uacme-1.7.6/0000755000000000000000000000000014734275110007572 500000000000000uacme-1.7.6/uacme.1.txt0000644000000000000000000004003214734273754011517 00000000000000UACME(1) ======== :doctype: manpage :man source: uacme :man version: {revision} :man manual: User Commands NAME ---- uacme - ACMEv2 client written in plain C with minimal dependencies SYNOPSIS -------- *uacme* [*-a*|*--acme-url* 'URL'] [*-b*|*--bits* 'BITS'] [*-c*|*--confdir* 'DIR'] [*-d*|*--days* 'DAYS'] [*-e*|*--eab* KEYID:KEY] [*-f*|*--force*] [*-h*|*--hook* 'PROGRAM'] [*-i*|*--no-ari*] [*-l*|*--alternate* 'N' | 'FP'] [*-m*|*--must-staple*] [*-n*|*--never-create*] [*-o*|*--no-ocsp*] [*-r*|*--reason* CODE] [*-s*|*--staging*] [*-t*|*--type* *RSA*|*EC*] [*-v*|*--verbose* ...] [*-V*|*--version*] [*-y*|*--yes*] [*-?*|*--help*] *new* ['EMAIL'] | *update* ['EMAIL'] | *deactivate* | *newkey* | *issue* 'IDENTIFIER' ['ALTNAME' ...]] | *issue* 'CSRFILE' | *revoke* 'CERTFILE' ['CERTKEYFILE'] DESCRIPTION ----------- *uacme* is a client for the ACMEv2 protocol described in RFC8555, written in plain C with minimal dependencies (libcurl and one of GnuTLS, OpenSSL or mbedTLS). The ACMEv2 protocol allows a Certificate Authority ( is a popular one) and an applicant to automate the process of verification and certificate issuance. The protocol also provides facilities for other certificate management functions, such as certificate revocation. For more information see OPTIONS ------- *-a, --acme-url* 'URL':: ACMEv2 server directory object 'URL'. If not specified *uacme* uses one of the following: 'https://acme-v02.api.letsencrypt.org/directory'::: production URL 'https://acme-staging-v02.api.letsencrypt.org/directory'::: staging URL (see *-s, --staging* below) *-b, --bits* 'BITS':: key bit length (default 2048 for RSA, 256 for EC). Only applies to newly generated keys. RSA key length must be a multiple of 8 between 2048 and 8192. EC key length must be either 256 (*NID_X9_62_prime256v1* curve) or 384 (*NID_secp384r1* curve). *-c, --confdir* 'CONFDIR':: Use configuration directory 'CONFDIR' (default '{sysconfdir}/ssl/uacme'). The structure is as follows (multiple 'IDENTIFIERs' allowed) 'CONFDIR/private/key.pem'::: ACME account private key 'CONFDIR/private/IDENTIFIER/key.pem'::: certificate key for 'IDENTIFIER' 'CONFDIR/IDENTIFIER/cert.pem'::: certificate for 'IDENTIFIER' *-d, --days* 'DAYS':: Do not reissue certificates that are still valid for longer than 'DAYS' (default 30). This only applies as a fallback if no server renewal information is available. See also *-i, --no-ari* and *-o, --no-ocsp*. *-e, --eab* 'KEYID:KEY':: Specify RFC8555 External Account Binding credentials according to , in order to associate a new ACME account with an existing account in a non-ACME system such as a CA customer database. 'KEYID' must be an ASCII string. 'KEY' must be base64url-encoded. *-f, --force*:: Force certificate reissuance regardless of expiration date and renewal information from the server. *-h, --hook* 'PROGRAM':: Challenge hook program. If not specified *uacme* interacts with the user for every ACME challenge, printing information about the challenge type, token and authorization on stderr. If specified *uacme* executes 'PROGRAM' (a binary, a shell script or any file that can be executed by the operating system) for every challenge with the following 5 string arguments: 'METHOD'::: one of *begin*, *done* or *failed*. *begin*:::: is called at the beginning of the challenge. 'PROGRAM' must return 0 to accept it. Any other return code declines the challenge. Neither *done* nor *failed* method calls are made for declined challenges. *done*:::: is called upon successful completion of an accepted challenge. *failed*:::: is called upon failure of an accepted challenge. 'TYPE'::: challenge type (*dns-01*, *http-01* or *tls-alpn-01*) 'IDENT'::: The identifier the challenge refers to 'TOKEN'::: The challenge token 'AUTH'::: The key authorization (for *dns-01* and *tls-alpn-01* already converted to the base64url-encoded SHA256 digest format) *-i, --no-ari*:: Do not query or use the server's certificate renewal information window to decide whether to reissue an existing certificate. See also *-d, --days* and *-o, --no-ocsp*. *-l, --alternate* 'N' | 'FP':: According to the server MAY provide one or more additional certificate download URLs, each pointing to alternative certificate chains starting with the same end-entity certificate. This option allows selecting one such chain in one of two ways. A positive integer 'N' makes *uacme* select the Nth alternative chain in the order presented by the server. A colon (':') separated list of two or more 2-digit hexadecimal numbers 'FP' makes *uacme* select the first alternative chain containing either a certificate whose SHA256 fingerprint begins with 'FP', or a certificate in which the Authority Key Identifier extension contains a keyIdentifier field beginning with 'FP'. In all cases *uacme* falls back to the main certificate URL if it cannot match an alternative chain or the download thereof fails. *-m, --must-staple*:: Request certificates with the RFC7633 Certificate Status Request TLS Feature Extension, informally also known as "OCSP Must-Staple". This option is ignored when using an externally supplied Certificate Signing Request file (see USAGE below). *-n, --never-create*:: By default *uacme* creates directories/keys if they do not exist. When this option is specified *uacme* never does so and instead exits with an error if anything required is missing. *-o, --no-ocsp*:: When this flag is *not* specified and the certificate has an Authority Information Access extension with an OCSP server location according to *uacme* makes an OCSP request to the server; if the certificate is reported as revoked *uacme* forces reissuance regardless of the expiration date. See also *-d, --days*. *-r, --reason* 'CODE':: Use 'CODE' (default 0) as reason code in revocation requests. A list of values is at . *-s, --staging*:: Use Let's Encrypt staging URL for testing. This only works if *-a, --acme-url* is *NOT* specified. *-t, --type*='RSA' | 'EC':: Key type, either RSA or EC. Only applies to newly generated keys. The bit length can be specified with *-b, --bits*. *-v, --verbose*:: By default *uacme* only produces output upon errors or when user interaction is required. When this option is specified *uacme* prints information about what is going on on stderr. This option can be specified more than once to increase verbosity. *-V, --version*:: Print program version on stderr and exit. *-y, --yes*:: Autoaccept ACME server terms (if any) upon new account creation. *-?, --help*:: Print a brief usage text on stderr and exit. USAGE ----- *uacme* ['OPTIONS' ...] *new* ['EMAIL']:: Create a new ACME account with optional 'EMAIL' contact. If the account private key does not exist at 'CONFDIR/private/key.pem' a new key is generated unless *-n, --never-create* is specified. A valid account must be created *before* any other operation can succeed (with the exception of certificate revocation requests signed by the certificate private key). Any certificate issued by the ACME server is associated with a single account. An account can be associated with multiple certificates, subject of course to the rate limits imposed by the ACME server. *uacme* ['OPTIONS' ...] *update* ['EMAIL']:: Update the 'EMAIL' associated with the ACME account corresponding to the account private key. If 'EMAIL' is not specified the account contact email is removed. *uacme* ['OPTIONS' ...] *deactivate*:: Deactivate the ACME account corresponding to the account private key. *WARNING* this action is irreversible. Users may wish to do this when the account key is compromised or decommissioned. A deactivated account can no longer request certificate issuances and revocations or access resources related to the account. *uacme* ['OPTIONS' ...] *newkey*:: Change the ACME account private key. If the new account private key does not exist at 'CONFDIR/private/newkey.pem' it is generated unless *-n, --never-create* is specified. The new key is then submitted to the server and if the operation succeeds the old key is hardlinked to 'CONFDIR/private/key-TIMESTAMP.pem' before renaming 'CONFDIR/private/newkey.pem' to 'CONFDIR/private/key.pem'. *uacme* ['OPTIONS' ...] *issue* 'IDENTIFIER' ['ALTNAME' ...]:: Issue a certificate for 'IDENTIFIER' with zero or more 'ALTNAMEs'. If a certificate is already available at 'CONFDIR/IDENTIFIER/cert.pem' for the specified 'IDENTIFIER' and 'ALTNAMEs' and is still valid for longer than 'DAYS' no action is taken unless *-f, --force* is specified or *-o, --no-ocsp* is *not* specified and the certificate is reported as revoked by the OCSP server. The new certificate is saved to 'CONFDIR/IDENTIFIER/cert.pem'. If the certificate file already exists it is hardlinked to 'CONFDIR/IDENTIFIER/cert-TIMESTAMP.pem' before overwriting. The private key for the certificate is loaded from 'CONFDIR/private/IDENTIFIER/key.pem'. If no such file exists, a new key is generated unless *-n, --never-create* is specified. Wildcard 'IDENTIFIERs' or 'ALTNAMEs' are dealt with correctly, as long as the ACME server supports them; note that any such wildcards are automatically removed from the configuration subdirectory name: for example a certificate for '*.test.com' is saved to 'CONFDIR/test.com/cert.pem'. IP address 'IDENTIFIERs' and 'ALTNAMEs' are also supported according to *uacme* ['OPTIONS' ...] *issue* 'CSRFILE':: Issue a certificate based on a RFC2986 Certificate Signing Request contained in 'CSRFILE', which must be in PEM format. In this mode of issuance *uacme* neither needs nor generates the certificate private key, but it is of course the responsibility of the user to ensure that the CSR is constructed and signed appropriately. If a certificate file 'CSRBASE-cert.pem' (where 'CSRBASE' is obtained by stripping the extension, if any, from 'CSRFILE') is already available in the same directory containing 'CSRFILE', and is still valid for longer than 'DAYS' no action is taken unless *-f, --force* is specified or *-o, --no-ocsp* is *not* specified and the certificate is reported as revoked by the OCSP server. If the certificate file already exists it is hardlinked to 'BASENAME-cert-TIMESTAMP.pem' before overwriting. Wildcard identifiers in the CSR are dealt with correctly, as long as the ACME server supports them. IP addresses are also supported according to *uacme* ['OPTIONS' ...] *revoke* 'CERTFILE' ['CERTKEYFILE']:: Revoke the certificate stored in 'CERTFILE'. The revocation request is signed with the private key of either the certificate, when 'CERTKEYFILE' is specified; or the ACME account associated with the certificate, when only 'CERTFILE' is specified. In the first instance the account key and the configuration directory are not required. If successful 'CERTFILE' is renamed to 'revoked-TIMESTAMP.pem'. The reason code in the revocation request defaults to 0 but it can be specified by the user with *-r, --reason*. ENVIRONMENT ----------- *UACME_CAINFO*:: String naming a file holding one or more CA certificates to verify the ACME server with. *UACME_CAPATH*:: String naming a directory holding multiple CA certificates to verify the ACME server with. If libcurl is built against OpenSSL, the certificate directory must be prepared using the OpenSSL c_rehash utility. *UACME_DNS_SERVERS*:: Comma separated list of DNS servers to be used instead of the system default. The format of the dns servers option is 'host[:port][,host[:port]]...' *UACME_INTERFACE*:: String setting the interface name to use as outgoing network interface. The name can be an interface name, an IP address, or a hostname. If you prefer one of these, you can use the following special prefixes: 'if!'::: Interface name 'host!'::: IP address or hostname 'ifhost!!'::: Interface name and IP address or hostname *UACME_PROXY*:: String holding the proxy hostname or dotted numerical IP address. A numerical IPv6 address must be written within [brackets]. To specify port number in this string, append :[port] to the end of the host name. If not specified, default to using port 1080. The proxy string may be prefixed with [scheme]:// to specify which kind of proxy is used (http://, https://, socks4://, socks4a://, socks5://, socks5h://). The proxy can also be specified with its associated credentials like for ordinary URLs in the style: 'scheme://username:password@hostname' HOOK ENVIRONMENT ---------------- The following environment variables are exported for use by the hook program: *UACME_CONFDIR*:: Path to 'CONFDIR', see *-c, --confdir* *UACME_VERBOSE*:: Verbosity, see *-v, --verbose* *UACME_METHOD*, *UACME_TYPE*, *UACME_IDENT*, *UACME_TOKEN*, *UACME_AUTH*:: Copies of the hook program arguments, see *-h, --hook* EXIT STATUS ----------- *0*:: Success *1*:: Certificate not reissued because it is still current *2*:: Failure (syntax or usage error; configuration error; processing failure; unexpected error). EXAMPLE HOOK SCRIPT ------------------- The 'uacme.sh' hook script included in the distribution can be used to automate the certificate issuance with 'http-01' challenges, provided a web server for the domain being validated runs on the same machine, with webroot at /var/www #!/bin/sh CHALLENGE_PATH=/var/www/.well-known/acme-challenge ARGS=5 E_BADARGS=85 if test $# -ne "$ARGS" then echo "Usage: $(basename "$0") method type ident token auth" 1>&2 exit $E_BADARGS fi METHOD=$1 TYPE=$2 IDENT=$3 TOKEN=$4 AUTH=$5 case "$METHOD" in "begin") case "$TYPE" in http-01) echo -n "${AUTH}" > "${CHALLENGE_PATH}/${TOKEN}" exit $? ;; *) exit 1 ;; esac ;; "done"|"failed") case "$TYPE" in http-01) rm "${CHALLENGE_PATH}/${TOKEN}" exit $? ;; *) exit 1 ;; esac ;; *) echo "$0: invalid method" 1>&2 exit 1 esac BUGS ---- If you believe you have found a bug, please create a new issue at https://github.com/ndilieto/uacme/issues with any applicable information. SEE ALSO -------- *ualpn*(1) AUTHOR ------ *uacme* was written by Nicola Di Lieto COPYRIGHT --------- Copyright (C) 2019-2024 Nicola Di Lieto This file is part of *uacme*. *uacme* is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. *uacme* is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . uacme-1.7.6/ChangeLog0000644000000000000000000002533414734273512011277 000000000000002024-12-29 Nicola Di Lieto * Release 1.7.6 - Fix OpenSSL 3.x deprecated APIs - Fix cross compilation Closes https://github.com/ndilieto/uacme/issues/79 - uacme: Add environment variables Closes https://github.com/ndilieto/uacme/issues/63 - uacme: Add support for ACME Renewal Information (ARI) Closes https://github.com/ndilieto/uacme/issues/67 - uacme: Try obtaining new Reply-Nonce if server doesn't supply one Closes https://github.com/ndilieto/uacme/issues/82 - uacme: Add hook environment variables Closes https://github.com/ndilieto/uacme/issues/83 - uacme: Allow matching alternative chain by Authority Key Id Closes https://github.com/ndilieto/uacme/issues/85 - Documentation update - Add link to linode api hook 2024-01-28 Nicola Di Lieto * Release 1.7.5 - fix ualpn exit code in client mode Fixes https://github.com/ndilieto/uacme/issues/76 - fix build with autoconf version 2.71 See https://github.com/ndilieto/uacme/pull/70 - uacme: nsupdate.sh overhaul and DNAME redirection support - add link to deSEC.io DNS integration - minor documentation changes including copyright year 2023-02-15 Nicola Di Lieto * Release 1.7.4 - uacme: Validate token from ACME server. Fixes https://github.com/ndilieto/uacme/issues/64 - minor documentation changes including copyright year 2022-09-20 Nicola Di Lieto * Release 1.7.3 - better compatibility with LibreSSL, require 3.4.2 or later - uacme: Enable --must-staple support with LibreSSL > 3.5.0 - ualpn: Fix build issue with mbedTLS 2.x see https://github.com/ndilieto/uacme/pull/61 2022-07-20 Nicola Di Lieto * Release 1.7.2 - uacme: exponential backoff for status polling instead of constant 5s delay (reduces load on server) - uacme: new -r option to allow specifying revocation code - uacme: fix silent failure in nsupdate.sh closes https://github.com/ndilieto/uacme/issues/45 - uacme: replace 'echo' with 'printf' in uacme.sh closes https://github.com/ndilieto/uacme/issues/48 - uacme: fix -Wsign-compare warning - compatibility with mbedTLS v3.2 - compatibility with LibreSSL (with some limitations) see https://github.com/ndilieto/uacme/commit/32546c7c - embed ax_check_compile_flag.m4 from autoconf-archive as requested in https://github.com/ndilieto/uacme/pull/57 - minor documentation changes including copyright year 2021-06-04 Nicola Di Lieto * Release 1.7.1 - uacme: fix issue when running from inaccessible directory closes https://github.com/ndilieto/uacme/issues/41 - ualpn: use default user group when -u is specified 2021-01-17 Nicola Di Lieto * Release 1.7 - uacme: alternate chain selection by certificate fingerprint - uacme: print copyright with version - ualpn: print copyright with version - ualpn: add notice with version on startup - ualpn: reject duplicate options where appropriate - ualpn: make ualpn.sh always outputs to stderr - ualpn: fix compilation warning - minor changes (typos) - master branch builds must autoreconf - update copyright year 2020-12-06 Nicola Di Lieto * Release 1.6 - uacme: add support for RFC8555 External Account Binding closes https://github.com/ndilieto/uacme/issues/40 - uacme: fix use after free in surrogate strcasestr function - uacme: make nsupdate.sh accept quoted TXT challenge values - uacme: minor cosmetic changes to log messages 2020-07-26 Nicola Di Lieto * Release 1.5 - uacme: add -l option to allow selecting alternate chain - ualpn: move signal calls to beginning - ualpn: add mbedtls_x509_crt_parse_der_with_ext_cb support fixes https://github.com/ndilieto/uacme/issues/23 2020-05-30 Nicola Di Lieto * Release 1.4.1 - fix SIGPIPE of parent process in daemon mode https://github.com/ndilieto/uacme/issues/36 2020-05-30 Nicola Di Lieto * Release 1.4 - fix nsupdate.sh https://github.com/ndilieto/uacme/issues/32 - uacme: warn that --must-staple is ignored with CSRFILE - ualpn: swap -p and -P command line switches - ualpn: remove redundant memset - ualpn: increase key buffer size as required by OpenSSL 3.x - ualpn: fix minor OpenBSD portability issues - ualpn: fix typo in warning message - ualpn: fix library link order when using built-in libev - README.md now included in distribution 2020-05-08 Nicola Di Lieto * Release 1.3 - allow signing revocation requests with certificate key - add support for issuing certificates based on a CSR - add mbedTLS implementation of OCSP check - add nsupdate.sh dns-01 authentication script - improve handling of RFC8738 with OpenSSL/mbedTLS - fix memory leak in csr_gen upon some OpenSSL errors 2020-04-25 Nicola Di Lieto * Release 1.2.4 - improve mbedTLS detection in configure.ac - check format string arguments with GCC - ualpn: fix incorrect message arguments 2020-04-22 Nicola Di Lieto * Release 1.2.3 - fix Content-Type header parsing https://github.com/ndilieto/uacme/issues/22 2020-04-18 Nicola Di Lieto * Release 1.2.2 - fix ualpn socket type bug on uClibc based systems - fix configure.ac MAP_ANON cross-compilation test 2020-04-17 Nicola Di Lieto * Release 1.2.1 - increase cert buf size to cope with long identifiers - fix gcc8 -Wstringop-truncation warning 2020-04-15 Nicola Di Lieto * Release 1.2 - add uacme OCSP certificate status check - add ualpn OpenSSL/mbedTLS implementations - add key usage to ualpn challenge certificate - ensure top bit of ualpn certificate S/N is 0 with OpenSSL - fix ualpn memory leaks and corner case bugs - minor cosmetic code and documentation changes 2020-03-12 Nicola Di Lieto * Release 1.1.2 - fix configure.ac typo affecting LDFLAGS - fix missing PIPE_BUF when building on hurd-386 2020-03-12 Nicola Di Lieto * Release 1.1.1 - fix typo breaking build without HAVE_SPLICE - fix addr_t name collision on s390x 2020-03-11 Nicola Di Lieto * Release 1.1 - added IP identifier support (RFC8738) - added tls-alpn-01 (RFC8737) challenge responder (ualpn) 2020-02-01 Nicola Di Lieto * Release 1.0.22 - relax account status check (compatibility with buypass.no) - allow client challenge retry requests (RFC8555 sec. 7.1.6) - pass -L flag to a2x in order to avoid depending on xmllint - add wildcard clarification in manpage 2020-01-12 Nicola Di Lieto * Release 1.0.21 - Fixed uacme.sh: https://github.com/ndilieto/uacme/pull/12 - Added LFS support (AC_SYS_LARGEFILE) 2019-10-03 Nicola Di Lieto * Release 1.0.20 - improved HTTP header parsing to fix problem that can happen when retrieving directory over HTTP/2 2019-09-30 Nicola Di Lieto * Release 1.0.19 - Fix configure script bug when using explicit PKG_CONFIG environment variable - explicitly set key usage in certificate request 2019-08-29 Nicola Di Lieto * Release 1.0.18 - support for OCSP Must-Staple (-m, --must-staple) - explicitly set key usage constraints with mbedTLS - fix compilation warning with gcc7 on solaris 2019-07-03 Nicola Di Lieto * Release 1.0.17 - fix pedantic compilation warning - configure fails if pkg-config isn't found 2019-06-17 Nicola Di Lieto * Release 1.0.16 - Configure script checks for libcurl HTTPS support - Minor man page corrections 2019-06-15 Nicola Di Lieto * Release 1.0.15 - Exit with error if both -a and -s are specified - Avoid depending on libtasn1 if gnutls_decode_rs_value is available 2019-06-12 Nicola Di Lieto * Release 1.0.14 - Fix deprecated API when building with OpenSSL v1.1.1c 2019-06-05 Nicola Di Lieto * Release 1.0.13 - Disable mbedTLS runtime version check if not available 2019-05-18 Nicola Di Lieto * Release 1.0.12 - Ensure EC key params are always properly padded - Improved hook_run error checking 2019-05-17 Nicola Di Lieto * Release 1.0.11 - Key rollover (https://tools.ietf.org/html/rfc8555#section-7.3.5) - Revoked cert files now renamed to 'revoked-TIMESTAMP.pem' - Key auth contains SHA256 digest for tls-alpn-01 (like dns-01) - Minor logging improvements 2019-05-12 Nicola Di Lieto * Release 1.0.10 - added secp384r1 EC key support - -b, --bits option accepts 256 or 384 for EC keys - enforce multiple of 8 RSA key size - improved acme_get and acme_post verbose logging - retry upon badNonce response according to RFC8555 6.5 - mbedtls: fixed incorrect size of EC signature 2019-05-09 Nicola Di Lieto * Release 1.0.9 - added EC key/cert support (-t, --type=EC, default RSA) - added RSA key length option (-b, --bits=BITS, default 2048) 2019-05-04 Nicola Di Lieto * Release 1.0.8 - added OpenSSL support (./configure --with-openssl) - check libraries versions at both compile and run time - exit codes: 0=success, 1=cert issuance skipped, 2=error - mbedtls: dynamically grow buffers when needed 2019-04-29 Nicola Di Lieto * Release 1.0.7 - added HTTP User-Agent: header to all requests - added --disable-docs configure option - manpage version now updated automatically 2019-04-27 Nicola Di Lieto * Release 1.0.6 - fix uninitialized variable in authorize() 2019-04-27 Nicola Di Lieto * Release 1.0.5 - add AM_MAINTAINER_MODE to configure.ac - minor cosmetic change to json primitive dump 2019-04-26 Nicola Di Lieto * Release 1.0.4 - debian packaging - fix potential uninitialized var access in acme_get() - fix fprintf format string in _json_dump() - copy doc/index.html on demand only 2019-04-25 Nicola Di Lieto * Release 1.0.3 - fixed more -pedantic gcc warnings - html manpage in html5; copy as doc/html for github hosting 2019-04-24 Nicola Di Lieto * Release 1.0.2 - allow choosing between GnuTLS and mbedTLS at compile time - improved directory existence check - fixed -Wall -pedantic gcc warnings 2019-04-21 Nicola Di Lieto * Release 1.0.1 - fix acme challenge web server path - fix spelling in help text 2019-04-21 Nicola Di Lieto * First public release (1.0) uacme-1.7.6/json.c0000644000000000000000000002002214555533301010623 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #include "config.h" #include #include #include #include #include #include "json.h" #include "jsmn.h" static int json_build(const char *js, jsmntok_t *t, size_t count, json_value_t *value) { int i, j, k; if (count <= 0) return 0; switch (t->type) { case JSMN_PRIMITIVE: value->type = JSON_PRIMITIVE; value->v.value = strndup(js+t->start, t->end - t->start); if (!value->v.value) { warn("json_build: strndup failed"); return -1; } return 1; case JSMN_STRING: value->type = JSON_STRING; value->v.value = strndup(js+t->start, t->end - t->start); if (!value->v.value) { warn("json_build: strndup failed"); return -1; } return 1; case JSMN_OBJECT: value->type = JSON_OBJECT; value->v.object.size = t->size; value->v.object.names = calloc(t->size, sizeof(json_value_t)); value->v.object.values = calloc(t->size, sizeof(json_value_t)); if (!value->v.object.names || !value->v.object.values) { warn("json_build: calloc failed"); return -1; } for (j = i = 0; i < t->size; i++) { value->v.object.names[i].parent = value; value->v.object.values[i].parent = value; k = json_build(js, t+1+j, count-j, value->v.object.names+i); if (k < 0) return k; else j += k; k = json_build(js, t+1+j, count-j, value->v.object.values+i); if (k < 0) return k; else j += k; } return j+1; case JSMN_ARRAY: value->type = JSON_ARRAY; value->v.array.size = t->size; value->v.array.values = calloc(t->size, sizeof(json_value_t)); if (!value->v.array.values) { warn("json_build: calloc failed"); return -1; } for (j = i = 0; i < t->size; i++) { value->v.array.values[i].parent = value; k = json_build(js, t+1+j, count-j, value->v.array.values+i); if (k < 0) return k; else j += k; } return j+1; default: value->type = JSON_UNDEFINED; return 0; } } static void _json_dump(FILE *f, const json_value_t *value, size_t indent) { size_t i,j; if (!value) return; switch (value->type) { case JSON_PRIMITIVE: fprintf(f, "%s", value->v.value); return; case JSON_STRING: fprintf(f, "\"%s\"", value->v.value); return; case JSON_OBJECT: fprintf(f, "{\n"); for (i = 0; i < value->v.object.size; i++) { for (j=0; j<4*(indent+1); j++) fputc(' ', f); _json_dump(f, value->v.object.names+i, indent + 1); fprintf(f, ": "); _json_dump(f, value->v.object.values+i, indent + 1); if (i < value->v.object.size - 1) fputc(',', f); fputc('\n', f); } for (j=0; j<4*indent; j++) fputc(' ', f); fputc('}', f); if (indent == 0) fputc('\n', f); return; case JSON_ARRAY: fprintf(f, "[\n"); for (i = 0; i < value->v.array.size; i++) { for (j=0; j<4*(indent+1); j++) fputc(' ', f); _json_dump(f, value->v.array.values+i, indent + 1); if (i < value->v.array.size - 1) fputc(',', f); fputc('\n', f); } for (j=0; j<4*indent; j++) fputc(' ', f); fputc(']', f); if (indent == 0) fputc('\n', f); return; default: return; } } void json_dump(FILE *f, const json_value_t *value) { _json_dump(f, value, 0); } void json_free(json_value_t *value) { size_t i; if (!value) return; switch (value->type) { case JSON_PRIMITIVE: case JSON_STRING: free(value->v.value); break; case JSON_OBJECT: for (i = 0; i < value->v.object.size; i++) { json_free(value->v.object.names+i); json_free(value->v.object.values+i); } free(value->v.object.names); free(value->v.object.values); break; case JSON_ARRAY: for (i = 0; i < value->v.array.size; i++) json_free(value->v.array.values+i); free(value->v.array.values); break; default: break; } if (!value->parent) free(value); } const json_value_t *json_find(const json_value_t *haystack, const char *needle) { if (!haystack || haystack->type != JSON_OBJECT) return NULL; for (size_t i=0; iv.object.size; i++) if (strcmp(haystack->v.object.names[i].v.value, needle) == 0) return haystack->v.object.values + i; return NULL; } const char *json_find_value(const json_value_t *haystack, const char *needle) { if (!haystack || haystack->type != JSON_OBJECT) return NULL; for (size_t i=0; iv.object.size; i++) if (haystack->v.object.values[i].type == JSON_PRIMITIVE && strcmp(haystack->v.object.names[i].v.value, needle) == 0) return haystack->v.object.values[i].v.value; return NULL; } const char *json_find_string(const json_value_t *haystack, const char *needle) { if (!haystack || haystack->type != JSON_OBJECT) return NULL; for (size_t i=0; iv.object.size; i++) if (haystack->v.object.values[i].type == JSON_STRING && strcmp(haystack->v.object.names[i].v.value, needle) == 0) return haystack->v.object.values[i].v.value; return NULL; } int json_compare_string(const json_value_t *haystack, const char *name, const char *value) { const char *tmp = json_find_string(haystack, name); if (tmp) return strcmp(tmp, value); else return INT_MIN; } json_value_t *json_parse(const char *body, size_t body_len) { json_value_t *ret = NULL; jsmn_parser parser; unsigned int tok_len = 2; jsmntok_t *tok = calloc(tok_len, sizeof(*tok)); if (!tok) { warn("json_parse: calloc failed"); return NULL; } jsmn_init(&parser); while (1) { int r = jsmn_parse(&parser, body, body_len, tok, tok_len); if (r < 0) { if (r == JSMN_ERROR_NOMEM) { void *p = realloc(tok, sizeof(*tok) * tok_len * 2); if (!p) { warn("json_parse: realloc failed"); break; } tok_len *= 2; tok = p; } else { warnx("json_parse: jsmn_parse failed with code %d", r); break; } } else { ret = calloc(1, sizeof(json_value_t)); if (!ret) { warn("json_parse: calloc failed"); break; } json_build(body, tok, parser.toknext, ret); break; } } free(tok); return ret; } uacme-1.7.6/ualpn.c0000644000000000000000000044517014733013114011001 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #if defined(USE_GNUTLS) #include #include #include #elif defined(USE_OPENSSL) #include #include #include #include #include #include #include #include #include #elif defined(USE_MBEDTLS) #include #include #include #include #include #include #include #include #include #include #include #include #endif #include "sglib.h" #include "base64.h" #include "log.h" #define MAXHOST 64 #define MAXSERV 16 #if defined(USE_GNUTLS) #if GNUTLS_VERSION_NUMBER < 0x03031e #error GnuTLS version 3.3.30 or later is required #endif #elif defined(USE_OPENSSL) #if OPENSSL_VERSION_NUMBER < 0x1010100fL #error OpenSSL version 1.1.1 or later is required #endif static void openssl_error(const char *prefix) { unsigned long e; while ((e = ERR_get_error()) != 0) { warnx("%s: openssl %s", prefix, ERR_error_string(e, NULL)); return; } } #elif defined(USE_MBEDTLS) #if MBEDTLS_VERSION_NUMBER < 0x02100000 #error mbedTLS version 2.16 or later is required #endif #if MBEDTLS_VERSION_NUMBER < 0x02170000 && \ !defined(MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) #error mbedTLS earlier than version 2.23 needs to be configured with \ MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION #endif static const char *_mbedtls_strerror(int code) { static char buf[0x100]; mbedtls_strerror(code, buf, sizeof(buf)); return buf; } #ifndef MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE #define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -1 #endif #endif #if !defined(EAGAIN) #define EAGAIN EWOULDBLOCK #endif #if !defined(EWOULDBLOCK) #define EWOULDBLOCK EAGAIN #endif typedef struct auth { ev_tstamp timestamp; char ident[0x100]; char auth[0x30]; uint8_t key[0x100]; size_t key_size; uint8_t crt[0x500]; size_t crt_size; uint8_t rb; struct auth *left, *right; } auth_t; #define ACME_AUTH_CMP(x,y) (strcasecmp(((x)->ident), ((y)->ident))) SGLIB_DEFINE_RBTREE_PROTOTYPES(auth_t, left, right, rb, ACME_AUTH_CMP) SGLIB_DEFINE_RBTREE_FUNCTIONS(auth_t, left, right, rb, ACME_AUTH_CMP) #if !defined(PIPE_BUF) #define PIPE_BUF 2048 #endif typedef struct buffer { uint8_t data[2*PIPE_BUF]; size_t rp; size_t wp; size_t n; } buffer_t; typedef struct addr { union { struct sockaddr sa; struct sockaddr_storage ss; struct sockaddr_in v4; struct sockaddr_in6 v6; struct sockaddr_un un; } addr; socklen_t len; } uaddr_t; typedef struct client { unsigned int id; #if EV_MULTIPLICITY struct ev_loop *loop; #endif ev_tstamp timestamp; ev_timer timer; ev_io io_txf; ev_io io_rxf; ev_io io_txb; ev_io io_rxb; int fd_f; int fd_b; #if HAVE_SPLICE ev_io io_f2b0; ev_io io_f2b1; ev_io io_b2f0; ev_io io_b2f1; int fd_f2b[2]; int fd_b2f[2]; ssize_t n_f2b; ssize_t n_b2f; #else buffer_t buf_f2b; buffer_t buf_b2f; #endif size_t brx, btx, frx, ftx; char lhost_f[MAXHOST]; char lserv_f[MAXSERV]; char rhost_f[MAXHOST]; char rserv_f[MAXSERV]; char rhost_b[MAXHOST]; char rserv_b[MAXSERV]; bool backend_initialized; int backend_retries; enum { STATE_INIT = 0, STATE_ACME_MAYBE, STATE_ACME, STATE_PROXY_INIT, STATE_PROXY, STATE_CLOSING, STATE_DONE } state; #if defined(USE_GNUTLS) gnutls_session_t tls; gnutls_certificate_credentials_t cred; #elif defined(USE_OPENSSL) SSL *ssl; #elif defined(USE_MBEDTLS) mbedtls_ssl_context ssl; mbedtls_ssl_config cnf; mbedtls_x509_crt crt; mbedtls_pk_context key; #endif char ident[0x100]; char auth[0x30]; struct client *prev, *next; } client_t; typedef struct controller { unsigned int id; ev_io io_send; ev_io io_recv; int fd; ev_timer timer; ev_tstamp timestamp; buffer_t buf_recv; buffer_t buf_send; bool done; struct controller *prev, *next; } controller_t; typedef struct worker { ev_io io; ev_child child; ev_timer timer; ev_signal sigint; ev_signal sigterm; ev_tstamp timestamp; pid_t pid; int sv[2]; bool shutdown; bool terminate; struct worker *prev, *next; } worker_t; typedef struct listener { ev_io io; struct listener *next; } listener_t; typedef struct str { char *str; struct str *prev, *next; } str_t; static struct globs { bool daemon; bool stop; bool syslog; unsigned loglevel; char *logfilename; FILE *logfile; int family; unsigned proxy; unsigned num_workers; unsigned max_auths; char **argv; char *progname; char *chroot; char *pidfile; char *socket; mode_t sockmode; int sockfd; #if HAVE_MAP_DEVZERO int devzero; #endif int pipefd[2]; char *user; uid_t uid; char *group; gid_t gid; str_t *bind; str_t *connect; bool auths_touched; controller_t *controllers; listener_t *listeners; client_t *clients; worker_t *workers; #if defined(USE_OPENSSL) SSL_CTX *ssl_ctx; BIO_METHOD *bio_meth; int ssl_idx; int bio_idx; #elif defined(USE_MBEDTLS) unsigned char *crt; unsigned char *key; unsigned int crt_len; unsigned int key_len; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; #endif ev_io controller; ev_cleanup cleanup; ev_signal sigint; ev_signal sigterm; ev_timer timer; } g = { .daemon = false, .stop = false, .syslog = false, .loglevel = 0, .logfilename = NULL, .logfile = NULL, .family = AF_UNSPEC, .proxy = 1, .num_workers = 2, .max_auths = 100, .progname = NULL, .chroot = NULL, .pidfile = NULL, .socket = NULL, .sockmode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH, .sockfd = -1, #if HAVE_MAP_DEVZERO .devzero = -1, #endif .pipefd = {-1, -1}, .user = NULL, .uid = 0, .group = NULL, .gid = 0, .bind = NULL, .connect = NULL, .auths_touched = false, .controllers = NULL, .listeners = NULL, .clients = NULL, .workers = NULL, #if defined(USE_OPENSSL) .ssl_ctx = NULL, .bio_meth = NULL, .ssl_idx = -1, .bio_idx = -1, #elif defined(USE_MBEDTLS) .crt = NULL, .key = NULL, .crt_len = 0, .key_len = 0 #endif }; static struct shm { sem_t sem; sem_t logsem; bool shutdown; auth_t *auths; auth_t *avail; auth_t pool[1]; } *g_shm = NULL; static size_t g_shm_size = 0; static char *safe_strncpy(char *dst, const char *src, size_t n) { size_t i; for (i = 0; i + 1 < n && src[i] != 0; i++) dst[i] = src[i]; if (i < n) dst[i] = 0; return dst; } static int set_nonblocking(int fd) { int flags = fcntl(fd, F_GETFL, 0); if (flags == -1) return -1; else return fcntl(fd, F_SETFL, flags | O_NONBLOCK); } static int set_closeonexec(int fd) { int flags = fcntl(fd, F_GETFD, 0); if (flags == -1) return -1; else return fcntl(fd, F_SETFD, flags | FD_CLOEXEC); } static int parse_addr(const char *s, int flags, int family, struct addrinfo **a) { int rc; char *service; char *node; struct addrinfo hints; memset(&hints, 0, sizeof(hints)); hints.ai_flags = flags; hints.ai_family = family; node = s ? strdup(s) : NULL; if (s && !node) return EAI_MEMORY; service = node ? strrchr(node, '@') : NULL; if (service) *service++ = '\0'; if (!node || strlen(node)) rc = getaddrinfo(node, service ? service : "443", &hints, a); else rc = EAI_NONAME; free(node); return rc; } static void syslog_init() { static char buf[0x80]; snprintf(buf, sizeof(buf), "%s/%ld", g.progname, (long)getpid()); openlog(buf, 0, LOG_DAEMON); g.syslog = true; } static ssize_t buf_getline(buffer_t *b, char *line, size_t len) { size_t n = 0; size_t bn = b->n; size_t rp = b->rp; while (n + 1 < len && bn > 0) { line[n] = b->data[rp++]; if (rp >= sizeof(b->data)) rp = 0; bn--; if (line[n] == '\n') break; n++; } if (n + 1 >= len) return -1; else if (line[n] == '\n') { line[n] = '\0'; b->rp = rp; b->n = bn; return n; } else return 0; } static size_t buf_put(buffer_t *b, const void *data, size_t len) { size_t n = 0; while (n < len && b->n < sizeof(b->data)) { b->data[b->wp++] = ((uint8_t *)data)[n]; if (b->wp >= sizeof(b->data)) b->wp = 0; n++; b->n++; } if (n == 0 && len > 0) { errno = EAGAIN; return -1; } return n; } static size_t buf_puts(buffer_t *b, const char *data) { return buf_put(b, data, strlen(data)); } static ssize_t buf_readv(int fd, buffer_t *b) { ssize_t n; if (b->n >= sizeof(b->data)) { return -2; } else if (b->wp >= b->rp) { struct iovec iov[2]; iov[0].iov_base = b->data + b->wp; iov[0].iov_len = sizeof(b->data) - b->wp; iov[1].iov_base = b->data; iov[1].iov_len = b->rp; n = readv(fd, iov, 2); } else n = read(fd, b->data + b->wp, b->rp - b->wp); if (n > 0) { b->n += n; b->wp += n; if (b->wp >= sizeof(b->data)) b->wp -= sizeof(b->data); } return n; } static ssize_t buf_writev(int fd, buffer_t *b) { ssize_t n; if (b->n == 0) { return 0; } else if (b->rp >= b->wp) { struct iovec iov[2]; iov[0].iov_base = b->data + b->rp; iov[0].iov_len = sizeof(b->data) - b->rp; iov[1].iov_base = b->data; iov[1].iov_len = b->wp; n = writev(fd, iov, 2); } else n = write(fd, b->data + b->rp, b->wp - b->rp); if (n > 0) { b->n -= n; b->rp += n; if (b->rp >= sizeof(b->data)) b->rp -= sizeof(b->data); } return n; } int auth_lock(unsigned int timeout_ms) { struct timespec ts; int rc = clock_gettime(CLOCK_REALTIME, &ts); if (rc != 0) { warn("auth_lock: clock_gettime"); return rc; } ts.tv_nsec += timeout_ms * 1000000L; while (ts.tv_nsec >= 1000000000L) { ts.tv_nsec -= 1000000000L; ts.tv_sec++; } rc = sem_timedwait(&g_shm->sem, &ts); if (rc != 0) warn("auth_lock: sem_timedwait"); return rc; } int auth_unlock(void) { int rc = sem_post(&g_shm->sem); if (rc != 0) warn("auth_unlock: sem_post"); return rc; } auth_t *get_auth(const char *ident) { auth_t *a; if (auth_lock(100) != 0) return NULL; for (a = g_shm->auths; a; ) { int c = strcasecmp(ident, a->ident); if (c < 0) a = a->left; else if (c > 0) a = a->right; else break; } auth_unlock(); return a; } #if defined(USE_GNUTLS) int auth_crt(const char *ident, const uint8_t *id, size_t id_len, gnutls_datum_t *crt, gnutls_datum_t *key) { gnutls_x509_privkey_t k; gnutls_x509_crt_t c; struct addrinfo *ai; uint8_t serial[0x10]; uint8_t keyid[0x100]; size_t keyid_size = sizeof(keyid); time_t now = time(NULL); int rc; rc = gnutls_x509_privkey_init(&k); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_privkey_init: %s", gnutls_strerror(rc)); return -1; } rc = gnutls_x509_privkey_generate(k, GNUTLS_PK_EC, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1), 0); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_privkey_generate: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); return -1; } rc = gnutls_x509_crt_init(&c); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_init: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); return -1; } rc = gnutls_x509_crt_set_version(c, 3); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_version: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_dn_by_oid(c, GNUTLS_OID_X520_COMMON_NAME, 0, ident, strlen(ident)); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_dn_by_oid: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_issuer_dn_by_oid(c, GNUTLS_OID_X520_COMMON_NAME, 0, ident, strlen(ident)); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_issuer_dn_by_oid: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_rnd(GNUTLS_RND_NONCE, serial, sizeof(serial)); serial[0] &= 0x7F; if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_rnd: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_serial(c, serial, sizeof(serial)); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_serial: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_activation_time(c, now - 30*24*60*60); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_activation_time: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_expiration_time(c, now + 30*24*60*60); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_expiration_time: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_basic_constraints(c, 1, -1); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_basic_constraints: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = parse_addr(ident, AI_NUMERICHOST | AI_NUMERICSERV, AF_UNSPEC, &ai); if (rc == 0 && ai->ai_family == AF_INET) { struct sockaddr_in *addr = (struct sockaddr_in *)ai->ai_addr; rc = gnutls_x509_crt_set_subject_alt_name(c, GNUTLS_SAN_IPADDRESS, &addr->sin_addr, sizeof(addr->sin_addr), GNUTLS_FSAN_APPEND); freeaddrinfo(ai); } else if (rc == 0 && ai->ai_family == AF_INET6) { struct sockaddr_in6 *addr = (struct sockaddr_in6 *)ai->ai_addr; rc = gnutls_x509_crt_set_subject_alt_name(c, GNUTLS_SAN_IPADDRESS, &addr->sin6_addr, sizeof(addr->sin6_addr), GNUTLS_FSAN_APPEND); freeaddrinfo(ai); } else { if (rc == 0) freeaddrinfo(ai); rc = gnutls_x509_crt_set_subject_alt_name(c, GNUTLS_SAN_DNSNAME, ident, strlen(ident), GNUTLS_FSAN_APPEND); } if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_subject_alt_name: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_extension_by_oid(c, "1.3.6.1.5.5.7.1.31", id, id_len, 1); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_extension_by_oid: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_key(c, k); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_key: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_key_usage(c, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_CERT_SIGN); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_key_usage: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_get_key_id(c, 0, keyid, &keyid_size); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_get_key_id: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_subject_key_id(c, keyid, keyid_size); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_subject_key_id: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_set_authority_key_id(c, keyid, keyid_size); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_set_authority_key_id: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_sign2(c, c, k, GNUTLS_DIG_SHA256, 0); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_sign2: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_privkey_export2(k, GNUTLS_X509_FMT_DER, key); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_privkey_export2: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return -1; } rc = gnutls_x509_crt_export2(c, GNUTLS_X509_FMT_DER, crt); if (rc != GNUTLS_E_SUCCESS) { warnx("auth_crt: gnutls_x509_crt_export2: %s", gnutls_strerror(rc)); gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); gnutls_free(key->data); return -1; } gnutls_x509_privkey_deinit(k); gnutls_x509_crt_deinit(c); return 0; } #elif defined(USE_OPENSSL) int auth_crt(const char *ident, const uint8_t *id, size_t id_len, unsigned char **crt, unsigned int *crt_len, unsigned char **key, unsigned int *key_len) { EVP_PKEY_CTX *pc = NULL; EVP_PKEY *k = NULL; X509_NAME *name = NULL; X509 *c = NULL; X509V3_CTX ctx; BIGNUM *bn = NULL; ASN1_OBJECT *acmeid = NULL; ASN1_OCTET_STRING *idos = NULL; X509_EXTENSION *ext = NULL; char *san = NULL; struct addrinfo *ai = NULL; time_t now = time(NULL); int ret = -1; int rc; idos = ASN1_OCTET_STRING_new(); if (!idos || !ASN1_OCTET_STRING_set(idos, id, id_len)) { openssl_error("auth_crt"); goto out; } pc = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); if (!pc || !EVP_PKEY_keygen_init(pc) || !EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pc, NID_X9_62_prime256v1) || !EVP_PKEY_keygen(pc, &k)) { openssl_error("auth_crt"); goto out; } name = X509_NAME_new(); if (!name || !X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (const unsigned char *)ident, -1, -1, 0)) { openssl_error("auth_crt"); goto out; } bn = BN_new(); if (!bn || !BN_rand(bn, 127, BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY)) { openssl_error("auth_crt"); goto out; } c = X509_new(); if (!c || !X509_set_version(c, 2) || !X509_set_subject_name(c, name) || !X509_set_issuer_name(c, name) || !BN_to_ASN1_INTEGER(bn, X509_get_serialNumber(c)) || !ASN1_TIME_adj(X509_getm_notBefore(c), now, -30, 0) || !ASN1_TIME_adj(X509_getm_notAfter(c), now, 30, 0) || !X509_set_pubkey(c, k)) { openssl_error("auth_crt"); goto out; } rc = parse_addr(ident, AI_NUMERICHOST | AI_NUMERICSERV, AF_UNSPEC, &ai); if (rc == 0 && (ai->ai_family == AF_INET || ai->ai_family == AF_INET6)) { freeaddrinfo(ai); if (asprintf(&san, "IP:%s", ident) < 0) { warnx("auth_crt: asprintf failed"); san = NULL; goto out; } } else { if (rc == 0) freeaddrinfo(ai); if (asprintf(&san, "DNS:%s", ident) < 0) { warnx("auth_crt: asprintf failed"); san = NULL; goto out; } } acmeid = OBJ_txt2obj("1.3.6.1.5.5.7.1.31",1); if (!acmeid) { openssl_error("auth_crt"); goto out; } X509V3_set_ctx_nodb(&ctx); X509V3_set_ctx(&ctx, c, c, NULL, NULL, 0); ext = X509V3_EXT_conf_nid(NULL, &ctx, NID_subject_alt_name, san); if (!ext || !X509_add_ext(c, ext, -1)) { openssl_error("auth_crt"); goto out; } X509_EXTENSION_free(ext); ext = X509V3_EXT_conf_nid(NULL, &ctx, NID_key_usage, "critical, keyCertSign, digitalSignature"); if (!ext || !X509_add_ext(c, ext, -1)) { openssl_error("auth_crt"); goto out; } X509_EXTENSION_free(ext); ext = X509V3_EXT_conf_nid(NULL, &ctx, NID_basic_constraints, "critical,CA:TRUE"); if (!ext || !X509_add_ext(c, ext, -1)) { openssl_error("auth_crt"); goto out; } X509_EXTENSION_free(ext); ext = X509V3_EXT_conf_nid(NULL, &ctx, NID_subject_key_identifier, "hash"); if (!ext || !X509_add_ext(c, ext, -1)) { openssl_error("auth_crt"); goto out; } X509_EXTENSION_free(ext); ext = X509V3_EXT_conf_nid(NULL, &ctx, NID_authority_key_identifier, "keyid,issuer"); if (!ext || !X509_add_ext(c, ext, -1)) { openssl_error("auth_crt"); goto out; } X509_EXTENSION_free(ext); ext = X509_EXTENSION_create_by_OBJ(NULL, acmeid, 1, idos); if (!ext || !X509_add_ext(c, ext, -1)) { openssl_error("auth_crt"); goto out; } if (!X509_sign(c, k, EVP_sha256())) { openssl_error("auth_crt"); goto out; } *crt = NULL; rc = i2d_X509(c, crt); if (rc < 0) { openssl_error("auth_crt"); goto out; } *crt_len = rc; *key = NULL; rc = i2d_PrivateKey(k, key); if (rc < 0) { openssl_error("auth_crt"); goto out; } *key_len = rc; ret = 0; out: EVP_PKEY_CTX_free(pc); EVP_PKEY_free(k); X509_NAME_free(name); X509_free(c); BN_free(bn); ASN1_OBJECT_free(acmeid); ASN1_OCTET_STRING_free(idos); X509_EXTENSION_free(ext); free(san); if (ret != 0) { OPENSSL_free(*key); *key = NULL; *key_len = 0; OPENSSL_free(*crt); *crt = NULL; *crt_len = 0; } return ret; } #elif defined(USE_MBEDTLS) int auth_crt(const char *ident, const uint8_t *id, size_t id_len, unsigned char **crt, unsigned int *crt_len, unsigned char **key, unsigned int *key_len) { size_t buf_len = 0x400; unsigned char *buf = NULL; struct addrinfo *ai; uaddr_t addr; struct tm t; time_t tnb = time(NULL) - 30*24*3600; time_t tna = tnb + 60*24*3600; char nb[MBEDTLS_X509_RFC5280_UTC_TIME_LEN] = ""; char na[MBEDTLS_X509_RFC5280_UTC_TIME_LEN] = ""; char *cn = NULL; int ret = -1; int rc; mbedtls_x509write_cert c; mbedtls_pk_context k; mbedtls_mpi sn; strftime(nb, sizeof(nb), "%Y%m%d%H%M%S", gmtime_r(&tnb, &t)); strftime(na, sizeof(na), "%Y%m%d%H%M%S", gmtime_r(&tna, &t)); mbedtls_x509write_crt_init(&c); mbedtls_pk_init(&k); mbedtls_mpi_init(&sn); rc = mbedtls_mpi_fill_random(&sn, 16, mbedtls_ctr_drbg_random, &g.ctr_drbg); if (rc) { warnx("auth_crt: mbedtls_mpi_fill_random: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_mpi_set_bit(&sn, 127, 0); if (rc) { warnx("auth_crt: mbedtls_mpi_set_bit: %s", _mbedtls_strerror(rc)); goto out; } const mbedtls_pk_info_t *pki = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); if (!pki) { warnx("auth_crt: mbedtls_pk_info_from_type: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_pk_setup(&k, pki); if (rc) { warnx("auth_crt: mbedtls_pk_setup: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_ecp_gen_key(MBEDTLS_ECP_DP_SECP256R1, mbedtls_pk_ec(k), mbedtls_ctr_drbg_random, &g.ctr_drbg); if (rc) { warnx("auth_crt: mbedtls_ecp_gen_key: %s", _mbedtls_strerror(rc)); goto out; } mbedtls_x509write_crt_set_version(&c, MBEDTLS_X509_CRT_VERSION_3); mbedtls_x509write_crt_set_md_alg(&c, MBEDTLS_MD_SHA256); mbedtls_x509write_crt_set_subject_key(&c, &k); mbedtls_x509write_crt_set_issuer_key(&c, &k); if (asprintf(&cn, "CN=%s", ident) < 0) { warnx("auth_crt: asprintf failed"); cn = NULL; goto out; } rc = mbedtls_x509write_crt_set_subject_name(&c, cn); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_subject_name: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_x509write_crt_set_issuer_name(&c, cn); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_issuer_name: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_x509write_crt_set_basic_constraints(&c, 1, -1); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_basic_constraints: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_x509write_crt_set_serial(&c, &sn); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_serial: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_x509write_crt_set_validity(&c, nb, na); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_validity: %s", _mbedtls_strerror(rc)); goto out; } rc = parse_addr(ident, AI_NUMERICHOST | AI_NUMERICSERV, AF_UNSPEC, &ai); if (rc == 0) { memcpy(&addr.addr, ai->ai_addr, ai->ai_addrlen); addr.len = ai->ai_addrlen; freeaddrinfo(ai); } else addr.len = 0; while (1) { buf_len *= 2; free(buf); buf = calloc(1, buf_len); if (!buf) { warn("auth_crt: calloc"); goto out; } unsigned char *p = buf + buf_len; size_t len = 0; const unsigned char *data = NULL; size_t data_len = 0; unsigned char tag; if (addr.len) { tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | 7; if (addr.addr.sa.sa_family == AF_INET) { data = (unsigned char *)&addr.addr.v4.sin_addr; data_len = sizeof(addr.addr.v4.sin_addr); } else if (addr.addr.sa.sa_family == AF_INET6) { data = (unsigned char *)&addr.addr.v6.sin6_addr; data_len = sizeof(addr.addr.v6.sin6_addr); } } if (!data || !data_len) { tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | 2; data = (const unsigned char *)ident; data_len = strlen(ident); } rc = mbedtls_asn1_write_raw_buffer(&p, buf, data, data_len); if (rc >= 0) len += rc; else if (rc == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) break; else { warnx("auth_crt: mbedtls_asn1_write_raw_buffer: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_asn1_write_len(&p, buf, data_len); if (rc >= 0) len += rc; else if (rc == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) break; else { warnx("auth_crt: mbedtls_asn1_write_len: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_asn1_write_tag(&p, buf, tag); if (rc >= 0) len += rc; else if (rc == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) break; else { warnx("auth_crt: mbedtls_asn1_write_tag: %s", _mbedtls_strerror(rc)); goto out; } if (rc == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) continue; rc = mbedtls_asn1_write_len(&p, buf, len); if (rc >= 0) len += rc; else if (rc == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) continue; else { warnx("auth_crt: mbedtls_asn1_write_len: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_asn1_write_tag(&p, buf, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (rc >= 0) len += rc; else if (rc == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) continue; else { warnx("auth_crt: mbedtls_asn1_write_tag: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_x509write_crt_set_extension(&c, MBEDTLS_OID_SUBJECT_ALT_NAME, MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_ALT_NAME), 1, buf + buf_len - len, len); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_extension: %s", _mbedtls_strerror(rc)); goto out; } break; } rc = mbedtls_x509write_crt_set_extension(&c, // http://oid-info.com/get/1.3.6.1.5.5.7.1.31 // pe(1) id-pe-acmeIdentifier(31) MBEDTLS_OID_PKIX "\x01\x1F", MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x1F"), 1, id, id_len); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_extension: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_x509write_crt_set_key_usage(&c, MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_key_usage: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_x509write_crt_set_subject_key_identifier(&c); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_subject_key_identifier: %s", _mbedtls_strerror(rc)); goto out; } rc = mbedtls_x509write_crt_set_authority_key_identifier(&c); if (rc) { warnx("auth_crt: mbedtls_x509write_crt_set_authority_key_identifier:" " %s", _mbedtls_strerror(rc)); goto out; } while (1) { rc = mbedtls_x509write_crt_der(&c, buf, buf_len, mbedtls_ctr_drbg_random, &g.ctr_drbg); if (rc > 0) { *crt_len = rc; *crt = calloc(1, *crt_len); if (!*crt) { warn("auth_crt: calloc"); goto out; } memcpy(*crt, buf + buf_len - *crt_len, *crt_len); break; } else if (rc == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { free(buf); buf_len *= 2; buf = calloc(1, buf_len); if (!buf) { warn("auth_crt: calloc"); goto out; } } else { warnx("auth_crt: mbedtls_x509write_crt_der: %s", _mbedtls_strerror(rc)); goto out; } } while (1) { rc = mbedtls_pk_write_key_der(&k, buf, buf_len); if (rc > 0) { *key_len = rc; *key = calloc(1, *key_len); if (!*key) { warn("auth_crt: calloc"); goto out; } memcpy(*key, buf + buf_len - *key_len, *key_len); break; } else if (rc == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { free(buf); buf_len *= 2; buf = calloc(1, buf_len); if (!buf) { warn("auth_crt: calloc"); goto out; } } else { warnx("auth_crt: mbedtls_pk_write_key_der: %s", _mbedtls_strerror(rc)); goto out; } } ret = 0; out: mbedtls_x509write_crt_free(&c); mbedtls_pk_free(&k); mbedtls_mpi_free(&sn); free(buf); free(cn); if (ret != 0) { free(*key); *key = NULL; *key_len = 0; free(*crt); *crt = NULL; *crt_len = 0; } return ret; } #endif static void controller_done(EV_P_ controller_t *c, bool drain) { c->done = true; if (drain) { c->buf_send.n = 0; c->buf_send.rp = 0; c->buf_send.wp = 0; } if (c->fd != -1) { ev_io_stop(EV_A_ &c->io_recv); if (c->buf_send.n == 0) { ev_io_stop(EV_A_ &c->io_send); infox("controller %08x: connection closed", c->id); shutdown(c->fd, SHUT_RDWR); close(c->fd); c->fd = -1; } else ev_io_start(EV_A_ &c->io_send); } if (c->fd == -1) { debugx("controller %08x: removed", c->id); ev_timer_stop(EV_A_ &c->timer); SGLIB_DL_LIST_DELETE(controller_t, g.controllers, c, prev, next); free(c); } } static void cb_controller_timer(EV_P_ ev_timer *w, int revents) { controller_t *c = (controller_t *)(((uint8_t *)w) - offsetof(controller_t, timer)); if ((revents & EV_TIMER) == 0) return; ev_tstamp after = c->timestamp - ev_now(EV_A) + 5; if (after < 0.0) { infox("controller %08x: disconnecting due to timeout", c->id); controller_done(EV_A_ c, true); } else { ev_timer_set(w, after, 0.0); ev_timer_start(EV_A_ w); } } static void controller_handle_cmd(controller_t *c, char *line, ev_tstamp ts) { char *saveptr; char *cmd = strtok_r(line, " \t", &saveptr); char *ident = strtok_r(NULL, " \t", &saveptr); char *auth = strtok_r(NULL, " \t", &saveptr); size_t ident_len = ident ? strlen(ident) : 0; struct addrinfo *ai; char arpa[80]; if (!cmd || (strcmp(cmd, "auth") && strcmp(cmd, "unauth"))) { buf_puts(&c->buf_send, "ERR usage: auth | unauth \n"); return; } if (ident_len == 0 || ident_len > 250 || ident_len != strspn(ident, "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz0123456789-_.:")) { buf_puts(&c->buf_send, "ERR invalid ident\n"); return; } memset(arpa, 0, sizeof(arpa)); if (parse_addr(ident, AI_NUMERICHOST|AI_NUMERICSERV, AF_UNSPEC, &ai) == 0) { if (ai->ai_family == AF_INET) { struct sockaddr_in *ain = (struct sockaddr_in *)ai->ai_addr; uint32_t addr = ntohl(ain->sin_addr.s_addr); snprintf(arpa, sizeof(arpa), "%d.%d.%d.%d.in-addr.arpa", addr & 0xFF, (addr >> 8) & 0xFF, (addr >> 16) & 0xFF, (addr >> 24) & 0xFF); } else if (ai->ai_family == AF_INET6) { struct sockaddr_in6 *ain6 = (struct sockaddr_in6 *)ai->ai_addr; unsigned char *addr = ain6->sin6_addr.s6_addr; char *p = arpa; for (int i = sizeof(ain6->sin6_addr.s6_addr) - 1; i >= 0 && p < arpa + sizeof(arpa) - 5; i--) { *p++ = "0123456789abcdef"[addr[i] & 0xF]; *p++ = '.'; *p++ = "0123456789abcdef"[(addr[i] >> 4) & 0xF]; *p++ = '.'; } strncat(p, "ip6.arpa", sizeof(arpa) - (p - arpa) - 1); } freeaddrinfo(ai); } if (strcmp(cmd, "auth") == 0) { size_t id_len; uint8_t id[0x22] = { 0x04, // OCTET_STRING 0x20, // LENGTH }; if (base642bin(id + 2, sizeof(id) - 2, auth, strlen(auth), NULL, &id_len, NULL, base64_VARIANT_URLSAFE_NO_PADDING) || id_len != sizeof(id) - 2) { buf_puts(&c->buf_send, "ERR invalid auth\n"); return; } auth_t *a = get_auth(arpa[0] ? arpa : ident); if (a && strcmp(a->auth, auth) == 0) { buf_puts(&c->buf_send, "ERR already inserted\n"); return; } #if defined(USE_GNUTLS) gnutls_datum_t crt = {NULL, 0}, key = {NULL, 0}; if (auth_crt(ident, id, sizeof(id), &crt, &key) != 0) { #elif defined(USE_OPENSSL) || defined(USE_MBEDTLS) struct { unsigned char *data; unsigned int size; } crt = {NULL, 0}, key = {NULL, 0}; if (auth_crt(ident, id, sizeof(id), &crt.data, &crt.size, &key.data, &key.size) != 0) { #endif buf_puts(&c->buf_send, "ERR crypto failure (auth_crt)\n"); return; } if (crt.size > sizeof(a->crt) || key.size > sizeof(a->key)) { buf_puts(&c->buf_send, "ERR crypto failure (crt/key size)\n"); #if defined(USE_GNUTLS) gnutls_free(key.data); gnutls_free(crt.data); #elif defined(USE_OPENSSL) OPENSSL_free(key.data); OPENSSL_free(crt.data); #elif defined(USE_MBEDTLS) free(key.data); free(crt.data); #endif return; } if (auth_lock(100) != 0) { buf_puts(&c->buf_send, "ERR locked\n"); #if defined(USE_GNUTLS) gnutls_free(key.data); gnutls_free(crt.data); #elif defined(USE_OPENSSL) OPENSSL_free(key.data); OPENSSL_free(crt.data); #elif defined(USE_MBEDTLS) free(key.data); free(crt.data); #endif return; } if (!a) { if (!g_shm->avail) { warnx("controller %08x: too many auths", c->id); buf_puts(&c->buf_send, "ERR too many auths\n"); auth_unlock(); #if defined(USE_GNUTLS) gnutls_free(key.data); gnutls_free(crt.data); #elif defined(USE_OPENSSL) OPENSSL_free(key.data); OPENSSL_free(crt.data); #elif defined(USE_MBEDTLS) free(key.data); free(crt.data); #endif return; } a = g_shm->avail; SGLIB_DL_LIST_DELETE(auth_t, g_shm->avail, a, left, right); safe_strncpy(a->ident, arpa[0] ? arpa : ident, sizeof(a->ident)); sglib_auth_t_add(&g_shm->auths, a); g.auths_touched = true; } safe_strncpy(a->auth, auth, sizeof(a->auth)); memcpy(a->key, key.data, key.size); a->key_size = key.size; memcpy(a->crt, crt.data, crt.size); a->crt_size = crt.size; a->timestamp = ts; auth_unlock(); #if defined(USE_GNUTLS) gnutls_free(key.data); gnutls_free(crt.data); #elif defined(USE_OPENSSL) OPENSSL_free(key.data); OPENSSL_free(crt.data); #elif defined(USE_MBEDTLS) free(key.data); free(crt.data); #endif if (arpa[0]) noticex("controller %08x: new auth %s for %s (%s)", c->id, auth, ident, arpa); else noticex("controller %08x: new auth %s for %s", c->id, auth, ident); } else if (strcmp(cmd, "unauth") == 0) { if (auth) { buf_puts(&c->buf_send, "ERR too many parameters\n"); return; } auth_t *a = get_auth(arpa[0] ? arpa : ident); if (!a) { infox("controller %08x: failed to remove missing auth for %s", c->id, ident); buf_puts(&c->buf_send, "ERR not found\n"); return; } if (auth_lock(100) != 0) { buf_puts(&c->buf_send, "ERR locked\n"); return; } sglib_auth_t_delete(&g_shm->auths, a); SGLIB_DL_LIST_ADD(auth_t, g_shm->avail, a, left, right); g.auths_touched = true; auth_unlock(); if (arpa[0]) noticex("controller %08x: removed auth for %s (%s)", c->id, ident, arpa); else noticex("controller %08x: removed auth for %s", c->id, ident); } buf_puts(&c->buf_send, "OK\n"); } static void cb_controller_recv(EV_P_ ev_io *w, int revents) { controller_t *c = (controller_t *)(((uint8_t *)w) - offsetof(controller_t, io_recv)); if ((revents & EV_READ) == 0) return; c->timestamp = ev_now(EV_A); switch (buf_readv(c->fd, &c->buf_recv)) { case 0: controller_done(EV_A_ c, true); return; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("controller %08x: failed to receive", c->id); controller_done(EV_A_ c, true); return; } break; case -2: buf_puts(&c->buf_send, "ERR too long\n"); controller_done(EV_A_ c, false); return; default: break; } char line[0x200]; switch (buf_getline(&c->buf_recv, line, sizeof(line))) { case -1: buf_puts(&c->buf_send, "ERR too long\n"); controller_done(EV_A_ c, false); return; case 0: return; default: controller_handle_cmd(c, line, ev_now(EV_A)); ev_io_start(EV_A_ &c->io_send); return; } } static void cb_controller_send(EV_P_ ev_io *w, int revents) { controller_t *c = (controller_t *)(((uint8_t *)w) - offsetof(controller_t, io_send)); if ((revents & EV_WRITE) == 0) return; switch (buf_writev(c->fd, &c->buf_send)) { case 0: ev_io_stop(EV_A_ &c->io_send); break; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("controller %08x: failed to send", c->id); controller_done(EV_A_ c, true); return; } break; default: break; } if (c->done) { controller_done(EV_A_ c, false); return; } else if (c->fd != -1) ev_io_start(EV_A_ &c->io_recv); } static void cb_controller_accept(EV_P_ ev_io *w, int revents) { if ((revents & EV_READ) == 0) return; if (g_shm->shutdown) { ev_io_stop(EV_A_ w); return; } controller_t *c = calloc(1, sizeof(controller_t)); if (!c) { warn("control accept: calloc"); return; } c->id = 0xFFFFFFFF & (unsigned int)random(); int fd = accept(w->fd, NULL, NULL); if (fd == -1) { if (errno != EAGAIN && errno != EWOULDBLOCK) warn("control accept"); free(c); return; } noticex("new controller %08x: handling connection", c->id); if (set_nonblocking(fd)) { warn("controller %08x: failed to set O_NONBLOCK, closing", c->id); close(fd); free(c); return; } SGLIB_DL_LIST_ADD(controller_t, g.controllers, c, prev, next); c->fd = fd; c->timestamp = ev_now(EV_A); ev_init(&c->timer, cb_controller_timer); ev_set_priority(&c->timer, -1); ev_invoke(EV_A_ &c->timer, EV_TIMER); ev_io_init(&c->io_recv, cb_controller_recv, fd, EV_READ); ev_io_init(&c->io_send, cb_controller_send, fd, EV_WRITE); ev_io_start(EV_A_ &c->io_recv); } typedef enum { DRAIN_NONE = 0, DRAIN_FRONTEND, DRAIN_BACKEND, DRAIN_BOTH } drain_t; static void client_done(EV_P_ client_t *c, drain_t drain) { c->state = STATE_DONE; if (drain == DRAIN_FRONTEND || drain == DRAIN_BOTH) { #if HAVE_SPLICE c->n_b2f = 0; #else c->buf_b2f.n = 0; c->buf_b2f.rp = 0; c->buf_b2f.wp = 0; #endif } if (drain == DRAIN_BACKEND || drain == DRAIN_BOTH) { #if HAVE_SPLICE c->n_f2b = 0; #else c->buf_f2b.n = 0; c->buf_f2b.rp = 0; c->buf_f2b.wp = 0; #endif } if (c->fd_f != -1) { ev_io_stop(EV_A_ &c->io_rxf); #if HAVE_SPLICE if (c->n_b2f <= 0) { ev_io_stop(EV_A_ &c->io_b2f0); ev_io_stop(EV_A_ &c->io_f2b1); #else if (c->buf_b2f.n == 0) { #endif ev_io_stop(EV_A_ &c->io_txf); infox("client %08x: frontend connection closed (rx=%zu tx=%zu)", c->id, c->frx, c->ftx); shutdown(c->fd_f, SHUT_RDWR); close(c->fd_f); c->fd_f = -1; } else ev_io_start(EV_A_ &c->io_txf); } if (c->fd_b != -1) { ev_io_stop(EV_A_ &c->io_rxb); #if HAVE_SPLICE if (c->n_f2b <= 0) { ev_io_stop(EV_A_ &c->io_f2b0); ev_io_stop(EV_A_ &c->io_b2f1); #else if (c->buf_f2b.n == 0) { #endif ev_io_stop(EV_A_ &c->io_txb); infox("client %08x: backend connection closed (rx=%zu tx=%zu)", c->id, c->brx, c->btx); shutdown(c->fd_b, SHUT_RDWR); close(c->fd_b); c->fd_b = -1; } else ev_io_start(EV_A_ &c->io_txb); } if (c->fd_b == -1 && c->fd_f == -1) { debugx("client %08x: removed", c->id); #if HAVE_SPLICE close(c->fd_b2f[0]); close(c->fd_b2f[1]); close(c->fd_f2b[0]); close(c->fd_f2b[1]); #endif #if defined(USE_GNUTLS) if (c->tls) gnutls_deinit(c->tls); if (c->cred) gnutls_certificate_free_credentials(c->cred); #elif defined(USE_OPENSSL) if (c->ssl) SSL_free(c->ssl); #elif defined(USE_MBEDTLS) mbedtls_x509_crt_free(&c->crt); mbedtls_pk_free(&c->key); mbedtls_ssl_free(&c->ssl); mbedtls_ssl_config_free(&c->cnf); #endif ev_timer_stop(EV_A_ &c->timer); SGLIB_DL_LIST_DELETE(client_t, g.clients, c, prev, next); free(c); } } #if defined(USE_GNUTLS) static ssize_t tls_pull_func(gnutls_transport_ptr_t p, void *data, size_t size) { client_t *c = (client_t *)p; if (!c) { gnutls_transport_set_errno(c->tls, EINVAL); return -1; } #if EV_MULTIPLICITY EV_P = c->loop; #endif ssize_t s = recv(c->fd_f, data, size, c->state == STATE_ACME ? 0 : MSG_PEEK); if (s == 0) { c->state = STATE_CLOSING; return 0; } else if (s == -1) { gnutls_transport_set_errno(c->tls, errno); if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: frontend failed to read from %s:%s", c->id, c->rhost_f, c->rserv_f); c->state = STATE_CLOSING; } else if (c->fd_f != -1 && c->state != STATE_DONE) ev_io_start(EV_A_ &c->io_rxf); return -1; } if (c->state == STATE_ACME) { c->frx += s; return s; } #if HAVE_SPLICE s = write(c->fd_f2b[1], data, s); if (s > 0) c->n_f2b += s; #else s = buf_put(&c->buf_f2b, data, s); #endif if (s == -1) { gnutls_transport_set_errno(c->tls, errno); return -1; } else { ssize_t sr = recv(c->fd_f, data, s, 0); if (sr > 0) c->frx += sr; if (sr != s) { warn("client %08x: frontend failed to buffer data from %s:%s", c->id, c->rhost_f, c->rserv_f); c->state = STATE_CLOSING; return 0; } } return s; } static ssize_t tls_push_func(gnutls_transport_ptr_t p, const void *data, size_t size) { client_t *c = (client_t *)p; if (!c) { gnutls_transport_set_errno(c->tls, EINVAL); return -1; } #if EV_MULTIPLICITY EV_P = c->loop; #endif if (c->state != STATE_ACME) { // prevent sending data to client until PROXY/ACME decision gnutls_transport_set_errno(c->tls, EAGAIN); return -1; } #if HAVE_SPLICE ssize_t s = write(c->fd_b2f[1], data, size); if (s > 0) c->n_b2f += s; #else ssize_t s = buf_put(&c->buf_b2f, data, size); #endif if (s == -1) { gnutls_transport_set_errno(c->tls, errno); if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: frontend failed to buffer data from %s:%s", c->id, c->rhost_f, c->rserv_f); c->state = STATE_CLOSING; return -1; } } if (c->fd_f != -1) ev_io_start(EV_A_ &c->io_txf); return s; } static int tls_post_client_hello_func(gnutls_session_t s) { client_t *c = (client_t *)gnutls_session_get_ptr(s); unsigned int type; char name[0x100]; size_t name_len = sizeof(name)-1; memset(name, 0, name_len); int rc = gnutls_server_name_get(c->tls, name, &name_len, &type, 0); if (rc != GNUTLS_E_SUCCESS) return rc; gnutls_datum_t protocol; rc = gnutls_alpn_get_selected_protocol(c->tls, &protocol); if (rc != GNUTLS_E_SUCCESS) return rc; if (protocol.size != strlen("acme-tls/1") || memcmp("acme-tls/1", protocol.data, protocol.size)) return GNUTLS_E_APPLICATION_ERROR_MAX; auth_t *auth = get_auth(name); if (!auth) { infox("client %08x: acme-tls/1 handshake: no auth for %s", c->id, name); return GNUTLS_E_APPLICATION_ERROR_MAX; } gnutls_certificate_free_keys(c->cred); gnutls_datum_t crt = { .data = auth->crt, .size = auth->crt_size }; gnutls_datum_t key = { .data = auth->key, .size = auth->key_size }; rc = gnutls_certificate_set_x509_key_mem(c->cred, &crt, &key, GNUTLS_X509_FMT_DER); if (rc != GNUTLS_E_SUCCESS) { warnx("client %08x: acme-tls/1 handshake with auth %s for %s failed: " "gnutls_certificate_set_x509_key_mem: %s", c->id, auth->auth, auth->ident, gnutls_strerror(rc)); return rc; } rc = gnutls_credentials_set(c->tls, GNUTLS_CRD_CERTIFICATE, c->cred); if (rc != GNUTLS_E_SUCCESS) { warnx("client %08x: acme-tls/1 handshake with auth %s for %s failed: " "gnutls_credentials_set: %s", c->id, auth->auth, auth->ident, gnutls_strerror(rc)); return rc; } safe_strncpy(c->auth, auth->auth, sizeof(c->auth)); safe_strncpy(c->ident, auth->ident, sizeof(c->ident)); #if HAVE_SPLICE c->n_f2b = 0; #else c->buf_f2b.n = 0; c->buf_f2b.rp = 0; c->buf_f2b.wp = 0; #endif c->state = STATE_ACME; return GNUTLS_E_SUCCESS; } #elif defined(USE_OPENSSL) static int bio_read(BIO *b, char *data, int size) { client_t *c = (client_t *)BIO_get_ex_data(b, g.bio_idx); if (data == NULL) return 0; BIO_clear_retry_flags(b); if (!c) { errno = EINVAL; return -1; } #if EV_MULTIPLICITY EV_P = c->loop; #endif ssize_t s = recv(c->fd_f, data, size, c->state == STATE_ACME ? 