommended to not to use it in production environments. .PP If debugging is activated, it always adds output to the file .B /tmp/ftp-proxy.debug which is created with .B 0666 mode. This allows child processes to open and write the file after they have given up their root privileges. .PP If the configuration file contains a .B ServerRoot directive, child processes and processes run from .B inetd will try to open the file within their .B chroot(2) environment. If this fails, e.g. because there is no .B /tmp directory, it is silently ignored and no debug output is generated. .PP Please note that the program makes no attempt to erase the debug file after use. Thus it will stay around with world writeability until the operator manually removes it! .SH FILES @SYSCONFDIR@/proxy-suite/ftp-proxy.conf .br @SBINDIR@/ftp-proxy .SH "SEE ALSO" ftp-proxy.conf(5) .PP The .B SuSE Proxy-Suite documentation included in the .B doc subdirectory of the package. .SH AUTHORS Jens-Gero Boehm .br Pieter Hollants .br Volker Wiegand .br Marius Tomaschewski .SH COPYRIGHT The whole .B SuSE Proxy-Suite is released under the .br .B GNU General Public License (GPL). .\" ########################################################### .\" $Log: ftp-proxy.8.in,v $ .\" Revision 1.3 2002/01/14 19:18:28 mt .\" actualized chroot and signal handling descriptions .\" .\" Revision 1.2 1999/09/21 07:15:15 wiegand .\" corrected some minor mistakes .\" .\" Revision 1.1 1999/09/20 05:08:52 wiegand .\" initial checkin .\" .\" ########################################################### proxy-suite-1.9.2.4/ftp-proxy/ftp-proxy.conf.50000644000000000000000000006654010170747337021111 0ustar rootroot00000000000000.\" ftp-proxy/ftp-proxy.conf.5. Generated from ftp-proxy.conf.5.in by configure. .\" .\" $Id: ftp-proxy.conf.5.in,v 1.8.2.3 2005/01/11 13:00:01 mt Exp $ .\" .\" Manual Page for the ftp-proxy Configuration file .\" .\" Author(s): Jens-Gero Boehm .\" Pieter Hollants .\" Marius Tomaschewski .\" Volker Wiegand .\" .\" This file is part of the SuSE Proxy Suite .\" See also http://proxy-suite.suse.de/ .\" .\" This program is free software; you can redistribute it and/or .\" modify it under the terms of the GNU General Public License .\" as published by the Free Software Foundation; either version .\" 2 of the License, or (at your option) any later version. .\" .\" This program is distributed in the hope that it will be useful, .\" but WITHOUT ANY WARRANTY; without even the implied warranty of .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the .\" GNU General Public License for more details. .\" .\" You should have received a copy of the GNU General Public License .\" along with this program; if not, write to the .\" Free Software Foundation, Inc., 59 Temple Place - Suite 330, .\" Boston, MA 02111-1307, USA. .\" .\" A history log can be found at the end of this file. .\" .TH ftp-proxy.conf 5 "September 20th, 1999" "SuSE" "Proxy-Suite" .SH NAME ftp-proxy.conf \- configuration file for FTP-Proxy .SH SYNOPSIS /usr/local/etc/proxy-suite/ftp-proxy.conf .SH DESCRIPTION This manual page documents the configuration file format of the .B ftp-proxy(8) program. FTP-Proxy is an application level gateway between FTP clients and servers. Its main purpose is to secure servers against attacks based on the FTP protocol. .PP The FTP-Proxy configuration file consists of option lines and comments. A line starting with a '#' character is a comment. The general format of a option line is .PP .B [WhiteSpace] Name WhiteSpace Value [WhiteSpace] .PP It is recommended to use up to 24 characters for the name and no more than 1024 for the value, although theoretically both can be up to 4096 in size. Lines can be continued if the last character is a backslash. The whole file is not case sensitive. .SS CONTEXT Option lines always have a .B context which may be global or user specific. A context is introduced by a .B [name] line, where name is the FTP-login name or authuser if the .B UserAuthMagic feature is used. It is allowed to use '*' wildcard character at the end of the context name .B [name*] i.e. [foo*] to match multiple usernames beginning with "foo". The beginning of the file is implicitly the .B [-Global-] context (the dashes allow a user context named [global] without conflict). It is legal to include an option more than once; the last one will be the one used. Options in user contexts usually take precedence over the equivalent global option. .PP Some of the options can be used in a user or the global context, while others make sense only in one of them. See below. .SS VARIABLE SUBSTITUTION Several options (see the individual discussion below for details) support a limited set of variable substitution when evaluated. The following replacements will be performed: .sp .nf .DT .ta .4i 1i \fB%b\fR build date of the ftp-proxy(8) program \fB%d\fR current system date in the form YYYY/MM/DD \fB%h\fR host name from gethostname(2) \fB%n\fR network name from getdomainname(2) \fB%t\fR current system time in the form HH:MM:SS \fB%v\fR version of the ftp-proxy(8) program \fB%%\fR a single percent sign .DT .fi .SH OPTIONS .TP .B ActiveMaxDataPort Both user and global context. Defines the maximum local port number used when connecting to the client's data port. The latter is either the same as the client's control port or the one given in the most recent .B PORT command. If either minimum or maximum value is not given, the program defaults to using port 20, the .B ftp-data port as per .B RFC 959, for the local end of the socket if the proxy is running as root (user ID 0) or to use a random port. See also .B ActiveMinDataPort and .B User options. .TP .B ActiveMinDataPort Both user and global context. Defines the minimum local port number used when connecting to the client's data port. See also .B ActiveMaxDataPort and .B User options. .TP .B AllowMagicUser Global context only. Defines a flag that when set to .B yes, true, or .B on allows the USER name to be optionally interpreted as .B "user[@host[:port]]" where host overrides the .B DestinationAddress and port the .B DestinationPort directive below. It should only be activated with "trusted" users, like in an outgoing FTP proxy scenario. See also the .B UserMagicChar and .B ForceMagicUser options. .TP .B AllowTransProxy Global context only. Defines a flag that when set to .B yes, true, or .B on allows to use the proxy as transparent proxy for outgoing ftp. To get it working you also have to redirect client requests on a gateway or firewall host (i.e. via ipchains) to the ftp-proxy. It should only be activated with "trusted" users, like in an outgoing FTP proxy scenario. You can combine this with the .B AllowMagicUser option. .TP .B DenyMessage Global context only. Defines the name of a file which prevents any successful login if it exists, even if it is empty. The file contents will be sent to the client, each line prefixed with .B "'421-'" and with variable substitution applied. The whole file is followed by a line starting with .B "'421 '" followed by the .B DenyString below. After sending the connection is closed. If no such file exists, the deny mechanism is not triggered altogether. See also .B DenyString option. .TP .B DenyString Global context only. Defines a string that will be displayed to clients, prefixed with .B "'421 '" and variable substitution applied, if and only if a .B DenyMessage file exists. The default is .B "'Service not available'." See also .B DenyMessage option. .TP .B DestinationAddress Both user and global context. Defines where to redirect incoming FTP traffic. Can be given as either dotted decimal IP address or as DNS host name. Please note that the global section must always contain this option as a basic sanity check. .TP .B DestinationMaxPort Both user and global context. Defines the maximum local port number to be used when opening a connection to the FTP server. Valid both for control and for data connections. Defaults to not binding prior to connecting and listening, so that the system selects an arbitrary ephemeral port. See also .B DestinationMinPort option. .TP .B DestinationMinPort Both user and global context. Defines the minimum local port number to be used when opening a connection to the FTP server. See also .B DestinationMaxPort option. .TP .B DestinationPort Both user and global context. Defines the FTP server's control port where the proxy itself will connect. This option can either be given as a numeric value or as the service name retrieved by .B getservbyname(3) and defaults to port 21, the .B ftp port as per .B RFC 959. .TP .B DestinationTransferMode Both user and global context. Defines the FTP transfer mode to be used from the proxy to the server. Legal values are .B active, passive, or .B client. The latter means to follow the mode the client is using. The default value is .B client. .TP .B FailResetsPasv Global context only. Defines the action that is taken when a data transfer command is failed on the server side. If the option is set to .B yes, true, or .B on the client data transfer socket will be closed and the transfer mode set to the default (active-ftp). .br If this flag is set to .B no, false, or .B off (which is also the default) the socket can be reused for the next data transfer command in passive mode. This options is a workaround for Netscape (4.x) clients, that sends a second data transfer command if the first is failed, while the user clicks on a symbolic link pointing to a directory. .br Note, that this behavior may break the RFC definitions. .TP .B ForceMagicUser Global context only. Same as AllowMagicUser, but makes the host and port portion mandatory. .TP .B ForkLimit Global context only. Limits the number of incoming client connections per minute in daemon mode - it defaults to 40 connections per minute. .TP .B Group Global context only. Defines the UNIX style group ID which is set by the process before it serves clients. Default is to keep the current real group ID. .TP .B LDAPAuthDN Global context only. Defines a different base distinguished name that is used when accessing an LDAP directory for user authentication purposes. It defaults to the value of .B LDAPBaseDN. See also .B LDAPAuthPWAttr, LDAPAuthPWType, LDAPAuthOKFlag, .B UserAuthType, LDAPBindDN options. .TP .B LDAPAuthOKFlag Global context only. Defines an attribute and its value as .B attr=value string, i.e. userEnabled=yes, that will be checked while user authentication in the directory tree specified using .B LDAPAuthDN or .B LDAPBaseDN. Defaults to an empty string - no flag check used. .TP .B LDAPAuthPWAttr Global context only. Defines the LDAP password attribute name used for user authentication. .br A common used attribute name is .B userPassword. Defaults to an empty string - password authentication disabled. See also .B LDAPAuthPWType option. .TP .B LDAPAuthPWType Global context only. Defines the LDAP password type / format and a minimal allowed password length expected as value for attribute name specified using .B LDAPAuthPWAttr. .sp Valid values are .B plain, crypt, {crypt} followed by one number .B 0-9, i.e. .B {crypt}7, plain9 or .B plain. .sp If no minimum length specified the default minimum length of 5 characters is used. .sp A password type {crypt} means, the password value in the LDAP directory is prefixed by the {crypt} scheme specification. Other password schemes, i.e. MD5, are not supported at the moment. .br Crypted passwords are only avaliable, if the proxy is compiled with crypt support - see also .B "--with-crypt" compile time option in configure script. .sp If the password (without scheme prefix) stored in LDAP directory is .B "*" or .B "!" the account is disabled and the authentication fails. .sp Defaults to .B plain (equivalent to plain5). See also the .B LDAPAuthOKFlag. .TP .B LDAPBaseDN Global context only. Defines the base distinguished name that is used when accessing an .B LDAP directory, i.e. the root of the tree containing the FTP-Proxy entries. Defaults to an empty string. If .B UserAuthMagic is used, the authuser is used as user name for authentication and user profiles, otherwise the normal ftp-user name. See also .B LDAPIdentifier, LDAPObjectClass, LDAPServer, UserAuthMagic options. .TP .B LDAPBindDN Defines the distinguished name that is used to (simple) bind the directory service. Defaults to an empty string (anonymous bind). It is allowed to include one %s in this string, that will be replaced with the FTP username or authuser if .B UserAuthMagic is used. See also .B UserAuthMagic, LDAPAuthDN, LDAPBindPW options. .TP .B LDAPBindPW Defines the credential (password) that is used to (simple) bind the directory service using distinguished name given in the .B LDAPBindDN option. Defaults to an empty string (anonymous bind). .TP .B LDAPIdentifier Global context only. Defines the identification attribute for the access to the .B LDAP directory. This can be thought of as the primary key and defaults to the string .B CN which is short for "Common Name." See also .B LDAPBaseDN, LDAPObjectClass, LDAPServer options. .TP .B LDAPObjectClass Global context only. Defines the .B LDAP object class which holds the entries for the FTP-Proxy access control. It is assumed that the possible user specific config options exist as attributes within a record of this type. There is no default, but a value of .B FTPProxyUser is recommended. See also .B LDAPBaseDN, LDAPIdentifier, LDAPServer options. .TP .B LDAPServer