0 : MSG_PEEK); if (s == 0) { c->state = STATE_CLOSING; return 0; } else if (s == -1) { if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: frontend failed to read from %s:%s", c->id, c->rhost_f, c->rserv_f); c->state = STATE_CLOSING; } else if (c->fd_f != -1 && c->state != STATE_DONE) { ev_io_start(EV_A_ &c->io_rxf); BIO_set_retry_read(b); } return -1; } if (c->state == STATE_ACME) { c->frx += s; return s; } #if HAVE_SPLICE s = write(c->fd_f2b[1], data, s); if (s > 0) c->n_f2b += s; #else s = buf_put(&c->buf_f2b, data, s); #endif if (s == -1) { if (errno == EAGAIN || errno == EWOULDBLOCK) BIO_set_retry_read(b); return -1; } else { ssize_t sr = recv(c->fd_f, data, s, 0); if (sr > 0) c->frx += sr; if (sr != s) { warn("client %08x: frontend failed to buffer data from %s:%s", c->id, c->rhost_f, c->rserv_f); c->state = STATE_CLOSING; return 0; } } return s; } static int bio_write(BIO *b, const char *data, int size) { client_t *c = (client_t *)BIO_get_ex_data(b, g.bio_idx); BIO_clear_retry_flags(b); if (!c) { errno = EINVAL; return -1; } #if EV_MULTIPLICITY EV_P = c->loop; #endif if (c->state != STATE_ACME) { // prevent sending data to client until PROXY/ACME decision BIO_set_retry_write(b); return -1; } #if HAVE_SPLICE ssize_t s = write(c->fd_b2f[1], data, size); if (s > 0) c->n_b2f += s; #else ssize_t s = buf_put(&c->buf_b2f, data, size); #endif if (s == -1) { if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: frontend failed to buffer data from %s:%s", c->id, c->rhost_f, c->rserv_f); c->state = STATE_CLOSING; return -1; } BIO_set_retry_write(b); } if (c->fd_f != -1) ev_io_start(EV_A_ &c->io_txf); return s; } static long bio_ctrl(BIO *b, int cmd, long num, void *ptr) { (void) b; (void) ptr; (void) num; switch (cmd) { case BIO_CTRL_SET_CLOSE: case BIO_CTRL_FLUSH: case BIO_CTRL_DUP: return 1; default: return 0; } } static const BIO_METHOD *BIO_s_ualpn(void) { if (g.bio_meth == NULL) { int index = BIO_get_new_index(); if (index == -1) { openssl_error("BIO_s_ualpn"); return NULL; } g.bio_meth = BIO_meth_new(index | BIO_TYPE_SOURCE_SINK, "ualpn"); if (g.bio_meth == NULL) { openssl_error("BIO_s_ualpn"); return NULL; } BIO_meth_set_write(g.bio_meth, bio_write); BIO_meth_set_read(g.bio_meth, bio_read); BIO_meth_set_ctrl(g.bio_meth, bio_ctrl); } return g.bio_meth; } static int ssl_client_hello_cb(SSL *s, int *al, void *arg) { client_t *c = (client_t *)SSL_get_ex_data(s, g.ssl_idx); auth_t *auth = NULL; bool alpn = false; char name[0x100]; const unsigned char *ext = NULL; size_t ext_len = 0; size_t len; (void) al; (void) arg; if (!c) return SSL_CLIENT_HELLO_RETRY; if (!SSL_client_hello_get0_ext(s, TLSEXT_TYPE_application_layer_protocol_negotiation, &ext, &ext_len) || ext_len < 3) return SSL_CLIENT_HELLO_RETRY; len = *ext++ << 8; len += *ext++; ext_len -= 2; if (len != ext_len) return SSL_CLIENT_HELLO_RETRY; while (ext_len > 0) { len = ext[0]; if (len + 1 > ext_len) return SSL_CLIENT_HELLO_RETRY; if (len == strlen("acme-tls/1") && memcmp("acme-tls/1", &ext[1], len) == 0) { alpn = true; break; } ext_len -= len + 1; ext += len + 1; } if (!alpn) return SSL_CLIENT_HELLO_RETRY; if (!SSL_client_hello_get0_ext(s, TLSEXT_TYPE_server_name, &ext, &ext_len) || ext_len < 5) return SSL_CLIENT_HELLO_RETRY; len = *ext++ << 8; len += *ext++; ext_len -= 2; if (len != ext_len) return SSL_CLIENT_HELLO_RETRY; memset(name, 0, sizeof(name)); while (ext_len > 2) { len = (ext[1] << 8) + ext[2]; if (len + 3 > ext_len) return SSL_CLIENT_HELLO_RETRY; if (ext[0] == TLSEXT_NAMETYPE_host_name) { memcpy(name, &ext[3], len < sizeof(name) ? len : sizeof(name) - 1); break; } ext_len -= len + 3; ext += len + 3; } if (strlen(name) == 0) return SSL_CLIENT_HELLO_RETRY; auth = get_auth(name); if (!auth) { infox("client %08x: acme-tls/1 handshake: no auth for %s", c->id, name); return SSL_CLIENT_HELLO_RETRY; } if (!SSL_use_certificate_ASN1(s, auth->crt, auth->crt_size)) { warnx("client %08x: acme-tls/1 handshake with auth %s for %s failed: " "SSL_use_certificate_ASN1: %s", c->id, auth->auth, auth->ident, ERR_error_string(ERR_get_error(), NULL)); ERR_clear_error(); return SSL_CLIENT_HELLO_RETRY; } if (!SSL_use_PrivateKey_ASN1(EVP_PKEY_EC, s, auth->key, auth->key_size)) { warnx("client %08x: acme-tls/1 handshake with auth %s for %s failed: " "SSL_use_certificate_ASN1: %s", c->id, auth->auth, auth->ident, ERR_error_string(ERR_get_error(), NULL)); ERR_clear_error(); return SSL_CLIENT_HELLO_RETRY; } safe_strncpy(c->auth, auth->auth, sizeof(c->auth)); safe_strncpy(c->ident, auth->ident, sizeof(c->ident)); return SSL_CLIENT_HELLO_SUCCESS; } static int ssl_alpn_select_cb(SSL *s, const unsigned char **out, unsigned char *out_len, const unsigned char *in, unsigned int in_len, void *arg) { client_t *c = (client_t *)SSL_get_ex_data(s, g.ssl_idx); const unsigned char *proto; unsigned int proto_len = 0; (void) arg; if (!c) return SSL_TLSEXT_ERR_ALERT_FATAL; for (proto = in; proto < in + in_len; proto += proto_len) { proto_len = *proto++; if (in + in_len < proto + proto_len) break; if (proto_len == strlen("acme-tls/1") && memcmp(proto, "acme-tls/1", proto_len) == 0) { *out = proto; *out_len = proto_len; #if HAVE_SPLICE c->n_f2b = 0; #else c->buf_f2b.n = 0; c->buf_f2b.rp = 0; c->buf_f2b.wp = 0; #endif c->state = STATE_ACME; return SSL_TLSEXT_ERR_OK; } } return SSL_TLSEXT_ERR_ALERT_FATAL; } #elif defined(USE_MBEDTLS) static int bio_read(void *ctx, unsigned char *data, size_t size) { client_t *c = (client_t *)ctx; if (data == NULL) return 0; if (!c) return -1; #if EV_MULTIPLICITY EV_P = c->loop; #endif ssize_t s = recv(c->fd_f, data, size, c->state == STATE_ACME ? 0 : MSG_PEEK); if (s == 0) { c->state = STATE_CLOSING; return 0; } else if (s == -1) { if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: frontend failed to read from %s:%s", c->id, c->rhost_f, c->rserv_f); c->state = STATE_CLOSING; return -1; } else if (c->fd_f != -1 && c->state != STATE_DONE) { ev_io_start(EV_A_ &c->io_rxf); } return MBEDTLS_ERR_SSL_WANT_READ; } if (c->state == STATE_ACME) { c->frx += s; return s; } #if HAVE_SPLICE s = write(c->fd_f2b[1], data, s); if (s > 0) c->n_f2b += s; #else s = buf_put(&c->buf_f2b, data, s); #endif if (s == -1) { if (errno == EAGAIN || errno == EWOULDBLOCK) return MBEDTLS_ERR_SSL_WANT_READ; } else { ssize_t sr = recv(c->fd_f, data, s, 0); if (sr > 0) c->frx += sr; if (sr != s) { warn("client %08x: frontend failed to buffer data from %s:%s", c->id, c->rhost_f, c->rserv_f); c->state = STATE_CLOSING; return 0; } } return s; } static int bio_write(void *ctx, const unsigned char *data, size_t size) { client_t *c = (client_t *)ctx; if (!c) return -1; #if EV_MULTIPLICITY EV_P = c->loop; #endif if (c->state != STATE_ACME) { // prevent sending data to client until PROXY/ACME decision return MBEDTLS_ERR_SSL_WANT_WRITE; } #if HAVE_SPLICE ssize_t s = write(c->fd_b2f[1], data, size); if (s > 0) c->n_b2f += s; #else ssize_t s = buf_put(&c->buf_b2f, data, size); #endif if (s == -1) { if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: frontend failed to buffer data from %s:%s", c->id, c->rhost_f, c->rserv_f); c->state = STATE_CLOSING; return -1; } else s = MBEDTLS_ERR_SSL_WANT_WRITE; } if (c->fd_f != -1) ev_io_start(EV_A_ &c->io_txf); return s; } static int sni_callback(void *p, mbedtls_ssl_context *ssl, const unsigned char *name, size_t name_len) { client_t *c = (client_t *)p; if (!c || ssl != &c->ssl) return -1; memset(c->ident, 0, sizeof(c->ident)); if (name_len > sizeof(c->ident) - 1) name_len = sizeof(c->ident) - 1; memcpy(c->ident, name, name_len); return 0; } #if MBEDTLS_VERSION_NUMBER >= 0x02170000 int ext_callback(void *ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid, int critical, const unsigned char *p, const unsigned char *end) { (void) ctx; (void) crt; (void) critical; (void) p; (void) end; if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKIX "\x01\x1F", oid)) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; else return 0; } #endif int cert_select(client_t *c) { const char *proto = mbedtls_ssl_get_alpn_protocol(&c->ssl); if (proto && strcmp(proto, "acme-tls/1") == 0) { int rc; auth_t *auth = get_auth(c->ident); if (!auth) { infox("client %08x: acme-tls/1 handshake: no auth for %s", c->id, c->ident); return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } mbedtls_x509_crt_free(&c->crt); #if MBEDTLS_VERSION_NUMBER >= 0x02170000 rc = mbedtls_x509_crt_parse_der_with_ext_cb(&c->crt, auth->crt, auth->crt_size, 1, ext_callback, NULL); if (rc) { warnx("client %08x: mbedtls_x509_crt_parse_der_with_ext_cb" " for %s: %s", c->id, c->ident, _mbedtls_strerror(rc)); return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } #else rc = mbedtls_x509_crt_parse_der(&c->crt, auth->crt, auth->crt_size); if (rc) { warnx("client %08x: mbedtls_x509_crt_parse_der for %s: %s", c->id, c->ident, _mbedtls_strerror(rc)); return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } #endif mbedtls_pk_free(&c->key); rc = mbedtls_pk_parse_key(&c->key, auth->key, auth->key_size, NULL, 0 #if MBEDTLS_VERSION_NUMBER >= 0x03000000 , mbedtls_ctr_drbg_random, &g.ctr_drbg #endif ); if (rc) { warnx("client %08x: mbedtls_pk_parse_key for %s: %s", c->id, c->ident, _mbedtls_strerror(rc)); return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } rc = mbedtls_ssl_set_hs_own_cert(&c->ssl, &c->crt, &c->key); if (rc) { warnx("client %08x: mbedtls_ssl_set_hs_own_cert for %s: %s", c->id, c->ident, _mbedtls_strerror(rc)); return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } safe_strncpy(c->auth, auth->auth, sizeof(c->auth)); #if HAVE_SPLICE c->n_f2b = 0; #else c->buf_f2b.n = 0; c->buf_f2b.rp = 0; c->buf_f2b.wp = 0; #endif c->state = STATE_ACME; return 0; } else return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; } #if MBEDTLS_VERSION_NUMBER >= 0x03000000 int cert_callback(mbedtls_ssl_context *ssl) { client_t *c = (client_t *)mbedtls_ssl_get_user_data_p(ssl); if (!c || ssl != &c->ssl) return -1; return cert_select(c); } #endif static int do_handshake(client_t *c) { #if MBEDTLS_VERSION_NUMBER >= 0x03000000 return mbedtls_ssl_handshake(&c->ssl); #else int rc = 0; while (c->ssl.state != MBEDTLS_SSL_HANDSHAKE_OVER) { rc = mbedtls_ssl_handshake_step(&c->ssl); if (rc) break; if (c->state == STATE_ACME) continue; if (c->ssl.state > MBEDTLS_SSL_CLIENT_HELLO) { rc = cert_select(c); if (rc) break; } } return rc; #endif } #endif static int tls_session_init(client_t *c, uint8_t *buf, size_t buf_len) { if (buf_len > 0 && buf[0] != 0x16) return -1; if (buf_len > 1 && buf[1] != 0x03) return -1; if (buf_len > 2 && (buf[2] < 0x01 || buf[2] > 0x03)) return -1; #if defined(USE_GNUTLS) int rc = gnutls_init(&c->tls, GNUTLS_SERVER | GNUTLS_NONBLOCK); if (rc != GNUTLS_E_SUCCESS) { warnx("client %08x: gnutls_init: %s", c->id, gnutls_strerror(rc)); return -1; } gnutls_session_set_ptr(c->tls, c); gnutls_transport_set_ptr(c->tls, c); gnutls_transport_set_push_function(c->tls, tls_push_func); gnutls_transport_set_pull_function(c->tls, tls_pull_func); gnutls_handshake_set_post_client_hello_function(c->tls, tls_post_client_hello_func); gnutls_certificate_server_set_request(c->tls, GNUTLS_CERT_IGNORE); gnutls_datum_t proto = { .data = (void *)"acme-tls/1", .size = strlen("acme-tls/1") }; rc = gnutls_alpn_set_protocols(c->tls, &proto, 1, GNUTLS_ALPN_MAND); if (rc != GNUTLS_E_SUCCESS) { warnx("client %08x: gnutls_alpn_set_protocols: %s", c->id, gnutls_strerror(rc)); return -1; } rc = gnutls_set_default_priority(c->tls); if (rc != GNUTLS_E_SUCCESS) { warnx("client %08x: gnutls_set_default_priority: %s", c->id, gnutls_strerror(rc)); return -1; } rc = gnutls_certificate_allocate_credentials(&c->cred); if (rc != GNUTLS_E_SUCCESS) { warnx("client %08x: failed to allocate TLS credentials: %s", c->id, gnutls_strerror(rc)); gnutls_deinit(c->tls); return -1; } #elif defined(USE_OPENSSL) c->ssl = SSL_new(g.ssl_ctx); if (!c->ssl || !SSL_set_ex_data(c->ssl, g.ssl_idx, c)) { char buf[32]; snprintf(buf, sizeof(buf), "client %08x:", c->id); openssl_error(buf); return -1; } BIO *bio = BIO_new(BIO_s_ualpn()); if (!bio || !BIO_set_ex_data(bio, g.bio_idx, c)) { char buf[32]; snprintf(buf, sizeof(buf), "client %08x:", c->id); openssl_error(buf); return -1; } BIO_up_ref(bio); SSL_set0_rbio(c->ssl, bio); SSL_set0_wbio(c->ssl, bio); SSL_set_accept_state(c->ssl); #elif defined(USE_MBEDTLS) mbedtls_ssl_config_init(&c->cnf); int rc = mbedtls_ssl_config_defaults(&c->cnf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT); if (rc) { warnx("client %08x: mbedtls_ssl_config_defaults: %s", c->id, _mbedtls_strerror(rc)); return -1; } #if MBEDTLS_VERSION_NUMBER >= 0x03000000 mbedtls_ssl_conf_min_tls_version(&c->cnf, MBEDTLS_SSL_VERSION_TLS1_2); #else mbedtls_ssl_conf_min_version(&c->cnf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); #endif static const char *protos[] = { "acme-tls/1", NULL }; rc = mbedtls_ssl_conf_alpn_protocols(&c->cnf, protos); if (rc) { warnx("client %08x: mbedtls_ssl_conf_alpn_protocols: %s", c->id, _mbedtls_strerror(rc)); return -1; } mbedtls_ssl_conf_rng(&c->cnf, mbedtls_ctr_drbg_random, &g.ctr_drbg); mbedtls_ssl_conf_sni(&c->cnf, sni_callback, c); #if MBEDTLS_VERSION_NUMBER >= 0x03000000 mbedtls_ssl_conf_cert_cb(&c->cnf, cert_callback); #endif mbedtls_x509_crt_init(&c->crt); #if MBEDTLS_VERSION_NUMBER >= 0x02170000 rc = mbedtls_x509_crt_parse_der_with_ext_cb(&c->crt, g.crt, g.crt_len, 1, ext_callback, NULL); if (rc) { warnx("client %08x: mbedtls_x509_crt_parse_der_with_ext_cb: %s", c->id, _mbedtls_strerror(rc)); return -1; } #else rc = mbedtls_x509_crt_parse_der(&c->crt, g.crt, g.crt_len); if (rc == MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) { critx("client %08x: mbedTLS is most likely built without " "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION, " "terminating", c->id); g_shm->shutdown = true; return -1; } else if (rc) { warnx("client %08x: mbedtls_x509_crt_parse_der: %s", c->id, _mbedtls_strerror(rc)); return -1; } #endif mbedtls_pk_init(&c->key); rc = mbedtls_pk_parse_key(&c->key, g.key, g.key_len, NULL, 0 #if MBEDTLS_VERSION_NUMBER >= 0x03000000 , mbedtls_ctr_drbg_random, &g.ctr_drbg #endif ); if (rc) { warnx("client %08x: mbedtls_pk_parse_key: %s", c->id, _mbedtls_strerror(rc)); return -1; } rc = mbedtls_ssl_conf_own_cert(&c->cnf, &c->crt, &c->key); if (rc) { warnx("client %08x: mbedtls_ssl_conf_own_cert: %s", c->id, _mbedtls_strerror(rc)); return -1; } mbedtls_ssl_init(&c->ssl); #if MBEDTLS_VERSION_NUMBER >= 0x03000000 mbedtls_ssl_set_user_data_p(&c->ssl, c); #endif rc = mbedtls_ssl_setup(&c->ssl, &c->cnf); if (rc) { warnx("client %08x: mbedtls_ssl_setup: %s", c->id, _mbedtls_strerror(rc)); return -1; } rc = mbedtls_ssl_session_reset(&c->ssl); if (rc) { warnx("client %08x: mbedtls_ssl_session_reset: %s", c->id, _mbedtls_strerror(rc)); return -1; } mbedtls_ssl_set_bio(&c->ssl, c, bio_write, bio_read, NULL); #endif return 0; } #if HAVE_SPLICE static void cb_client_b2f0(EV_P_ ev_io *w, int revents) { client_t *c = (client_t *)(((uint8_t *)w) - offsetof(client_t, io_b2f0)); if ((revents & EV_READ) == 0) return; ev_io_stop(EV_A_ w); if (c->fd_f != -1) ev_io_start(EV_A_ &c->io_txf); } static void cb_client_b2f1(EV_P_ ev_io *w, int revents) { client_t *c = (client_t *)(((uint8_t *)w) - offsetof(client_t, io_b2f1)); if ((revents & EV_WRITE) == 0) return; ev_io_stop(EV_A_ w); if (c->fd_b != -1 && c->state != STATE_DONE) ev_io_start(EV_A_ &c->io_rxb); } static void cb_client_f2b0(EV_P_ ev_io *w, int revents) { client_t *c = (client_t *)(((uint8_t *)w) - offsetof(client_t, io_f2b0)); if ((revents & EV_READ) == 0) return; ev_io_stop(EV_A_ w); if (c->fd_b != -1) ev_io_start(EV_A_ &c->io_txb); } static void cb_client_f2b1(EV_P_ ev_io *w, int revents) { client_t *c = (client_t *)(((uint8_t *)w) - offsetof(client_t, io_f2b1)); if ((revents & EV_WRITE) == 0) return; ev_io_stop(EV_A_ w); if (c->fd_f != -1 && c->state != STATE_DONE) ev_io_start(EV_A_ &c->io_rxf); } #endif static void cb_client_rxb(EV_P_ ev_io *w, int revents) { client_t *c = (client_t *)(((uint8_t *)w) - offsetof(client_t, io_rxb)); if ((revents & EV_READ) == 0) return; c->timestamp = ev_now(EV_A); #if HAVE_SPLICE ssize_t s = splice(c->fd_b, NULL, c->fd_b2f[1], NULL, 4*PIPE_BUF, SPLICE_F_MOVE | SPLICE_F_NONBLOCK); switch (s) { case 0: client_done(EV_A_ c, DRAIN_BACKEND); return; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: backend failed to splice from %s:%s", c->id, c->rhost_b, c->rserv_b); client_done(EV_A_ c, DRAIN_BACKEND); return; } ev_io_stop(EV_A_ &c->io_rxb); ev_io_start(EV_A_ &c->io_b2f1); break; default: c->n_b2f += s; c->brx += s; break; } #else ssize_t s = buf_readv(c->fd_b, &c->buf_b2f); switch (s) { case 0: client_done(EV_A_ c, DRAIN_BACKEND); return; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: backend failed to read from %s:%s", c->id, c->rhost_b, c->rserv_b); client_done(EV_A_ c, DRAIN_BACKEND); return; } break; case -2: ev_io_stop(EV_A_ &c->io_rxb); break; default: c->brx += s; break; } #endif if (c->fd_f == -1) return; ev_io_start(EV_A_ &c->io_txf); if (!c->backend_initialized && c->state != STATE_DONE) { int z = 0; if (setsockopt(c->fd_f, IPPROTO_TCP, TCP_NODELAY, &z, sizeof(z))) warn("client %08x: failed to set TCP_NODELAY on frontend socket", c->id); if (setsockopt(c->fd_b, IPPROTO_TCP, TCP_NODELAY, &z, sizeof(z))) warn("client %08x: failed to set TCP_NODELAY on backend socket", c->id); c->backend_initialized = true; } } static int connect_backend(client_t *c) { int rc, one = 1; struct addrinfo *ai; const int flags = AI_NUMERICHOST | AI_NUMERICSERV; for (str_t *s = g.connect; s; s = s->next) { str_t *last = NULL; rc = parse_addr(s->str, flags, g.family, &ai); if (rc != 0) { warnx("client %08x: failed to parse backend address '%s': %s", c->id, s->str, rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); continue; } rc = getnameinfo(ai->ai_addr, ai->ai_addrlen, c->rhost_b, sizeof(c->rhost_b), c->rserv_b, sizeof(c->rserv_b), NI_NUMERICHOST | NI_NUMERICSERV); if (rc != 0) { warnx("client %08x: failed to get backend address info: %s", c->id, rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); freeaddrinfo(ai); continue; } if (strcmp(c->lhost_f, c->rhost_b) == 0 && strcmp(c->lserv_f, c->rserv_b) == 0) { critx("client %08x: loop detected: connection back to self " "(%s:%s), terminating", c->id, c->rhost_b, c->rserv_b); freeaddrinfo(ai); g_shm->shutdown = true; return -1; } c->fd_b = socket(ai->ai_family, SOCK_STREAM, 0); if (c->fd_b == -1) { warn("client %08x: failed to create backend socket", c->id); freeaddrinfo(ai); continue; } if (set_nonblocking(c->fd_b) == -1) { warn("client %08x: failed to set O_NONBLOCK on backend socket ", c->id); close(c->fd_b); c->fd_b = -1; freeaddrinfo(ai); continue; } if (setsockopt(c->fd_b, IPPROTO_TCP, TCP_NODELAY, &one, sizeof(one))) warn("client %08x: failed to set TCP_NODELAY on backend socket", c->id); if (setsockopt(c->fd_b, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) warn("client %08x: failed to set SO_REUSEADDR on backend socket", c->id); rc = connect(c->fd_b, ai->ai_addr, ai->ai_addrlen); if (rc == -1 && errno != EINPROGRESS) { warn("client %08x: backend failed to connect to %s:%s", c->id, c->rhost_b, c->rserv_b); close(c->fd_b); c->fd_b = -1; freeaddrinfo(ai); continue; } freeaddrinfo(ai); debugx("client %08x: backend initiated connection to %s:%s", c->id, c->rhost_b, c->rserv_b); SGLIB_DL_LIST_GET_LAST(str_t, g.connect, prev, next, last); if (last != s) { SGLIB_DL_LIST_DELETE(str_t, g.connect, s, prev, next); SGLIB_DL_LIST_ADD_AFTER(str_t, last, s, prev, next); } return 0; } warnx("client %08x: all backend connections failed", c->id); return -1; } static void cb_client_txb(EV_P_ ev_io *w, int revents) { client_t *c = (client_t *)(((uint8_t *)w) - offsetof(client_t, io_txb)); if ((revents & EV_WRITE) == 0) return; if (c->state == STATE_PROXY_INIT) { struct sockaddr_storage addr; socklen_t len = sizeof(struct sockaddr_storage); memset(&addr, 0, len); if (getpeername(c->fd_b, (struct sockaddr *)&addr, &len) == -1) { if (++c->backend_retries > 3) warn("client %08x: backend failed to connect to %s:%s", c->id, c->rhost_b, c->rserv_b); else { debug("client %08x: backend failed to connect to %s:%s", c->id, c->rhost_b, c->rserv_b); close(c->fd_b); c->fd_b = -1; ev_io_stop(EV_A_ &c->io_rxb); ev_io_stop(EV_A_ &c->io_txb); if (connect_backend(c) == 0) { ev_io_init(&c->io_rxb, cb_client_rxb, c->fd_b, EV_READ); ev_io_init(&c->io_txb, cb_client_txb, c->fd_b, EV_WRITE); ev_io_start(EV_A_ &c->io_txb); return; } } client_done(EV_A_ c, DRAIN_BACKEND); return; } ev_io_start(EV_A_ &c->io_rxb); noticex("client %08x: backend connected to %s:%s", c->id, c->rhost_b, c->rserv_b); c->state = STATE_PROXY; } if (c->state == STATE_PROXY || c->state == STATE_DONE) { #if HAVE_SPLICE ssize_t s = splice(c->fd_f2b[0], NULL, c->fd_b, NULL, 4*PIPE_BUF, SPLICE_F_MOVE | SPLICE_F_NONBLOCK); switch (s) { case 0: warnx("client %08x: backend failed to splice to %s:%s", c->id, c->rhost_b, c->rserv_b); client_done(EV_A_ c, DRAIN_BACKEND); return; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: backend failed to splice to %s:%s", c->id, c->rhost_b, c->rserv_b); client_done(EV_A_ c, DRAIN_BACKEND); return; } ev_io_stop(EV_A_ &c->io_txb); ev_io_start(EV_A_ &c->io_f2b0); break; default: c->n_f2b -= s; c->btx += s; break; } #else ssize_t s = buf_writev(c->fd_b, &c->buf_f2b); switch (s) { case 0: ev_io_stop(EV_A_ &c->io_txb); break; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: backend failed to write to %s:%s", c->id, c->rhost_b, c->rserv_b); client_done(EV_A_ c, DRAIN_BACKEND); return; } break; default: c->btx += s; break; } #endif } if (c->state == STATE_DONE) client_done(EV_A_ c, DRAIN_NONE); else if (c->fd_f != -1) ev_io_start(EV_A_ &c->io_rxf); return; } static void cb_client_rxf(EV_P_ ev_io *w, int revents) { client_t *c = (client_t *)(((uint8_t *)w) - offsetof(client_t, io_rxf)); if ((revents & EV_READ) == 0) return; c->timestamp = ev_now(EV_A); if (c->state == STATE_INIT) { uint8_t buf[3]; ssize_t len = recv(c->fd_f, buf, sizeof(buf), MSG_PEEK); if (len == 0) { client_done(EV_A_ c, DRAIN_FRONTEND); return; } else if (len == -1) { if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: frontend failed to read from %s:%s", c->id, c->rhost_f, c->rserv_f); client_done(EV_A_ c, DRAIN_FRONTEND); } return; } else if (tls_session_init(c, buf, len) == 0) c->state = STATE_ACME_MAYBE; else if (connect_backend(c) == 0) { c->state = STATE_PROXY_INIT; ev_io_init(&c->io_rxb, cb_client_rxb, c->fd_b, EV_READ); ev_io_init(&c->io_txb, cb_client_txb, c->fd_b, EV_WRITE); ev_io_start(EV_A_ &c->io_txb); } else { client_done(EV_A_ c, DRAIN_BACKEND); return; } } if (c->state == STATE_ACME_MAYBE || c->state == STATE_ACME) { int rc; #if defined(USE_GNUTLS) rc = gnutls_handshake(c->tls); if (c->state == STATE_CLOSING) { client_done(EV_A_ c, DRAIN_FRONTEND); return; } if (rc == GNUTLS_E_INTERRUPTED || rc == GNUTLS_E_AGAIN) return; if (c->state == STATE_ACME) { if (rc == GNUTLS_E_SUCCESS) noticex("client %08x: acme-tls/1 handshake with auth %s for %s " "completed", c->id, c->auth, c->ident); else warnx("client %08x: acme-tls/1 handshake with auth %s for %s " "failed: %s", c->id, c->auth, c->ident, gnutls_strerror(rc)); client_done(EV_A_ c, DRAIN_NONE); return; } #elif defined(USE_OPENSSL) rc = SSL_get_error(c->ssl, SSL_do_handshake(c->ssl)); if (c->state == STATE_CLOSING) { client_done(EV_A_ c, DRAIN_FRONTEND); return; } if (rc == SSL_ERROR_WANT_READ || rc == SSL_ERROR_WANT_WRITE) return; if (c->state == STATE_ACME) { if (rc == SSL_ERROR_NONE) noticex("client %08x: acme-tls/1 handshake with auth %s for %s " "completed", c->id, c->auth, c->ident); else { warnx("client %08x: acme-tls/1 handshake with auth %s for %s " "failed: %s", c->id, c->auth, c->ident, ERR_error_string(ERR_get_error(), NULL)); ERR_clear_error(); } client_done(EV_A_ c, DRAIN_NONE); return; } #elif defined(USE_MBEDTLS) rc = do_handshake(c); if (c->state == STATE_CLOSING) { client_done(EV_A_ c, DRAIN_FRONTEND); return; } if (rc == MBEDTLS_ERR_SSL_WANT_READ || rc == MBEDTLS_ERR_SSL_WANT_WRITE || rc == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS || rc == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) return; if (c->state == STATE_ACME) { if (rc == 0) noticex("client %08x: acme-tls/1 handshake with auth %s for %s " "completed", c->id, c->auth, c->ident); else warnx("client %08x: acme-tls/1 handshake with auth %s for %s " "failed: %s", c->id, c->auth, c->ident, _mbedtls_strerror(rc)); client_done(EV_A_ c, DRAIN_NONE); return; } #endif if (c->state != STATE_DONE) { if (connect_backend(c) == 0) { c->state = STATE_PROXY_INIT; ev_io_init(&c->io_rxb, cb_client_rxb, c->fd_b, EV_READ); ev_io_init(&c->io_txb, cb_client_txb, c->fd_b, EV_WRITE); ev_io_start(EV_A_ &c->io_txb); } else { client_done(EV_A_ c, DRAIN_BACKEND); return; } } } if (c->state == STATE_PROXY_INIT || c->state == STATE_PROXY) { #if HAVE_SPLICE ssize_t s = splice(c->fd_f, NULL, c->fd_f2b[1], NULL, 4*PIPE_BUF, SPLICE_F_MOVE | SPLICE_F_NONBLOCK); switch (s) { case 0: client_done(EV_A_ c, DRAIN_FRONTEND); return; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: frontend failed to splice from %s:%s", c->id, c->rhost_f, c->rserv_f); client_done(EV_A_ c, DRAIN_FRONTEND); return; } ev_io_stop(EV_A_ &c->io_rxf); ev_io_start(EV_A_ &c->io_f2b1); break; default: c->n_f2b += s; c->frx += s; break; } #else ssize_t s = buf_readv(c->fd_f, &c->buf_f2b); switch (s) { case 0: client_done(EV_A_ c, DRAIN_FRONTEND); return; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("client %08x: frontend failed to read from %s:%s", c->id, c->rhost_f, c->rserv_f); client_done(EV_A_ c, DRAIN_FRONTEND); return; } break; case -2: ev_io_stop(EV_A_ &c->io_rxf); break; default: c->frx += s; break; } #endif if (c->fd_b != -1) ev_io_start(EV_A_ &c->io_txb); } } static void cb_client_txf(EV_P_ ev_io *w, int revents) { client_t *c = (client_t *)(((uint8_t *)w) - offsetof(client_t, io_txf)); if ((revents & EV_WRITE) == 0) return; #if HAVE_SPLICE ssize_t s = splice(c->fd_b2f[0], NULL, c->fd_f, NULL, 4*PIPE_BUF, SPLICE_F_MOVE | SPLICE_F_NONBLOCK); switch (s) { case 0: warnx("client %08x: frontend failed to splice to %s:%s", c->id, c->rhost_f, c->rserv_f); client_done(EV_A_ c, DRAIN_FRONTEND); return; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warnx("client %08x: frontend failed to splice to %s:%s", c->id, c->rhost_f, c->rserv_f); client_done(EV_A_ c, DRAIN_FRONTEND); return; } ev_io_stop(EV_A_ &c->io_txf); ev_io_start(EV_A_ &c->io_b2f0); break; default: c->n_b2f -= s; c->ftx += s; break; } #else ssize_t s = buf_writev(c->fd_f, &c->buf_b2f); switch (s) { case 0: ev_io_stop(EV_A_ &c->io_txf); break; case -1: if (errno != EAGAIN && errno != EWOULDBLOCK) { warnx("client %08x: frontend failed to write to %s:%s", c->id, c->rhost_f, c->rserv_f); client_done(EV_A_ c, DRAIN_FRONTEND); return; } break; default: c->ftx += s; break; } #endif if (c->state == STATE_DONE) { client_done(EV_A_ c, DRAIN_NONE); return; } else if (c->fd_b != -1) ev_io_start(EV_A_ &c->io_rxb); if (c->state == STATE_ACME) { int rc; #if defined(USE_GNUTLS) rc = gnutls_handshake(c->tls); if (c->state == STATE_CLOSING) { client_done(EV_A_ c, DRAIN_FRONTEND); return; } if (rc == GNUTLS_E_INTERRUPTED || rc == GNUTLS_E_AGAIN) return; if (rc == GNUTLS_E_SUCCESS) noticex("client %08x: acme-tls/1 handshake with auth %s for %s " "completed", c->id, c->auth, c->ident); else warnx("client %08x: acme-tls/1 handshake with auth %s for %s " "failed: %s", c->id, c->auth, c->ident, gnutls_strerror(rc)); #elif defined(USE_OPENSSL) rc = SSL_get_error(c->ssl, SSL_do_handshake(c->ssl)); if (c->state == STATE_CLOSING) { client_done(EV_A_ c, DRAIN_FRONTEND); return; } if (rc == SSL_ERROR_WANT_READ || rc == SSL_ERROR_WANT_WRITE) return; else if (rc == SSL_ERROR_NONE) noticex("client %08x: acme-tls/1 handshake with auth %s for %s " "completed", c->id, c->auth, c->ident); else { warnx("client %08x: acme-tls/1 handshake with auth %s for %s " "failed: %s", c->id, c->auth, c->ident, ERR_error_string(ERR_get_error(), NULL)); ERR_clear_error(); } #elif defined(USE_MBEDTLS) rc = do_handshake(c); if (c->state == STATE_CLOSING) { client_done(EV_A_ c, DRAIN_FRONTEND); return; } if (rc == MBEDTLS_ERR_SSL_WANT_READ || rc == MBEDTLS_ERR_SSL_WANT_WRITE || rc == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS || rc == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) return; else if (rc == 0) noticex("client %08x: acme-tls/1 handshake with auth %s for %s " "completed", c->id, c->auth, c->ident); else warnx("client %08x: acme-tls/1 handshake with auth %s for %s " "failed: %s", c->id, c->auth, c->ident, _mbedtls_strerror(rc)); #endif client_done(EV_A_ c, DRAIN_NONE); return; } } static void cb_client_timer(EV_P_ ev_timer *w, int revents) { client_t *c = (client_t *)(((uint8_t *)w) - offsetof(client_t, timer)); if ((revents & EV_TIMER) == 0) return; ev_tstamp after = c->timestamp - ev_now(EV_A) + 60; if (after < 0.0) { infox("client %08x: closing due to activity timeout", c->id); client_done(EV_A_ c, DRAIN_BOTH); return; } else { ev_timer_set(w, after, 0.0); ev_timer_start(EV_A_ w); } } static void cb_client_accept(EV_P_ ev_io *w, int revents) { int fd, rc; uaddr_t addr[2]; char rhost[MAXHOST]; char rserv[MAXSERV]; char lhost[MAXHOST]; char lserv[MAXSERV]; struct msghdr msg; struct cmsghdr *cmsg; char buf[CMSG_SPACE(sizeof(fd))]; struct iovec iov = { .iov_base = addr, .iov_len = sizeof(addr) }; (void) EV_A; if ((revents & EV_READ) == 0) return; if (g_shm->shutdown) { ev_io_stop(EV_A_ w); return; } addr[0].len = sizeof(addr[0].addr); addr[1].len = sizeof(addr[1].addr); fd = accept(w->fd, &addr[0].addr.sa, &addr[0].len); if (fd == -1) { if (errno != EAGAIN && errno != EWOULDBLOCK) warn("frontend failed to accept"); return; } if (getsockname(fd, &addr[1].addr.sa, &addr[1].len) != 0) { warn("accept: getsockname"); shutdown(fd, SHUT_RDWR); close(fd); return; } rc = getnameinfo(&addr[0].addr.sa, addr[0].len, rhost, sizeof(rhost), rserv, sizeof(rserv), NI_NUMERICHOST | NI_NUMERICSERV); if (rc != 0) { warnx("accept: getnameinfo: %s", rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); shutdown(fd, SHUT_RDWR); close(fd); return; } rc = getnameinfo(&addr[1].addr.sa, addr[1].len, lhost, sizeof(lhost), lserv, sizeof(lserv), NI_NUMERICHOST | NI_NUMERICSERV); if (rc != 0) { warnx("accept: getnameinfo: %s", rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); shutdown(fd, SHUT_RDWR); close(fd); return; } infox("new frontend connection to %s:%s from %s:%s", lhost, lserv, rhost, rserv); memset(&msg, 0, sizeof(msg)); msg.msg_iov = &iov; msg.msg_iovlen = 1; msg.msg_control = buf; msg.msg_controllen = sizeof(buf); cmsg = CMSG_FIRSTHDR(&msg); cmsg->cmsg_level = SOL_SOCKET; cmsg->cmsg_type = SCM_RIGHTS; cmsg->cmsg_len = CMSG_LEN(sizeof(fd)); memcpy(CMSG_DATA(cmsg), &fd, sizeof(fd)); msg.msg_controllen = cmsg->cmsg_len; for (worker_t *worker = g.workers; worker; worker = worker->next) { debugx("forwarding connection to worker %ld", (long)worker->pid); if (sendmsg(worker->sv[1], &msg, 0) != -1) { worker_t *last = NULL; SGLIB_DL_LIST_GET_LAST(worker_t, g.workers, prev, next, last); if (last != worker) { SGLIB_DL_LIST_DELETE(worker_t, g.workers, worker, prev, next); SGLIB_DL_LIST_ADD_AFTER(worker_t, last, worker, prev, next); } close(fd); return; } if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("accept: sendmsg to worker %ld failed", (long)worker->pid); } } warnx("accept: all workers busy, connection from %s:%s closed", rhost, rserv); shutdown(fd, SHUT_RDWR); close(fd); } static void cb_cleanup(EV_P_ ev_cleanup *w, int revents) { #if EV_MULTIPLICITY (void) EV_A; #endif (void) w; (void) revents; while (g.controllers) { controller_t *ctrl = g.controllers; SGLIB_DL_LIST_DELETE(controller_t, g.controllers, ctrl, prev, next); ev_io_stop(EV_A_ &ctrl->io_send); ev_io_stop(EV_A_ &ctrl->io_recv); ev_timer_stop(EV_A_ &ctrl->timer); if (ctrl->fd != -1) close(ctrl->fd); free(ctrl); } while (g.listeners) { listener_t *listener = g.listeners; SGLIB_LIST_DELETE(listener_t, g.listeners, listener, next); ev_io_stop(EV_A_ &listener->io); close(listener->io.fd); free(listener); } while (g.workers) { worker_t *worker = g.workers; SGLIB_DL_LIST_DELETE(worker_t, g.workers, worker, prev, next); ev_io_stop(EV_A_ &worker->io); ev_child_stop(EV_A_ &worker->child); ev_timer_stop(EV_A_ &worker->timer); ev_signal_stop(EV_A_ &worker->sigint); ev_signal_stop(EV_A_ &worker->sigterm); if (worker->sv[0] != -1) close(worker->sv[0]); if (worker->sv[1] != -1) close(worker->sv[1]); free(worker); } while (g.clients) { client_t *client = g.clients; if (client->fd_f != -1) { infox("client %08x: frontend connection closed (rx=%zu tx=%zu)", client->id, client->frx, client->ftx); shutdown(client->fd_f, SHUT_RDWR); close(client->fd_f); ev_io_stop(EV_A_ &client->io_txf); ev_io_stop(EV_A_ &client->io_rxf); } if (client->fd_b != -1) { infox("client %08x: backend connection closed (rx=%zu tx=%zu)", client->id, client->brx, client->btx); shutdown(client->fd_b, SHUT_RDWR); close(client->fd_b); ev_io_stop(EV_A_ &client->io_txb); ev_io_stop(EV_A_ &client->io_rxb); } #if HAVE_SPLICE close(client->fd_b2f[0]); close(client->fd_b2f[1]); close(client->fd_f2b[0]); close(client->fd_f2b[1]); ev_io_stop(EV_A_ &client->io_f2b0); ev_io_stop(EV_A_ &client->io_f2b1); ev_io_stop(EV_A_ &client->io_b2f0); ev_io_stop(EV_A_ &client->io_b2f1); #endif ev_timer_stop(EV_A_ &client->timer); #if defined(USE_GNUTLS) if (client->tls) gnutls_deinit(client->tls); if (client->cred) gnutls_certificate_free_credentials(client->cred); #elif defined(USE_OPENSSL) if (client->ssl) SSL_free(client->ssl); #endif SGLIB_DL_LIST_DELETE(client_t, g.clients, client, prev, next); free(client); } } static int client_new(EV_P_ int fd, uaddr_t *addr) { union { char buf[108]; struct { uint8_t sig[12]; uint8_t ver_cmd; uint8_t fam; uint16_t len; union { struct { struct in_addr src_addr; struct in_addr dst_addr; in_port_t src_port; in_port_t dst_port; } v4; struct { struct in6_addr src_addr; struct in6_addr dst_addr; in_port_t src_port; in_port_t dst_port; } v6; } addr; } v2; } proxy = { .v2 = { .sig = { 0x0d, 0x0a, 0x0d, 0x0a, 0x00, 0x0d, 0x0a, 0x51, 0x55, 0x49, 0x54, 0x0a }, .ver_cmd = 0x21, .fam = 0, .len = 0, .addr = { .v4 = { {INADDR_NONE}, {INADDR_NONE}, 0, 0 } } } }; ssize_t proxy_len = 0; int one = 1; int rc; if (fd < 0) { warnx("client_new: invalid socket descriptor"); return -1; } client_t *c = calloc(1, sizeof(client_t)); if (!c) { warn("client_new: calloc"); close(fd); return -1; } c->id = 0xFFFFFFFF & (unsigned int)random(); rc = getnameinfo(&addr[0].addr.sa, addr[0].len, c->rhost_f, sizeof(c->rhost_f), c->rserv_f, sizeof(c->rserv_f), NI_NUMERICHOST | NI_NUMERICSERV); if (rc != 0) { warnx("client_new: getnameinfo: %s", rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); close(fd); free(c); return -1; } rc = getnameinfo(&addr[1].addr.sa, addr[1].len, c->lhost_f, sizeof(c->lhost_f), c->lserv_f, sizeof(c->lserv_f), NI_NUMERICHOST | NI_NUMERICSERV); if (rc != 0) { warnx("client_new: getnameinfo: %s", rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); close(fd); free(c); return -1; } noticex("new client %08x: frontend connection to %s:%s from %s:%s", c->id, c->lhost_f, c->lserv_f, c->rhost_f, c->rserv_f); #if EV_MULTIPLICITY c->loop = EV_A; #endif if (addr[0].addr.sa.sa_family == AF_INET && addr[1].addr.sa.sa_family == AF_INET) { if (g.proxy == 1) { snprintf(proxy.buf, sizeof(proxy.buf), "PROXY TCP4 %.15s %.15s %.5s %.5s\r\n", c->rhost_f, c->lhost_f, c->rserv_f, c->lserv_f); proxy_len = strlen(proxy.buf); } else if (g.proxy == 2) { proxy_len = 16 + 12; proxy.v2.fam = 0x11; proxy.v2.len = htons(12); proxy.v2.addr.v4.src_addr = addr[0].addr.v4.sin_addr; proxy.v2.addr.v4.src_port = addr[0].addr.v4.sin_port; proxy.v2.addr.v4.dst_addr = addr[1].addr.v4.sin_addr; proxy.v2.addr.v4.dst_port = addr[1].addr.v4.sin_port; } } else if (addr[0].addr.sa.sa_family == AF_INET6 && addr[1].addr.sa.sa_family == AF_INET6) { if (g.proxy == 1) { snprintf(proxy.buf, sizeof(proxy.buf), "PROXY TCP6 %.39s %.39s %.5s %.5s\r\n", c->rhost_f, c->lhost_f, c->rserv_f, c->lserv_f); proxy_len = strlen(proxy.buf); } else if (g.proxy == 2) { proxy_len = 16 + 36; proxy.v2.fam = 0x21; proxy.v2.len = htons(36); proxy.v2.addr.v6.src_addr = addr[0].addr.v6.sin6_addr; proxy.v2.addr.v6.src_port = addr[0].addr.v6.sin6_port; proxy.v2.addr.v6.dst_addr = addr[1].addr.v6.sin6_addr; proxy.v2.addr.v6.dst_port = addr[1].addr.v6.sin6_port; } } else { warnx("client %08x: unsupported protocol", c->id); close(fd); free(c); errno = EAFNOSUPPORT; return -1; } if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &one, sizeof(one))) warn("client %08x: failed to set TCP_NODELAY on frontend socket", c->id); #if HAVE_SPLICE if (pipe(c->fd_b2f)) { warn("client %08x: failed to create pipe", c->id); close(fd); free(c); return -1; } if (pipe(c->fd_f2b)) { warn("client %08x: failed to create pipe", c->id); close(c->fd_b2f[0]); close(c->fd_b2f[1]); close(fd); free(c); return -1; } if (set_nonblocking(fd) || set_nonblocking(c->fd_b2f[0]) || set_nonblocking(c->fd_b2f[1]) || set_nonblocking(c->fd_f2b[0]) || set_nonblocking(c->fd_f2b[1])) { warn("client %08x: failed to set nonblocking mode", c->id); close(c->fd_b2f[0]); close(c->fd_b2f[1]); close(c->fd_f2b[0]); close(c->fd_f2b[1]); #else if (set_nonblocking(fd)) { warn("client %08x: failed to set nonblocking mode", c->id); #endif close(fd); free(c); return -1; } if (proxy_len > 0) { #if HAVE_SPLICE ssize_t s = write(c->fd_f2b[1], &proxy, proxy_len); if (s == -1) warn("client %08x: failed to write proxy header to pipe", c->id); else if (s != proxy_len) warnx("client %08x: failed to write proxy header to pipe", c->id); if (s != proxy_len) { close(fd); close(c->fd_b2f[0]); close(c->fd_b2f[1]); close(c->fd_f2b[0]); close(c->fd_f2b[1]); free(c); return -1; } c->n_f2b += s; #else buf_put(&c->buf_f2b, &proxy, proxy_len); #endif } c->fd_f = fd; c->fd_b = -1; c->timestamp = ev_now(EV_A); ev_init(&c->timer, cb_client_timer); ev_set_priority(&c->timer, -1); ev_invoke(EV_A_ &c->timer, EV_TIMER); ev_io_init(&c->io_rxf, cb_client_rxf, c->fd_f, EV_READ); ev_io_init(&c->io_txf, cb_client_txf, c->fd_f, EV_WRITE); ev_io_start(EV_A_ &c->io_rxf); #if HAVE_SPLICE ev_io_init(&c->io_b2f0, cb_client_b2f0, c->fd_b2f[0], EV_READ); ev_io_init(&c->io_b2f1, cb_client_b2f1, c->fd_b2f[1], EV_WRITE); ev_io_init(&c->io_f2b0, cb_client_f2b0, c->fd_f2b[0], EV_READ); ev_io_init(&c->io_f2b1, cb_client_f2b1, c->fd_f2b[1], EV_WRITE); #endif SGLIB_DL_LIST_ADD(client_t, g.clients, c, prev, next); return 0; } static void cb_worker_ping(EV_P_ ev_io *w, int revents) { worker_t *worker = (worker_t *)(((uint8_t *)w) - offsetof(worker_t, io)); char buf[0x10]; if ((revents & EV_READ) == 0) return; ssize_t s = recv(worker->sv[1], buf, sizeof(buf), 0); if (s == -1 && errno != EAGAIN && errno != EWOULDBLOCK) { warn("failed to receive ping from worker %ld, killing it", (long)worker->pid); kill(worker->pid, SIGKILL); } else if (s == 0) { warnx("worker %ld closed socket, terminating it", (long)worker->pid); kill(worker->pid, SIGTERM); } else if (send(worker->sv[1], "pong", 4, MSG_NOSIGNAL) == -1 && errno != EAGAIN && errno != EWOULDBLOCK) { warn("failed to send pong to worker %ld, killing it", (long)worker->pid); kill(worker->pid, SIGKILL); } else worker->timestamp = ev_now(EV_A); } static void cb_worker_io(EV_P_ ev_io *w, int revents) { worker_t *worker = (worker_t *)(((uint8_t *)w) - offsetof(worker_t, io)); uaddr_t addr[2]; int fd; struct msghdr msg; struct cmsghdr *cmsg; char buf[CMSG_SPACE(sizeof(fd))]; struct iovec iov = { .iov_base = addr, .iov_len = sizeof(addr) }; if ((revents & EV_READ) == 0) return; memset(&msg, 0, sizeof(msg)); msg.msg_iov = &iov; msg.msg_iovlen = 1; msg.msg_control = buf; msg.msg_controllen = sizeof(buf); ssize_t r = recvmsg(worker->sv[0], &msg, 0); if (r == -1) { if (errno != EAGAIN && errno != EWOULDBLOCK) { warn("recvmsg failed"); worker->terminate = true; } } else if (r == 0) { warn("parent closed socket"); worker->terminate = true; } else { worker->timestamp = ev_now(EV_A); cmsg = CMSG_FIRSTHDR(&msg); if (cmsg) { if (cmsg->cmsg_len != CMSG_LEN(sizeof(int)) || cmsg->cmsg_level != SOL_SOCKET || cmsg->cmsg_type != SCM_RIGHTS) { warn("recvmsg protocol failure"); return; } memcpy(&fd, CMSG_DATA(cmsg), sizeof(int)); debugx("new forwarded connection"); client_new(EV_A_ fd, addr); } } } static void cb_worker_timer(EV_P_ ev_timer *w, int revents) { worker_t *worker = (worker_t *)(((uint8_t *)w) - offsetof(worker_t, timer)); if ((revents & EV_TIMER) == 0) return; if (g_shm->shutdown || worker->shutdown) { for (client_t *client = g.clients; client; ) { client_t *next = client->next; client_done(EV_A_ client, DRAIN_NONE); client = next; } if (!g.clients) ev_break(EV_A_ EVBREAK_ALL); } else if (ev_now(EV_A) - worker->timestamp > 10) { warnx("parent not sending pong"); worker->terminate = true; } else if (send(worker->sv[0], "ping", 4, MSG_NOSIGNAL) == -1 && errno != EAGAIN && errno != EWOULDBLOCK) { warn("failed to send ping to parent"); worker->terminate = true; } if (worker->terminate && !g.clients) ev_break(EV_A_ EVBREAK_ALL); } static void cb_worker_signal(EV_P_ ev_signal *w, int revents) { worker_t *worker; if (revents & EV_SIGNAL) { switch (w->signum) { case SIGINT: worker = (worker_t *)(((uint8_t *)w) - offsetof(worker_t, sigint)); warnx("caught SIGINT, shutting down"); worker->terminate = true; break; case SIGTERM: worker = (worker_t *)(((uint8_t *)w) - offsetof(worker_t, sigterm)); warnx("caught SIGTERM, shutting down"); worker->shutdown = true; break; default: return; } ev_signal_stop(EV_A_ &worker->sigint); ev_signal_stop(EV_A_ &worker->sigterm); } } static void cb_child(EV_P_ ev_child *w, int revents) { worker_t *worker = (worker_t *)(((uint8_t *)w) - offsetof(worker_t, child)); if ((revents & EV_CHILD) == 0) return; ev_child_stop(EV_A_ &worker->child); ev_io_stop(EV_A_ &worker->io); close(worker->sv[1]); worker->sv[1] = -1; SGLIB_DL_LIST_DELETE(worker_t, g.workers, worker, prev, next); noticex("worker %ld terminated with status %d", (long)worker->pid, w->rstatus); free(worker); } static void cleanup_and_exit(int stage, int return_code) { if (return_code != EXIT_SUCCESS && g.logfilename) { fprintf(stderr, "%s/%ld: [ERR] exiting due to failure, check %s\n", g.progname, (long)getpid(), g.logfilename); } switch (stage) { default: case 4: ev_loop_destroy(EV_DEFAULT_UC); if (g.pidfile && !g.chroot) unlink(g.pidfile); sem_destroy(&g_shm->logsem); //intentional fallthrough case 3: sem_destroy(&g_shm->sem); //intentional fallthrough case 2: munmap(g_shm, g_shm_size); //intentional fallthrough case 1: #if HAVE_MAP_DEVZERO if (g.devzero != -1) close(g.devzero); #endif #if defined(USE_GNUTLS) gnutls_global_deinit(); #elif defined(USE_OPENSSL) if (g.ssl_ctx) SSL_CTX_free(g.ssl_ctx); if (g.bio_meth) BIO_meth_free(g.bio_meth); #elif defined(USE_MBEDTLS) mbedtls_ctr_drbg_free(&g.ctr_drbg); mbedtls_entropy_free(&g.entropy); free(g.key); free(g.crt); #endif //intentional fallthrough case 0: if (g.sockfd != -1) { close(g.sockfd); if (g.socket && !g.chroot) unlink(g.socket); } if (g.daemon && g.pipefd[1] != -1) { for (int i = 0; i < 3; i++) { if (write(g.pipefd[1], "ERR", 3) == 3) break; else sleep(1); } close(g.pipefd[1]); } if (g.logfile && g.logfile != stderr) fclose(g.logfile); free(g.progname); free(g.logfilename); free(g.user); free(g.socket); free(g.pidfile); free(g.chroot); while (g.bind) { str_t *s = g.bind; g.bind = g.bind->next; free(s->str); free(s); } while (g.connect) { str_t *s = g.connect; SGLIB_DL_LIST_DELETE(str_t, g.connect, s, prev, next); free(s->str); free(s); } } exit(return_code); } static void spawn_worker(ev_tstamp timestamp) { worker_t *worker = calloc(1, sizeof(worker_t)); if (!worker) { warn("spawn_worker: calloc"); return; } worker->timestamp = timestamp; if (socketpair(AF_UNIX, SOCK_DGRAM, 0, worker->sv)) { err("spawn_worker: failed to create socket pair"); free(worker); return; } if (set_nonblocking(worker->sv[0]) || set_nonblocking(worker->sv[1])) { err("spawn_worker: failed to set O_NONBLOCK on socket pair"); close(worker->sv[0]); close(worker->sv[1]); free(worker); return; } if (set_closeonexec(worker->sv[0]) || set_closeonexec(worker->sv[1])) { err("spawn_worker: failed to set FD_CLOEXEC on socket pair"); close(worker->sv[0]); close(worker->sv[1]); free(worker); return; } worker->pid = fork(); if (worker->pid == -1) { err("spawn_worker: fork failed"); close(worker->sv[0]); close(worker->sv[1]); free(worker); } else if (worker->pid != 0) { // parent infox("new worker %ld started", (long)worker->pid); close(worker->sv[0]); worker->sv[0] = -1; ev_child_init(&worker->child, cb_child, worker->pid, 0); ev_child_start(EV_DEFAULT_ &worker->child); ev_io_init(&worker->io, cb_worker_ping, worker->sv[1], EV_READ); ev_io_start(EV_DEFAULT_ &worker->io); SGLIB_DL_LIST_ADD(worker_t, g.workers, worker, prev, next); } else { // child ev_cleanup cleanup; #if HAVE_SETPROCTITLE setproctitle("%s worker", g.progname); #elif linux char *last = g.argv[0] + strlen(g.argv[0]) + 1; for (int i = 1; g.argv[i]; i++) { if (last == g.argv[i]) last += strlen(g.argv[i]) + 1; memset(g.argv[i], 0, strlen(g.argv[i])); g.argv[i] = NULL; } snprintf(g.argv[0], last - g.argv[0], "%s worker", g.progname); #endif signal(SIGPIPE, SIG_IGN); signal(SIGABRT, SIG_IGN); worker->pid = getpid(); srand(worker->pid ^ time(NULL)); if (g.daemon && !g.logfilename) syslog_init(); noticex("new worker starting"); close(worker->sv[1]); worker->sv[1] = -1; close(g.sockfd); g.sockfd = -1; free(g.pidfile); g.pidfile = NULL; ev_io_stop(EV_DEFAULT_ &g.controller); ev_signal_stop(EV_DEFAULT_ &g.sigint); ev_signal_stop(EV_DEFAULT_ &g.sigterm); ev_timer_stop(EV_DEFAULT_ &g.timer); ev_loop_destroy(EV_DEFAULT); ev_io_init(&worker->io, cb_worker_io, worker->sv[0], EV_READ); ev_io_start(EV_DEFAULT_ &worker->io); ev_signal_init(&worker->sigint, cb_worker_signal, SIGINT); ev_signal_start(EV_DEFAULT_ &worker->sigint); ev_signal_init(&worker->sigterm, cb_worker_signal, SIGTERM); ev_signal_start(EV_DEFAULT_ &worker->sigterm); ev_timer_init(&worker->timer, cb_worker_timer, 1.0 + (float)random()/(float)RAND_MAX, 1.0); ev_set_priority(&worker->timer, +2); ev_timer_start(EV_DEFAULT_ &worker->timer); ev_cleanup_init(&cleanup, cb_cleanup); ev_cleanup_start(EV_DEFAULT_ &cleanup); ev_run(EV_DEFAULT_ 0); ev_loop_destroy(EV_DEFAULT_UC); close(worker->sv[0]); free(worker); noticex("worker terminating"); cleanup_and_exit(UINT_MAX, 0); } } static void cb_timer(EV_P_ ev_timer *w, int revents) { static struct sglib_auth_t_iterator it; static auth_t *a = NULL; (void) w; if ((revents & EV_TIMER) == 0) return; if (!a || g.auths_touched) { a = sglib_auth_t_it_init_inorder(&it, g_shm->auths); g.auths_touched = false; } if (a) { if (ev_now(EV_A) - a->timestamp > 60*60) { if (auth_lock(10) == 0) { sglib_auth_t_delete(&g_shm->auths, a); SGLIB_DL_LIST_ADD(auth_t, g_shm->avail, a, left, right); g.auths_touched = true; infox("removed expired auth for %s", a->ident); auth_unlock(); } } else a = sglib_auth_t_it_next(&it); } if (g_shm->shutdown) { for (controller_t *c = g.controllers; c; ) { controller_t *next = c->next; controller_done(EV_A_ g.controllers, false); c = next; } if (!g.workers && !g.controllers) ev_break(EV_A_ EVBREAK_ALL); } else { unsigned n = 0; for (worker_t *worker = g.workers; worker; ) { worker_t *next = worker->next; if (ev_now(EV_A) - worker->timestamp > 10) { warnx("worker %ld not pinging, killing it", (long)worker->pid); kill(worker->pid, SIGKILL); } worker = next; n++; } while (n++ < g.num_workers) spawn_worker(ev_now(EV_A)); } } static void cb_signal(EV_P_ ev_signal *w, int revents) { if (revents & EV_SIGNAL) { switch (w->signum) { case SIGINT: warnx("caught SIGINT, shutting down"); break; case SIGTERM: warnx("caught SIGTERM, shutting down"); break; default: return; } ev_signal_stop(EV_A_ w); g_shm->shutdown = true; } } static void log_function(int priority, const char *format, ...) { struct timespec t; char ts[0x20]; char *buf = NULL; size_t buf_size = 0; int r; FILE *f; const char *pr; va_list ap; switch (priority) { case LOG_DEBUG: if (g.loglevel < 3) return; pr = "DEBUG"; break; case LOG_INFO: if (g.loglevel < 2) return; pr = "INFO"; break; case LOG_NOTICE: if (g.loglevel < 1) return; pr = "NOTICE"; break; case LOG_WARNING: pr = "WARNING"; break; case LOG_ERR: pr = "ERR"; break; case LOG_CRIT: pr = "CRIT"; break; default: pr = "UNKNOWN"; } if (g.logfile) { if (g_shm) sem_wait(&g_shm->logsem); clock_gettime(CLOCK_REALTIME, &t); strftime(ts, sizeof(ts), "%b %d %T", localtime(&t.tv_sec)); r = fprintf(g.logfile, "%s %s/%ld: [%s] ", ts, g.progname, (long)getpid(), pr); if (r > 0) { va_start(ap, format); r = vfprintf(g.logfile, format, ap); va_end(ap); } if (r < 0 || fputc('\n', g.logfile) == EOF || fflush(g.logfile)) { fprintf(stderr, "%s/%ld: [CRIT] failed to write to log file: %s\n", g.progname, (long)getpid(), strerror(errno)); } if (g_shm) sem_post(&g_shm->logsem); } if (g.syslog) { va_start(ap, format); f = open_memstream(&buf, &buf_size); if (!f) { syslog(LOG_CRIT, "log_function: open_memstream failed: %s", strerror(errno)); } else if (vfprintf(f, format, ap) < 0) { syslog(LOG_CRIT, "log_function: vfprintf failed: %s", strerror(errno)); } else if (fflush(f) != 0) { syslog(LOG_CRIT, "log_function: fflush failed: %s", strerror(errno)); } else syslog(priority, "[%s] %s", pr, buf); if (f) fclose(f); free(buf); va_end(ap); } } void usage(void) { fprintf(stderr, "usage: %s [-?|--help] [-V|--version] [-4|--ipv4] [-6|--ipv6]\n" "\t[-b|--bind address[@port] [-c|--connect address[@port]\n" "\t[-d|--daemon] [-l|--logfile file] [-m|--max-auths N]\n" "\t[-n|--num-workers N] [-p|--pidfile file] [-P|--proxy N]\n" "\t[-r|--chroot dir] [-s|--sock path] [-S|--sock-mode mode]\n" "\t[-t|--terminate] [-u|--user user[:group]] [-v|--verbose ...]\n", g.progname); } void version(void) { fprintf(stderr, "%s: version " PACKAGE_VERSION "\n" "Copyright (C) 2019-2024 Nicola Di Lieto\n\n" "%s is free software: you can redistribute and/or modify\n" "it under the terms of the GNU General Public License as\n" "published by the Free Software Foundation, either version 3\n" "of the License, or (at your option) any later version.\n\n" "%s is distributed in the hope that it will be useful, but\n" "WITHOUT ANY WARRANTY; without even the implied warranty of\n" "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n\n" "See https://www.gnu.org/licenses/gpl.html for more details.\n", g.progname, g.progname, g.progname); } int main(int argc, char **argv) { static struct option options[] = { {"ipv4", no_argument, NULL, '4'}, {"ipv6", no_argument, NULL, '6'}, {"bind", required_argument, NULL, 'b'}, {"connect", required_argument, NULL, 'c'}, {"daemon", no_argument, NULL, 'd'}, {"logfile", required_argument, NULL, 'l'}, {"max-auths", required_argument, NULL, 'm'}, {"num-workers", required_argument, NULL, 'n'}, {"pidfile", required_argument, NULL, 'p'}, {"proxy", required_argument, NULL, 'P'}, {"chroot", required_argument, NULL, 'r'}, {"sock", required_argument, NULL, 's'}, {"sock-mode", required_argument, NULL, 'S'}, {"user", required_argument, NULL, 'u'}, {"terminate", no_argument, NULL, 't'}, {"verbose", no_argument, NULL, 'v'}, {"version", no_argument, NULL, 'V'}, {"help", no_argument, NULL, '?'}, {NULL, 0, NULL, 0} }; FILE *f; long n; int fd = -1, rc, one = 1; pid_t pid; str_t *str; char host[NI_MAXHOST]; char port[NI_MAXSERV]; struct addrinfo *ai = NULL; const int flags = AI_NUMERICHOST | AI_NUMERICSERV; struct sockaddr_un sock_addr; mode_t mask; struct rlimit rl; bool server_mode = false; g.argv = argv; srand(getpid() ^ time(NULL)); g.progname = strdup(basename(argv[0])); if (!g.progname) { err("strdup"); return EXIT_FAILURE; } g.logfile = stderr; set_log_func(log_function); signal(SIGPIPE, SIG_IGN); signal(SIGABRT, SIG_IGN); while (1) { char *endptr; int option_index; int c = getopt_long(argc, argv, "46b:c:dl:m:n:p:P:r:s:S:tu:vVh?", options, &option_index); if (c == -1) break; switch (c) { case '4': server_mode = true; if (g.family == AF_INET6) g.family = AF_UNSPEC; else g.family = AF_INET; break; case '6': server_mode = true; if (g.family == AF_INET) g.family = AF_UNSPEC; else g.family = AF_INET6; break; case 'b': server_mode = true; rc = parse_addr(optarg, flags | AI_PASSIVE, AF_UNSPEC, &ai); if (rc != 0) { warnx("failed to parse address '%s': %s", optarg, rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); cleanup_and_exit(0, EXIT_FAILURE); } else freeaddrinfo(ai); str = calloc(1, sizeof(str_t)); if (!str) { err("calloc"); cleanup_and_exit(0, EXIT_FAILURE); } str->str = strdup(optarg); if (!str->str) { err("strdup"); cleanup_and_exit(0, EXIT_FAILURE); } SGLIB_LIST_ADD(str_t, g.bind, str, next) break; case 'c': server_mode = true; rc = parse_addr(optarg, flags, AF_UNSPEC, &ai); if (rc != 0) { warnx("failed to parse address '%s': %s", optarg, rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); cleanup_and_exit(0, EXIT_FAILURE); } else freeaddrinfo(ai); str = calloc(1, sizeof(str_t)); if (!str) { err("calloc"); cleanup_and_exit(0, EXIT_FAILURE); } str->str = strdup(optarg); if (!str->str) { err("strdup"); cleanup_and_exit(0, EXIT_FAILURE); } SGLIB_DL_LIST_ADD(str_t, g.connect, str, prev, next) break; case 'd': if (g.stop) { errx("-d,--daemon and -t,--stop are mutually exclusive"); cleanup_and_exit(0, EXIT_FAILURE); } server_mode = true; g.daemon = true; break; case 'l': if (g.logfilename) { errx("-l,--logfile can only be specified once"); cleanup_and_exit(0, EXIT_FAILURE); } f = fopen(optarg, "a+"); if (!f) { err("failed to open %s", optarg); cleanup_and_exit(0, EXIT_FAILURE); } else { g.logfilename = strdup(optarg); if (!g.logfilename) { fclose(f); err("strdup"); cleanup_and_exit(0, EXIT_FAILURE); } noticex("logging to file %s", optarg); g.logfile = f; } break; case 'm': n = strtol(optarg, &endptr, 10); if (*endptr != 0 || n <= 0) { warnx("-m,--max-auths: N must be a positive integer"); cleanup_and_exit(0, EXIT_FAILURE); } g.max_auths = n; server_mode = true; break; case 'n': n = strtol(optarg, &endptr, 10); if (*endptr != 0 || n <= 0) { warnx("-n,--num-workers: N must be a positive integer"); cleanup_and_exit(0, EXIT_FAILURE); } g.num_workers = n; server_mode = true; break; case 'p': if (g.pidfile) { errx("-p,--pidfile can only be specified once"); cleanup_and_exit(0, EXIT_FAILURE); } g.pidfile = strdup(optarg); if (!g.pidfile) { err("strdup"); cleanup_and_exit(0, EXIT_FAILURE); } break; case 'P': n = strtol(optarg, &endptr, 10); if (*endptr != 0 || n < 0 || n > 2) { warnx("-P,--proxy: must be 0 (disabled), 1 or 2"); cleanup_and_exit(0, EXIT_FAILURE); } server_mode = true; g.proxy = n; break; case 'r': if (g.chroot) { errx("-r,--chroot can only be specified once"); cleanup_and_exit(0, EXIT_FAILURE); } if (geteuid() != 0) warnx("-r,--chroot requires running as root - ignored"); else { g.chroot = strdup(optarg); if (!g.chroot) { err("strdup"); cleanup_and_exit(0, EXIT_FAILURE); } server_mode = true; } break; case 's': if (g.socket) { errx("-s,--sock can only be specified once"); cleanup_and_exit(0, EXIT_FAILURE); } g.socket = strdup(optarg); if (!g.socket) { err("strdup"); cleanup_and_exit(0, EXIT_FAILURE); } break; case 'S': n = strtol(optarg, &endptr, 8); if (*endptr != 0 || (n & 0777) != n) { warnx("-S,--sock-mode: invalid mode"); cleanup_and_exit(0, EXIT_FAILURE); } server_mode = true; g.sockmode = n; break; case 't': if (g.daemon) { errx("-d,--daemon and -t,--stop are mutually exclusive"); cleanup_and_exit(0, EXIT_FAILURE); } if (server_mode) { errx("-t,--stop is incompatible with server mode"); cleanup_and_exit(0, EXIT_FAILURE); } g.stop = true; break; case 'u': if (g.user) { errx("-u,--user can only be specified once"); cleanup_and_exit(0, EXIT_FAILURE); } if (geteuid() != 0) warnx("-u,--user requires running as root - ignored"); else { struct passwd *pwd; struct group *grp; g.user = strdup(optarg); if (!g.user) { err("strdup"); cleanup_and_exit(0, EXIT_FAILURE); } g.group = strrchr(g.user, ':'); if (g.group != NULL) { *g.group++ = 0; grp = getgrnam(g.group); if (!grp) { errx("getgrnam(\"%s\") failed", g.group); cleanup_and_exit(0, EXIT_FAILURE); } g.gid = grp->gr_gid; } pwd = getpwnam(g.user); if (!pwd) { errx("getpwnam(\"%s\") failed", g.user); cleanup_and_exit(0, EXIT_FAILURE); } g.uid = pwd->pw_uid; if (g.group == NULL) { g.gid = pwd->pw_gid; grp = getgrgid(g.gid); if (!grp) { errx("getgrgid(%d) failed", g.gid); cleanup_and_exit(0, EXIT_FAILURE); } g.group = grp->gr_name; } server_mode = true; } break; case 'v': g.loglevel++; break; case 'V': version(); cleanup_and_exit(0, EXIT_FAILURE); break; default: usage(); cleanup_and_exit(0, EXIT_FAILURE); } } while (optind < argc) warnx("extra argument ignored: %s", argv[optind++]); if (!g.pidfile) { if (asprintf(&g.pidfile, RUNSTATEDIR "/%s.pid", g.progname) < 0) { g.pidfile = NULL; err("asprintf"); cleanup_and_exit(0, EXIT_FAILURE); } } if (!g.socket) { if (asprintf(&g.socket, RUNSTATEDIR "/%s.sock", g.progname) < 0) { g.socket = NULL; err("asprintf"); cleanup_and_exit(0, EXIT_FAILURE); } } if (strlen(g.socket) > sizeof(sock_addr.sun_path) - 1) { errx("socket name is too long (%s)", g.socket); cleanup_and_exit(0, EXIT_FAILURE); } memset(&sock_addr, 0, sizeof(sock_addr)); safe_strncpy(sock_addr.sun_path, g.socket, sizeof(sock_addr.sun_path)); sock_addr.sun_family = AF_UNIX; if (g.stop || server_mode) { f = fopen(g.pidfile, "r"); if (!f) { if (g.stop || errno != ENOENT) { err("failed to open %s", g.pidfile); cleanup_and_exit(0, EXIT_FAILURE); } } else if (fscanf(f, "%ld", &n) != 1) { if (ferror(f)) err("failed to read %s", g.pidfile); else errx("failed to parse %s", g.pidfile); fclose(f); cleanup_and_exit(0, EXIT_FAILURE); } else { fclose(f); if (g.stop) { for (int i = 0; i < 3; i++) { if (i > 0) infox("resending SIGTERM to process %ld", n); if (kill(n, SIGTERM)) { err("failed to send SIGTERM to process %ld", n); cleanup_and_exit(0, EXIT_FAILURE); } for (int j = 0; j < 5; j++) { sleep(1); if (kill(n, 0) && errno == ESRCH) { unlink(g.pidfile); unlink(g.socket); cleanup_and_exit(0, EXIT_SUCCESS); } } } warnx("failed to stop process %ld", n); cleanup_and_exit(0, EXIT_FAILURE); } else if (kill(n, 0) == 0 || errno != ESRCH) { errx("another instance (pid %ld) is already running", n); cleanup_and_exit(0, EXIT_FAILURE); } } } if (!server_mode) { char *line = NULL; size_t len = 0; fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd == -1) { err("failed to create socket"); cleanup_and_exit(0, EXIT_FAILURE); } if (connect(fd, (struct sockaddr *)&sock_addr, sizeof(sock_addr))) { err("failed to connect to unix://%s", g.socket); close(fd); cleanup_and_exit(0, EXIT_FAILURE); } f = fdopen(fd, "r+"); if (!f) { err("fdopen failed"); close(fd); cleanup_and_exit(0, EXIT_FAILURE); } rc = EXIT_SUCCESS; while (1) { ssize_t r = getline(&line, &len, stdin); if (r == -1) { if (!feof(stdin)) { rc = EXIT_FAILURE; err("failed to get line from stdin"); } break; } if (fputs(line, f) < 0) { rc = EXIT_FAILURE; err("failed to write to %s", g.socket); break; } r = getline(&line, &len, f); if (r == -1) { if (!feof(f)) { rc = EXIT_FAILURE; err("failed to read from %s", g.socket); } break; } if (fputs(line, stdout) < 0) { rc = EXIT_FAILURE; err("failed to write to stdout"); break; } } free(line); fclose(f); cleanup_and_exit(0, rc); } if (g.connect == NULL) { errx("-c,--connect must be specified at least once in server mode"); cleanup_and_exit(0, EXIT_FAILURE); } else { SGLIB_DL_LIST_REVERSE(str_t, g.connect, prev, next); while (g.connect->prev) g.connect = g.connect->prev; } if (g.bind == NULL) { str_t *s = calloc(1, sizeof(str_t)); if (!s) { err("calloc"); cleanup_and_exit(0, EXIT_FAILURE); } SGLIB_LIST_ADD(str_t, g.bind, s, next) #if defined(IPV6_V6ONLY) if (g.family == AF_UNSPEC) { s = calloc(1, sizeof(str_t)); if (!s) { err("calloc"); cleanup_and_exit(0, EXIT_FAILURE); } SGLIB_LIST_ADD(str_t, g.bind, s, next) } #endif } else { SGLIB_LIST_REVERSE(str_t, g.bind, next); while (g.bind->prev) g.bind = g.bind->prev; } if (g.daemon) { if (pipe(g.pipefd)) { err("failed to create pipe"); cleanup_and_exit(0, EXIT_FAILURE); } pid = fork(); if (pid == -1) { err("fork failed"); close(g.pipefd[0]); g.pipefd[0] = -1; close(g.pipefd[1]); g.pipefd[1] = -1; cleanup_and_exit(0, EXIT_FAILURE); } else if (pid != 0) { // parent char buf[0x10]; n = read(g.pipefd[0], buf, sizeof(buf)); close(g.pipefd[0]); g.pipefd[0] = -1; close(g.pipefd[1]); g.pipefd[1] = -1; if (n != 2 || strncmp(buf, "OK", 2) != 0) { errx("daemon failed to start"); cleanup_and_exit(0, EXIT_FAILURE); } else { noticex("daemon started (pid %ld)", (long)pid); cleanup_and_exit(0, EXIT_SUCCESS); } } else { // child close(g.pipefd[0]); g.pipefd[0] = -1; if (!g.logfilename) { infox("logging to syslog"); syslog_init(); } if (setsid() == -1) { err("setsid failed"); cleanup_and_exit(0, EXIT_FAILURE); } mask = umask(0); fd = open("/dev/null", O_RDWR); umask(mask); if (fd == -1) { err("open(\"/dev/null\") failed"); cleanup_and_exit(0, EXIT_FAILURE); } if (dup2(fd, STDIN_FILENO) == -1) { err("dup2(STDIN_FILENO) failed"); close(fd); cleanup_and_exit(0, EXIT_FAILURE); } if (dup2(fd, STDOUT_FILENO) == -1) { err("dup2(STDOUT_FILENO) failed"); close(fd); cleanup_and_exit(0, EXIT_FAILURE); } if (close(fd) == -1) { err("close failed"); cleanup_and_exit(0, EXIT_FAILURE); } } } #if defined(USE_GNUTLS) if (!gnutls_check_version("3.3.30")) { errx("GnuTLS version 3.3.30 or later is required"); cleanup_and_exit(0, EXIT_FAILURE); } gnutls_global_init(); #elif defined(USE_OPENSSL) if (OpenSSL_version_num() < 0x1010100fL) { errx("OpenSSL version 1.1.1 or later is required"); cleanup_and_exit(0, EXIT_FAILURE); } g.ssl_ctx = SSL_CTX_new(TLS_server_method()); if (!g.ssl_ctx) { openssl_error("main"); cleanup_and_exit(0, EXIT_FAILURE); } if (!SSL_CTX_set_min_proto_version(g.ssl_ctx, TLS1_2_VERSION)) { openssl_error("main"); cleanup_and_exit(1, EXIT_FAILURE); } g.ssl_idx = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); if (g.ssl_idx < 0) { openssl_error("main"); cleanup_and_exit(1, EXIT_FAILURE); } g.bio_idx = BIO_get_ex_new_index(0, NULL, NULL, NULL, NULL); if (g.bio_idx < 0) { openssl_error("main"); cleanup_and_exit(1, EXIT_FAILURE); } SSL_CTX_set_client_hello_cb(g.ssl_ctx, ssl_client_hello_cb, NULL); SSL_CTX_set_alpn_select_cb(g.ssl_ctx, ssl_alpn_select_cb, NULL); #elif defined(USE_MBEDTLS) #if defined(MBEDTLS_VERSION_C) if (mbedtls_version_get_number() < 0x02100000) { errx("mbedTLS version 2.16 or later is required"); cleanup_and_exit(0, EXIT_FAILURE); } #if MBEDTLS_VERSION_NUMBER < 0x02170000 #if defined(MBEDTLS_VERSION_FEATURES) if (mbedtls_version_check_feature( "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION")) { errx("mbedTLS earlier than version 2.23 configured without " "MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION"); cleanup_and_exit(0, EXIT_FAILURE); } #else #warning mbedTLS runtime feature check disabled. Consider reconfiguring \ mbedTLS with MBEDTLS_VERSION_FEATURES #endif #endif #else #warning mbedTLS runtime version check disabled. Consider reconfiguring \ mbedTLS with MBEDTLS_VERSION_C #endif mbedtls_entropy_init(&g.entropy); mbedtls_ctr_drbg_init(&g.ctr_drbg); rc = mbedtls_ctr_drbg_seed(&g.ctr_drbg, mbedtls_entropy_func, &g.entropy, NULL, 0); if (rc) { errx("mbedtls_ctr_dbg_seed failed: %s", _mbedtls_strerror(rc)); cleanup_and_exit(1, EXIT_FAILURE); } const unsigned char id[] = {0x4, 0x1, 0x0}; if (auth_crt("dummy", id, sizeof(id), &g.crt, &g.crt_len, &g.key, &g.key_len)) cleanup_and_exit(1, EXIT_FAILURE); #endif g.sockfd = socket(AF_UNIX, SOCK_STREAM, 0); if (g.sockfd == -1) { err("failed to create socket"); cleanup_and_exit(1, EXIT_FAILURE); } rc = connect(g.sockfd, (struct sockaddr *)&sock_addr, sizeof(sock_addr)); if (rc == 0) { errx("another instance is already listening to unix://%s", g.socket); close(g.sockfd); g.sockfd = -1; cleanup_and_exit(1, EXIT_FAILURE); } if (unlink(g.socket) && errno != ENOENT) { err("failed to unlink %s", g.socket); cleanup_and_exit(1, EXIT_FAILURE); } if (setsockopt(g.sockfd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) warn("failed to set SO_REUSEADDR on unix://%s", g.socket); mask = umask(~g.sockmode & (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH)); rc = bind(g.sockfd, (struct sockaddr *)&sock_addr, sizeof(sock_addr)); umask(mask); if (rc) { err("failed to bind to unix://%s", g.socket); cleanup_and_exit(1, EXIT_FAILURE); } if (listen(g.sockfd, SOMAXCONN)) { err("failed to listen to unix://%s", g.socket); cleanup_and_exit(1, EXIT_FAILURE); } if (strstr(PACKAGE_VERSION, "-dev-")) { warnx("development version " PACKAGE_VERSION " starting"); warnx("please use for testing only; releases are available at " "https://github.com/ndilieto/uacme/tree/upstream/latest"); } else noticex("version " PACKAGE_VERSION " starting"); noticex("control interface listening to unix://%s", g.socket); g_shm_size = sizeof(struct shm) + (g.max_auths - 1)*sizeof(auth_t); #if HAVE_MAP_DEVZERO g.devzero = open("/dev/zero", O_RDWR); if (g.devzero == -1) { err("open(\"/dev/zero\") failed"); cleanup_and_exit(1, EXIT_FAILURE); } g_shm = (struct shm *)mmap(NULL, g_shm_size, PROT_READ | PROT_WRITE, MAP_SHARED, g.devzero, 0); #elif HAVE_MAP_ANON #if !defined(MAP_ANONYMOUS) #define MAP_ANONYMOUS MAP_ANON #endif g_shm = (struct shm *)mmap(NULL, g_shm_size, PROT_READ | PROT_WRITE, MAP_ANONYMOUS|MAP_SHARED, -1, 0); #endif if (g_shm == MAP_FAILED) { err("mmap failed"); cleanup_and_exit(1, EXIT_FAILURE); } memset(g_shm, 0, g_shm_size); for (size_t n = 0; n < g.max_auths; n++) SGLIB_DL_LIST_ADD(auth_t, g_shm->avail, g_shm->pool + n, left, right); if (sem_init(&g_shm->sem, 1, 1)) { err("sem_init failed"); cleanup_and_exit(2, EXIT_FAILURE); } if (sem_init(&g_shm->logsem, 1, 1)) { err("sem_init failed"); cleanup_and_exit(3, EXIT_FAILURE); } if (g.pidfile) { f = fopen(g.pidfile, "w"); if (!f) { err("failed to create %s", g.pidfile); cleanup_and_exit(4, EXIT_FAILURE); } if (fprintf(f, "%ld", (long)getpid()) < 0) { err("failed to write to %s", g.pidfile); fclose(f); cleanup_and_exit(4, EXIT_FAILURE); } if (fclose(f)) { err("failed to close %s", g.pidfile); cleanup_and_exit(4, EXIT_FAILURE); } } if (getrlimit(RLIMIT_NOFILE, &rl)) warn("getrlimit failed"); else { struct rlimit rl2 = { rl.rlim_max, rl.rlim_max }; if (setrlimit(RLIMIT_NOFILE, &rl2)) warn("setrlimit failed"); else rl = rl2; if (rl.rlim_cur != RLIM_INFINITY) infox("open file descriptor limit: %lld", (long long)rl.rlim_cur); } for (n = 0; n < 9; n++) { const char *backends[] = { "SELECT", "POLL", "EPOLL", "KQUEUE", "DEVPOLL", "PORT", "LINUXAIO", "IOURING", "unknown" }; if (n == 8 || (ev_backend(EV_DEFAULT) & (1 << n))) { infox("libev initialized (backend %s)", backends[n]); break; } } ev_io_init(&g.controller, cb_controller_accept, g.sockfd, EV_READ); ev_set_priority(&g.controller, +2); ev_io_start(EV_DEFAULT_ &g.controller); ev_signal_init(&g.sigint, cb_signal, SIGINT); ev_signal_start(EV_DEFAULT_ &g.sigint); ev_signal_init(&g.sigterm, cb_signal, SIGTERM); ev_signal_start(EV_DEFAULT_ &g.sigterm); ev_timer_init(&g.timer, cb_timer, 0.1, 1.0); ev_set_priority(&g.timer, +2); ev_timer_start(EV_DEFAULT_ &g.timer); ev_cleanup_init(&g.cleanup, cb_cleanup); ev_cleanup_start(EV_DEFAULT_ &g.cleanup); for (str = g.bind; str; str = str->next) { int family = g.family; if (!str->str && g.family == AF_UNSPEC) { #if defined(IPV6_V6ONLY) family = (str == g.bind) ? AF_INET6 : AF_INET; #else family = AF_INET6; #endif } rc = parse_addr(str->str, flags | AI_PASSIVE, family, &ai); if (rc != 0) { warnx("failed to parse address '%s': %s", str->str, rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); continue; } for (struct addrinfo *a = ai; a; a = a->ai_next) { rc = getnameinfo(a->ai_addr, a->ai_addrlen, host, sizeof(host), port, sizeof(port), NI_NUMERICHOST | NI_NUMERICSERV); if (rc) { warn("getnameinfo failed: %s", rc == EAI_SYSTEM ? strerror(errno) : gai_strerror(rc)); continue; } fd = socket(a->ai_family, SOCK_STREAM, 0); if (fd == -1) { warn("failed to create socket for %s:%s", host, port); continue; } #if defined(IPV6_V6ONLY) if ((a->ai_family == AF_INET6 && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &one, sizeof(one)))) { warn("failed to set IPV6_V6ONLY for %s:%s", host, port); close(fd); continue; } #endif if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) { warn("failed to set SO_REUSEADDR for %s:%s", host, port); close(fd); continue; } if (bind(fd, a->ai_addr, a->ai_addrlen)) { warn("failed to bind to %s:%s", host, port); close(fd); continue; } if (listen(fd, SOMAXCONN)) { warn("failed to listen to %s:%s", host, port); close(fd); continue; } if (set_nonblocking(fd)) { warn("failed to set O_NONBLOCK on %s:%s", host, port); close(fd); continue; } listener_t *l = calloc(1, sizeof(*l)); if (!l) { warn("calloc failed for %s:%s", host, port); close(fd); continue; } ev_io_init(&l->io, cb_client_accept, fd, EV_READ); ev_set_priority(&l->io, +1); ev_io_start(EV_DEFAULT_ &l->io); SGLIB_LIST_ADD(listeners_t, g.listeners, l, next); noticex("frontend listening to %s:%s", host, port); break; } freeaddrinfo(ai); } if (g.user) { if (g.socket && chown(g.socket, g.uid, g.gid)) warn("failed to change owner/group of %s", g.socket); if (g.pidfile && chown(g.pidfile, g.uid, g.gid)) warn("failed to change owner/group of %s", g.pidfile); if (g.logfilename && chown(g.logfilename, g.uid, g.gid)) warn("failed to change owner/group of %s", g.logfilename); } if (g.chroot) { if (chdir(g.chroot)) { err("chdir(\"%s\") failed", g.chroot); cleanup_and_exit(4, EXIT_FAILURE); } noticex("changing root directory (%s)", g.chroot); if (g.daemon && !g.logfilename) { struct stat st; if (stat("dev/log", &st)) { if (errno == ENOENT) warnx("%s/dev/log missing, logging will probably not work", g.chroot); else { err("stat(\"%s/dev/log\") failed", g.chroot); cleanup_and_exit(4, EXIT_FAILURE); } } else if (!S_ISSOCK(st.st_mode)) warnx("%s/dev/log is no socket, logging will probably not work", g.chroot); } if (chroot(".")) { err("chroot(\"%s\") failed", g.chroot); cleanup_and_exit(4, EXIT_FAILURE); } } if (g.group) { noticex("changing group (%s)", g.group); if (setgid(g.gid) != 0) { err("setgid(%d) failed", g.gid); cleanup_and_exit(4, EXIT_FAILURE); } if (initgroups(g.user, g.gid) != 0) { warn("initgroups(\"%s\", %d) failed", g.user, g.gid); } } if (g.user) { noticex("changing user (%s)", g.user); if (setuid(g.uid) != 0) { err("setuid(%d) failed", g.uid); cleanup_and_exit(4, EXIT_FAILURE); } } if (g.listeners) { if (g.daemon) { if (write(g.pipefd[1], "OK", 2) != 2) { err("failed to write to pipe"); cleanup_and_exit(4, EXIT_FAILURE); } close(g.pipefd[1]); g.pipefd[1] = -1; if (dup2(STDOUT_FILENO, STDERR_FILENO) == -1) { err("dup2(STDERR_FILENO) failed"); cleanup_and_exit(4, EXIT_FAILURE); } if (!g.logfilename) g.logfile = NULL; } ev_run(EV_DEFAULT_ 0); cleanup_and_exit(UINT_MAX, EXIT_SUCCESS); } else { errx("failed to listen to all address"); cleanup_and_exit(UINT_MAX, EXIT_FAILURE); } // it should never get here return EXIT_FAILURE; } uacme-1.7.6/uacme.sh0000755000000000000000000000305014555533301011141 00000000000000#!/bin/sh # Copyright (C) 2019-2024 Nicola Di Lieto # # This file is part of uacme. # # uacme is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # uacme is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . CHALLENGE_PATH="${UACME_CHALLENGE_PATH:-/var/www/.well-known/acme-challenge}" ARGS=5 E_BADARGS=85 if test $# -ne "$ARGS" then echo "Usage: $(basename "$0") method type ident token auth" 1>&2 exit $E_BADARGS fi METHOD=$1 TYPE=$2 IDENT=$3 TOKEN=$4 AUTH=$5 case "$METHOD" in "begin") case "$TYPE" in http-01) printf "%s" "${AUTH}" > "${CHALLENGE_PATH}/${TOKEN}" exit $? ;; *) exit 1 ;; esac ;; "done"|"failed") case "$TYPE" in http-01) rm "${CHALLENGE_PATH}/${TOKEN}" exit $? ;; *) exit 1 ;; esac ;; *) echo "$0: invalid method" 1>&2 exit 1 esac uacme-1.7.6/curlwrap.c0000644000000000000000000001605014734246045011524 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #include "config.h" #include #include #include #include #include #include #include "curlwrap.h" #include "msg.h" curldata_t *curldata_calloc(void) { curldata_t *c = calloc(1, sizeof(curldata_t)); if (!c) { warn("curldata_calloc: calloc failed"); return NULL; } c->body = strdup(""); if (!c->body) { warn("curldata_calloc: strdup failed"); free(c); return NULL; } c->headers = strdup(""); if (!c->headers) { warn("curldata_calloc: strdup failed"); free(c->body); free(c); return NULL; } return c; } void curldata_free(curldata_t *c) { if (!c) return; free(c->body); free(c->headers); free(c); } static size_t curl_hcb(char *buf, size_t size, size_t n, void *userdata) { curldata_t *c = (curldata_t *)userdata; void *p = realloc(c->headers, c->headers_len + size * n + 1); if (!p) { warn("curl_hcb: realloc failed"); return 0; } c->headers = p; memcpy(c->headers + c->headers_len, buf, size * n); c->headers_len += size * n; c->headers[c->headers_len] = 0; return size * n; } static size_t curl_wcb(void *ptr, size_t size, size_t n, void *userdata) { curldata_t *c = (curldata_t *)userdata; void *p = realloc(c->body, c->body_len + size * n + 1); if (!p) { warn("curl_wcb: realloc failed"); return 0; } c->body = p; memcpy(c->body + c->body_len, ptr, size * n); c->body_len += size * n; c->body[c->body_len] = 0; return size * n; } static void curl_env(CURL *curl) { const char *cainfo = getenv("UACME_CAINFO"); const char *capath = getenv("UACME_CAPATH"); const char *dnssrv = getenv("UACME_DNS_SERVERS"); const char *iface = getenv("UACME_INTERFACE"); const char *proxy = getenv("UACME_PROXY"); curl_easy_setopt(curl, CURLOPT_USERAGENT, "uacme/" VERSION " (https://github.com/ndilieto/uacme)"); if (g_loglevel > 3) curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); if (cainfo) curl_easy_setopt(curl, CURLOPT_CAINFO, cainfo); if (capath) curl_easy_setopt(curl, CURLOPT_CAPATH, capath); if (dnssrv) curl_easy_setopt(curl, CURLOPT_DNS_SERVERS, dnssrv); if (iface) curl_easy_setopt(curl, CURLOPT_INTERFACE, iface); if (proxy) curl_easy_setopt(curl, CURLOPT_PROXY, proxy); } curldata_t *curl_get(const char *url) { curldata_t *c = NULL; for (int retry = 0; retry < 3; retry++) { CURL *curl; CURLcode res; curl = curl_easy_init(); if (!curl) { warnx("curl_get: curl_easy_init failed"); return NULL; } c = curldata_calloc(); if (!c) { warnx("curl_get: curldata_calloc failed"); curl_easy_cleanup(curl); return NULL; } curl_env(curl); curl_easy_setopt(curl, CURLOPT_URL, url); curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, curl_wcb); curl_easy_setopt(curl, CURLOPT_WRITEDATA, c); curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, curl_hcb); curl_easy_setopt(curl, CURLOPT_HEADERDATA, c); res = curl_easy_perform(curl); if (res != CURLE_OK) { warnx("curl_get: GET %s failed: %s", url, curl_easy_strerror(res)); curldata_free(c); c = NULL; } else { long code = -1; curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &code); c->code = code; } curl_easy_cleanup(curl); if (c) break; else if (retry < 3) { warnx("curl_get: waiting 5 seconds before retrying"); sleep(5); } } return c; } curldata_t *curl_post(const char *url, void *post_data, size_t post_size, const char *header, ...) { va_list ap; curldata_t *c = NULL; for (int retry = 0; retry < 3; retry++) { CURL *curl; CURLcode res; struct curl_slist *list = NULL; curl = curl_easy_init(); if (!curl) { warnx("curl_post: curl_easy_init failed"); return NULL; } c = curldata_calloc(); if (!c) { warnx("curl_post: curldata_calloc failed"); curl_easy_cleanup(curl); return NULL; } curl_env(curl); curl_easy_setopt(curl, CURLOPT_URL, url); curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, curl_wcb); curl_easy_setopt(curl, CURLOPT_WRITEDATA, c); curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, curl_hcb); curl_easy_setopt(curl, CURLOPT_HEADERDATA, c); curl_easy_setopt(curl, CURLOPT_POSTFIELDS, post_data); curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, post_size); va_start(ap, header); while (header) { list = curl_slist_append(list, header); header = va_arg(ap, const char *); } va_end(ap); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, list); res = curl_easy_perform(curl); curl_slist_free_all(list); if (res != CURLE_OK) { warnx("curl_post: POST %s failed: %s", url, curl_easy_strerror(res)); curldata_free(c); c = NULL; } else { long code = -1; curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &code); c->code = code; } curl_easy_cleanup(curl); if (c) break; else if (retry < 3) { warnx("curl_post: waiting 5 seconds before retrying"); sleep(5); } } return c; } char *find_header(const char *headers, const char *name) { char *regex = NULL; if (asprintf(®ex, "^%s:[ \t]*(.*)\r\n", name) < 0) { warnx("find_header: asprintf failed"); return NULL; } char *ret = NULL; regex_t reg; if (regcomp(®, regex, REG_EXTENDED | REG_ICASE | REG_NEWLINE)) { warnx("find_header: regcomp failed"); } else { regmatch_t m[2]; if (regexec(®, headers, 2, m, 0) == 0) { ret = strndup(headers + m[1].rm_so, m[1].rm_eo - m[1].rm_so); if (!ret) warn("find_header: strndup failed"); } } free(regex); regfree(®); return ret; } uacme-1.7.6/nsupdate.sh0000755000000000000000000001163114555533301011676 00000000000000#!/bin/sh # Copyright (C) 2020 Michel Stam # Copyright (C) 2023 Michal Roszkowski # # This file is part of uacme. # # uacme is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # uacme is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Commands DIG=dig NSUPDATE=nsupdate # Server to which updates will be sent. If not specified it will # be obtained from MNAME in the SOA record. NSUPDATE_SERVER= # Files # {NSUPDATE,DIG}_KEY # If you wish to sign transactions using TSIG, specify the keyfile # here. If you do, also make sure named.conf specifies the # key "KEYNAME"; in the zone that must be updated (and disallow # all others for safety) NSUPDATE_KEY= DIG_KEY= ARGS=5 E_BADARGS=85 if [ $# -ne "$ARGS" ]; then echo "Usage: $(basename "$0") method type ident token auth" 1>&2 exit $E_BADARGS fi METHOD=$1 TYPE=$2 IDENT=$3 TOKEN=$4 AUTH=$5 ns_getns() { local zone=$1 local answer [ -n "$zone" ] && answer=$($DIG ${DIG_KEY:+-k ${DIG_KEY}} +noall +nottl +noclass +answer "$zone" NS) || return local owner local type local rdata while read -r owner type rdata; do [ "$type" = NS ] && echo $rdata done <<-EOF $answer EOF } ns_getall() { local name=$1 local answer local zone local primary [ -n "$name" ] && answer=$($DIG ${DIG_KEY:+-k ${DIG_KEY}} +noall +nottl +noclass +answer +authority "$name" SOA) || return name=${name%.}. local owner local type local rdata while read -r owner type rdata; do case "$type" in CNAME) name=$rdata ;; DNAME) name=${name%$owner}$rdata ;; SOA) zone=$owner set -- $rdata && primary=$1 ;; esac done <<-EOF $answer EOF echo $name $zone $primary } ns_ispresent() { local challenge=$2 set -- $(ns_getall "$1") local name=$1 local nameservers=$(ns_getns "$2") local answer local target local rc=1 local ns for ns in $nameservers; do answer=$($DIG ${DIG_KEY:+-k ${DIG_KEY}} +noall +nottl +noclass +answer "@$ns" "$name" TXT) || continue target= local owner local type local rdata while read -r owner type rdata; do case "$type" in CNAME) target=$rdata ;; DNAME) [ -n "$target" ] && target=${target%$owner}$rdata || target=${name%$owner}$rdata ;; TXT) [ "$rdata" = \"$challenge\" ] && rc=0 && continue 2 target= ;; esac done <<-EOF $answer EOF [ -n "$target" ] && ns_ispresent "$target" "$challenge" && rc=0 || return 1 done return $rc } ns_doupdate() { local action=$1 local challenge=$3 set -- $(ns_getall "$2") local name=$1 local zone=$2 local server=${NSUPDATE_SERVER:-$3} local ttl=300 [ -n "$server" ] && [ -n "$zone" ] && [ -n "$name" ] && [ -n "$challenge" ] || return 1 $NSUPDATE ${NSUPDATE_KEY:+-k ${NSUPDATE_KEY}} -v <<-EOF server ${server} zone ${zone} update ${action} ${name} ${ttl} IN TXT ${challenge} send EOF return $? } ns_update() { local action=$1 local name=$2 local challenge=$3 local retries=5 local delay=5 local count=0 ns_doupdate "$action" "$name" "$challenge" || return 1 while sleep $delay; do case "$action" in add) ns_ispresent "$name" "$challenge" && break ;; del) ns_ispresent "$name" "$challenge" || break ;; *) return 1 esac [ $count -lt $retries ] || return 1 count=$((count + 1)) done return 0 } case "$METHOD" in "begin") case "$TYPE" in dns-01) ns_update add "_acme-challenge.$IDENT" "$AUTH" exit $? ;; *) exit 1 ;; esac ;; "done"|"failed") case "$TYPE" in dns-01) ns_update del "_acme-challenge.$IDENT" "$AUTH" exit $? ;; *) exit 1 ;; esac ;; *) echo "$0: invalid method" 1>&2 exit 1 esac uacme-1.7.6/Makefile.am0000644000000000000000000000657214555533301011560 00000000000000# Copyright (C) 2019-2024 Nicola Di Lieto # # This file is part of uacme. # # uacme is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # uacme is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . ACLOCAL_AMFLAGS=-I build-aux/m4 ARFLAGS=cr bin_PROGRAMS = uacme if ENABLE_UALPN bin_PROGRAMS += ualpn ualpn_SOURCES = ualpn.c base64.c base64.h log.c log.h sglib.h ualpn_CPPFLAGS = -DRUNSTATEDIR="\"${runstatedir}\"" -DSYSCONFDIR="\"${sysconfdir}\"" ualpn_CFLAGS = $(WCFLAGS) if ENABLE_LIBEV ualpn_SOURCES += libev/ev.h ualpn_CPPFLAGS += -Ilibev ualpn_LDADD = libev.a $(UALPN_LDADD) noinst_LIBRARIES = libev.a libev_a_SOURCES = libev/ev.c else ualpn_LDADD = $(UALPN_LDADD) endif endif uacme_SOURCES = uacme.c base64.c base64.h crypto.c crypto.h \ curlwrap.c curlwrap.h json.c json.h jsmn.h \ msg.c msg.h uacme_CPPFLAGS = -DRUNSTATEDIR="\"${runstatedir}\"" \ -DSYSCONFDIR="\"${sysconfdir}\"" \ $(CURL_CPPFLAGS) uacme_CFLAGS = $(CURL_CFLAGS) $(WCFLAGS) uacme_LDFLAGS = $(CURL_LDFLAGS) uacme_LDADD = $(CURL_LDADD) if ENABLE_READFILE uacme_SOURCES += read-file.c read-file.h endif BUILT_SOURCES = $(top_srcdir)/.version $(top_srcdir)/.version: echo $(VERSION) > $@-t && mv $@-t $@ dist-hook: echo $(VERSION) > $(distdir)/.tarball-version dist_pkgdata_SCRIPTS = uacme.sh nsupdate.sh if ENABLE_UALPN dist_pkgdata_SCRIPTS += ualpn.sh endif if ENABLE_DOCS dist_man1_MANS = uacme.1 dist_html_DATA = docs/uacme.html if ENABLE_UALPN dist_man1_MANS += ualpn.1 dist_html_DATA += docs/ualpn.html ualpn.1: ualpn.1.txt $(top_srcdir)/.version $(AM_V_GEN)$(A2X) -L -d manpage -f manpage \ -a revision=$(VERSION) \ -a sysconfdir="${sysconfdir}" \ -a runstatedir="${runstatedir}" $< docs/ualpn.html: ualpn.1.txt $(top_srcdir)/.version $(AM_V_GEN)$(ASCIIDOC) -d manpage -b html5 -o $@ \ -a revision=$(VERSION) \ -a sysconfdir="${sysconfdir}" \ -a runstatedir="${runstatedir}" $< endif uacme.1: uacme.1.txt $(top_srcdir)/.version $(AM_V_GEN)$(A2X) -L -d manpage -f manpage \ -a revision=$(VERSION) \ -a sysconfdir="${sysconfdir}" \ -a runstatedir="${runstatedir}" $< docs/uacme.html: uacme.1.txt $(top_srcdir)/.version $(AM_V_GEN)$(ASCIIDOC) -d manpage -b html5 -o $@ \ -a revision=$(VERSION) \ -a sysconfdir="${sysconfdir}" \ -a runstatedir="${runstatedir}" $< endif .PHONY: valgrind valgrind: uacme valgrind --tool=memcheck --leak-check=yes --show-reachable=yes \ --num-callers=20 --track-fds=yes --log-file=valgrind.log \ $(builddir)/uacme $(VALGRIND_UACME_ARGS) EXTRA_DIST = GNUmakefile build-aux/git-version-gen uacme.sh nsupdate.sh \ uacme.1.txt uacme.1 docs/uacme.html ualpn.1.txt ualpn.1 \ docs/ualpn.html libev/ev_epoll.c libev/ev_iouring.c \ libev/ev_kqueue.c libev/ev_linuxaio.c libev/ev_poll.c \ libev/ev_port.c libev/ev_select.c libev/ev_vars.h \ libev/ev_wrap.h README.md CLEANFILES = valgrind.log uacme-1.7.6/INSTALL0000644000000000000000000003661014555530551010555 00000000000000Installation Instructions ************************* Copyright (C) 1994-1996, 1999-2002, 2004-2013 Free Software Foundation, Inc. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without warranty of any kind. Basic Installation ================== Briefly, the shell command `./configure && make && make install' should configure, build, and install this package. The following more-detailed instructions are generic; see the `README' file for instructions specific to this package. Some packages provide this `INSTALL' file but do not implement all of the features documented below. The lack of an optional feature in a given package is not necessarily a bug. More recommendations for GNU packages can be found in *note Makefile Conventions: (standards)Makefile Conventions. The `configure' shell script attempts to guess correct values for various system-dependent variables used during compilation. It uses those values to create a `Makefile' in each directory of the package. It may also create one or more `.h' files containing system-dependent definitions. Finally, it creates a shell script `config.status' that you can run in the future to recreate the current configuration, and a file `config.log' containing compiler output (useful mainly for debugging `configure'). It can also use an optional file (typically called `config.cache' and enabled with `--cache-file=config.cache' or simply `-C') that saves the results of its tests to speed up reconfiguring. Caching is disabled by default to prevent problems with accidental use of stale cache files. If you need to do unusual things to compile the package, please try to figure out how `configure' could check whether to do them, and mail diffs or instructions to the address given in the `README' so they can be considered for the next release. If you are using the cache, and at some point `config.cache' contains results you don't want to keep, you may remove or edit it. The file `configure.ac' (or `configure.in') is used to create `configure' by a program called `autoconf'. You need `configure.ac' if you want to change it or regenerate `configure' using a newer version of `autoconf'. The simplest way to compile this package is: 1. `cd' to the directory containing the package's source code and type `./configure' to configure the package for your system. Running `configure' might take a while. While running, it prints some messages telling which features it is checking for. 2. Type `make' to compile the package. 3. Optionally, type `make check' to run any self-tests that come with the package, generally using the just-built uninstalled binaries. 4. Type `make install' to install the programs and any data files and documentation. When installing into a prefix owned by root, it is recommended that the package be configured and built as a regular user, and only the `make install' phase executed with root privileges. 5. Optionally, type `make installcheck' to repeat any self-tests, but this time using the binaries in their final installed location. This target does not install anything. Running this target as a regular user, particularly if the prior `make install' required root privileges, verifies that the installation completed correctly. 6. You can remove the program binaries and object files from the source code directory by typing `make clean'. To also remove the files that `configure' created (so you can compile the package for a different kind of computer), type `make distclean'. There is also a `make maintainer-clean' target, but that is intended mainly for the package's developers. If you use it, you may have to get all sorts of other programs in order to regenerate files that came with the distribution. 7. Often, you can also type `make uninstall' to remove the installed files again. In practice, not all packages have tested that uninstallation works correctly, even though it is required by the GNU Coding Standards. 8. Some packages, particularly those that use Automake, provide `make distcheck', which can by used by developers to test that all other targets like `make install' and `make uninstall' work correctly. This target is generally not run by end users. Compilers and Options ===================== Some systems require unusual options for compilation or linking that the `configure' script does not know about. Run `./configure --help' for details on some of the pertinent environment variables. You can give `configure' initial values for configuration parameters by setting variables in the command line or in the environment. Here is an example: ./configure CC=c99 CFLAGS=-g LIBS=-lposix *Note Defining Variables::, for more details. Compiling For Multiple Architectures ==================================== You can compile the package for more than one kind of computer at the same time, by placing the object files for each architecture in their own directory. To do this, you can use GNU `make'. `cd' to the directory where you want the object files and executables to go and run the `configure' script. `configure' automatically checks for the source code in the directory that `configure' is in and in `..'. This is known as a "VPATH" build. With a non-GNU `make', it is safer to compile the package for one architecture at a time in the source code directory. After you have installed the package for one architecture, use `make distclean' before reconfiguring for another architecture. On MacOS X 10.5 and later systems, you can create libraries and executables that work on multiple system types--known as "fat" or "universal" binaries--by specifying multiple `-arch' options to the compiler but only a single `-arch' option to the preprocessor. Like this: ./configure CC="gcc -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ CXX="g++ -arch i386 -arch x86_64 -arch ppc -arch ppc64" \ CPP="gcc -E" CXXCPP="g++ -E" This is not guaranteed to produce working output in all cases, you may have to build one architecture at a time and combine the results using the `lipo' tool if you have problems. Installation Names ================== By default, `make install' installs the package's commands under `/usr/local/bin', include files under `/usr/local/include', etc. You can specify an installation prefix other than `/usr/local' by giving `configure' the option `--prefix=PREFIX', where PREFIX must be an absolute file name. You can specify separate installation prefixes for architecture-specific files and architecture-independent files. If you pass the option `--exec-prefix=PREFIX' to `configure', the package uses PREFIX as the prefix for installing programs and libraries. Documentation and other data files still use the regular prefix. In addition, if you use an unusual directory layout you can give options like `--bindir=DIR' to specify different values for particular kinds of files. Run `configure --help' for a list of the directories you can set and what kinds of files go in them. In general, the default for these options is expressed in terms of `${prefix}', so that specifying just `--prefix' will affect all of the other directory specifications that were not explicitly provided. The most portable way to affect installation locations is to pass the correct locations to `configure'; however, many packages provide one or both of the following shortcuts of passing variable assignments to the `make install' command line to change installation locations without having to reconfigure or recompile. The first method involves providing an override variable for each affected directory. For example, `make install prefix=/alternate/directory' will choose an alternate location for all directory configuration variables that were expressed in terms of `${prefix}'. Any directories that were specified during `configure', but not in terms of `${prefix}', must each be overridden at install time for the entire installation to be relocated. The approach of makefile variable overrides for each directory variable is required by the GNU Coding Standards, and ideally causes no recompilation. However, some platforms have known limitations with the semantics of shared libraries that end up requiring recompilation when using this method, particularly noticeable in packages that use GNU Libtool. The second method involves providing the `DESTDIR' variable. For example, `make install DESTDIR=/alternate/directory' will prepend `/alternate/directory' before all installation names. The approach of `DESTDIR' overrides is not required by the GNU Coding Standards, and does not work on platforms that have drive letters. On the other hand, it does better at avoiding recompilation issues, and works well even when some directory options were not specified in terms of `${prefix}' at `configure' time. Optional Features ================= If the package supports it, you can cause programs to be installed with an extra prefix or suffix on their names by giving `configure' the option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. Some packages pay attention to `--enable-FEATURE' options to `configure', where FEATURE indicates an optional part of the package. They may also pay attention to `--with-PACKAGE' options, where PACKAGE is something like `gnu-as' or `x' (for the X Window System). The `README' should mention any `--enable-' and `--with-' options that the package recognizes. For packages that use the X Window System, `configure' can usually find the X include and library files automatically, but if it doesn't, you can use the `configure' options `--x-includes=DIR' and `--x-libraries=DIR' to specify their locations. Some packages offer the ability to configure how verbose the execution of `make' will be. For these packages, running `./configure --enable-silent-rules' sets the default to minimal output, which can be overridden with `make V=1'; while running `./configure --disable-silent-rules' sets the default to verbose, which can be overridden with `make V=0'. Particular systems ================== On HP-UX, the default C compiler is not ANSI C compatible. If GNU CC is not installed, it is recommended to use the following options in order to use an ANSI C compiler: ./configure CC="cc -Ae -D_XOPEN_SOURCE=500" and if that doesn't work, install pre-built binaries of GCC for HP-UX. HP-UX `make' updates targets which have the same time stamps as their prerequisites, which makes it generally unusable when shipped generated files such as `configure' are involved. Use GNU `make' instead. On OSF/1 a.k.a. Tru64, some versions of the default C compiler cannot parse its `' header file. The option `-nodtk' can be used as a workaround. If GNU CC is not installed, it is therefore recommended to try ./configure CC="cc" and if that doesn't work, try ./configure CC="cc -nodtk" On Solaris, don't put `/usr/ucb' early in your `PATH'. This directory contains several dysfunctional programs; working variants of these programs are available in `/usr/bin'. So, if you need `/usr/ucb' in your `PATH', put it _after_ `/usr/bin'. On Haiku, software installed for all users goes in `/boot/common', not `/usr/local'. It is recommended to use the following options: ./configure --prefix=/boot/common Specifying the System Type ========================== There may be some features `configure' cannot figure out automatically, but needs to determine by the type of machine the package will run on. Usually, assuming the package is built to be run on the _same_ architectures, `configure' can figure that out, but if it prints a message saying it cannot guess the machine type, give it the `--build=TYPE' option. TYPE can either be a short name for the system type, such as `sun4', or a canonical name which has the form: CPU-COMPANY-SYSTEM where SYSTEM can have one of these forms: OS KERNEL-OS See the file `config.sub' for the possible values of each field. If `config.sub' isn't included in this package, then this package doesn't need to know the machine type. If you are _building_ compiler tools for cross-compiling, you should use the option `--target=TYPE' to select the type of system they will produce code for. If you want to _use_ a cross compiler, that generates code for a platform different from the build platform, you should specify the "host" platform (i.e., that on which the generated programs will eventually be run) with `--host=TYPE'. Sharing Defaults ================ If you want to set default values for `configure' scripts to share, you can create a site shell script called `config.site' that gives default values for variables like `CC', `cache_file', and `prefix'. `configure' looks for `PREFIX/share/config.site' if it exists, then `PREFIX/etc/config.site' if it exists. Or, you can set the `CONFIG_SITE' environment variable to the location of the site script. A warning: not all `configure' scripts look for a site script. Defining Variables ================== Variables not defined in a site shell script can be set in the environment passed to `configure'. However, some packages may run configure again during the build, and the customized values of these variables may be lost. In order to avoid this problem, you should set them in the `configure' command line, using `VAR=value'. For example: ./configure CC=/usr/local2/bin/gcc causes the specified `gcc' to be used as the C compiler (unless it is overridden in the site shell script). Unfortunately, this technique does not work for `CONFIG_SHELL' due to an Autoconf limitation. Until the limitation is lifted, you can use this workaround: CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash `configure' Invocation ====================== `configure' recognizes the following options to control how it operates. `--help' `-h' Print a summary of all of the options to `configure', and exit. `--help=short' `--help=recursive' Print a summary of the options unique to this package's `configure', and exit. The `short' variant lists options used only in the top level, while the `recursive' variant lists options also present in any nested packages. `--version' `-V' Print the version of Autoconf used to generate the `configure' script, and exit. `--cache-file=FILE' Enable the cache: use and save the results of the tests in FILE, traditionally `config.cache'. FILE defaults to `/dev/null' to disable caching. `--config-cache' `-C' Alias for `--cache-file=config.cache'. `--quiet' `--silent' `-q' Do not print messages saying which checks are being made. To suppress all normal output, redirect it to `/dev/null' (any error messages will still be shown). `--srcdir=DIR' Look for the package's source code in directory DIR. Usually `configure' can determine that directory automatically. `--prefix=DIR' Use DIR as the installation prefix. *note Installation Names:: for more details, including other options available for fine-tuning the installation locations. `--no-create' `-n' Run the configure checks, but stop before creating any output files. `configure' also accepts some other, not widely useful, options. Run `configure --help' for more details. uacme-1.7.6/read-file.h0000644000000000000000000000213514555530551011520 00000000000000/* read-file.h -- read file contents into a string Copyright (C) 2006, 2009-2015 Free Software Foundation, Inc. Written by Simon Josefsson. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, see . */ #ifndef READ_FILE_H #define READ_FILE_H /* Get size_t. */ #include /* Get FILE. */ #include extern char *fread_file (FILE * stream, size_t * length); extern char *read_file (const char *filename, size_t * length); extern char *read_binary_file (const char *filename, size_t * length); #endif /* READ_FILE_H */ uacme-1.7.6/AUTHORS0000644000000000000000000000011514555530551010563 00000000000000Nicola Di Lieto * Original program author uacme-1.7.6/configure.ac0000644000000000000000000003661614564760270012023 00000000000000# Copyright (C) 2019-2024 Nicola Di Lieto # # This file is part of uacme. # # uacme is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # uacme is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . AC_PREREQ(2.53) AC_INIT([uacme], [m4_esyscmd([build-aux/git-version-gen .tarball-version])]) AC_CONFIG_SRCDIR([uacme.c]) AC_CONFIG_MACRO_DIR([build-aux/m4]) AC_CONFIG_AUX_DIR([build-aux]) AM_INIT_AUTOMAKE([subdir-objects]) AM_MAINTAINER_MODE([disable]) AM_SILENT_RULES([yes]) AX_IS_RELEASE([git-directory]) AX_CHECK_ENABLE_DEBUG([yes]) AC_USE_SYSTEM_EXTENSIONS AC_PROG_SED AC_PROG_GREP AC_PROG_RANLIB AC_PROG_INSTALL AC_PROG_CC AC_PROG_CC_C99 if test "x$ac_cv_prog_cc_c99" = "xno"; then AC_MSG_ERROR([Could not find a C99 compatible compiler]) fi AX_CHECK_COMPILE_FLAG([$CFLAGS -Wall], [WCFLAGS="-Wall"]) AX_CHECK_COMPILE_FLAG([$CFLAGS -Wextra], [WCFLAGS="$WCFLAGS -Wextra"]) AX_CHECK_COMPILE_FLAG([$CFLAGS -pedantic], [WCFLAGS="$WCFLAGS -pedantic"]) AX_CHECK_COMPILE_FLAG([$CFLAGS -fno-strict-aliasing], [WCFLAGS="$WCFLAGS -fno-strict-aliasing"]) AC_SUBST([WCFLAGS]) AC_SYS_LARGEFILE AC_CHECK_HEADERS([err.h], [], AC_MSG_ERROR([uacme requires err.h])) AC_CHECK_HEADERS([getopt.h], [], AC_MSG_ERROR([uacme requires sys/wait.h])) AC_CHECK_HEADERS([netdb.h], [], AC_MSG_ERROR([uacme requires netdb.h])) AC_CHECK_HEADERS([netinet/in.h], [], AC_MSG_ERROR([uacme requires netinet/in.h])) AC_CHECK_HEADERS([arpa/inet.h], [], AC_MSG_ERROR([uacme requires arpa/inet.h])) AC_CHECK_HEADERS([sys/socket.h], [], AC_MSG_ERROR([uacme requires sys/socket.h])) AC_CHECK_HEADERS([sys/stat.h], [], AC_MSG_ERROR([uacme requires sys/stat.h])) AC_CHECK_HEADERS([sys/types.h], [], AC_MSG_ERROR([uacme requires sys/types.h])) AC_CHECK_HEADERS([sys/wait.h], [], AC_MSG_ERROR([uacme requires sys/wait.h])) AC_CHECK_FUNCS([asprintf vasprintf], [], AC_MSG_ERROR([uacme requires (v)asprintf])) AC_CHECK_FUNCS([getopt_long], [], AC_MSG_ERROR([uacme requires getopt_long])) AC_CHECK_FUNCS([open_memstream], [], AC_MSG_ERROR([uacme requires open_memstream])) AC_CHECK_FUNCS([strcasestr]) AC_CHECK_FUNCS([setproctitle]) if test -n "$PKG_CONFIG"; then PKGCONFIG="$PKG_CONFIG" if test -z "`$PKGCONFIG --version`"; then AC_MSG_ERROR([PKG_CONFIG is invalid]) fi else PKG_PROG_PKG_CONFIG([0.28]) if test "x$PKG_CONFIG" = "x"; then AC_MSG_ERROR([Could not find pkg-config]) else PKGCONFIG="$PKG_CONFIG" fi fi OPT_LIBCURL=yes AC_ARG_WITH(libcurl, [AS_HELP_STRING([--with-libcurl[[=PATH]]], [PATH is libcurl installation root])], OPT_LIBCURL=$withval) if test "x$OPT_LIBCURL" = "xno"; then AC_MSG_ERROR([libcurl must be enabled]) fi if test "x$OPT_LIBCURL" = "xyes"; then AC_MSG_CHECKING([for libcurl >= 7.38.0]) itexists=`$PKGCONFIG --exists 'libcurl >= 7.38.0' >/dev/null 2>&1 && echo 1` if test -z "$itexists"; then AC_MSG_RESULT([no]) AC_MSG_ERROR([libcurl not found]) else CURL_LDADD=`$PKGCONFIG --libs-only-l libcurl` CURL_LDFLAGS=`$PKGCONFIG --libs-only-L --libs-only-other libcurl` CURL_CPPFLAGS=`$PKGCONFIG --cflags-only-I libcurl` CURL_CFLAGS=`$PKGCONFIG --cflags-only-other libcurl` version=`$PKGCONFIG --modversion libcurl` AC_MSG_RESULT([found $version]) AC_MSG_CHECKING([for libcurl https support]) https=`$PKGCONFIG --variable=supported_protocols libcurl 2>/dev/null | grep -q HTTPS && echo 1` if test -z "$https"; then AC_MSG_RESULT([no]) AC_MSG_ERROR([libcurl does not support https]) fi AC_MSG_RESULT([yes]) fi else CURL_LDADD=-lcurl CURL_LDFLAGS=-L$OPT_LIBCURL/lib$libsuff CURL_CPPFLAGS=-I$OPT_LIBCURL/include CURL_CFLAGS= fi AC_SUBST(CURL_LDADD) AC_SUBST(CURL_LDFLAGS) AC_SUBST(CURL_CPPFLAGS) AC_SUBST(CURL_CFLAGS) LIBS_ORIG=$LIBS LDFLAGS_ORIG=$LDFLAGS CPPFLAGS_ORIG=$CPPFLAGS CFLAGS_ORIG=$CFLAGS LIBS="$CURL_LDADD $LIBS" LDFLAGS="$LDFLAGS $CURL_LDFLAGS" CPPFLAGS="$CPPFLAGS $CURL_CPPFLAGS" CFLAGS="$CFLAGS $CURL_CFLAGS" AC_CHECK_LIB(curl, curl_global_init, [CURL_ENABLED=1], [AC_MSG_ERROR([libcurl check failed])]) LIBS=$LIBS_ORIG LDFLAGS=$LDFLAGS_ORIG CPPFLAGS=$CPPFLAGS_ORIG CFLAGS=$CFLAGS_ORIG OPT_MBEDTLS=no AC_ARG_WITH(mbedtls, [AS_HELP_STRING([--with-mbedtls[[=PATH]]], [build with mbedTLS, PATH is installation root]) AS_HELP_STRING([--without-mbedtls], [build without mbedTLS])], OPT_MBEDTLS=$withval) OPT_OPENSSL=no AC_ARG_WITH(openssl, [AS_HELP_STRING([--with-openssl[[=PATH]]], [build with OpenSSL, PATH is installation root]) AS_HELP_STRING([--without-openssl], [build without OpenSSL])], OPT_OPENSSL=$withval) if test "x$OPT_MBEDTLS" = "xno" -a "x$OPT_OPENSSL" = "xno"; then OPT_GNUTLS=yes else OPT_GNUTLS=no fi AC_ARG_WITH([gnutls], [AS_HELP_STRING([--with-gnutls[[=PATH]]], [build with GnuTLS, PATH is installation root]) AS_HELP_STRING([--without-gnutls], [build without GnuTLS])], OPT_GNUTLS=$withval) if test "x$OPT_GNUTLS" = "xno" -a "x$OPT_MBEDTLS" = "xno" -a "x$OPT_OPENSSL" = "xno"; then AC_MSG_ERROR([One of GnuTLS, OpenSSL or mbedTLS must be enabled]) fi if test "x$OPT_GNUTLS" != "xno" -a "x$OPT_MBEDTLS" != "xno"; then AC_MSG_ERROR([GnuTLS and mbedTLS cannot be both enabled]) fi if test "x$OPT_GNUTLS" != "xno" -a "x$OPT_OPENSSL" != "xno"; then AC_MSG_ERROR([GnuTLS and OpenSSL cannot be both enabled]) fi if test "x$OPT_OPENSSL" != "xno" -a "x$OPT_MBEDTLS" != "xno"; then AC_MSG_ERROR([OpenSSL and mbedTLS cannot be both enabled]) fi if test "x$OPT_GNUTLS" != "xno"; then addlib="" if test "x$OPT_GNUTLS" = "xyes"; then AC_MSG_CHECKING([for GnuTLS >= 3.3.30]) itexists=`$PKGCONFIG --exists 'gnutls >= 3.3.30' >/dev/null 2>&1 && echo 1` if test -z "$itexists"; then AC_MSG_RESULT([no]) AC_MSG_ERROR([gnutls not found]) else addlib=`$PKGCONFIG --libs-only-l gnutls` addld=`$PKGCONFIG --libs-only-L gnutls` addcflags=`$PKGCONFIG --cflags-only-I gnutls` version=`$PKGCONFIG --modversion gnutls` gtlslib=`echo $addld | sed -e 's/-L//'` AC_MSG_RESULT([found $version]) fi else addlib=-lgnutls addld=-L$OPT_GNUTLS/lib$libsuff addcflags=-I$OPT_GNUTLS/include gtlslib=$OPT_GNUTLS/lib$libsuff fi if test -n "$addlib"; then LIBS="$addlib $LIBS" LDFLAGS="$LDFLAGS $addld" if test "$addcflags" != "-I/usr/include"; then CPPFLAGS="$CPPFLAGS $addcflags" fi AC_CHECK_LIB(gnutls, gnutls_global_init, [AC_DEFINE(USE_GNUTLS, 1, [if GnuTLS is enabled]) AC_SUBST(USE_GNUTLS, [1]) USE_GNUTLS="yes"], [AC_MSG_ERROR([gnutls check failed])]) AC_CHECK_FUNCS([gnutls_decode_rs_value], [], [NEED_LIBTASN1="yes"]) AC_CHECK_FUNCS([gnutls_x509_crq_set_tlsfeatures], [], [AC_MSG_NOTICE([--must-staple requires GnuTLS 3.5.1 or later])]) fi fi if test "x$NEED_LIBTASN1" = "xyes"; then addlib="" AC_MSG_CHECKING([for libtasn1 >= 4.2]) itexists=`$PKGCONFIG --exists 'libtasn1 >= 4.2' >/dev/null 2>&1 && echo 1` if test -z "$itexists"; then AC_MSG_RESULT([no]) AC_MSG_ERROR([libtasn1 not found]) else addlib=`$PKGCONFIG --libs-only-l libtasn1` addld=`$PKGCONFIG --libs-only-L libtasn1` addcflags=`$PKGCONFIG --cflags-only-I libtasn1` version=`$PKGCONFIG --modversion libtasn1` tasn1lib=`echo $addld | sed -e 's/-L//'` AC_MSG_RESULT([found $version]) fi if test -n "$addlib"; then LIBS="$addlib $LIBS" LDFLAGS="$LDFLAGS $addld" if test "$addcflags" != "-I/usr/include"; then CPPFLAGS="$CPPFLAGS $addcflags" fi AC_CHECK_LIB(tasn1, asn1_get_tag_der, [AC_DEFINE(USE_LIBTASN1, 1, [if libtasn1 is enabled]) AC_SUBST(USE_LIBTASN1, [1]) LIBTASN1_ENABLED=1 USE_LIBTASN1="yes"], [AC_MSG_ERROR([libtasn1 check failed])]) fi fi if test "x$OPT_OPENSSL" != "xno"; then addlib="" if test "x$OPT_OPENSSL" = "xyes"; then AC_MSG_CHECKING([for OpenSSL >= 1.1.1]) itexists=`$PKGCONFIG --exists 'openssl >= 1.1.1' >/dev/null 2>&1 && echo 1` if test -z "$itexists"; then AC_MSG_RESULT([no]) AC_MSG_ERROR([openssl not found]) else addlib=`$PKGCONFIG --libs-only-l openssl` addld=`$PKGCONFIG --libs-only-L openssl` addcflags=`$PKGCONFIG --cflags-only-I openssl` version=`$PKGCONFIG --modversion openssl` openssllib=`echo $addld | sed -e 's/-L//'` AC_MSG_RESULT([found $version]) fi else addlib="-lssl -lcrypto" addld=-L$OPT_OPENSSL/lib$libsuff addcflags=-I$OPT_OPENSSL/include openssllib=$OPT_OPENSSL/lib$libsuff fi if test -n "$addlib"; then LIBS="$addlib $LIBS" LDFLAGS="$LDFLAGS $addld" if test "$addcflags" != "-I/usr/include"; then CPPFLAGS="$CPPFLAGS $addcflags" fi AC_CHECK_LIB(ssl, OpenSSL_version_num, [AC_DEFINE(USE_OPENSSL, 1, [if OpenSSL is enabled]) AC_SUBST(USE_OPENSSL, [1]) USE_OPENSSL="yes"], [AC_MSG_ERROR([openssl check failed])]) AC_MSG_CHECKING([if OpenSSL is really LibreSSL]) AC_COMPILE_IFELSE([AC_LANG_SOURCE([#include int main() {return LIBRESSL_VERSION_NUMBER;}])], LIBRESSL=yes AC_MSG_RESULT([yes]), AC_MSG_RESULT([no])) fi fi AM_CONDITIONAL(ENABLE_READFILE, test "x$USE_OPENSSL" != "xyes") if test "x$OPT_MBEDTLS" != "xno"; then addlib="-lmbedtls -lmbedx509 -lmbedcrypto" if test "x$OPT_MBEDTLS" = "xyes"; then addld="" addcflags="" else addld=-L$OPT_MBEDTLS/lib$libsuff addcflags=-I$OPT_MBEDTLS/include fi LIBS="$addlib $LIBS" LDFLAGS="$LDFLAGS $addld" CPPFLAGS="$CPPFLAGS $addcflags" AC_CHECK_LIB(mbedtls, mbedtls_entropy_init, [AC_DEFINE(USE_MBEDTLS, 1, [if mbedTLS is enabled]) AC_SUBST(USE_MBEDTLS, [1]) USE_MBEDTLS="yes"], [AC_MSG_ERROR([mbedtls check failed])]) if test "x$USE_MBEDTLS" = "xyes"; then AC_MSG_NOTICE([detected mbedTLS]) fi fi if test "x$LIBRESSL" = "xyes"; then OPT_UALPN=no else OPT_UALPN=yes fi AC_ARG_WITH(ualpn, [AS_HELP_STRING([--with-ualpn], [enable ualpn]) AS_HELP_STRING([--without-ualpn], [disable ualpn])], OPT_UALPN=$withval) if test "x$OPT_UALPN" != "xno"; then if test "x$LIBRESSL" = "xyes"; then AC_MSG_ERROR([ualpn is not compatible with LibreSSL]) fi AM_PROG_AR AC_CHECK_HEADERS([netinet/tcp.h], [], AC_MSG_ERROR([ualpn requires netinet/tcp.h])) AC_CHECK_HEADERS([sys/mman.h], [], AC_MSG_ERROR([ualpn requires sys/mman.h])) AC_CHECK_HEADERS([sys/resource.h], [], AC_MSG_ERROR([ualpn requires sys/resource.h])) AC_CHECK_HEADERS([sys/uio.h], [], AC_MSG_ERROR([ualpn requires sys/uio.h])) AC_CHECK_HEADERS([sys/un.h], [], AC_MSG_ERROR([ualpn requires sys/un.h])) AC_CHECK_FUNCS([mmap],[], AC_MSG_ERROR([ualpn requires mmap])) AC_MSG_CHECKING([if mmap(MAP_ANON|MAP_SHARED) works]) AC_RUN_IFELSE([AC_LANG_SOURCE([#include int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;}])], [ AC_DEFINE(HAVE_MAP_ANON, 1, [if mmap(MAP_ANON|MAP_SHARED) works]) AC_MSG_RESULT([yes]) ], [ AC_MSG_RESULT([no]) AC_MSG_CHECKING([if mmap("/dev/zero", MAP_SHARED) works]) AC_RUN_IFELSE([AC_LANG_SOURCE([#include #include #include int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, open("/dev/zero", O_RDWR), 0) == MAP_FAILED;}])], AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works]) AC_MSG_RESULT([yes]), AC_MSG_RESULT([no]) AC_MSG_ERROR([ualpn requires MAP_ANON or mmap("/dev/zero", MAP_SHARED)])) ], [ AC_COMPILE_IFELSE([AC_LANG_SOURCE([#include int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;}])], AC_DEFINE(HAVE_MAP_ANON, 1, [if mmap(MAP_ANON|MAP_SHARED) works]) AC_MSG_RESULT([yes]), AC_MSG_RESULT([no]) AC_MSG_NOTICE([falling back to mmap("/dev/zero", MAP_SHARED)]) AC_DEFINE(HAVE_MAP_DEVZERO, 1, [if mmap("/dev/zero", MAP_SHARED) works])) ]) AC_ARG_ENABLE(splice, AS_HELP_STRING([--disable-splice], [disable splice])) if test "x$enable_splice" != "xno"; then AC_CHECK_FUNCS([splice]) fi LIBS_ORIG=$LIBS LIBS= AC_SEARCH_LIBS([sem_init], [pthread], [], AC_MSG_ERROR([sem_init not found])) AC_SEARCH_LIBS([ev_version_major], [ev], [], [AC_MSG_NOTICE([libev not found, using included copy]) with_included_libev=yes m4_include([libev/libev.m4])]) UALPN_LDADD=$LIBS LIBS=$LIBS_ORIG fi AC_SUBST(UALPN_LDADD) AM_CONDITIONAL(ENABLE_UALPN, test "x$OPT_UALPN" = "xyes") AM_CONDITIONAL(ENABLE_LIBEV, test "x$with_included_libev" = "xyes") default_docs="yes" AC_ARG_ENABLE(docs, [AC_HELP_STRING([--disable-docs], [do not build and install documentation])], [],enable_docs=$default_docs) AM_CONDITIONAL(ENABLE_DOCS, test "x$enable_docs" = "xyes") if test "x$enable_docs" = "xyes"; then AC_PATH_PROG(A2X, a2x, no) AC_PATH_PROG(ASCIIDOC, asciidoc, no) AS_IF([test "x$A2X" = "xno"], [AC_MSG_ERROR([Could not find a2x.])]) AS_IF([test "x$ASCIIDOC" = "xno"], [AC_MSG_ERROR([Could not find asciidoc.])]) fi AS_CASE([$prefix:$localstatedir], [NONE:'${prefix}/var' | /usr:'${prefix}/var' | /usr/local:'${prefix}/var'], [localstatedir=/var; AC_MSG_NOTICE([--localstatedir defaulted to /var])]) AC_SUBST([localstatedir]) AS_CASE([$prefix:$sysconfdir], [NONE:'${prefix}/etc' | /usr:'${prefix}/etc' | /usr/local:'${prefix}/etc'], [sysconfdir=/etc; AC_MSG_NOTICE([--sysconfdir defaulted to /etc])]) AC_SUBST([sysconfdir]) AC_CONFIG_HEADERS([config.h]) AC_CONFIG_FILES([Makefile]) AC_OUTPUT uacme-1.7.6/msg.c0000644000000000000000000000516514734214530010452 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #include "config.h" #include #include #include #include #include #include "msg.h" int g_loglevel = 0; void msg(int level, const char *format, ...) { va_list ap; if (level > g_loglevel) return; va_start(ap, format); vwarnx(format, ap); va_end(ap); } void msg_hd(int level, const char *prefix, const void *data, size_t len) { char *buf = NULL; size_t buf_size = 0; const unsigned char *d = data; if (level > g_loglevel) return; FILE *f = open_memstream(&buf, &buf_size); if (!f) { warn("msg_hd: open_memstream failed"); return; } for (size_t o = 0; o < len; o += 0x10) { size_t i; if (fprintf(f, "%05zx: ", o) < 0) { warn("msg_hd: fprintf failed"); fclose(f); goto out; } for (i = 0; i < 0x10; i++) { int r = o + i < len ? fprintf(f, "%02hhx %s", d[o + i], (i & 7) == 7 ? " " : "") : fprintf(f, " %s", (i & 7) == 7 ? " " : ""); if (r < 0) { warn("msg_hd: fprintf failed"); fclose(f); goto out; } } if (fprintf(f, "|") < 0) { warn("msg_hd: fprintf failed"); fclose(f); goto out; } for (i = 0; i < 0x10 && o + i < len; i++) if (fprintf(f, "%c", isprint(d[o + i]) ? d[o + i] : '.') < 0) { warn("msg_hd: fprintf failed"); fclose(f); goto out; } if (fprintf(f, "|%s", o + i < len ? "\n" : "") < 0) { warn("msg_hd: fprintf failed"); fclose(f); goto out; } } if (fclose(f)) { warn("msg_hd: fclose failed"); goto out; } warnx("%s%s", prefix, buf); out: free(buf); return; } uacme-1.7.6/.tarball-version0000644000000000000000000000000614734275110012613 000000000000001.7.6 uacme-1.7.6/uacme.c0000644000000000000000000016141714734273373010773 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "base64.h" #include "curlwrap.h" #include "crypto.h" #include "json.h" #include "msg.h" #define PRODUCTION_URL "https://acme-v02.api.letsencrypt.org/directory" #define STAGING_URL "https://acme-staging-v02.api.letsencrypt.org/directory" #define DEFAULT_CONFDIR SYSCONFDIR "/ssl/uacme" typedef struct acme { privkey_t key; json_value_t *json; json_value_t *account; json_value_t *dir; json_value_t *order; char *nonce; char *kid; char *headers; char *body; char *type; unsigned char alt_fp[32]; size_t alt_fp_len; size_t alt_n; const char *eab_keyid; const char *eab_key; const char *directory; const char *hook; const char *email; char *keyprefix; char *certprefix; } acme_t; int acme_get(acme_t *a, const char *url) { int ret = 0; json_free(a->json); a->json = NULL; free(a->headers); a->headers = NULL; free(a->body); a->body = NULL; free(a->type); a->type = NULL; if (!url) { warnx("acme_get: invalid URL"); goto out; } if (g_loglevel > 1) warnx("acme_get: url=%s", url); curldata_t *c = curl_get(url); if (!c) { warnx("acme_get: curl_get failed"); goto out; } free(a->nonce); a->nonce = find_header(c->headers, "Replay-Nonce"); a->type = find_header(c->headers, "Content-Type"); if (a->type && strcasestr(a->type, "json")) a->json = json_parse(c->body, c->body_len); a->headers = c->headers; c->headers = NULL; a->body = c->body; c->body = NULL; ret = c->code; curldata_free(c); out: if (g_loglevel > 2) { if (a->headers) warnx("acme_get: HTTP headers\n%s", a->headers); if (a->body) warnx("acme_get: HTTP body\n%s", a->body); } if (g_loglevel > 1) { if (a->json) { warnx("acme_get: return code %d, json=", ret); json_dump(stderr, a->json); } else warnx("acme_get: return code %d", ret); } if (!a->headers) a->headers = strdup(""); if (!a->body) a->body = strdup(""); if (!a->type) a->type = strdup(""); return ret; } bool acme_error(acme_t *a) { if (!a->json) return false; if (a->type && strcasestr(a->type, "application/problem+json")) { warnx("the server reported the following error:"); json_dump(stderr, a->json); return true; } const json_value_t *e = json_find(a->json, "error"); if (e && e->type == JSON_OBJECT) { warnx("the server reported the following error:"); json_dump(stderr, e); return true; } return false; } bool acme_nonce(acme_t *a) { const char *url = json_find_string(a->dir, "newNonce"); if (!url) { warnx("failed to find newNonce URL in directory"); return false; } msg(2, "fetching new nonce at %s", url); if (acme_get(a, url) != 204) { warnx("failed to fetch new nonce at %s", url); acme_error(a); return false; } else if (acme_error(a)) return false; else if (!a->nonce) { warnx("failed to find nonce in newNonce resource"); return false; } return true; } int acme_post(acme_t *a, const char *url, const char *format, ...) { int ret = 0; char *payload = NULL; char *protected = NULL; char *jws = NULL; if (!url) { warnx("acme_post: invalid URL"); return 0; } if (!a->nonce && !acme_nonce(a)) { warnx("acme_post: no nonce available"); return 0; } va_list ap; va_start(ap, format); if (vasprintf(&payload, format, ap) < 0) payload = NULL; va_end(ap); if (!payload) { warnx("acme_post: vasprintf failed"); return 0; } for (int retry = 0; a->nonce && retry < 3; retry++) { if (retry > 0) msg(1, "acme_post: server rejected nonce, retrying"); json_free(a->json); a->json = NULL; free(a->headers); a->headers = NULL; free(a->body); a->body = NULL; free(a->type); a->type = NULL; protected = (a->kid && *a->kid) ? jws_protected_kid(a->nonce, url, a->kid, a->key) : jws_protected_jwk(a->nonce, url, a->key); if (!protected) { warnx("acme_post: jws_protected_xxx failed"); goto out; } jws = jws_encode(protected, payload, a->key); if (!jws) { warnx("acme_post: jws_encode failed"); goto out; } if (g_loglevel > 2) warnx("acme_post: url=%s payload=%s protected=%s jws=%s", url, payload, protected, jws); else if (g_loglevel > 1) warnx("acme_post: url=%s payload=%s", url, payload); curldata_t *c = curl_post(url, jws, strlen(jws), "Content-Type: application/jose+json", NULL); if (!c) { warnx("acme_post: curl_post failed"); goto out; } free(a->nonce); a->nonce = find_header(c->headers, "Replay-Nonce"); a->type = find_header(c->headers, "Content-Type"); if (a->type && strcasestr(a->type, "json")) a->json = json_parse(c->body, c->body_len); a->headers = c->headers; c->headers = NULL; a->body = c->body; c->body = NULL; ret = c->code; curldata_free(c); if (g_loglevel > 2) { if (a->headers) warnx("acme_post: HTTP headers:\n%s", a->headers); if (a->body) warnx("acme_post: HTTP body:\n%s", a->body); } if (g_loglevel > 1) { if (a->json) { warnx("acme_post: return code %d, json=", ret); json_dump(stderr, a->json); } else warnx("acme_post: return code %d", ret); } if (ret != 400 || !a->type || !a->nonce || !a->json || !strcasestr(a->type, "application/problem+json") || json_compare_string(a->json, "type", "urn:ietf:params:acme:error:badNonce") != 0) break; } out: free(payload); free(protected); free(jws); if (!a->headers) a->headers = strdup(""); if (!a->body) a->body = strdup(""); if (!a->type) a->type = strdup(""); return ret; } int hook_run(const char *prog, const char *method, const char *type, const char *ident, const char *token, const char *auth) { int ret = -1; pid_t pid = fork(); if (pid < 0) warn("hook_run: fork failed"); else if (pid > 0) { // parent int status; if (waitpid(pid, &status, 0) < 0) warn("hook_run: waitpid failed"); else if (WIFEXITED(status)) ret = WEXITSTATUS(status); else warnx("hook_run: %s terminated abnormally", prog); } else { // child setenv("UACME_METHOD", method, 1); setenv("UACME_TYPE", type, 1); setenv("UACME_IDENT", ident, 1); setenv("UACME_TOKEN", token, 1); setenv("UACME_AUTH", auth, 1); if (execl(prog, prog, method, type, ident, token, auth, (char *)NULL) < 0) { warn("hook_run: failed to execute %s", prog); abort(); } } return ret; } bool check_or_mkdir(bool allow_create, const char *dir, mode_t mode) { bool ret = false; char *tmp = strdup(dir); if (!tmp) { warnx("check_or_mkdir: strdup failed"); goto out; } for (size_t i = strlen(tmp); i > 1; i--) { if (tmp[i - 1] != '/') break; tmp[i - 1] = 0; } if (access(dir, F_OK) < 0) { if (!allow_create) { warnx("failed to access %s", dir); goto out; } if (mkdir(dir, mode) < 0) { warn("failed to create %s", dir); goto out; } msg(1, "created directory %s", dir); } struct stat st; if (stat(dir, &st) != 0) { warn("failed to stat %s", dir); goto out; } if (!S_ISDIR(st.st_mode)) { warnx("%s is not a directory", dir); goto out; } ret = true; out: free(tmp); return ret; } char *identifiers(char * const *names) { char *ids = NULL; char *tmp = NULL; if (asprintf(&tmp, "{\"identifiers\":[") < 0) { warnx("identifiers: asprintf failed"); return NULL; } while (names && *names) { if (asprintf(&ids, "%s{\"type\":\"%s\",\"value\":\"%s\"},", tmp, is_ip(*names, NULL, NULL) ? "ip" : "dns", *names) < 0) { warnx("identifiers: asprintf failed"); free(tmp); return NULL; } free(tmp); tmp = ids; ids = NULL; names++; } tmp[strlen(tmp)-1] = 0; if (asprintf(&ids, "%s]}", tmp) < 0) { warnx("identifiers: asprintf failed"); ids = NULL; } free(tmp); return ids; } bool acme_bootstrap(acme_t *a) { msg(1, "fetching directory at %s", a->directory); if (acme_get(a, a->directory) != 200) { warnx("failed to fetch directory at %s", a->directory); acme_error(a); return false; } else if (acme_error(a)) return false; a->dir = a->json; a->json = NULL; return true; } char *eab_encode(acme_t *a, const char *url) { char *protected = NULL; char *payload = NULL; char *jws = NULL; protected = jws_protected_eab(256, a->eab_keyid, url); if (!protected) { warnx("eab_encode: jws_protected_eab failed"); goto out; } payload = jws_jwk(a->key, NULL, NULL); if (!payload) { warnx("eab_encode: jws_jwk failed"); goto out; } jws = jws_encode_hmac(protected, payload, 256, a->eab_key); if (!jws) { warnx("eab_encode: jws_encode_hmac failed"); goto out; } if (g_loglevel > 2) warnx("eab_encode: payload=%s protected=%s jws=%s", payload, protected, jws); out: free(protected); free(payload); return jws; } bool account_new(acme_t *a, bool yes) { const char *url = json_find_string(a->dir, "newAccount"); if (!url) { warnx("failed to find newAccount URL in directory"); return false; } msg(1, "creating new account at %s", url); switch (acme_post(a, url, "{\"onlyReturnExisting\":true}")) { case 200: if (!(a->kid = find_header(a->headers, "Location"))) { warnx("account exists but location not found"); return false; } warnx("Account already exists at %s", a->kid); return false; case 400: if (a->json && a->type && strcasestr(a->type, "application/problem+json") && json_compare_string(a->json, "type", "urn:ietf:params:acme:error:accountDoesNotExist") == 0) { const json_value_t *meta = json_find(a->dir, "meta"); const char *ext = json_find_value(meta, "externalAccountRequired"); if (ext && strcasecmp(ext, "true") == 0 && !a->eab_key) { msg(0, "this ACME server requires external credentials, " "please supply them with -e KEYID:KEY"); return false; } const char *terms = json_find_string(meta, "termsOfService"); if (terms) { if (yes) msg(0, "terms at %s autoaccepted (-y)", terms); else { char c = 0; msg(0, "type 'y' to accept the terms at %s", terms); if (scanf(" %c", &c) != 1 || tolower(c) != 'y') { warnx("terms not agreed to, aborted"); return false; } } } char *payload = strdup("\"termsOfServiceAgreed\":true"); if (!payload) { warn("account_new: strdup failed"); return false; } if (a->email && strlen(a->email)) { char *tmp = NULL; if (asprintf(&tmp, "%s,\"contact\": [\"mailto:%s\"]", payload, a->email) < 0) { warnx("account_new: asprintf failed"); free(tmp); free(payload); return false; } free(payload); payload = tmp; } if (a->eab_key) { char *tmp = NULL; char *eab = eab_encode(a, url); if (!eab) { warnx("account_new: eab_encode failed"); free(payload); return false; } if (asprintf(&tmp, "%s,\"externalAccountBinding\": %s", payload, eab) < 0) { warnx("account_new: asprintf failed"); free(tmp); free(eab); free(payload); return false; } free(eab); free(payload); payload = tmp; } int r = acme_post(a, url, "{%s}", payload); free(payload); if (r == 201) { if (acme_error(a)) return false; if (json_compare_string(a->json, "status", "valid")) { const char *st = json_find_string(a->json, "status"); warnx("account created but status is not valid (%s)", st ? st : "unknown"); return false; } if (!(a->kid = find_header(a->headers, "Location"))) { warnx("account created but location not found"); return false; } msg(1, "account created at %s", a->kid); return true; } } // intentional fallthrough default: warnx("failed to create account at %s", url); acme_error(a); return false; } } bool account_retrieve(acme_t *a) { const char *url = json_find_string(a->dir, "newAccount"); if (!url) { warnx("failed to find newAccount URL in directory"); return false; } msg(1, "retrieving account at %s", url); switch (acme_post(a, url, "{\"onlyReturnExisting\":true}")) { case 200: if (acme_error(a)) return false; break; case 400: if (a->json && a->type && strcasestr(a->type, "application/problem+json") && json_compare_string(a->json, "type", "urn:ietf:params:acme:error:accountDoesNotExist") == 0) { warnx("no account associated with %s/key.pem found at %s. " "Consider trying 'new'", a->keyprefix, url); return false; } // intentional fallthrough default: warnx("failed to retrieve account at %s", url); acme_error(a); return false; } const char *status = json_find_string(a->json, "status"); if (status && strcmp(status, "valid")) { warnx("invalid account status (%s)", status); return false; } if (!(a->kid = find_header(a->headers, "Location"))) { warnx("account location not found"); return false; } msg(1, "account location: %s", a->kid); a->account = a->json; a->json = NULL; return true; } bool account_update(acme_t *a) { bool email_update = false; const json_value_t *contacts = json_find(a->account, "contact"); if (contacts && contacts->type != JSON_ARRAY) { warnx("failed to parse account contacts"); return false; } if (a->email && strlen(a->email) > 0) { if (!contacts || contacts->v.array.size == 0) email_update = true; else for (size_t i=0; iv.array.size; i++) { if (contacts->v.array.values[i].type != JSON_STRING || strcasestr(contacts->v.array.values[i].v.value, "mailto:") != contacts->v.array.values[i].v.value) { warnx("failed to parse account contacts"); return false; } if (strcasecmp(contacts->v.array.values[i].v.value + strlen("mailto:"), a->email)) email_update = true; } } else if (contacts && contacts->v.array.size > 0) email_update = true; if (email_update) { int ret = 0; if (a->email && strlen(a->email) > 0) { msg(1, "updating account email to %s at %s", a->email, a->kid); ret = acme_post(a, a->kid, "{\"contact\": [\"mailto:%s\"]}", a->email); } else { msg(1, "removing account email at %s", a->kid); ret = acme_post(a, a->kid, "{\"contact\": []}"); } if (ret != 200) { warnx("failed to update account email at %s", a->kid); acme_error(a); return false; } else if (acme_error(a)) return false; msg(1, "account at %s updated", a->kid); } else msg(1, "email is already up to date for account at %s", a->kid); return true; } bool account_keychange(acme_t *a, bool never, keytype_t type, int bits) { bool success = false; privkey_t newkey = NULL; char *newkeyfile = NULL; char *keyfile = NULL; char *bakfile = NULL; char *protected = NULL; char *payload = NULL; char *jwk = NULL; char *jws = NULL; const char *url = json_find_string(a->dir, "keyChange"); if (!url) { warnx("account_keychange: failed to find keyChange URL in directory"); goto out; } if (asprintf(&keyfile, "%s/key.pem", a->keyprefix) < 0) { warnx("account_keychange: asprintf failed"); keyfile = NULL; goto out; } if (asprintf(&bakfile, "%s/key-%llu.pem", a->keyprefix, (unsigned long long)time(NULL)) < 0) { warnx("account_keychange: asprintf failed"); bakfile = NULL; goto out; } if (asprintf(&newkeyfile, "%s/newkey.pem", a->keyprefix) < 0) { warnx("account_keychange: asprintf failed"); newkeyfile = NULL; goto out; } newkey = key_load(never ? PK_NONE : type, bits, newkeyfile); if (!newkey) goto out; protected = jws_protected_jwk(NULL, url, newkey); if (!protected) { warnx("account_keychange: jws_protected_jwk failed"); goto out; } jwk = jws_jwk(a->key, NULL, NULL); if (!jwk) { warnx("account_keychange: jws_jwk failed"); goto out; } if (asprintf(&payload, "{\"account\":\"%s\",\"oldKey\":%s}", a->kid, jwk) < 0) { warnx("account_keychange: asprintf failed"); payload = NULL; goto out; } jws = jws_encode(protected, payload, newkey); if (!jws) { warnx("account_keychange: jws_encode failed"); goto out; } if (g_loglevel > 2) warnx("account_keychange: url=%s payload=%s protected=%s jws=%s", url, payload, protected, jws); else if (g_loglevel > 1) warnx("account_keychange: url=%s payload=%s", url, payload); msg(1, "changing account key at %s", url); if (acme_post(a, url, jws) != 200) { warnx("failed to change account key at %s", url); acme_error(a); goto out; } else if (acme_error(a)) goto out; msg(1, "backing up %s as %s", keyfile, bakfile); if (link(keyfile, bakfile) < 0) warn("failed to link %s to %s", bakfile, keyfile); else { msg(1, "renaming %s to %s", newkeyfile, keyfile); if (rename(newkeyfile, keyfile) < 0) { warn("failed to rename %s to %s", newkeyfile, keyfile); unlink(bakfile); } else { msg(1, "account key changed"); success = true; } } if (!success) { warnx("WARNING: account key changed but %s NOT replaced by %s", keyfile, newkeyfile); goto out; } out: if (newkey) privkey_deinit(newkey); free(newkeyfile); free(keyfile); free(bakfile); free(protected); free(payload); free(jwk); free(jws); return success; } bool account_deactivate(acme_t *a) { msg(1, "deactivating account at %s", a->kid); if (acme_post(a, a->kid, "{\"status\": \"deactivated\"}") != 200) { warnx("failed to deactivate account at %s", a->kid); acme_error(a); return false; } else if (acme_error(a)) return false; msg(1, "account at %s deactivated", a->kid); return true; } bool authorize(acme_t *a) { bool success = false; char *thumbprint = NULL; json_value_t *auth = NULL; const json_value_t *auths = json_find(a->order, "authorizations"); if (!auths || auths->type != JSON_ARRAY) { warnx("failed to parse authorizations URL"); goto out; } thumbprint = jws_thumbprint(a->key); if (!thumbprint) goto out; for (size_t i=0; iv.array.size; i++) { if (auths->v.array.values[i].type != JSON_STRING) { warnx("failed to parse authorizations URL"); goto out; } msg(1, "retrieving authorization at %s", auths->v.array.values[i].v.value); if (acme_post(a, auths->v.array.values[i].v.value, "") != 200) { warnx("failed to retrieve auth %s", auths->v.array.values[i].v.value); acme_error(a); goto out; } const char *status = json_find_string(a->json, "status"); if (status && strcmp(status, "valid") == 0) continue; if (!status || strcmp(status, "pending") != 0) { warnx("unexpected auth status (%s) at %s", status ? status : "unknown", auths->v.array.values[i].v.value); acme_error(a); goto out; } const json_value_t *ident = json_find(a->json, "identifier"); const char *ident_type = json_find_string(ident, "type"); if (!ident_type || (strcmp(ident_type, "dns") != 0 && strcmp(ident_type, "ip") != 0)) { warnx("no valid identifier in auth %s", auths->v.array.values[i].v.value); goto out; } const char *ident_value = json_find_string(ident, "value"); if (!ident_value || strlen(ident_value) <= 0) { warnx("no valid identifier in auth %s", auths->v.array.values[i].v.value); goto out; } const json_value_t *chlgs = json_find(a->json, "challenges"); if (!chlgs || chlgs->type != JSON_ARRAY) { warnx("no challenges in auth %s", auths->v.array.values[i].v.value); goto out; } json_free(auth); auth = a->json; a->json = NULL; bool chlg_done = false; for (size_t j=0; jv.array.size && !chlg_done; j++) { const char *status = json_find_string( chlgs->v.array.values+j, "status"); if (status && (strcmp(status, "pending") == 0 || strcmp(status, "processing") == 0)) { const char *url = json_find_string( chlgs->v.array.values+j, "url"); const char *type = json_find_string( chlgs->v.array.values+j, "type"); const char *token = json_find_string( chlgs->v.array.values+j, "token"); char *key_auth = NULL; if (!type || !url || !token) { warnx("failed to parse challenge"); goto out; } for (const char *t = token; *t; t++) if (!isalnum(*t) && *t != '-' && *t != '_') { warnx("failed to validate token"); goto out; } if (strcmp(type, "dns-01") == 0 || strcmp(type, "tls-alpn-01") == 0) key_auth = sha2_base64url(256, "%s.%s", token, thumbprint); else if (asprintf(&key_auth, "%s.%s", token, thumbprint) < 0) key_auth = NULL; if (!key_auth) { warnx("failed to generate authorization key"); goto out; } if (a->hook && strlen(a->hook) > 0) { msg(2, "type=%s", type); msg(2, "ident=%s", ident_value); msg(2, "token=%s", token); msg(2, "key_auth=%s", key_auth); msg(1, "running %s %s %s %s %s %s", a->hook, "begin", type, ident_value, token, key_auth); int r = hook_run(a->hook, "begin", type, ident_value, token, key_auth); msg(2, "hook returned %d", r); if (r < 0) { free(key_auth); goto out; } else if (r > 0) { msg(1, "challenge %s declined", type); free(key_auth); continue; } } else { char c = 0; msg(0, "challenge=%s ident=%s token=%s key_auth=%s", type, ident_value, token, key_auth); msg(0, "type 'y' followed by a newline to accept challenge" ", anything else to skip"); if (scanf(" %c", &c) != 1 || tolower(c) != 'y') { free(key_auth); continue; } } msg(1, "starting challenge at %s", url); if (acme_post(a, url, "{}") != 200) { warnx("failed to start challenge at %s", url); acme_error(a); } else for (unsigned u = 5; !chlg_done; u *= 2) { msg(1, "polling challenge status at %s", url); if (acme_post(a, url, "") != 200) { warnx("failed to poll challenge status at %s", url); acme_error(a); break; } const char *status = json_find_string(a->json, "status"); if (status && strcmp(status, "valid") == 0) chlg_done = true; else if (!status || (strcmp(status, "processing") != 0 && strcmp(status, "pending") != 0)) { warnx("challenge %s failed with status %s", url, status ? status : "unknown"); acme_error(a); break; } else if (u < 5*512) { msg(u > 40 ? 1 : 2, "%s, waiting %u seconds", status, u); sleep(u); } else { warnx("timeout while polling challenge status at %s, " "giving up", url); break; } } if (a->hook && strlen(a->hook) > 0) { const char *method = chlg_done ? "done" : "failed"; msg(1, "running %s %s %s %s %s %s", a->hook, method, type, ident_value, token, key_auth); hook_run(a->hook, method, type, ident_value, token, key_auth); } free(key_auth); if (!chlg_done) goto out; } } if (!chlg_done) { warnx("no challenge completed"); goto out; } } success = true; out: json_free(auth); free(thumbprint); return success; } bool cert_issue(acme_t *a, char * const *names, const char *csr) { bool success = false; char *orderurl = NULL; char *certfile = NULL; char *bakfile = NULL; char *tmpfile = NULL; char *cert = NULL; time_t t = time(NULL); int fd = -1; char *ids = identifiers(names); if (!ids) { warnx("failed to process alternate names"); goto out; } const char *url = json_find_string(a->dir, "newOrder"); if (!url) { warnx("failed to find newOrder URL in directory"); goto out; } msg(1, "creating new order at %s", url); if (acme_post(a, url, ids) != 201) { warnx("failed to create new order at %s", url); acme_error(a); goto out; } const char *status = json_find_string(a->json, "status"); if (!status || (strcmp(status, "pending") && strcmp(status, "ready"))) { warnx("invalid order status (%s)", status ? status : "unknown"); acme_error(a); goto out; } orderurl = find_header(a->headers, "Location"); if (!orderurl) { warnx("order location not found"); goto out; } msg(1, "order location: %s", orderurl); a->order = a->json; a->json = NULL; if (strcmp(status, "ready") != 0) { if (!authorize(a)) { warnx("failed to authorize order at %s", orderurl); goto out; } for (unsigned u = 5; true; u *= 2) { msg(1, "polling order status at %s", orderurl); if (acme_post(a, orderurl, "") != 200) { warnx("failed to poll order status at %s", orderurl); acme_error(a); goto out; } status = json_find_string(a->json, "status"); if (status && strcmp(status, "ready") == 0) { json_free(a->order); a->order = a->json; a->json = NULL; break; } else if (!status || strcmp(status, "pending") != 0) { warnx("unexpected order status (%s) at %s", status ? status : "unknown", orderurl); acme_error(a); goto out; } else if (u < 5*512) { msg(u > 40 ? 1 : 2, "waiting %u seconds", u); sleep(u); } else { warnx("timeout while polling order status at %s, giving up", orderurl); break; } } } const char *finalize = json_find_string(a->order, "finalize"); if (!finalize) { warnx("failed to find finalize URL"); goto out; } msg(1, "finalizing order at %s", finalize); if (acme_post(a, finalize, "{\"csr\": \"%s\"}", csr) != 200) { warnx("failed to finalize order at %s", finalize); acme_error(a); goto out; } else if (acme_error(a)) goto out; for (unsigned u = 5; true; u *= 2) { msg(1, "polling order status at %s", orderurl); if (acme_post(a, orderurl, "") != 200) { warnx("failed to poll order status at %s", orderurl); acme_error(a); goto out; } status = json_find_string(a->json, "status"); if (status && strcmp(status, "valid") == 0) { json_free(a->order); a->order = a->json; a->json = NULL; break; } else if (!status || strcmp(status, "processing") != 0) { warnx("unexpected order status (%s) at %s", status ? status : "unknown", orderurl); acme_error(a); goto out; } else if (u < 5*512) { msg(u > 40 ? 1 : 2, "waiting %u seconds", u); sleep(u); } else { warnx("timeout while polling order status at %s, giving up", orderurl); break; } } const char *certurl = json_find_string(a->order, "certificate"); if (!certurl) { warnx("failed to parse certificate url"); goto out; } msg(1, "retrieving certificate at %s", certurl); if (acme_post(a, certurl, "") != 200) { warnx("failed to retrieve certificate at %s", certurl); acme_error(a); goto out; } else if (acme_error(a)) { goto out; } cert = a->body; a->body = NULL; if (a->alt_n) { const char *regex = "^Link:[ \t]*<(.*)>[ \t]*.*;[ \t]*" "rel[ \t]*=[ \t]*\"?alternate(\"|[ \t]*;).