Global context only. This is the main option for using an .B LDAP directory for retrieving user specific values. If given, it denotes the server (and possible port separated by a colon) where FTP-Proxy will ask for the attributes. The program will bind as the anonymous user and try to retrieve the values from the tree rooted at .B LDAPBaseDN, having an object class of .B LDAPObjectClass and identified by the .B LDAPIdentifier. If the server cannot be reached, the program aborts. If the user cannot be found, the program falls back to the configuration file, but will query only the global values and not the user specific ones. See also .B LDAPBaseDN, LDAPBindDN, LDAPIdentifier, LDAPObjectClass options. .TP .B LDAPVersion Global context only. Use this option to set the LDAP API version, the proxy should set: 2 or 3. Use 0 to skip explicit version setting and use library defaults. Defaults is version 3 if supported by the library or 2 if not. .br Note: OpenLDAP 2.x library defaults to version 2 bind, but the OpenLDAP server refuses LDAPv2 bind by default. .TP .B Listen Global context only. Defines the address where the proxy itself opens the listening port. The default is .B 0.0.0.0 which instructs the server to bind to any address. See also .B Port option. .TP .B LogDestination Global context only. Defines the destination of the logging information the program wishes to emit. If the value starts with a slash (/) it will be interpreted as an absolute path. This file will be created and kept open during the lifetime of the process. The signal .B SIGUSR1 can be sent to the (daemon) process in order to rotate this log file. .sp A second way to provide logging is via a pipe and is employed when the first character of the option is a pipe symbol (|). In this case the rest of the value is interpreted as the name of a UNIX command which is invoked and receives logging information on its standard input. .sp The third way is to use the .B syslog(3) service which is assumed for all other values. The option value is interpreted as the syslog facility while the severity is defined by the various messages themselves. .TP .B LogLevel Global context only. Defines the maximal level of logged messages. The levels are, in order of decreasing importance: .B FLT, ERR, WRN, INF, DBG .br The default level is .B INF. A .B LogLevel set to .B WRN causes, that only messages with levels .B FLT, ERR, WRN will be logged. .TP .B MaxClients Global context only. Defines the maximum number of clients the proxy will allow concurrently. The valid range for this option is 1 to 512, with a default of 64. See also .B MaxClientsMessage, MaxClientsString options. .TP .B MaxClientsMessage Global context only. Defines the name of a file that is displayed to clients if their maximum number defined with .B MaxClients has been exceeded. If no such file exists only the .B MaxClientsString is displayed, else both the file and the string are transmitted. After transmission the connection is terminated in any case. When sending the file, each line is prefixed with .B "'421-'" and variable substitution is applied to it. See also .B MaxClients, MaxClientsString options. .TP .B MaxClientsString Global context only. Defines a string that will be displayed to clients, prefixed with .B "'421 '" and variable substitution applied, if the maximum client number has been exceeded. The default is .B "'Service not available'". See also .B MaxClients, MaxClientsMessage options. .TP .B MaxRecvBufSize Global context only. Defines the maximum number of bytes read from socket at once while data transfers. Default is to read all data as reported by the kernel. .br It may be useful to set a limit (i.e. to 8192), if your proxy machine uses two interfaces of different speed, i.e. the clients are accessing the proxy via a high-speed interface (i.e. Fast-Ethernet) and the proxy is accessing servers using a slower one (i.e. modem, ISDN link) and your ftp-clients aborts the data transfers because of a timeout. .TP .B PassiveMaxDataPort Both user and global context. Defines the maximum local port number used when listening for the client's data connection. This is the port number transmitted to the client in a .B 227 response to the .B PASV command. If either minimum or maximum value is not given, the program defaults to let the system choose an arbitrary ephemeral port. See also .B PassiveMinDataPort option. .TP .B PassiveMinDataPort Both user and global context. Defines the minimum local port number used when listening for the client's data connection. See also .B PassiveMaxDataPort option. .TP .B PidFile Global context only. Defines the name of a process ID file where FTP-Proxy will store its process ID if running as daemon. The file contents will be an ASCII string with a trailing newline. On many operating systems such PID files will be located in the .B "/var/run" directory. .TP .B Port Global context only. Defines the listening port where the FTP-Proxy offers its service. The port can be given as a number or as a string suitable for retrieval by the .B getservbyname(3) function. It defaults to port 21, the .B ftp port as per .B RFC 959. See also .B Listen option. .TP .B PortResetsPasv Global context only. Defines the action that is taken when a .B PORT command is received while a passive port is open for listening. If the option is set to .B yes, true, or .B on, (which is also the default) the socket will be closed and the passive mode will be terminated (set to active-ftp). Setting the option to .B no, false, or .B off does not cancel the listen. This flag seems necessary because the RFC is not really clear enough about the correct handling. .TP .B SameAddress Both user and global context. Defines a boolean value which determines if the proxy is allowed to be included in so-called third party server to server transfers. In this situation the client first sends a .B PASV command to one server, then a .B PORT command with the response code to the second server, and then initiates the transfer with mutual transfer commands on the two servers. Specifying this option as .B no, false, or .B off allows FTP-Proxy to take part in such a transfer, while saying .B yes, true, or .B on (the default) will enforce that transfers can only take place to/from the client itself. .TP .B ServerRoot Defines the directory into which the FTP-Proxy performs a .B chroot(2) in order to increase its security level. See also the .B User and .B Group options. .sp Note, that you have to copy needed libraries, configuration files, etc into this directory first! .TP .B ServerType Global context only. Defines the mode in which the FTP-Proxy is running if no command line switch .B "(-d/-i)" has been provided. The option value can either be .B inetd in which case the proxy expects the client to be available at standard input and output, or it can be .B standalone which means the process will become a daemon, open the listening port and fork child processes for all future connections. The child processes themselves will behave exactly as if they were started from inetd. .TP .B SockBindRand Global context only. Defines a flag that when set to .B yes, true, or .B on , causes the proxy to use a random port in the specified range via DestinationMinPort/MaxPort, ActiveMinPort/MaxDataPort, PassiveMinDataPort/MaxDataPort instead of increment the port number inside of this range. See also .B DestinationMinPort, DestinationMaxPort, PassiveMinDataPort, .B PassiveMaxDataPort, ActiveMinPort, ActiveMaxPort options. .TP .B TCPWrapper Global context only. Defines a boolean value which is evaluated by the FTP-Proxy running as a standalone daemon only. Saying .B yes, true, or .B on activate the .B TCP Wrapper library, whereas .B no, false, or .B off (the default) disable the function. See also .B TCPWrapperName option. .TP .B TCPWrapperName Global context only. Use given .B name for TCP-Wrapper checks instead of the program name (argv[0]). See also .B TCPWrapper option. .TP .B TimeOut Both user and global context. Defines the time in seconds after which a client is assumed to be disconnected. If no activity is detected from the client after this time, the connection is closed and the process terminates. Default value is 900 seconds. .TP .B TranslatedAddress Global context only. Defines an IP address the server will use in .B 227 replies to .B PASV commands instead of its own address. Usually the address where the client connected to is taken, but this may not be appropriate in situations where an NAT (Network Address Translation) device is located in the way from the client to the proxy. In this situation the response can be changed to include the input address of the NAT device. .sp The value for this option can be given as a DNS host name, as a dotted decimal IP address, or as a file name. The latter is assumed when the name starts with a slash. The file is opened and scanned for the desired address. Blank lines or lines starting with '#' are ignored. Reading the address from a file may be useful for environments with masquerading and dynamic PPP connections. .TP .B User Global context only. Defines the UNIX style user ID which is given to the process before it serves clients. Default is to keep the current real user ID. .sp If the proxy does not run as a privileged user (root, user ID 0), it has no permission to bind a socket to port < 1024 or to preform a .B chroot(2) call. See also .B ActiveMinDataPort, ActiveMaxDataPort, ServerRoot options. .br .TP .B UserMagicChar or UseMagicChar Global context only. Defines the character to use as separator between user and host[:port] in the target setting of .B AllowMagicUser Default is the '@' character. This allows you to use E-Mail addresses as usernames for login to the ftp server (i.e. me@mydomain%ftp.server:21 if you set it to %). .TP .B UserAuthMagic Global context only. This is an authentication extension like AllowMagicUser, allowing encoding of additional username and password in the USER and PASS commands for authentication. Valid values are .B @auth for ftpuser@authuser[@host:port] and ftppass@authpass or .B auth@ for authuser@[ftpuser@host:port] and authpass@ftppass. See also .B LDAPBindDN, LDAPAuthType and .B AllowMagicUser. .TP .B UserAuthType Global context only. Defines the authentication mechanism the proxy should use. Currently "ldap" is implemented to support simple LDAP authentication using FTP username and password from USER and PASS commands or the special authuser and authpass encoded using .B UserAuthMagic. See also .B LDAPBindDN, LDAPAuthDN, LDAPAuthPWAttr, LDAPAuthPWType, .B LDAPAuthOKFlag and .B UserAuthMagic options. .TP .B UserNameRule Global context only. Defines a regular expression rule for validation of the user name (used for profile-setup and authentication purposes). Defaults to: .sp .B "^[[:alnum:]]+([%20@/\\\\._-][[:alnum:]]+)*$" .sp It checks, if the first character is alphanumeric, optionally followed by @/_-. or alphanumeric characters and ending with an alphanumeric one. .sp This matches the usual cases inclusive E-Mail adresses and "domain/user" names. .sp If regex support is not avaliable, above default rule is still used and the option ignored. See also .B ValidCommands option for regex encoding description. .TP .B ValidCommands Both user and global context. Defines the list of allowed FTP commands for the client. If this option is not installed, there will be no restriction on the allowed commands. But if it is given, then all commands not on this list will be denied. The list is space separated and may consist of the following commands: .B USER, PASS, ACCT, CWD, CDUP, SMNT, QUIT, REIN, PORT, PASV, .B TYPE, STRU, MODE, RETR, STOR, STOU, APPE, ALLO, REST, RNFR, .B RNTO, ABOR, DELE, RMD, MKD, PWD, LIST, NLST, SITE, SYST, .B STAT, HELP, NOOP, SIZE, MDTM, MLFL, MAIL, MSND, MSOM, MSAM, .B MRSQ, MRCP, XCWD, XMKD, XRMD, XPWD, XCUP, AUTH, APSV, EPRT, and .B EPSV. .sp Each command can be followed by an optional equals sign and .B POSIX 1003.2 Extended Regular Expression (RE) that describes the valid argument(s) for the command. If the whole string is to be matched, the pattern has to start with a caret (^) and end with a dollar ($). If no pattern follows a command, its arguments are not checked. An example for a name would be the pattern .B "'^[a-zA-Z0-9]{1,512}$'" for an argument that is mandatory and may consist of up to 512 letters or digits only. A command that does not allow any arguments can also easily be represented: .B "'QUIT=^$'". .sp Please note that the regular expression is "pre-processed". This means that a pattern in the form %xx will be interpreted as a hexadecimal constant and will be replaced by the value of that constant. This looks a bit like HTML and helps to include characters that might not be handled as expected, like %20 for space or %5c (equivalent to %5C) for backslash. The space is especially important because it is the separator for the commands within the list itself. .sp Please note also that regular expression support must have been enabled with the .B "--with-regex" switch during the .B configure compilation step of the whole package. .TP .B WelcomeMessage Global context only. Defines the name of a file that will be displayed to all clients as the first action when they open the control connection. Each line is prefixed with .B "'220-'" and variable substitution is applied to it. If no such file exists it is silently ignored. See also .B WelcomeString option. .TP .B WelcomeString Global context only. Defines the string that is sent to the client in order to start login negotiation. The string is prefixed with .B "'220 '" and variable substitution is applied to it. If this option is not given it defaults to the following string: .br .B "'%h FTP server (%v - %b) ready'." .br See also .B WelcomeMessage option. .SH FILES /usr/local/etc/proxy-suite/ftp-proxy.conf .br /usr/local/sbin/ftp-proxy .SH "SEE ALSO" ftp-proxy(8) .sp The .B SuSE Proxy-Suite documentation included in the .B doc subdirectory of the package. .SH AUTHORS Jens-Gero Boehm .br Pieter Hollants .br Volker Wiegand .br Marius Tomaschewski .SH COPYRIGHT The .B SuSE Proxy-Suite is released under the .br .B GNU General Public License (GPL). .