*\r\n"; regex_t reg; if (regcomp(®, regex, REG_EXTENDED | REG_ICASE | REG_NEWLINE)) { warnx("cert_issue: regcomp failed"); goto out; } else { size_t i; regmatch_t m[2]; char *alt_cert = NULL; char *h = NULL; char *headers = strdup(a->headers); if (!headers) { warn("cert_issue: strdup failed"); goto out; } a->headers = NULL; h = headers; for (i = 0; i < a->alt_n && regexec(®, h, 2, m, 0) == 0; i++) { if (a->alt_fp_len > 0 || i == a->alt_n - 1) { char *alturl = strndup(h + m[1].rm_so, m[1].rm_eo - m[1].rm_so); if (!alturl) { warn("cert_issue: strndup failed"); break; } msg(1, "retrieving alternate certificate at %s", alturl); if (acme_post(a, alturl, "") != 200) { warnx("failed to retrieve alternate certificate at %s", alturl); acme_error(a); free(alturl); break; } free(alturl); if (cert_match(a->body, a->alt_fp, a->alt_fp_len)) { alt_cert = a->body; a->body = NULL; break; } } h += m[1].rm_eo; } free(headers); regfree(®); if (alt_cert) { free(cert); cert = alt_cert; } else warnx("no matching alternate certificate found, " "falling back to default"); } } if (asprintf(&certfile, "%scert.pem", a->certprefix) < 0) { certfile = NULL; warnx("cert_issue: asprintf failed"); goto out; } if (asprintf(&tmpfile, "%scert.pem.tmp", a->certprefix) < 0) { tmpfile = NULL; warnx("cert_issue: asprintf failed"); goto out; } if (asprintf(&bakfile, "%scert-%llu.pem", a->certprefix, (unsigned long long)t) < 0) { bakfile = NULL; warnx("cert_issue: asprintf failed"); goto out; } msg(1, "saving certificate to %s", tmpfile); fd = open(tmpfile, O_WRONLY|O_CREAT|O_TRUNC, S_IRUSR|S_IRGRP|S_IROTH); if (fd < 0) { warn("failed to create %s", tmpfile); goto out; } if (write(fd, cert, strlen(cert)) != (ssize_t)strlen(cert)) { warn("failed to write to %s", tmpfile); goto out; } if (close(fd) < 0) { warn("failed to close %s", tmpfile); goto out; } else fd = -1; if (link(certfile, bakfile) < 0) { if (errno != ENOENT) { warn("failed to link %s to %s", bakfile, certfile); goto out; } } else msg(1, "backed up %s as %s", certfile, bakfile); msg(1, "renaming %s to %s", tmpfile, certfile); if (rename(tmpfile, certfile) < 0) { warn("failed to rename %s to %s", tmpfile, certfile); unlink(bakfile); goto out; } success = true; out: if (fd >= 0) close(fd); free(bakfile); free(tmpfile); free(certfile); free(ids); free(orderurl); free(cert); return success; } bool cert_revoke(acme_t *a, const char *certfile, int reason_code) { bool success = false; char *certfiledup = NULL; char *revokedfile = NULL; const char *url = NULL; char *crt = cert_der_base64url(certfile); if (!crt) { warnx("failed to load %s", certfile); goto out; } url = json_find_string(a->dir, "revokeCert"); if (!url) { warnx("failed to find revokeCert URL in directory"); goto out; } msg(1, "revoking %s at %s", certfile, url); if (acme_post(a, url, "{\"certificate\":\"%s\",\"reason\":%d}", crt, reason_code) != 200) { warnx("failed to revoke %s at %s", certfile, url); acme_error(a); goto out; } else if (acme_error(a)) goto out; msg(1, "revoked %s", certfile); certfiledup = strdup(certfile); if (!certfiledup) { warnx("cert_revoke: strdup failed"); certfiledup = NULL; goto out; } if (asprintf(&revokedfile, "%s/revoked-%llu.pem", dirname(certfiledup), (unsigned long long)time(NULL)) < 0) { warnx("cert_revoke: asprintf failed"); revokedfile = NULL; goto out; } msg(1, "renaming %s to %s", certfile, revokedfile); if (rename(certfile, revokedfile) < 0) warn("failed to rename %s to %s", certfile, revokedfile); success = true; out: free(crt); free(revokedfile); free(certfiledup); return success; } bool validate_identifier_str(const char *s) { int dots = 0; size_t len = 0; if (is_ip(s, 0, 0)) return true; for (size_t j = 0; j < strlen(s); j++) { switch (s[j]) { case '.': if (j == 0) { warnx("'.' not allowed at beginning in %s", s); return false; } dots++; // intentional fallthrough case '_': case '-': len++; continue; case '*': if (j != 0 || s[1] != '.') { warnx("'*.' only allowed at beginning in %s", s); return false; } break; default: if (!isupper(s[j]) && !islower(s[j]) && !isdigit(s[j])) { warnx("invalid character '%c' in %s", s[j], s); return false; } len++; } } if (len == 0) { warnx("empty identifier is not allowed"); return false; } if (dots == 0) { warnx("identifier '%s' has no dots", s); return false; } return true; } bool eab_parse(acme_t *a, char *eab) { regmatch_t m[3]; regex_t reg; if (regcomp(®, "^([^:]+):([-_A-Za-z0-9]+)$", REG_EXTENDED | REG_NEWLINE)) { warnx("eab_parse: regcomp failed"); return false; } int r = regexec(®, eab, sizeof(m)/sizeof(m[0]), m, 0); regfree(®); if (r) { warnx("-e credentials must be specified as 'KEYID:KEY', " "with KEY base64url encoded"); return false; } eab[m[1].rm_eo] = 0; a->eab_keyid = eab + m[1].rm_so; eab[m[2].rm_eo] = 0; a->eab_key = eab + m[2].rm_so; return true; } bool alt_parse(acme_t *a, char *alt) { char *endptr; long l = strtol(alt, &endptr, 0); if (*endptr == 0 && l > 0 && (unsigned long)l < SIZE_MAX) { a->alt_n = l; return true; } size_t len = 0; char *tok = strtok(alt, ":"); while (tok && len < sizeof(a->alt_fp)) { if (strlen(tok) != 2 || !isxdigit(tok[0]) || !isxdigit(tok[1])) break; a->alt_fp[len++] = strtol(tok, NULL, 16); tok = strtok(NULL, ":"); } if (!tok && len > 1) { a->alt_fp_len = len; a->alt_n = UINT_MAX; return true; } warnx("-l requires a positive argument or a SHA256 fingerprint"); return false; } void usage(const char *progname) { fprintf(stderr, "usage: %s [-a|--acme-url URL] [-b|--bits BITS] [-c|--confdir DIR]\n" "\t[-d|--days DAYS] [-e|--eab KEYID:KEY] [-f|--force] [-h|--hook PROG]\n" "\t[-i|--no-ari] [-l|--alternate [N | SHA256]] [-m|--must-staple]\n" "\t[-n|--never-create] [-o|--no-ocsp] [-r|--reason CODE] [-s|--staging]\n" "\t[-t|--type RSA | EC] [-v|--verbose ...] [-V|--version] [-y|--yes]\n" "\t[-?|--help] new [EMAIL] | update [EMAIL] | deactivate | newkey |\n" "\tissue IDENTIFIER [ALTNAME ...]] | issue CSRFILE |\n" "\trevoke CERTFILE [CERTKEYFILE]\n", progname); } void version(const char *progname) { fprintf(stderr, "%s: version " PACKAGE_VERSION "\n" "Copyright (C) 2019-2024 Nicola Di Lieto\n\n" "%s is free software: you can redistribute and/or modify\n" "it under the terms of the GNU General Public License as\n" "published by the Free Software Foundation, either version 3\n" "of the License, or (at your option) any later version.\n\n" "%s is distributed in the hope that it will be useful, but\n" "WITHOUT ANY WARRANTY; without even the implied warranty of\n" "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n\n" "See https://www.gnu.org/licenses/gpl.html for more details.\n", progname, progname, progname); } int main(int argc, char **argv) { static struct option options[] = { {"acme-url", required_argument, NULL, 'a'}, {"bits", required_argument, NULL, 'b'}, {"confdir", required_argument, NULL, 'c'}, {"days", required_argument, NULL, 'd'}, {"eab", required_argument, NULL, 'e'}, {"force", no_argument, NULL, 'f'}, {"help", no_argument, NULL, '?'}, {"hook", required_argument, NULL, 'h'}, {"no-ari", no_argument, NULL, 'i'}, {"alternate", required_argument, NULL, 'l'}, {"must-staple", no_argument, NULL, 'm'}, {"never-create", no_argument, NULL, 'n'}, {"no-ocsp", no_argument, NULL, 'o'}, {"reason", required_argument, NULL, 'r'}, {"staging", no_argument, NULL, 's'}, {"type", required_argument, NULL, 't'}, {"verbose", no_argument, NULL, 'v'}, {"version", no_argument, NULL, 'V'}, {"yes", no_argument, NULL, 'y'}, {NULL, 0, NULL, 0} }; int ret = 2; bool never = false; bool force = false; bool yes = false; bool staging = false; bool custom_directory = false; bool status_req = false; bool status_check = true; bool ari_check = true; int days = 30; int bits = 0; int reason = 0; keytype_t type = PK_RSA; const char *ident = NULL; char *filename = NULL; char *csr = NULL; char **names = NULL; const char *confdir = DEFAULT_CONFDIR; char *keyprefix = NULL; privkey_t key = NULL; acme_t a; memset(&a, 0, sizeof(a)); a.directory = PRODUCTION_URL; if (argc < 2) { usage(basename(argv[0])); return ret; } srand(getpid() ^ time(NULL)); #if LIBCURL_VERSION_NUM < 0x072600 #error libcurl version 7.38.0 or later is required #endif const curl_version_info_data *cvid = curl_version_info(CURLVERSION_NOW); if (!cvid || cvid->version_num < 0x072600) { warnx("libcurl version 7.38.0 or later is required"); return ret; } if (curl_global_init(CURL_GLOBAL_DEFAULT) != CURLE_OK) { warnx("failed to initialize libcurl"); return ret; } if (!crypto_init()) { warnx("failed to initialize crypto library"); curl_global_cleanup(); return ret; } while (1) { char *endptr; int option_index; int c = getopt_long(argc, argv, "a:b:c:d:e:f?h:il:mnor:st:vVy", options, &option_index); if (c == -1) break; switch (c) { case 'a': if (staging) { warnx("-a,--acme-url is incompatible with -s,--staging"); goto out; } custom_directory = true; a.directory = optarg; break; case 'b': bits = strtol(optarg, &endptr, 10); if (*endptr != 0 || bits <= 0) { warnx("BITS must be a positive integer"); goto out; } break; case 'c': confdir = optarg; break; case 'd': days = strtol(optarg, &endptr, 10); if (*endptr != 0 || days <= 0) { warnx("DAYS must be a positive integer"); goto out; } break; case 'e': if (!eab_parse(&a, optarg)) goto out; break; case 'f': force = true; break; case 'h': a.hook = optarg; break; case 'i': ari_check = false; break; case 'l': if (!alt_parse(&a, optarg)) goto out; break; case 'm': status_req = true; break; case 'n': never = true; break; case 'o': status_check = false; break; case 'v': g_loglevel++; break; case 'r': reason = strtol(optarg, &endptr, 0); if (*endptr != 0 || reason < 0) { warnx("CODE must be a non-negative integer"); goto out; } break; case 's': if (custom_directory) { warnx("-s,--staging is incompatible with -a,--acme-url"); goto out; } staging = true; a.directory = STAGING_URL; break; case 't': if (strcasecmp(optarg, "RSA") == 0) type = PK_RSA; else if (strcasecmp(optarg, "EC") == 0) type = PK_EC; else { warnx("type must be either RSA or EC"); goto out; } break; case 'V': version(basename(argv[0])); goto out; break; case 'y': yes = true; break; default: usage(basename(argv[0])); goto out; } } switch (type) { case PK_RSA: if (bits == 0) bits = 2048; else if (bits < 2048 || bits > 8192) { warnx("BITS must be between 2048 and 8192 for RSA keys"); goto out; } else if (bits & 7) { warnx("BITS must be a multiple of 8 for RSA keys"); goto out; } break; case PK_EC: switch (bits) { case 0: bits = 256; break; case 256: case 384: break; default: warnx("BITS must be either 256 or 384 for EC keys"); goto out; } break; default: warnx("key type must be either RSA or EC"); goto out; } if (optind == argc) { usage(basename(argv[0])); goto out; } const char *action = argv[optind++]; if (strcmp(action, "new") == 0 || strcmp(action, "update") == 0) { if (optind < argc) a.email = argv[optind++]; if (optind < argc) { usage(basename(argv[0])); goto out; } } else if (strcmp(action, "newkey") == 0 || strcmp(action, "deactivate") == 0) { if (optind < argc) { usage(basename(argv[0])); goto out; } } else if (strcmp(action, "issue") == 0) { if (optind == argc) { usage(basename(argv[0])); goto out; } struct stat st; if (stat(argv[optind], &st)) { if (errno != ENOENT && errno != EACCES) { warn("failed to stat %s", argv[optind]); goto out; } } else if (S_ISREG(st.st_mode)) { filename = strdup(argv[optind++]); if (!filename) { warn("strdup failed"); goto out; } if (optind < argc) { usage(basename(argv[0])); goto out; } } if (!filename) { int i = 0; for (i = 0; argv[optind + i]; i++) if (!validate_identifier_str(argv[optind + i])) goto out; if (i == 0) { usage(basename(argv[0])); goto out; } names = calloc(i + 1, sizeof(*names)); if (!names) { warn("calloc failed"); goto out; } while (i--) { names[i] = strdup(argv[optind + i]); if (!names[i]) { warn("strdup failed"); goto out; } } ident = names[0]; if (ident[0] == '*' && ident[1] == '.') ident += 2; } } else if (strcmp(action, "revoke") == 0) { if (optind == argc) { usage(basename(argv[0])); goto out; } filename = strdup(argv[optind++]); if (!filename) { warn("strdup failed"); goto out; } if (access(filename, R_OK)) { warn("failed to read %s", filename); goto out; } if (optind < argc) { const char *keyfile = argv[optind++]; a.key = key_load(PK_NONE, bits, keyfile); if (!a.key) goto out; } if (optind < argc) { usage(basename(argv[0])); goto out; } } else { usage(basename(argv[0])); goto out; } time_t now = time(NULL); char buf[0x100]; setlocale(LC_TIME, "C"); strftime(buf, sizeof(buf), "%a, %d %b %Y %H:%M:%S %z", localtime(&now)); if (strstr(PACKAGE_VERSION, "-dev-")) { warnx("development version " PACKAGE_VERSION " starting on %s", buf); warnx("please use for testing only; releases are available at " "https://github.com/ndilieto/uacme/tree/upstream/latest"); } else msg(1, "version " PACKAGE_VERSION " starting on %s", buf); snprintf(buf, sizeof(buf), "%d", g_loglevel); setenv("UACME_VERBOSE", buf, 1); setenv("UACME_CONFDIR", confdir, 1); if (a.hook && access(a.hook, R_OK | X_OK) < 0) { warn("%s", a.hook); goto out; } if (!a.key) { if (asprintf(&a.keyprefix, "%s/private", confdir) < 0) { a.keyprefix = NULL; warnx("asprintf failed"); goto out; } if (ident) { if (asprintf(&keyprefix, "%s/private/%s", confdir, ident) < 0) { keyprefix = NULL; warnx("asprintf failed"); goto out; } if (asprintf(&a.certprefix, "%s/%s/", confdir, ident) < 0) { a.certprefix = NULL; warnx("asprintf failed"); goto out; } } bool is_new = strcmp(action, "new") == 0; if (!check_or_mkdir(is_new && !never, confdir, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH)) goto out; if (!check_or_mkdir(is_new && !never, a.keyprefix, S_IRWXU)) goto out; a.key = key_load((!is_new || never) ? PK_NONE : type, bits, "%s/key.pem", a.keyprefix); if (!a.key) goto out; } if (strcmp(action, "new") == 0) { if (acme_bootstrap(&a) && account_new(&a, yes)) ret = 0; } else if (strcmp(action, "update") == 0) { if (acme_bootstrap(&a) && account_retrieve(&a) && account_update(&a)) ret = 0; } else if (strcmp(action, "newkey") == 0) { if (acme_bootstrap(&a) && account_retrieve(&a) && account_keychange(&a, never, type, bits)) ret = 0; } else if (strcmp(action, "deactivate") == 0) { if (acme_bootstrap(&a) && account_retrieve(&a) && account_deactivate(&a)) ret = 0; } else if (strcmp(action, "issue") == 0) { if (filename) { int len = strlen(filename); char *dot = strrchr(filename, '.'); if (dot) len = dot - filename; if (asprintf(&a.certprefix, "%.*s-", len, filename) < 0) { a.certprefix = NULL; warnx("asprintf failed"); goto out; } csr = csr_load(filename, &names); if (!csr) goto out; if (status_req) warnx("-m, --must-staple is ignored when issuing with a CSR"); } else { if (!check_or_mkdir(!never, keyprefix, S_IRWXU)) goto out; if (!check_or_mkdir(!never, a.certprefix, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH)) goto out; key = key_load(never ? PK_NONE : type, bits, "%s/key.pem", keyprefix); if (!key) goto out; } free(filename); if (asprintf(&filename, "%scert.pem", a.certprefix) < 0) { filename = NULL; warnx("asprintf failed"); goto out; } if (!acme_bootstrap(&a)) goto out; const char *ari_url = ari_check ? json_find_string(a.dir, "renewalInfo") : NULL; msg(1, "checking existence and expiration of %s", filename); if (cert_valid(filename, names, ari_url, days, status_check)) { if (force) msg(1, "forcing reissue of %s", filename); else { msg(1, "skipping %s", filename); ret = 1; goto out; } } if (!csr) { msg(1, "generating certificate request"); csr = csr_gen(names, status_req, key); if (!csr) { warnx("failed to generate certificate request"); goto out; } } if (account_retrieve(&a) && cert_issue(&a, names, csr)) ret = 0; } else if (strcmp(action, "revoke") == 0) { if (acme_bootstrap(&a) && (!a.keyprefix || account_retrieve(&a)) && cert_revoke(&a, filename, reason)) ret = 0; } out: json_free(a.json); json_free(a.account); json_free(a.dir); json_free(a.order); free(a.nonce); free(a.kid); free(a.headers); free(a.body); free(a.type); free(a.keyprefix); free(a.certprefix); if (a.key) privkey_deinit(a.key); if (key) privkey_deinit(key); free(keyprefix); free(csr); free(filename); for (int i = 0; names && names[i]; i++) free(names[i]); free(names); crypto_deinit(); curl_global_cleanup(); exit(ret); } uacme-1.7.6/README.md0000644000000000000000000003031514731120364010770 00000000000000[![uacme manual][coyote]][uacme] # uacme lightweight client for the [RFC8555][RFC8555] ACMEv2 protocol, written in plain C with minimal dependencies ([libcurl][libcurl] and one of [GnuTLS][GnuTLS], [OpenSSL][OpenSSL] or [mbedTLS][mbedTLS]). The ACMEv2 protocol allows a Certificate Authority ([Let's Encrypt][le] is a popular one) and an applicant to automate the process of verification and certificate issuance. The protocol also provides facilities for other certificate management functions, such as certificate revocation. ## Features * **Lightweight** - Unlike most other ACME clients [uacme][uacme] does one thing only and tries to do it well, according to the [Unix philosophy][uph]. For example don't expect it to automatically set up your webserver to use the certificates it obtains. * **Written in C** - It runs on any unix machine, including Linux, BSD, ... * **Minimal dependencies** - Other than the standard C library, [uacme][uacme] depends only on [libcurl][libcurl] and one of [GnuTLS][GnuTLS], [OpenSSL][OpenSSL] or [mbedTLS][mbedTLS]. It does all the cryptography and network communications without spawning external processes. Particularly when using mbedTLS, it is small enough to run on embedded systems with severe RAM and program memory restrictions (such as OpenWRT routers, for example). This is in contrast to solutions based on python or shell scripts, which may well be a few hundred lines but require many other large applications such as python or openssl to work. * **Native ECC support** - Elliptic Curve keys and certificates can be generated with a commmand line option (-t EC) * **Easily extensible** - It optionally calls an external hook program with the tokens required for domain authorization by the server. The hook program can be an executable, shell script, perl script, python script, or any file that the operating system can execute. * **ACME challenge agnostic** - It provides the user or hook program with all tokens and information required to complete any challenge type but leaves the task of setting up and cleaning up the challenge environment to the user or hook. Example shell scripts to handle [http-01][uacme.sh], [dns-01][nsupdate.sh] and [tls-alpn-01][ualpn.sh] challenges are provided. * **Zero downtime [tls-alpn-01 support][tls-alpn-01]** - The distribution also includes [ualpn][ualpn], a lightweight proxying tls-alpn-01 challenge responder compliant with [RFC8737][RFC8737] and [RFC8738][RFC8738]. * **Can run as a cron job** - to renew certificates automatically when needed, even for remote machines * **Robust** - It checks every operation, retrying or failing gracefully as appropriate * **Detailed error reporting** - By default totally quiet when everything works ok, it reports precise and detailed error information on stderr when something goes wrong. Optionally it can also print debug information by specifying the **--verbose** flag once or more. ## Installation **Note: pristine releases are in the upstream/latest branch, tagged as upstream/x.x.x** ``` mkdir uacme wget -O - https://github.com/ndilieto/uacme/archive/upstream/latest.tar.gz | tar zx -C uacme --strip-components=1 cd uacme ./configure --disable-maintainer-mode make install ``` If you just want to check out the latest pristine release from github: ``` git clone -b upstream/latest https://github.com/ndilieto/uacme ``` [uacme][uacme] is included in several distributions: * https://packages.debian.org/uacme * https://packages.ubuntu.com/uacme * https://packages.fedoraproject.org/pkgs/uacme/uacme * https://software.opensuse.org/package/uacme * https://pkgs.alpinelinux.org/packages?name=uacme * https://aur.archlinux.org/packages/uacme * https://voidlinux.org/packages/?q=uacme * https://cvsweb.openbsd.org/ports/security/uacme * https://www.freshports.org/security/uacme * https://github.com/openwrt/packages/tree/master/net/uacme * https://github.com/buildroot/buildroot/tree/master/package/uacme ## Getting started Once you have obtained [uacme][uacme] (see Installation above) the next step is creating an ACME account: ``` uacme -v -c /path/to/uacme.d new ``` The configuration directory and account private key should have been created: ``` /path/to/uacme.d/private/key.pem ``` You can then issue a certificate for your domain by doing ``` uacme -v -c /path/to/uacme.d issue www.your.domain.com ``` If everything goes well [uacme][uacme] asks you to set up a challenge, for example ``` uacme: challenge=http-01 ident=www.your.domain.com token=kZjqYgAss_sl4XXDfFq-jeQV1_lqsE76v2BoCGegFk4 key_auth=kZjqYgAss_sl4XXDfFq-jeQV1_lqsE76v2BoCGegFk4.2evcXalKLhAybRuxxE-HkSUihdzQ7ZDAKA9EZYrTXwU ``` Note the challenge type in the example is http-01 which means you should set up your web server to serve a URL based on the token: ``` http://www.your.domain.com/.well-known/acme-challenge/kZjqYgAss_sl4XXDfFq-jeQV1_lqsE76v2BoCGegFk4 ``` The URL must return a text file containing a single line with the key authorization: ``` kZjqYgAss_sl4XXDfFq-jeQV1_lqsE76v2BoCGegFk4.2evcXalKLhAybRuxxE-HkSUihdzQ7ZDAKA9EZYrTXwU ``` After setting up the web server you can then type 'y' followed by a newline. This notifies the ACME server that it can proceed with the challenge verification. If the procedure is successful [uacme][uacme] saves the certificate and the key at: ``` /path/to/uacme.d/www.your.domain.com/cert.pem /path/to/uacme.d/private/www.your.domain.com/key.pem ``` Note several challenge types are possible. If you type anything other than 'y', [uacme][uacme] skips the challenge and proposes a different one. The easiest is http-01 but any other type can be dealt with. Keep in mind that challenge types may be served in random order by the server. Do not make any assumptions and read what [uacme][uacme] outputs carefully. ## Automating updates Use the -h flag to manage the challenge with a hook script: ``` uacme -v -c /path/to/uacme.d -h /usr/share/uacme/uacme.sh issue www.your.domain.com ``` or (depending on your installation) ``` uacme -v -c /path/to/uacme.d -h /usr/local/share/uacme/uacme.sh issue www.your.domain.com ``` This will use the example [uacme.sh][uacme.sh] hook script included in the distribution to manage http-01 challenges. You might need to edit the script to match your webserver's environment. Once everything works correctly you can also set up cron, for example ``` 6 15 * * * /usr/bin/uacme -c /path/to/uacme.d -h /usr/share/uacme/uacme.sh issue www.your.domain.com ``` The cron job will automatically update the certificate when needed. Note the absence of -v flag, this makes [uacme][uacme] only produce output upon errors. Note also that you will need to restart or reload any service that uses the certificate, to make sure it uses the renewed one. This is system and installation dependent. I normally put the necessary instructions in another script (for example /usr/share/uacme/reload.sh) that is executed by cron when [uacme][uacme] returns 0 (indicating the certificate has been reissued). ``` 6 15 * * * /usr/bin/uacme -c /path/to/uacme.d -h /usr/share/uacme/uacme.sh issue www.your.domain.com && /usr/share/uacme/reload.sh ``` Check https://github.com/jirutka/muacme for a complete, ready-to-go solution. ## dns-01 challenge support The [nsupdate.sh][nsupdate.sh] hook script included in the distribution allows managing dns-01 challenges with [nsupdate][nsupdate]. This only works if your name server supports [RFC2136][RFC2136] ([bind][bind] does, [nsd][nsd] doesn't). https://gitlab.alpinelinux.org/alpine/infra/docker/uacme-nsd-wildcard is another example that works with [nsd][nsd]. https://gist.github.com/Gowee/e756f925cfcbd5ab32d564ee3c795786 shows how to integrate with [Cloudflare API][Cloudflare]. https://github.com/tdy91/uacme-gandi-hook works with [gandi.net][gandi]. https://sr.ht/~jacksonchen666/uacme-desec-hook/ works with [deSEC.io][desec]. https://gist.github.com/acamari/93db6e6d26c3d6f223840283f195d8be shows how to integrate with [Linode API][Linode] ## tls-alpn-01 challenge support [ualpn][ualpn] is a lightweight proxying [tls-alpn-01][RFC8737] challenge responder, designed to handle incoming HTTPS connections on port 443. Most of the time it just transparently proxies connections to the real web server (which can be on either another machine, or a different TCP port on the same machine). When a tls-alpn-01 challenge handshake comes in [ualpn][ualpn] handles it on the fly instead of proxying it to the webserver. This means that unlike other available tls-alpn-01 responders, [ualpn][ualpn] does not require your webserver to stop during the challenge (zero downtime). The high performance event-driven implementation is based on [libev][libev] which considerably reduces the cost of context switches and memory usage. In addition on systems such as Linux supporting the [splice()][splice] system call, [ualpn][ualpn] is able to move network data entirely in kernel memory without a round trip to user space, which further enhances performance. [ualpn][ualpn] also listens to a UNIX domain socket so that it can be fed the necessary tls-alpn-01 key authorizations for the domains being validated by the ACME server. [ualpn][ualpn] was designed to be easy to integrate with not only [uacme][uacme] (check the example [ualpn.sh][ualpn.sh] hook script) but also other ACME clients. A [certbot plugin][plugin] is also available. To get started with [ualpn][ualpn]: * move your real HTTPS server to port 4443 which doesn't need to be open to the outside (only ualpn will connect to it) and set it up to accept the [PROXY protocol][proxy]: * for nginx: https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol ``` server { listen 127.0.0.1:4443 ssl proxy_protocol; set_real_ip_from 127.0.0.0/24; real_ip_header proxy_protocol; proxy_set_header X-Real-IP $proxy_protocol_addr; proxy_set_header X-Forwarded-For $proxy_protocol_addr; ... ``` * for apache: https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html#remoteipproxyprotocol ``` Listen 4443 RemoteIPProxyProtocol On ... ``` * launch [ualpn][ualpn] as a daemon and check the logs (by default in syslog) ``` sudo ualpn -v -d -u nobody:nogroup -c 127.0.0.1@4443 -S 666 ``` * create an ACME account ``` uacme -v -s -c /path/to/uacme.d -y new ``` * try obtaining a certificate with tls-alpn-01 challenge ``` uacme -v -s -c /path/to/uacme.d -h /usr/share/uacme/ualpn.sh issue www.your.domain.com ``` or, depending on your installation ``` uacme -v -s -c /path/to/uacme.d -h /usr/local/share/uacme/ualpn.sh issue www.your.domain.com ``` ## Documentation There are regular unix man pages in the distribution, also available in HTML: [uacme][uacme] [ualpn][ualpn] ## Bugs and suggestions If you believe you have found a bug, please log it at https://github.com/ndilieto/uacme/issues If you have any suggestions for improvements, pull requests are welcome. [coyote]: https://repository-images.githubusercontent.com/182530051/6d85b680-8e9d-11e9-91b9-0bc9eefac05e [uacme]: https://ndilieto.github.io/uacme/uacme.html [ualpn]: https://ndilieto.github.io/uacme/ualpn.html [RFC8555]: https://tools.ietf.org/html/rfc8555 [RFC8737]: https://tools.ietf.org/html/rfc8737 [RFC8738]: https://tools.ietf.org/html/rfc8738 [RFC2136]: https://tools.ietf.org/html/rfc2136 [libcurl]: https://curl.haxx.se/libcurl [GnuTLS]: https://gnutls.org [OpenSSL]: https://www.openssl.org [mbedTLS]: https://tls.mbed.org [le]: https://letsencrypt.org [uph]: https://en.wikipedia.org/wiki/Unix_philosophy [uacme.sh]: https://github.com/ndilieto/uacme/blob/master/uacme.sh [ualpn.sh]: https://github.com/ndilieto/uacme/blob/master/ualpn.sh [tls-alpn-01]: #tls-alpn-01-challenge-support [plugin]: https://github.com/ndilieto/certbot-ualpn [nsupdate.sh]: https://github.com/ndilieto/uacme/blob/master/nsupdate.sh [nsupdate]: https://linux.die.net/man/1/nsupdate [bind]: https://www.isc.org/bind [nsd]: https://www.nlnetlabs.nl/projects/nsd [Cloudflare]: https://api.cloudflare.com/#dns-records-for-a-zone-create-dns-record [gandi]: https://api.gandi.net/docs/livedns [libev]: http://libev.schmorp.de [splice]: https://en.wikipedia.org/wiki/Splice_%28system_call%29 [proxy]: http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt [desec]: https://desec.readthedocs.io/en/latest/ [Linode]: https://techdocs.akamai.com/linode-api/reference/post-domain-record uacme-1.7.6/configure0000755000000000000000000101425014734274626011437 00000000000000#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for uacme 1.7.6. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # Use a proper internal environment variable to ensure we don't fall # into an infinite loop, continuously re-executing ourselves. if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then _as_can_reexec=no; export _as_can_reexec; # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 as_fn_exit 255 fi # We don't want this to propagate to other subprocesses. { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST else case \`(set -o) 2>/dev/null\` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi " as_required="as_fn_return () { (exit \$1); } as_fn_success () { as_fn_return 0; } as_fn_failure () { as_fn_return 1; } as_fn_ret_success () { return 0; } as_fn_ret_failure () { return 1; } exitcode=0 as_fn_success || { exitcode=1; echo as_fn_success failed.; } as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : else exitcode=1; echo positional parameters were not saved. fi test x\$exitcode = x0 || exit 1 test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 test \$(( 1 + 1 )) = 2 || exit 1" if (eval "$as_required") 2>/dev/null; then : as_have_required=yes else as_have_required=no fi if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. as_found=: case $as_dir in #( /*) for as_base in sh bash ksh sh5; do # Try only shells that exist, to save several forks. as_shell=$as_dir/$as_base if { test -f "$as_shell" || test -f "$as_shell.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : CONFIG_SHELL=$as_shell as_have_required=yes if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : break 2 fi fi done;; esac as_found=false done $as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : CONFIG_SHELL=$SHELL as_have_required=yes fi; } IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : export CONFIG_SHELL # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi if test x$as_have_required = xno; then : $as_echo "$0: This script requires a shell more modern than all" $as_echo "$0: the shells that I found on your system." if test x${ZSH_VERSION+set} = xset ; then $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" $as_echo "$0: be upgraded to zsh 4.3.4 or later." else $as_echo "$0: Please tell bug-autoconf@gnu.org about your system, $0: including any error possibly output before this $0: message. Then install a modern shell, or manually run $0: the script under such a shell if you do have one." fi exit 1 fi fi fi SHELL=${CONFIG_SHELL-/bin/sh} export SHELL # Unset more variables known to interfere with behavior of common tools. CLICOLOR_FORCE= GREP_OPTIONS= unset CLICOLOR_FORCE GREP_OPTIONS ## --------------------- ## ## M4sh Shell Functions. ## ## --------------------- ## # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits as_lineno_1=$LINENO as_lineno_1a=$LINENO as_lineno_2=$LINENO as_lineno_2a=$LINENO eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) sed -n ' p /[$]LINENO/= ' <$as_myself | sed ' s/[$]LINENO.*/&-/ t lineno b :lineno N :loop s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ t loop s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # If we had to re-execute with $CONFIG_SHELL, we're ensured to have # already done that, so ensure we don't try to do so again and fall # in an infinite loop. This has already happened in practice. _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). . "./$as_me.lineno" # Exit status is that of the last command. exit } ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. # hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` # # Initializations. # ac_default_prefix=/usr/local ac_clean_files= ac_config_libobj_dir=. LIBOBJS= cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='uacme' PACKAGE_TARNAME='uacme' PACKAGE_VERSION='1.7.6' PACKAGE_STRING='uacme 1.7.6' PACKAGE_BUGREPORT='' PACKAGE_URL='' ac_unique_file="uacme.c" # Factoring default headers for most tests. ac_includes_default="\ #include #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_SYS_STAT_H # include #endif #ifdef STDC_HEADERS # include # include #else # ifdef HAVE_STDLIB_H # include # endif #endif #ifdef HAVE_STRING_H # if !defined STDC_HEADERS && defined HAVE_MEMORY_H # include # endif # include #endif #ifdef HAVE_STRINGS_H # include #endif #ifdef HAVE_INTTYPES_H # include #endif #ifdef HAVE_STDINT_H # include #endif #ifdef HAVE_UNISTD_H # include #endif" ac_subst_vars='am__EXEEXT_FALSE am__EXEEXT_TRUE LTLIBOBJS LIBOBJS ASCIIDOC A2X ENABLE_DOCS_FALSE ENABLE_DOCS_TRUE ENABLE_LIBEV_FALSE ENABLE_LIBEV_TRUE ENABLE_UALPN_FALSE ENABLE_UALPN_TRUE UALPN_LDADD ac_ct_AR AR USE_MBEDTLS ENABLE_READFILE_FALSE ENABLE_READFILE_TRUE USE_OPENSSL USE_LIBTASN1 USE_GNUTLS CURL_CFLAGS CURL_CPPFLAGS CURL_LDFLAGS CURL_LDADD PKG_CONFIG_LIBDIR PKG_CONFIG_PATH PKG_CONFIG WCFLAGS RANLIB SED EGREP GREP CPP am__fastdepCC_FALSE am__fastdepCC_TRUE CCDEPMODE am__nodep AMDEPBACKSLASH AMDEP_FALSE AMDEP_TRUE am__include DEPDIR OBJEXT EXEEXT ac_ct_CC CPPFLAGS LDFLAGS CFLAGS CC MAINT MAINTAINER_MODE_FALSE MAINTAINER_MODE_TRUE AM_BACKSLASH AM_DEFAULT_VERBOSITY AM_DEFAULT_V AM_V am__untar am__tar AMTAR am__leading_dot SET_MAKE AWK mkdir_p MKDIR_P INSTALL_STRIP_PROGRAM STRIP install_sh MAKEINFO AUTOHEADER AUTOMAKE AUTOCONF ACLOCAL VERSION PACKAGE CYGPATH_W am__isrc INSTALL_DATA INSTALL_SCRIPT INSTALL_PROGRAM target_alias host_alias build_alias LIBS ECHO_T ECHO_N ECHO_C DEFS mandir localedir libdir psdir pdfdir dvidir htmldir infodir docdir oldincludedir includedir runstatedir localstatedir sharedstatedir sysconfdir datadir datarootdir libexecdir sbindir bindir program_transform_name prefix exec_prefix PACKAGE_URL PACKAGE_BUGREPORT PACKAGE_STRING PACKAGE_VERSION PACKAGE_TARNAME PACKAGE_NAME PATH_SEPARATOR SHELL am__quote' ac_subst_files='' ac_user_opts=' enable_option_checking enable_silent_rules enable_maintainer_mode enable_debug enable_dependency_tracking enable_largefile with_libcurl with_mbedtls with_openssl with_gnutls with_ualpn enable_splice enable_docs ' ac_precious_vars='build_alias host_alias target_alias CC CFLAGS LDFLAGS LIBS CPPFLAGS CPP PKG_CONFIG PKG_CONFIG_PATH PKG_CONFIG_LIBDIR' # Initialize some variables set by options. ac_init_help= ac_init_version=false ac_unrecognized_opts= ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null exec_prefix=NONE no_create= no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= verbose= x_includes=NONE x_libraries=NONE # Installation directory options. # These are left unexpanded so users can "make install exec_prefix=/foo" # and all the variables that are supposed to be based on exec_prefix # by default will actually change. # Use braces instead of parens because sh, perl, etc. also accept them. # (The list follows the same order as the GNU Coding Standards.) bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datarootdir='${prefix}/share' datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' infodir='${datarootdir}/info' htmldir='${docdir}' dvidir='${docdir}' pdfdir='${docdir}' psdir='${docdir}' libdir='${exec_prefix}/lib' localedir='${datarootdir}/locale' mandir='${datarootdir}/man' ac_prev= ac_dashdash= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval $ac_prev=\$ac_option ac_prev= continue fi case $ac_option in *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; *=) ac_optarg= ;; *) ac_optarg=yes ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. case $ac_dashdash$ac_option in --) ac_dashdash=yes ;; -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir=$ac_optarg ;; -build | --build | --buil | --bui | --bu) ac_prev=build_alias ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build_alias=$ac_optarg ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file=$ac_optarg ;; --config-cache | -C) cache_file=config.cache ;; -datadir | --datadir | --datadi | --datad) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=*) datadir=$ac_optarg ;; -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ | --dataroo | --dataro | --datar) ac_prev=datarootdir ;; -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) datarootdir=$ac_optarg ;; -disable-* | --disable-*) ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) docdir=$ac_optarg ;; -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) ac_prev=dvidir ;; -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) dvidir=$ac_optarg ;; -enable-* | --enable-*) ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix=$ac_optarg ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he | -h) ac_init_help=long ;; -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) ac_init_help=recursive ;; -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) ac_init_help=short ;; -host | --host | --hos | --ho) ac_prev=host_alias ;; -host=* | --host=* | --hos=* | --ho=*) host_alias=$ac_optarg ;; -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) ac_prev=htmldir ;; -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ | --ht=*) htmldir=$ac_optarg ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir=$ac_optarg ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir=$ac_optarg ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir=$ac_optarg ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir=$ac_optarg ;; -localedir | --localedir | --localedi | --localed | --locale) ac_prev=localedir ;; -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) localedir=$ac_optarg ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst | --locals) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) localstatedir=$ac_optarg ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir=$ac_optarg ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir=$ac_optarg ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix=$ac_optarg ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix=$ac_optarg ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix=$ac_optarg ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name=$ac_optarg ;; -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) ac_prev=pdfdir ;; -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) pdfdir=$ac_optarg ;; -psdir | --psdir | --psdi | --psd | --ps) ac_prev=psdir ;; -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) psdir=$ac_optarg ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -runstatedir | --runstatedir | --runstatedi | --runstated \ | --runstate | --runstat | --runsta | --runst | --runs \ | --run | --ru | --r) ac_prev=runstatedir ;; -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ | --run=* | --ru=* | --r=*) runstatedir=$ac_optarg ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir=$ac_optarg ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir=$ac_optarg ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site=$ac_optarg ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir=$ac_optarg ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir=$ac_optarg ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target_alias ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target_alias=$ac_optarg ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers | -V) ac_init_version=: ;; -with-* | --with-*) ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes=$ac_optarg ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; -*) as_fn_error $? "unrecognized option: \`$ac_option' Try \`$0 --help' for more information" ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. case $ac_envvar in #( '' | [0-9]* | *[!_$as_cr_alnum]* ) as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; esac done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` as_fn_error $? "missing argument to $ac_option" fi if test -n "$ac_unrecognized_opts"; then case $enable_option_checking in no) ;; fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; esac fi # Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. case $ac_val in */ ) ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` eval $ac_var=\$ac_val;; esac # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias # FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi fi ac_tool_prefix= test -n "$host_alias" && ac_tool_prefix=$host_alias- test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. ac_confdir=`$as_dirname -- "$as_myself" || $as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_myself" : 'X\(//\)[^/]' \| \ X"$as_myself" : 'X\(//\)$' \| \ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` srcdir=$ac_confdir if test ! -r "$srcdir/$ac_unique_file"; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then srcdir=. fi # Remove unnecessary trailing slashes from srcdir. # Double slashes in file names in object file debugging info # mess up M-x gdb in Emacs. case $srcdir in */) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; esac for ac_var in $ac_precious_vars; do eval ac_env_${ac_var}_set=\${${ac_var}+set} eval ac_env_${ac_var}_value=\$${ac_var} eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} eval ac_cv_env_${ac_var}_value=\$${ac_var} done # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures uacme 1.7.6 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this help and exit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit -q, --quiet, --silent do not print \`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or \`..'] Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify an installation prefix other than \`$ac_default_prefix' using \`--prefix', for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] --datadir=DIR read-only architecture-independent data [DATAROOTDIR] --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] --docdir=DIR documentation root [DATAROOTDIR/doc/uacme] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF Program names: --program-prefix=PREFIX prepend PREFIX to installed program names --program-suffix=SUFFIX append SUFFIX to installed program names --program-transform-name=PROGRAM run sed PROGRAM on installed program names _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in short | recursive ) echo "Configuration of uacme 1.7.6:";; esac cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --enable-silent-rules less verbose build output (undo: "make V=1") --disable-silent-rules verbose build output (undo: "make V=0") --enable-maintainer-mode enable make rules and dependencies not useful (and sometimes confusing) to the casual installer --enable-debug=[yes/info/profile/no] compile with debugging --enable-dependency-tracking do not reject slow dependency extractors --disable-dependency-tracking speeds up one-time build --disable-largefile omit support for large files --disable-splice disable splice --disable-docs do not build and install documentation Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --with-libcurl[=PATH] PATH is libcurl installation root --with-mbedtls[=PATH] build with mbedTLS, PATH is installation root --without-mbedtls build without mbedTLS --with-openssl[=PATH] build with OpenSSL, PATH is installation root --without-openssl build without OpenSSL --with-gnutls[=PATH] build with GnuTLS, PATH is installation root --without-gnutls build without GnuTLS --with-ualpn enable ualpn --without-ualpn disable ualpn Some influential environment variables: CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor PKG_CONFIG path to pkg-config utility PKG_CONFIG_PATH directories to add to pkg-config's search path PKG_CONFIG_LIBDIR path overriding pkg-config's built-in search path Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. Report bugs to the package provider. _ACEOF ac_status=$? fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue test -d "$ac_dir" || { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix cd "$ac_dir" || { ac_status=$?; continue; } # Check for guested configure. if test -f "$ac_srcdir/configure.gnu"; then echo && $SHELL "$ac_srcdir/configure.gnu" --help=recursive elif test -f "$ac_srcdir/configure"; then echo && $SHELL "$ac_srcdir/configure" --help=recursive else $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF uacme configure 1.7.6 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi ## ------------------------ ## ## Autoconf initialization. ## ## ------------------------ ## # ac_fn_c_try_compile LINENO # -------------------------- # Try to compile conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest.$ac_objext; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_compile # ac_fn_c_try_cpp LINENO # ---------------------- # Try to preprocess conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_cpp () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_cpp conftest.$ac_ext" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } > conftest.i && { test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || test ! -s conftest.err }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_cpp # ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists, giving a warning if it cannot be compiled using # the include files in INCLUDES and setting the cache variable VAR # accordingly. ac_fn_c_check_header_mongrel () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if eval \${$3+:} false; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } else # Is the header compilable? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 $as_echo_n "checking $2 usability... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_header_compiler=yes else ac_header_compiler=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 $as_echo "$ac_header_compiler" >&6; } # Is the header present? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 $as_echo_n "checking $2 presence... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include <$2> _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : ac_header_preproc=yes else ac_header_preproc=no fi rm -f conftest.err conftest.i conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 $as_echo "$ac_header_preproc" >&6; } # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( yes:no: ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 $as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; no:yes:* ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 $as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 $as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 $as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 $as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=\$ac_header_compiler" fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_mongrel # ac_fn_c_try_run LINENO # ---------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. Assumes # that executables *can* be run. ac_fn_c_try_run () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then : ac_retval=0 else $as_echo "$as_me: program exited with status $ac_status" >&5 $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=$ac_status fi rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_run # ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists and can be compiled using the include files in # INCLUDES, setting the cache variable VAR accordingly. ac_fn_c_check_header_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_compile # ac_fn_c_try_link LINENO # ----------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_link () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext conftest$ac_exeext if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || test -x conftest$ac_exeext }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would # interfere with the next link command; also delete a directory that is # left behind by Apple's compiler. We do this before executing the actions. rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_link # ac_fn_c_check_func LINENO FUNC VAR # ---------------------------------- # Tests whether FUNC exists, setting the cache variable VAR accordingly ac_fn_c_check_func () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Define $2 to an innocuous variant, in case declares $2. For example, HP-UX 11i declares gettimeofday. */ #define $2 innocuous_$2 /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $2 (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $2 /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char $2 (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined __stub_$2 || defined __stub___$2 choke me #endif int main () { return $2 (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_func # ac_fn_c_check_type LINENO TYPE VAR INCLUDES # ------------------------------------------- # Tests whether TYPE exists after having included INCLUDES, setting cache # variable VAR accordingly. ac_fn_c_check_type () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=no" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { if (sizeof ($2)) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { if (sizeof (($2))) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else eval "$3=yes" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_type cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by uacme $as_me 1.7.6, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { cat <<_ASUNAME ## --------- ## ## Platform. ## ## --------- ## hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` /bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` /bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` /usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` /bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` _ASUNAME as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. $as_echo "PATH: $as_dir" done IFS=$as_save_IFS } >&5 cat >&5 <<_ACEOF ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. # Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= ac_configure_args0= ac_configure_args1= ac_must_keep_next=false for ac_pass in 1 2 do for ac_arg do case $ac_arg in -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) continue ;; *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; 2) as_fn_append ac_configure_args1 " '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else case $ac_arg in *=* | --config-cache | -C | -disable-* | --disable-* \ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ | -with-* | --with-* | -without-* | --without-* | --x) case "$ac_configure_args0 " in "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; esac ;; -* ) ac_must_keep_next=true ;; esac fi as_fn_append ac_configure_args " '$ac_arg'" ;; esac done done { ac_configure_args0=; unset ac_configure_args0;} { ac_configure_args1=; unset ac_configure_args1;} # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there # would cause problems or look ugly. # WARNING: Use '\'' to represent an apostrophe within the trap. # WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. trap 'exit_status=$? # Save into config.log some information that might help in debugging. { echo $as_echo "## ---------------- ## ## Cache variables. ## ## ---------------- ##" echo # The following way of writing the cache mishandles newlines in values, ( for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( *${as_nl}ac_space=\ *) sed -n \ "s/'\''/'\''\\\\'\'''\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" ;; #( *) sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) echo $as_echo "## ----------------- ## ## Output variables. ## ## ----------------- ##" echo for ac_var in $ac_subst_vars do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo if test -n "$ac_subst_files"; then $as_echo "## ------------------- ## ## File substitutions. ## ## ------------------- ##" echo for ac_var in $ac_subst_files do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo fi if test -s confdefs.h; then $as_echo "## ----------- ## ## confdefs.h. ## ## ----------- ##" echo cat confdefs.h echo fi test "$ac_signal" != 0 && $as_echo "$as_me: caught signal $ac_signal" $as_echo "$as_me: exit $exit_status" } >&5 rm -f core *.core core.conftest.* && rm -f -r conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -f -r conftest* confdefs.h $as_echo "/* confdefs.h */" > confdefs.h # Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF #define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_VERSION "$PACKAGE_VERSION" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_STRING "$PACKAGE_STRING" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_URL "$PACKAGE_URL" _ACEOF # Let the site file select an alternate cache file if it wants to. # Prefer an explicitly selected file to automatically selected ones. ac_site_file1=NONE ac_site_file2=NONE if test -n "$CONFIG_SITE"; then # We do not want a PATH search for config.site. case $CONFIG_SITE in #(( -*) ac_site_file1=./$CONFIG_SITE;; */*) ac_site_file1=$CONFIG_SITE;; *) ac_site_file1=./$CONFIG_SITE;; esac elif test "x$prefix" != xNONE; then ac_site_file1=$prefix/share/config.site ac_site_file2=$prefix/etc/config.site else ac_site_file1=$ac_default_prefix/share/config.site ac_site_file2=$ac_default_prefix/etc/config.site fi for ac_site_file in "$ac_site_file1" "$ac_site_file2" do test "x$ac_site_file" = xNONE && continue if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 $as_echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" \ || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file See \`config.log' for more details" "$LINENO" 5; } fi done if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special files # actually), so we avoid doing that. DJGPP emulates it as a regular file. if test /dev/null != "$cache_file" && test -f "$cache_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 $as_echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . "$cache_file";; *) . "./$cache_file";; esac fi else { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 $as_echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false for ac_var in $ac_precious_vars; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val=\$ac_cv_env_${ac_var}_value eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then # differences in whitespace do not lead to failure. ac_old_val_w=`echo x $ac_old_val` ac_new_val_w=`echo x $ac_new_val` if test "$ac_old_val_w" != "$ac_new_val_w"; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 $as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} ac_cache_corrupted=: else { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 $as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} eval $ac_var=\$ac_old_val fi { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 $as_echo "$as_me: former value: \`$ac_old_val'" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 $as_echo "$as_me: current value: \`$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. *) as_fn_append ac_configure_args " '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 $as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 fi ## -------------------- ## ## Main body of script. ## ## -------------------- ## ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_aux_dir= for ac_dir in build-aux "$srcdir"/build-aux; do if test -f "$ac_dir/install-sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" break elif test -f "$ac_dir/install.sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install.sh -c" break elif test -f "$ac_dir/shtool"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/shtool install -c" break fi done if test -z "$ac_aux_dir"; then as_fn_error $? "cannot find install-sh, install.sh, or shtool in build-aux \"$srcdir\"/build-aux" "$LINENO" 5 fi # These three variables are undocumented and unsupported, # and are intended to be withdrawn in a future Autoconf release. # They can cause serious problems if a builder's source tree is in a directory # whose full name contains unusual characters. ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. am__api_version='1.16' # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install # SunOS /usr/etc/install # IRIX /sbin/install # AIX /bin/install # AmigaOS /C/install, which installs bootblocks on floppy discs # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. # Reject install programs that cannot install multiple files. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 $as_echo_n "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then if ${ac_cv_path_install+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. # Account for people who put trailing slashes in PATH elements. case $as_dir/ in #(( ./ | .// | /[cC]/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. # Don't use installbsd from OSF since it installs stuff as root # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : elif test $ac_prog = install && grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # program-specific install script used by HP pwplus--don't use. : else rm -rf conftest.one conftest.two conftest.dir echo one > conftest.one echo two > conftest.two mkdir conftest.dir if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && test -s conftest.one && test -s conftest.two && test -s conftest.dir/conftest.one && test -s conftest.dir/conftest.two then ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" break 3 fi fi fi done done ;; esac done IFS=$as_save_IFS rm -rf conftest.one conftest.two conftest.dir fi if test "${ac_cv_path_install+set}" = set; then INSTALL=$ac_cv_path_install else # As a last resort, use the slow shell script. Don't cache a # value for INSTALL within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. INSTALL=$ac_install_sh fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 $as_echo "$INSTALL" >&6; } # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 $as_echo_n "checking whether build environment is sane... " >&6; } # Reject unsafe characters in $srcdir or the absolute working directory # name. Accept space and tab only in the latter. am_lf=' ' case `pwd` in *[\\\"\#\$\&\'\`$am_lf]*) as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;; esac case $srcdir in *[\\\"\#\$\&\'\`$am_lf\ \ ]*) as_fn_error $? "unsafe srcdir value: '$srcdir'" "$LINENO" 5;; esac # Do 'set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( am_has_slept=no for am_try in 1 2; do echo "timestamp, slept: $am_has_slept" > conftest.file set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` if test "$*" = "X"; then # -L didn't work. set X `ls -t "$srcdir/configure" conftest.file` fi if test "$*" != "X $srcdir/configure conftest.file" \ && test "$*" != "X conftest.file $srcdir/configure"; then # If neither matched, then we have a broken ls. This can happen # if, for instance, CONFIG_SHELL is bash and it inherits a # broken ls alias from the environment. This has actually # happened. Such a system could not be considered "sane". as_fn_error $? "ls -t appears to fail. Make sure there is not a broken alias in your environment" "$LINENO" 5 fi if test "$2" = conftest.file || test $am_try -eq 2; then break fi # Just in case. sleep 1 am_has_slept=yes done test "$2" = conftest.file ) then # Ok. : else as_fn_error $? "newly created file is older than distributed files! Check your system clock" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } # If we didn't sleep, we still need to ensure time stamps of config.status and # generated files are strictly newer. am_sleep_pid= if grep 'slept: no' conftest.file >/dev/null 2>&1; then ( sleep 1 ) & am_sleep_pid=$! fi rm -f conftest.file test "$program_prefix" != NONE && program_transform_name="s&^&$program_prefix&;$program_transform_name" # Use a double $ so make ignores it. test "$program_suffix" != NONE && program_transform_name="s&\$&$program_suffix&;$program_transform_name" # Double any \ or $. # By default was `s,x,x', remove it if useless. ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"` # Expand $ac_aux_dir to an absolute path. am_aux_dir=`cd "$ac_aux_dir" && pwd` if test x"${MISSING+set}" != xset; then MISSING="\${SHELL} '$am_aux_dir/missing'" fi # Use eval to expand $SHELL if eval "$MISSING --is-lightweight"; then am_missing_run="$MISSING " else am_missing_run= { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5 $as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;} fi if test x"${install_sh+set}" != xset; then case $am_aux_dir in *\ * | *\ *) install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; *) install_sh="\${SHELL} $am_aux_dir/install-sh" esac fi # Installed binaries are usually stripped using 'strip' when the user # run "make install-strip". However 'strip' might not be the right # tool to use in cross-compilation environments, therefore Automake # will honor the 'STRIP' environment variable to overrule this program. if test "$cross_compiling" != no; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. set dummy ${ac_tool_prefix}strip; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_STRIP+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$STRIP"; then ac_cv_prog_STRIP="$STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi STRIP=$ac_cv_prog_STRIP if test -n "$STRIP"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 $as_echo "$STRIP" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_STRIP"; then ac_ct_STRIP=$STRIP # Extract the first word of "strip", so it can be a program name with args. set dummy strip; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_STRIP+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_STRIP"; then ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP if test -n "$ac_ct_STRIP"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 $as_echo "$ac_ct_STRIP" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_STRIP" = x; then STRIP=":" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac STRIP=$ac_ct_STRIP fi else STRIP="$ac_cv_prog_STRIP" fi fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 $as_echo_n "checking for a thread-safe mkdir -p... " >&6; } if test -z "$MKDIR_P"; then if ${ac_cv_path_mkdir+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in mkdir gmkdir; do for ac_exec_ext in '' $ac_executable_extensions; do as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( 'mkdir (GNU coreutils) '* | \ 'mkdir (coreutils) '* | \ 'mkdir (fileutils) '4.1*) ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext break 3;; esac done done done IFS=$as_save_IFS fi test -d ./--version && rmdir ./--version if test "${ac_cv_path_mkdir+set}" = set; then MKDIR_P="$ac_cv_path_mkdir -p" else # As a last resort, use the slow shell script. Don't cache a # value for MKDIR_P within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. MKDIR_P="$ac_install_sh -d" fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 $as_echo "$MKDIR_P" >&6; } for ac_prog in gawk mawk nawk awk do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_AWK+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$AWK"; then ac_cv_prog_AWK="$AWK" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AWK="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi AWK=$ac_cv_prog_AWK if test -n "$AWK"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 $as_echo "$AWK" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$AWK" && break done { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @echo '@@@%%%=$(MAKE)=@@@%%%' _ACEOF # GNU make sometimes prints "make[1]: Entering ...", which would confuse us. case `${MAKE-make} -f conftest.make 2>/dev/null` in *@@@%%%=?*=@@@%%%*) eval ac_cv_prog_make_${ac_make}_set=yes;; *) eval ac_cv_prog_make_${ac_make}_set=no;; esac rm -f conftest.make fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } SET_MAKE= else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } SET_MAKE="MAKE=${MAKE-make}" fi rm -rf .tst 2>/dev/null mkdir .tst 2>/dev/null if test -d .tst; then am__leading_dot=. else am__leading_dot=_ fi rmdir .tst 2>/dev/null # Check whether --enable-silent-rules was given. if test "${enable_silent_rules+set}" = set; then : enableval=$enable_silent_rules; fi case $enable_silent_rules in # ((( yes) AM_DEFAULT_VERBOSITY=0;; no) AM_DEFAULT_VERBOSITY=1;; *) AM_DEFAULT_VERBOSITY=1;; esac am_make=${MAKE-make} { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 $as_echo_n "checking whether $am_make supports nested variables... " >&6; } if ${am_cv_make_support_nested_variables+:} false; then : $as_echo_n "(cached) " >&6 else if $as_echo 'TRUE=$(BAR$(V)) BAR0=false BAR1=true V=1 am__doit: @$(TRUE) .PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then am_cv_make_support_nested_variables=yes else am_cv_make_support_nested_variables=no fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 $as_echo "$am_cv_make_support_nested_variables" >&6; } if test $am_cv_make_support_nested_variables = yes; then AM_V='$(V)' AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' else AM_V=$AM_DEFAULT_VERBOSITY AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY fi AM_BACKSLASH='\' if test "`cd $srcdir && pwd`" != "`pwd`"; then # Use -I$(srcdir) only when $(srcdir) != ., so that make's output # is not polluted with repeated "-I." am__isrc=' -I$(srcdir)' # test to see if srcdir already configured if test -f $srcdir/config.status; then as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 fi fi # test whether we have cygpath if test -z "$CYGPATH_W"; then if (cygpath --version) >/dev/null 2>/dev/null; then CYGPATH_W='cygpath -w' else CYGPATH_W=echo fi fi # Define the identity of the package. PACKAGE='uacme' VERSION='1.7.6' cat >>confdefs.h <<_ACEOF #define PACKAGE "$PACKAGE" _ACEOF cat >>confdefs.h <<_ACEOF #define VERSION "$VERSION" _ACEOF # Some tools Automake needs. ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"} AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"} AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"} AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} # For better backward compatibility. To be removed once Automake 1.9.x # dies out for good. For more background, see: # # mkdir_p='$(MKDIR_P)' # We need awk for the "check" target (and possibly the TAP driver). The # system "awk" is bad on some platforms. # Always define AMTAR for backward compatibility. Yes, it's still used # in the wild :-( We should find a proper way to deprecate it ... AMTAR='$${TAR-tar}' # We'll loop over all known methods to create a tar archive until one works. _am_tools='gnutar pax cpio none' am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -' # POSIX will say in a future version that running "rm -f" with no argument # is OK; and we want to be able to make that assumption in our Makefile # recipes. So use an aggressive probe to check that the usage we want is # actually supported "in the wild" to an acceptable degree. # See automake bug#10828. # To make any issue more visible, cause the running configure to be aborted # by default if the 'rm' program in use doesn't match our expectations; the # user can still override this though. if rm -f && rm -fr && rm -rf; then : OK; else cat >&2 <<'END' Oops! Your 'rm' program seems unable to run without file operands specified on the command line, even when the '-f' option is present. This is contrary to the behaviour of most rm programs out there, and not conforming with the upcoming POSIX standard: Please tell bug-automake@gnu.org about your system, including the value of your $PATH and any error possibly output before this message. This can help us improve future automake versions. END if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then echo 'Configuration will proceed anyway, since you have set the' >&2 echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 echo >&2 else cat >&2 <<'END' Aborting the configuration process, to ensure you take notice of the issue. You can download and install GNU coreutils to get an 'rm' implementation that behaves properly: . If you want to complete the configuration process using your problematic 'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM to "yes", and re-run configure. END as_fn_error $? "Your 'rm' program is bad, sorry." "$LINENO" 5 fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 $as_echo_n "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } # Check whether --enable-maintainer-mode was given. if test "${enable_maintainer_mode+set}" = set; then : enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval else USE_MAINTAINER_MODE=no fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5 $as_echo "$USE_MAINTAINER_MODE" >&6; } if test $USE_MAINTAINER_MODE = yes; then MAINTAINER_MODE_TRUE= MAINTAINER_MODE_FALSE='#' else MAINTAINER_MODE_TRUE='#' MAINTAINER_MODE_FALSE= fi MAINT=$MAINTAINER_MODE_TRUE # Check whether --enable-silent-rules was given. if test "${enable_silent_rules+set}" = set; then : enableval=$enable_silent_rules; fi case $enable_silent_rules in # ((( yes) AM_DEFAULT_VERBOSITY=0;; no) AM_DEFAULT_VERBOSITY=1;; *) AM_DEFAULT_VERBOSITY=0;; esac am_make=${MAKE-make} { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 $as_echo_n "checking whether $am_make supports nested variables... " >&6; } if ${am_cv_make_support_nested_variables+:} false; then : $as_echo_n "(cached) " >&6 else if $as_echo 'TRUE=$(BAR$(V)) BAR0=false BAR1=true V=1 am__doit: @$(TRUE) .PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then am_cv_make_support_nested_variables=yes else am_cv_make_support_nested_variables=no fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 $as_echo "$am_cv_make_support_nested_variables" >&6; } if test $am_cv_make_support_nested_variables = yes; then AM_V='$(V)' AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' else AM_V=$AM_DEFAULT_VERBOSITY AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY fi AM_BACKSLASH='\' # $is_release = (.git directory does not exist) if test -d ${srcdir}/.git || (test -f ${srcdir}/.git && grep \.git/worktrees ${srcdir}/.git); then : ax_is_release=no else ax_is_release=yes fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable debugging" >&5 $as_echo_n "checking whether to enable debugging... " >&6; } ax_enable_debug_default=yes ax_enable_debug_is_release=$ax_is_release # If this is a release, override the default. if test "$ax_enable_debug_is_release" = "yes"; then : ax_enable_debug_default="no" fi # Check whether --enable-debug was given. if test "${enable_debug+set}" = set; then : enableval=$enable_debug; else enable_debug=$ax_enable_debug_default fi # empty mean debug yes if test "x$enable_debug" = "x"; then : enable_debug="yes" fi # case of debug case $enable_debug in #( yes) : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } CFLAGS="${CFLAGS} -g -O0" CXXFLAGS="${CXXFLAGS} -g -O0" FFLAGS="${FFLAGS} -g -O0" FCFLAGS="${FCFLAGS} -g -O0" OBJCFLAGS="${OBJCFLAGS} -g -O0" ;; #( info) : { $as_echo "$as_me:${as_lineno-$LINENO}: result: info" >&5 $as_echo "info" >&6; } CFLAGS="${CFLAGS} -g" CXXFLAGS="${CXXFLAGS} -g" FFLAGS="${FFLAGS} -g" FCFLAGS="${FCFLAGS} -g" OBJCFLAGS="${OBJCFLAGS} -g" ;; #( profile) : { $as_echo "$as_me:${as_lineno-$LINENO}: result: profile" >&5 $as_echo "profile" >&6; } CFLAGS="${CFLAGS} -g -pg" CXXFLAGS="${CXXFLAGS} -g -pg" FFLAGS="${FFLAGS} -g -pg" FCFLAGS="${FCFLAGS} -g -pg" OBJCFLAGS="${OBJCFLAGS} -g -pg" LDFLAGS="${LDFLAGS} -pg" ;; #( *) : { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } if test "x${CFLAGS+set}" != "xset"; then : CFLAGS="" fi if test "x${CXXFLAGS+set}" != "xset"; then : CXXFLAGS="" fi if test "x${FFLAGS+set}" != "xset"; then : FFLAGS="" fi if test "x${FCFLAGS+set}" != "xset"; then : FCFLAGS="" fi if test "x${OBJCFLAGS+set}" != "xset"; then : OBJCFLAGS="" fi ;; esac if test "x$enable_debug" = "xyes"; then : else $as_echo "#define NDEBUG 1" >>confdefs.h fi ax_enable_debug=$enable_debug DEPDIR="${am__leading_dot}deps" ac_config_commands="$ac_config_commands depfiles" { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} supports the include directive" >&5 $as_echo_n "checking whether ${MAKE-make} supports the include directive... " >&6; } cat > confinc.mk << 'END' am__doit: @echo this is the am__doit target >confinc.out .PHONY: am__doit END am__include="#" am__quote= # BSD make does it like this. echo '.include "confinc.mk" # ignored' > confmf.BSD # Other make implementations (GNU, Solaris 10, AIX) do it like this. echo 'include confinc.mk # ignored' > confmf.GNU _am_result=no for s in GNU BSD; do { echo "$as_me:$LINENO: ${MAKE-make} -f confmf.