\" ########################################################### .\" $Log: ftp-proxy.conf.5.in,v $ .\" Revision 1.8.2.3 2005/01/11 13:00:01 mt .\" fixed default UserNameRule regexp rejecting user .\" names where the 3. character is not alphanumeric .\" .\" Revision 1.8.2.2 2004/03/22 12:38:12 mt .\" added UserNameRule option allowing a regex .\" override of the builtin user name checks .\" .\" Revision 1.8.2.1 2003/05/07 11:08:24 mt .\" added LDAPVersion and ForceMagicUser variables description .\" .\" Revision 1.8 2002/05/02 13:23:18 mt .\" documented user auth related variables .\" .\" Revision 1.7 2002/01/14 19:17:30 mt .\" actualized descriptions, added new LogLevel .\" TCPWrapperName MaxRecvBufSize options .\" .\" Revision 1.6 2001/11/06 23:04:44 mt .\" applied / merged with transparent proxy patches v8 .\" see ftp-proxy/NEWS for more detailed release news .\" .\" Revision 1.5 1999/09/30 09:48:57 wiegand .\" added dynamic TranslatedAddress via file .\" .\" Revision 1.4 1999/09/24 17:08:58 wiegand .\" very minor text corrections .\" .\" Revision 1.3 1999/09/24 06:39:43 wiegand .\" added regular expressions for all commands .\" removed character map and length of paths .\" added flag to reset PASV on every PORT .\" added "magic" user with built-in destination .\" added some argument pointer fortification .\" .\" Revision 1.2 1999/09/21 07:15:15 wiegand .\" corrected some minor mistakes .\" .\" Revision 1.1 1999/09/20 11:02:06 wiegand .\" initial checkin .\" .\" ########################################################### proxy-suite-1.9.2.4/ftp-proxy/ftp-proxy.conf.5.in0000644000000000000000000006643210170746721021512 0ustar rootroot00000000000000.\" @configure_input@ .\" .\" $Id: ftp-proxy.conf.5.in,v 1.8.2.3 2005/01/11 13:00:01 mt Exp $ .\" .\" Manual Page for the ftp-proxy Configuration file .\" .\" Author(s): Jens-Gero Boehm .\" Pieter Hollants .\" Marius Tomaschewski .\" Volker Wiegand .\" .\" This file is part of the SuSE Proxy Suite .\" See also http://proxy-suite.suse.de/ .\" .\" This program is free software; you can redistribute it and/or .\" modify it under the terms of the GNU General Public License .\" as published by the Free Software Foundation; either version .\" 2 of the License, or (at your option) any later version. .\" .\" This program is distributed in the hope that it will be useful, .\" but WITHOUT ANY WARRANTY; without even the implied warranty of .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the .\" GNU General Public License for more details. .\" .\" You should have received a copy of the GNU General Public License .\" along with this program; if not, write to the .\" Free Software Foundation, Inc., 59 Temple Place - Suite 330, .\" Boston, MA 02111-1307, USA. .\" .\" A history log can be found at the end of this file. .\" .TH ftp-proxy.conf 5 "September 20th, 1999" "SuSE" "Proxy-Suite" .SH NAME ftp-proxy.conf \- configuration file for FTP-Proxy .SH SYNOPSIS @SYSCONFDIR@/proxy-suite/ftp-proxy.conf .SH DESCRIPTION This manual page documents the configuration file format of the .B ftp-proxy(8) program. FTP-Proxy is an application level gateway between FTP clients and servers. Its main purpose is to secure servers against attacks based on the FTP protocol. .PP The FTP-Proxy configuration file consists of option lines and comments. A line starting with a '#' character is a comment. The general format of a option line is .PP .B [WhiteSpace] Name WhiteSpace Value [WhiteSpace] .PP It is recommended to use up to 24 characters for the name and no more than 1024 for the value, although theoretically both can be up to 4096 in size. Lines can be continued if the last character is a backslash. The whole file is not case sensitive. .SS CONTEXT Option lines always have a .B context which may be global or user specific. A context is introduced by a .B [name] line, where name is the FTP-login name or authuser if the .B UserAuthMagic feature is used. It is allowed to use '*' wildcard character at the end of the context name .B [name*] i.e. [foo*] to match multiple usernames beginning with "foo". The beginning of the file is implicitly the .B [-Global-] context (the dashes allow a user context named [global] without conflict). It is legal to include an option more than once; the last one will be the one used. Options in user contexts usually take precedence over the equivalent global option. .PP Some of the options can be used in a user or the global context, while others make sense only in one of them. See below. .SS VARIABLE SUBSTITUTION Several options (see the individual discussion below for details) support a limited set of variable substitution when evaluated. The following replacements will be performed: .sp .nf .DT .ta .4i 1i \fB%b\fR build date of the ftp-proxy(8) program \fB%d\fR current system date in the form YYYY/MM/DD \fB%h\fR host name from gethostname(2) \fB%n\fR network name from getdomainname(2) \fB%t\fR current system time in the form HH:MM:SS \fB%v\fR version of the ftp-proxy(8) program \fB%%\fR a single percent sign .DT .fi .SH OPTIONS .TP .B ActiveMaxDataPort Both user and global context. Defines the maximum local port number used when connecting to the client's data port. The latter is either the same as the client's control port or the one given in the most recent .B PORT command. If either minimum or maximum value is not given, the program defaults to using port 20, the .B ftp-data port as per .B RFC 959, for the local end of the socket if the proxy is running as root (user ID 0) or to use a random port. See also .B ActiveMinDataPort and .B User options. .TP .B ActiveMinDataPort Both user and global context. Defines the minimum local port number used when connecting to the client's data port. See also .B ActiveMaxDataPort and .B User options. .TP .B AllowMagicUser Global context only. Defines a flag that when set to .B yes, true, or .B on allows the USER name to be optionally interpreted as .B "user[@host[:port]]" where host overrides the .B DestinationAddress and port the .B DestinationPort directive below. It should only be activated with "trusted" users, like in an outgoing FTP proxy scenario. See also the .B UserMagicChar and .B ForceMagicUser options. .TP .B AllowTransProxy Global context only. Defines a flag that when set to .B yes, true, or .B on allows to use the proxy as transparent proxy for outgoing ftp. To get it working you also have to redirect client requests on a gateway or firewall host (i.e. via ipchains) to the ftp-proxy. It should only be activated with "trusted" users, like in an outgoing FTP proxy scenario. You can combine this with the .B AllowMagicUser option. .TP .B DenyMessage Global context only. Defines the name of a file which prevents any successful login if it exists, even if it is empty. The file contents will be sent to the client, each line prefixed with .B "'421-'" and with variable substitution applied. The whole file is followed by a line starting with .B "'421 '" followed by the .B DenyString below. After sending the connection is closed. If no such file exists, the deny mechanism is not triggered altogether. See also .B DenyString option. .TP .B DenyString Global context only. Defines a string that will be displayed to clients, prefixed with .B "'421 '" and variable substitution applied, if and only if a .B DenyMessage file exists. The default is .B "'Service not available'." See also .B DenyMessage option. .TP .B DestinationAddress Both user and global context. Defines where to redirect incoming FTP traffic. Can be given as either dotted decimal IP address or as DNS host name. Please note that the global section must always contain this option as a basic sanity check. .TP .B DestinationMaxPort Both user and global context. Defines the maximum local port number to be used when opening a connection to the FTP server. Valid both for control and for data connections. Defaults to not binding prior to connecting and listening, so that the system selects an arbitrary ephemeral port. See also .B DestinationMinPort option. .TP .B DestinationMinPort Both user and global context. Defines the minimum local port number to be used when opening a connection to the FTP server. See also .B DestinationMaxPort option. .TP .B DestinationPort Both user and global context. Defines the FTP server's control port where the proxy itself will connect. This option can either be given as a numeric value or as the service name retrieved by .B getservbyname(3) and defaults to port 21, the .B ftp port as per .B RFC 959. .TP .B DestinationTransferMode Both user and global context. Defines the FTP transfer mode to be used from the proxy to the server. Legal values are .B active, passive, or .B client. The latter means to follow the mode the client is using. The default value is .B client. .TP .B FailResetsPasv Global context only. Defines the action that is taken when a data transfer command is failed on the server side. If the option is set to .B yes, true, or .B on the client data transfer socket will be closed and the transfer mode set to the default (active-ftp). .br If this flag is set to .B no, false, or .B off (which is also the default) the socket can be reused for the next data transfer command in passive mode. This options is a workaround for Netscape (4.x) clients, that sends a second data transfer command if the first is failed, while the user clicks on a symbolic link pointing to a directory. .br Note, that this behavior may break the RFC definitions. .TP .B ForceMagicUser Global context only. Same as AllowMagicUser, but makes the host and port portion mandatory. .TP .B ForkLimit Global context only. Limits the number of incoming client connections per minute in daemon mode - it defaults to 40 connections per minute. .TP .B Group Global context only. Defines the UNIX style group ID which is set by the process before it serves clients. Default is to keep the current real group ID. .TP .B LDAPAuthDN Global context only. Defines a different base distinguished name that is used when accessing an LDAP directory for user authentication purposes. It defaults to the value of .B LDAPBaseDN. See also .B LDAPAuthPWAttr, LDAPAuthPWType, LDAPAuthOKFlag, .B UserAuthType, LDAPBindDN options. .TP .B LDAPAuthOKFlag Global context only. Defines an attribute and its value as .B attr=value string, i.e. userEnabled=yes, that will be checked while user authentication in the directory tree specified using .B LDAPAuthDN or .B LDAPBaseDN. Defaults to an empty string - no flag check used. .TP .B LDAPAuthPWAttr Global context only. Defines the LDAP password attribute name used for user authentication. .br A common used attribute name is .B userPassword. Defaults to an empty string - password authentication disabled. See also .B LDAPAuthPWType option. .TP .B LDAPAuthPWType Global context only. Defines the LDAP password type / format and a minimal allowed password length expected as value for attribute name specified using .B LDAPAuthPWAttr. .sp Valid values are .B plain, crypt, {crypt} followed by one number .B 0-9, i.e. .B {crypt}7, plain9 or .B plain. .sp If no minimum length specified the default minimum length of 5 characters is used. .sp A password type {crypt} means, the password value in the LDAP directory is prefixed by the {crypt} scheme specification. Other password schemes, i.e. MD5, are not supported at the moment. .br Crypted passwords are only avaliable, if the proxy is compiled with crypt support - see also .B "--with-crypt" compile time option in configure script. .sp If the password (without scheme prefix) stored in LDAP directory is .B "*" or .B "!" the account is disabled and the authentication fails. .sp Defaults to .B plain (equivalent to plain5). See also the .B LDAPAuthOKFlag. .TP .B LDAPBaseDN Global context only. Defines the base distinguished name that is used when accessing an .B LDAP directory, i.e. the root of the tree containing the FTP-Proxy entries. Defaults to an empty string. If .B UserAuthMagic is used, the authuser is used as user name for authentication and user profiles, otherwise the normal ftp-user name. See also .B LDAPIdentifier, LDAPObjectClass, LDAPServer, UserAuthMagic options. .TP .B LDAPBindDN Defines the distinguished name that is used to (simple) bind the directory service. Defaults to an empty string (anonymous bind). It is allowed to include one %s in this string, that will be replaced with the FTP username or authuser if .B UserAuthMagic is used. See also .B UserAuthMagic, LDAPAuthDN, LDAPBindPW options. .TP .B LDAPBindPW Defines the credential (password) that is used to (simple) bind the directory service using distinguished name given in the .B LDAPBindDN option. Defaults to