$s && cat confinc.out" >&5 (${MAKE-make} -f confmf.$s && cat confinc.out) >&5 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } case $?:`cat confinc.out 2>/dev/null` in #( '0:this is the am__doit target') : case $s in #( BSD) : am__include='.include' am__quote='"' ;; #( *) : am__include='include' am__quote='' ;; esac ;; #( *) : ;; esac if test "$am__include" != "#"; then _am_result="yes ($s style)" break fi done rm -f confinc.* confmf.* { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${_am_result}" >&5 $as_echo "${_am_result}" >&6; } # Check whether --enable-dependency-tracking was given. if test "${enable_dependency_tracking+set}" = set; then : enableval=$enable_dependency_tracking; fi if test "x$enable_dependency_tracking" != xno; then am_depcomp="$ac_aux_dir/depcomp" AMDEPBACKSLASH='\' am__nodep='_no' fi if test "x$enable_dependency_tracking" != xno; then AMDEP_TRUE= AMDEP_FALSE='#' else AMDEP_TRUE='#' AMDEP_FALSE= fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl.exe do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl.exe do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$ac_ct_CC" && break done if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi fi fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 for ac_option in --version -v -V -qversion; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then sed '10a\ ... rest of stderr output deleted ... 10q' conftest.err >conftest.er1 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 $as_echo_n "checking whether the C compiler works... " >&6; } ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` # The possible output files: ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" ac_rmfiles= for ac_file in $ac_files do case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; * ) ac_rmfiles="$ac_rmfiles $ac_file";; esac done rm -f $ac_rmfiles if { { ac_try="$ac_link_default" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link_default") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. # So ignore a value of `no', otherwise this would lead to `EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, # so that the user can short-circuit this test for compilers unknown to # Autoconf. for ac_file in $ac_files '' do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; then :; else ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi # We set ac_cv_exeext here because the later test for it is not # safe: cross compilers may not add the suffix if given an `-o' # argument, so we may need to know it at that point already. # Even if this section looks crufty: it has the advantage of # actually working. break;; * ) break;; esac done test "$ac_cv_exeext" = no && ac_cv_exeext= else ac_file='' fi if test -z "$ac_file"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables See \`config.log' for more details" "$LINENO" 5; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 $as_echo_n "checking for C compiler default output file name... " >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 $as_echo "$ac_file" >&6; } ac_exeext=$ac_cv_exeext rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 $as_echo_n "checking for suffix of executables... " >&6; } if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with # `rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` break;; * ) break;; esac done else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest conftest$ac_cv_exeext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 $as_echo "$ac_cv_exeext" >&6; } rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main () { FILE *f = fopen ("conftest.out", "w"); return ferror (f) || fclose (f) != 0; ; return 0; } _ACEOF ac_clean_files="$ac_clean_files conftest.out" # Check that the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 $as_echo_n "checking whether we are cross compiling... " >&6; } if test "$cross_compiling" != yes; then { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if { ac_try='./conftest$ac_cv_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details" "$LINENO" 5; } fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 $as_echo "$cross_compiling" >&6; } rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 $as_echo_n "checking for suffix of object files... " >&6; } if ${ac_cv_objext+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.o conftest.obj if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : for ac_file in conftest.o conftest.obj conftest.*; do test -f "$ac_file" || continue; case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 $as_echo "$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } if ${ac_cv_c_compiler_gnu+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_compiler_gnu=yes else ac_compiler_gnu=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 $as_echo "$ac_cv_c_compiler_gnu" >&6; } if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } if ${ac_cv_prog_cc_g+:} false; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes else CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 $as_echo "$ac_cv_prog_cc_g" >&6; } if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } if ${ac_cv_prog_cc_c89+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); static char *e (p, i) char **p; int i; { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not '\xHH' hex character constants. These don't provoke an error unfortunately, instead are silently treated as 'x'. The following induces an error, until -std is added to get proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an array size at least. It's necessary to write '\x00'==0 to get something that's true only with -std. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; /* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters inside strings and character constants. */ #define FOO(x) 'x' int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); int argc; char **argv; int main () { return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_c89=$ac_arg fi rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC fi # AC_CACHE_VAL case "x$ac_cv_prog_cc_c89" in x) { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 $as_echo "none needed" >&6; } ;; xno) { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 $as_echo "unsupported" >&6; } ;; *) CC="$CC $ac_cv_prog_cc_c89" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 $as_echo "$ac_cv_prog_cc_c89" >&6; } ;; esac if test "x$ac_cv_prog_cc_c89" != xno; then : fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 $as_echo_n "checking whether $CC understands -c and -o together... " >&6; } if ${am_cv_prog_cc_c_o+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF # Make sure it works both with $CC and with simple cc. # Following AC_PROG_CC_C_O, we do the test twice because some # compilers refuse to overwrite an existing .o file with -o, # though they will create one. am_cv_prog_cc_c_o=yes for am_i in 1 2; do if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5 ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } \ && test -f conftest2.$ac_objext; then : OK else am_cv_prog_cc_c_o=no break fi done rm -f core conftest* unset am_i fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 $as_echo "$am_cv_prog_cc_c_o" >&6; } if test "$am_cv_prog_cc_c_o" != yes; then # Losing compiler, so override with the script. # FIXME: It is wrong to rewrite CC. # But if we don't then we get into trouble of one sort or another. # A longer-term fix would be to have automake use am__CC in this case, # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" CC="$am_aux_dir/compile $CC" fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu depcc="$CC" am_compiler_list= { $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 $as_echo_n "checking dependency style of $depcc... " >&6; } if ${am_cv_CC_dependencies_compiler_type+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up # making a dummy file named 'D' -- because '-MD' means "put the output # in D". rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir # We will build objects and dependencies in a subdirectory because # it helps to detect inapplicable dependency modes. For instance # both Tru64's cc and ICC support -MD to output dependencies as a # side effect of compilation, but ICC will put the dependencies in # the current directory while Tru64 will put them in the object # directory. mkdir sub am_cv_CC_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` fi am__universal=false case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac for depmode in $am_compiler_list; do # Setup a source with many dependencies, because some compilers # like to wrap large dependency lists on column 80 (with \), and # we should not choose a depcomp mode which is confused by this. # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with # Solaris 10 /bin/sh. echo '/* dummy */' > sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf # We check with '-c' and '-o' for the sake of the "dashmstdout" # mode. It turns out that the SunPro C++ compiler does not properly # handle '-M -o', and we need to detect this. Also, some Intel # versions had trouble with output in subdirs. am__obj=sub/conftest.${OBJEXT-o} am__minus_obj="-o $am__obj" case $depmode in gcc) # This depmode causes a compiler race in universal mode. test "$am__universal" = false || continue ;; nosideeffect) # After this tag, mechanisms are not by side-effect, so they'll # only be used when explicitly requested. if test "x$enable_dependency_tracking" = xyes; then continue else break fi ;; msvc7 | msvc7msys | msvisualcpp | msvcmsys) # This compiler won't grok '-c -o', but also, the minuso test has # not run yet. These depmodes are late enough in the game, and # so weak that their functioning should not be impacted. am__obj=conftest.${OBJEXT-o} am__minus_obj= ;; none) break ;; esac if depmode=$depmode \ source=sub/conftest.c object=$am__obj \ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ >/dev/null 2>conftest.err && grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && grep $am__obj sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then # icc doesn't choke on unknown options, it will just issue warnings # or remarks (even with -Werror). So we grep stderr for any message # that says an option was ignored or not supported. # When given -MP, icc 7.0 and 7.1 complain thusly: # icc: Command line warning: ignoring option '-M'; no argument required # The diagnosis changed in icc 8.0: # icc: Command line remark: option '-MP' not supported if (grep 'ignoring option' conftest.err || grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else am_cv_CC_dependencies_compiler_type=$depmode break fi fi done cd .. rm -rf conftest.dir else am_cv_CC_dependencies_compiler_type=none fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 $as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type if test "x$enable_dependency_tracking" != xno \ && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then am__fastdepCC_TRUE= am__fastdepCC_FALSE='#' else am__fastdepCC_TRUE='#' am__fastdepCC_FALSE= fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 $as_echo_n "checking how to run the C preprocessor... " >&6; } # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if ${ac_cv_prog_CPP+:} false; then : $as_echo_n "(cached) " >&6 else # Double quotes because CPP needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" do ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : break fi done ac_cv_prog_CPP=$CPP fi CPP=$ac_cv_prog_CPP else ac_cv_prog_CPP=$CPP fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 $as_echo "$CPP" >&6; } ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details" "$LINENO" 5; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 $as_echo_n "checking for grep that handles long lines and -e... " >&6; } if ${ac_cv_path_GREP+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$GREP"; then ac_path_GREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in *GNU*) ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'GREP' >> "conftest.nl" "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_GREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_GREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_GREP"; then as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_GREP=$GREP fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 $as_echo "$ac_cv_path_GREP" >&6; } GREP="$ac_cv_path_GREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 $as_echo_n "checking for egrep... " >&6; } if ${ac_cv_path_EGREP+:} false; then : $as_echo_n "(cached) " >&6 else if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 then ac_cv_path_EGREP="$GREP -E" else if test -z "$EGREP"; then ac_path_EGREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in *GNU*) ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'EGREP' >> "conftest.nl" "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_EGREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_EGREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_EGREP"; then as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_EGREP=$EGREP fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 $as_echo "$ac_cv_path_EGREP" >&6; } EGREP="$ac_cv_path_EGREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } if ${ac_cv_header_stdc+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_stdc=yes else ac_cv_header_stdc=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) \ (('a' <= (c) && (c) <= 'i') \ || ('j' <= (c) && (c) <= 'r') \ || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) return 2; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : else ac_cv_header_stdc=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 $as_echo "$ac_cv_header_stdc" >&6; } if test $ac_cv_header_stdc = yes; then $as_echo "#define STDC_HEADERS 1" >>confdefs.h fi # On IRIX 5.3, sys/types and inttypes.h are conflicting. for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done ac_fn_c_check_header_mongrel "$LINENO" "minix/config.h" "ac_cv_header_minix_config_h" "$ac_includes_default" if test "x$ac_cv_header_minix_config_h" = xyes; then : MINIX=yes else MINIX= fi if test "$MINIX" = yes; then $as_echo "#define _POSIX_SOURCE 1" >>confdefs.h $as_echo "#define _POSIX_1_SOURCE 2" >>confdefs.h $as_echo "#define _MINIX 1" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether it is safe to define __EXTENSIONS__" >&5 $as_echo_n "checking whether it is safe to define __EXTENSIONS__... " >&6; } if ${ac_cv_safe_to_define___extensions__+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ # define __EXTENSIONS__ 1 $ac_includes_default int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_safe_to_define___extensions__=yes else ac_cv_safe_to_define___extensions__=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_safe_to_define___extensions__" >&5 $as_echo "$ac_cv_safe_to_define___extensions__" >&6; } test $ac_cv_safe_to_define___extensions__ = yes && $as_echo "#define __EXTENSIONS__ 1" >>confdefs.h $as_echo "#define _ALL_SOURCE 1" >>confdefs.h $as_echo "#define _GNU_SOURCE 1" >>confdefs.h $as_echo "#define _POSIX_PTHREAD_SEMANTICS 1" >>confdefs.h $as_echo "#define _TANDEM_SOURCE 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5 $as_echo_n "checking for a sed that does not truncate output... " >&6; } if ${ac_cv_path_SED+:} false; then : $as_echo_n "(cached) " >&6 else ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ for ac_i in 1 2 3 4 5 6 7; do ac_script="$ac_script$as_nl$ac_script" done echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed { ac_script=; unset ac_script;} if test -z "$SED"; then ac_path_SED_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in sed gsed; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_SED" || continue # Check for GNU ac_path_SED and select it if it is found. # Check for GNU $ac_path_SED case `"$ac_path_SED" --version 2>&1` in *GNU*) ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo '' >> "conftest.nl" "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_SED_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_SED="$ac_path_SED" ac_path_SED_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_SED_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_SED"; then as_fn_error $? "no acceptable sed could be found in \$PATH" "$LINENO" 5 fi else ac_cv_path_SED=$SED fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5 $as_echo "$ac_cv_path_SED" >&6; } SED="$ac_cv_path_SED" rm -f conftest.sed { $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 $as_echo_n "checking for grep that handles long lines and -e... " >&6; } if ${ac_cv_path_GREP+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$GREP"; then ac_path_GREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in *GNU*) ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'GREP' >> "conftest.nl" "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_GREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_GREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_GREP"; then as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_GREP=$GREP fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 $as_echo "$ac_cv_path_GREP" >&6; } GREP="$ac_cv_path_GREP" if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. set dummy ${ac_tool_prefix}ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 $as_echo "$RANLIB" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_RANLIB"; then ac_ct_RANLIB=$RANLIB # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 $as_echo "$ac_ct_RANLIB" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_RANLIB" = x; then RANLIB=":" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac RANLIB=$ac_ct_RANLIB fi else RANLIB="$ac_cv_prog_RANLIB" fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl.exe do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl.exe do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$ac_ct_CC" && break done if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi fi fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 for ac_option in --version -v -V -qversion; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then sed '10a\ ... rest of stderr output deleted ... 10q' conftest.err >conftest.er1 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } if ${ac_cv_c_compiler_gnu+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_compiler_gnu=yes else ac_compiler_gnu=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 $as_echo "$ac_cv_c_compiler_gnu" >&6; } if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } if ${ac_cv_prog_cc_g+:} false; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes else CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 $as_echo "$ac_cv_prog_cc_g" >&6; } if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } if ${ac_cv_prog_cc_c89+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); static char *e (p, i) char **p; int i; { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not '\xHH' hex character constants. These don't provoke an error unfortunately, instead are silently treated as 'x'. The following induces an error, until -std is added to get proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an array size at least. It's necessary to write '\x00'==0 to get something that's true only with -std. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; /* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters inside strings and character constants. */ #define FOO(x) 'x' int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); int argc; char **argv; int main () { return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_c89=$ac_arg fi rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC fi # AC_CACHE_VAL case "x$ac_cv_prog_cc_c89" in x) { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 $as_echo "none needed" >&6; } ;; xno) { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 $as_echo "unsupported" >&6; } ;; *) CC="$CC $ac_cv_prog_cc_c89" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 $as_echo "$ac_cv_prog_cc_c89" >&6; } ;; esac if test "x$ac_cv_prog_cc_c89" != xno; then : fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 $as_echo_n "checking whether $CC understands -c and -o together... " >&6; } if ${am_cv_prog_cc_c_o+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF # Make sure it works both with $CC and with simple cc. # Following AC_PROG_CC_C_O, we do the test twice because some # compilers refuse to overwrite an existing .o file with -o, # though they will create one. am_cv_prog_cc_c_o=yes for am_i in 1 2; do if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5 ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } \ && test -f conftest2.$ac_objext; then : OK else am_cv_prog_cc_c_o=no break fi done rm -f core conftest* unset am_i fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 $as_echo "$am_cv_prog_cc_c_o" >&6; } if test "$am_cv_prog_cc_c_o" != yes; then # Losing compiler, so override with the script. # FIXME: It is wrong to rewrite CC. # But if we don't then we get into trouble of one sort or another. # A longer-term fix would be to have automake use am__CC in this case, # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" CC="$am_aux_dir/compile $CC" fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu depcc="$CC" am_compiler_list= { $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 $as_echo_n "checking dependency style of $depcc... " >&6; } if ${am_cv_CC_dependencies_compiler_type+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up # making a dummy file named 'D' -- because '-MD' means "put the output # in D". rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir # We will build objects and dependencies in a subdirectory because # it helps to detect inapplicable dependency modes. For instance # both Tru64's cc and ICC support -MD to output dependencies as a # side effect of compilation, but ICC will put the dependencies in # the current directory while Tru64 will put them in the object # directory. mkdir sub am_cv_CC_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` fi am__universal=false case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac for depmode in $am_compiler_list; do # Setup a source with many dependencies, because some compilers # like to wrap large dependency lists on column 80 (with \), and # we should not choose a depcomp mode which is confused by this. # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with # Solaris 10 /bin/sh. echo '/* dummy */' > sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf # We check with '-c' and '-o' for the sake of the "dashmstdout" # mode. It turns out that the SunPro C++ compiler does not properly # handle '-M -o', and we need to detect this. Also, some Intel # versions had trouble with output in subdirs. am__obj=sub/conftest.${OBJEXT-o} am__minus_obj="-o $am__obj" case $depmode in gcc) # This depmode causes a compiler race in universal mode. test "$am__universal" = false || continue ;; nosideeffect) # After this tag, mechanisms are not by side-effect, so they'll # only be used when explicitly requested. if test "x$enable_dependency_tracking" = xyes; then continue else break fi ;; msvc7 | msvc7msys | msvisualcpp | msvcmsys) # This compiler won't grok '-c -o', but also, the minuso test has # not run yet. These depmodes are late enough in the game, and # so weak that their functioning should not be impacted. am__obj=conftest.${OBJEXT-o} am__minus_obj= ;; none) break ;; esac if depmode=$depmode \ source=sub/conftest.c object=$am__obj \ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ >/dev/null 2>conftest.err && grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && grep $am__obj sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then # icc doesn't choke on unknown options, it will just issue warnings # or remarks (even with -Werror). So we grep stderr for any message # that says an option was ignored or not supported. # When given -MP, icc 7.0 and 7.1 complain thusly: # icc: Command line warning: ignoring option '-M'; no argument required # The diagnosis changed in icc 8.0: # icc: Command line remark: option '-MP' not supported if (grep 'ignoring option' conftest.err || grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else am_cv_CC_dependencies_compiler_type=$depmode break fi fi done cd .. rm -rf conftest.dir else am_cv_CC_dependencies_compiler_type=none fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 $as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type if test "x$enable_dependency_tracking" != xno \ && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then am__fastdepCC_TRUE= am__fastdepCC_FALSE='#' else am__fastdepCC_TRUE='#' am__fastdepCC_FALSE= fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C99" >&5 $as_echo_n "checking for $CC option to accept ISO C99... " >&6; } if ${ac_cv_prog_cc_c99+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c99=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include #include // Check varargs macros. These examples are taken from C99 6.10.3.5. #define debug(...) fprintf (stderr, __VA_ARGS__) #define showlist(...) puts (#__VA_ARGS__) #define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__)) static void test_varargs_macros (void) { int x = 1234; int y = 5678; debug ("Flag"); debug ("X = %d\n", x); showlist (The first, second, and third items.); report (x>y, "x is %d but y is %d", x, y); } // Check long long types. #define BIG64 18446744073709551615ull #define BIG32 4294967295ul #define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0) #if !BIG_OK your preprocessor is broken; #endif #if BIG_OK #else your preprocessor is broken; #endif static long long int bignum = -9223372036854775807LL; static unsigned long long int ubignum = BIG64; struct incomplete_array { int datasize; double data[]; }; struct named_init { int number; const wchar_t *name; double average; }; typedef const char *ccp; static inline int test_restrict (ccp restrict text) { // See if C++-style comments work. // Iterate through items via the restricted pointer. // Also check for declarations in for loops. for (unsigned int i = 0; *(text+i) != '\0'; ++i) continue; return 0; } // Check varargs and va_copy. static void test_varargs (const char *format, ...) { va_list args; va_start (args, format); va_list args_copy; va_copy (args_copy, args); const char *str; int number; float fnumber; while (*format) { switch (*format++) { case 's': // string str = va_arg (args_copy, const char *); break; case 'd': // int number = va_arg (args_copy, int); break; case 'f': // float fnumber = va_arg (args_copy, double); break; default: break; } } va_end (args_copy); va_end (args); } int main () { // Check bool. _Bool success = false; // Check restrict. if (test_restrict ("String literal") == 0) success = true; char *restrict newvar = "Another string"; // Check varargs. test_varargs ("s, d' f .", "string", 65, 34.234); test_varargs_macros (); // Check flexible array members. struct incomplete_array *ia = malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10)); ia->datasize = 10; for (int i = 0; i < ia->datasize; ++i) ia->data[i] = i * 1.234; // Check named initializers. struct named_init ni = { .number = 34, .name = L"Test wide string", .average = 543.34343, }; ni.number = 58; int dynamic_array[ni.number]; dynamic_array[ni.number - 1] = 543; // work around unused variable warnings return (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == 'x' || dynamic_array[ni.number - 1] != 543); ; return 0; } _ACEOF for ac_arg in '' -std=gnu99 -std=c99 -c99 -AC99 -D_STDC_C99= -qlanglvl=extc99 do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_c99=$ac_arg fi rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c99" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC fi # AC_CACHE_VAL case "x$ac_cv_prog_cc_c99" in x) { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 $as_echo "none needed" >&6; } ;; xno) { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 $as_echo "unsupported" >&6; } ;; *) CC="$CC $ac_cv_prog_cc_c99" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 $as_echo "$ac_cv_prog_cc_c99" >&6; } ;; esac if test "x$ac_cv_prog_cc_c99" != xno; then : fi if test "x$ac_cv_prog_cc_c99" = "xno"; then as_fn_error $? "Could not find a C99 compatible compiler" "$LINENO" 5 fi as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$CFLAGS -Wall" | $as_tr_sh` { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CFLAGS -Wall" >&5 $as_echo_n "checking whether C compiler accepts $CFLAGS -Wall... " >&6; } if eval \${$as_CACHEVAR+:} false; then : $as_echo_n "(cached) " >&6 else ax_check_save_flags=$CFLAGS CFLAGS="$CFLAGS $CFLAGS -Wall" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$as_CACHEVAR=yes" else eval "$as_CACHEVAR=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext CFLAGS=$ax_check_save_flags fi eval ac_res=\$$as_CACHEVAR { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } if eval test \"x\$"$as_CACHEVAR"\" = x"yes"; then : WCFLAGS="-Wall" else : fi as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$CFLAGS -Wextra" | $as_tr_sh` { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CFLAGS -Wextra" >&5 $as_echo_n "checking whether C compiler accepts $CFLAGS -Wextra... " >&6; } if eval \${$as_CACHEVAR+:} false; then : $as_echo_n "(cached) " >&6 else ax_check_save_flags=$CFLAGS CFLAGS="$CFLAGS $CFLAGS -Wextra" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$as_CACHEVAR=yes" else eval "$as_CACHEVAR=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext CFLAGS=$ax_check_save_flags fi eval ac_res=\$$as_CACHEVAR { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } if eval test \"x\$"$as_CACHEVAR"\" = x"yes"; then : WCFLAGS="$WCFLAGS -Wextra" else : fi as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$CFLAGS -pedantic" | $as_tr_sh` { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CFLAGS -pedantic" >&5 $as_echo_n "checking whether C compiler accepts $CFLAGS -pedantic... " >&6; } if eval \${$as_CACHEVAR+:} false; then : $as_echo_n "(cached) " >&6 else ax_check_save_flags=$CFLAGS CFLAGS="$CFLAGS $CFLAGS -pedantic" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$as_CACHEVAR=yes" else eval "$as_CACHEVAR=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext CFLAGS=$ax_check_save_flags fi eval ac_res=\$$as_CACHEVAR { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } if eval test \"x\$"$as_CACHEVAR"\" = x"yes"; then : WCFLAGS="$WCFLAGS -pedantic" else : fi as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$CFLAGS -fno-strict-aliasing" | $as_tr_sh` { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $CFLAGS -fno-strict-aliasing" >&5 $as_echo_n "checking whether C compiler accepts $CFLAGS -fno-strict-aliasing... " >&6; } if eval \${$as_CACHEVAR+:} false; then : $as_echo_n "(cached) " >&6 else ax_check_save_flags=$CFLAGS CFLAGS="$CFLAGS $CFLAGS -fno-strict-aliasing" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$as_CACHEVAR=yes" else eval "$as_CACHEVAR=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext CFLAGS=$ax_check_save_flags fi eval ac_res=\$$as_CACHEVAR { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } if eval test \"x\$"$as_CACHEVAR"\" = x"yes"; then : WCFLAGS="$WCFLAGS -fno-strict-aliasing" else : fi # Check whether --enable-largefile was given. if test "${enable_largefile+set}" = set; then : enableval=$enable_largefile; fi if test "$enable_largefile" != no; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5 $as_echo_n "checking for special C compiler options needed for large files... " >&6; } if ${ac_cv_sys_largefile_CC+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_sys_largefile_CC=no if test "$GCC" != yes; then ac_save_CC=$CC while :; do # IRIX 6.2 and later do not support large files by default, # so use the C compiler's -n32 option if that helps. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : break fi rm -f core conftest.err conftest.$ac_objext CC="$CC -n32" if ac_fn_c_try_compile "$LINENO"; then : ac_cv_sys_largefile_CC=' -n32'; break fi rm -f core conftest.err conftest.$ac_objext break done CC=$ac_save_CC rm -f conftest.$ac_ext fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5 $as_echo "$ac_cv_sys_largefile_CC" >&6; } if test "$ac_cv_sys_largefile_CC" != no; then CC=$CC$ac_cv_sys_largefile_CC fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5 $as_echo_n "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; } if ${ac_cv_sys_file_offset_bits+:} false; then : $as_echo_n "(cached) " >&6 else while :; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_sys_file_offset_bits=no; break fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #define _FILE_OFFSET_BITS 64 #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_sys_file_offset_bits=64; break fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_sys_file_offset_bits=unknown break done fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5 $as_echo "$ac_cv_sys_file_offset_bits" >&6; } case $ac_cv_sys_file_offset_bits in #( no | unknown) ;; *) cat >>confdefs.h <<_ACEOF #define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits _ACEOF ;; esac rm -rf conftest* if test $ac_cv_sys_file_offset_bits = unknown; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5 $as_echo_n "checking for _LARGE_FILES value needed for large files... " >&6; } if ${ac_cv_sys_large_files+:} false; then : $as_echo_n "(cached) " >&6 else while :; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_sys_large_files=no; break fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #define _LARGE_FILES 1 #include /* Check that off_t can represent 2**63 - 1 correctly. We can't simply define LARGE_OFF_T to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ #define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31)) int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 && LARGE_OFF_T % 2147483647 == 1) ? 1 : -1]; int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_sys_large_files=1; break fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_sys_large_files=unknown break done fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5 $as_echo "$ac_cv_sys_large_files" >&6; } case $ac_cv_sys_large_files in #( no | unknown) ;; *) cat >>confdefs.h <<_ACEOF #define _LARGE_FILES $ac_cv_sys_large_files _ACEOF ;; esac rm -rf conftest* fi fi for ac_header in err.h do : ac_fn_c_check_header_mongrel "$LINENO" "err.h" "ac_cv_header_err_h" "$ac_includes_default" if test "x$ac_cv_header_err_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_ERR_H 1 _ACEOF else as_fn_error $? "uacme requires err.h" "$LINENO" 5 fi done for ac_header in getopt.h do : ac_fn_c_check_header_mongrel "$LINENO" "getopt.h" "ac_cv_header_getopt_h" "$ac_includes_default" if test "x$ac_cv_header_getopt_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETOPT_H 1 _ACEOF else as_fn_error $? "uacme requires sys/wait.h" "$LINENO" 5 fi done for ac_header in netdb.h do : ac_fn_c_check_header_mongrel "$LINENO" "netdb.h" "ac_cv_header_netdb_h" "$ac_includes_default" if test "x$ac_cv_header_netdb_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_NETDB_H 1 _ACEOF else as_fn_error $? "uacme requires netdb.h" "$LINENO" 5 fi done for ac_header in netinet/in.h do : ac_fn_c_check_header_mongrel "$LINENO" "netinet/in.h" "ac_cv_header_netinet_in_h" "$ac_includes_default" if test "x$ac_cv_header_netinet_in_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_NETINET_IN_H 1 _ACEOF else as_fn_error $? "uacme requires netinet/in.h" "$LINENO" 5 fi done for ac_header in arpa/inet.h do : ac_fn_c_check_header_mongrel "$LINENO" "arpa/inet.h" "ac_cv_header_arpa_inet_h" "$ac_includes_default" if test "x$ac_cv_header_arpa_inet_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_ARPA_INET_H 1 _ACEOF else as_fn_error $? "uacme requires arpa/inet.h" "$LINENO" 5 fi done for ac_header in sys/socket.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/socket.h" "ac_cv_header_sys_socket_h" "$ac_includes_default" if test "x$ac_cv_header_sys_socket_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_SOCKET_H 1 _ACEOF else as_fn_error $? "uacme requires sys/socket.h" "$LINENO" 5 fi done for ac_header in sys/stat.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/stat.h" "ac_cv_header_sys_stat_h" "$ac_includes_default" if test "x$ac_cv_header_sys_stat_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_STAT_H 1 _ACEOF else as_fn_error $? "uacme requires sys/stat.h" "$LINENO" 5 fi done for ac_header in sys/types.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/types.h" "ac_cv_header_sys_types_h" "$ac_includes_default" if test "x$ac_cv_header_sys_types_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_TYPES_H 1 _ACEOF else as_fn_error $? "uacme requires sys/types.h" "$LINENO" 5 fi done for ac_header in sys/wait.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/wait.h" "ac_cv_header_sys_wait_h" "$ac_includes_default" if test "x$ac_cv_header_sys_wait_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_WAIT_H 1 _ACEOF else as_fn_error $? "uacme requires sys/wait.h" "$LINENO" 5 fi done for ac_func in asprintf vasprintf do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF else as_fn_error $? "uacme requires (v)asprintf" "$LINENO" 5 fi done for ac_func in getopt_long do : ac_fn_c_check_func "$LINENO" "getopt_long" "ac_cv_func_getopt_long" if test "x$ac_cv_func_getopt_long" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GETOPT_LONG 1 _ACEOF else as_fn_error $? "uacme requires getopt_long" "$LINENO" 5 fi done for ac_func in open_memstream do : ac_fn_c_check_func "$LINENO" "open_memstream" "ac_cv_func_open_memstream" if test "x$ac_cv_func_open_memstream" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_OPEN_MEMSTREAM 1 _ACEOF else as_fn_error $? "uacme requires open_memstream" "$LINENO" 5 fi done for ac_func in strcasestr do : ac_fn_c_check_func "$LINENO" "strcasestr" "ac_cv_func_strcasestr" if test "x$ac_cv_func_strcasestr" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRCASESTR 1 _ACEOF fi done for ac_func in setproctitle do : ac_fn_c_check_func "$LINENO" "setproctitle" "ac_cv_func_setproctitle" if test "x$ac_cv_func_setproctitle" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SETPROCTITLE 1 _ACEOF fi done if test -n "$PKG_CONFIG"; then PKGCONFIG="$PKG_CONFIG" if test -z "`$PKGCONFIG --version`"; then as_fn_error $? "PKG_CONFIG is invalid" "$LINENO" 5 fi else if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_path_PKG_CONFIG+:} false; then : $as_echo_n "(cached) " >&6 else case $PKG_CONFIG in [\\/]* | ?:[\\/]*) ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS ;; esac fi PKG_CONFIG=$ac_cv_path_PKG_CONFIG if test -n "$PKG_CONFIG"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5 $as_echo "$PKG_CONFIG" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_path_PKG_CONFIG"; then ac_pt_PKG_CONFIG=$PKG_CONFIG # Extract the first word of "pkg-config", so it can be a program name with args. set dummy pkg-config; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_path_ac_pt_PKG_CONFIG+:} false; then : $as_echo_n "(cached) " >&6 else case $ac_pt_PKG_CONFIG in [\\/]* | ?:[\\/]*) ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS ;; esac fi ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG if test -n "$ac_pt_PKG_CONFIG"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKG_CONFIG" >&5 $as_echo "$ac_pt_PKG_CONFIG" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_pt_PKG_CONFIG" = x; then PKG_CONFIG="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac PKG_CONFIG=$ac_pt_PKG_CONFIG fi else PKG_CONFIG="$ac_cv_path_PKG_CONFIG" fi fi if test -n "$PKG_CONFIG"; then _pkg_min_version=0.28 { $as_echo "$as_me:${as_lineno-$LINENO}: checking pkg-config is at least version $_pkg_min_version" >&5 $as_echo_n "checking pkg-config is at least version $_pkg_min_version... " >&6; } if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } PKG_CONFIG="" fi fi if test "x$PKG_CONFIG" = "x"; then as_fn_error $? "Could not find pkg-config" "$LINENO" 5 else PKGCONFIG="$PKG_CONFIG" fi fi OPT_LIBCURL=yes # Check whether --with-libcurl was given. if test "${with_libcurl+set}" = set; then : withval=$with_libcurl; OPT_LIBCURL=$withval fi if test "x$OPT_LIBCURL" = "xno"; then as_fn_error $? "libcurl must be enabled" "$LINENO" 5 fi if test "x$OPT_LIBCURL" = "xyes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libcurl >= 7.38.0" >&5 $as_echo_n "checking for libcurl >= 7.38.0... " >&6; } itexists=`$PKGCONFIG --exists 'libcurl >= 7.38.0' >/dev/null 2>&1 && echo 1` if test -z "$itexists"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } as_fn_error $? "libcurl not found" "$LINENO" 5 else CURL_LDADD=`$PKGCONFIG --libs-only-l libcurl` CURL_LDFLAGS=`$PKGCONFIG --libs-only-L --libs-only-other libcurl` CURL_CPPFLAGS=`$PKGCONFIG --cflags-only-I libcurl` CURL_CFLAGS=`$PKGCONFIG --cflags-only-other libcurl` version=`$PKGCONFIG --modversion libcurl` { $as_echo "$as_me:${as_lineno-$LINENO}: result: found $version" >&5 $as_echo "found $version" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libcurl https support" >&5 $as_echo_n "checking for libcurl https support... " >&6; } https=`$PKGCONFIG --variable=supported_protocols libcurl 2>/dev/null | grep -q HTTPS && echo 1` if test -z "$https"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } as_fn_error $? "libcurl does not support https" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi else CURL_LDADD=-lcurl CURL_LDFLAGS=-L$OPT_LIBCURL/lib$libsuff CURL_CPPFLAGS=-I$OPT_LIBCURL/include CURL_CFLAGS= fi LIBS_ORIG=$LIBS LDFLAGS_ORIG=$LDFLAGS CPPFLAGS_ORIG=$CPPFLAGS CFLAGS_ORIG=$CFLAGS LIBS="$CURL_LDADD $LIBS" LDFLAGS="$LDFLAGS $CURL_LDFLAGS" CPPFLAGS="$CPPFLAGS $CURL_CPPFLAGS" CFLAGS="$CFLAGS $CURL_CFLAGS" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for curl_global_init in -lcurl" >&5 $as_echo_n "checking for curl_global_init in -lcurl... " >&6; } if ${ac_cv_lib_curl_curl_global_init+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lcurl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char curl_global_init (); int main () { return curl_global_init (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_curl_curl_global_init=yes else ac_cv_lib_curl_curl_global_init=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_curl_curl_global_init" >&5 $as_echo "$ac_cv_lib_curl_curl_global_init" >&6; } if test "x$ac_cv_lib_curl_curl_global_init" = xyes; then : CURL_ENABLED=1 else as_fn_error $? "libcurl check failed" "$LINENO" 5 fi LIBS=$LIBS_ORIG LDFLAGS=$LDFLAGS_ORIG CPPFLAGS=$CPPFLAGS_ORIG CFLAGS=$CFLAGS_ORIG OPT_MBEDTLS=no # Check whether --with-mbedtls was given. if test "${with_mbedtls+set}" = set; then : withval=$with_mbedtls; OPT_MBEDTLS=$withval fi OPT_OPENSSL=no # Check whether --with-openssl was given. if test "${with_openssl+set}" = set; then : withval=$with_openssl; OPT_OPENSSL=$withval fi if test "x$OPT_MBEDTLS" = "xno" -a "x$OPT_OPENSSL" = "xno"; then OPT_GNUTLS=yes else OPT_GNUTLS=no fi # Check whether --with-gnutls was given. if test "${with_gnutls+set}" = set; then : withval=$with_gnutls; OPT_GNUTLS=$withval fi if test "x$OPT_GNUTLS" = "xno" -a "x$OPT_MBEDTLS" = "xno" -a "x$OPT_OPENSSL" = "xno"; then as_fn_error $? "One of GnuTLS, OpenSSL or mbedTLS must be enabled" "$LINENO" 5 fi if test "x$OPT_GNUTLS" != "xno" -a "x$OPT_MBEDTLS" != "xno"; then as_fn_error $? "GnuTLS and mbedTLS cannot be both enabled" "$LINENO" 5 fi if test "x$OPT_GNUTLS" != "xno" -a "x$OPT_OPENSSL" != "xno"; then as_fn_error $? "GnuTLS and OpenSSL cannot be both enabled" "$LINENO" 5 fi if test "x$OPT_OPENSSL" != "xno" -a "x$OPT_MBEDTLS" != "xno"; then as_fn_error $? "OpenSSL and mbedTLS cannot be both enabled" "$LINENO" 5 fi if test "x$OPT_GNUTLS" != "xno"; then addlib="" if test "x$OPT_GNUTLS" = "xyes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GnuTLS >= 3.3.30" >&5 $as_echo_n "checking for GnuTLS >= 3.3.30... " >&6; } itexists=`$PKGCONFIG --exists 'gnutls >= 3.3.30' >/dev/null 2>&1 && echo 1` if test -z "$itexists"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } as_fn_error $? "gnutls not found" "$LINENO" 5 else addlib=`$PKGCONFIG --libs-only-l gnutls` addld=`$PKGCONFIG --libs-only-L gnutls` addcflags=`$PKGCONFIG --cflags-only-I gnutls` version=`$PKGCONFIG --modversion gnutls` gtlslib=`echo $addld | sed -e 's/-L//'` { $as_echo "$as_me:${as_lineno-$LINENO}: result: found $version" >&5 $as_echo "found $version" >&6; } fi else addlib=-lgnutls addld=-L$OPT_GNUTLS/lib$libsuff addcflags=-I$OPT_GNUTLS/include gtlslib=$OPT_GNUTLS/lib$libsuff fi if test -n "$addlib"; then LIBS="$addlib $LIBS" LDFLAGS="$LDFLAGS $addld" if test "$addcflags" != "-I/usr/include"; then CPPFLAGS="$CPPFLAGS $addcflags" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gnutls_global_init in -lgnutls" >&5 $as_echo_n "checking for gnutls_global_init in -lgnutls... " >&6; } if ${ac_cv_lib_gnutls_gnutls_global_init+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lgnutls $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char gnutls_global_init (); int main () { return gnutls_global_init (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_gnutls_gnutls_global_init=yes else ac_cv_lib_gnutls_gnutls_global_init=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_gnutls_gnutls_global_init" >&5 $as_echo "$ac_cv_lib_gnutls_gnutls_global_init" >&6; } if test "x$ac_cv_lib_gnutls_gnutls_global_init" = xyes; then : $as_echo "#define USE_GNUTLS 1" >>confdefs.h USE_GNUTLS=1 USE_GNUTLS="yes" else as_fn_error $? "gnutls check failed" "$LINENO" 5 fi for ac_func in gnutls_decode_rs_value do : ac_fn_c_check_func "$LINENO" "gnutls_decode_rs_value" "ac_cv_func_gnutls_decode_rs_value" if test "x$ac_cv_func_gnutls_decode_rs_value" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GNUTLS_DECODE_RS_VALUE 1 _ACEOF else NEED_LIBTASN1="yes" fi done for ac_func in gnutls_x509_crq_set_tlsfeatures do : ac_fn_c_check_func "$LINENO" "gnutls_x509_crq_set_tlsfeatures" "ac_cv_func_gnutls_x509_crq_set_tlsfeatures" if test "x$ac_cv_func_gnutls_x509_crq_set_tlsfeatures" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_GNUTLS_X509_CRQ_SET_TLSFEATURES 1 _ACEOF else { $as_echo "$as_me:${as_lineno-$LINENO}: --must-staple requires GnuTLS 3.5.1 or later" >&5 $as_echo "$as_me: --must-staple requires GnuTLS 3.5.1 or later" >&6;} fi done fi fi if test "x$NEED_LIBTASN1" = "xyes"; then addlib="" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libtasn1 >= 4.2" >&5 $as_echo_n "checking for libtasn1 >= 4.2... " >&6; } itexists=`$PKGCONFIG --exists 'libtasn1 >= 4.2' >/dev/null 2>&1 && echo 1` if test -z "$itexists"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } as_fn_error $? "libtasn1 not found" "$LINENO" 5 else addlib=`$PKGCONFIG --libs-only-l libtasn1` addld=`$PKGCONFIG --libs-only-L libtasn1` addcflags=`$PKGCONFIG --cflags-only-I libtasn1` version=`$PKGCONFIG --modversion libtasn1` tasn1lib=`echo $addld | sed -e 's/-L//'` { $as_echo "$as_me:${as_lineno-$LINENO}: result: found $version" >&5 $as_echo "found $version" >&6; } fi if test -n "$addlib"; then LIBS="$addlib $LIBS" LDFLAGS="$LDFLAGS $addld" if test "$addcflags" != "-I/usr/include"; then CPPFLAGS="$CPPFLAGS $addcflags" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for asn1_get_tag_der in -ltasn1" >&5 $as_echo_n "checking for asn1_get_tag_der in -ltasn1... " >&6; } if ${ac_cv_lib_tasn1_asn1_get_tag_der+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-ltasn1 $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char asn1_get_tag_der (); int main () { return asn1_get_tag_der (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_tasn1_asn1_get_tag_der=yes else ac_cv_lib_tasn1_asn1_get_tag_der=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_tasn1_asn1_get_tag_der" >&5 $as_echo "$ac_cv_lib_tasn1_asn1_get_tag_der" >&6; } if test "x$ac_cv_lib_tasn1_asn1_get_tag_der" = xyes; then : $as_echo "#define USE_LIBTASN1 1" >>confdefs.h USE_LIBTASN1=1 LIBTASN1_ENABLED=1 USE_LIBTASN1="yes" else as_fn_error $? "libtasn1 check failed" "$LINENO" 5 fi fi fi if test "x$OPT_OPENSSL" != "xno"; then addlib="" if test "x$OPT_OPENSSL" = "xyes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL >= 1.1.1" >&5 $as_echo_n "checking for OpenSSL >= 1.1.1... " >&6; } itexists=`$PKGCONFIG --exists 'openssl >= 1.1.1' >/dev/null 2>&1 && echo 1` if test -z "$itexists"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } as_fn_error $? "openssl not found" "$LINENO" 5 else addlib=`$PKGCONFIG --libs-only-l openssl` addld=`$PKGCONFIG --libs-only-L openssl` addcflags=`$PKGCONFIG --cflags-only-I openssl` version=`$PKGCONFIG --modversion openssl` openssllib=`echo $addld | sed -e 's/-L//'` { $as_echo "$as_me:${as_lineno-$LINENO}: result: found $version" >&5 $as_echo "found $version" >&6; } fi else addlib="-lssl -lcrypto" addld=-L$OPT_OPENSSL/lib$libsuff addcflags=-I$OPT_OPENSSL/include openssllib=$OPT_OPENSSL/lib$libsuff fi if test -n "$addlib"; then LIBS="$addlib $LIBS" LDFLAGS="$LDFLAGS $addld" if test "$addcflags" != "-I/usr/include"; then CPPFLAGS="$CPPFLAGS $addcflags" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for OpenSSL_version_num in -lssl" >&5 $as_echo_n "checking for OpenSSL_version_num in -lssl... " >&6; } if ${ac_cv_lib_ssl_OpenSSL_version_num+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lssl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char OpenSSL_version_num (); int main () { return OpenSSL_version_num (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_ssl_OpenSSL_version_num=yes else ac_cv_lib_ssl_OpenSSL_version_num=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_ssl_OpenSSL_version_num" >&5 $as_echo "$ac_cv_lib_ssl_OpenSSL_version_num" >&6; } if test "x$ac_cv_lib_ssl_OpenSSL_version_num" = xyes; then : $as_echo "#define USE_OPENSSL 1" >>confdefs.h USE_OPENSSL=1 USE_OPENSSL="yes" else as_fn_error $? "openssl check failed" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking if OpenSSL is really LibreSSL" >&5 $as_echo_n "checking if OpenSSL is really LibreSSL... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main() {return LIBRESSL_VERSION_NUMBER;} _ACEOF if ac_fn_c_try_compile "$LINENO"; then : LIBRESSL=yes { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi fi if test "x$USE_OPENSSL" != "xyes"; then ENABLE_READFILE_TRUE= ENABLE_READFILE_FALSE='#' else ENABLE_READFILE_TRUE='#' ENABLE_READFILE_FALSE= fi if test "x$OPT_MBEDTLS" != "xno"; then addlib="-lmbedtls -lmbedx509 -lmbedcrypto" if test "x$OPT_MBEDTLS" = "xyes"; then addld="" addcflags="" else addld=-L$OPT_MBEDTLS/lib$libsuff addcflags=-I$OPT_MBEDTLS/include fi LIBS="$addlib $LIBS" LDFLAGS="$LDFLAGS $addld" CPPFLAGS="$CPPFLAGS $addcflags" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for mbedtls_entropy_init in -lmbedtls" >&5 $as_echo_n "checking for mbedtls_entropy_init in -lmbedtls... " >&6; } if ${ac_cv_lib_mbedtls_mbedtls_entropy_init+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lmbedtls $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char mbedtls_entropy_init (); int main () { return mbedtls_entropy_init (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_mbedtls_mbedtls_entropy_init=yes else ac_cv_lib_mbedtls_mbedtls_entropy_init=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_mbedtls_mbedtls_entropy_init" >&5 $as_echo "$ac_cv_lib_mbedtls_mbedtls_entropy_init" >&6; } if test "x$ac_cv_lib_mbedtls_mbedtls_entropy_init" = xyes; then : $as_echo "#define USE_MBEDTLS 1" >>confdefs.h USE_MBEDTLS=1 USE_MBEDTLS="yes" else as_fn_error $? "mbedtls check failed" "$LINENO" 5 fi if test "x$USE_MBEDTLS" = "xyes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: detected mbedTLS" >&5 $as_echo "$as_me: detected mbedTLS" >&6;} fi fi if test "x$LIBRESSL" = "xyes"; then OPT_UALPN=no else OPT_UALPN=yes fi # Check whether --with-ualpn was given. if test "${with_ualpn+set}" = set; then : withval=$with_ualpn; OPT_UALPN=$withval fi if test "x$OPT_UALPN" != "xno"; then if test "x$LIBRESSL" = "xyes"; then as_fn_error $? "ualpn is not compatible with LibreSSL" "$LINENO" 5 fi if test -n "$ac_tool_prefix"; then for ac_prog in ar lib "link -lib" do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_AR+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$AR"; then ac_cv_prog_AR="$AR" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AR="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi AR=$ac_cv_prog_AR if test -n "$AR"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 $as_echo "$AR" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$AR" && break done fi if test -z "$AR"; then ac_ct_AR=$AR for ac_prog in ar lib "link -lib" do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_AR+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_AR"; then ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_AR="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_AR=$ac_cv_prog_ac_ct_AR if test -n "$ac_ct_AR"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 $as_echo "$ac_ct_AR" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$ac_ct_AR" && break done if test "x$ac_ct_AR" = x; then AR="false" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac AR=$ac_ct_AR fi fi : ${AR=ar} { $as_echo "$as_me:${as_lineno-$LINENO}: checking the archiver ($AR) interface" >&5 $as_echo_n "checking the archiver ($AR) interface... " >&6; } if ${am_cv_ar_interface+:} false; then : $as_echo_n "(cached) " >&6 else ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu am_cv_ar_interface=ar cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int some_variable = 0; _ACEOF if ac_fn_c_try_compile "$LINENO"; then : am_ar_try='$AR cru libconftest.a conftest.$ac_objext >&5' { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$am_ar_try\""; } >&5 (eval $am_ar_try) 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if test "$ac_status" -eq 0; then am_cv_ar_interface=ar else am_ar_try='$AR -NOLOGO -OUT:conftest.lib conftest.$ac_objext >&5' { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$am_ar_try\""; } >&5 (eval $am_ar_try) 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if test "$ac_status" -eq 0; then am_cv_ar_interface=lib else am_cv_ar_interface=unknown fi fi rm -f conftest.lib libconftest.a fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_ar_interface" >&5 $as_echo "$am_cv_ar_interface" >&6; } case $am_cv_ar_interface in ar) ;; lib) # Microsoft lib, so override with the ar-lib wrapper script. # FIXME: It is wrong to rewrite AR. # But if we don't then we get into trouble of one sort or another. # A longer-term fix would be to have automake use am__AR in this case, # and then we could set am__AR="$am_aux_dir/ar-lib \$(AR)" or something # similar. AR="$am_aux_dir/ar-lib $AR" ;; unknown) as_fn_error $? "could not determine $AR interface" "$LINENO" 5 ;; esac for ac_header in netinet/tcp.h do : ac_fn_c_check_header_mongrel "$LINENO" "netinet/tcp.h" "ac_cv_header_netinet_tcp_h" "$ac_includes_default" if test "x$ac_cv_header_netinet_tcp_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_NETINET_TCP_H 1 _ACEOF else as_fn_error $? "ualpn requires netinet/tcp.h" "$LINENO" 5 fi done for ac_header in sys/mman.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/mman.h" "ac_cv_header_sys_mman_h" "$ac_includes_default" if test "x$ac_cv_header_sys_mman_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_MMAN_H 1 _ACEOF else as_fn_error $? "ualpn requires sys/mman.h" "$LINENO" 5 fi done for ac_header in sys/resource.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/resource.h" "ac_cv_header_sys_resource_h" "$ac_includes_default" if test "x$ac_cv_header_sys_resource_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_RESOURCE_H 1 _ACEOF else as_fn_error $? "ualpn requires sys/resource.h" "$LINENO" 5 fi done for ac_header in sys/uio.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/uio.h" "ac_cv_header_sys_uio_h" "$ac_includes_default" if test "x$ac_cv_header_sys_uio_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_UIO_H 1 _ACEOF else as_fn_error $? "ualpn requires sys/uio.h" "$LINENO" 5 fi done for ac_header in sys/un.h do : ac_fn_c_check_header_mongrel "$LINENO" "sys/un.h" "ac_cv_header_sys_un_h" "$ac_includes_default" if test "x$ac_cv_header_sys_un_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SYS_UN_H 1 _ACEOF else as_fn_error $? "ualpn requires sys/un.h" "$LINENO" 5 fi done for ac_func in mmap do : ac_fn_c_check_func "$LINENO" "mmap" "ac_cv_func_mmap" if test "x$ac_cv_func_mmap" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_MMAP 1 _ACEOF else as_fn_error $? "ualpn requires mmap" "$LINENO" 5 fi done { $as_echo "$as_me:${as_lineno-$LINENO}: checking if mmap(MAP_ANON|MAP_SHARED) works" >&5 $as_echo_n "checking if mmap(MAP_ANON|MAP_SHARED) works... " >&6; } if test "$cross_compiling" = yes; then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;} _ACEOF if ac_fn_c_try_compile "$LINENO"; then : $as_echo "#define HAVE_MAP_ANON 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: falling back to mmap(\"/dev/zero\", MAP_SHARED)" >&5 $as_echo "$as_me: falling back to mmap(\"/dev/zero\", MAP_SHARED)" >&6;} $as_echo "#define HAVE_MAP_DEVZERO 1" >>confdefs.h fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, -1, 0) == MAP_FAILED;} _ACEOF if ac_fn_c_try_run "$LINENO"; then : $as_echo "#define HAVE_MAP_ANON 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking if mmap(\"/dev/zero\", MAP_SHARED) works" >&5 $as_echo_n "checking if mmap(\"/dev/zero\", MAP_SHARED) works... " >&6; } if test "$cross_compiling" = yes; then : { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run test program while cross compiling See \`config.log' for more details" "$LINENO" 5; } else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include int main() {return mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, open("/dev/zero", O_RDWR), 0) == MAP_FAILED;} _ACEOF if ac_fn_c_try_run "$LINENO"; then : $as_echo "#define HAVE_MAP_DEVZERO 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } as_fn_error $? "ualpn requires MAP_ANON or mmap(\"/dev/zero\", MAP_SHARED)" "$LINENO" 5 fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi # Check whether --enable-splice was given. if test "${enable_splice+set}" = set; then : enableval=$enable_splice; fi if test "x$enable_splice" != "xno"; then for ac_func in splice do : ac_fn_c_check_func "$LINENO" "splice" "ac_cv_func_splice" if test "x$ac_cv_func_splice" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SPLICE 1 _ACEOF fi done fi LIBS_ORIG=$LIBS LIBS= { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing sem_init" >&5 $as_echo_n "checking for library containing sem_init... " >&6; } if ${ac_cv_search_sem_init+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char sem_init (); int main () { return sem_init (); ; return 0; } _ACEOF for ac_lib in '' pthread; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_sem_init=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_sem_init+:} false; then : break fi done if ${ac_cv_search_sem_init+:} false; then : else ac_cv_search_sem_init=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_sem_init" >&5 $as_echo "$ac_cv_search_sem_init" >&6; } ac_res=$ac_cv_search_sem_init if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" else as_fn_error $? "sem_init not found" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing ev_version_major" >&5 $as_echo_n "checking for library containing ev_version_major... " >&6; } if ${ac_cv_search_ev_version_major+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char ev_version_major (); int main () { return ev_version_major (); ; return 0; } _ACEOF for ac_lib in '' ev; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_ev_version_major=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_ev_version_major+:} false; then : break fi done if ${ac_cv_search_ev_version_major+:} false; then : else ac_cv_search_ev_version_major=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_ev_version_major" >&5 $as_echo "$ac_cv_search_ev_version_major" >&6; } ac_res=$ac_cv_search_ev_version_major if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" else { $as_echo "$as_me:${as_lineno-$LINENO}: libev not found, using included copy" >&5 $as_echo "$as_me: libev not found, using included copy" >&6;} with_included_libev=yes for ac_header in sys/inotify.h sys/epoll.h sys/event.h port.h poll.h sys/timerfd.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in sys/select.h sys/eventfd.h sys/signalfd.h linux/aio_abi.h linux/fs.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_func in inotify_init epoll_ctl kqueue port_create poll select eventfd signalfd do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done for ac_func in clock_gettime do : ac_fn_c_check_func "$LINENO" "clock_gettime" "ac_cv_func_clock_gettime" if test "x$ac_cv_func_clock_gettime" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_CLOCK_GETTIME 1 _ACEOF else if test $(uname) = Linux; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for clock_gettime syscall" >&5 $as_echo_n "checking for clock_gettime syscall... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include int main () { struct timespec ts; int status = syscall (SYS_clock_gettime, CLOCK_REALTIME, &ts) ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_have_clock_syscall=1 $as_echo "#define HAVE_CLOCK_SYSCALL 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi if test -z "$LIBEV_M4_AVOID_LIBRT" && test -z "$ac_have_clock_syscall"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for clock_gettime in -lrt" >&5 $as_echo_n "checking for clock_gettime in -lrt... " >&6; } if ${ac_cv_lib_rt_clock_gettime+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lrt $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char clock_gettime (); int main () { return clock_gettime (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_rt_clock_gettime=yes else ac_cv_lib_rt_clock_gettime=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_rt_clock_gettime" >&5 $as_echo "$ac_cv_lib_rt_clock_gettime" >&6; } if test "x$ac_cv_lib_rt_clock_gettime" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBRT 1 _ACEOF LIBS="-lrt $LIBS" fi unset ac_cv_func_clock_gettime for ac_func in clock_gettime do : ac_fn_c_check_func "$LINENO" "clock_gettime" "ac_cv_func_clock_gettime" if test "x$ac_cv_func_clock_gettime" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_CLOCK_GETTIME 1 _ACEOF fi done fi fi done for ac_func in nanosleep do : ac_fn_c_check_func "$LINENO" "nanosleep" "ac_cv_func_nanosleep" if test "x$ac_cv_func_nanosleep" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_NANOSLEEP 1 _ACEOF else if test -z "$LIBEV_M4_AVOID_LIBRT"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for nanosleep in -lrt" >&5 $as_echo_n "checking for nanosleep in -lrt... " >&6; } if ${ac_cv_lib_rt_nanosleep+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lrt $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char nanosleep (); int main () { return nanosleep (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_rt_nanosleep=yes else ac_cv_lib_rt_nanosleep=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_rt_nanosleep" >&5 $as_echo "$ac_cv_lib_rt_nanosleep" >&6; } if test "x$ac_cv_lib_rt_nanosleep" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBRT 1 _ACEOF LIBS="-lrt $LIBS" fi unset ac_cv_func_nanosleep for ac_func in nanosleep do : ac_fn_c_check_func "$LINENO" "nanosleep" "ac_cv_func_nanosleep" if test "x$ac_cv_func_nanosleep" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_NANOSLEEP 1 _ACEOF fi done fi fi done ac_fn_c_check_type "$LINENO" "__kernel_rwf_t" "ac_cv_type___kernel_rwf_t" "#include " if test "x$ac_cv_type___kernel_rwf_t" = xyes; then : $as_echo "#define HAVE_KERNEL_RWF_T 1" >>confdefs.h fi if test -z "$LIBEV_M4_AVOID_LIBM"; then LIBM=m fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing floor" >&5 $as_echo_n "checking for library containing floor... " >&6; } if ${ac_cv_search_floor+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char floor (); int main () { return floor (); ; return 0; } _ACEOF for ac_lib in '' $LIBM; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_floor=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_floor+:} false; then : break fi done if ${ac_cv_search_floor+:} false; then : else ac_cv_search_floor=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_floor" >&5 $as_echo "$ac_cv_search_floor" >&6; } ac_res=$ac_cv_search_floor if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" $as_echo "#define HAVE_FLOOR 1" >>confdefs.h fi fi UALPN_LDADD=$LIBS LIBS=$LIBS_ORIG fi if test "x$OPT_UALPN" = "xyes"; then ENABLE_UALPN_TRUE= ENABLE_UALPN_FALSE='#' else ENABLE_UALPN_TRUE='#' ENABLE_UALPN_FALSE= fi if test "x$with_included_libev" = "xyes"; then ENABLE_LIBEV_TRUE= ENABLE_LIBEV_FALSE='#' else ENABLE_LIBEV_TRUE='#' ENABLE_LIBEV_FALSE= fi default_docs="yes" # Check whether --enable-docs was given. if test "${enable_docs+set}" = set; then : enableval=$enable_docs; else enable_docs=$default_docs fi if test "x$enable_docs" = "xyes"; then ENABLE_DOCS_TRUE= ENABLE_DOCS_FALSE='#' else ENABLE_DOCS_TRUE='#' ENABLE_DOCS_FALSE= fi if test "x$enable_docs" = "xyes"; then # Extract the first word of "a2x", so it can be a program name with args. set dummy a2x; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_path_A2X+:} false; then : $as_echo_n "(cached) " >&6 else case $A2X in [\\/]* | ?:[\\/]*) ac_cv_path_A2X="$A2X" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_A2X="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS test -z "$ac_cv_path_A2X" && ac_cv_path_A2X="no" ;; esac fi A2X=$ac_cv_path_A2X if test -n "$A2X"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $A2X" >&5 $as_echo "$A2X" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi # Extract the first word of "asciidoc", so it can be a program name with args. set dummy asciidoc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_path_ASCIIDOC+:} false; then : $as_echo_n "(cached) " >&6 else case $ASCIIDOC in [\\/]* | ?:[\\/]*) ac_cv_path_ASCIIDOC="$ASCIIDOC" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_ASCIIDOC="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS test -z "$ac_cv_path_ASCIIDOC" && ac_cv_path_ASCIIDOC="no" ;; esac fi ASCIIDOC=$ac_cv_path_ASCIIDOC if test -n "$ASCIIDOC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ASCIIDOC" >&5 $as_echo "$ASCIIDOC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$A2X" = "xno"; then : as_fn_error $? "Could not find a2x." "$LINENO" 5 fi if test "x$ASCIIDOC" = "xno"; then : as_fn_error $? "Could not find asciidoc." "$LINENO" 5 fi fi case $prefix:$localstatedir in #( NONE:'${prefix}/var' | /usr:'${prefix}/var' | /usr/local:'${prefix}/var') : localstatedir=/var; { $as_echo "$as_me:${as_lineno-$LINENO}: --localstatedir defaulted to /var" >&5 $as_echo "$as_me: --localstatedir defaulted to /var" >&6;} ;; #( *) : ;; esac case $prefix:$sysconfdir in #( NONE:'${prefix}/etc' | /usr:'${prefix}/etc' | /usr/local:'${prefix}/etc') : sysconfdir=/etc; { $as_echo "$as_me:${as_lineno-$LINENO}: --sysconfdir defaulted to /etc" >&5 $as_echo "$as_me: --sysconfdir defaulted to /etc" >&6;} ;; #( *) : ;; esac ac_config_headers="$ac_config_headers config.h" ac_config_files="$ac_config_files Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) # `set' does not quote correctly, so add quotes: double-quote # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; #( *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) | sed ' /^ac_cv_env_/b end t clear :clear s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} if test ! -f "$cache_file" || test -h "$cache_file"; then cat confcache >"$cache_file" else case $cache_file in #( */* | ?:*) mv -f confcache "$cache_file"$$ && mv -f "$cache_file"$$ "$cache_file" ;; #( *) mv -f confcache "$cache_file" ;; esac fi fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' ac_i=`$as_echo "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs { $as_echo "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5 $as_echo_n "checking that generated files are newer than configure... " >&6; } if test -n "$am_sleep_pid"; then # Hide warnings about reused PIDs. wait $am_sleep_pid 2>/dev/null fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: done" >&5 $as_echo "done" >&6; } if test -n "$EXEEXT"; then am__EXEEXT_TRUE= am__EXEEXT_FALSE='#' else am__EXEEXT_TRUE='#' am__EXEEXT_FALSE= fi if test -z "${MAINTAINER_MODE_TRUE}" && test -z "${MAINTAINER_MODE_FALSE}"; then as_fn_error $? "conditional \"MAINTAINER_MODE\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then as_fn_error $? "conditional \"AMDEP\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then as_fn_error $? "conditional \"am__fastdepCC\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then as_fn_error $? "conditional \"am__fastdepCC\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${ENABLE_READFILE_TRUE}" && test -z "${ENABLE_READFILE_FALSE}"; then as_fn_error $? "conditional \"ENABLE_READFILE\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${ENABLE_UALPN_TRUE}" && test -z "${ENABLE_UALPN_FALSE}"; then as_fn_error $? "conditional \"ENABLE_UALPN\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${ENABLE_LIBEV_TRUE}" && test -z "${ENABLE_LIBEV_FALSE}"; then as_fn_error $? "conditional \"ENABLE_LIBEV\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${ENABLE_DOCS_TRUE}" && test -z "${ENABLE_DOCS_FALSE}"; then as_fn_error $? "conditional \"ENABLE_DOCS\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi : "${CONFIG_STATUS=./config.status}" ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 $as_echo "$as_me: creating $CONFIG_STATUS" >&6;} as_write_fail=0 cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. debug=false ac_cs_recheck=false ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} export SHELL _ASEOF cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" exec 6>&1 ## ----------------------------------- ## ## Main body of $CONFIG_STATUS script. ## ## ----------------------------------- ## _ASEOF test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by uacme $as_me 1.7.6, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ on `(hostname || uname -n) 2>/dev/null | sed 1q` " _ACEOF case $ac_config_files in *" "*) set x $ac_config_files; shift; ac_config_files=$*;; esac case $ac_config_headers in *" "*) set x $ac_config_headers; shift; ac_config_headers=$*;; esac cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" config_headers="$ac_config_headers" config_commands="$ac_config_commands" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ \`$as_me' instantiates files and other configuration actions from templates according to the current configuration. Unless the files and actions are specified as TAGs, all are instantiated by default. Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit --config print configuration, then exit -q, --quiet, --silent do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] instantiate the configuration file FILE --header=FILE[:TEMPLATE] instantiate the configuration header FILE Configuration files: $config_files Configuration headers: $config_headers Configuration commands: $config_commands Report bugs to the package provider." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ uacme config.status 1.7.6 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." ac_pwd='$ac_pwd' srcdir='$srcdir' INSTALL='$INSTALL' MKDIR_P='$MKDIR_P' AWK='$AWK' test -n "\$AWK" || AWK=awk _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do case $1 in --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; --*=) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg= ac_shift=: ;; *) ac_option=$1 ac_optarg=$2 ac_shift=shift ;; esac case $ac_option in # Handling of the options. -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) $as_echo "$ac_cs_version"; exit ;; --config | --confi | --conf | --con | --co | --c ) $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; '') as_fn_error $? "missing file argument" ;; esac as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; esac as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; --he | --h) # Conflict between --help and --header as_fn_error $? "ambiguous option: \`$1' Try \`$0 --help' for more information.";; --help | --hel | -h ) $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. -*) as_fn_error $? "unrecognized option: \`$1' Try \`$0 --help' for more information." ;; *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac shift done ac_configure_extra_args= if $ac_cs_silent; then exec 6>/dev/null ac_configure_extra_args="$ac_configure_extra_args --silent" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' export CONFIG_SHELL exec "\$@" fi _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX $as_echo "$ac_log" } >&5 _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # # INIT-COMMANDS # AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets do case $ac_config_target in "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac done # If the user did not use the arguments to specify the items to instantiate, # then the envvar interface is used. Set only those that are not. # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands fi # Have a temporary directory for convenience. Make it in the build tree # simply because there is no reason against having it here, and in addition, # creating and moving files from /tmp can sometimes cause problems. # Hook for its removal unless debugging. # Note that there is a small window in which the directory will not be cleaned: # after its creation but before its name has been assigned to `$tmp'. $debug || { tmp= ac_tmp= trap 'exit_status=$? : "${ac_tmp:=$tmp}" { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. # This happens for instance with `./config.status config.h'. if test -n "$CONFIG_FILES"; then ac_cr=`echo X | tr X '\015'` # On cygwin, bash can eat \r inside `` if the user requested igncr. # But we know of no other shell where ac_cr would be empty at this # point, so we can use a bashism as a fallback. if test "x$ac_cr" = x; then eval ac_cr=\$\'\\r\' fi ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then ac_cs_awk_cr='\\r' else ac_cs_awk_cr=$ac_cr fi echo 'BEGIN {' >"$ac_tmp/subs1.awk" && _ACEOF { echo "cat >conf$$subs.awk <<_ACEOF" && echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && echo "_ACEOF" } >conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do . ./conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h s/^/S["/; s/!.*/"]=/ p g s/^[^!]*!// :repl t repl s/'"$ac_delim"'$// t delim :nl h s/\(.\{148\}\)..*/\1/ t more1 s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ p n b repl :more1 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t nl :delim h s/\(.\{148\}\)..*/\1/ t more2 s/["\\]/\\&/g; s/^/"/; s/$/"/ p b :more2 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t delim ' >$CONFIG_STATUS || ac_write_fail=1 rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" } { line = $ 0 nfields = split(line, field, "@") substed = 0 len = length(field[1]) for (i = 2; i < nfields; i++) { key = field[i] keylen = length(key) if (S_is_set[key]) { value = S[key] line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) len += length(value) + length(field[++i]) substed = 1 } else len += 1 + keylen } print line } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF # VPATH may cause trouble with some makes, so we remove sole $(srcdir), # ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ h s/// s/^/:/ s/[ ]*$/:/ s/:\$(srcdir):/:/g s/:\${srcdir}:/:/g s/:@srcdir@:/:/g s/^:*// s/:*$// x s/\(=[ ]*\).*/\1/ G s/\n// s/^[^=]*=[ ]*$// }' fi cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 fi # test -n "$CONFIG_FILES" # Set up the scripts for CONFIG_HEADERS section. # No need to generate them if there are no CONFIG_HEADERS. # This happens for instance with `./config.status Makefile'. if test -n "$CONFIG_HEADERS"; then cat >"$ac_tmp/defines.awk" <<\_ACAWK || BEGIN { _ACEOF # Transform confdefs.h into an awk script `defines.awk', embedded as # here-document in config.status, that substitutes the proper values into # config.h.in to produce config.h. # Create a delimiter string that does not exist in confdefs.h, to ease # handling of long lines. ac_delim='%!_!# ' for ac_last_try in false false :; do ac_tt=`sed -n "/$ac_delim/p" confdefs.h` if test -z "$ac_tt"; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done # For the awk script, D is an array of macro values keyed by name, # likewise P contains macro parameters if any. Preserve backslash # newline sequences. ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* sed -n ' s/.\{148\}/&'"$ac_delim"'/g t rset :rset s/^[ ]*#[ ]*define[ ][ ]*/ / t def d :def s/\\$// t bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3"/p s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p d :bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3\\\\\\n"\\/p t cont s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p t cont d :cont n s/.\{148\}/&'"$ac_delim"'/g t clear :clear s/\\$// t bsnlc s/["\\]/\\&/g; s/^/"/; s/$/"/p d :bsnlc s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p b cont ' >$CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 for (key in D) D_is_set[key] = 1 FS = "" } /^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { line = \$ 0 split(line, arg, " ") if (arg[1] == "#") { defundef = arg[2] mac1 = arg[3] } else { defundef = substr(arg[1], 2) mac1 = arg[2] } split(mac1, mac2, "(") #) macro = mac2[1] prefix = substr(line, 1, index(line, defundef) - 1) if (D_is_set[macro]) { # Preserve the white space surrounding the "#". print prefix "define", macro P[macro] D[macro] next } else { # Replace #undef with comments. This is necessary, for example, # in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. if (defundef == "undef") { print "/*", prefix defundef, macro, "*/" next } } } { print } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 fi # test -n "$CONFIG_HEADERS" eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS" shift for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac ac_save_IFS=$IFS IFS=: set x $ac_tag IFS=$ac_save_IFS shift ac_file=$1 shift case $ac_mode in :L) ac_source=$1;; :[FH]) ac_file_inputs= for ac_f do case $ac_f in -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. test -f "$ac_f" || case $ac_f in [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ configure_input='Generated from '` $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 $as_echo "$as_me: creating $ac_file" >&6;} fi # Neutralize special characters interpreted by sed in replacement strings. case $configure_input in #( *\&* | *\|* | *\\* ) ac_sed_conf_input=`$as_echo "$configure_input" | sed 's/[\\\\&|]/\\\\&/g'`;; #( *) ac_sed_conf_input=$configure_input;; esac case $ac_tag in *:-:* | *:-) cat >"$ac_tmp/stdin" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac ac_dir=`$as_dirname -- "$ac_file" || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix case $ac_mode in :F) # # CONFIG_FILE # case $INSTALL in [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; esac ac_MKDIR_P=$MKDIR_P case $MKDIR_P in [\\/$]* | ?:[\\/]* ) ;; */*) ac_MKDIR_P=$ac_top_build_prefix$MKDIR_P ;; esac _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= ac_sed_dataroot=' /datarootdir/ { p q } /@datadir@/p /@docdir@/p /@infodir@/p /@localedir@/p /@mandir@/p' case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 $as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when `$srcdir' = `.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_sed_extra="$ac_vpsub $extrasub _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t s&@builddir@&$ac_builddir&;t t s&@abs_builddir@&$ac_abs_builddir&;t t s&@abs_top_builddir@&$ac_abs_top_builddir&;t t s&@INSTALL@&$ac_INSTALL&;t t s&@MKDIR_P@&$ac_MKDIR_P&;t t $ac_datarootdir_hack " eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ "$ac_tmp/out"`; test -z "$ac_out"; } && { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&5 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$ac_tmp/stdin" case $ac_file in -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; esac \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; :H) # # CONFIG_HEADER # if test x"$ac_file" != x-; then { $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" } >"$ac_tmp/config.h" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 $as_echo "$as_me: $ac_file is unchanged" >&6;} else rm -f "$ac_file" mv "$ac_tmp/config.h" "$ac_file" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ || as_fn_error $? "could not create -" "$LINENO" 5 fi # Compute "$ac_file"'s index in $config_headers. _am_arg="$ac_file" _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" || $as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$_am_arg" : 'X\(//\)[^/]' \| \ X"$_am_arg" : 'X\(//\)$' \| \ X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$_am_arg" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'`/stamp-h$_am_stamp_count ;; :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 $as_echo "$as_me: executing $ac_file commands" >&6;} ;; esac case $ac_file$ac_mode in "depfiles":C) test x"$AMDEP_TRUE" != x"" || { # Older Autoconf quotes --file arguments for eval, but not when files # are listed without --file. Let's play safe and only enable the eval # if we detect the quoting. # TODO: see whether this extra hack can be removed once we start # requiring Autoconf 2.70 or later. case $CONFIG_FILES in #( *\'*) : eval set x "$CONFIG_FILES" ;; #( *) : set x $CONFIG_FILES ;; #( *) : ;; esac shift # Used to flag and report bootstrapping failures. am_rc=0 for am_mf do # Strip MF so we end up with the name of the file. am_mf=`$as_echo "$am_mf" | sed -e 's/:.*$//'` # Check whether this is an Automake generated Makefile which includes # dependency-tracking related rules and includes. # Grep'ing the whole file directly is not great: AIX grep has a line # limit of 2048, but all sed's we know have understand at least 4000. sed -n 's,^am--depfiles:.*,X,p' "$am_mf" | grep X >/dev/null 2>&1 \ || continue am_dirpart=`$as_dirname -- "$am_mf" || $as_expr X"$am_mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$am_mf" : 'X\(//\)[^/]' \| \ X"$am_mf" : 'X\(//\)$' \| \ X"$am_mf" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$am_mf" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` am_filepart=`$as_basename -- "$am_mf" || $as_expr X/"$am_mf" : '.*/\([^/][^/]*\)/*$' \| \ X"$am_mf" : 'X\(//\)$' \| \ X"$am_mf" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$am_mf" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` { echo "$as_me:$LINENO: cd "$am_dirpart" \ && sed -e '/# am--include-marker/d' "$am_filepart" \ | $MAKE -f - am--depfiles" >&5 (cd "$am_dirpart" \ && sed -e '/# am--include-marker/d' "$am_filepart" \ | $MAKE -f - am--depfiles) >&5 2>&5 ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&5 (exit $ac_status); } || am_rc=$? done if test $am_rc -ne 0; then { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "Something went wrong bootstrapping makefile fragments for automatic dependency tracking. If GNU make was not used, consider re-running the configure script with MAKE=\"gmake\" (or whatever is necessary). You can also try re-running configure with the '--disable-dependency-tracking' option to at least be able to build the package (albeit without support for automatic dependency tracking). See \`config.log' for more details" "$LINENO" 5; } fi { am_dirpart=; unset am_dirpart;} { am_filepart=; unset am_filepart;} { am_mf=; unset am_mf;} { am_rc=; unset am_rc;} rm -f conftest-deps.mk } ;; esac done # for ac_tag as_fn_exit 0 _ACEOF ac_clean_files=$ac_clean_files_save test $ac_write_fail = 0 || as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open # by configure, so config.status won't be able to write to it; its # output is simply discarded. So we exec the FD to /dev/null, # effectively closing config.log, so it can be properly (re)opened and # appended to by config.status. When coming back to configure, we # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: ac_config_status_args= test "$silent" = yes && ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. $ac_cs_success || as_fn_exit 1 fi if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi uacme-1.7.6/log.h0000644000000000000000000000422014555533301010442 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #ifndef __LOG_H__ #define __LOG_H__ #include #ifdef __GNUC__ #define DECLARE_LOG_FUNC(func, level) \ void __attribute__((format (printf, 1, 2))) \ func##x(const char *format, ...); \ void __attribute__((format (printf, 1, 2))) \ func(const char *format, ...); #else #define DECLARE_LOG_FUNC(func, level) \ void func##x(const char *format, ...); \ void func(const char *format, ...); #endif #define DEFINE_LOG_FUNC(func, level) \ void func##x(const char *format, ...) \ { \ va_list ap; \ va_start(ap, format); \ vmsgx(level, format, ap); \ va_end(ap); \ } \ void func(const char *format, ...) \ { \ va_list ap; \ va_start(ap, format); \ vmsg(level, format, ap); \ va_end(ap); \ } DECLARE_LOG_FUNC(debug, LOG_DEBUG) DECLARE_LOG_FUNC(info, LOG_INFO) DECLARE_LOG_FUNC(notice, LOG_NOTICE) DECLARE_LOG_FUNC(warn, LOG_WARNING) DECLARE_LOG_FUNC(err, LOG_ERR) DECLARE_LOG_FUNC(crit, LOG_CRIT) void log_stderr(int priority, const char *format, ...); void set_log_func(void (*f)(int priority, const char *format, ...)); #endif uacme-1.7.6/THANKS0000644000000000000000000000140314555530551010427 00000000000000Thanks are due to the following * Serge Zaitsev for jsmn, the world's fastest JSON parser/tokenizer. * The authors of libsodium for the base64 encoding/decoding routines. * Marc Alexander Lehmann for libev * Marian Vittek for SGLIB for the nsupdate.sh DNS-01 challenge hook script * The authors of libcurl * The authors of GnuTLS * The authors of OpenSSL * The authors of mbedTLS (this list may not be complete, if you think something is missing please submit a pull request!) uacme-1.7.6/base64.h0000644000000000000000000000631314555533301010752 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #ifndef base64_H #define base64_H #include /* Base64 routines adapted from https://www.libsodium.org */ /* * ISC License * * Copyright (c) 2013-2017 * Frank Denis * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ char *bin2hex(char * const hex, const size_t hex_maxlen, const unsigned char * const bin, const size_t bin_len) __attribute__ ((nonnull(1))); int hex2bin(unsigned char * const bin, const size_t bin_maxlen, const char * const hex, const size_t hex_len, const char * const ignore, size_t * const bin_len, const char ** const hex_end) __attribute__ ((nonnull(1))); #define base64_VARIANT_ORIGINAL 1 #define base64_VARIANT_ORIGINAL_NO_PADDING 3 #define base64_VARIANT_URLSAFE 5 #define base64_VARIANT_URLSAFE_NO_PADDING 7 /* * Computes the required length to encode BIN_LEN bytes as a base64 string * using the given variant. The computed length includes a trailing \0. */ #define base64_ENCODED_LEN(BIN_LEN, VARIANT) \ (((BIN_LEN) / 3U) * 4U + \ ((((BIN_LEN) - ((BIN_LEN) / 3U) * 3U) | (((BIN_LEN) - ((BIN_LEN) / 3U) * 3U) >> 1)) & 1U) * \ (4U - (~((((VARIANT) & 2U) >> 1) - 1U) & (3U - ((BIN_LEN) - ((BIN_LEN) / 3U) * 3U)))) + 1U) size_t base64_encoded_len(const size_t bin_len, const int variant); char *bin2base64(char * const b64, const size_t b64_maxlen, const unsigned char * const bin, const size_t bin_len, const int variant) __attribute__ ((nonnull(1))); int base642bin(unsigned char * const bin, const size_t bin_maxlen, const char * const b64, const size_t b64_len, const char * const ignore, size_t * const bin_len, const char ** const b64_end, const int variant) __attribute__ ((nonnull(1))); char *encode_base64url(const char *str); #endif uacme-1.7.6/uacme.10000644000000000000000000004455514734274730010712 00000000000000'\" t .\" Title: uacme .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: 12/29/2024 .\" Manual: User Commands .\" Source: uacme 1.7.6 .\" Language: English .\" .TH "UACME" "1" "12/29/2024" "uacme 1\&.7\&.6" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" uacme \- ACMEv2 client written in plain C with minimal dependencies .SH "SYNOPSIS" .sp \fBuacme\fR [\fB\-a\fR|\fB\-\-acme\-url\fR \fIURL\fR] [\fB\-b\fR|\fB\-\-bits\fR \fIBITS\fR] [\fB\-c\fR|\fB\-\-confdir\fR \fIDIR\fR] [\fB\-d\fR|\fB\-\-days\fR \fIDAYS\fR] [\fB\-e\fR|\fB\-\-eab\fR KEYID:KEY] [\fB\-f\fR|\fB\-\-force\fR] [\fB\-h\fR|\fB\-\-hook\fR \fIPROGRAM\fR] [\fB\-i\fR|\fB\-\-no\-ari\fR] [\fB\-l\fR|\fB\-\-alternate\fR \fIN\fR | \fIFP\fR] [\fB\-m\fR|\fB\-\-must\-staple\fR] [\fB\-n\fR|\fB\-\-never\-create\fR] [\fB\-o\fR|\fB\-\-no\-ocsp\fR] [\fB\-r\fR|\fB\-\-reason\fR CODE] [\fB\-s\fR|\fB\-\-staging\fR] [\fB\-t\fR|\fB\-\-type\fR \fBRSA\fR|\fBEC\fR] [\fB\-v\fR|\fB\-\-verbose\fR \&...] [\fB\-V\fR|\fB\-\-version\fR] [\fB\-y\fR|\fB\-\-yes\fR] [\fB\-?\fR|\fB\-\-help\fR] \fBnew\fR [\fIEMAIL\fR] | \fBupdate\fR [\fIEMAIL\fR] | \fBdeactivate\fR | \fBnewkey\fR | \fBissue\fR \fIIDENTIFIER\fR [\fIALTNAME\fR \&...]] | \fBissue\fR \fICSRFILE\fR | \fBrevoke\fR \fICERTFILE\fR [\fICERTKEYFILE\fR] .SH "DESCRIPTION" .sp \fBuacme\fR is a client for the ACMEv2 protocol described in RFC8555, written in plain C with minimal dependencies (libcurl and one of GnuTLS, OpenSSL or mbedTLS)\&. The ACMEv2 protocol allows a Certificate Authority (https://letsencrypt\&.org is a popular one) and an applicant to automate the process of verification and certificate issuance\&. The protocol also provides facilities for other certificate management functions, such as certificate revocation\&. For more information see https://tools\&.ietf\&.org/html/rfc8555 .SH "OPTIONS" .PP \fB\-a, \-\-acme\-url\fR \fIURL\fR .RS 4 ACMEv2 server directory object \fIURL\fR\&. If not specified \fBuacme\fR uses one of the following: .PP \fIhttps://acme\-v02\&.api\&.letsencrypt\&.org/directory\fR .RS 4 production URL .RE .PP \fIhttps://acme\-staging\-v02\&.api\&.letsencrypt\&.org/directory\fR .RS 4 staging URL (see \fB\-s, \-\-staging\fR below) .RE .RE .PP \fB\-b, \-\-bits\fR \fIBITS\fR .RS 4 key bit length (default 2048 for RSA, 256 for EC)\&. Only applies to newly generated keys\&. RSA key length must be a multiple of 8 between 2048 and 8192\&. EC key length must be either 256 (\fBNID_X9_62_prime256v1\fR curve) or 384 (\fBNID_secp384r1\fR curve)\&. .RE .PP \fB\-c, \-\-confdir\fR \fICONFDIR\fR .RS 4 Use configuration directory \fICONFDIR\fR (default \fI/etc/ssl/uacme\fR)\&. The structure is as follows (multiple \fIIDENTIFIERs\fR allowed) .PP \fICONFDIR/private/key\&.pem\fR .RS 4 ACME account private key .RE .PP \fICONFDIR/private/IDENTIFIER/key\&.pem\fR .RS 4 certificate key for \fIIDENTIFIER\fR .RE .PP \fICONFDIR/IDENTIFIER/cert\&.pem\fR .RS 4 certificate for \fIIDENTIFIER\fR .RE .RE .PP \fB\-d, \-\-days\fR \fIDAYS\fR .RS 4 Do not reissue certificates that are still valid for longer than \fIDAYS\fR (default 30)\&. This only applies as a fallback if no server renewal information is available\&. See also \fB\-i, \-\-no\-ari\fR and \fB\-o, \-\-no\-ocsp\fR\&. .RE .PP \fB\-e, \-\-eab\fR \fIKEYID:KEY\fR .RS 4 Specify RFC8555 External Account Binding credentials according to https://tools\&.ietf\&.org/html/rfc8555#section\-7\&.3\&.4, in order to associate a new ACME account with an existing account in a non\-ACME system such as a CA customer database\&. \fIKEYID\fR must be an ASCII string\&. \fIKEY\fR must be base64url\-encoded\&. .RE .PP \fB\-f, \-\-force\fR .RS 4 Force certificate reissuance regardless of expiration date and renewal information from the server\&. .RE .PP \fB\-h, \-\-hook\fR \fIPROGRAM\fR .RS 4 Challenge hook program\&. If not specified \fBuacme\fR interacts with the user for every ACME challenge, printing information about the challenge type, token and authorization on stderr\&. If specified \fBuacme\fR executes \fIPROGRAM\fR (a binary, a shell script or any file that can be executed by the operating system) for every challenge with the following 5 string arguments: .PP \fIMETHOD\fR .RS 4 one of \fBbegin\fR, \fBdone\fR or \fBfailed\fR\&. .PP \fBbegin\fR .RS 4 is called at the beginning of the challenge\&. \fIPROGRAM\fR must return 0 to accept it\&. Any other return code declines the challenge\&. Neither \fBdone\fR nor \fBfailed\fR method calls are made for declined challenges\&. .RE .PP \fBdone\fR .RS 4 is called upon successful completion of an accepted challenge\&. .RE .PP \fBfailed\fR .RS 4 is called upon failure of an accepted challenge\&. .RE .RE .PP \fITYPE\fR .RS 4 challenge type (\fBdns\-01\fR, \fBhttp\-01\fR or \fBtls\-alpn\-01\fR) .RE .PP \fIIDENT\fR .RS 4 The identifier the challenge refers to .RE .PP \fITOKEN\fR .RS 4 The challenge token .RE .PP \fIAUTH\fR .RS 4 The key authorization (for \fBdns\-01\fR and \fBtls\-alpn\-01\fR already converted to the base64url\-encoded SHA256 digest format) .RE .RE .PP \fB\-i, \-\-no\-ari\fR .RS 4 Do not query or use the server\(cqs certificate renewal information window to decide whether to reissue an existing certificate\&. See also \fB\-d, \-\-days\fR and \fB\-o, \-\-no\-ocsp\fR\&. .RE .PP \fB\-l, \-\-alternate\fR \fIN\fR | \fIFP\fR .RS 4 According to https://tools\&.ietf\&.org/html/rfc8555#section\-7\&.4\&.2 the server MAY provide one or more additional certificate download URLs, each pointing to alternative certificate chains starting with the same end\-entity certificate\&. This option allows selecting one such chain in one of two ways\&. A positive integer \fIN\fR makes \fBuacme\fR select the Nth alternative chain in the order presented by the server\&. A colon (\fI:\fR) separated list of two or more 2\-digit hexadecimal numbers \fIFP\fR makes \fBuacme\fR select the first alternative chain containing either a certificate whose SHA256 fingerprint begins with \fIFP\fR, or a certificate in which the Authority Key Identifier extension contains a keyIdentifier field beginning with \fIFP\fR\&. In all cases \fBuacme\fR falls back to the main certificate URL if it cannot match an alternative chain or the download thereof fails\&. .RE .PP \fB\-m, \-\-must\-staple\fR .RS 4 Request certificates with the RFC7633 Certificate Status Request TLS Feature Extension, informally also known as "OCSP Must\-Staple"\&. This option is ignored when using an externally supplied Certificate Signing Request file (see USAGE below)\&. .RE .PP \fB\-n, \-\-never\-create\fR .RS 4 By default \fBuacme\fR creates directories/keys if they do not exist\&. When this option is specified \fBuacme\fR never does so and instead exits with an error if anything required is missing\&. .RE .PP \fB\-o, \-\-no\-ocsp\fR .RS 4 When this flag is \fBnot\fR specified and the certificate has an Authority Information Access extension with an OCSP server location according to https://tools\&.ietf\&.org/html/rfc5280#section\-4\&.2\&.2\&.1 \fBuacme\fR makes an OCSP request to the server; if the certificate is reported as revoked \fBuacme\fR forces reissuance regardless of the expiration date\&. See also \fB\-d, \-\-days\fR\&. .RE .PP \fB\-r, \-\-reason\fR \fICODE\fR .RS 4 Use \fICODE\fR (default 0) as reason code in revocation requests\&. A list of values is at https://tools\&.ietf\&.org/html/rfc5280#section\-5\&.3\&.1\&. .RE .PP \fB\-s, \-\-staging\fR .RS 4 Use Let\(cqs Encrypt staging URL for testing\&. This only works if \fB\-a, \-\-acme\-url\fR is \fBNOT\fR specified\&. .RE .PP \fB\-t, \-\-type\fR=\fIRSA\fR | \fIEC\fR .RS 4 Key type, either RSA or EC\&. Only applies to newly generated keys\&. The bit length can be specified with \fB\-b, \-\-bits\fR\&. .RE .PP \fB\-v, \-\-verbose\fR .RS 4 By default \fBuacme\fR only produces output upon errors or when user interaction is required\&. When this option is specified \fBuacme\fR prints information about what is going on on stderr\&. This option can be specified more than once to increase verbosity\&. .RE .PP \fB\-V, \-\-version\fR .RS 4 Print program version on stderr and exit\&. .RE .PP \fB\-y, \-\-yes\fR .RS 4 Autoaccept ACME server terms (if any) upon new account creation\&. .RE .PP \fB\-?, \-\-help\fR .RS 4 Print a brief usage text on stderr and exit\&. .RE .SH "USAGE" .PP \fBuacme\fR [\fIOPTIONS\fR \&...] \fBnew\fR [\fIEMAIL\fR] .RS 4 Create a new ACME account with optional \fIEMAIL\fR contact\&. If the account private key does not exist at \fICONFDIR/private/key\&.pem\fR a new key is generated unless \fB\-n, \-\-never\-create\fR is specified\&. A valid account must be created \fBbefore\fR any other operation can succeed (with the exception of certificate revocation requests signed by the certificate private key)\&. Any certificate issued by the ACME server is associated with a single account\&. An account can be associated with multiple certificates, subject of course to the rate limits imposed by the ACME server\&. .RE .PP \fBuacme\fR [\fIOPTIONS\fR \&...] \fBupdate\fR [\fIEMAIL\fR] .RS 4 Update the \fIEMAIL\fR associated with the ACME account corresponding to the account private key\&. If \fIEMAIL\fR is not specified the account contact email is removed\&. .RE .PP \fBuacme\fR [\fIOPTIONS\fR \&...] \fBdeactivate\fR .RS 4 Deactivate the ACME account corresponding to the account private key\&. \fBWARNING\fR this action is irreversible\&. Users may wish to do this when the account key is compromised or decommissioned\&. A deactivated account can no longer request certificate issuances and revocations or access resources related to the account\&. .RE .PP \fBuacme\fR [\fIOPTIONS\fR \&...] \fBnewkey\fR .RS 4 Change the ACME account private key\&. If the new account private key does not exist at \fICONFDIR/private/newkey\&.pem\fR it is generated unless \fB\-n, \-\-never\-create\fR is specified\&. The new key is then submitted to the server and if the operation succeeds the old key is hardlinked to \fICONFDIR/private/key\-TIMESTAMP\&.pem\fR before renaming \fICONFDIR/private/newkey\&.pem\fR to \fICONFDIR/private/key\&.pem\fR\&. .RE .PP \fBuacme\fR [\fIOPTIONS\fR \&...] \fBissue\fR \fIIDENTIFIER\fR [\fIALTNAME\fR \&...] .RS 4 Issue a certificate for \fIIDENTIFIER\fR with zero or more \fIALTNAMEs\fR\&. If a certificate is already available at \fICONFDIR/IDENTIFIER/cert\&.pem\fR for the specified \fIIDENTIFIER\fR and \fIALTNAMEs\fR and is still valid for longer than \fIDAYS\fR no action is taken unless \fB\-f, \-\-force\fR is specified or \fB\-o, \-\-no\-ocsp\fR is \fBnot\fR specified and the certificate is reported as revoked by the OCSP server\&. The new certificate is saved to \fICONFDIR/IDENTIFIER/cert\&.pem\fR\&. If the certificate file already exists it is hardlinked to \fICONFDIR/IDENTIFIER/cert\-TIMESTAMP\&.pem\fR before overwriting\&. The private key for the certificate is loaded from \fICONFDIR/private/IDENTIFIER/key\&.pem\fR\&. If no such file exists, a new key is generated unless \fB\-n, \-\-never\-create\fR is specified\&. Wildcard \fIIDENTIFIERs\fR or \fIALTNAMEs\fR are dealt with correctly, as long as the ACME server supports them; note that any such wildcards are automatically removed from the configuration subdirectory name: for example a certificate for \fI*\&.test\&.com\fR is saved to \fICONFDIR/test\&.com/cert\&.pem\fR\&. IP address \fIIDENTIFIERs\fR and \fIALTNAMEs\fR are also supported according to https://tools\&.ietf\&.org/html/rfc8738#section\-3 .RE .PP \fBuacme\fR [\fIOPTIONS\fR \&...] \fBissue\fR \fICSRFILE\fR .RS 4 Issue a certificate based on a RFC2986 Certificate Signing Request contained in \fICSRFILE\fR, which must be in PEM format\&. In this mode of issuance \fBuacme\fR neither needs nor generates the certificate private key, but it is of course the responsibility of the user to ensure that the CSR is constructed and signed appropriately\&. If a certificate file \fICSRBASE\-cert\&.pem\fR (where \fICSRBASE\fR is obtained by stripping the extension, if any, from \fICSRFILE\fR) is already available in the same directory containing \fICSRFILE\fR, and is still valid for longer than \fIDAYS\fR no action is taken unless \fB\-f, \-\-force\fR is specified or \fB\-o, \-\-no\-ocsp\fR is \fBnot\fR specified and the certificate is reported as revoked by the OCSP server\&. If the certificate file already exists it is hardlinked to \fIBASENAME\-cert\-TIMESTAMP\&.pem\fR before overwriting\&. Wildcard identifiers in the CSR are dealt with correctly, as long as the ACME server supports them\&. IP addresses are also supported according to https://tools\&.ietf\&.org/html/rfc8738#section\-3 .RE .PP \fBuacme\fR [\fIOPTIONS\fR \&...] \fBrevoke\fR \fICERTFILE\fR [\fICERTKEYFILE\fR] .RS 4 Revoke the certificate stored in \fICERTFILE\fR\&. The revocation request is signed with the private key of either the certificate, when \fICERTKEYFILE\fR is specified; or the ACME account associated with the certificate, when only \fICERTFILE\fR is specified\&. In the first instance the account key and the configuration directory are not required\&. If successful \fICERTFILE\fR is renamed to \fIrevoked\-TIMESTAMP\&.pem\fR\&. The reason code in the revocation request defaults to 0 but it can be specified by the user with \fB\-r, \-\-reason\fR\&. .RE .SH "ENVIRONMENT" .PP \fBUACME_CAINFO\fR .RS 4 String naming a file holding one or more CA certificates to verify the ACME server with\&. .RE .PP \fBUACME_CAPATH\fR .RS 4 String naming a directory holding multiple CA certificates to verify the ACME server with\&. If libcurl is built against OpenSSL, the certificate directory must be prepared using the OpenSSL c_rehash utility\&. .RE .PP \fBUACME_DNS_SERVERS\fR .RS 4 Comma separated list of DNS servers to be used instead of the system default\&. The format of the dns servers option is \fIhost[:port][,host[:port]]\&...\fR .RE .PP \fBUACME_INTERFACE\fR .RS 4 String setting the interface name to use as outgoing network interface\&. The name can be an interface name, an IP address, or a hostname\&. If you prefer one of these, you can use the following special prefixes: .PP \fIif!\fR .RS 4 Interface name .RE .PP \fIhost!\fR .RS 4 IP address or hostname .RE .PP \fIifhost!!\fR .RS 4 Interface name and IP address or hostname .RE .RE .PP \fBUACME_PROXY\fR .RS 4 String holding the proxy hostname or dotted numerical IP address\&. A numerical IPv6 address must be written within [brackets]\&. To specify port number in this string, append :[port] to the end of the host name\&. If not specified, default to using port 1080\&. The proxy string may be prefixed with [scheme]:// to specify which kind of proxy is used (http://, https://, socks4://, socks4a://, socks5://, socks5h://)\&. The proxy can also be specified with its associated credentials like for ordinary URLs in the style: \fIscheme://username:password@hostname\fR .RE .SH "HOOK ENVIRONMENT" .sp The following environment variables are exported for use by the hook program: .PP \fBUACME_CONFDIR\fR .RS 4 Path to \fICONFDIR\fR, see \fB\-c, \-\-confdir\fR .RE .PP \fBUACME_VERBOSE\fR .RS 4 Verbosity, see \fB\-v, \-\-verbose\fR .RE .PP \fBUACME_METHOD\fR, \fBUACME_TYPE\fR, \fBUACME_IDENT\fR, \fBUACME_TOKEN\fR, \fBUACME_AUTH\fR .RS 4 Copies of the hook program arguments, see \fB\-h, \-\-hook\fR .RE .SH "EXIT STATUS" .PP \fB0\fR .RS 4 Success .RE .PP \fB1\fR .RS 4 Certificate not reissued because it is still current .RE .PP \fB2\fR .RS 4 Failure (syntax or usage error; configuration error; processing failure; unexpected error)\&. .RE .SH "EXAMPLE HOOK SCRIPT" .sp The \fIuacme\&.sh\fR hook script included in the distribution can be used to automate the certificate issuance with \fIhttp\-01\fR challenges, provided a web server for the domain being validated runs on the same machine, with webroot at /var/www .sp .if n \{\ .RS 4 .\} .nf #!/bin/sh CHALLENGE_PATH=/var/www/\&.well\-known/acme\-challenge ARGS=5 E_BADARGS=85 .fi .if n \{\ .RE .\} .sp .if n \{\ .RS 4 .\} .nf if test $# \-ne "$ARGS" then echo "Usage: $(basename "$0") method type ident token auth" 1>&2 exit $E_BADARGS fi .fi .if n \{\ .RE .\} .sp .if n \{\ .RS 4 .\} .nf METHOD=$1 TYPE=$2 IDENT=$3 TOKEN=$4 AUTH=$5 .fi .if n \{\ .RE .\} .sp .if n \{\ .RS 4 .\} .nf case "$METHOD" in "begin") case "$TYPE" in http\-01) echo \-n "${AUTH}" > "${CHALLENGE_PATH}/${TOKEN}" exit $? ;; *) exit 1 ;; esac ;; "done"|"failed") case "$TYPE" in http\-01) rm "${CHALLENGE_PATH}/${TOKEN}" exit $? ;; *) exit 1 ;; esac ;; *) echo "$0: invalid method" 1>&2 exit 1 esac .fi .if n \{\ .RE .\} .SH "BUGS" .sp If you believe you have found a bug, please create a new issue at https://github\&.com/ndilieto/uacme/issues with any applicable information\&. .SH "SEE ALSO" .sp \fBualpn\fR(1) .SH "AUTHOR" .sp \fBuacme\fR was written by Nicola Di Lieto .SH "COPYRIGHT" .sp Copyright \(co 2019\-2024 Nicola Di Lieto .sp This file is part of \fBuacme\fR\&. .sp \fBuacme\fR is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version\&. .sp \fBuacme\fR is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. .sp You should have received a copy of the GNU General Public License along with this program\&. If not, see http://www\&.gnu\&.org/licenses/\&. uacme-1.7.6/json.h0000644000000000000000000000354414555533301010642 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #ifndef __JSON_H__ #define __JSON_H__ typedef enum { JSON_UNDEFINED = 0, JSON_OBJECT = 1, JSON_ARRAY = 2, JSON_STRING = 3, JSON_PRIMITIVE = 4 } json_type_t; struct json_value; typedef struct json_object { size_t size; struct json_value *names; struct json_value *values; } json_object_t; typedef struct json_array { size_t size; struct json_value *values; } json_array_t; typedef struct json_value { json_type_t type; union { json_object_t object; json_array_t array; char *value; } v; struct json_value *parent; } json_value_t; json_value_t *json_parse(const char *body, size_t body_len); void json_dump(FILE *f, const json_value_t *value); void json_free(json_value_t *value); const json_value_t *json_find(const json_value_t *haystack, const char *needle); const char *json_find_value(const json_value_t *haystack, const char *needle); const char *json_find_string(const json_value_t *haystack, const char *needle); int json_compare_string(const json_value_t *haystack, const char *name, const char *value); #endif uacme-1.7.6/GNUmakefile0000644000000000000000000001116414555530552011574 00000000000000# This makefile is used only if you run GNU Make. # It is necessary if you want to build targets usually of interest # only to the maintainer. # Copyright (C) 2001, 2003, 2006-2012 Free Software Foundation, Inc. # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # If the user runs GNU make but has not yet run ./configure, # give them a diagnostic. _gl-Makefile := $(wildcard [M]akefile) _gl-configure := $(wildcard [c]onfigure) ifneq ($(_gl-Makefile),) # Make tar archive easier to reproduce. export TAR_OPTIONS = --owner=0 --group=0 --numeric-owner # Allow the user to add to this in the Makefile. ALL_RECURSIVE_TARGETS = include Makefile _build-aux ?= build-aux _autoreconf ?= autoreconf -v # Ensure that $(VERSION) is up to date for dist-related targets, but not # for others: rerunning autoreconf and recompiling everything isn't cheap. _have-git-version-gen := \ $(shell test -f $(srcdir)/$(_build-aux)/git-version-gen && echo yes) ifeq ($(_have-git-version-gen)0,yes$(MAKELEVEL)) _is-dist-target ?= $(filter-out %clean, \ $(filter maintainer-% dist% alpha beta stable,$(MAKECMDGOALS))) _is-install-target ?= $(filter-out %check, $(filter install%,$(MAKECMDGOALS))) ifneq (,$(_is-dist-target)$(_is-install-target)) _curr-ver := $(shell cd $(srcdir) \ && $(_build-aux)/git-version-gen \ .tarball-version \ $(git-version-gen-tag-sed-script)) ifneq ($(_curr-ver),$(VERSION)) ifeq ($(_curr-ver),UNKNOWN) $(info WARNING: unable to verify if $(VERSION) is the correct version) else ifneq (,$(_is-install-target)) # GNU Coding Standards state that 'make install' should not cause # recompilation after 'make all'. But as long as changing the version # string alters config.h, the cost of having 'make all' always have an # up-to-date version is prohibitive. So, as a compromise, we merely # warn when installing a version string that is out of date; the user # should run 'autoreconf' (or something like 'make distcheck') to # fix the version, 'make all' to propagate it, then 'make install'. $(info WARNING: version string $(VERSION) is out of date;) $(info run '$(MAKE) _version' to fix it) else $(info INFO: running autoreconf for new version string: $(_curr-ver)) GNUmakefile: _version touch GNUmakefile endif endif endif endif endif .PHONY: _version _version: cd $(srcdir) && rm -rf autom4te.cache .version && $(_autoreconf) $(MAKE) $(AM_MAKEFLAGS) Makefile else ifneq ($(_gl-configure),) .DEFAULT_GOAL := abort-due-to-no-makefile else .DEFAULT_GOAL := abort-due-to-no-configure endif srcdir = . _build-aux ?= build-aux _autoreconf ?= autoreconf -v ifeq ($(.DEFAULT_GOAL),abort-due-to-no-makefile) $(MAKECMDGOALS): abort-due-to-no-makefile endif _have-git := $(shell command -v git >/dev/null 2>&1 && echo yes) ifeq ($(_have-git),yes) REPO := $(shell git remote get-url origin) else REPO := https://github.com/ndilieto/uacme endif abort-due-to-no-makefile: @echo There seems to be no Makefile in this directory. 1>&2 @echo "You must run ./configure before running 'make'." 1>&2 @exit 1 abort-due-to-no-configure: @echo There seems to be no configure in this directory. 1>&2 @echo "You must run 'autoreconf' and ./configure before running 'make'." 1>&2 @echo "Alternatively consider checking out the latest release:" 1>&2 @echo " git clone -b upstream/latest $(REPO)" 1>&2 @exit 1 endif # Tell version 3.79 and up of GNU make to not build goals in this # directory in parallel, in case someone tries to build multiple # targets, and one of them can cause a recursive target to be invoked. # Only set this if Automake doesn't provide it. AM_RECURSIVE_TARGETS ?= $(RECURSIVE_TARGETS:-recursive=) \ $(RECURSIVE_CLEAN_TARGETS:-recursive=) \ dist distcheck tags ctags ALL_RECURSIVE_TARGETS += $(AM_RECURSIVE_TARGETS) ifneq ($(word 2, $(MAKECMDGOALS)), ) ifneq ($(filter $(ALL_RECURSIVE_TARGETS), $(MAKECMDGOALS)), ) .NOTPARALLEL: endif endif uacme-1.7.6/build-aux/0000755000000000000000000000000014734275110011464 500000000000000uacme-1.7.6/build-aux/missing0000755000000000000000000001533014555530552013012 00000000000000#! /bin/sh # Common wrapper for a few potentially missing GNU programs. scriptversion=2013-10-28.13; # UTC # Copyright (C) 1996-2013 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard , 1996. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. if test $# -eq 0; then echo 1>&2 "Try '$0 --help' for more information" exit 1 fi case $1 in --is-lightweight) # Used by our autoconf macros to check whether the available missing # script is modern enough. exit 0 ;; --run) # Back-compat with the calling convention used by older automake. shift ;; -h|--h|--he|--hel|--help) echo "\ $0 [OPTION]... PROGRAM [ARGUMENT]... Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due to PROGRAM being missing or too old. Options: -h, --help display this help and exit -v, --version output version information and exit Supported PROGRAM values: aclocal autoconf autoheader autom4te automake makeinfo bison yacc flex lex help2man Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and 'g' are ignored when checking the name. Send bug reports to ." exit $? ;; -v|--v|--ve|--ver|--vers|--versi|--versio|--version) echo "missing $scriptversion (GNU Automake)" exit $? ;; -*) echo 1>&2 "$0: unknown '$1' option" echo 1>&2 "Try '$0 --help' for more information" exit 1 ;; esac # Run the given program, remember its exit status. "$@"; st=$? # If it succeeded, we are done. test $st -eq 0 && exit 0 # Also exit now if we it failed (or wasn't found), and '--version' was # passed; such an option is passed most likely to detect whether the # program is present and works. case $2 in --version|--help) exit $st;; esac # Exit code 63 means version mismatch. This often happens when the user # tries to use an ancient version of a tool on a file that requires a # minimum version. if test $st -eq 63; then msg="probably too old" elif test $st -eq 127; then # Program was missing. msg="missing on your system" else # Program was found and executed, but failed. Give up. exit $st fi perl_URL=http://www.perl.org/ flex_URL=http://flex.sourceforge.net/ gnu_software_URL=http://www.gnu.org/software program_details () { case $1 in aclocal|automake) echo "The '$1' program is part of the GNU Automake package:" echo "<$gnu_software_URL/automake>" echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:" echo "<$gnu_software_URL/autoconf>" echo "<$gnu_software_URL/m4/>" echo "<$perl_URL>" ;; autoconf|autom4te|autoheader) echo "The '$1' program is part of the GNU Autoconf package:" echo "<$gnu_software_URL/autoconf/>" echo "It also requires GNU m4 and Perl in order to run:" echo "<$gnu_software_URL/m4/>" echo "<$perl_URL>" ;; esac } give_advice () { # Normalize program name to check for. normalized_program=`echo "$1" | sed ' s/^gnu-//; t s/^gnu//; t s/^g//; t'` printf '%s\n' "'$1' is $msg." configure_deps="'configure.ac' or m4 files included by 'configure.ac'" case $normalized_program in autoconf*) echo "You should only need it if you modified 'configure.ac'," echo "or m4 files included by it." program_details 'autoconf' ;; autoheader*) echo "You should only need it if you modified 'acconfig.h' or" echo "$configure_deps." program_details 'autoheader' ;; automake*) echo "You should only need it if you modified 'Makefile.am' or" echo "$configure_deps." program_details 'automake' ;; aclocal*) echo "You should only need it if you modified 'acinclude.m4' or" echo "$configure_deps." program_details 'aclocal' ;; autom4te*) echo "You might have modified some maintainer files that require" echo "the 'autom4te' program to be rebuilt." program_details 'autom4te' ;; bison*|yacc*) echo "You should only need it if you modified a '.y' file." echo "You may want to install the GNU Bison package:" echo "<$gnu_software_URL/bison/>" ;; lex*|flex*) echo "You should only need it if you modified a '.l' file." echo "You may want to install the Fast Lexical Analyzer package:" echo "<$flex_URL>" ;; help2man*) echo "You should only need it if you modified a dependency" \ "of a man page." echo "You may want to install the GNU Help2man package:" echo "<$gnu_software_URL/help2man/>" ;; makeinfo*) echo "You should only need it if you modified a '.texi' file, or" echo "any other file indirectly affecting the aspect of the manual." echo "You might want to install the Texinfo package:" echo "<$gnu_software_URL/texinfo/>" echo "The spurious makeinfo call might also be the consequence of" echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might" echo "want to install GNU make:" echo "<$gnu_software_URL/make/>" ;; *) echo "You might have modified some files without having the proper" echo "tools for further handling them. Check the 'README' file, it" echo "often tells you about the needed prerequisites for installing" echo "this package. You may also peek at any GNU archive site, in" echo "case some other package contains this missing '$1' program." ;; esac } give_advice "$1" | sed -e '1s/^/WARNING: /' \ -e '2,$s/^/ /' >&2 # Propagate the correct exit status (expected to be 127 for a program # not found, 63 for a program that failed due to version mismatch). exit $st # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: uacme-1.7.6/build-aux/compile0000755000000000000000000001624514555530552012777 00000000000000#! /bin/sh # Wrapper for compilers which do not understand '-c -o'. scriptversion=2012-10-14.11; # UTC # Copyright (C) 1999-2013 Free Software Foundation, Inc. # Written by Tom Tromey . # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # This file is maintained in Automake, please report # bugs to or send patches to # . nl=' ' # We need space, tab and new line, in precisely that order. Quoting is # there to prevent tools from complaining about whitespace usage. IFS=" "" $nl" file_conv= # func_file_conv build_file lazy # Convert a $build file to $host form and store it in $file # Currently only supports Windows hosts. If the determined conversion # type is listed in (the comma separated) LAZY, no conversion will # take place. func_file_conv () { file=$1 case $file in / | /[!/]*) # absolute file, and not a UNC file if test -z "$file_conv"; then # lazily determine how to convert abs files case `uname -s` in MINGW*) file_conv=mingw ;; CYGWIN*) file_conv=cygwin ;; *) file_conv=wine ;; esac fi case $file_conv/,$2, in *,$file_conv,*) ;; mingw/*) file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` ;; cygwin/*) file=`cygpath -m "$file" || echo "$file"` ;; wine/*) file=`winepath -w "$file" || echo "$file"` ;; esac ;; esac } # func_cl_dashL linkdir # Make cl look for libraries in LINKDIR func_cl_dashL () { func_file_conv "$1" if test -z "$lib_path"; then lib_path=$file else lib_path="$lib_path;$file" fi linker_opts="$linker_opts -LIBPATH:$file" } # func_cl_dashl library # Do a library search-path lookup for cl func_cl_dashl () { lib=$1 found=no save_IFS=$IFS IFS=';' for dir in $lib_path $LIB do IFS=$save_IFS if $shared && test -f "$dir/$lib.dll.lib"; then found=yes lib=$dir/$lib.dll.lib break fi if test -f "$dir/$lib.lib"; then found=yes lib=$dir/$lib.lib break fi if test -f "$dir/lib$lib.a"; then found=yes lib=$dir/lib$lib.a break fi done IFS=$save_IFS if test "$found" != yes; then lib=$lib.lib fi } # func_cl_wrapper cl arg... # Adjust compile command to suit cl func_cl_wrapper () { # Assume a capable shell lib_path= shared=: linker_opts= for arg do if test -n "$eat"; then eat= else case $1 in -o) # configure might choose to run compile as 'compile cc -o foo foo.c'. eat=1 case $2 in *.o | *.[oO][bB][jJ]) func_file_conv "$2" set x "$@" -Fo"$file" shift ;; *) func_file_conv "$2" set x "$@" -Fe"$file" shift ;; esac ;; -I) eat=1 func_file_conv "$2" mingw set x "$@" -I"$file" shift ;; -I*) func_file_conv "${1#-I}" mingw set x "$@" -I"$file" shift ;; -l) eat=1 func_cl_dashl "$2" set x "$@" "$lib" shift ;; -l*) func_cl_dashl "${1#-l}" set x "$@" "$lib" shift ;; -L) eat=1 func_cl_dashL "$2" ;; -L*) func_cl_dashL "${1#-L}" ;; -static) shared=false ;; -Wl,*) arg=${1#-Wl,} save_ifs="$IFS"; IFS=',' for flag in $arg; do IFS="$save_ifs" linker_opts="$linker_opts $flag" done IFS="$save_ifs" ;; -Xlinker) eat=1 linker_opts="$linker_opts $2" ;; -*) set x "$@" "$1" shift ;; *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) func_file_conv "$1" set x "$@" -Tp"$file" shift ;; *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) func_file_conv "$1" mingw set x "$@" "$file" shift ;; *) set x "$@" "$1" shift ;; esac fi shift done if test -n "$linker_opts"; then linker_opts="-link$linker_opts" fi exec "$@" $linker_opts exit 1 } eat= case $1 in '') echo "$0: No command. Try '$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: compile [--help] [--version] PROGRAM [ARGS] Wrapper for compilers which do not understand '-c -o'. Remove '-o dest.o' from ARGS, run PROGRAM with the remaining arguments, and rename the output as expected. If you are trying to build a whole package this is not the right script to run: please start by reading the file 'INSTALL'. Report bugs to . EOF exit $? ;; -v | --v*) echo "compile $scriptversion" exit $? ;; cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) func_cl_wrapper "$@" # Doesn't return... ;; esac ofile= cfile= for arg do if test -n "$eat"; then eat= else case $1 in -o) # configure might choose to run compile as 'compile cc -o foo foo.c'. # So we strip '-o arg' only if arg is an object. eat=1 case $2 in *.o | *.obj) ofile=$2 ;; *) set x "$@" -o "$2" shift ;; esac ;; *.c) cfile=$1 set x "$@" "$1" shift ;; *) set x "$@" "$1" shift ;; esac fi shift done if test -z "$ofile" || test -z "$cfile"; then # If no '-o' option was seen then we might have been invoked from a # pattern rule where we don't need one. That is ok -- this is a # normal compilation that the losing compiler can handle. If no # '.c' file was seen then we are probably linking. That is also # ok. exec "$@" fi # Name of file we expect compiler to create. cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` # Create the lock directory. # Note: use '[/\\:.-]' here to ensure that we don't use the same name # that we are using for the .o file. Also, base the name on the expected # object file name, since that is what matters with a parallel build. lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d while true; do if mkdir "$lockdir" >/dev/null 2>&1; then break fi sleep 1 done # FIXME: race condition here if user kills between mkdir and trap. trap "rmdir '$lockdir'; exit 1" 1 2 15 # Run the compile. "$@" ret=$? if test -f "$cofile"; then test "$cofile" = "$ofile" || mv "$cofile" "$ofile" elif test -f "${cofile}bj"; then test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" fi rmdir "$lockdir" exit $ret # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: uacme-1.7.6/build-aux/git-version-gen0000755000000000000000000001335214555530552014360 00000000000000#!/bin/sh # Print a version string. scriptversion=2010-10-13.20; # UTC # Copyright (C) 2007-2010 Free Software Foundation, Inc. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # This script is derived from GIT-VERSION-GEN from GIT: http://git.or.cz/. # It may be run two ways: # - from a git repository in which the "git describe" command below # produces useful output (thus requiring at least one signed tag) # - from a non-git-repo directory containing a .tarball-version file, which # presumes this script is invoked like "./git-version-gen .tarball-version". # In order to use intra-version strings in your project, you will need two # separate generated version string files: # # .tarball-version - present only in a distribution tarball, and not in # a checked-out repository. Created with contents that were learned at # the last time autoconf was run, and used by git-version-gen. Must not # be present in either $(srcdir) or $(builddir) for git-version-gen to # give accurate answers during normal development with a checked out tree, # but must be present in a tarball when there is no version control system. # Therefore, it cannot be used in any dependencies. GNUmakefile has # hooks to force a reconfigure at distribution time to get the value # correct, without penalizing normal development with extra reconfigures. # # .version - present in a checked-out repository and in a distribution # tarball. Usable in dependencies, particularly for files that don't # want to depend on config.h but do want to track version changes. # Delete this file prior to any autoconf run where you want to rebuild # files to pick up a version string change; and leave it stale to # minimize rebuild time after unrelated changes to configure sources. # # It is probably wise to add these two files to .gitignore, so that you # don't accidentally commit either generated file. # # Use the following line in your configure.ac, so that $(VERSION) will # automatically be up-to-date each time configure is run (and note that # since configure.ac no longer includes a version string, Makefile rules # should not depend on configure.ac for version updates). # # AC_INIT([GNU project], # m4_esyscmd([build-aux/git-version-gen .tarball-version]), # [bug-project@example]) # # Then use the following lines in your Makefile.am, so that .version # will be present for dependencies, and so that .tarball-version will # exist in distribution tarballs. # # BUILT_SOURCES = $(top_srcdir)/.version # $(top_srcdir)/.version: # echo $(VERSION) > $@-t && mv $@-t $@ # dist-hook: # echo $(VERSION) > $(distdir)/.tarball-version case $# in 1|2) ;; *) echo 1>&2 "Usage: $0 \$srcdir/.tarball-version" \ '[TAG-NORMALIZATION-SED-SCRIPT]' exit 1;; esac tarball_version_file=$1 tag_sed_script="${2:-s/x/x/}" nl=' ' # Avoid meddling by environment variable of the same name. v= # First see if there is a tarball-only version file. # then try "git describe", then default. if test -f $tarball_version_file then v=`cat $tarball_version_file` || exit 1 case $v in *$nl*) v= ;; # reject multi-line output [0-9]*) ;; *) v= ;; esac test -z "$v" \ && echo "$0: WARNING: $tarball_version_file seems to be damaged" 1>&2 fi if test -n "$v" then : # use $v # Otherwise, if there is at least one git commit involving the working # directory, and "git describe" output looks sensible, use that to # derive a version string. elif test "`git log -1 --pretty=format:x . 2>&1`" = x \ && v=`git describe --abbrev=4 --match='v*' HEAD 2>/dev/null \ || git describe --abbrev=4 HEAD 2>/dev/null` \ && v=`printf '%s\n' "$v" | sed "$tag_sed_script"` \ && case $v in v[0-9]*) ;; *) (exit 1) ;; esac then # Is this a new git that lists number of commits since the last # tag or the previous older version that did not? # Newer: v6.10-77-g0f8faeb # Older: v6.10-g0f8faeb case $v in *-*-*) : git describe is okay three part flavor ;; *-*) : git describe is older two part flavor # Recreate the number of commits and rewrite such that the # result is the same as if we were using the newer version # of git describe. vtag=`echo "$v" | sed 's/-.*//'` numcommits=`git rev-list "$vtag"..HEAD | wc -l` v=`echo "$v" | sed "s/\(.*\)-\(.*\)/\1-$numcommits-\2/"`; ;; esac # Change the first '-' to '-dev-'. # Remove the "g" in git describe's output string, to save a byte. v=`echo "$v" | sed 's/-/-dev-/;s/\(.*\)-g/\1-/'`; else v=UNKNOWN fi v=`echo "$v" |sed 's/^v//'` # Don't declare a version "dirty" merely because a time stamp has changed. git update-index --refresh > /dev/null 2>&1 dirty=`sh -c 'git diff-index --name-only HEAD' 2>/dev/null` || dirty= case "$dirty" in '') ;; *) # Append the suffix only if there isn't one already. case $v in *-dirty) ;; *) v="$v-dirty" ;; esac ;; esac # Omit the trailing newline, so that m4_esyscmd can use the result directly. echo "$v" | tr -d "$nl" # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: uacme-1.7.6/build-aux/install-sh0000755000000000000000000003413714555530552013425 00000000000000#!/bin/sh # install - install a program, script, or datafile scriptversion=2011-11-20.07; # UTC # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the # following copyright and license. # # Copyright (C) 1994 X Consortium # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to # deal in the Software without restriction, including without limitation the # rights to use, copy, modify, merge, publish, distribute, sublicense, and/or # sell copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in # all copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN # AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC- # TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. # # Except as contained in this notice, the name of the X Consortium shall not # be used in advertising or otherwise to promote the sale, use or other deal- # ings in this Software without prior written authorization from the X Consor- # tium. # # # FSF changes to this file are in the public domain. # # Calling this script install-sh is preferred over install.sh, to prevent # 'make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written # from scratch. nl=' ' IFS=" "" $nl" # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. doit=${DOITPROG-} if test -z "$doit"; then doit_exec=exec else doit_exec=$doit fi # Put in absolute file names if you don't have them in your path; # or use environment vars. chgrpprog=${CHGRPPROG-chgrp} chmodprog=${CHMODPROG-chmod} chownprog=${CHOWNPROG-chown} cmpprog=${CMPPROG-cmp} cpprog=${CPPROG-cp} mkdirprog=${MKDIRPROG-mkdir} mvprog=${MVPROG-mv} rmprog=${RMPROG-rm} stripprog=${STRIPPROG-strip} posix_glob='?' initialize_posix_glob=' test "$posix_glob" != "?" || { if (set -f) 2>/dev/null; then posix_glob= else posix_glob=: fi } ' posix_mkdir= # Desired mode of installed file. mode=0755 chgrpcmd= chmodcmd=$chmodprog chowncmd= mvcmd=$mvprog rmcmd="$rmprog -f" stripcmd= src= dst= dir_arg= dst_arg= copy_on_change=false no_target_directory= usage="\ Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE or: $0 [OPTION]... SRCFILES... DIRECTORY or: $0 [OPTION]... -t DIRECTORY SRCFILES... or: $0 [OPTION]... -d DIRECTORIES... In the 1st form, copy SRCFILE to DSTFILE. In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. In the 4th, create DIRECTORIES. Options: --help display this help and exit. --version display version info and exit. -c (ignored) -C install only if different (preserve the last data modification time) -d create directories instead of installing files. -g GROUP $chgrpprog installed files to GROUP. -m MODE $chmodprog installed files to MODE. -o USER $chownprog installed files to USER. -s $stripprog installed files. -t DIRECTORY install into DIRECTORY. -T report an error if DSTFILE is a directory. Environment variables override the default commands: CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG " while test $# -ne 0; do case $1 in -c) ;; -C) copy_on_change=true;; -d) dir_arg=true;; -g) chgrpcmd="$chgrpprog $2" shift;; --help) echo "$usage"; exit $?;; -m) mode=$2 case $mode in *' '* | *' '* | *' '* | *'*'* | *'?'* | *'['*) echo "$0: invalid mode: $mode" >&2 exit 1;; esac shift;; -o) chowncmd="$chownprog $2" shift;; -s) stripcmd=$stripprog;; -t) dst_arg=$2 # Protect names problematic for 'test' and other utilities. case $dst_arg in -* | [=\(\)!]) dst_arg=./$dst_arg;; esac shift;; -T) no_target_directory=true;; --version) echo "$0 $scriptversion"; exit $?;; --) shift break;; -*) echo "$0: invalid option: $1" >&2 exit 1;; *) break;; esac shift done if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then # When -d is used, all remaining arguments are directories to create. # When -t is used, the destination is already specified. # Otherwise, the last argument is the destination. Remove it from $@. for arg do if test -n "$dst_arg"; then # $@ is not empty: it contains at least $arg. set fnord "$@" "$dst_arg" shift # fnord fi shift # arg dst_arg=$arg # Protect names problematic for 'test' and other utilities. case $dst_arg in -* | [=\(\)!]) dst_arg=./$dst_arg;; esac done fi if test $# -eq 0; then if test -z "$dir_arg"; then echo "$0: no input file specified." >&2 exit 1 fi # It's OK to call 'install-sh -d' without argument. # This can happen when creating conditional directories. exit 0 fi if test -z "$dir_arg"; then do_exit='(exit $ret); exit $ret' trap "ret=129; $do_exit" 1 trap "ret=130; $do_exit" 2 trap "ret=141; $do_exit" 13 trap "ret=143; $do_exit" 15 # Set umask so as not to create temps with too-generous modes. # However, 'strip' requires both read and write access to temps. case $mode in # Optimize common cases. *644) cp_umask=133;; *755) cp_umask=22;; *[0-7]) if test -z "$stripcmd"; then u_plus_rw= else u_plus_rw='% 200' fi cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;; *) if test -z "$stripcmd"; then u_plus_rw= else u_plus_rw=,u+rw fi cp_umask=$mode$u_plus_rw;; esac fi for src do # Protect names problematic for 'test' and other utilities. case $src in -* | [=\(\)!]) src=./$src;; esac if test -n "$dir_arg"; then dst=$src dstdir=$dst test -d "$dstdir" dstdir_status=$? else # Waiting for this to be detected by the "$cpprog $src $dsttmp" command # might cause directories to be created, which would be especially bad # if $src (and thus $dsttmp) contains '*'. if test ! -f "$src" && test ! -d "$src"; then echo "$0: $src does not exist." >&2 exit 1 fi if test -z "$dst_arg"; then echo "$0: no destination specified." >&2 exit 1 fi dst=$dst_arg # If destination is a directory, append the input filename; won't work # if double slashes aren't ignored. if test -d "$dst"; then if test -n "$no_target_directory"; then echo "$0: $dst_arg: Is a directory" >&2 exit 1 fi dstdir=$dst dst=$dstdir/`basename "$src"` dstdir_status=0 else # Prefer dirname, but fall back on a substitute if dirname fails. dstdir=` (dirname "$dst") 2>/dev/null || expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$dst" : 'X\(//\)[^/]' \| \ X"$dst" : 'X\(//\)$' \| \ X"$dst" : 'X\(/\)' \| . 2>/dev/null || echo X"$dst" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q' ` test -d "$dstdir" dstdir_status=$? fi fi obsolete_mkdir_used=false if test $dstdir_status != 0; then case $posix_mkdir in '') # Create intermediate dirs using mode 755 as modified by the umask. # This is like FreeBSD 'install' as of 1997-10-28. umask=`umask` case $stripcmd.$umask in # Optimize common cases. *[2367][2367]) mkdir_umask=$umask;; .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;; *[0-7]) mkdir_umask=`expr $umask + 22 \ - $umask % 100 % 40 + $umask % 20 \ - $umask % 10 % 4 + $umask % 2 `;; *) mkdir_umask=$umask,go-w;; esac # With -d, create the new directory with the user-specified mode. # Otherwise, rely on $mkdir_umask. if test -n "$dir_arg"; then mkdir_mode=-m$mode else mkdir_mode= fi posix_mkdir=false case $umask in *[123567][0-7][0-7]) # POSIX mkdir -p sets u+wx bits regardless of umask, which # is incompatible with FreeBSD 'install' when (umask & 300) != 0. ;; *) # $RANDOM is not portable (e.g. dash); use it when possible to # lower collision chance tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$ trap 'ret=$?; rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" 2>/dev/null; exit $ret' 0 # As "mkdir -p" follows symlinks and we work in /tmp possibly; so # create the $tmpdir first (and fail if unsuccessful) to make sure # that nobody tries to guess the $tmpdir name. if (umask $mkdir_umask && $mkdirprog $mkdir_mode "$tmpdir" && exec $mkdirprog $mkdir_mode -p -- "$tmpdir/a/b") >/dev/null 2>&1 then if test -z "$dir_arg" || { # Check for POSIX incompatibilities with -m. # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or # other-writable bit of parent directory when it shouldn't. # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. test_tmpdir="$tmpdir/a" ls_ld_tmpdir=`ls -ld "$test_tmpdir"` case $ls_ld_tmpdir in d????-?r-*) different_mode=700;; d????-?--*) different_mode=755;; *) false;; esac && $mkdirprog -m$different_mode -p -- "$test_tmpdir" && { ls_ld_tmpdir_1=`ls -ld "$test_tmpdir"` test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1" } } then posix_mkdir=: fi rmdir "$tmpdir/a/b" "$tmpdir/a" "$tmpdir" else # Remove any dirs left behind by ancient mkdir implementations. rmdir ./$mkdir_mode ./-p ./-- "$tmpdir" 2>/dev/null fi trap '' 0;; esac;; esac if $posix_mkdir && ( umask $mkdir_umask && $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir" ) then : else # The umask is ridiculous, or mkdir does not conform to POSIX, # or it failed possibly due to a race condition. Create the # directory the slow way, step by step, checking for races as we go. case $dstdir in /*) prefix='/';; [-=\(\)!]*) prefix='./';; *) prefix='';; esac eval "$initialize_posix_glob" oIFS=$IFS IFS=/ $posix_glob set -f set fnord $dstdir shift $posix_glob set +f IFS=$oIFS prefixes= for d do test X"$d" = X && continue prefix=$prefix$d if test -d "$prefix"; then prefixes= else if $posix_mkdir; then (umask=$mkdir_umask && $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break # Don't fail if two instances are running concurrently. test -d "$prefix" || exit 1 else case $prefix in *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;; *) qprefix=$prefix;; esac prefixes="$prefixes '$qprefix'" fi fi prefix=$prefix/ done if test -n "$prefixes"; then # Don't fail if two instances are running concurrently. (umask $mkdir_umask && eval "\$doit_exec \$mkdirprog $prefixes") || test -d "$dstdir" || exit 1 obsolete_mkdir_used=true fi fi fi if test -n "$dir_arg"; then { test -z "$chowncmd" || $doit $chowncmd "$dst"; } && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } && { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false || test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1 else # Make a couple of temp file names in the proper directory. dsttmp=$dstdir/_inst.$$_ rmtmp=$dstdir/_rm.