an empty string (anonymous bind). .TP .B LDAPIdentifier Global context only. Defines the identification attribute for the access to the .B LDAP directory. This can be thought of as the primary key and defaults to the string .B CN which is short for "Common Name." See also .B LDAPBaseDN, LDAPObjectClass, LDAPServer options. .TP .B LDAPObjectClass Global context only. Defines the .B LDAP object class which holds the entries for the FTP-Proxy access control. It is assumed that the possible user specific config options exist as attributes within a record of this type. There is no default, but a value of .B FTPProxyUser is recommended. See also .B LDAPBaseDN, LDAPIdentifier, LDAPServer options. .TP .B LDAPServer Global context only. This is the main option for using an .B LDAP directory for retrieving user specific values. If given, it denotes the server (and possible port separated by a colon) where FTP-Proxy will ask for the attributes. The program will bind as the anonymous user and try to retrieve the values from the tree rooted at .B LDAPBaseDN, having an object class of .B LDAPObjectClass and identified by the .B LDAPIdentifier. If the server cannot be reached, the program aborts. If the user cannot be found, the program falls back to the configuration file, but will query only the global values and not the user specific ones. See also .B LDAPBaseDN, LDAPBindDN, LDAPIdentifier, LDAPObjectClass options. .TP .B LDAPVersion Global context only. Use this option to set the LDAP API version, the proxy should set: 2 or 3. Use 0 to skip explicit version setting and use library defaults. Defaults is version 3 if supported by the library or 2 if not. .br Note: OpenLDAP 2.x library defaults to version 2 bind, but the OpenLDAP server refuses LDAPv2 bind by default. .TP .B Listen Global context only. Defines the address where the proxy itself opens the listening port. The default is .B 0.0.0.0 which instructs the server to bind to any address. See also .B Port option. .TP .B LogDestination Global context only. Defines the destination of the logging information the program wishes to emit. If the value starts with a slash (/) it will be interpreted as an absolute path. This file will be created and kept open during the lifetime of the process. The signal .B SIGUSR1 can be sent to the (daemon) process in order to rotate this log file. .sp A second way to provide logging is via a pipe and is employed when the first character of the option is a pipe symbol (|). In this case the rest of the value is interpreted as the name of a UNIX command which is invoked and receives logging information on its standard input. .sp The third way is to use the .B syslog(3) service which is assumed for all other values. The option value is interpreted as the syslog facility while the severity is defined by the various messages themselves. .TP .B LogLevel Global context only. Defines the maximal level of logged messages. The levels are, in order of decreasing importance: .B FLT, ERR, WRN, INF, DBG .br The default level is .B INF. A .B LogLevel set to .B WRN causes, that only messages with levels .B FLT, ERR, WRN will be logged. .TP .B MaxClients Global context only. Defines the maximum number of clients the proxy will allow concurrently. The valid range for this option is 1 to 512, with a default of 64. See also .B MaxClientsMessage, MaxClientsString options. .TP .B MaxClientsMessage Global context only. Defines the name of a file that is displayed to clients if their maximum number defined with .B MaxClients has been exceeded. If no such file exists only the .B MaxClientsString is displayed, else both the file and the string are transmitted. After transmission the connection is terminated in any case. When sending the file, each line is prefixed with .B "'421-'" and variable substitution is applied to it. See also .B MaxClients, MaxClientsString options. .TP .B MaxClientsString Global context only. Defines a string that will be displayed to clients, prefixed with .B "'421 '" and variable substitution applied, if the maximum client number has been exceeded. The default is .B "'Service not available'". See also .B MaxClients, MaxClientsMessage options. .TP .B MaxRecvBufSize Global context only. Defines the maximum number of bytes read from socket at once while data transfers. Default is to read all data as reported by the kernel. .br It may be useful to set a limit (i.e. to 8192), if your proxy machine uses two interfaces of different speed, i.e. the clients are accessing the proxy via a high-speed interface (i.e. Fast-Ethernet) and the proxy is accessing servers using a slower one (i.e. modem, ISDN link) and your ftp-clients aborts the data transfers because of a timeout. .TP .B PassiveMaxDataPort Both user and global context. Defines the maximum local port number used when listening for the client's data connection. This is the port number transmitted to the client in a .B 227 response to the .B PASV command. If either minimum or maximum value is not given, the program defaults to let the system choose an arbitrary ephemeral port. See also .B PassiveMinDataPort option. .TP .B PassiveMinDataPort Both user and global context. Defines the minimum local port number used when listening for the client's data connection. See also .B PassiveMaxDataPort option. .TP .B PidFile Global context only. Defines the name of a process ID file where FTP-Proxy will store its process ID if running as daemon. The file contents will be an ASCII string with a trailing newline. On many operating systems such PID files will be located in the .B "/var/run" directory. .TP .B Port Global context only. Defines the listening port where the FTP-Proxy offers its service. The port can be given as a number or as a string suitable for retrieval by the .B getservbyname(3) function. It defaults to port 21, the .B ftp port as per .B RFC 959. See also .B Listen option. .TP .B PortResetsPasv Global context only. Defines the action that is taken when a .B PORT command is received while a passive port is open for listening. If the option is set to .B yes, true, or .B on, (which is also the default) the socket will be closed and the passive mode will be terminated (set to active-ftp). Setting the option to .B no, false, or .B off does not cancel the listen. This flag seems necessary because the RFC is not really clear enough about the correct handling. .TP .B SameAddress Both user and global context. Defines a boolean value which determines if the proxy is allowed to be included in so-called third party server to server transfers. In this situation the client first sends a .B PASV command to one server, then a .B PORT command with the response code to the second server, and then initiates the transfer with mutual transfer commands on the two servers. Specifying this option as .B no, false, or .B off allows FTP-Proxy to take part in such a transfer, while saying .B yes, true, or .B on (the default) will enforce that transfers can only take place to/from the client itself. .TP .B ServerRoot Defines the directory into which the FTP-Proxy performs a .B chroot(2) in order to increase its security level. See also the .B User and .B Group options. .sp Note, that you have to copy needed libraries, configuration files, etc into this directory first! .TP .B ServerType Global context only. Defines the mode in which the FTP-Proxy is running if no command line switch .B "(-d/-i)" has been provided. The option value can either be .B inetd in which case the proxy expects the client to be available at standard input and output, or it can be .B standalone which means the process will become a daemon, open the listening port and fork child processes for all future connections. The child processes themselves will behave exactly as if they were started from inetd. .TP .B SockBindRand Global context only. Defines a flag that when set to .B yes, true, or .B on , causes the proxy to use a random port in the specified range via DestinationMinPort/MaxPort, ActiveMinPort/MaxDataPort, PassiveMinDataPort/MaxDataPort instead of increment the port number inside of this range. See also .B DestinationMinPort, DestinationMaxPort, PassiveMinDataPort, .B PassiveMaxDataPort, ActiveMinPort, ActiveMaxPort options. .TP .B TCPWrapper Global context only. Defines a boolean value which is evaluated by the FTP-Proxy running as a standalone daemon only. Saying .B yes, true, or .B on activate the .B TCP Wrapper library, whereas .B no, false, or .B off (the default) disable the function. See also .B TCPWrapperName option. .TP .B TCPWrapperName Global context only. Use given .B name for TCP-Wrapper checks instead of the program name (argv[0]). See also .B TCPWrapper option. .TP .B TimeOut Both user and global context. Defines the time in seconds after which a client is assumed to be disconnected. If no activity is detected from the client after this time, the connection is closed and the process terminates. Default value is 900 seconds. .TP .B TranslatedAddress Global context only. Defines an IP address the server will use in .B 227 replies to .B PASV commands instead of its own address. Usually the address where the client connected to is taken, but this may not be appropriate in situations where an NAT (Network Address Translation) device is located in the way from the client to the proxy. In this situation the response can be changed to include the input address of the NAT device. .sp The value for this option can be given as a DNS host name, as a dotted decimal IP address, or as a file name. The latter is assumed when the name starts with a slash. The file is opened and scanned for the desired address. Blank lines or lines starting with '#' are ignored. Reading the address from a file may be useful for environments with masquerading and dynamic PPP connections. .TP .B User Global context only. Defines the UNIX style user ID which is given to the process before it serves clients. Default is to keep the current real user ID. .sp If the proxy does not run as a privileged user (root, user ID 0), it has no permission to bind a socket to port < 1024 or to preform a .B chroot(2) call. See also .B ActiveMinDataPort, ActiveMaxDataPort, ServerRoot options. .br .TP .B UserMagicChar or UseMagicChar Global context only. Defines the character to use as separator between user and host[:port] in the target setting of .B AllowMagicUser Default is the '@' character. This allows you to use E-Mail addresses as usernames for login to the ftp server (i.e. me@mydomain%ftp.server:21 if you set it to %). .TP .B UserAuthMagic Global context only. This is an authentication extension like AllowMagicUser, allowing encoding of additional username and password in the USER and PASS commands for authentication. Valid values are .B @auth for ftpuser@authuser[@host:port] and ftppass@authpass or .B auth@ for authuser@[ftpuser@host:port] and authpass@ftppass. See also .B LDAPBindDN, LDAPAuthType and .B AllowMagicUser. .TP .B UserAuthType Global context only. Defines the authentication mechanism the proxy should use. Currently "ldap" is implemented to support simple LDAP authentication using FTP username and password from USER and PASS commands or the special authuser and authpass encoded using .B UserAuthMagic. See also .B LDAPBindDN, LDAPAuthDN, LDAPAuthPWAttr, LDAPAuthPWType, .B LDAPAuthOKFlag and .B UserAuthMagic options. .TP .B UserNameRule Global context only. Defines a regular expression rule for validation of the user name (used for profile-setup and authentication purposes). Defaults to: .sp .B "^[[:alnum:]]+([%20@/\\\\._-][[:alnum:]]+)*$" .sp It checks, if the first character is alphanumeric, optionally followed by @/_-. or alphanumeric characters and ending with an alphanumeric one. .sp This matches the usual cases inclusive E-Mail adresses and "domain/user" names. .sp If regex support is not avaliable, above default rule is still used and the option ignored. See also .B ValidCommands option for regex encoding description. .TP .B ValidCommands Both user and global context. Defines the list of allowed FTP commands for the client. If this option is not installed, there will be no restriction on the allowed commands. But if it is given, then all commands not on this list will be denied. The list is space separated and may consist of the following commands: .B USER, PASS, ACCT, CWD, CDUP, SMNT, QUIT, REIN, PORT, PASV, .B TYPE, STRU, MODE, RETR, STOR, STOU, APPE, ALLO, REST, RNFR, .B RNTO, ABOR, DELE, RMD, MKD, PWD, LIST, NLST, SITE, SYST, .B STAT, HELP, NOOP, SIZE, MDTM, MLFL, MAIL, MSND, MSOM, MSAM, .B MRSQ, MRCP, XCWD, XMKD, XRMD, XPWD, XCUP, AUTH, APSV, EPRT, and .B EPSV. .sp Each command can be followed by an optional equals sign and .B POSIX 1003.2 Extended Regular Expression (RE) that describes the valid argument(s) for the command. If the whole string is to be matched, the pattern has to start with a caret (^) and end with a dollar ($). If no pattern follows a command, its arguments are not checked. An example for a name would be the pattern .B "'^[a-zA-Z0-9]{1,512}$'" for an argument that is mandatory and may consist of up to 512 letters or digits only. A command that does not allow any arguments can also easily be represented: .B "'QUIT=^$'". .sp Please note that the regular expression is "pre-processed". This means that a pattern in the form %xx will be interpreted as a hexadecimal constant and will be replaced by the value of that constant. This looks a bit like HTML and helps to include characters that might not be handled as expected, like %20 for space or %5c (equivalent to %5C) for backslash. The space is especially important because it is the separator for the commands within the list itself. .sp Please note also that regular expression support must have been enabled with the .B "--with-regex" switch during the .B configure compilation step of the whole package. .TP .B WelcomeMessage Global context only. Defines the name of a file that will be displayed to all clients as the first action when they open the control connection. Each line is prefixed with .B "'220-'" and variable substitution is applied to it. If no such file exists it is silently ignored. See also .B WelcomeString option. .TP .B WelcomeString Global context only. Defines the string that is sent to the client in order to start login negotiation. The string is prefixed with .B "'220 '" and variable substitution is applied to it. If this option is not given it defaults to the following string: .br .B "'%h FTP server (%v - %b) ready'." .br See also .B WelcomeMessage option. .SH FILES @SYSCONFDIR@/proxy-suite/ftp-proxy.conf .br @SBINDIR@/ftp-proxy .SH "SEE ALSO" ftp-proxy(8) .sp The .B SuSE Proxy-Suite documentation included in the .B doc subdirectory of the package. .SH AUTHORS Jens-Gero Boehm .br Pieter Hollants .br Volker Wiegand .br Marius Tomaschewski .SH COPYRIGHT The .B SuSE Proxy-Suite is released under the .br .B GNU General Public License (GPL). .\" ########################################################### .\" $Log: ftp-proxy.conf.5.in,v $ .\" Revision 1.8.2.3 2005/01/11 13:00:01 mt .\" fixed default UserNameRule regexp rejecting user .\" names where the 3. character is not alphanumeric .\" .\" Revision 1.8.2.2 2004/03/22 12:38:12 mt .\" added UserNameRule option allowing a regex .\" override of the builtin user name checks .\" .\" Revision 1.8.2.1 2003/05/07 11:08:24 mt .\" added LDAPVersion and ForceMagicUser variables description .\" .\" Revision 1.8 2002/05/02 13:23:18 mt .\" documented user auth related variables .\" .\" Revision 1.7 2002/01/14 19:17:30 mt .\" actualized descriptions, added new LogLevel .\" TCPWrapperName MaxRecvBufSize options .\" .\" Revision 1.6 2001/11/06 23:04:44 mt .\" applied / merged with transparent proxy patches v8 .\" see ftp-proxy/NEWS for more detailed release news .\" .\" Revision 1.5 1999/09/30 09:48:57 wiegand .\" added dynamic TranslatedAddress via file .\" .\" Revision 1.4 1999/09/24 17:08:58 wiegand .\" very minor text corrections .\" .\" Revision 1.3 1999/09/24 06:39:43 wiegand .\" added regular expressions for all commands .\" removed character map and length of paths .\" added flag to reset PASV on every PORT .\" added "magic" user with built-in destination .\" added some argument pointer fortification .\" .\" Revision 1.2 1999/09/21 07:15:15 wiegand .\" corrected some minor mistakes .\" .\" Revision 1.1 1999/09/20 11:02:06 wiegand .\" initial checkin .\" .\" ########################################################### proxy-suite-1.9.2.4/ftp-proxy/ftp-proxy.conf.sample0000644000000000000000000003753510170746721022224 0ustar rootroot00000000000000##################################################################### # # $Id: ftp-proxy.conf.sample,v 1.6.2.4 2005/01/11 13:00:01 mt Exp $ # # Sample FTP Proxy Configuration File # # For more information, see ftp-proxy.conf(5) manual page. # # The general format is "Keyword Value". # # Any white space at the beginning or end of a line and after # the Keyword is ignored. Lines can be continued with '\'. # Case is *NOT* sensitive, so "user" is "User" is "USER". # # Several variables can also be assigned to a client's user name. # User specific sections are introduced by a '[username]' line. # The variables are: TimeOut, ValidCommands, SameAddress, # ActiveMinDataPort, ActiveMaxDataPort, # PassiveMinDataPort, PassiveMaxDataPort, # DestinationAddress, DestinationPort, # DestinationMinPort, DestinationMaxPort, # DestinationTransferMode # These variables can also be obtained from an LDAP server, in # which case the values from this file are not evaluated any # more. # ##################################################################### # # The start of the file is implicitly the [-Global-] section. # [-Global-] # # The following entries select a port range for client DTP # ports in active mode, i.e. when the client sends a PORT # command. The default is port 20 as per RFC 959, if the # proxy is running as root (user ID 0) or a random port. # # ActiveMinDataPort 40000 # ActiveMaxDataPort 40999 # # The follwing flag is especially useful for outbound FTP # traffic. It allows to put some "magic" in the USER name. # If set, it enables the USER name to contain the target # server in the form "user[@host[:port]]" and overrides # the DestinationAddress (and DestinationPort) below. # See also ForceMagicUser option. # # AllowMagicUser no # # The follwing setting allows you to configure a so called # transparent proxy for outgoing ftp. To get it working you # also have to redirect client requests on a gateway or # firewall host (i.e. via ipchains) to the ftp-proxy. # You can combine this with the AllowMagicUser flag. # # AllowTransProxy no # # This message prevents any login if a file with the given # name exists. Instead the contents of the file will be sent # to the client and the connection closed. Lines are prefixed # with "421-". If no such file exists, the mechanism is not # triggered and DenyString (s.b.) is ignored altogether. # # DenyMessage /etc/proxy-suite/ftp-deny.txt # # If a DenyMessage file exists, the deny mechanism will be # activated in any case. If a DenyString exists, it will be # sent (with escape sequences) as the last line (with a 421 # reply code), else the standard message # "Service not available" will be displayed. # # DenyString Service out of order # # Where to redirect incoming FTP traffic. This destination # will be used if a client has not set its own target. # WARNING: ftp-proxy will refuse to run if this directive # is not set and transparent proxying not enables (see also # AllowTransProxy). # # DestinationAddress server.domain.tld # # (Local) port range for all connections to the server. The # default is to let the proxy select any ephemeral port. # # DestinationMinPort 42900 # DestinationMaxPort 42999 # # This is the port corresponding to DestinationAddress. It # defaults to 21, the standard FTP port. # # DestinationPort 21 # # Specify the FTP transfer mode to be used from the proxy to # the server. TransferMode can be active, passive, or client. # The default is "client" which means to use the same as the # client. # # DestinationTransferMode client # DestinationTransferMode passive # DestinationTransferMode active # # Defines the action that is taken when a data transfer command # is failed on the server side. If set to "yes", the client # socket will be reset after a command is failed and the transfer # mode reset to the default (active ftp). # This option is a workarround for Netscape (4.x) clients, that # sends a second data transfer command if the first is failed # while "user click" on a symbolic link pointing to a directory. # # FailResetsPasv no # # Same as AllowMagicUser, but makes the host and port portion # mandatory. # # ForceMagicUser no # # Limits the number of incoming client connections per minute # in daemon mode - it defaults to 40 connections per minute. # # ForkLimit 40 # # If given, change GID to give up root privileges. In POSIX # environments this changes all group ID's. # # Group nogroup # Group nobody # # Defines a different base distinguished name that is used # when accessing an LDAP directory for user authentication # purposes. Defaults to LDAPBaseDN. # # LDAPAuthDN dc=domain,dc=tld # # Defines an attribute and its value as 'attr=value' string, # that will be checked while user authentication. # # LDAPAuthOKFlag allowedService=FTPProxy # # Defines the LDAP password attribute name used for user # authentication. Defaults to an empty string - password # authentication disabled. # #LDAPAuthPWAttr userPassword # # Defines password type used in LDAP followed by the minimal # allowed password length (default is 5). Valid values are: # plain, crypt, {crypt} # optionally followed by one number 0-9, i.e. {crypt}7, # plain9 or plain. Defaults to plain (length is 5). # #LDAPAuthPWType plain # # When accessing the LDAP directory, a search base can be # handed to the search functions. We strongly recommend to # do so. This is the "root" of the relevant search tree. # # LDAPBaseDN dc=domain,dc=tld # # Use distinguished name to (simple) bind to the directory # service. If not set, an annonymous bind is used. # If (exactly one) %s is used, the name will be replaced # by the auth name while user authentication or the FTP # user name. # # LDAPBindDN uid=%s,dc=domain,dc=tld # LDAPBindDN uid=ftp-proxy,dc=domain,dc=tld # # Use credential (password) to bind to the directory service # using distinguished name given with LDAPBindDN. # # LDAPBindPW aPassword # # The next thing to decide when using LDAP is the attribute # used as the main identificator. Some administrators will # use the CN (Common Name) attribute, and this is also the # default, but it can be any legal identifier. # # LDAPIdentifier LoginName # # Additionally, an LDAP ObjectClass should be defined for # the FTP User(s). This will be especially useful if the # user entries are located inside a mixed LDAP hierarchy. # If an ObjectClass is given, the search is executed as: # "(&(ObjectClass=)(CN=))", else it will # just be based upon CN (the Common Name) or whatever has # been assigned to LDAPIdentifier above. # # LDAPObjectClass FTPProxyUser # # Access information based upon users can also be obtained # dynamically from an LDAP directory. This works only if the # program was compiled with LDAP support. Both the University # of Michigan and the Netscape LDAP API are supported. # # LDAPServer ldap.domain.tld[:port] # # Set to listen on a specific interface (0.0.0.0 means all # and is also the default). Address can be given as dotted # decimal IP address or DNS host name. # # Listen 0.0.0.0 # # Determine where to send logging information. If the value # starts with a '/' it is assumed to be a file. If it starts # with a '|' it is assumed to be a program which will be # popen()-ed. Anything else is assumed to be a facility for # syslog(). See ftp-proxy.conf(5) and the "SYSLOG" file for # severity handling. # # LogDestination daemon # LogDestination /var/log/ftp-proxy.log # LogDestination |/usr/bin/rotatelogs /var/log/ftp-proxy.log # # Defines the maximal level of logged messages. The levels # are, in order of decreasing importance: # FLT, ERR, WRN, INF, DBG # The default level is INF. A LogLevel set to WRN causes, # that only messages of levels FLT, ERR, WRN will be logged. # # LogLevel INF # # Maximum number of concurrent clients if running as daemon. # # MaxClients 64 # # This message (or rather the contents of a file with this # name) will be issued when MaxClients is exceeded, each # line prefixed with "421-". If no such file exists, only # the MaxClientsString below will be displayed. # # MaxClientsMessage /etc/proxy-suite/ftp-maxclients.txt # # This string (with a default of "Service not available" will # be displayed, if the configured maximum number of concurrent # clients has been reached. It is prefixed with '421 '. # # MaxClientsString The server is full # # Defines the maximum number of bytes read from socket at once # while data transfers. Default is to read all data as reported # by the kernel. # It may be usefull to set a limit (i.e. to 8192), if your proxy # machine uses two interfaces of different speed, i.e. the clients # are accessing the proxy via a high-speed interface (i.e. # FastEthernet) and the proxy is accessing servers using a slower # one (i.e. modem, ISDN link) and your ftp-clients aborts the data # transfers because of a timeout. # # MaxRecvBufSize 0 # # The following entries select a port range for client DTP # ports in passive mode, i.e. when the client sends a PASV. # If no port range is given, no bind is performed, in which # case the proxy lets the machine select an ephemeral port. # # PassiveMinDataPort 41000 # PassiveMaxDataPort 41999 # # Write an ASCII file with the Program ID if given. Only valid # if running as daemon, in which case the daemon itself uses it. # # PidFile /var/run/ftp-proxy.pid # # Port to listen on (for the SERVER-PI). Default is "ftp". # Can be given as TCP service name or as a plain number. # # Port ftp # # The following flag specifies the action when a PORT command # is received while a PASV listening socket is outstanding. # The RFC is not really clear about the "correct" behaviour, # but since most existing implementations seem to reset the # listener, we do the same by default. Nevertheless they all # may be ... inaccurate. # # PortResetsPasv yes # # Shall we allow data connections only from the same host where # the control connection originated from? Default is yes. If # you say no here, the proxy is able to take part in so called # third party server to server transfers. # # SameAddress yes # # If given, chroot() to this directory after initializing. # # Note, that you have to create the /dev/null device and copy # all needed libraries, configuration files, ... into this # directory first! # # ServerRoot /var/lib/ftp-proxy/rundir # # Determine whether to run as daemon or