$$_ # Trap to clean up those temp files at exit. trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 # Copy the file name to the temp name. (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && # and set any options; do chmod last to preserve setuid bits. # # If any of these fail, we abort the whole thing. If we want to # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $cpprog $src $dsttmp" command. # { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && # If -C, don't bother to copy if it wouldn't change the file. if $copy_on_change && old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && eval "$initialize_posix_glob" && $posix_glob set -f && set X $old && old=:$2:$4:$5:$6 && set X $new && new=:$2:$4:$5:$6 && $posix_glob set +f && test "$old" = "$new" && $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 then rm -f "$dsttmp" else # Rename the file to the real destination. $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || # The rename failed, perhaps because mv can't rename something else # to itself, or perhaps because mv is so ancient that it does not # support -f. { # Now remove or move aside any old file at destination location. # We try this two ways since rm can't unlink itself on some # systems and the destination file might be busy for other # reasons. In this case, the final cleanup might fail but the new # file should still install successfully. { test ! -f "$dst" || $doit $rmcmd -f "$dst" 2>/dev/null || { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } } || { echo "$0: cannot unlink or rename $dst" >&2 (exit 1); exit 1 } } && # Now rename the file to the real destination. $doit $mvcmd "$dsttmp" "$dst" } fi || exit 1 trap '' 0 fi done # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: uacme-1.7.6/build-aux/depcomp0000755000000000000000000005601614555530552012776 00000000000000#! /bin/sh # depcomp - compile a program generating dependencies as side-effects scriptversion=2013-05-30.07; # UTC # Copyright (C) 1999-2013 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # Originally written by Alexandre Oliva . case $1 in '') echo "$0: No command. Try '$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: depcomp [--help] [--version] PROGRAM [ARGS] Run PROGRAMS ARGS to compile a file, generating dependencies as side-effects. Environment variables: depmode Dependency tracking mode. source Source file read by 'PROGRAMS ARGS'. object Object file output by 'PROGRAMS ARGS'. DEPDIR directory where to store dependencies. depfile Dependency file to output. tmpdepfile Temporary file to use when outputting dependencies. libtool Whether libtool is used (yes/no). Report bugs to . EOF exit $? ;; -v | --v*) echo "depcomp $scriptversion" exit $? ;; esac # Get the directory component of the given path, and save it in the # global variables '$dir'. Note that this directory component will # be either empty or ending with a '/' character. This is deliberate. set_dir_from () { case $1 in */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;; *) dir=;; esac } # Get the suffix-stripped basename of the given path, and save it the # global variable '$base'. set_base_from () { base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'` } # If no dependency file was actually created by the compiler invocation, # we still have to create a dummy depfile, to avoid errors with the # Makefile "include basename.Plo" scheme. make_dummy_depfile () { echo "#dummy" > "$depfile" } # Factor out some common post-processing of the generated depfile. # Requires the auxiliary global variable '$tmpdepfile' to be set. aix_post_process_depfile () { # If the compiler actually managed to produce a dependency file, # post-process it. if test -f "$tmpdepfile"; then # Each line is of the form 'foo.o: dependency.h'. # Do two passes, one to just change these to # $object: dependency.h # and one to simply output # dependency.h: # which is needed to avoid the deleted-header problem. { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile" sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile" } > "$depfile" rm -f "$tmpdepfile" else make_dummy_depfile fi } # A tabulation character. tab=' ' # A newline character. nl=' ' # Character ranges might be problematic outside the C locale. # These definitions help. upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ lower=abcdefghijklmnopqrstuvwxyz digits=0123456789 alpha=${upper}${lower} if test -z "$depmode" || test -z "$source" || test -z "$object"; then echo "depcomp: Variables source, object and depmode must be set" 1>&2 exit 1 fi # Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po. depfile=${depfile-`echo "$object" | sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`} tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} rm -f "$tmpdepfile" # Avoid interferences from the environment. gccflag= dashmflag= # Some modes work just like other modes, but use different flags. We # parameterize here, but still list the modes in the big case below, # to make depend.m4 easier to write. Note that we *cannot* use a case # here, because this file can only contain one case statement. if test "$depmode" = hp; then # HP compiler uses -M and no extra arg. gccflag=-M depmode=gcc fi if test "$depmode" = dashXmstdout; then # This is just like dashmstdout with a different argument. dashmflag=-xM depmode=dashmstdout fi cygpath_u="cygpath -u -f -" if test "$depmode" = msvcmsys; then # This is just like msvisualcpp but w/o cygpath translation. # Just convert the backslash-escaped backslashes to single forward # slashes to satisfy depend.m4 cygpath_u='sed s,\\\\,/,g' depmode=msvisualcpp fi if test "$depmode" = msvc7msys; then # This is just like msvc7 but w/o cygpath translation. # Just convert the backslash-escaped backslashes to single forward # slashes to satisfy depend.m4 cygpath_u='sed s,\\\\,/,g' depmode=msvc7 fi if test "$depmode" = xlc; then # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information. gccflag=-qmakedep=gcc,-MF depmode=gcc fi case "$depmode" in gcc3) ## gcc 3 implements dependency tracking that does exactly what ## we want. Yay! Note: for some reason libtool 1.4 doesn't like ## it if -MD -MP comes after the -MF stuff. Hmm. ## Unfortunately, FreeBSD c89 acceptance of flags depends upon ## the command line argument order; so add the flags where they ## appear in depend2.am. Note that the slowdown incurred here ## affects only configure: in makefiles, %FASTDEP% shortcuts this. for arg do case $arg in -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;; *) set fnord "$@" "$arg" ;; esac shift # fnord shift # $arg done "$@" stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi mv "$tmpdepfile" "$depfile" ;; gcc) ## Note that this doesn't just cater to obsosete pre-3.x GCC compilers. ## but also to in-use compilers like IMB xlc/xlC and the HP C compiler. ## (see the conditional assignment to $gccflag above). ## There are various ways to get dependency output from gcc. Here's ## why we pick this rather obscure method: ## - Don't want to use -MD because we'd like the dependencies to end ## up in a subdir. Having to rename by hand is ugly. ## (We might end up doing this anyway to support other compilers.) ## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like ## -MM, not -M (despite what the docs say). Also, it might not be ## supported by the other compilers which use the 'gcc' depmode. ## - Using -M directly means running the compiler twice (even worse ## than renaming). if test -z "$gccflag"; then gccflag=-MD, fi "$@" -Wp,"$gccflag$tmpdepfile" stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" echo "$object : \\" > "$depfile" # The second -e expression handles DOS-style file names with drive # letters. sed -e 's/^[^:]*: / /' \ -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" ## This next piece of magic avoids the "deleted header file" problem. ## The problem is that when a header file which appears in a .P file ## is deleted, the dependency causes make to die (because there is ## typically no way to rebuild the header). We avoid this by adding ## dummy dependencies for each header file. Too bad gcc doesn't do ## this for us directly. ## Some versions of gcc put a space before the ':'. On the theory ## that the space means something, we add a space to the output as ## well. hp depmode also adds that space, but also prefixes the VPATH ## to the object. Take care to not repeat it in the output. ## Some versions of the HPUX 10.20 sed can't process this invocation ## correctly. Breaking it into two sed invocations is a workaround. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; hp) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; sgi) if test "$libtool" = yes; then "$@" "-Wp,-MDupdate,$tmpdepfile" else "$@" -MDupdate "$tmpdepfile" fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files echo "$object : \\" > "$depfile" # Clip off the initial element (the dependent). Don't try to be # clever and replace this with sed code, as IRIX sed won't handle # lines with more than a fixed number of characters (4096 in # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; # the IRIX cc adds comments like '#:fec' to the end of the # dependency line. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \ | tr "$nl" ' ' >> "$depfile" echo >> "$depfile" # The second pass generates a dummy entry for each header file. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ >> "$depfile" else make_dummy_depfile fi rm -f "$tmpdepfile" ;; xlc) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; aix) # The C for AIX Compiler uses -M and outputs the dependencies # in a .u file. In older versions, this file always lives in the # current directory. Also, the AIX compiler puts '$object:' at the # start of each line; $object doesn't have directory information. # Version 6 uses the directory in both cases. set_dir_from "$object" set_base_from "$object" if test "$libtool" = yes; then tmpdepfile1=$dir$base.u tmpdepfile2=$base.u tmpdepfile3=$dir.libs/$base.u "$@" -Wc,-M else tmpdepfile1=$dir$base.u tmpdepfile2=$dir$base.u tmpdepfile3=$dir$base.u "$@" -M fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" exit $stat fi for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" do test -f "$tmpdepfile" && break done aix_post_process_depfile ;; tcc) # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26 # FIXME: That version still under development at the moment of writing. # Make that this statement remains true also for stable, released # versions. # It will wrap lines (doesn't matter whether long or short) with a # trailing '\', as in: # # foo.o : \ # foo.c \ # foo.h \ # # It will put a trailing '\' even on the last line, and will use leading # spaces rather than leading tabs (at least since its commit 0394caf7 # "Emit spaces for -MD"). "$@" -MD -MF "$tmpdepfile" stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'. # We have to change lines of the first kind to '$object: \'. sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile" # And for each line of the second kind, we have to emit a 'dep.h:' # dummy dependency, to avoid the deleted-header problem. sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile" rm -f "$tmpdepfile" ;; ## The order of this option in the case statement is important, since the ## shell code in configure will try each of these formats in the order ## listed in this file. A plain '-MD' option would be understood by many ## compilers, so we must ensure this comes after the gcc and icc options. pgcc) # Portland's C compiler understands '-MD'. # Will always output deps to 'file.d' where file is the root name of the # source file under compilation, even if file resides in a subdirectory. # The object file name does not affect the name of the '.d' file. # pgcc 10.2 will output # foo.o: sub/foo.c sub/foo.h # and will wrap long lines using '\' : # foo.o: sub/foo.c ... \ # sub/foo.h ... \ # ... set_dir_from "$object" # Use the source, not the object, to determine the base name, since # that's sadly what pgcc will do too. set_base_from "$source" tmpdepfile=$base.d # For projects that build the same source file twice into different object # files, the pgcc approach of using the *source* file root name can cause # problems in parallel builds. Use a locking strategy to avoid stomping on # the same $tmpdepfile. lockdir=$base.d-lock trap " echo '$0: caught signal, cleaning up...' >&2 rmdir '$lockdir' exit 1 " 1 2 13 15 numtries=100 i=$numtries while test $i -gt 0; do # mkdir is a portable test-and-set. if mkdir "$lockdir" 2>/dev/null; then # This process acquired the lock. "$@" -MD stat=$? # Release the lock. rmdir "$lockdir" break else # If the lock is being held by a different process, wait # until the winning process is done or we timeout. while test -d "$lockdir" && test $i -gt 0; do sleep 1 i=`expr $i - 1` done fi i=`expr $i - 1` done trap - 1 2 13 15 if test $i -le 0; then echo "$0: failed to acquire lock after $numtries attempts" >&2 echo "$0: check lockdir '$lockdir'" >&2 exit 1 fi if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" # Each line is of the form `foo.o: dependent.h', # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. # Do two passes, one to just change these to # `$object: dependent.h' and one to simply `dependent.h:'. sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process this invocation # correctly. Breaking it into two sed invocations is a workaround. sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; hp2) # The "hp" stanza above does not work with aCC (C++) and HP's ia64 # compilers, which have integrated preprocessors. The correct option # to use with these is +Maked; it writes dependencies to a file named # 'foo.d', which lands next to the object file, wherever that # happens to be. # Much of this is similar to the tru64 case; see comments there. set_dir_from "$object" set_base_from "$object" if test "$libtool" = yes; then tmpdepfile1=$dir$base.d tmpdepfile2=$dir.libs/$base.d "$@" -Wc,+Maked else tmpdepfile1=$dir$base.d tmpdepfile2=$dir$base.d "$@" +Maked fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" exit $stat fi for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" do test -f "$tmpdepfile" && break done if test -f "$tmpdepfile"; then sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile" # Add 'dependent.h:' lines. sed -ne '2,${ s/^ *// s/ \\*$// s/$/:/ p }' "$tmpdepfile" >> "$depfile" else make_dummy_depfile fi rm -f "$tmpdepfile" "$tmpdepfile2" ;; tru64) # The Tru64 compiler uses -MD to generate dependencies as a side # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'. # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put # dependencies in 'foo.d' instead, so we check for that too. # Subdirectories are respected. set_dir_from "$object" set_base_from "$object" if test "$libtool" = yes; then # Libtool generates 2 separate objects for the 2 libraries. These # two compilations output dependencies in $dir.libs/$base.o.d and # in $dir$base.o.d. We have to check for both files, because # one of the two compilations can be disabled. We should prefer # $dir$base.o.d over $dir.libs/$base.o.d because the latter is # automatically cleaned when .libs/ is deleted, while ignoring # the former would cause a distcleancheck panic. tmpdepfile1=$dir$base.o.d # libtool 1.5 tmpdepfile2=$dir.libs/$base.o.d # Likewise. tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504 "$@" -Wc,-MD else tmpdepfile1=$dir$base.d tmpdepfile2=$dir$base.d tmpdepfile3=$dir$base.d "$@" -MD fi stat=$? if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" exit $stat fi for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" do test -f "$tmpdepfile" && break done # Same post-processing that is required for AIX mode. aix_post_process_depfile ;; msvc7) if test "$libtool" = yes; then showIncludes=-Wc,-showIncludes else showIncludes=-showIncludes fi "$@" $showIncludes > "$tmpdepfile" stat=$? grep -v '^Note: including file: ' "$tmpdepfile" if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" echo "$object : \\" > "$depfile" # The first sed program below extracts the file names and escapes # backslashes for cygpath. The second sed program outputs the file # name when reading, but also accumulates all include files in the # hold buffer in order to output them again at the end. This only # works with sed implementations that can handle large buffers. sed < "$tmpdepfile" -n ' /^Note: including file: *\(.*\)/ { s//\1/ s/\\/\\\\/g p }' | $cygpath_u | sort -u | sed -n ' s/ /\\ /g s/\(.*\)/'"$tab"'\1 \\/p s/.\(.*\) \\/\1:/ H $ { s/.*/'"$tab"'/ G p }' >> "$depfile" echo >> "$depfile" # make sure the fragment doesn't end with a backslash rm -f "$tmpdepfile" ;; msvc7msys) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; #nosideeffect) # This comment above is used by automake to tell side-effect # dependency tracking mechanisms from slower ones. dashmstdout) # Important note: in order to support this mode, a compiler *must* # always write the preprocessed file to stdout, regardless of -o. "$@" || exit $? # Remove the call to Libtool. if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi # Remove '-o $object'. IFS=" " for arg do case $arg in -o) shift ;; $object) shift ;; *) set fnord "$@" "$arg" shift # fnord shift # $arg ;; esac done test -z "$dashmflag" && dashmflag=-M # Require at least two characters before searching for ':' # in the target name. This is to cope with DOS-style filenames: # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise. "$@" $dashmflag | sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile" rm -f "$depfile" cat < "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process this sed invocation # correctly. Breaking it into two sed invocations is a workaround. tr ' ' "$nl" < "$tmpdepfile" \ | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; dashXmstdout) # This case only exists to satisfy depend.m4. It is never actually # run, as this mode is specially recognized in the preamble. exit 1 ;; makedepend) "$@" || exit $? # Remove any Libtool call if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi # X makedepend shift cleared=no eat=no for arg do case $cleared in no) set ""; shift cleared=yes ;; esac if test $eat = yes; then eat=no continue fi case "$arg" in -D*|-I*) set fnord "$@" "$arg"; shift ;; # Strip any option that makedepend may not understand. Remove # the object too, otherwise makedepend will parse it as a source file. -arch) eat=yes ;; -*|$object) ;; *) set fnord "$@" "$arg"; shift ;; esac done obj_suffix=`echo "$object" | sed 's/^.*\././'` touch "$tmpdepfile" ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" rm -f "$depfile" # makedepend may prepend the VPATH from the source file name to the object. # No need to regex-escape $object, excess matching of '.' is harmless. sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process the last invocation # correctly. Breaking it into two sed invocations is a workaround. sed '1,2d' "$tmpdepfile" \ | tr ' ' "$nl" \ | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" "$tmpdepfile".bak ;; cpp) # Important note: in order to support this mode, a compiler *must* # always write the preprocessed file to stdout. "$@" || exit $? # Remove the call to Libtool. if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi # Remove '-o $object'. IFS=" " for arg do case $arg in -o) shift ;; $object) shift ;; *) set fnord "$@" "$arg" shift # fnord shift # $arg ;; esac done "$@" -E \ | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ | sed '$ s: \\$::' > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" cat < "$tmpdepfile" >> "$depfile" sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; msvisualcpp) # Important note: in order to support this mode, a compiler *must* # always write the preprocessed file to stdout. "$@" || exit $? # Remove the call to Libtool. if test "$libtool" = yes; then while test "X$1" != 'X--mode=compile'; do shift done shift fi IFS=" " for arg do case "$arg" in -o) shift ;; $object) shift ;; "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") set fnord "$@" shift shift ;; *) set fnord "$@" "$arg" shift shift ;; esac done "$@" -E 2>/dev/null | sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile" echo "$tab" >> "$depfile" sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile" rm -f "$tmpdepfile" ;; msvcmsys) # This case exists only to let depend.m4 do its work. It works by # looking at the text of this script. This case will never be run, # since it is checked for above. exit 1 ;; none) exec "$@" ;; *) echo "Unknown depmode $depmode" 1>&2 exit 1 ;; esac exit 0 # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC" # time-stamp-end: "; # UTC" # End: uacme-1.7.6/build-aux/ar-lib0000755000000000000000000001330214555530552012504 00000000000000#! /bin/sh # Wrapper for Microsoft lib.exe me=ar-lib scriptversion=2012-03-01.08; # UTC # Copyright (C) 2010-2014 Free Software Foundation, Inc. # Written by Peter Rosin . # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # This file is maintained in Automake, please report # bugs to or send patches to # . # func_error message func_error () { echo "$me: $1" 1>&2 exit 1 } file_conv= # func_file_conv build_file # Convert a $build file to $host form and store it in $file # Currently only supports Windows hosts. func_file_conv () { file=$1 case $file in / | /[!/]*) # absolute file, and not a UNC file if test -z "$file_conv"; then # lazily determine how to convert abs files case `uname -s` in MINGW*) file_conv=mingw ;; CYGWIN*) file_conv=cygwin ;; *) file_conv=wine ;; esac fi case $file_conv in mingw) file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` ;; cygwin) file=`cygpath -m "$file" || echo "$file"` ;; wine) file=`winepath -w "$file" || echo "$file"` ;; esac ;; esac } # func_at_file at_file operation archive # Iterate over all members in AT_FILE performing OPERATION on ARCHIVE # for each of them. # When interpreting the content of the @FILE, do NOT use func_file_conv, # since the user would need to supply preconverted file names to # binutils ar, at least for MinGW. func_at_file () { operation=$2 archive=$3 at_file_contents=`cat "$1"` eval set x "$at_file_contents" shift for member do $AR -NOLOGO $operation:"$member" "$archive" || exit $? done } case $1 in '') func_error "no command. Try '$0 --help' for more information." ;; -h | --h*) cat < # Copyright (c) 2014, 2015 Philip Withnall # # Copying and distribution of this file, with or without modification, are # permitted in any medium without royalty provided the copyright notice # and this notice are preserved. #serial 9 AC_DEFUN([AX_CHECK_ENABLE_DEBUG],[ AC_BEFORE([$0],[AC_PROG_CC])dnl AC_BEFORE([$0],[AC_PROG_CXX])dnl AC_BEFORE([$0],[AC_PROG_F77])dnl AC_BEFORE([$0],[AC_PROG_FC])dnl AC_MSG_CHECKING(whether to enable debugging) ax_enable_debug_default=m4_tolower(m4_normalize(ifelse([$1],,[no],[$1]))) ax_enable_debug_is_release=m4_tolower(m4_normalize(ifelse([$4],, [$ax_is_release], [$4]))) # If this is a release, override the default. AS_IF([test "$ax_enable_debug_is_release" = "yes"], [ax_enable_debug_default="no"]) m4_define(ax_enable_debug_vars,[m4_normalize(ifelse([$2],,,[$2]))]) m4_define(ax_disable_debug_vars,[m4_normalize(ifelse([$3],,[NDEBUG],[$3]))]) AC_ARG_ENABLE(debug, [AS_HELP_STRING([--enable-debug=]@<:@yes/info/profile/no@:>@,[compile with debugging])], [],enable_debug=$ax_enable_debug_default) # empty mean debug yes AS_IF([test "x$enable_debug" = "x"], [enable_debug="yes"]) # case of debug AS_CASE([$enable_debug], [yes],[ AC_MSG_RESULT(yes) CFLAGS="${CFLAGS} -g -O0" CXXFLAGS="${CXXFLAGS} -g -O0" FFLAGS="${FFLAGS} -g -O0" FCFLAGS="${FCFLAGS} -g -O0" OBJCFLAGS="${OBJCFLAGS} -g -O0" ], [info],[ AC_MSG_RESULT(info) CFLAGS="${CFLAGS} -g" CXXFLAGS="${CXXFLAGS} -g" FFLAGS="${FFLAGS} -g" FCFLAGS="${FCFLAGS} -g" OBJCFLAGS="${OBJCFLAGS} -g" ], [profile],[ AC_MSG_RESULT(profile) CFLAGS="${CFLAGS} -g -pg" CXXFLAGS="${CXXFLAGS} -g -pg" FFLAGS="${FFLAGS} -g -pg" FCFLAGS="${FCFLAGS} -g -pg" OBJCFLAGS="${OBJCFLAGS} -g -pg" LDFLAGS="${LDFLAGS} -pg" ], [ AC_MSG_RESULT(no) dnl Ensure AC_PROG_CC/CXX/F77/FC/OBJC will not enable debug flags dnl by setting any unset environment flag variables AS_IF([test "x${CFLAGS+set}" != "xset"], [CFLAGS=""]) AS_IF([test "x${CXXFLAGS+set}" != "xset"], [CXXFLAGS=""]) AS_IF([test "x${FFLAGS+set}" != "xset"], [FFLAGS=""]) AS_IF([test "x${FCFLAGS+set}" != "xset"], [FCFLAGS=""]) AS_IF([test "x${OBJCFLAGS+set}" != "xset"], [OBJCFLAGS=""]) ]) dnl Define various variables if debugging is disabled. dnl assert.h is a NOP if NDEBUG is defined, so define it by default. AS_IF([test "x$enable_debug" = "xyes"], [m4_map_args_w(ax_enable_debug_vars, [AC_DEFINE(], [,[1],[Define if debugging is enabled])])], [m4_map_args_w(ax_disable_debug_vars, [AC_DEFINE(], [,[1],[Define if debugging is disabled])])]) ax_enable_debug=$enable_debug ]) uacme-1.7.6/build-aux/m4/ax_is_release.m40000644000000000000000000000650614555530552015005 00000000000000# =========================================================================== # https://www.gnu.org/software/autoconf-archive/ax_is_release.html # =========================================================================== # # SYNOPSIS # # AX_IS_RELEASE(POLICY) # # DESCRIPTION # # Determine whether the code is being configured as a release, or from # git. Set the ax_is_release variable to 'yes' or 'no'. # # If building a release version, it is recommended that the configure # script disable compiler errors and debug features, by conditionalising # them on the ax_is_release variable. If building from git, these # features should be enabled. # # The POLICY parameter specifies how ax_is_release is determined. It can # take the following values: # # * git-directory: ax_is_release will be 'no' if a '.git' # directory or git worktree exists # * minor-version: ax_is_release will be 'no' if the minor version number # in $PACKAGE_VERSION is odd; this assumes # $PACKAGE_VERSION follows the 'major.minor.micro' scheme # * micro-version: ax_is_release will be 'no' if the micro version number # in $PACKAGE_VERSION is odd; this assumes # $PACKAGE_VERSION follows the 'major.minor.micro' scheme # * dash-version: ax_is_release will be 'no' if there is a dash '-' # in $PACKAGE_VERSION, for example 1.2-pre3, 1.2.42-a8b9 # or 2.0-dirty (in particular this is suitable for use # with git-version-gen) # * always: ax_is_release will always be 'yes' # * never: ax_is_release will always be 'no' # # Other policies may be added in future. # # LICENSE # # Copyright (c) 2015 Philip Withnall # Copyright (c) 2016 Collabora Ltd. # # Copying and distribution of this file, with or without modification, are # permitted in any medium without royalty provided the copyright notice # and this notice are preserved. #serial 8 AC_DEFUN([AX_IS_RELEASE],[ AC_BEFORE([AC_INIT],[$0]) m4_case([$1], [git-directory],[ # $is_release = (.git directory does not exist) AS_IF([test -d ${srcdir}/.git || (test -f ${srcdir}/.git && grep \.git/worktrees ${srcdir}/.git)],[ax_is_release=no],[ax_is_release=yes]) ], [minor-version],[ # $is_release = ($minor_version is even) minor_version=`echo "$PACKAGE_VERSION" | sed 's/[[^.]][[^.]]*.\([[^.]][[^.]]*\).*/\1/'` AS_IF([test "$(( $minor_version % 2 ))" -ne 0], [ax_is_release=no],[ax_is_release=yes]) ], [micro-version],[ # $is_release = ($micro_version is even) micro_version=`echo "$PACKAGE_VERSION" | sed 's/[[^.]]*\.[[^.]]*\.\([[^.]]*\).*/\1/'` AS_IF([test "$(( $micro_version % 2 ))" -ne 0], [ax_is_release=no],[ax_is_release=yes]) ], [dash-version],[ # $is_release = ($PACKAGE_VERSION has a dash) AS_CASE([$PACKAGE_VERSION], [*-*], [ax_is_release=no], [*], [ax_is_release=yes]) ], [always],[ax_is_release=yes], [never],[ax_is_release=no], [ AC_MSG_ERROR([Invalid policy. Valid policies: git-directory, minor-version, micro-version, dash-version, always, never.]) ]) ]) uacme-1.7.6/build-aux/m4/ax_check_compile_flag.m40000644000000000000000000000640214555530552016443 00000000000000# =========================================================================== # http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html # =========================================================================== # # SYNOPSIS # # AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS], [INPUT]) # # DESCRIPTION # # Check whether the given FLAG works with the current language's compiler # or gives an error. (Warnings, however, are ignored) # # ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on # success/failure. # # If EXTRA-FLAGS is defined, it is added to the current language's default # flags (e.g. CFLAGS) when the check is done. The check is thus made with # the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to # force the compiler to issue an error when a bad flag is given. # # INPUT gives an alternative input source to AC_COMPILE_IFELSE. # # NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this # macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG. # # LICENSE # # Copyright (c) 2008 Guido U. Draheim # Copyright (c) 2011 Maarten Bosmans # # This program is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation, either version 3 of the License, or (at your # option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General # Public License for more details. # # You should have received a copy of the GNU General Public License along # with this program. If not, see . # # As a special exception, the respective Autoconf Macro's copyright owner # gives unlimited permission to copy, distribute and modify the configure # scripts that are the output of Autoconf when processing the Macro. You # need not follow the terms of the GNU General Public License when using # or distributing such scripts, even though portions of the text of the # Macro appear in them. The GNU General Public License (GPL) does govern # all other use of the material that constitutes the Autoconf Macro. # # This special exception to the GPL applies to versions of the Autoconf # Macro released by the Autoconf Archive. When you make and distribute a # modified version of the Autoconf Macro, you may extend this special # exception to the GPL to apply to your modified version as well. #serial 4 AC_DEFUN([AX_CHECK_COMPILE_FLAG], [AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_IF AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [ ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1" AC_COMPILE_IFELSE([m4_default([$5],[AC_LANG_PROGRAM()])], [AS_VAR_SET(CACHEVAR,[yes])], [AS_VAR_SET(CACHEVAR,[no])]) _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags]) AS_VAR_IF(CACHEVAR,yes, [m4_default([$2], :)], [m4_default([$3], :)]) AS_VAR_POPDEF([CACHEVAR])dnl ])dnl AX_CHECK_COMPILE_FLAGS uacme-1.7.6/README0000644000000000000000000000454014555533301010375 00000000000000uacme README Copyright (C) 2019-2024 Nicola Di Lieto uacme is a client for the RFC8555 ACMEv2 protocol. Additional information can be found at and the manual pages at and README ------ This README is targeted for users of the software who build from sources but do not necessarily develop. COMPILATION ----------- A typical command sequence for building uacme is shown below. A complete list of options available for configure can be found by running './configure --help'. cd uacme- ./configure make sudo make install The software depends on libcurl and one of GnuTLS, OpenSSL or mbedTLS * libcurl: the multiprotocol file transfer library https://curl.haxx.se/libcurl * GnuTLS: for cryptographic algorithms https://gnutls.org * OpenSSL: alternative to GnuTLS https://www.openssl.org * mbedTLS: lightweight alternative to GnuTLS https://tls.mbed.org DOCUMENTATION ------------- See README.md and the manual pages included in the distribution (uacme.1 or uacme.1.html and ualpn.1 or ualpn.1.html) LICENSING --------- See the COPYING file for licensing information BUGS ---- If you believe you have found a bug, please create a new issue at https://github.com/ndilieto/uacme/issues with any applicable information. Applicable information would include why the issue is a uacme bug (if not readily apparent), output from 'uname -a', the version of uacme being used, a stack trace if available ('bt full' if under gdb or valgrind output), and perhaps a network trace. Vague queries or piecemeal messages are difficult to act upon and don't help the development effort. PATCHES ------- Patches are welcome and encouraged. Patches can be submitted by creating a pull request at https://github.com/ndilieto/uacme/pulls When submitting patches, please be sure to use sources from the git repository, and preferrably from the master branch. To create a patch for the project from a local git repository, please use the following commands. 'uacme' should be the local directory of a previous git clone. cd uacme git add the-file-you-modified.c another-file.c git commit the-file-you-modified.c another-file.c For more information on use of Git, visit http://git-scm.com/ uacme-1.7.6/crypto.h0000644000000000000000000000550414733760401011210 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #ifndef __CRYPTO_H__ #define __CRYPTO_H__ #include #if defined(USE_GNUTLS) #if defined(USE_OPENSSL) || defined(USE_MBEDTLS) #error only one of USE_GNUTLS, USE_MBEDTLS or USE_OPENSSL must be defined #endif #include typedef gnutls_privkey_t privkey_t; #define privkey_deinit gnutls_privkey_deinit #elif defined(USE_OPENSSL) #if defined(USE_GNUTLS) || defined(USE_MBEDTLS) #error only one of USE_GNUTLS, USE_MBEDTLS or USE_OPENSSL must be defined #endif #include typedef EVP_PKEY *privkey_t; #define privkey_deinit EVP_PKEY_free #elif defined(USE_MBEDTLS) #if defined(USE_OPENSSL) || defined(USE_GNUTLS) #error only one of USE_GNUTLS, USE_MBEDTLS or USE_OPENSSL must be defined #endif #include typedef mbedtls_pk_context *privkey_t; static inline void privkey_deinit(privkey_t key) { mbedtls_pk_free(key); free(key); } #else #error either USE_GNUTLS or USE_MBEDTLS or USE_OPENSSL must be defined #endif typedef enum { PK_NONE = 0, PK_RSA, PK_EC } keytype_t; bool crypto_init(void); void crypto_deinit(void); char *sha2_base64url(size_t, const char *, ...); char *hmac_base64url(size_t, const char *, const char *, ...); char *jws_jwk(privkey_t key, const char **, const char **); char *jws_protected_jwk(const char *, const char *, privkey_t); char *jws_protected_kid(const char *, const char *, const char *, privkey_t); char *jws_protected_eab(size_t, const char *, const char *); char *jws_thumbprint(privkey_t); char *jws_encode(const char *, const char *, privkey_t); char *jws_encode_hmac(const char *, const char *, size_t, const char *); keytype_t key_type(privkey_t); privkey_t key_load(keytype_t, int bits, const char *, ...); bool is_ip(const char *, unsigned char *, size_t *); char *csr_gen(char * const *, bool, privkey_t); char *csr_load(const char *, char ***); char *cert_der_base64url(const char *); bool cert_valid(const char *, char * const *, const char *, int, bool); bool cert_match(const char *, unsigned char *, size_t); #if !HAVE_STRCASESTR char *strcasestr(const char *haystack, const char *needle); #endif #endif uacme-1.7.6/read-file.c0000644000000000000000000001162714555530552011522 00000000000000/* read-file.c -- read file contents into a string Copyright (C) 2006, 2009-2015 Free Software Foundation, Inc. Written by Simon Josefsson and Bruno Haible. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, see . */ #include "read-file.h" /* Get fstat. */ #include /* Get ftello. */ #include /* Get SIZE_MAX. */ #include /* Get malloc, realloc, free. */ #include /* Get errno. */ #include /* Read a STREAM and return a newly allocated string with the content, and set *LENGTH to the length of the string. The string is zero-terminated, but the terminating zero byte is not counted in *LENGTH. On errors, *LENGTH is undefined, errno preserves the values set by system functions (if any), and NULL is returned. */ char * fread_file (FILE *stream, size_t *length) { char *buf = NULL; size_t alloc = BUFSIZ; /* For a regular file, allocate a buffer that has exactly the right size. This avoids the need to do dynamic reallocations later. */ { struct stat st; if (fstat (fileno (stream), &st) >= 0 && S_ISREG (st.st_mode)) { off_t pos = ftello (stream); if (pos >= 0 && pos < st.st_size) { size_t alloc_off = st.st_size - pos; /* '1' below, accounts for the trailing NUL. */ if (SIZE_MAX/2 - 1 < alloc_off) { errno = ENOMEM; return NULL; } alloc = alloc_off + 1; } } } if (!(buf = malloc (alloc))) return NULL; /* errno is ENOMEM. */ { size_t size = 0; /* number of bytes read so far */ int save_errno; for (;;) { /* This reads 1 more than the size of a regular file so that we get eof immediately. */ size_t requested = alloc - size; size_t count = fread (buf + size, 1, requested, stream); size += count; if (count != requested) { save_errno = errno; if (ferror (stream)) break; /* Shrink the allocated memory if possible. */ if (size < alloc - 1) { char *smaller_buf = realloc (buf, size + 1); if (smaller_buf != NULL) buf = smaller_buf; } buf[size] = '\0'; *length = size; return buf; } { char *new_buf; if (alloc >= SIZE_MAX/2) { save_errno = ENOMEM; break; } if (alloc < SIZE_MAX/2 - alloc / 2) alloc = alloc + alloc / 2; else alloc = SIZE_MAX/2; if (!(new_buf = realloc (buf, alloc))) { save_errno = errno; break; } buf = new_buf; } } free (buf); errno = save_errno; return NULL; } } static char * internal_read_file (const char *filename, size_t *length, const char *mode) { FILE *stream = fopen (filename, mode); char *out; int save_errno; if (!stream) return NULL; out = fread_file (stream, length); save_errno = errno; if (fclose (stream) != 0) { if (out) { save_errno = errno; free (out); } errno = save_errno; return NULL; } return out; } /* Open and read the contents of FILENAME, and return a newly allocated string with the content, and set *LENGTH to the length of the string. The string is zero-terminated, but the terminating zero byte is not counted in *LENGTH. On errors, *LENGTH is undefined, errno preserves the values set by system functions (if any), and NULL is returned. */ char * read_file (const char *filename, size_t *length) { return internal_read_file (filename, length, "r"); } /* Open (on non-POSIX systems, in binary mode) and read the contents of FILENAME, and return a newly allocated string with the content, and set LENGTH to the length of the string. The string is zero-terminated, but the terminating zero byte is not counted in the LENGTH variable. On errors, *LENGTH is undefined, errno preserves the values set by system functions (if any), and NULL is returned. */ char * read_binary_file (const char *filename, size_t *length) { return internal_read_file (filename, length, "rb"); } uacme-1.7.6/aclocal.m40000644000000000000000000015523314734273512011367 00000000000000# generated automatically by aclocal 1.16.3 -*- Autoconf -*- # Copyright (C) 1996-2020 Free Software Foundation, Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],, [m4_warning([this file was generated for autoconf 2.69. You have another version of autoconf. It may work, but is not guaranteed to. If you have problems, you may need to regenerate the build system entirely. To do so, use the procedure documented by the package, typically 'autoreconf'.])]) # pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- # serial 12 (pkg-config-0.29.2) dnl Copyright © 2004 Scott James Remnant . dnl Copyright © 2012-2015 Dan Nicholson dnl dnl This program is free software; you can redistribute it and/or modify dnl it under the terms of the GNU General Public License as published by dnl the Free Software Foundation; either version 2 of the License, or dnl (at your option) any later version. dnl dnl This program is distributed in the hope that it will be useful, but dnl WITHOUT ANY WARRANTY; without even the implied warranty of dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU dnl General Public License for more details. dnl dnl You should have received a copy of the GNU General Public License dnl along with this program; if not, write to the Free Software dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA dnl 02111-1307, USA. dnl dnl As a special exception to the GNU General Public License, if you dnl distribute this file as part of a program that contains a dnl configuration script generated by Autoconf, you may include it under dnl the same distribution terms that you use for the rest of that dnl program. dnl PKG_PREREQ(MIN-VERSION) dnl ----------------------- dnl Since: 0.29 dnl dnl Verify that the version of the pkg-config macros are at least dnl MIN-VERSION. Unlike PKG_PROG_PKG_CONFIG, which checks the user's dnl installed version of pkg-config, this checks the developer's version dnl of pkg.m4 when generating configure. dnl dnl To ensure that this macro is defined, also add: dnl m4_ifndef([PKG_PREREQ], dnl [m4_fatal([must install pkg-config 0.29 or later before running autoconf/autogen])]) dnl dnl See the "Since" comment for each macro you use to see what version dnl of the macros you require. m4_defun([PKG_PREREQ], [m4_define([PKG_MACROS_VERSION], [0.29.2]) m4_if(m4_version_compare(PKG_MACROS_VERSION, [$1]), -1, [m4_fatal([pkg.m4 version $1 or higher is required but ]PKG_MACROS_VERSION[ found])]) ])dnl PKG_PREREQ dnl PKG_PROG_PKG_CONFIG([MIN-VERSION]) dnl ---------------------------------- dnl Since: 0.16 dnl dnl Search for the pkg-config tool and set the PKG_CONFIG variable to dnl first found in the path. Checks that the version of pkg-config found dnl is at least MIN-VERSION. If MIN-VERSION is not specified, 0.9.0 is dnl used since that's the first version where most current features of dnl pkg-config existed. AC_DEFUN([PKG_PROG_PKG_CONFIG], [m4_pattern_forbid([^_?PKG_[A-Z_]+$]) m4_pattern_allow([^PKG_CONFIG(_(PATH|LIBDIR|SYSROOT_DIR|ALLOW_SYSTEM_(CFLAGS|LIBS)))?$]) m4_pattern_allow([^PKG_CONFIG_(DISABLE_UNINSTALLED|TOP_BUILD_DIR|DEBUG_SPEW)$]) AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility]) AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path]) AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path]) if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) fi if test -n "$PKG_CONFIG"; then _pkg_min_version=m4_default([$1], [0.9.0]) AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) PKG_CONFIG="" fi fi[]dnl ])dnl PKG_PROG_PKG_CONFIG dnl PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) dnl ------------------------------------------------------------------- dnl Since: 0.18 dnl dnl Check to see whether a particular set of modules exists. Similar to dnl PKG_CHECK_MODULES(), but does not set variables or print errors. dnl dnl Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG]) dnl only at the first occurence in configure.ac, so if the first place dnl it's called might be skipped (such as if it is within an "if", you dnl have to call PKG_CHECK_EXISTS manually AC_DEFUN([PKG_CHECK_EXISTS], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl if test -n "$PKG_CONFIG" && \ AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then m4_default([$2], [:]) m4_ifvaln([$3], [else $3])dnl fi]) dnl _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) dnl --------------------------------------------- dnl Internal wrapper calling pkg-config via PKG_CONFIG and setting dnl pkg_failed based on the result. m4_define([_PKG_CONFIG], [if test -n "$$1"; then pkg_cv_[]$1="$$1" elif test -n "$PKG_CONFIG"; then PKG_CHECK_EXISTS([$3], [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null` test "x$?" != "x0" && pkg_failed=yes ], [pkg_failed=yes]) else pkg_failed=untried fi[]dnl ])dnl _PKG_CONFIG dnl _PKG_SHORT_ERRORS_SUPPORTED dnl --------------------------- dnl Internal check to see if pkg-config supports short errors. AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED], [AC_REQUIRE([PKG_PROG_PKG_CONFIG]) if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then _pkg_short_errors_supported=yes else _pkg_short_errors_supported=no fi[]dnl ])dnl _PKG_SHORT_ERRORS_SUPPORTED dnl PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], dnl [ACTION-IF-NOT-FOUND]) dnl -------------------------------------------------------------- dnl Since: 0.4.0 dnl dnl Note that if there is a possibility the first call to dnl PKG_CHECK_MODULES might not happen, you should be sure to include an dnl explicit call to PKG_PROG_PKG_CONFIG in your configure.ac AC_DEFUN([PKG_CHECK_MODULES], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl pkg_failed=no AC_MSG_CHECKING([for $2]) _PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) _PKG_CONFIG([$1][_LIBS], [libs], [$2]) m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS and $1[]_LIBS to avoid the need to call pkg-config. See the pkg-config man page for more details.]) if test $pkg_failed = yes; then AC_MSG_RESULT([no]) _PKG_SHORT_ERRORS_SUPPORTED if test $_pkg_short_errors_supported = yes; then $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "$2" 2>&1` else $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "$2" 2>&1` fi # Put the nasty error message in config.log where it belongs echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD m4_default([$4], [AC_MSG_ERROR( [Package requirements ($2) were not met: $$1_PKG_ERRORS Consider adjusting the PKG_CONFIG_PATH environment variable if you installed software in a non-standard prefix. _PKG_TEXT])[]dnl ]) elif test $pkg_failed = untried; then AC_MSG_RESULT([no]) m4_default([$4], [AC_MSG_FAILURE( [The pkg-config script could not be found or is too old. Make sure it is in your PATH or set the PKG_CONFIG environment variable to the full path to pkg-config. _PKG_TEXT To get pkg-config, see .])[]dnl ]) else $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS $1[]_LIBS=$pkg_cv_[]$1[]_LIBS AC_MSG_RESULT([yes]) $3 fi[]dnl ])dnl PKG_CHECK_MODULES dnl PKG_CHECK_MODULES_STATIC(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], dnl [ACTION-IF-NOT-FOUND]) dnl --------------------------------------------------------------------- dnl Since: 0.29 dnl dnl Checks for existence of MODULES and gathers its build flags with dnl static libraries enabled. Sets VARIABLE-PREFIX_CFLAGS from --cflags dnl and VARIABLE-PREFIX_LIBS from --libs. dnl dnl Note that if there is a possibility the first call to dnl PKG_CHECK_MODULES_STATIC might not happen, you should be sure to dnl include an explicit call to PKG_PROG_PKG_CONFIG in your dnl configure.ac. AC_DEFUN([PKG_CHECK_MODULES_STATIC], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl _save_PKG_CONFIG=$PKG_CONFIG PKG_CONFIG="$PKG_CONFIG --static" PKG_CHECK_MODULES($@) PKG_CONFIG=$_save_PKG_CONFIG[]dnl ])dnl PKG_CHECK_MODULES_STATIC dnl PKG_INSTALLDIR([DIRECTORY]) dnl ------------------------- dnl Since: 0.27 dnl dnl Substitutes the variable pkgconfigdir as the location where a module dnl should install pkg-config .pc files. By default the directory is dnl $libdir/pkgconfig, but the default can be changed by passing dnl DIRECTORY. The user can override through the --with-pkgconfigdir dnl parameter. AC_DEFUN([PKG_INSTALLDIR], [m4_pushdef([pkg_default], [m4_default([$1], ['${libdir}/pkgconfig'])]) m4_pushdef([pkg_description], [pkg-config installation directory @<:@]pkg_default[@:>@]) AC_ARG_WITH([pkgconfigdir], [AS_HELP_STRING([--with-pkgconfigdir], pkg_description)],, [with_pkgconfigdir=]pkg_default) AC_SUBST([pkgconfigdir], [$with_pkgconfigdir]) m4_popdef([pkg_default]) m4_popdef([pkg_description]) ])dnl PKG_INSTALLDIR dnl PKG_NOARCH_INSTALLDIR([DIRECTORY]) dnl -------------------------------- dnl Since: 0.27 dnl dnl Substitutes the variable noarch_pkgconfigdir as the location where a dnl module should install arch-independent pkg-config .pc files. By dnl default the directory is $datadir/pkgconfig, but the default can be dnl changed by passing DIRECTORY. The user can override through the dnl --with-noarch-pkgconfigdir parameter. AC_DEFUN([PKG_NOARCH_INSTALLDIR], [m4_pushdef([pkg_default], [m4_default([$1], ['${datadir}/pkgconfig'])]) m4_pushdef([pkg_description], [pkg-config arch-independent installation directory @<:@]pkg_default[@:>@]) AC_ARG_WITH([noarch-pkgconfigdir], [AS_HELP_STRING([--with-noarch-pkgconfigdir], pkg_description)],, [with_noarch_pkgconfigdir=]pkg_default) AC_SUBST([noarch_pkgconfigdir], [$with_noarch_pkgconfigdir]) m4_popdef([pkg_default]) m4_popdef([pkg_description]) ])dnl PKG_NOARCH_INSTALLDIR dnl PKG_CHECK_VAR(VARIABLE, MODULE, CONFIG-VARIABLE, dnl [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) dnl ------------------------------------------- dnl Since: 0.28 dnl dnl Retrieves the value of the pkg-config variable for the given module. AC_DEFUN([PKG_CHECK_VAR], [AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl AC_ARG_VAR([$1], [value of $3 for $2, overriding pkg-config])dnl _PKG_CONFIG([$1], [variable="][$3]["], [$2]) AS_VAR_COPY([$1], [pkg_cv_][$1]) AS_VAR_IF([$1], [""], [$5], [$4])dnl ])dnl PKG_CHECK_VAR # Copyright (C) 2002-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_AUTOMAKE_VERSION(VERSION) # ---------------------------- # Automake X.Y traces this macro to ensure aclocal.m4 has been # generated from the m4 files accompanying Automake X.Y. # (This private macro should not be called outside this file.) AC_DEFUN([AM_AUTOMAKE_VERSION], [am__api_version='1.16' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. m4_if([$1], [1.16.3], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) # _AM_AUTOCONF_VERSION(VERSION) # ----------------------------- # aclocal traces this macro to find the Autoconf version. # This is a private macro too. Using m4_define simplifies # the logic in aclocal, which can simply ignore this definition. m4_define([_AM_AUTOCONF_VERSION], []) # AM_SET_CURRENT_AUTOMAKE_VERSION # ------------------------------- # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], [AM_AUTOMAKE_VERSION([1.16.3])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) # Copyright (C) 2011-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_PROG_AR([ACT-IF-FAIL]) # ------------------------- # Try to determine the archiver interface, and trigger the ar-lib wrapper # if it is needed. If the detection of archiver interface fails, run # ACT-IF-FAIL (default is to abort configure with a proper error message). AC_DEFUN([AM_PROG_AR], [AC_BEFORE([$0], [LT_INIT])dnl AC_BEFORE([$0], [AC_PROG_LIBTOOL])dnl AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl AC_REQUIRE_AUX_FILE([ar-lib])dnl AC_CHECK_TOOLS([AR], [ar lib "link -lib"], [false]) : ${AR=ar} AC_CACHE_CHECK([the archiver ($AR) interface], [am_cv_ar_interface], [AC_LANG_PUSH([C]) am_cv_ar_interface=ar AC_COMPILE_IFELSE([AC_LANG_SOURCE([[int some_variable = 0;]])], [am_ar_try='$AR cru libconftest.a conftest.$ac_objext >&AS_MESSAGE_LOG_FD' AC_TRY_EVAL([am_ar_try]) if test "$ac_status" -eq 0; then am_cv_ar_interface=ar else am_ar_try='$AR -NOLOGO -OUT:conftest.lib conftest.$ac_objext >&AS_MESSAGE_LOG_FD' AC_TRY_EVAL([am_ar_try]) if test "$ac_status" -eq 0; then am_cv_ar_interface=lib else am_cv_ar_interface=unknown fi fi rm -f conftest.lib libconftest.a ]) AC_LANG_POP([C])]) case $am_cv_ar_interface in ar) ;; lib) # Microsoft lib, so override with the ar-lib wrapper script. # FIXME: It is wrong to rewrite AR. # But if we don't then we get into trouble of one sort or another. # A longer-term fix would be to have automake use am__AR in this case, # and then we could set am__AR="$am_aux_dir/ar-lib \$(AR)" or something # similar. AR="$am_aux_dir/ar-lib $AR" ;; unknown) m4_default([$1], [AC_MSG_ERROR([could not determine $AR interface])]) ;; esac AC_SUBST([AR])dnl ]) # AM_AUX_DIR_EXPAND -*- Autoconf -*- # Copyright (C) 2001-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets # $ac_aux_dir to '$srcdir/foo'. In other projects, it is set to # '$srcdir', '$srcdir/..', or '$srcdir/../..'. # # Of course, Automake must honor this variable whenever it calls a # tool from the auxiliary directory. The problem is that $srcdir (and # therefore $ac_aux_dir as well) can be either absolute or relative, # depending on how configure is run. This is pretty annoying, since # it makes $ac_aux_dir quite unusable in subdirectories: in the top # source directory, any form will work fine, but in subdirectories a # relative path needs to be adjusted first. # # $ac_aux_dir/missing # fails when called from a subdirectory if $ac_aux_dir is relative # $top_srcdir/$ac_aux_dir/missing # fails if $ac_aux_dir is absolute, # fails when called from a subdirectory in a VPATH build with # a relative $ac_aux_dir # # The reason of the latter failure is that $top_srcdir and $ac_aux_dir # are both prefixed by $srcdir. In an in-source build this is usually # harmless because $srcdir is '.', but things will broke when you # start a VPATH build or use an absolute $srcdir. # # So we could use something similar to $top_srcdir/$ac_aux_dir/missing, # iff we strip the leading $srcdir from $ac_aux_dir. That would be: # am_aux_dir='\$(top_srcdir)/'`expr "$ac_aux_dir" : "$srcdir//*\(.*\)"` # and then we would define $MISSING as # MISSING="\${SHELL} $am_aux_dir/missing" # This will work as long as MISSING is not called from configure, because # unfortunately $(top_srcdir) has no meaning in configure. # However there are other variables, like CC, which are often used in # configure, and could therefore not use this "fixed" $ac_aux_dir. # # Another solution, used here, is to always expand $ac_aux_dir to an # absolute PATH. The drawback is that using absolute paths prevent a # configured tree to be moved without reconfiguration. AC_DEFUN([AM_AUX_DIR_EXPAND], [AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl # Expand $ac_aux_dir to an absolute path. am_aux_dir=`cd "$ac_aux_dir" && pwd` ]) # AM_CONDITIONAL -*- Autoconf -*- # Copyright (C) 1997-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_CONDITIONAL(NAME, SHELL-CONDITION) # ------------------------------------- # Define a conditional. AC_DEFUN([AM_CONDITIONAL], [AC_PREREQ([2.52])dnl m4_if([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl AC_SUBST([$1_TRUE])dnl AC_SUBST([$1_FALSE])dnl _AM_SUBST_NOTMAKE([$1_TRUE])dnl _AM_SUBST_NOTMAKE([$1_FALSE])dnl m4_define([_AM_COND_VALUE_$1], [$2])dnl if $2; then $1_TRUE= $1_FALSE='#' else $1_TRUE='#' $1_FALSE= fi AC_CONFIG_COMMANDS_PRE( [if test -z "${$1_TRUE}" && test -z "${$1_FALSE}"; then AC_MSG_ERROR([[conditional "$1" was never defined. Usually this means the macro was only invoked conditionally.]]) fi])]) # Copyright (C) 1999-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be # written in clear, in which case automake, when reading aclocal.m4, # will think it sees a *use*, and therefore will trigger all it's # C support machinery. Also note that it means that autoscan, seeing # CC etc. in the Makefile, will ask for an AC_PROG_CC use... # _AM_DEPENDENCIES(NAME) # ---------------------- # See how the compiler implements dependency checking. # NAME is "CC", "CXX", "OBJC", "OBJCXX", "UPC", or "GJC". # We try a few techniques and use that to set a single cache variable. # # We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was # modified to invoke _AM_DEPENDENCIES(CC); we would have a circular # dependency, and given that the user is not expected to run this macro, # just rely on AC_PROG_CC. AC_DEFUN([_AM_DEPENDENCIES], [AC_REQUIRE([AM_SET_DEPDIR])dnl AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl AC_REQUIRE([AM_MAKE_INCLUDE])dnl AC_REQUIRE([AM_DEP_TRACK])dnl m4_if([$1], [CC], [depcc="$CC" am_compiler_list=], [$1], [CXX], [depcc="$CXX" am_compiler_list=], [$1], [OBJC], [depcc="$OBJC" am_compiler_list='gcc3 gcc'], [$1], [OBJCXX], [depcc="$OBJCXX" am_compiler_list='gcc3 gcc'], [$1], [UPC], [depcc="$UPC" am_compiler_list=], [$1], [GCJ], [depcc="$GCJ" am_compiler_list='gcc3 gcc'], [depcc="$$1" am_compiler_list=]) AC_CACHE_CHECK([dependency style of $depcc], [am_cv_$1_dependencies_compiler_type], [if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up # making a dummy file named 'D' -- because '-MD' means "put the output # in D". rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're # using a relative directory. cp "$am_depcomp" conftest.dir cd conftest.dir # We will build objects and dependencies in a subdirectory because # it helps to detect inapplicable dependency modes. For instance # both Tru64's cc and ICC support -MD to output dependencies as a # side effect of compilation, but ICC will put the dependencies in # the current directory while Tru64 will put them in the object # directory. mkdir sub am_cv_$1_dependencies_compiler_type=none if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` fi am__universal=false m4_case([$1], [CC], [case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac], [CXX], [case " $depcc " in #( *\ -arch\ *\ -arch\ *) am__universal=true ;; esac]) for depmode in $am_compiler_list; do # Setup a source with many dependencies, because some compilers # like to wrap large dependency lists on column 80 (with \), and # we should not choose a depcomp mode which is confused by this. # # We need to recreate these files for each test, as the compiler may # overwrite some of them when testing with obscure command lines. # This happens at least with the AIX C compiler. : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with # Solaris 10 /bin/sh. echo '/* dummy */' > sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf # We check with '-c' and '-o' for the sake of the "dashmstdout" # mode. It turns out that the SunPro C++ compiler does not properly # handle '-M -o', and we need to detect this. Also, some Intel # versions had trouble with output in subdirs. am__obj=sub/conftest.${OBJEXT-o} am__minus_obj="-o $am__obj" case $depmode in gcc) # This depmode causes a compiler race in universal mode. test "$am__universal" = false || continue ;; nosideeffect) # After this tag, mechanisms are not by side-effect, so they'll # only be used when explicitly requested. if test "x$enable_dependency_tracking" = xyes; then continue else break fi ;; msvc7 | msvc7msys | msvisualcpp | msvcmsys) # This compiler won't grok '-c -o', but also, the minuso test has # not run yet. These depmodes are late enough in the game, and # so weak that their functioning should not be impacted. am__obj=conftest.${OBJEXT-o} am__minus_obj= ;; none) break ;; esac if depmode=$depmode \ source=sub/conftest.c object=$am__obj \ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ >/dev/null 2>conftest.err && grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && grep $am__obj sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then # icc doesn't choke on unknown options, it will just issue warnings # or remarks (even with -Werror). So we grep stderr for any message # that says an option was ignored or not supported. # When given -MP, icc 7.0 and 7.1 complain thusly: # icc: Command line warning: ignoring option '-M'; no argument required # The diagnosis changed in icc 8.0: # icc: Command line remark: option '-MP' not supported if (grep 'ignoring option' conftest.err || grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else am_cv_$1_dependencies_compiler_type=$depmode break fi fi done cd .. rm -rf conftest.dir else am_cv_$1_dependencies_compiler_type=none fi ]) AC_SUBST([$1DEPMODE], [depmode=$am_cv_$1_dependencies_compiler_type]) AM_CONDITIONAL([am__fastdep$1], [ test "x$enable_dependency_tracking" != xno \ && test "$am_cv_$1_dependencies_compiler_type" = gcc3]) ]) # AM_SET_DEPDIR # ------------- # Choose a directory name for dependency files. # This macro is AC_REQUIREd in _AM_DEPENDENCIES. AC_DEFUN([AM_SET_DEPDIR], [AC_REQUIRE([AM_SET_LEADING_DOT])dnl AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl ]) # AM_DEP_TRACK # ------------ AC_DEFUN([AM_DEP_TRACK], [AC_ARG_ENABLE([dependency-tracking], [dnl AS_HELP_STRING( [--enable-dependency-tracking], [do not reject slow dependency extractors]) AS_HELP_STRING( [--disable-dependency-tracking], [speeds up one-time build])]) if test "x$enable_dependency_tracking" != xno; then am_depcomp="$ac_aux_dir/depcomp" AMDEPBACKSLASH='\' am__nodep='_no' fi AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) AC_SUBST([AMDEPBACKSLASH])dnl _AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl AC_SUBST([am__nodep])dnl _AM_SUBST_NOTMAKE([am__nodep])dnl ]) # Generate code to set up dependency tracking. -*- Autoconf -*- # Copyright (C) 1999-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_OUTPUT_DEPENDENCY_COMMANDS # ------------------------------ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], [{ # Older Autoconf quotes --file arguments for eval, but not when files # are listed without --file. Let's play safe and only enable the eval # if we detect the quoting. # TODO: see whether this extra hack can be removed once we start # requiring Autoconf 2.70 or later. AS_CASE([$CONFIG_FILES], [*\'*], [eval set x "$CONFIG_FILES"], [*], [set x $CONFIG_FILES]) shift # Used to flag and report bootstrapping failures. am_rc=0 for am_mf do # Strip MF so we end up with the name of the file. am_mf=`AS_ECHO(["$am_mf"]) | sed -e 's/:.*$//'` # Check whether this is an Automake generated Makefile which includes # dependency-tracking related rules and includes. # Grep'ing the whole file directly is not great: AIX grep has a line # limit of 2048, but all sed's we know have understand at least 4000. sed -n 's,^am--depfiles:.*,X,p' "$am_mf" | grep X >/dev/null 2>&1 \ || continue am_dirpart=`AS_DIRNAME(["$am_mf"])` am_filepart=`AS_BASENAME(["$am_mf"])` AM_RUN_LOG([cd "$am_dirpart" \ && sed -e '/# am--include-marker/d' "$am_filepart" \ | $MAKE -f - am--depfiles]) || am_rc=$? done if test $am_rc -ne 0; then AC_MSG_FAILURE([Something went wrong bootstrapping makefile fragments for automatic dependency tracking. If GNU make was not used, consider re-running the configure script with MAKE="gmake" (or whatever is necessary). You can also try re-running configure with the '--disable-dependency-tracking' option to at least be able to build the package (albeit without support for automatic dependency tracking).]) fi AS_UNSET([am_dirpart]) AS_UNSET([am_filepart]) AS_UNSET([am_mf]) AS_UNSET([am_rc]) rm -f conftest-deps.mk } ])# _AM_OUTPUT_DEPENDENCY_COMMANDS # AM_OUTPUT_DEPENDENCY_COMMANDS # ----------------------------- # This macro should only be invoked once -- use via AC_REQUIRE. # # This code is only required when automatic dependency tracking is enabled. # This creates each '.Po' and '.Plo' makefile fragment that we'll need in # order to bootstrap the dependency handling code. AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], [AC_CONFIG_COMMANDS([depfiles], [test x"$AMDEP_TRUE" != x"" || _AM_OUTPUT_DEPENDENCY_COMMANDS], [AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}"])]) # Do all the work for Automake. -*- Autoconf -*- # Copyright (C) 1996-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This macro actually does too much. Some checks are only needed if # your package does certain things. But this isn't really a big deal. dnl Redefine AC_PROG_CC to automatically invoke _AM_PROG_CC_C_O. m4_define([AC_PROG_CC], m4_defn([AC_PROG_CC]) [_AM_PROG_CC_C_O ]) # AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) # AM_INIT_AUTOMAKE([OPTIONS]) # ----------------------------------------------- # The call with PACKAGE and VERSION arguments is the old style # call (pre autoconf-2.50), which is being phased out. PACKAGE # and VERSION should now be passed to AC_INIT and removed from # the call to AM_INIT_AUTOMAKE. # We support both call styles for the transition. After # the next Automake release, Autoconf can make the AC_INIT # arguments mandatory, and then we can depend on a new Autoconf # release and drop the old call support. AC_DEFUN([AM_INIT_AUTOMAKE], [AC_PREREQ([2.65])dnl dnl Autoconf wants to disallow AM_ names. We explicitly allow dnl the ones we care about. m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl AC_REQUIRE([AM_SET_CURRENT_AUTOMAKE_VERSION])dnl AC_REQUIRE([AC_PROG_INSTALL])dnl if test "`cd $srcdir && pwd`" != "`pwd`"; then # Use -I$(srcdir) only when $(srcdir) != ., so that make's output # is not polluted with repeated "-I." AC_SUBST([am__isrc], [' -I$(srcdir)'])_AM_SUBST_NOTMAKE([am__isrc])dnl # test to see if srcdir already configured if test -f $srcdir/config.status; then AC_MSG_ERROR([source directory already configured; run "make distclean" there first]) fi fi # test whether we have cygpath if test -z "$CYGPATH_W"; then if (cygpath --version) >/dev/null 2>/dev/null; then CYGPATH_W='cygpath -w' else CYGPATH_W=echo fi fi AC_SUBST([CYGPATH_W]) # Define the identity of the package. dnl Distinguish between old-style and new-style calls. m4_ifval([$2], [AC_DIAGNOSE([obsolete], [$0: two- and three-arguments forms are deprecated.]) m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl AC_SUBST([PACKAGE], [$1])dnl AC_SUBST([VERSION], [$2])], [_AM_SET_OPTIONS([$1])dnl dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. m4_if( m4_ifdef([AC_PACKAGE_NAME], [ok]):m4_ifdef([AC_PACKAGE_VERSION], [ok]), [ok:ok],, [m4_fatal([AC_INIT should be called with package and version arguments])])dnl AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl _AM_IF_OPTION([no-define],, [AC_DEFINE_UNQUOTED([PACKAGE], ["$PACKAGE"], [Name of package]) AC_DEFINE_UNQUOTED([VERSION], ["$VERSION"], [Version number of package])])dnl # Some tools Automake needs. AC_REQUIRE([AM_SANITY_CHECK])dnl AC_REQUIRE([AC_ARG_PROGRAM])dnl AM_MISSING_PROG([ACLOCAL], [aclocal-${am__api_version}]) AM_MISSING_PROG([AUTOCONF], [autoconf]) AM_MISSING_PROG([AUTOMAKE], [automake-${am__api_version}]) AM_MISSING_PROG([AUTOHEADER], [autoheader]) AM_MISSING_PROG([MAKEINFO], [makeinfo]) AC_REQUIRE([AM_PROG_INSTALL_SH])dnl AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl AC_REQUIRE([AC_PROG_MKDIR_P])dnl # For better backward compatibility. To be removed once Automake 1.9.x # dies out for good. For more background, see: # # AC_SUBST([mkdir_p], ['$(MKDIR_P)']) # We need awk for the "check" target (and possibly the TAP driver). The # system "awk" is bad on some platforms. AC_REQUIRE([AC_PROG_AWK])dnl AC_REQUIRE([AC_PROG_MAKE_SET])dnl AC_REQUIRE([AM_SET_LEADING_DOT])dnl _AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], [_AM_PROG_TAR([v7])])]) _AM_IF_OPTION([no-dependencies],, [AC_PROVIDE_IFELSE([AC_PROG_CC], [_AM_DEPENDENCIES([CC])], [m4_define([AC_PROG_CC], m4_defn([AC_PROG_CC])[_AM_DEPENDENCIES([CC])])])dnl AC_PROVIDE_IFELSE([AC_PROG_CXX], [_AM_DEPENDENCIES([CXX])], [m4_define([AC_PROG_CXX], m4_defn([AC_PROG_CXX])[_AM_DEPENDENCIES([CXX])])])dnl AC_PROVIDE_IFELSE([AC_PROG_OBJC], [_AM_DEPENDENCIES([OBJC])], [m4_define([AC_PROG_OBJC], m4_defn([AC_PROG_OBJC])[_AM_DEPENDENCIES([OBJC])])])dnl AC_PROVIDE_IFELSE([AC_PROG_OBJCXX], [_AM_DEPENDENCIES([OBJCXX])], [m4_define([AC_PROG_OBJCXX], m4_defn([AC_PROG_OBJCXX])[_AM_DEPENDENCIES([OBJCXX])])])dnl ]) AC_REQUIRE([AM_SILENT_RULES])dnl dnl The testsuite driver may need to know about EXEEXT, so add the dnl 'am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This dnl macro is hooked onto _AC_COMPILER_EXEEXT early, see below. AC_CONFIG_COMMANDS_PRE(dnl [m4_provide_if([_AM_COMPILER_EXEEXT], [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl # POSIX will say in a future version that running "rm -f" with no argument # is OK; and we want to be able to make that assumption in our Makefile # recipes. So use an aggressive probe to check that the usage we want is # actually supported "in the wild" to an acceptable degree. # See automake bug#10828. # To make any issue more visible, cause the running configure to be aborted # by default if the 'rm' program in use doesn't match our expectations; the # user can still override this though. if rm -f && rm -fr && rm -rf; then : OK; else cat >&2 <<'END' Oops! Your 'rm' program seems unable to run without file operands specified on the command line, even when the '-f' option is present. This is contrary to the behaviour of most rm programs out there, and not conforming with the upcoming POSIX standard: Please tell bug-automake@gnu.org about your system, including the value of your $PATH and any error possibly output before this message. This can help us improve future automake versions. END if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then echo 'Configuration will proceed anyway, since you have set the' >&2 echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 echo >&2 else cat >&2 <<'END' Aborting the configuration process, to ensure you take notice of the issue. You can download and install GNU coreutils to get an 'rm' implementation that behaves properly: . If you want to complete the configuration process using your problematic 'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM to "yes", and re-run configure. END AC_MSG_ERROR([Your 'rm' program is bad, sorry.]) fi fi dnl The trailing newline in this macro's definition is deliberate, for dnl backward compatibility and to allow trailing 'dnl'-style comments dnl after the AM_INIT_AUTOMAKE invocation. See automake bug#16841. ]) dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further dnl mangled by Autoconf and run in a shell conditional statement. m4_define([_AC_COMPILER_EXEEXT], m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) # When config.status generates a header, we must update the stamp-h file. # This file resides in the same directory as the config header # that is generated. The stamp files are numbered to have different names. # Autoconf calls _AC_AM_CONFIG_HEADER_HOOK (when defined) in the # loop where config.status creates the headers, so we can generate # our stamp files there. AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], [# Compute $1's index in $config_headers. _am_arg=$1 _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) # Copyright (C) 2001-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_PROG_INSTALL_SH # ------------------ # Define $install_sh. AC_DEFUN([AM_PROG_INSTALL_SH], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl if test x"${install_sh+set}" != xset; then case $am_aux_dir in *\ * | *\ *) install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; *) install_sh="\${SHELL} $am_aux_dir/install-sh" esac fi AC_SUBST([install_sh])]) # Copyright (C) 2003-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # Check whether the underlying file-system supports filenames # with a leading dot. For instance MS-DOS doesn't. AC_DEFUN([AM_SET_LEADING_DOT], [rm -rf .tst 2>/dev/null mkdir .tst 2>/dev/null if test -d .tst; then am__leading_dot=. else am__leading_dot=_ fi rmdir .tst 2>/dev/null AC_SUBST([am__leading_dot])]) # Add --enable-maintainer-mode option to configure. -*- Autoconf -*- # From Jim Meyering # Copyright (C) 1996-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_MAINTAINER_MODE([DEFAULT-MODE]) # ---------------------------------- # Control maintainer-specific portions of Makefiles. # Default is to disable them, unless 'enable' is passed literally. # For symmetry, 'disable' may be passed as well. Anyway, the user # can override the default with the --enable/--disable switch. AC_DEFUN([AM_MAINTAINER_MODE], [m4_case(m4_default([$1], [disable]), [enable], [m4_define([am_maintainer_other], [disable])], [disable], [m4_define([am_maintainer_other], [enable])], [m4_define([am_maintainer_other], [enable]) m4_warn([syntax], [unexpected argument to AM@&t@_MAINTAINER_MODE: $1])]) AC_MSG_CHECKING([whether to enable maintainer-specific portions of Makefiles]) dnl maintainer-mode's default is 'disable' unless 'enable' is passed AC_ARG_ENABLE([maintainer-mode], [AS_HELP_STRING([--]am_maintainer_other[-maintainer-mode], am_maintainer_other[ make rules and dependencies not useful (and sometimes confusing) to the casual installer])], [USE_MAINTAINER_MODE=$enableval], [USE_MAINTAINER_MODE=]m4_if(am_maintainer_other, [enable], [no], [yes])) AC_MSG_RESULT([$USE_MAINTAINER_MODE]) AM_CONDITIONAL([MAINTAINER_MODE], [test $USE_MAINTAINER_MODE = yes]) MAINT=$MAINTAINER_MODE_TRUE AC_SUBST([MAINT])dnl ] ) # Check to see how 'make' treats includes. -*- Autoconf -*- # Copyright (C) 2001-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_MAKE_INCLUDE() # ----------------- # Check whether make has an 'include' directive that can support all # the idioms we need for our automatic dependency tracking code. AC_DEFUN([AM_MAKE_INCLUDE], [AC_MSG_CHECKING([whether ${MAKE-make} supports the include directive]) cat > confinc.mk << 'END' am__doit: @echo this is the am__doit target >confinc.out .PHONY: am__doit END am__include="#" am__quote= # BSD make does it like this. echo '.include "confinc.mk" # ignored' > confmf.BSD # Other make implementations (GNU, Solaris 10, AIX) do it like this. echo 'include confinc.mk # ignored' > confmf.GNU _am_result=no for s in GNU BSD; do AM_RUN_LOG([${MAKE-make} -f confmf.