in inetd mode. This can # be overridden by -d/-i command line switch. Default is inetd. # # ServerType inetd # ServerType standalone # # Enable this flag if you want to use a random port in # the specified range with PassiveMinDataPort/MaxDataPort, # DestinationMinPort/MaxPort, ActiveMinPort/MaxDataPort # instead of incrementing the port number. # # SockBindRand no # # Shall we use the TCP Wrapper Library when running as daemon? # "on", "yes", "true" or a non-zero number means yes, anything # else no. Default no. Only applicable when running as daemon. # Note that TCP Wrapper support must be compiled in for this to # work. # # TCPWrapper yes # # Defines the name to use for TCPWrapper checks. Default is # to use the base name of the ftp-proxy binary (ftp-proxy). # # TCPWrapperName ftp-proxy # If a client has no activity for this many seconds, it is # regarded to be dead and the connection will be terminated. # Default is 900 seconds, i.e. 15 minutes. # # TimeOut 900 # # If the proxy server needs to advertise itself (in outgoing # responses to the ftp-server, like answers to PASV commands) # with a different address than it actually has, the following # option can be used. Relevant e.g. when using a NAT device # in the path. # # TranslatedAddress 0.0.0.0 # # If given, change UID to give up root privileges. In POSIX # environments this changes all user ID's. # If set, the proxy will use non-privileged ports (>1024) for # active mode ftp transfers - see also ActiveMin/MaxDataPort. # # User nobody # User ftpproxy # # Defines the mechanism, the proxy should use to authenticate # users - currently "ldap" is implemented. # # UserAuthType ldap # # Defines if additional and the order of user authentication # name and password should be encoded in FTP USER and PASS # commands, as supported by some ftp-client's (i.e. @auth by # NcFTP). Valid settings are: # # @auth for ftpuser@authuser[@host:port] # auth@ for authuser@[ftpuser@host:port] # # UserAuthMagic @auth # # Defines the character to use as separator between user # and host[:port] in the target setting of AllowMagicUser # Default is the '@' character. This allows you to use # E-Mail addresses as usernames for login to the ftp server # (i.e. me@mydomain%ftp.server:21 if you set it to %). # # UseMagicChar % # UserMagicChar % # # Allows to define a regular expression rule for validation # of the user name. The default setting matches the usual # cases inclusive E-Mail adresses and "domain/user" names: # # UserNameRule ^[[:alnum:]]+([%20@/\._-][[:alnum:]]+)*$ # # List of FTP commands that will be allowed from a client. # All commands not on this list will be rejected. If no list # exists, then all commands will be allowed. # Each command can be followed by an optional equals sign # and regular expression (POSIX 1003.2) to restrict legal # argument(s) syntax. In order to avoid confusing the # configuration reading functions, the expression is "pre- # processed." This means that a sequence like "%20" will be # replaced by a space and "%5c" or "%5C" by a backslash # before being compiled. In fact, this looks a bit like the # HTML way of doing things. The percent sign itself is # represented by "%25" of course. The pattern is interpreted # as a POSIX 1003.2 RE (with REG_NEWLINE flag set), and is # case sensitive. In any case, this works only if compiled # with regular expression support compiled into the program. # # ValidCommands ABOR, PASS, PASV, STOR, USER, \ # MODE, QUIT, SYST # # This file will be presented to all clients immediately after # the connection has been established. Each line is prefixed # with "220-". The whole message is followed by a standard # "220 FTP server () ready" or whatever has # been substituted with WelcomeString below. Escape sequences # (like %h for hostname; see ftp-proxy.conf(5)) are active. # # WelcomeMessage /etc/proxy-suite/ftp-welcome.txt # # If we wanted to disguise as some known other FTP server we # could use the following option. It replaces the standard # " FTP server () ready" in the initial 220 # message. As with all Messages and Strings, various escape # sequences are available. # # WelcomeString Welcome to %h ############################################################ # $Log: ftp-proxy.conf.sample,v $ # Revision 1.6.2.4 2005/01/11 13:00:01 mt # fixed default UserNameRule regexp rejecting user # names where the 3. character is not alphanumeric # # Revision 1.6.2.3 2004/03/30 12:04:16 mt # - changed awk,grep,logger paths to /bin and ServerRoot # to /var/lib/ftp-proxy/rundir (/var/ftp-proxy/rundir) # in rc-script and config samples # # Revision 1.6.2.2 2004/03/22 12:38:12 mt # added UserNameRule option allowing a regex # override of the builtin user name checks # # Revision 1.6.2.1 2003/05/07 11:07:49 mt # added ForceMagicUser variable # # Revision 1.6 2002/05/02 13:44:52 mt # added documented user auth related variables # # Revision 1.5 2002/01/14 19:15:01 mt # actualized, added LogLevel TCPWrapperName MaxRecvBufSize options # # Revision 1.4 2001/11/06 23:04:44 mt # applied / merged with transparent proxy patches v8 # see ftp-proxy/NEWS for more detailed release news # # Revision 1.3 1999/09/24 06:39:43 wiegand # added regular expressions for all commands # removed character map and length of paths # added flag to reset PASV on every PORT # added "magic" user with built-in destination # added some argument pointer fortification # # Revision 1.2 1999/09/17 11:04:02 wiegand # added path name restriction options # # Revision 1.1 1999/09/16 07:53:54 wiegand # initial checkin # ############################################################ proxy-suite-1.9.2.4/ftp-proxy/proc_ftp.c0000644000000000000000000002426707420626303020100 0ustar rootroot00000000000000/* * $Id: proc_ftp.c,v 1.2 2002/01/14 19:08:51 mt Exp $ * * /proc/net/ftp_proxy interface * * Author(s): Jens-Gero Boehm * Pieter Hollants * Marius Tomaschewski * Volker Wiegand * * This file is part of the SuSE Proxy Suite * See also http://proxy-suite.suse.de/ * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version * 2 of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 02111-1307, USA. * * A history log can be found at the end of this file. */ #ifndef lint static char rcsid[] = "$Id: proc_ftp.c,v 1.2 2002/01/14 19:08:51 mt Exp $"; #endif #include #if !defined(__KERNEL__) # define __KERNEL__ #endif #define _LOOSE_KERNEL_NAMES #include #include #include #include #include #include #include #include #if !defined(VERSION_CODE) # define VERSION_CODE(v,r,s) (((v) << 16) + ((r) << 8) + (s)) #endif #if LINUX_VERSION_CODE >= VERSION_CODE(2,1,0) # include #else # define copy_from_user memcpy_fromfs # define copy_to_user memcpy_tofs # define proc_register proc_register_dynamic # define access_ok !verify_area #endif #define DIMOF(a) (sizeof(a) / sizeof(a[0])) #define C_STRLEN(s) (DIMOF(s) - 1) /* Subtract 1 for NULL byte */ #define PROC_NAME(s) C_STRLEN(s), s #if !defined(MODULE) # define MODULE #endif #include /* ------------------------------------------------------------ */ #if LINUX_VERSION_CODE >= VERSION_CODE(2,1,0) static ssize_t proc_ftp_read(struct file *file, char *buf, size_t count, loff_t *ppos); static ssize_t proc_ftp_write(struct file *file, const char *buf, size_t count, loff_t *ppos); #else static int proc_ftp_read(struct inode *inode, struct file *file, char *buf, int count); static int proc_ftp_write(struct inode *inode, struct file *file, const char *buf, int count); #endif /* ------------------------------------------------------------ */ #define MAX_LINE 4096 /* input line length */ #define MAX_ARGS 128 /* maximum number of arguments */ typedef struct { char *arg; /* name of an argument */ char *val; /* value assigned to argument */ } AVPAIR; #if 0 typedef struct { char addr[20]; /* address in dotted decimal */ char user[10]; /* user name */ time_t when; /* time when access started */ pid_t pid; /* process id */ long cnt_get; /* number of bytes received */ long cnt_put; /* number of bytes written */ } CLIENT; static CLIENT clients[1024]; /* give a reasonable limit */ #endif /* ------------------------------------------------------------ */ static inline int mystrcmp(const char * s1, const char * s2) { if (s1 == NULL || s2 == NULL) return 0; /* Hmmm, what should it actually be? */ while (*s1 != '\0' && *s1 == *s2) { s1++; s2++; } return (((int) *s1) - ((int) *s2)); } /* ------------------------------------------------------------ */ static struct file_operations proc_ftp_operations = { NULL, /* (l)lseek */ proc_ftp_read, /* read */ proc_ftp_write, /* write - update configuration */ NULL, /* readdir */ NULL, /* select/poll */ NULL, /* ioctl */ NULL, /* mmap */ NULL, /* open */ NULL, /* flush */ NULL, /* release */ NULL, /* fsync */ NULL, /* fasync */ NULL, /* check_media_change */ NULL, /* revalidate */ NULL, /* lock */ }; static struct inode_operations proc_ftp_inode_operations = { &proc_ftp_operations, /* file-ops */ NULL, /* create */ NULL, /* lookup */ NULL, /* link */ NULL, /* unlink */ NULL, /* symlink */ NULL, /* mkdir */ NULL, /* rmdir */ NULL, /* mknod */ NULL, /* rename */ NULL, /* readlink */ NULL, /* follow_link */ NULL, /* readpage */ NULL, /* writepage */ NULL, /* bmap */ NULL, /* truncate */ NULL, /* permission */ NULL, /* smap */ NULL, /* updatepage */ NULL, /* revalidate */ }; static struct proc_dir_entry proc_ftp = { 0, PROC_NAME("ftp_proxy"), /* inode, name */ S_IFREG | S_IRUSR | S_IWUSR, 1, 0, 0, /* mode, nlink, uid, gid */ 0, &proc_ftp_inode_operations, /* size, ops */ NULL, NULL, /* get_info, fill_inode */ NULL, /* next */ NULL, NULL, /* parent, subdir */ NULL, /* data */ NULL, NULL, /* read_proc, write_proc */ NULL, /* readlink_proc */ 0, 0, /* count, deleted */ }; /* ------------------------------------------------------------ ** ** ** Function......: proc_ftp_read ** ** Parameters....: ... ** ** Return........: number of bytes successfully read ** ** Purpose.......: Read ftp-proxy status file. ** ** ------------------------------------------------------------ */ #if LINUX_VERSION_CODE >= VERSION_CODE(2,1,0) static ssize_t proc_ftp_read(struct file *file, char *buf, size_t count, loff_t *ppos) #else static int proc_ftp_read(struct inode *inode, struct file *file, char *buf, int count) #endif { #if LINUX_VERSION_CODE >= VERSION_CODE(2,1,0) ppos = ppos; /* calm down picky compilers */ #else inode = inode; /* calm down picky compilers */ #endif file = file; /* calm down picky compilers */ /* TODO: auslesen der informationen aus dem array ... */ buf = buf; count = count; return 0; } /* ------------------------------------------------------------ ** ** ** Function......: proc_ftp_write ** ** Parameters....: ... ** ** Return........: number of bytes successfully written ** ** Purpose.......: Write (update) ftp-proxy status file ** ** ------------------------------------------------------------ */ #if LINUX_VERSION_CODE >= VERSION_CODE(2,1,0) static ssize_t proc_ftp_write(struct file *file, const char *buf, size_t count, loff_t *ppos) #else static int proc_ftp_write(struct inode *inode, struct file *file, const char *buf, int count) #endif { char line[MAX_LINE], *p, *cmd, *typ; AVPAIR avlist[MAX_ARGS], *avptr; int argc, i; if (count >= sizeof(line)) return -E2BIG; if (count <= 0) return count; #if LINUX_VERSION_CODE >= VERSION_CODE(2,1,0) if (copy_from_user(line, buf, count)) return -EFAULT; ppos = ppos; /* calm down picky compilers */ #else memcpy_fromfs(line, buf, count); #endif file = file; /* calm down picky compilers */ line[count] = '\0'; cmd = typ = NULL; for (p = line, argc = 0, avptr = avlist; *p; ) { while (*p == ' ' || *p == '\t' || *p == '\n' || *p == '\r') p++; /* skip white space */ if (*p == '\0') break; avptr->arg = p; /* found an argument */ while (*p != '\0' && *p != '=' && *p != ' ' && *p != '\t' && *p != '\n' && *p != '\r') p++; if (*p == '=') { *p++ = '\0'; /* now get the value */ avptr->val = p; /* found arg's value */ /* TODO: allow quoted strings */ while (*p != '\0' && *p != ' ' && *p != '\t' && *p != '\n' && *p != '\r') p++; } else avptr->val = NULL; if (*p != '\0') *p++ = '\0'; /* terminate arg/val */ /* ** The following pair is most interesting */ if (mystrcmp(avptr->arg, "cmd") == 0) cmd = avptr->val; avptr++; if (++argc >= MAX_ARGS) break; /* rude overflow check */ } if (argc < 1) return 0; for (i = 0, avptr = avlist; i < argc; i++, avptr++) { printk("ftp-proxy: %2d: '%s'='%s'\n", i + 1, avptr->arg, avptr->val ? avptr->val : "(nil)"); } #if 0 /* ** TODO: Now for the real work ... */ if (mystrcmp(argv[0], "add") == 0) { i = proc_ftp_add(--argc, &argv[1], &valp[1]); return ((i < 0) ? i : count); } if (mystrcmp(argv[0], "del") == 0) { i = proc_ftp_del(--argc, &argv[1], &valp[1]); return ((i < 0) ? i : count); } if (mystrcmp(argv[0], "upd") == 0) { i = proc_ftp_upd(--argc, &argv[1], &valp[1]); return ((i < 0) ? i : count); } /* add more basic commands here if you like ... */ #endif printk("ftp-proxy: unknown cmd '%s'\n", cmd ? cmd : "(null)"); return -EINVAL; } /* ------------------------------------------------------------ ** ** ** Function......: init_module ** ** Parameters....: (none) ** ** Return........: 0=success, else negative error code ** ** Purpose.......: General Module initialization code. ** ** ------------------------------------------------------------ */ int init_module(void) { struct proc_dir_entry *dir, *dp; int rc; printk("installing /proc/net/ftp-proxy interface\n"); /* ** First, verify that /proc/net is available */ for (dir = proc_root.subdir; dir; dir = dir->next) { if (mystrcmp(dir->name, "net") == 0) break; } if (dir == NULL) return -ENOENT; /* ** Then, see if the file is already there */ for (dp = dir->subdir; dp; dp = dp->next) { if (mystrcmp(dp->name, "ftp_proxy") == 0) return 0; } /* ** Let's go and install the file */ if ((rc = proc_register(dir, &proc_ftp)) == 0) return 0; printk(KERN_ALERT "unable to install /proc/net/ftp-proxy\n"); return rc; } /* ------------------------------------------------------------ ** ** ** Function......: cleanup_module ** ** Parameters....: (none) ** ** Return........: (none) ** ** Purpose.......: General Module termination code. ** ** ------------------------------------------------------------ */ void cleanup_module(void) { printk("removing /proc/net/ftp-proxy interface\n"); if (proc_ftp.parent) { proc_unregister(proc_ftp.parent, proc_ftp.low_ino); proc_ftp.parent = NULL; } } /* ------------------------------------------------------------ * $Log: proc_ftp.c,v $ * Revision 1.2 2002/01/14 19:08:51 mt * added _LOOSE_KERNEL_NAMES to avoid some warnings * * Revision 1.1 1999/09/15 14:06:22 wiegand * initial checkin * * ------------------------------------------------------------ */ proxy-suite-1.9.2.4/ftp-proxy/rc.config.suse7x0000644000000000000000000000032707420626362021144 0ustar rootroot00000000000000# # Set this to 'yes', if you want to start the FTP-Proxy # as Daemon instead via /etc/(x)inetd.conf. # # Don't forget to set 'ServerType' to 'standalone' in # /etc/proxy-suite/ftp-proxy.conf. # START_FTP_PROXY=no proxy-suite-1.9.2.4/ftp-proxy/rc.script.in0000644000000000000000000004143510170463552020354 0ustar rootroot00000000000000#! /bin/sh # # Copyright (c) 2000-2002 SuSE GmbH Nuernberg, Germany. All rights reserved. # # Author: Marius Tomaschewski , 2000-2002 # # $Id: rc.script.in,v 1.2.2.2 2004/03/30 12:04:16 mt Exp $ # # etc/init.d/ftp-proxy -- LSB compliant(?) run level script # # see also ftp-proxy(8) and ftp-proxy.conf(5) manual pages. # ### BEGIN INIT INFO # Provides: ftp-proxy # Required-Start: $network $remote_fs $syslog $named # Required-Stop: # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Description: starts SuSE ftp-proxy ### END INIT INFO # # Return values acc. to LSB for all commands but status: # 0 - success # 1 - generic or unspecified error # 2 - invalid or excess argument(s) # 3 - unimplemented feature (e.g. "reload") # 4 - insufficient privilege # 5 - program is not installed # 6 - program is not configured # 7 - program is not running # # Note that starting an already running service, stopping # or restarting a not-running service as well as the restart # with force-reload (in case signalling is not supported) are # considered a success. # # default values... # FTP_PROXY_CAPS="no" FTP_PROXY_NAME="ftp-proxy" FTP_PROXY_BIN="@SBINDIR@/${FTP_PROXY_NAME}" FTP_PROXY_CFG="@SYSCONFDIR@/proxy-suite/${FTP_PROXY_NAME}.conf" # # common utils... # ldd="/usr/bin/ldd" awk="/bin/awk" grep="/bin/grep" logger="/bin/logger" compartment="/usr/sbin/compartment" LOGGER="${logger} -i -t ${FTP_PROXY_NAME}-boot" LOG_INF="${LOGGER} -p info" LOG_ERR="${LOGGER} -p err" # # handle SuSE systems < 8.x # if [ -f /etc/SuSE-release ] ; then while read line ; do if [ -z "${line%VERSION*}" ] ; then case "${line#VERSION = }" in [5-7]*) # Source SuSE rc.config . /etc/rc.config # SuSE < 8.0 uses START variables base=${0##*/} link=${base#*[SK][0-9][0-9]} [ $link = $base ] && START_FTP_PROXY=yes [ "$START_FTP_PROXY" = yes ] || exit 0 ;; *) # SuSE >= 8.0 uses sysconfig/NAME [ -f /etc/sysconfig/clock ] && \ . /etc/sysconfig/clock [ -f /etc/sysconfig/${FTP_PROXY_NAME} ] && \ . /etc/sysconfig/${FTP_PROXY_NAME} ;; esac fi done < /etc/SuSE-release fi # else use defaults ... # LSB compliant helper shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status # rc_status check and set local and overall rc status # rc_status -v ditto but be verbose in local rc status # rc_status -v -r ditto and clear the local rc status # rc_failed set local and overall rc status to failed # rc_failed set local and overall rc status to # rc_reset clear local rc status (overall remains) # rc_exit exit appropriate to overall rc status # # I assume, the /etc/rc.status script is SuSE specific... # -> port this script or copy rc.status from SuSE system... # if [ -f /etc/rc.status ] ; then . /etc/rc.status else echo "$0: unable to find /etc/rc.status - you may port this script" 1>&2 exit 1 fi # # check if binary and config installed... # if [ ! -x "${FTP_PROXY_BIN}" ] ; then echo "$0: unable to find ftp-proxy binary: $FTP_PROXY_BIN" 1>&2 exit 5 fi if [ ! -f "${FTP_PROXY_CFG}" ] ; then echo "$0: unable to find ftp-proxy config: $FTP_PROXY_CFG" 1>&2 exit 6 fi # # check if we should use compartment # if [ "$FTP_PROXY_CAPS" = yes ] ; then [ -x "$compartment" ] || { echo "$0: unable to find compartment tool: $compartment" 1>&2 exit 5 } else compartment="" fi # # ftp-proxy.conf parsing function... # # remember: this script works case-sensitive, # the proxy-suite itself not... # read_config () { get_value () { key=${1} shift val=${@} echo "$key=\"$val\"" } if [ -n "$FTP_PROXY_CFG" ] && [ -f "$FTP_PROXY_CFG" ] ; then while read line ; do case "$line" in \#*|"") ;; AllowTransProxy*) eval $(get_value $line) # may be: yes, on, true, >0 case "${AllowTransProxy}" in [Yy]*|[Oo]*|[Tt]*|[1-9]*) AllowTransProxy="yes" ;; *) AllowTransProxy="no" ;; esac ;; LogDestination*) eval $(get_value $line) if [ "${LogDestination}" != ${LogDestination#|*} ] ; then echo "$0: unable to handle a pipe as LogDestination" 1>&2 return 1 fi ;; User*) eval $(get_value $line) ;; Group*) eval $(get_value $line) ;; PidFile*) eval $(get_value $line) ;; TCPWrapper*) eval $(get_value $line) ;; LDAPServer*) eval $(get_value $line) ;; ServerRoot*) eval $(get_value $line) ;; ServerType*) eval $(get_value $line) ;; DenyMessage*) eval $(get_value $line) ;; MaxClientsMessage*) eval $(get_value $line) ;; WelcomeMessage*) eval $(get_value $line) ;; *) ;; esac done < "$FTP_PROXY_CFG" return 0 else return 1 fi } mk_chroot () { dir_mode="-m0755" state_mode="0775" owner=${User:-root} group=${Group:-root} if [ -n "${ServerRoot}" ] ; then if [ ! -d "${ServerRoot}" ] ; then [ -e "${ServerRoot}" ] && rm -f "${ServerRoot}" $LOG_INF "creating missing ServerRoot directory '$ServerRoot'" mkdir -p $dir_mode "${ServerRoot}" || return 1 fi else $LOG_ERR "chroot directory not configured" return 1 fi cpifnewer () { for src in $1; do dst=$2/$(basename $src) if [ -e $src -a ! -f $src -a ! -L $src ]; then $LOG_INF "copying missing $dst" cp -fpR $src $dst || return 1 elif [ $src -nt $dst -o $src -ot $dst ]; then [ -e "$dst" ] && rm -f "$dst" $LOG_INF "updating $dst" cp -fp $src $dst || return 1 fi done return 0 } # # list of directories that should be writeable # STATE_DIR="" DIRS="dev etc lib usr/sbin usr/lib" # add config directory DIRS="$DIRS "$(dirname "$FTP_PROXY_CFG") # add message direcrories [ -n "$DenyMessage" ] && DIRS="$DIRS "$(dirname "$DenyMessage") [ -n "$WelcomeMessage" ] && DIRS="$DIRS "$(dirname "$WelcomeMessage") [ -n "$MaxClientsMessage" ] && DIRS="$DIRS "$(dirname "$MaxClientsMessage") # add Pid-Directory if [ -n "$PidFile" ] ; then dir=$(dirname "$PidFile") DIRS="$DIRS $dir" STATE_DIR="$STATE_DIR $dir" else DIRS="$DIRS var/run" STATE_DIR="$STATE_DIR var/run" fi # add Log-Directory if a log file is used... if [ -n "$LogDestination" ] && \ [ "${LogDestination}" != ${LogDestination#/*} ] ; then dir=$(dirname "$LogDestination") DIRS="$DIRS $dir" STATE_DIR="$STATE_DIR $dir" fi # ok, create the dirs [ -n "$DIRS" ] && for dir in $DIRS ; do [ -d "${ServerRoot}/${dir}" ] && continue [ -e "${ServerRoot}/${dir}" ] && rm -f "${ServerRoot}/${dir}" $LOG_INF "creating missing directory ${ServerRoot}/${dir}" mkdir -p $dir_mode "${ServerRoot}/${dir}" || return 1 done # make sure, state-dirs are writeable after cap's chroot [ -n "$STATE_DIR" ] && for dir in $STATE_DIR ; do chmod $state_mode "${ServerRoot}/${dir}" chown "$owner:$group" "${ServerRoot}/${dir}" done # create a null device if [ ! -c "${ServerRoot}/dev/null" ] ; then [ -e "${ServerRoot}/dev/null" ] && \ rm -f "${ServerRoot}/dev/null" $LOG_INF "creating missing device '${ServerRoot}/dev/null" cpifnewer /dev/null "${ServerRoot}/dev" || return 1 chmod 0666 "${ServerRoot}/dev/null" || return 1 fi # BSD: create ipnat/pf natlook device if needed if [ -n "$AllowTransProxy" ] && [ "$AllowTransProxy" = yes ] ; then if [ -c /dev/ipnat ] && [ ! -c "${ServerRoot}/dev/ipnat" ] ; then [ -e "${ServerRoot}/dev/ipnat" ] && \ rm -f "${ServerRoot}/dev/ipnat" $LOG_INF "creating missing device '${ServerRoot}/dev/ipnat" cpifnewer /dev/ipnat "${ServerRoot}/dev" || return 1 chmod 0440 "${ServerRoot}/dev/ipnat" || return 1 chown "$owner:$group" "${ServerRoot}/dev/ipnat" || return 1 fi if [ -c /dev/pf ] && [ ! -c "${ServerRoot}/dev/pf" ] ; then [ -e "${ServerRoot}/dev/pf" ] && \ rm -f "${ServerRoot}/dev/pf" $LOG_INF "creating missing device '${ServerRoot}/dev/pf" cpifnewer /dev/pf "${ServerRoot}/dev" || return 1 chmod 0440 "${ServerRoot}/dev/pf" || return 1 chown "$owner:$group" "${ServerRoot}/dev/pf" || return 1 fi fi # copy binaries BINS="$FTP_PROXY_BIN" [ -n "$BINS" ] && for bin in $BINS ; do if [ -n "$bin" ] && [ -x "$bin" ] ; then bdir=$(dirname $bin) if [ ! -d "${ServerRoot}/${bdir}" ] ; then [ -e "${ServerRoot}/${bdir}" ] && rm -f "${ServerRoot}/${bdir}" $LOG_INF "creating missing directory ${ServerRoot}/${bdir}" mkdir -p $dir_mode "${ServerRoot}/${bdir}" || return 1 fi cpifnewer "$bin" "${ServerRoot}/${bdir}" || return 1 # # copy all libs ldd says they are needed for the binary # LIB=$($ldd "$bin" 2> /dev/null | $grep -v "not "| $awk '{print$ 3}') for lib in $LIB ; do ldir=$(dirname $lib) if [ ! -d "${ServerRoot}/${ldir}" ] ; then [ -e "${ServerRoot}/${ldir}" ] && rm -f "${ServerRoot}/${ldir}" $LOG_INF "creating missing directory ${ServerRoot}/${ldir}" mkdir -p $dir_mode "${ServerRoot}/${ldir}" || return 1 fi cpifnewer "$lib" "${ServerRoot}/${ldir}" || return 1 done else $LOG_ERR "no such file or directory '$bin'" return 1 fi done # handle /etc/localtime link if [ -L /etc/localtime ]; then ZONEDIR="/usr/share/zoneinfo" ZONEDST="$ZONEDIR" [ -n "$TIMEZONE" ] || TIMEZONE=GMT if [ $(dirname "$TIMEZONE") != "." ] ; then ZONEDST="${ZONEDST}/"$(dirname "$TIMEZONE") fi [ -d "${ServerRoot}/${ZONEDST}" ] || \ mkdir -p $dir_mode "${ServerRoot}/${ZONEDST}" cpifnewer "${ZONEDIR}/${TIMEZONE}" "$ServerRoot/${ZONEDST}" ln -sf "../${ZONEDIR}/${TIMEZONE}" "${ServerRoot}/etc/localtime" else cpifnewer /etc/localtime "${ServerRoot}/etc" fi # copy proxy config if [ -f "$FTP_PROXY_CFG" ] ; then if [ -e "${ServerRoot}/${FTP_PROXY_CFG}" ] ; then rm -f "${ServerRoot}/${FTP_PROXY_CFG}" fi if [ -n "$compartment" ] ; then # # remove chroot-stuff compartment is used # while read line ; do case "$line" in \#*|"") ;; Group*) ;; User*) ;; ServerRoot*) ;; *) echo $line ;; esac done < "$FTP_PROXY_CFG" > "${ServerRoot}/${FTP_PROXY_CFG}" else cp -f "$FTP_PROXY_CFG" "${ServerRoot}/${FTP_PROXY_CFG}" fi fi if [ ! -f "${ServerRoot}/etc/ld.so.conf" ] ; then touch "${ServerRoot}/etc/ld.so.conf" fi CONF="/etc/host.conf /etc/resolv.conf /etc/hosts" CONF="$CONF /etc/services /etc/protocols" CONF="$CONF /etc/passwd /etc/group" [ -f /etc/nsswitch.conf ] && CONF="$CONF /etc/nsswitch.conf" if [ -n "$TCPWrapper" ] && [ "$TCPWrapper" = yes ] ; then CONF="$CONF /etc/hosts.allow /etc/hosts.deny" fi [ -n "$DenyMessage" ] && CONF="$CONF $DenyMessage" [ -n "$WelcomeMessage" ] && CONF="$CONF $WelcomeMessage" [ -n "$MaxClientsMessage" ] && CONF="$CONF $MaxClientsMessage" # copy/update (config) files [ -n "$CONF" ] && for cfg in $CONF ; do if [ -n "$cfg" ] && [ -f "$cfg" ] ; then cdir=$(dirname $cfg) if [ ! -d "${ServerRoot}/${cdir}" ] ; then [ -e "${ServerRoot}/${cdir}" ] && rm -f "${ServerRoot}/${cdir}" $LOG_INF "creating missing directory ${ServerRoot}/${cdir}" mkdir -p $dir_mode "${ServerRoot}/${cdir}" || return 1 fi cpifnewer "$cfg" "${ServerRoot}/${cdir}" || return 1 else $LOG_ERR "no such file or directory '$cfg'" return 1 fi done # copy/update nss libraries if [ -f /etc/nsswitch.conf ] ; then LIBS="/lib/libnss* /lib/libnsl* /lib/libresolv* /lib/libdb*" fi [ -n "$LIBS" ] && for lib in $LIBS ; do if [ -n "$lib" ] && [ -x "$lib" ] ; then ldir=$(dirname $lib) if [ ! -d "${ServerRoot}/${ldir}" ] ; then [ -e "${ServerRoot}/${ldir}" ] && rm -f "${ServerRoot}/${ldir}" $LOG_INF "creating missing directory ${ServerRoot}/${ldir}" mkdir -p $dir_mode "${ServerRoot}/${ldir}" || return 1 fi cpifnewer "$lib" "${ServerRoot}/${ldir}" || return 1 else $LOG_ERR "no such file or directory '$lib'" return 1 fi done # # rebuild /etc/ld.so.cache # ldconfig -X -r "${ServerRoot}" 2>&1 | $LOG_INF return 0 } # # mk_chroot call-helper # do_chroot () { # chroot is useless if daemon runs with UID 0... if [ -z "$User" ] ; then echo "$0: set the User variable in $FTP_PROXY_CFG" 1>&2 return 1 fi [ -x "$grep" -a -x "$logger" -a -x "$ldd" -a -x "$awk" ] || { echo "$0: unable to find all needed utilities" 1>&2 return 1 } # prepare/update chroot dir mk_chroot || return 1 # if syslog is used, a log socket should # be avaliable as ${ServerRoot}/dev/log if [ -n "${LogDestination}" ] && \ [ "${LogDestination}" = "${LogDestination#/*}" ] && \ [ ! -S "${ServerRoot}/dev/log" ] ; then echo "$0: add ${ServerRoot}/dev/log socket to syslog config" 2>&1 return 1 fi return 0 } # # initialize relevant config variables # User="" Group="" PidFile="" TCPWrapper="" LDAPServer="" ServerRoot="" ServerType="" LogDestination="" DenyMessage="" MaxClientsMessage="" WelcomeMessage="" # # read proxy configuration # read_config || exit 1 # reset status of this service rc_reset case "$1" in chroot) # prepare chroot... do_chroot || exit 1 ;; start) # check if daemon configured if [ "${ServerType}" != standalone ] ; then echo "$0: ServerType is not standalone in $FTP_PROXY_CFG" 1>&2 exit 1 fi # prepare/update chroot dir if used if [ -n "${ServerRoot}" ] ; then do_chroot || exit 1 fi if test -n "$compartment" ; then echo -n "Starting $FTP_PROXY_NAME (in ${ServerRoot})" [ -n $Group ] && chroot_group="--group $Group" PATH="/bin:/sbin:/usr/bin:/usr/sbin" \ $compartment --fork --cap CAP_NET_BIND_SERVICE \ --chroot "$ServerRoot" $chroot_group \ "${FTP_PROXY_BIN}" -f "${FTP_PROXY_CFG}" rc_status -v else if test -n "$ServerRoot" ; then echo -n "Starting $FTP_PROXY_NAME (in ${ServerRoot})" else echo -n "Starting $FTP_PROXY_NAME" fi startproc "$FTP_PROXY_BIN" -f "$FTP_PROXY_CFG" rc_status -v fi ;; stop) ## Stop the service echo -n "Shutting down $FTP_PROXY_NAME" [ -n "$compartment" -a -n "${ServerRoot}" ] || ServerRoot="" killproc -TERM "${ServerRoot}/${FTP_PROXY_BIN}" rc_status -v ;; try-restart) ## Stop the service and if this succeeds (i.e. ## the service was running before), start it again. ## Note: try-restart is not (yet) part of LSB (as of 0.7.5) $0 status >/dev/null && $0 restart rc_status ;; restart) ## Stop the service and regardless of whether it was ## running or not, start it again. $0 stop $0 start rc_status ;; force-reload) ## Signal the daemon to reload its config. ## If it does not support it, restart. echo -n "Reload the $FTP_PROXY_NAME configuration" [ -n "$compartment" -a -n "${ServerRoot}" ] || ServerRoot="" killproc -HUP "${ServerRoot}/${FTP_PROXY_BIN}" rc_status -v ;; reload) ## Like force-reload, but if daemon does not ## support signalling, do nothing (!) echo -n "Reload the $FTP_PROXY_NAME configuration" [ -n "$compartment" -a -n "${ServerRoot}" ] || ServerRoot="" killproc -HUP "${ServerRoot}/${FTP_PROXY_BIN}" rc_status -v ;; status) echo -n "Checking for $FTP_PROXY_NAME" ## Check status with checkproc(8), if process is running ## checkproc will return with exit status 0. [ -n "$compartment" -a -n "${ServerRoot}" ] || ServerRoot="" checkproc "${ServerRoot}/${FTP_PROXY_BIN}" rc_status -v ;; probe) ## Optional: Probe for the necessity of a reload, ## give out the argument which is required for a reload. [ -n "$compartment" -a -n "${ServerRoot}" ] || ServerRoot="" test "${ServerRoot}/${FTP_PROXY_CFG}" -nt \ "${ServerRoot}/${PidFile}" && echo reload ;; *) echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe|chroot}" exit 1 ;; esac # Inform the caller not only verbosely and set an exit status. rc_exit proxy-suite-1.9.2.4/ftp-proxy/rc.script.txt0000644000000000000000000000703110170463552020557 0ustar rootroot00000000000000 $Id: rc.script.txt,v 1.1.6.1 2004/03/30 12:04:16 mt Exp $ SuSE FTP-Proxy -- run level script Marius Tomaschewski This version provides a *sample* LSB run-level script for (SuSE) Linux: rc.script. It allows you to start the proxy in daemon mode in a chroot runtime enviroment as well as in "normal" standalone / daemon mode. It also creates the complete chroot environment for you. The run-level script is very blown and tries to handle some different settings, like LogDestination, PidFile, TCPWrapper, LDAPServer, User, Group, Messages. If you do not like this script, write your own one :-) Note: this script needs case-sensitive config variable names - do not try to use ``serverroot创 instead of ``ServerRoot创. The script uses the ServerRoot chroot setting in the ftp-proxy.conf configuration file and allows you to use the built-in ftp-proxy to chroot mechanisms or via external compartment tool by Marc Heuse. The benefit of compartment usage is that compartment cleanups the enviroment, does a chroot, changes the group, sets kernel capabilities and _after_ all the steps are done, executes the daemon inside of this environment. The daemon runs with in the chroot with dropped root privileges, except of bind to a port lower than 1024 (server port) and is able to write to files owned by himself (root). If you decide to use the compartment tool, set (add) the FTP_PROXY_CAPS variable to "yes". The config steps in /etc/proxy-suite/ftp-proxy.conf: * Set ``ServerType to创 'standalone' (otherwise the script refuses to start). * Set a directory with ``ServerRoot创, i.e. the default directory '/var/lib/ftp-proxy/rundir'. * Set a ``Group创, the proxy should run as (i.e. 'ftpproxy'). * Set a ``User创, the proxy should run as (i.e. 'ftpproxy'). * Set a ``LogDestination创. The proxy supports logging to a pipe - the script doesn't support it, so you have to use a file (i.e. '/var/log/ftp-proxy.log') or a syslog facility (i.e. 'daemon'). If you are using a file, allways set an absolute name; both, the script and the ftp-proxy need this. If you are using a syslog facility, you have to say syslogd to create a log-socket inside of the chroot environment - simply add it to the SYSLOGD_PARMS variable in /etc/rc.config, i.e.: SYSLOGD_PARMS="-a /var/lib/ftp-proxy/rundir/dev/log" * Set a ``DestinationAddress创 _OR_ enable the new transparent proxying feature with ``AllowTransProxy创 (see TransProxy-Mini-Howto.txt). * Make other settings you need/like... That's all - now start the script with: /sbin/rcftp-proxy chroot and it will create a chroot enviroment for you with all needed files (I hope ;-) inside. Now, you can start the proxy with: /sbin/rcftp-proxy start and TEST if it does what you want - if not, read the documentation and double-check your settings. You can take a look into the configuration file inside of the chroot environment (with the above settings it is /var/lib/ftp-proxy/rundir/etc/proxy-suite/ftp-proxy.conf). Some of your settings are not there (ServerRoot, User, Group) if you are using compartment tool and not the built-in chroot of the ftp-proxy (see above). Please contact proxy-suite@suse.com if you have any ideas, additions or corrections to this text, the script or the ftp-proxy. You can also purchase support or consulting services; contact solutions@suse.de or bsupport@suse.de. Don't forget to have fun, Your SuSE Team. proxy-suite-1.9.2.4/install-sh0000755000000000000000000001273607464230624016157 0ustar rootroot00000000000000#!/bin/sh # # install - install a program, script, or datafile # This comes from X11R5 (mit/util/scripts/install.sh). # # Copyright 1991 by the Massachusetts Institute of Technology # # Permission to use, copy, modify, distribute, and sell this software and its # documentation for any purpose is hereby granted without fee, provided that # the above copyright notice appear in all copies and that both that # copyright notice and this permission notice appear in supporting # documentation, and that the name of M.I.T. not be used in advertising or # publicity pertaining to distribution of the software without specific, # written prior permission. M.I.T. makes no representations about the # suitability of this software for any purpose. It is provided "as is" # without express or implied warranty. # # Calling this script install-sh is preferred over install.sh, to prevent # `make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. It can only install one file at a time, a restriction # shared with many OS's install programs. # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. doit="${DOITPROG-}" # put in absolute paths if you don't have them in your path; or use env. vars. mvprog="${MVPROG-mv}" cpprog="${CPPROG-cp}" chmodprog="${CHMODPROG-chmod}" chownprog="${CHOWNPROG-chown}" chgrpprog="${CHGRPPROG-chgrp}" stripprog="${STRIPPROG-strip}" rmprog="${RMPROG-rm}" mkdirprog="${MKDIRPROG-mkdir}" transformbasename="" transform_arg="" instcmd="$mvprog" chmodcmd="$chmodprog 0755" chowncmd="" chgrpcmd="" stripcmd="" rmcmd="$rmprog -f" mvcmd="$mvprog" src="" dst="" dir_arg="" while [ x"$1" != x ]; do case $1 in -c) instcmd="$cpprog" shift continue;; -d) dir_arg=true shift continue;; -m) chmodcmd="$chmodprog $2" shift shift continue;; -o) chowncmd="$chownprog $2" shift shift continue;; -g) chgrpcmd="$chgrpprog $2" shift shift continue;; -s) stripcmd="$stripprog" shift continue;; -t=*) transformarg=`echo $1 | sed 's/-t=//'` shift continue;; -b=*) transformbasename=`echo $1 | sed 's/-b=//'` shift continue;; *) if [ x"$src" = x ] then src=$1 else # this colon is to work around a 386BSD /bin/sh bug : dst=$1 fi shift continue;; esac done if [ x"$src" = x ] then echo "install: no input file specified" exit 1 else true fi if [ x"$dir_arg" != x ]; then dst=$src src="" if [ -d $dst ]; then instcmd=: chmodcmd="" else instcmd=mkdir fi else # Waiting for this to be detected by the "$instcmd $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if [ -f $src -o -d $src ] then true else echo "install: $src does not exist" exit 1 fi if [ x"$dst" = x ] then echo "install: no destination specified" exit 1 else true fi # If destination is a directory, append the input filename; if your system # does not like double slashes in filenames, you may need to add some logic if [ -d $dst ] then dst="$dst"/`basename $src` else true fi fi ## this sed command emulates the dirname command dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` # Make sure that the destination directory exists. # this part is taken from Noah Friedman's mkinstalldirs script # Skip lots of stat calls in the usual case. if [ ! -d "$dstdir" ]; then defaultIFS=' ' IFS="${IFS-${defaultIFS}}" oIFS="${IFS}" # Some sh's can't handle IFS=/ for some reason. IFS='%' set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` IFS="${oIFS}" pathcomp='' while [ $# -ne 0 ] ; do pathcomp="${pathcomp}${1}" shift if [ ! -d "${pathcomp}" ] ; then $mkdirprog "${pathcomp}" else true fi pathcomp="${pathcomp}/" done fi if [ x"$dir_arg" != x ] then $doit $instcmd $dst && if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi else # If we're going to rename the final executable, determine the name now. if [ x"$transformarg" = x ] then dstfile=`basename $dst` else dstfile=`basename $dst $transformbasename | sed $transformarg`$transformbasename fi # don't allow the sed command to completely eliminate the filename if [ x"$dstfile" = x ] then dstfile=`basename $dst` else true fi # Make a temp file name in the proper directory. dsttmp=$dstdir/#inst.$$# # Move or copy the file name to the temp name $doit $instcmd $src $dsttmp && trap "rm -f ${dsttmp}" 0 && # and set any options; do chmod last to preserve setuid bits # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $instcmd $src $dsttmp" command. if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && # Now rename the file to the real destination. $doit $rmcmd -f $dstdir/$dstfile && $doit $mvcmd $dsttmp $dstdir/$dstfile fi && exit 0 proxy-suite-1.9.2.4/ps-home.html0000644000000000000000000001127310170747213016377 0ustar rootroot00000000000000 SuSE Proxy-Suite Homepage

Welcome to SuSE Proxy-Suite
This is the Home of SuSE Proxy-Suite, a set of programs to enhance firewall security.
The first (and currently only) component being released is the FTP-Proxy.

FTP-Proxy
  • Securely relays FTP connections between clients and servers
  • Can switch connections from active to passive and vice versa
  • Utilizes port ranges for both control and data connections
  • Provides extensive auditing (via syslog or rotating log files)
  • Can separate user related from system triggered audit events
  • Provides command restriction based on logged in user name
  • Allows command argument checking with regular expressions
  • Is able to retrieve configuration data from an LDAP directory
  • Has been thoroughly tested against buffer overflow attacks
  • Based on GNU AutoConf, supposed to run on many UNIX systems
  • Fully conforms to RFC 959 and 1123 (the basic FTP RFCs)

Documentation
SuSE Proxy-Suite comes with a fairly comprehensive documentation. We have created UNIX style Man-Pages and some background information in the form of White Papers.

Current Status
This software is Open Source and released under the GPL (GNU General Public License). The entire Proxy-Suite has been written from scratch by Volker Wiegand, with active help from Jens-Gero Boehm, Marius Tomaschewski and Pieter Hollants.

The FTP-Proxy is already in a usable state. The only features that are announced but not implemented (yet) are the RFC 1579 and 2428 extensions.

Everyone is invited to download, test and use this software for free. We believe that it is in a fairly complete and usable shape. Of course we are also very much interested in discussing enhancements and other components to include in the Proxy-Suite.

Download
The latest version is 1.9.2.4 as well as previous versions of the software can be downloaded from ftp://ftp.suse.com/pub/projects/proxy-suite/. See also the NEWS file.

More Information
We have created a mailing list to discuss Proxy-Suite. To subscribe send an empty mail (the body is ignored) to proxy-suite-subscribe@suse.com.

A second mailing list has been installed where important announcements are made. To subscribe to this second list send a mail to proxy-suite-announce-subscribe@suse.com.

If you find any bugs in the software or documentation, or would like to suggest enhancements, feel free to send an email to proxy-suite-bugs@suse.com.

Last but not least you are invited to contact the maintainer, Marius Tomaschewski.