$s && cat confinc.out]) AS_CASE([$?:`cat confinc.out 2>/dev/null`], ['0:this is the am__doit target'], [AS_CASE([$s], [BSD], [am__include='.include' am__quote='"'], [am__include='include' am__quote=''])]) if test "$am__include" != "#"; then _am_result="yes ($s style)" break fi done rm -f confinc.* confmf.* AC_MSG_RESULT([${_am_result}]) AC_SUBST([am__include])]) AC_SUBST([am__quote])]) # Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- # Copyright (C) 1997-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_MISSING_PROG(NAME, PROGRAM) # ------------------------------ AC_DEFUN([AM_MISSING_PROG], [AC_REQUIRE([AM_MISSING_HAS_RUN]) $1=${$1-"${am_missing_run}$2"} AC_SUBST($1)]) # AM_MISSING_HAS_RUN # ------------------ # Define MISSING if not defined so far and test if it is modern enough. # If it is, set am_missing_run to use it, otherwise, to nothing. AC_DEFUN([AM_MISSING_HAS_RUN], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl AC_REQUIRE_AUX_FILE([missing])dnl if test x"${MISSING+set}" != xset; then MISSING="\${SHELL} '$am_aux_dir/missing'" fi # Use eval to expand $SHELL if eval "$MISSING --is-lightweight"; then am_missing_run="$MISSING " else am_missing_run= AC_MSG_WARN(['missing' script is too old or missing]) fi ]) # Helper functions for option handling. -*- Autoconf -*- # Copyright (C) 2001-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_MANGLE_OPTION(NAME) # ----------------------- AC_DEFUN([_AM_MANGLE_OPTION], [[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) # _AM_SET_OPTION(NAME) # -------------------- # Set option NAME. Presently that only means defining a flag for this option. AC_DEFUN([_AM_SET_OPTION], [m4_define(_AM_MANGLE_OPTION([$1]), [1])]) # _AM_SET_OPTIONS(OPTIONS) # ------------------------ # OPTIONS is a space-separated list of Automake options. AC_DEFUN([_AM_SET_OPTIONS], [m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) # _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) # ------------------------------------------- # Execute IF-SET if OPTION is set, IF-NOT-SET otherwise. AC_DEFUN([_AM_IF_OPTION], [m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) # Copyright (C) 1999-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_PROG_CC_C_O # --------------- # Like AC_PROG_CC_C_O, but changed for automake. We rewrite AC_PROG_CC # to automatically call this. AC_DEFUN([_AM_PROG_CC_C_O], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl AC_REQUIRE_AUX_FILE([compile])dnl AC_LANG_PUSH([C])dnl AC_CACHE_CHECK( [whether $CC understands -c and -o together], [am_cv_prog_cc_c_o], [AC_LANG_CONFTEST([AC_LANG_PROGRAM([])]) # Make sure it works both with $CC and with simple cc. # Following AC_PROG_CC_C_O, we do the test twice because some # compilers refuse to overwrite an existing .o file with -o, # though they will create one. am_cv_prog_cc_c_o=yes for am_i in 1 2; do if AM_RUN_LOG([$CC -c conftest.$ac_ext -o conftest2.$ac_objext]) \ && test -f conftest2.$ac_objext; then : OK else am_cv_prog_cc_c_o=no break fi done rm -f core conftest* unset am_i]) if test "$am_cv_prog_cc_c_o" != yes; then # Losing compiler, so override with the script. # FIXME: It is wrong to rewrite CC. # But if we don't then we get into trouble of one sort or another. # A longer-term fix would be to have automake use am__CC in this case, # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" CC="$am_aux_dir/compile $CC" fi AC_LANG_POP([C])]) # For backward compatibility. AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])]) # Copyright (C) 2001-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_RUN_LOG(COMMAND) # ------------------- # Run COMMAND, save the exit status in ac_status, and log it. # (This has been adapted from Autoconf's _AC_RUN_LOG macro.) AC_DEFUN([AM_RUN_LOG], [{ echo "$as_me:$LINENO: $1" >&AS_MESSAGE_LOG_FD ($1) >&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD ac_status=$? echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD (exit $ac_status); }]) # Check to make sure that the build environment is sane. -*- Autoconf -*- # Copyright (C) 1996-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_SANITY_CHECK # --------------- AC_DEFUN([AM_SANITY_CHECK], [AC_MSG_CHECKING([whether build environment is sane]) # Reject unsafe characters in $srcdir or the absolute working directory # name. Accept space and tab only in the latter. am_lf=' ' case `pwd` in *[[\\\"\#\$\&\'\`$am_lf]]*) AC_MSG_ERROR([unsafe absolute working directory name]);; esac case $srcdir in *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) AC_MSG_ERROR([unsafe srcdir value: '$srcdir']);; esac # Do 'set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( am_has_slept=no for am_try in 1 2; do echo "timestamp, slept: $am_has_slept" > conftest.file set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` if test "$[*]" = "X"; then # -L didn't work. set X `ls -t "$srcdir/configure" conftest.file` fi if test "$[*]" != "X $srcdir/configure conftest.file" \ && test "$[*]" != "X conftest.file $srcdir/configure"; then # If neither matched, then we have a broken ls. This can happen # if, for instance, CONFIG_SHELL is bash and it inherits a # broken ls alias from the environment. This has actually # happened. Such a system could not be considered "sane". AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken alias in your environment]) fi if test "$[2]" = conftest.file || test $am_try -eq 2; then break fi # Just in case. sleep 1 am_has_slept=yes done test "$[2]" = conftest.file ) then # Ok. : else AC_MSG_ERROR([newly created file is older than distributed files! Check your system clock]) fi AC_MSG_RESULT([yes]) # If we didn't sleep, we still need to ensure time stamps of config.status and # generated files are strictly newer. am_sleep_pid= if grep 'slept: no' conftest.file >/dev/null 2>&1; then ( sleep 1 ) & am_sleep_pid=$! fi AC_CONFIG_COMMANDS_PRE( [AC_MSG_CHECKING([that generated files are newer than configure]) if test -n "$am_sleep_pid"; then # Hide warnings about reused PIDs. wait $am_sleep_pid 2>/dev/null fi AC_MSG_RESULT([done])]) rm -f conftest.file ]) # Copyright (C) 2009-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_SILENT_RULES([DEFAULT]) # -------------------------- # Enable less verbose build rules; with the default set to DEFAULT # ("yes" being less verbose, "no" or empty being verbose). AC_DEFUN([AM_SILENT_RULES], [AC_ARG_ENABLE([silent-rules], [dnl AS_HELP_STRING( [--enable-silent-rules], [less verbose build output (undo: "make V=1")]) AS_HELP_STRING( [--disable-silent-rules], [verbose build output (undo: "make V=0")])dnl ]) case $enable_silent_rules in @%:@ ((( yes) AM_DEFAULT_VERBOSITY=0;; no) AM_DEFAULT_VERBOSITY=1;; *) AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);; esac dnl dnl A few 'make' implementations (e.g., NonStop OS and NextStep) dnl do not support nested variable expansions. dnl See automake bug#9928 and bug#10237. am_make=${MAKE-make} AC_CACHE_CHECK([whether $am_make supports nested variables], [am_cv_make_support_nested_variables], [if AS_ECHO([['TRUE=$(BAR$(V)) BAR0=false BAR1=true V=1 am__doit: @$(TRUE) .PHONY: am__doit']]) | $am_make -f - >/dev/null 2>&1; then am_cv_make_support_nested_variables=yes else am_cv_make_support_nested_variables=no fi]) if test $am_cv_make_support_nested_variables = yes; then dnl Using '$V' instead of '$(V)' breaks IRIX make. AM_V='$(V)' AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' else AM_V=$AM_DEFAULT_VERBOSITY AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY fi AC_SUBST([AM_V])dnl AM_SUBST_NOTMAKE([AM_V])dnl AC_SUBST([AM_DEFAULT_V])dnl AM_SUBST_NOTMAKE([AM_DEFAULT_V])dnl AC_SUBST([AM_DEFAULT_VERBOSITY])dnl AM_BACKSLASH='\' AC_SUBST([AM_BACKSLASH])dnl _AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl ]) # Copyright (C) 2001-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # AM_PROG_INSTALL_STRIP # --------------------- # One issue with vendor 'install' (even GNU) is that you can't # specify the program used to strip binaries. This is especially # annoying in cross-compiling environments, where the build's strip # is unlikely to handle the host's binaries. # Fortunately install-sh will honor a STRIPPROG variable, so we # always use install-sh in "make install-strip", and initialize # STRIPPROG with the value of the STRIP variable (set by the user). AC_DEFUN([AM_PROG_INSTALL_STRIP], [AC_REQUIRE([AM_PROG_INSTALL_SH])dnl # Installed binaries are usually stripped using 'strip' when the user # run "make install-strip". However 'strip' might not be the right # tool to use in cross-compilation environments, therefore Automake # will honor the 'STRIP' environment variable to overrule this program. dnl Don't test for $cross_compiling = yes, because it might be 'maybe'. if test "$cross_compiling" != no; then AC_CHECK_TOOL([STRIP], [strip], :) fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" AC_SUBST([INSTALL_STRIP_PROGRAM])]) # Copyright (C) 2006-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_SUBST_NOTMAKE(VARIABLE) # --------------------------- # Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. # This macro is traced by Automake. AC_DEFUN([_AM_SUBST_NOTMAKE]) # AM_SUBST_NOTMAKE(VARIABLE) # -------------------------- # Public sister of _AM_SUBST_NOTMAKE. AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) # Check how to create a tarball. -*- Autoconf -*- # Copyright (C) 2004-2020 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # _AM_PROG_TAR(FORMAT) # -------------------- # Check how to create a tarball in format FORMAT. # FORMAT should be one of 'v7', 'ustar', or 'pax'. # # Substitute a variable $(am__tar) that is a command # writing to stdout a FORMAT-tarball containing the directory # $tardir. # tardir=directory && $(am__tar) > result.tar # # Substitute a variable $(am__untar) that extract such # a tarball read from stdin. # $(am__untar) < result.tar # AC_DEFUN([_AM_PROG_TAR], [# Always define AMTAR for backward compatibility. Yes, it's still used # in the wild :-( We should find a proper way to deprecate it ... AC_SUBST([AMTAR], ['$${TAR-tar}']) # We'll loop over all known methods to create a tar archive until one works. _am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' m4_if([$1], [v7], [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'], [m4_case([$1], [ustar], [# The POSIX 1988 'ustar' format is defined with fixed-size fields. # There is notably a 21 bits limit for the UID and the GID. In fact, # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343 # and bug#13588). am_max_uid=2097151 # 2^21 - 1 am_max_gid=$am_max_uid # The $UID and $GID variables are not portable, so we need to resort # to the POSIX-mandated id(1) utility. Errors in the 'id' calls # below are definitely unexpected, so allow the users to see them # (that is, avoid stderr redirection). am_uid=`id -u || echo unknown` am_gid=`id -g || echo unknown` AC_MSG_CHECKING([whether UID '$am_uid' is supported by ustar format]) if test $am_uid -le $am_max_uid; then AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) _am_tools=none fi AC_MSG_CHECKING([whether GID '$am_gid' is supported by ustar format]) if test $am_gid -le $am_max_gid; then AC_MSG_RESULT([yes]) else AC_MSG_RESULT([no]) _am_tools=none fi], [pax], [], [m4_fatal([Unknown tar format])]) AC_MSG_CHECKING([how to create a $1 tar archive]) # Go ahead even if we have the value already cached. We do so because we # need to set the values for the 'am__tar' and 'am__untar' variables. _am_tools=${am_cv_prog_tar_$1-$_am_tools} for _am_tool in $_am_tools; do case $_am_tool in gnutar) for _am_tar in tar gnutar gtar; do AM_RUN_LOG([$_am_tar --version]) && break done am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' am__untar="$_am_tar -xf -" ;; plaintar) # Must skip GNU tar: if it does not support --format= it doesn't create # ustar tarball either. (tar --version) >/dev/null 2>&1 && continue am__tar='tar chf - "$$tardir"' am__tar_='tar chf - "$tardir"' am__untar='tar xf -' ;; pax) am__tar='pax -L -x $1 -w "$$tardir"' am__tar_='pax -L -x $1 -w "$tardir"' am__untar='pax -r' ;; cpio) am__tar='find "$$tardir" -print | cpio -o -H $1 -L' am__tar_='find "$tardir" -print | cpio -o -H $1 -L' am__untar='cpio -i -H $1 -d' ;; none) am__tar=false am__tar_=false am__untar=false ;; esac # If the value was cached, stop now. We just wanted to have am__tar # and am__untar set. test -n "${am_cv_prog_tar_$1}" && break # tar/untar a dummy directory, and stop if the command works. rm -rf conftest.dir mkdir conftest.dir echo GrepMe > conftest.dir/file AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) rm -rf conftest.dir if test -s conftest.tar; then AM_RUN_LOG([$am__untar /dev/null 2>&1 && break fi done rm -rf conftest.dir AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) AC_MSG_RESULT([$am_cv_prog_tar_$1])]) AC_SUBST([am__tar]) AC_SUBST([am__untar]) ]) # _AM_PROG_TAR m4_include([build-aux/m4/ax_check_compile_flag.m4]) m4_include([build-aux/m4/ax_check_enable_debug.m4]) m4_include([build-aux/m4/ax_is_release.m4]) uacme-1.7.6/libev/0000755000000000000000000000000014734275110010673 500000000000000uacme-1.7.6/libev/ev_epoll.c0000644000000000000000000002417514555530552012602 00000000000000/* * libev epoll fd activity backend * * Copyright (c) 2007,2008,2009,2010,2011,2016,2017,2019 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ /* * general notes about epoll: * * a) epoll silently removes fds from the fd set. as nothing tells us * that an fd has been removed otherwise, we have to continually * "rearm" fds that we suspect *might* have changed (same * problem with kqueue, but much less costly there). * b) the fact that ADD != MOD creates a lot of extra syscalls due to a) * and seems not to have any advantage. * c) the inability to handle fork or file descriptors (think dup) * limits the applicability over poll, so this is not a generic * poll replacement. * d) epoll doesn't work the same as select with many file descriptors * (such as files). while not critical, no other advanced interface * seems to share this (rather non-unixy) limitation. * e) epoll claims to be embeddable, but in practise you never get * a ready event for the epoll fd (broken: <=2.6.26, working: >=2.6.32). * f) epoll_ctl returning EPERM means the fd is always ready. * * lots of "weird code" and complication handling in this file is due * to these design problems with epoll, as we try very hard to avoid * epoll_ctl syscalls for common usage patterns and handle the breakage * ensuing from receiving events for closed and otherwise long gone * file descriptors. */ #include #define EV_EMASK_EPERM 0x80 static void epoll_modify (EV_P_ int fd, int oev, int nev) { struct epoll_event ev; unsigned char oldmask; /* * we handle EPOLL_CTL_DEL by ignoring it here * on the assumption that the fd is gone anyways * if that is wrong, we have to handle the spurious * event in epoll_poll. * if the fd is added again, we try to ADD it, and, if that * fails, we assume it still has the same eventmask. */ if (!nev) return; oldmask = anfds [fd].emask; anfds [fd].emask = nev; /* store the generation counter in the upper 32 bits, the fd in the lower 32 bits */ ev.data.u64 = (uint64_t)(uint32_t)fd | ((uint64_t)(uint32_t)++anfds [fd].egen << 32); ev.events = (nev & EV_READ ? EPOLLIN : 0) | (nev & EV_WRITE ? EPOLLOUT : 0); if (ecb_expect_true (!epoll_ctl (backend_fd, oev && oldmask != nev ? EPOLL_CTL_MOD : EPOLL_CTL_ADD, fd, &ev))) return; if (ecb_expect_true (errno == ENOENT)) { /* if ENOENT then the fd went away, so try to do the right thing */ if (!nev) goto dec_egen; if (!epoll_ctl (backend_fd, EPOLL_CTL_ADD, fd, &ev)) return; } else if (ecb_expect_true (errno == EEXIST)) { /* EEXIST means we ignored a previous DEL, but the fd is still active */ /* if the kernel mask is the same as the new mask, we assume it hasn't changed */ if (oldmask == nev) goto dec_egen; if (!epoll_ctl (backend_fd, EPOLL_CTL_MOD, fd, &ev)) return; } else if (ecb_expect_true (errno == EPERM)) { /* EPERM means the fd is always ready, but epoll is too snobbish */ /* to handle it, unlike select or poll. */ anfds [fd].emask = EV_EMASK_EPERM; /* add fd to epoll_eperms, if not already inside */ if (!(oldmask & EV_EMASK_EPERM)) { array_needsize (int, epoll_eperms, epoll_epermmax, epoll_epermcnt + 1, array_needsize_noinit); epoll_eperms [epoll_epermcnt++] = fd; } return; } else assert (("libev: I/O watcher with invalid fd found in epoll_ctl", errno != EBADF && errno != ELOOP && errno != EINVAL)); fd_kill (EV_A_ fd); dec_egen: /* we didn't successfully call epoll_ctl, so decrement the generation counter again */ --anfds [fd].egen; } static void epoll_poll (EV_P_ ev_tstamp timeout) { int i; int eventcnt; if (ecb_expect_false (epoll_epermcnt)) timeout = EV_TS_CONST (0.); /* epoll wait times cannot be larger than (LONG_MAX - 999UL) / HZ msecs, which is below */ /* the default libev max wait time, however. */ EV_RELEASE_CB; eventcnt = epoll_wait (backend_fd, epoll_events, epoll_eventmax, EV_TS_TO_MSEC (timeout)); EV_ACQUIRE_CB; if (ecb_expect_false (eventcnt < 0)) { if (errno != EINTR) ev_syserr ("(libev) epoll_wait"); return; } for (i = 0; i < eventcnt; ++i) { struct epoll_event *ev = epoll_events + i; int fd = (uint32_t)ev->data.u64; /* mask out the lower 32 bits */ int want = anfds [fd].events; int got = (ev->events & (EPOLLOUT | EPOLLERR | EPOLLHUP) ? EV_WRITE : 0) | (ev->events & (EPOLLIN | EPOLLERR | EPOLLHUP) ? EV_READ : 0); /* * check for spurious notification. * this only finds spurious notifications on egen updates * other spurious notifications will be found by epoll_ctl, below * we assume that fd is always in range, as we never shrink the anfds array */ if (ecb_expect_false ((uint32_t)anfds [fd].egen != (uint32_t)(ev->data.u64 >> 32))) { /* recreate kernel state */ postfork |= 2; continue; } if (ecb_expect_false (got & ~want)) { anfds [fd].emask = want; /* * we received an event but are not interested in it, try mod or del * this often happens because we optimistically do not unregister fds * when we are no longer interested in them, but also when we get spurious * notifications for fds from another process. this is partially handled * above with the gencounter check (== our fd is not the event fd), and * partially here, when epoll_ctl returns an error (== a child has the fd * but we closed it). * note: for events such as POLLHUP, where we can't know whether it refers * to EV_READ or EV_WRITE, we might issue redundant EPOLL_CTL_MOD calls. */ ev->events = (want & EV_READ ? EPOLLIN : 0) | (want & EV_WRITE ? EPOLLOUT : 0); /* pre-2.6.9 kernels require a non-null pointer with EPOLL_CTL_DEL, */ /* which is fortunately easy to do for us. */ if (epoll_ctl (backend_fd, want ? EPOLL_CTL_MOD : EPOLL_CTL_DEL, fd, ev)) { postfork |= 2; /* an error occurred, recreate kernel state */ continue; } } fd_event (EV_A_ fd, got); } /* if the receive array was full, increase its size */ if (ecb_expect_false (eventcnt == epoll_eventmax)) { ev_free (epoll_events); epoll_eventmax = array_nextsize (sizeof (struct epoll_event), epoll_eventmax, epoll_eventmax + 1); epoll_events = (struct epoll_event *)ev_malloc (sizeof (struct epoll_event) * epoll_eventmax); } /* now synthesize events for all fds where epoll fails, while select works... */ for (i = epoll_epermcnt; i--; ) { int fd = epoll_eperms [i]; unsigned char events = anfds [fd].events & (EV_READ | EV_WRITE); if (anfds [fd].emask & EV_EMASK_EPERM && events) fd_event (EV_A_ fd, events); else { epoll_eperms [i] = epoll_eperms [--epoll_epermcnt]; anfds [fd].emask = 0; } } } static int epoll_epoll_create (void) { int fd; #if defined EPOLL_CLOEXEC && !defined __ANDROID__ fd = epoll_create1 (EPOLL_CLOEXEC); if (fd < 0 && (errno == EINVAL || errno == ENOSYS)) #endif { fd = epoll_create (256); if (fd >= 0) fcntl (fd, F_SETFD, FD_CLOEXEC); } return fd; } inline_size int epoll_init (EV_P_ int flags) { if ((backend_fd = epoll_epoll_create ()) < 0) return 0; backend_mintime = EV_TS_CONST (1e-3); /* epoll does sometimes return early, this is just to avoid the worst */ backend_modify = epoll_modify; backend_poll = epoll_poll; epoll_eventmax = 64; /* initial number of events receivable per poll */ epoll_events = (struct epoll_event *)ev_malloc (sizeof (struct epoll_event) * epoll_eventmax); return EVBACKEND_EPOLL; } inline_size void epoll_destroy (EV_P) { ev_free (epoll_events); array_free (epoll_eperm, EMPTY); } ecb_cold static void epoll_fork (EV_P) { close (backend_fd); while ((backend_fd = epoll_epoll_create ()) < 0) ev_syserr ("(libev) epoll_create"); fd_rearm_all (EV_A); } uacme-1.7.6/libev/ev_iouring.c0000644000000000000000000004634714733013114013134 00000000000000/* * libev linux io_uring fd activity backend * * Copyright (c) 2019 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ /* * general notes about linux io_uring: * * a) it's the best interface I have seen so far. on linux. * b) best is not necessarily very good. * c) it's better than the aio mess, doesn't suffer from the fork problems * of linux aio or epoll and so on and so on. and you could do event stuff * without any syscalls. what's not to like? * d) ok, it's vastly more complex, but that's ok, really. * e) why 3 mmaps instead of one? one would be more space-efficient, * and I can't see what benefit three would have (other than being * somehow resizable/relocatable, but that's apparently not possible). * f) hmm, it's practiclaly undebuggable (gdb can't access the memory, and the bizarre way structure offsets are commuinicated makes it hard to * just print the ring buffer heads, even *iff* the memory were visible * in gdb. but then, that's also ok, really. * g) well, you cannot specify a timeout when waiting for events. no, * seriously, the interface doesn't support a timeout. never seen _that_ * before. sure, you can use a timerfd, but that's another syscall * you could have avoided. overall, this bizarre omission smells * like a µ-optimisation by the io_uring author for his personal * applications, to the detriment of everybody else who just wants * an event loop. but, umm, ok, if that's all, it could be worse. * h) there is a hardcoded limit of 4096 outstanding events. okay, * at least there is no arbitrary low system-wide limit... * i) unlike linux aio, you *can* register more then the limit * of fd events, and the kernel will "gracefully" signal an * overflow, after which you could destroy and recreate the kernel * state, a bit bigger, or fall back to e.g. poll. thats not * totally insane, but kind of questions the point a high * performance I/O framework when it doesn't really work * under stress. * j) but, oh my! is has exactly the same bugs as the linux aio backend, * where some undocumented poll combinations just fail. * so we need epoll AGAIN as a fallback. AGAIN! epoll!! and of course, * this is completely undocumented, have I mantioned this already? * k) overall, the *API* itself is, I dare to say, not a total trainwreck. * the big isuess with it are the bugs requiring epoll, which might * or might not get fixed (do I hold my breath?). */ #include #include #include #define IOURING_INIT_ENTRIES 32 /*****************************************************************************/ /* syscall wrapdadoop - this section has the raw api/abi definitions */ #include #include /* mostly directly taken from the kernel or documentation */ struct io_uring_sqe { __u8 opcode; __u8 flags; __u16 ioprio; __s32 fd; __u64 off; __u64 addr; __u32 len; union { __kernel_rwf_t rw_flags; __u32 fsync_flags; __u16 poll_events; __u32 sync_range_flags; __u32 msg_flags; }; __u64 user_data; union { __u16 buf_index; __u64 __pad2[3]; }; }; struct io_uring_cqe { __u64 user_data; __s32 res; __u32 flags; }; struct io_sqring_offsets { __u32 head; __u32 tail; __u32 ring_mask; __u32 ring_entries; __u32 flags; __u32 dropped; __u32 array; __u32 resv1; __u64 resv2; }; struct io_cqring_offsets { __u32 head; __u32 tail; __u32 ring_mask; __u32 ring_entries; __u32 overflow; __u32 cqes; __u64 resv[2]; }; struct io_uring_params { __u32 sq_entries; __u32 cq_entries; __u32 flags; __u32 sq_thread_cpu; __u32 sq_thread_idle; __u32 resv[5]; struct io_sqring_offsets sq_off; struct io_cqring_offsets cq_off; }; #define IORING_OP_POLL_ADD 6 #define IORING_OP_POLL_REMOVE 7 #define IORING_ENTER_GETEVENTS 0x01 #define IORING_OFF_SQ_RING 0x00000000ULL #define IORING_OFF_CQ_RING 0x08000000ULL #define IORING_OFF_SQES 0x10000000ULL inline_size int evsys_io_uring_setup (unsigned entries, struct io_uring_params *params) { return ev_syscall2 (SYS_io_uring_setup, entries, params); } inline_size int evsys_io_uring_enter (int fd, unsigned to_submit, unsigned min_complete, unsigned flags, const sigset_t *sig, size_t sigsz) { return ev_syscall6 (SYS_io_uring_enter, fd, to_submit, min_complete, flags, sig, sigsz); } /*****************************************************************************/ /* actual backed implementation */ /* we hope that volatile will make the compiler access this variables only once */ #define EV_SQ_VAR(name) *(volatile unsigned *)((char *)iouring_sq_ring + iouring_sq_ ## name) #define EV_CQ_VAR(name) *(volatile unsigned *)((char *)iouring_cq_ring + iouring_cq_ ## name) /* the index array */ #define EV_SQ_ARRAY ((unsigned *)((char *)iouring_sq_ring + iouring_sq_array)) /* the submit/completion queue entries */ #define EV_SQES ((struct io_uring_sqe *) iouring_sqes) #define EV_CQES ((struct io_uring_cqe *)((char *)iouring_cq_ring + iouring_cq_cqes)) static struct io_uring_sqe * iouring_sqe_get (EV_P) { unsigned tail = EV_SQ_VAR (tail); if (tail + 1 - EV_SQ_VAR (head) > EV_SQ_VAR (ring_entries)) { /* queue full, flush */ evsys_io_uring_enter (iouring_fd, iouring_to_submit, 0, 0, 0, 0); iouring_to_submit = 0; } assert (("libev: io_uring queue full after flush", tail + 1 - EV_SQ_VAR (head) <= EV_SQ_VAR (ring_entries))); return EV_SQES + (tail & EV_SQ_VAR (ring_mask)); } inline_size struct io_uring_sqe * iouring_sqe_submit (EV_P_ struct io_uring_sqe *sqe) { unsigned idx = sqe - EV_SQES; EV_SQ_ARRAY [idx] = idx; ECB_MEMORY_FENCE_RELEASE; ++EV_SQ_VAR (tail); /*ECB_MEMORY_FENCE_RELEASE; /* for the time being we assume this is not needed */ ++iouring_to_submit; } /*****************************************************************************/ /* when the timerfd expires we simply note the fact, * as the purpose of the timerfd is to wake us up, nothing else. * the next iteration should re-set it. */ static void iouring_tfd_cb (EV_P_ struct ev_io *w, int revents) { iouring_tfd_to = EV_TSTAMP_HUGE; } static void iouring_epoll_cb (EV_P_ struct ev_io *w, int revents) { epoll_poll (EV_A_ 0); } /* called for full and partial cleanup */ ecb_cold static int iouring_internal_destroy (EV_P) { close (iouring_tfd); close (iouring_fd); if (iouring_sq_ring != MAP_FAILED) munmap (iouring_sq_ring, iouring_sq_ring_size); if (iouring_cq_ring != MAP_FAILED) munmap (iouring_cq_ring, iouring_cq_ring_size); if (iouring_sqes != MAP_FAILED) munmap (iouring_sqes , iouring_sqes_size ); if (ev_is_active (&iouring_epoll_w)) ev_ref (EV_A); ev_io_stop (EV_A_ &iouring_epoll_w); if (ev_is_active (&iouring_tfd_w )) ev_ref (EV_A); ev_io_stop (EV_A_ &iouring_tfd_w ); } ecb_cold static int iouring_internal_init (EV_P) { struct io_uring_params params = { 0 }; iouring_to_submit = 0; iouring_tfd = -1; iouring_sq_ring = MAP_FAILED; iouring_cq_ring = MAP_FAILED; iouring_sqes = MAP_FAILED; for (;;) { iouring_fd = evsys_io_uring_setup (iouring_entries, ¶ms); if (iouring_fd >= 0) break; /* yippie */ if (errno != EINVAL) return -1; /* we failed */ /* EINVAL: lots of possible reasons, but maybe * it is because we hit the unqueryable hardcoded size limit */ /* we hit the limit already, give up */ if (iouring_max_entries) return -1; /* first time we hit EINVAL? assume we hit the limit, so go back and retry */ iouring_entries >>= 1; iouring_max_entries = iouring_entries; } iouring_sq_ring_size = params.sq_off.array + params.sq_entries * sizeof (unsigned); iouring_cq_ring_size = params.cq_off.cqes + params.cq_entries * sizeof (struct io_uring_cqe); iouring_sqes_size = params.sq_entries * sizeof (struct io_uring_sqe); iouring_sq_ring = mmap (0, iouring_sq_ring_size, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_POPULATE, iouring_fd, IORING_OFF_SQ_RING); iouring_cq_ring = mmap (0, iouring_cq_ring_size, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_POPULATE, iouring_fd, IORING_OFF_CQ_RING); iouring_sqes = mmap (0, iouring_sqes_size, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_POPULATE, iouring_fd, IORING_OFF_SQES); if (iouring_sq_ring == MAP_FAILED || iouring_cq_ring == MAP_FAILED || iouring_sqes == MAP_FAILED) return -1; iouring_sq_head = params.sq_off.head; iouring_sq_tail = params.sq_off.tail; iouring_sq_ring_mask = params.sq_off.ring_mask; iouring_sq_ring_entries = params.sq_off.ring_entries; iouring_sq_flags = params.sq_off.flags; iouring_sq_dropped = params.sq_off.dropped; iouring_sq_array = params.sq_off.array; iouring_cq_head = params.cq_off.head; iouring_cq_tail = params.cq_off.tail; iouring_cq_ring_mask = params.cq_off.ring_mask; iouring_cq_ring_entries = params.cq_off.ring_entries; iouring_cq_overflow = params.cq_off.overflow; iouring_cq_cqes = params.cq_off.cqes; iouring_tfd = timerfd_create (CLOCK_MONOTONIC, TFD_CLOEXEC); if (iouring_tfd < 0) return iouring_tfd; iouring_tfd_to = EV_TSTAMP_HUGE; return 0; } ecb_cold static void iouring_fork (EV_P) { iouring_internal_destroy (EV_A); while (iouring_internal_init (EV_A) < 0) ev_syserr ("(libev) io_uring_setup"); /* forking epoll should also effectively unregister all fds from the backend */ epoll_fork (EV_A); /* epoll_fork already did this. hopefully */ /*fd_rearm_all (EV_A);*/ ev_io_stop (EV_A_ &iouring_epoll_w); ev_io_set (EV_A_ &iouring_epoll_w, backend_fd, EV_READ); ev_io_start (EV_A_ &iouring_epoll_w); ev_io_stop (EV_A_ &iouring_tfd_w); ev_io_set (EV_A_ &iouring_tfd_w, iouring_tfd, EV_READ); ev_io_start (EV_A_ &iouring_tfd_w); } /*****************************************************************************/ static void iouring_modify (EV_P_ int fd, int oev, int nev) { if (ecb_expect_false (anfds [fd].eflags)) { /* we handed this fd over to epoll, so undo this first */ /* we do it manually because the optimisations on epoll_modify won't do us any good */ epoll_ctl (iouring_fd, EPOLL_CTL_DEL, fd, 0); anfds [fd].eflags = 0; oev = 0; } if (oev) { /* we assume the sqe's are all "properly" initialised */ struct io_uring_sqe *sqe = iouring_sqe_get (EV_A); sqe->opcode = IORING_OP_POLL_REMOVE; sqe->fd = fd; sqe->user_data = -1; iouring_sqe_submit (EV_A_ sqe); /* increment generation counter to avoid handling old events */ ++anfds [fd].egen; } if (nev) { struct io_uring_sqe *sqe = iouring_sqe_get (EV_A); sqe->opcode = IORING_OP_POLL_ADD; sqe->fd = fd; sqe->user_data = (uint32_t)fd | ((__u64)(uint32_t)anfds [fd].egen << 32); sqe->poll_events = (nev & EV_READ ? POLLIN : 0) | (nev & EV_WRITE ? POLLOUT : 0); iouring_sqe_submit (EV_A_ sqe); } } inline_size void iouring_tfd_update (EV_P_ ev_tstamp timeout) { ev_tstamp tfd_to = mn_now + timeout; /* we assume there will be many iterations per timer change, so * we only re-set the timerfd when we have to because its expiry * is too late. */ if (ecb_expect_false (tfd_to < iouring_tfd_to)) { struct itimerspec its; iouring_tfd_to = tfd_to; EV_TS_SET (its.it_interval, 0.); EV_TS_SET (its.it_value, tfd_to); if (timerfd_settime (iouring_tfd, TFD_TIMER_ABSTIME, &its, 0) < 0) assert (("libev: iouring timerfd_settime failed", 0)); } } inline_size void iouring_process_cqe (EV_P_ struct io_uring_cqe *cqe) { int fd = cqe->user_data & 0xffffffffU; uint32_t gen = cqe->user_data >> 32; int res = cqe->res; /* ignore fd removal events, if there are any. TODO: verify */ if (cqe->user_data == (__u64)-1) abort ();//D assert (("libev: io_uring fd must be in-bounds", fd >= 0 && fd < anfdmax)); /* documentation lies, of course. the result value is NOT like * normal syscalls, but like linux raw syscalls, i.e. negative * error numbers. fortunate, as otherwise there would be no way * to get error codes at all. still, why not document this? */ /* ignore event if generation doesn't match */ /* this should actually be very rare */ if (ecb_expect_false (gen != (uint32_t)anfds [fd].egen)) return; if (ecb_expect_false (res < 0)) { if (res == -EINVAL) { /* we assume this error code means the fd/poll combination is buggy * and fall back to epoll. * this error code might also indicate a bug, but the kernel doesn't * distinguish between those two conditions, so... sigh... */ epoll_modify (EV_A_ fd, 0, anfds [fd].events); } else if (res == -EBADF) { assert (("libev: event loop rejected bad fd", res != -EBADF)); fd_kill (EV_A_ fd); } else { errno = -res; ev_syserr ("(libev) IORING_OP_POLL_ADD"); } return; } /* feed events, we do not expect or handle POLLNVAL */ fd_event ( EV_A_ fd, (res & (POLLOUT | POLLERR | POLLHUP) ? EV_WRITE : 0) | (res & (POLLIN | POLLERR | POLLHUP) ? EV_READ : 0) ); /* io_uring is oneshot, so we need to re-arm the fd next iteration */ /* this also means we usually have to do at least one syscall per iteration */ anfds [fd].events = 0; fd_change (EV_A_ fd, EV_ANFD_REIFY); } /* called when the event queue overflows */ ecb_cold static void iouring_overflow (EV_P) { /* we have two options, resize the queue (by tearing down * everything and recreating it, or living with it * and polling. * we implement this by resizing tghe queue, and, if that fails, * we just recreate the state on every failure, which * kind of is a very inefficient poll. * one danger is, due to the bios toward lower fds, * we will only really get events for those, so * maybe we need a poll() fallback, after all. */ /*EV_CQ_VAR (overflow) = 0;*/ /* need to do this if we keep the state and poll manually */ fd_rearm_all (EV_A); /* we double the size until we hit the hard-to-probe maximum */ if (!iouring_max_entries) { iouring_entries <<= 1; iouring_fork (EV_A); } else { /* we hit the kernel limit, we should fall back to something else. * we can either poll() a few times and hope for the best, * poll always, or switch to epoll. * since we use epoll anyways, go epoll. */ iouring_internal_destroy (EV_A); /* this should make it so that on return, we don'T call any uring functions */ iouring_to_submit = 0; for (;;) { backend = epoll_init (EV_A_ 0); if (backend) break; ev_syserr ("(libev) iouring switch to epoll"); } } } /* handle any events in the completion queue, return true if there were any */ static int iouring_handle_cq (EV_P) { unsigned head, tail, mask; head = EV_CQ_VAR (head); ECB_MEMORY_FENCE_ACQUIRE; tail = EV_CQ_VAR (tail); if (head == tail) return 0; /* it can only overflow if we have events, yes, yes? */ if (ecb_expect_false (EV_CQ_VAR (overflow))) { iouring_overflow (EV_A); return 1; } mask = EV_CQ_VAR (ring_mask); do iouring_process_cqe (EV_A_ &EV_CQES [head++ & mask]); while (head != tail); EV_CQ_VAR (head) = head; ECB_MEMORY_FENCE_RELEASE; return 1; } static void iouring_poll (EV_P_ ev_tstamp timeout) { /* if we have events, no need for extra syscalls, but we might have to queue events */ if (iouring_handle_cq (EV_A)) timeout = EV_TS_CONST (0.); else /* no events, so maybe wait for some */ iouring_tfd_update (EV_A_ timeout); /* only enter the kernel if we have something to submit, or we need to wait */ if (timeout || iouring_to_submit) { int res; EV_RELEASE_CB; res = evsys_io_uring_enter (iouring_fd, iouring_to_submit, 1, timeout > EV_TS_CONST (0.) ? IORING_ENTER_GETEVENTS : 0, 0, 0); iouring_to_submit = 0; EV_ACQUIRE_CB; if (ecb_expect_false (res < 0)) if (errno == EINTR) /* ignore */; else ev_syserr ("(libev) iouring setup"); else iouring_handle_cq (EV_A); } } inline_size int iouring_init (EV_P_ int flags) { if (!epoll_init (EV_A_ 0)) return 0; iouring_entries = IOURING_INIT_ENTRIES; iouring_max_entries = 0; if (iouring_internal_init (EV_A) < 0) { iouring_internal_destroy (EV_A); return 0; } ev_io_init (&iouring_epoll_w, iouring_epoll_cb, backend_fd, EV_READ); ev_set_priority (&iouring_epoll_w, EV_MAXPRI); ev_io_init (&iouring_tfd_w, iouring_tfd_cb, iouring_tfd, EV_READ); ev_set_priority (&iouring_tfd_w, EV_MAXPRI); ev_io_start (EV_A_ &iouring_epoll_w); ev_unref (EV_A); /* watcher should not keep loop alive */ ev_io_start (EV_A_ &iouring_tfd_w); ev_unref (EV_A); /* watcher should not keep loop alive */ backend_modify = iouring_modify; backend_poll = iouring_poll; return EVBACKEND_IOURING; } inline_size void iouring_destroy (EV_P) { iouring_internal_destroy (EV_A); epoll_destroy (EV_A); } uacme-1.7.6/libev/ev_vars.h0000644000000000000000000001663214733013114012432 00000000000000/* * loop member variable declarations * * Copyright (c) 2007,2008,2009,2010,2011,2012,2013,2019 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ #define VARx(type,name) VAR(name, type name) VARx(ev_tstamp, now_floor) /* last time we refreshed rt_time */ VARx(ev_tstamp, mn_now) /* monotonic clock "now" */ VARx(ev_tstamp, rtmn_diff) /* difference realtime - monotonic time */ /* for reverse feeding of events */ VARx(W *, rfeeds) VARx(int, rfeedmax) VARx(int, rfeedcnt) VAR (pendings, ANPENDING *pendings [NUMPRI]) VAR (pendingmax, int pendingmax [NUMPRI]) VAR (pendingcnt, int pendingcnt [NUMPRI]) VARx(int, pendingpri) /* highest priority currently pending */ VARx(ev_prepare, pending_w) /* dummy pending watcher */ VARx(ev_tstamp, io_blocktime) VARx(ev_tstamp, timeout_blocktime) VARx(int, backend) VARx(int, activecnt) /* total number of active events ("refcount") */ VARx(EV_ATOMIC_T, loop_done) /* signal by ev_break */ VARx(int, backend_fd) VARx(ev_tstamp, backend_mintime) /* assumed typical timer resolution */ VAR (backend_modify, void (*backend_modify)(EV_P_ int fd, int oev, int nev)) VAR (backend_poll , void (*backend_poll)(EV_P_ ev_tstamp timeout)) VARx(ANFD *, anfds) VARx(int, anfdmax) VAR (evpipe, int evpipe [2]) VARx(ev_io, pipe_w) VARx(EV_ATOMIC_T, pipe_write_wanted) VARx(EV_ATOMIC_T, pipe_write_skipped) #if !defined(_WIN32) || EV_GENWRAP VARx(pid_t, curpid) #endif VARx(char, postfork) /* true if we need to recreate kernel state after fork */ #if EV_USE_SELECT || EV_GENWRAP VARx(void *, vec_ri) VARx(void *, vec_ro) VARx(void *, vec_wi) VARx(void *, vec_wo) #if defined(_WIN32) || EV_GENWRAP VARx(void *, vec_eo) #endif VARx(int, vec_max) #endif #if EV_USE_POLL || EV_GENWRAP VARx(struct pollfd *, polls) VARx(int, pollmax) VARx(int, pollcnt) VARx(int *, pollidxs) /* maps fds into structure indices */ VARx(int, pollidxmax) #endif #if EV_USE_EPOLL || EV_GENWRAP VARx(struct epoll_event *, epoll_events) VARx(int, epoll_eventmax) VARx(int *, epoll_eperms) VARx(int, epoll_epermcnt) VARx(int, epoll_epermmax) #endif #if EV_USE_LINUXAIO || EV_GENWRAP VARx(aio_context_t, linuxaio_ctx) VARx(int, linuxaio_iteration) VARx(struct aniocb **, linuxaio_iocbps) VARx(int, linuxaio_iocbpmax) VARx(struct iocb **, linuxaio_submits) VARx(int, linuxaio_submitcnt) VARx(int, linuxaio_submitmax) VARx(ev_io, linuxaio_epoll_w) #endif #if EV_USE_IOURING || EV_GENWRAP VARx(int, iouring_fd) VARx(unsigned, iouring_to_submit); VARx(int, iouring_entries) VARx(int, iouring_max_entries) VARx(void *, iouring_sq_ring) VARx(void *, iouring_cq_ring) VARx(void *, iouring_sqes) VARx(uint32_t, iouring_sq_ring_size) VARx(uint32_t, iouring_cq_ring_size) VARx(uint32_t, iouring_sqes_size) VARx(uint32_t, iouring_sq_head) VARx(uint32_t, iouring_sq_tail) VARx(uint32_t, iouring_sq_ring_mask) VARx(uint32_t, iouring_sq_ring_entries) VARx(uint32_t, iouring_sq_flags) VARx(uint32_t, iouring_sq_dropped) VARx(uint32_t, iouring_sq_array) VARx(uint32_t, iouring_cq_head) VARx(uint32_t, iouring_cq_tail) VARx(uint32_t, iouring_cq_ring_mask) VARx(uint32_t, iouring_cq_ring_entries) VARx(uint32_t, iouring_cq_overflow) VARx(uint32_t, iouring_cq_cqes) VARx(ev_tstamp, iouring_tfd_to) VARx(int, iouring_tfd) VARx(ev_io, iouring_tfd_w) VARx(ev_io, iouring_epoll_w) #endif #if EV_USE_KQUEUE || EV_GENWRAP VARx(pid_t, kqueue_fd_pid) VARx(struct kevent *, kqueue_changes) VARx(int, kqueue_changemax) VARx(int, kqueue_changecnt) VARx(struct kevent *, kqueue_events) VARx(int, kqueue_eventmax) #endif #if EV_USE_PORT || EV_GENWRAP VARx(struct port_event *, port_events) VARx(int, port_eventmax) #endif #if EV_USE_IOCP || EV_GENWRAP VARx(HANDLE, iocp) #endif VARx(int *, fdchanges) VARx(int, fdchangemax) VARx(int, fdchangecnt) VARx(ANHE *, timers) VARx(int, timermax) VARx(int, timercnt) #if EV_PERIODIC_ENABLE || EV_GENWRAP VARx(ANHE *, periodics) VARx(int, periodicmax) VARx(int, periodiccnt) #endif #if EV_IDLE_ENABLE || EV_GENWRAP VAR (idles, ev_idle **idles [NUMPRI]) VAR (idlemax, int idlemax [NUMPRI]) VAR (idlecnt, int idlecnt [NUMPRI]) #endif VARx(int, idleall) /* total number */ VARx(struct ev_prepare **, prepares) VARx(int, preparemax) VARx(int, preparecnt) VARx(struct ev_check **, checks) VARx(int, checkmax) VARx(int, checkcnt) #if EV_FORK_ENABLE || EV_GENWRAP VARx(struct ev_fork **, forks) VARx(int, forkmax) VARx(int, forkcnt) #endif #if EV_CLEANUP_ENABLE || EV_GENWRAP VARx(struct ev_cleanup **, cleanups) VARx(int, cleanupmax) VARx(int, cleanupcnt) #endif #if EV_ASYNC_ENABLE || EV_GENWRAP VARx(EV_ATOMIC_T, async_pending) VARx(struct ev_async **, asyncs) VARx(int, asyncmax) VARx(int, asynccnt) #endif #if EV_USE_INOTIFY || EV_GENWRAP VARx(int, fs_fd) VARx(ev_io, fs_w) VARx(char, fs_2625) /* whether we are running in linux 2.6.25 or newer */ VAR (fs_hash, ANFS fs_hash [EV_INOTIFY_HASHSIZE]) #endif VARx(EV_ATOMIC_T, sig_pending) #if EV_USE_SIGNALFD || EV_GENWRAP VARx(int, sigfd) VARx(ev_io, sigfd_w) VARx(sigset_t, sigfd_set) #endif #if EV_USE_TIMERFD || EV_GENWRAP VARx(int, timerfd) /* timerfd for time jump detection */ VARx(ev_io, timerfd_w) #endif VARx(unsigned int, origflags) /* original loop flags */ #if EV_FEATURE_API || EV_GENWRAP VARx(unsigned int, loop_count) /* total number of loop iterations/blocks */ VARx(unsigned int, loop_depth) /* #ev_run enters - #ev_run leaves */ VARx(void *, userdata) /* C++ doesn't support the ev_loop_callback typedef here. stinks. */ VAR (release_cb, void (*release_cb)(EV_P) EV_NOEXCEPT) VAR (acquire_cb, void (*acquire_cb)(EV_P) EV_NOEXCEPT) VAR (invoke_cb , ev_loop_callback invoke_cb) #endif #undef VARx uacme-1.7.6/libev/ev_port.c0000644000000000000000000001460014555530552012443 00000000000000/* * libev solaris event port backend * * Copyright (c) 2007,2008,2009,2010,2011,2019 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ /* useful reading: * * http://bugs.opensolaris.org/view_bug.do?bug_id=6268715 (random results) * http://bugs.opensolaris.org/view_bug.do?bug_id=6455223 (just totally broken) * http://bugs.opensolaris.org/view_bug.do?bug_id=6873782 (manpage ETIME) * http://bugs.opensolaris.org/view_bug.do?bug_id=6874410 (implementation ETIME) * http://www.mail-archive.com/networking-discuss@opensolaris.org/msg11898.html ETIME vs. nget * http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/lib/libc/port/gen/event_port.c (libc) * http://cvs.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/uts/common/fs/portfs/port.c#1325 (kernel) */ #include #include #include #include #include #include inline_speed void port_associate_and_check (EV_P_ int fd, int ev) { if (0 > port_associate ( backend_fd, PORT_SOURCE_FD, fd, (ev & EV_READ ? POLLIN : 0) | (ev & EV_WRITE ? POLLOUT : 0), 0 ) ) { if (errno == EBADFD) { assert (("libev: port_associate found invalid fd", errno != EBADFD)); fd_kill (EV_A_ fd); } else ev_syserr ("(libev) port_associate"); } } static void port_modify (EV_P_ int fd, int oev, int nev) { /* we need to reassociate no matter what, as closes are * once more silently being discarded. */ if (!nev) { if (oev) port_dissociate (backend_fd, PORT_SOURCE_FD, fd); } else port_associate_and_check (EV_A_ fd, nev); } static void port_poll (EV_P_ ev_tstamp timeout) { int res, i; struct timespec ts; uint_t nget = 1; /* we initialise this to something we will skip in the loop, as */ /* port_getn can return with nget unchanged, but no indication */ /* whether it was the original value or has been updated :/ */ port_events [0].portev_source = 0; EV_RELEASE_CB; EV_TS_SET (ts, timeout); res = port_getn (backend_fd, port_events, port_eventmax, &nget, &ts); EV_ACQUIRE_CB; /* port_getn may or may not set nget on error */ /* so we rely on port_events [0].portev_source not being updated */ if (res == -1 && errno != ETIME && errno != EINTR) ev_syserr ("(libev) port_getn (see http://bugs.opensolaris.org/view_bug.do?bug_id=6268715, try LIBEV_FLAGS=3 env variable)"); for (i = 0; i < nget; ++i) { if (port_events [i].portev_source == PORT_SOURCE_FD) { int fd = port_events [i].portev_object; fd_event ( EV_A_ fd, (port_events [i].portev_events & (POLLOUT | POLLERR | POLLHUP) ? EV_WRITE : 0) | (port_events [i].portev_events & (POLLIN | POLLERR | POLLHUP) ? EV_READ : 0) ); fd_change (EV_A_ fd, EV__IOFDSET); } } if (ecb_expect_false (nget == port_eventmax)) { ev_free (port_events); port_eventmax = array_nextsize (sizeof (port_event_t), port_eventmax, port_eventmax + 1); port_events = (port_event_t *)ev_malloc (sizeof (port_event_t) * port_eventmax); } } inline_size int port_init (EV_P_ int flags) { /* Initialize the kernel queue */ if ((backend_fd = port_create ()) < 0) return 0; assert (("libev: PORT_SOURCE_FD must not be zero", PORT_SOURCE_FD)); fcntl (backend_fd, F_SETFD, FD_CLOEXEC); /* not sure if necessary, hopefully doesn't hurt */ /* if my reading of the opensolaris kernel sources are correct, then * opensolaris does something very stupid: it checks if the time has already * elapsed and doesn't round up if that is the case, otherwise it DOES round * up. Since we can't know what the case is, we need to guess by using a * "large enough" timeout. Normally, 1e-9 would be correct. */ backend_mintime = EV_TS_CONST (1e-3); /* needed to compensate for port_getn returning early */ backend_modify = port_modify; backend_poll = port_poll; port_eventmax = 64; /* initial number of events receivable per poll */ port_events = (port_event_t *)ev_malloc (sizeof (port_event_t) * port_eventmax); return EVBACKEND_PORT; } inline_size void port_destroy (EV_P) { ev_free (port_events); } inline_size void port_fork (EV_P) { close (backend_fd); while ((backend_fd = port_create ()) < 0) ev_syserr ("(libev) port"); fcntl (backend_fd, F_SETFD, FD_CLOEXEC); /* re-register interest in fds */ fd_rearm_all (EV_A); } uacme-1.7.6/libev/ev.h0000644000000000000000000007252014733013114011375 00000000000000/* * libev native API header * * Copyright (c) 2007-2019 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ #ifndef EV_H_ #define EV_H_ #ifdef __cplusplus # define EV_CPP(x) x # if __cplusplus >= 201103L # define EV_NOEXCEPT noexcept # else # define EV_NOEXCEPT # endif #else # define EV_CPP(x) # define EV_NOEXCEPT #endif #define EV_THROW EV_NOEXCEPT /* pre-4.25, do not use in new code */ EV_CPP(extern "C" {) /*****************************************************************************/ /* pre-4.0 compatibility */ #ifndef EV_COMPAT3 # define EV_COMPAT3 1 #endif #ifndef EV_FEATURES # if defined __OPTIMIZE_SIZE__ # define EV_FEATURES 0x7c # else # define EV_FEATURES 0x7f # endif #endif #define EV_FEATURE_CODE ((EV_FEATURES) & 1) #define EV_FEATURE_DATA ((EV_FEATURES) & 2) #define EV_FEATURE_CONFIG ((EV_FEATURES) & 4) #define EV_FEATURE_API ((EV_FEATURES) & 8) #define EV_FEATURE_WATCHERS ((EV_FEATURES) & 16) #define EV_FEATURE_BACKENDS ((EV_FEATURES) & 32) #define EV_FEATURE_OS ((EV_FEATURES) & 64) /* these priorities are inclusive, higher priorities will be invoked earlier */ #ifndef EV_MINPRI # define EV_MINPRI (EV_FEATURE_CONFIG ? -2 : 0) #endif #ifndef EV_MAXPRI # define EV_MAXPRI (EV_FEATURE_CONFIG ? +2 : 0) #endif #ifndef EV_MULTIPLICITY # define EV_MULTIPLICITY EV_FEATURE_CONFIG #endif #ifndef EV_PERIODIC_ENABLE # define EV_PERIODIC_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_STAT_ENABLE # define EV_STAT_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_PREPARE_ENABLE # define EV_PREPARE_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_CHECK_ENABLE # define EV_CHECK_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_IDLE_ENABLE # define EV_IDLE_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_FORK_ENABLE # define EV_FORK_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_CLEANUP_ENABLE # define EV_CLEANUP_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_SIGNAL_ENABLE # define EV_SIGNAL_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_CHILD_ENABLE # ifdef _WIN32 # define EV_CHILD_ENABLE 0 # else # define EV_CHILD_ENABLE EV_FEATURE_WATCHERS #endif #endif #ifndef EV_ASYNC_ENABLE # define EV_ASYNC_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_EMBED_ENABLE # define EV_EMBED_ENABLE EV_FEATURE_WATCHERS #endif #ifndef EV_WALK_ENABLE # define EV_WALK_ENABLE 0 /* not yet */ #endif /*****************************************************************************/ #if EV_CHILD_ENABLE && !EV_SIGNAL_ENABLE # undef EV_SIGNAL_ENABLE # define EV_SIGNAL_ENABLE 1 #endif /*****************************************************************************/ #ifndef EV_TSTAMP_T # define EV_TSTAMP_T double #endif typedef EV_TSTAMP_T ev_tstamp; #include /* for memmove */ #ifndef EV_ATOMIC_T # include # define EV_ATOMIC_T sig_atomic_t volatile #endif #if EV_STAT_ENABLE # ifdef _WIN32 # include # include # endif # include #endif /* support multiple event loops? */ #if EV_MULTIPLICITY struct ev_loop; # define EV_P struct ev_loop *loop /* a loop as sole parameter in a declaration */ # define EV_P_ EV_P, /* a loop as first of multiple parameters */ # define EV_A loop /* a loop as sole argument to a function call */ # define EV_A_ EV_A, /* a loop as first of multiple arguments */ # define EV_DEFAULT_UC ev_default_loop_uc_ () /* the default loop, if initialised, as sole arg */ # define EV_DEFAULT_UC_ EV_DEFAULT_UC, /* the default loop as first of multiple arguments */ # define EV_DEFAULT ev_default_loop (0) /* the default loop as sole arg */ # define EV_DEFAULT_ EV_DEFAULT, /* the default loop as first of multiple arguments */ #else # define EV_P void # define EV_P_ # define EV_A # define EV_A_ # define EV_DEFAULT # define EV_DEFAULT_ # define EV_DEFAULT_UC # define EV_DEFAULT_UC_ # undef EV_EMBED_ENABLE #endif /* EV_INLINE is used for functions in header files */ #if __STDC_VERSION__ >= 199901L || __GNUC__ >= 3 # define EV_INLINE static inline #else # define EV_INLINE static #endif #ifdef EV_API_STATIC # define EV_API_DECL static #else # define EV_API_DECL extern #endif /* EV_PROTOTYPES can be used to switch of prototype declarations */ #ifndef EV_PROTOTYPES # define EV_PROTOTYPES 1 #endif /*****************************************************************************/ #define EV_VERSION_MAJOR 4 #define EV_VERSION_MINOR 31 /* eventmask, revents, events... */ enum { EV_UNDEF = (int)0xFFFFFFFF, /* guaranteed to be invalid */ EV_NONE = 0x00, /* no events */ EV_READ = 0x01, /* ev_io detected read will not block */ EV_WRITE = 0x02, /* ev_io detected write will not block */ EV__IOFDSET = 0x80, /* internal use only */ EV_IO = EV_READ, /* alias for type-detection */ EV_TIMER = 0x00000100, /* timer timed out */ #if EV_COMPAT3 EV_TIMEOUT = EV_TIMER, /* pre 4.0 API compatibility */ #endif EV_PERIODIC = 0x00000200, /* periodic timer timed out */ EV_SIGNAL = 0x00000400, /* signal was received */ EV_CHILD = 0x00000800, /* child/pid had status change */ EV_STAT = 0x00001000, /* stat data changed */ EV_IDLE = 0x00002000, /* event loop is idling */ EV_PREPARE = 0x00004000, /* event loop about to poll */ EV_CHECK = 0x00008000, /* event loop finished poll */ EV_EMBED = 0x00010000, /* embedded event loop needs sweep */ EV_FORK = 0x00020000, /* event loop resumed in child */ EV_CLEANUP = 0x00040000, /* event loop resumed in child */ EV_ASYNC = 0x00080000, /* async intra-loop signal */ EV_CUSTOM = 0x01000000, /* for use by user code */ EV_ERROR = (int)0x80000000 /* sent when an error occurs */ }; /* can be used to add custom fields to all watchers, while losing binary compatibility */ #ifndef EV_COMMON # define EV_COMMON void *data; #endif #ifndef EV_CB_DECLARE # define EV_CB_DECLARE(type) void (*cb)(EV_P_ struct type *w, int revents); #endif #ifndef EV_CB_INVOKE # define EV_CB_INVOKE(watcher,revents) (watcher)->cb (EV_A_ (watcher), (revents)) #endif /* not official, do not use */ #define EV_CB(type,name) void name (EV_P_ struct ev_ ## type *w, int revents) /* * struct member types: * private: you may look at them, but not change them, * and they might not mean anything to you. * ro: can be read anytime, but only changed when the watcher isn't active. * rw: can be read and modified anytime, even when the watcher is active. * * some internal details that might be helpful for debugging: * * active is either 0, which means the watcher is not active, * or the array index of the watcher (periodics, timers) * or the array index + 1 (most other watchers) * or simply 1 for watchers that aren't in some array. * pending is either 0, in which case the watcher isn't, * or the array index + 1 in the pendings array. */ #if EV_MINPRI == EV_MAXPRI # define EV_DECL_PRIORITY #elif !defined (EV_DECL_PRIORITY) # define EV_DECL_PRIORITY int priority; #endif /* shared by all watchers */ #define EV_WATCHER(type) \ int active; /* private */ \ int pending; /* private */ \ EV_DECL_PRIORITY /* private */ \ EV_COMMON /* rw */ \ EV_CB_DECLARE (type) /* private */ #define EV_WATCHER_LIST(type) \ EV_WATCHER (type) \ struct ev_watcher_list *next; /* private */ #define EV_WATCHER_TIME(type) \ EV_WATCHER (type) \ ev_tstamp at; /* private */ /* base class, nothing to see here unless you subclass */ typedef struct ev_watcher { EV_WATCHER (ev_watcher) } ev_watcher; /* base class, nothing to see here unless you subclass */ typedef struct ev_watcher_list { EV_WATCHER_LIST (ev_watcher_list) } ev_watcher_list; /* base class, nothing to see here unless you subclass */ typedef struct ev_watcher_time { EV_WATCHER_TIME (ev_watcher_time) } ev_watcher_time; /* invoked when fd is either EV_READable or EV_WRITEable */ /* revent EV_READ, EV_WRITE */ typedef struct ev_io { EV_WATCHER_LIST (ev_io) int fd; /* ro */ int events; /* ro */ } ev_io; /* invoked after a specific time, repeatable (based on monotonic clock) */ /* revent EV_TIMEOUT */ typedef struct ev_timer { EV_WATCHER_TIME (ev_timer) ev_tstamp repeat; /* rw */ } ev_timer; /* invoked at some specific time, possibly repeating at regular intervals (based on UTC) */ /* revent EV_PERIODIC */ typedef struct ev_periodic { EV_WATCHER_TIME (ev_periodic) ev_tstamp offset; /* rw */ ev_tstamp interval; /* rw */ ev_tstamp (*reschedule_cb)(struct ev_periodic *w, ev_tstamp now) EV_NOEXCEPT; /* rw */ } ev_periodic; /* invoked when the given signal has been received */ /* revent EV_SIGNAL */ typedef struct ev_signal { EV_WATCHER_LIST (ev_signal) int signum; /* ro */ } ev_signal; /* invoked when sigchld is received and waitpid indicates the given pid */ /* revent EV_CHILD */ /* does not support priorities */ typedef struct ev_child { EV_WATCHER_LIST (ev_child) int flags; /* private */ int pid; /* ro */ int rpid; /* rw, holds the received pid */ int rstatus; /* rw, holds the exit status, use the macros from sys/wait.h */ } ev_child; #if EV_STAT_ENABLE /* st_nlink = 0 means missing file or other error */ # ifdef _WIN32 typedef struct _stati64 ev_statdata; # else typedef struct stat ev_statdata; # endif /* invoked each time the stat data changes for a given path */ /* revent EV_STAT */ typedef struct ev_stat { EV_WATCHER_LIST (ev_stat) ev_timer timer; /* private */ ev_tstamp interval; /* ro */ const char *path; /* ro */ ev_statdata prev; /* ro */ ev_statdata attr; /* ro */ int wd; /* wd for inotify, fd for kqueue */ } ev_stat; #endif #if EV_IDLE_ENABLE /* invoked when the nothing else needs to be done, keeps the process from blocking */ /* revent EV_IDLE */ typedef struct ev_idle { EV_WATCHER (ev_idle) } ev_idle; #endif /* invoked for each run of the mainloop, just before the blocking call */ /* you can still change events in any way you like */ /* revent EV_PREPARE */ typedef struct ev_prepare { EV_WATCHER (ev_prepare) } ev_prepare; /* invoked for each run of the mainloop, just after the blocking call */ /* revent EV_CHECK */ typedef struct ev_check { EV_WATCHER (ev_check) } ev_check; #if EV_FORK_ENABLE /* the callback gets invoked before check in the child process when a fork was detected */ /* revent EV_FORK */ typedef struct ev_fork { EV_WATCHER (ev_fork) } ev_fork; #endif #if EV_CLEANUP_ENABLE /* is invoked just before the loop gets destroyed */ /* revent EV_CLEANUP */ typedef struct ev_cleanup { EV_WATCHER (ev_cleanup) } ev_cleanup; #endif #if EV_EMBED_ENABLE /* used to embed an event loop inside another */ /* the callback gets invoked when the event loop has handled events, and can be 0 */ typedef struct ev_embed { EV_WATCHER (ev_embed) struct ev_loop *other; /* ro */ ev_io io; /* private */ ev_prepare prepare; /* private */ ev_check check; /* unused */ ev_timer timer; /* unused */ ev_periodic periodic; /* unused */ ev_idle idle; /* unused */ ev_fork fork; /* private */ #if EV_CLEANUP_ENABLE ev_cleanup cleanup; /* unused */ #endif } ev_embed; #endif #if EV_ASYNC_ENABLE /* invoked when somebody calls ev_async_send on the watcher */ /* revent EV_ASYNC */ typedef struct ev_async { EV_WATCHER (ev_async) EV_ATOMIC_T sent; /* private */ } ev_async; # define ev_async_pending(w) (+(w)->sent) #endif /* the presence of this union forces similar struct layout */ union ev_any_watcher { struct ev_watcher w; struct ev_watcher_list wl; struct ev_io io; struct ev_timer timer; struct ev_periodic periodic; struct ev_signal signal; struct ev_child child; #if EV_STAT_ENABLE struct ev_stat stat; #endif #if EV_IDLE_ENABLE struct ev_idle idle; #endif struct ev_prepare prepare; struct ev_check check; #if EV_FORK_ENABLE struct ev_fork fork; #endif #if EV_CLEANUP_ENABLE struct ev_cleanup cleanup; #endif #if EV_EMBED_ENABLE struct ev_embed embed; #endif #if EV_ASYNC_ENABLE struct ev_async async; #endif }; /* flag bits for ev_default_loop and ev_loop_new */ enum { /* the default */ EVFLAG_AUTO = 0x00000000U, /* not quite a mask */ /* flag bits */ EVFLAG_NOENV = 0x01000000U, /* do NOT consult environment */ EVFLAG_FORKCHECK = 0x02000000U, /* check for a fork in each iteration */ /* debugging/feature disable */ EVFLAG_NOINOTIFY = 0x00100000U, /* do not attempt to use inotify */ #if EV_COMPAT3 EVFLAG_NOSIGFD = 0, /* compatibility to pre-3.9 */ #endif EVFLAG_SIGNALFD = 0x00200000U, /* attempt to use signalfd */ EVFLAG_NOSIGMASK = 0x00400000U, /* avoid modifying the signal mask */ EVFLAG_NOTIMERFD = 0x00800000U /* avoid creating a timerfd */ }; /* method bits to be ored together */ enum { EVBACKEND_SELECT = 0x00000001U, /* available just about anywhere */ EVBACKEND_POLL = 0x00000002U, /* !win, !aix, broken on osx */ EVBACKEND_EPOLL = 0x00000004U, /* linux */ EVBACKEND_KQUEUE = 0x00000008U, /* bsd, broken on osx */ EVBACKEND_DEVPOLL = 0x00000010U, /* solaris 8 */ /* NYI */ EVBACKEND_PORT = 0x00000020U, /* solaris 10 */ EVBACKEND_LINUXAIO = 0x00000040U, /* linuix AIO, 4.19+ */ EVBACKEND_IOURING = 0x00000080U, /* linux io_uring, 5.1+ */ EVBACKEND_ALL = 0x000000FFU, /* all known backends */ EVBACKEND_MASK = 0x0000FFFFU /* all future backends */ }; #if EV_PROTOTYPES EV_API_DECL int ev_version_major (void) EV_NOEXCEPT; EV_API_DECL int ev_version_minor (void) EV_NOEXCEPT; EV_API_DECL unsigned int ev_supported_backends (void) EV_NOEXCEPT; EV_API_DECL unsigned int ev_recommended_backends (void) EV_NOEXCEPT; EV_API_DECL unsigned int ev_embeddable_backends (void) EV_NOEXCEPT; EV_API_DECL ev_tstamp ev_time (void) EV_NOEXCEPT; EV_API_DECL void ev_sleep (ev_tstamp delay) EV_NOEXCEPT; /* sleep for a while */ /* Sets the allocation function to use, works like realloc. * It is used to allocate and free memory. * If it returns zero when memory needs to be allocated, the library might abort * or take some potentially destructive action. * The default is your system realloc function. */ EV_API_DECL void ev_set_allocator (void *(*cb)(void *ptr, long size) EV_NOEXCEPT) EV_NOEXCEPT; /* set the callback function to call on a * retryable syscall error * (such as failed select, poll, epoll_wait) */ EV_API_DECL void ev_set_syserr_cb (void (*cb)(const char *msg) EV_NOEXCEPT) EV_NOEXCEPT; #if EV_MULTIPLICITY /* the default loop is the only one that handles signals and child watchers */ /* you can call this as often as you like */ EV_API_DECL struct ev_loop *ev_default_loop (unsigned int flags EV_CPP (= 0)) EV_NOEXCEPT; #ifdef EV_API_STATIC EV_API_DECL struct ev_loop *ev_default_loop_ptr; #endif EV_INLINE struct ev_loop * ev_default_loop_uc_ (void) EV_NOEXCEPT { extern struct ev_loop *ev_default_loop_ptr; return ev_default_loop_ptr; } EV_INLINE int ev_is_default_loop (EV_P) EV_NOEXCEPT { return EV_A == EV_DEFAULT_UC; } /* create and destroy alternative loops that don't handle signals */ EV_API_DECL struct ev_loop *ev_loop_new (unsigned int flags EV_CPP (= 0)) EV_NOEXCEPT; EV_API_DECL ev_tstamp ev_now (EV_P) EV_NOEXCEPT; /* time w.r.t. timers and the eventloop, updated after each poll */ #else EV_API_DECL int ev_default_loop (unsigned int flags EV_CPP (= 0)) EV_NOEXCEPT; /* returns true when successful */ EV_API_DECL ev_tstamp ev_rt_now; EV_INLINE ev_tstamp ev_now (void) EV_NOEXCEPT { return ev_rt_now; } /* looks weird, but ev_is_default_loop (EV_A) still works if this exists */ EV_INLINE int ev_is_default_loop (void) EV_NOEXCEPT { return 1; } #endif /* multiplicity */ /* destroy event loops, also works for the default loop */ EV_API_DECL void ev_loop_destroy (EV_P); /* this needs to be called after fork, to duplicate the loop */ /* when you want to re-use it in the child */ /* you can call it in either the parent or the child */ /* you can actually call it at any time, anywhere :) */ EV_API_DECL void ev_loop_fork (EV_P) EV_NOEXCEPT; EV_API_DECL unsigned int ev_backend (EV_P) EV_NOEXCEPT; /* backend in use by loop */ EV_API_DECL void ev_now_update (EV_P) EV_NOEXCEPT; /* update event loop time */ #if EV_WALK_ENABLE /* walk (almost) all watchers in the loop of a given type, invoking the */ /* callback on every such watcher. The callback might stop the watcher, */ /* but do nothing else with the loop */ EV_API_DECL void ev_walk (EV_P_ int types, void (*cb)(EV_P_ int type, void *w)) EV_NOEXCEPT; #endif #endif /* prototypes */ /* ev_run flags values */ enum { EVRUN_NOWAIT = 1, /* do not block/wait */ EVRUN_ONCE = 2 /* block *once* only */ }; /* ev_break how values */ enum { EVBREAK_CANCEL = 0, /* undo unloop */ EVBREAK_ONE = 1, /* unloop once */ EVBREAK_ALL = 2 /* unloop all loops */ }; #if EV_PROTOTYPES EV_API_DECL int ev_run (EV_P_ int flags EV_CPP (= 0)); EV_API_DECL void ev_break (EV_P_ int how EV_CPP (= EVBREAK_ONE)) EV_NOEXCEPT; /* break out of the loop */ /* * ref/unref can be used to add or remove a refcount on the mainloop. every watcher * keeps one reference. if you have a long-running watcher you never unregister that * should not keep ev_loop from running, unref() after starting, and ref() before stopping. */ EV_API_DECL void ev_ref (EV_P) EV_NOEXCEPT; EV_API_DECL void ev_unref (EV_P) EV_NOEXCEPT; /* * convenience function, wait for a single event, without registering an event watcher * if timeout is < 0, do wait indefinitely */ EV_API_DECL void ev_once (EV_P_ int fd, int events, ev_tstamp timeout, void (*cb)(int revents, void *arg), void *arg) EV_NOEXCEPT; # if EV_FEATURE_API EV_API_DECL unsigned int ev_iteration (EV_P) EV_NOEXCEPT; /* number of loop iterations */ EV_API_DECL unsigned int ev_depth (EV_P) EV_NOEXCEPT; /* #ev_loop enters - #ev_loop leaves */ EV_API_DECL void ev_verify (EV_P) EV_NOEXCEPT; /* abort if loop data corrupted */ EV_API_DECL void ev_set_io_collect_interval (EV_P_ ev_tstamp interval) EV_NOEXCEPT; /* sleep at least this time, default 0 */ EV_API_DECL void ev_set_timeout_collect_interval (EV_P_ ev_tstamp interval) EV_NOEXCEPT; /* sleep at least this time, default 0 */ /* advanced stuff for threading etc. support, see docs */ EV_API_DECL void ev_set_userdata (EV_P_ void *data) EV_NOEXCEPT; EV_API_DECL void *ev_userdata (EV_P) EV_NOEXCEPT; typedef void (*ev_loop_callback)(EV_P); EV_API_DECL void ev_set_invoke_pending_cb (EV_P_ ev_loop_callback invoke_pending_cb) EV_NOEXCEPT; /* C++ doesn't allow the use of the ev_loop_callback typedef here, so we need to spell it out */ EV_API_DECL void ev_set_loop_release_cb (EV_P_ void (*release)(EV_P) EV_NOEXCEPT, void (*acquire)(EV_P) EV_NOEXCEPT) EV_NOEXCEPT; EV_API_DECL unsigned int ev_pending_count (EV_P) EV_NOEXCEPT; /* number of pending events, if any */ EV_API_DECL void ev_invoke_pending (EV_P); /* invoke all pending watchers */ /* * stop/start the timer handling. */ EV_API_DECL void ev_suspend (EV_P) EV_NOEXCEPT; EV_API_DECL void ev_resume (EV_P) EV_NOEXCEPT; #endif #endif /* these may evaluate ev multiple times, and the other arguments at most once */ /* either use ev_init + ev_TYPE_set, or the ev_TYPE_init macro, below, to first initialise a watcher */ #define ev_init(ev,cb_) do { \ ((ev_watcher *)(void *)(ev))->active = \ ((ev_watcher *)(void *)(ev))->pending = 0; \ ev_set_priority ((ev), 0); \ ev_set_cb ((ev), cb_); \ } while (0) #define ev_io_set(ev,fd_,events_) do { (ev)->fd = (fd_); (ev)->events = (events_) | EV__IOFDSET; } while (0) #define ev_timer_set(ev,after_,repeat_) do { ((ev_watcher_time *)(ev))->at = (after_); (ev)->repeat = (repeat_); } while (0) #define ev_periodic_set(ev,ofs_,ival_,rcb_) do { (ev)->offset = (ofs_); (ev)->interval = (ival_); (ev)->reschedule_cb = (rcb_); } while (0) #define ev_signal_set(ev,signum_) do { (ev)->signum = (signum_); } while (0) #define ev_child_set(ev,pid_,trace_) do { (ev)->pid = (pid_); (ev)->flags = !!(trace_); } while (0) #define ev_stat_set(ev,path_,interval_) do { (ev)->path = (path_); (ev)->interval = (interval_); (ev)->wd = -2; } while (0) #define ev_idle_set(ev) /* nop, yes, this is a serious in-joke */ #define ev_prepare_set(ev) /* nop, yes, this is a serious in-joke */ #define ev_check_set(ev) /* nop, yes, this is a serious in-joke */ #define ev_embed_set(ev,other_) do { (ev)->other = (other_); } while (0) #define ev_fork_set(ev) /* nop, yes, this is a serious in-joke */ #define ev_cleanup_set(ev) /* nop, yes, this is a serious in-joke */ #define ev_async_set(ev) /* nop, yes, this is a serious in-joke */ #define ev_io_init(ev,cb,fd,events) do { ev_init ((ev), (cb)); ev_io_set ((ev),(fd),(events)); } while (0) #define ev_timer_init(ev,cb,after,repeat) do { ev_init ((ev), (cb)); ev_timer_set ((ev),(after),(repeat)); } while (0) #define ev_periodic_init(ev,cb,ofs,ival,rcb) do { ev_init ((ev), (cb)); ev_periodic_set ((ev),(ofs),(ival),(rcb)); } while (0) #define ev_signal_init(ev,cb,signum) do { ev_init ((ev), (cb)); ev_signal_set ((ev), (signum)); } while (0) #define ev_child_init(ev,cb,pid,trace) do { ev_init ((ev), (cb)); ev_child_set ((ev),(pid),(trace)); } while (0) #define ev_stat_init(ev,cb,path,interval) do { ev_init ((ev), (cb)); ev_stat_set ((ev),(path),(interval)); } while (0) #define ev_idle_init(ev,cb) do { ev_init ((ev), (cb)); ev_idle_set ((ev)); } while (0) #define ev_prepare_init(ev,cb) do { ev_init ((ev), (cb)); ev_prepare_set ((ev)); } while (0) #define ev_check_init(ev,cb) do { ev_init ((ev), (cb)); ev_check_set ((ev)); } while (0) #define ev_embed_init(ev,cb,other) do { ev_init ((ev), (cb)); ev_embed_set ((ev),(other)); } while (0) #define ev_fork_init(ev,cb) do { ev_init ((ev), (cb)); ev_fork_set ((ev)); } while (0) #define ev_cleanup_init(ev,cb) do { ev_init ((ev), (cb)); ev_cleanup_set ((ev)); } while (0) #define ev_async_init(ev,cb) do { ev_init ((ev), (cb)); ev_async_set ((ev)); } while (0) #define ev_is_pending(ev) (0 + ((ev_watcher *)(void *)(ev))->pending) /* ro, true when watcher is waiting for callback invocation */ #define ev_is_active(ev) (0 + ((ev_watcher *)(void *)(ev))->active) /* ro, true when the watcher has been started */ #define ev_cb_(ev) (ev)->cb /* rw */ #define ev_cb(ev) (memmove (&ev_cb_ (ev), &((ev_watcher *)(ev))->cb, sizeof (ev_cb_ (ev))), (ev)->cb) #if EV_MINPRI == EV_MAXPRI # define ev_priority(ev) ((ev), EV_MINPRI) # define ev_set_priority(ev,pri) ((ev), (pri)) #else # define ev_priority(ev) (+(((ev_watcher *)(void *)(ev))->priority)) # define ev_set_priority(ev,pri) ( (ev_watcher *)(void *)(ev))->priority = (pri) #endif #define ev_periodic_at(ev) (+((ev_watcher_time *)(ev))->at) #ifndef ev_set_cb # define ev_set_cb(ev,cb_) (ev_cb_ (ev) = (cb_), memmove (&((ev_watcher *)(ev))->cb, &ev_cb_ (ev), sizeof (ev_cb_ (ev)))) #endif /* stopping (enabling, adding) a watcher does nothing if it is already running */ /* stopping (disabling, deleting) a watcher does nothing unless it's already running */ #if EV_PROTOTYPES /* feeds an event into a watcher as if the event actually occurred */ /* accepts any ev_watcher type */ EV_API_DECL void ev_feed_event (EV_P_ void *w, int revents) EV_NOEXCEPT; EV_API_DECL void ev_feed_fd_event (EV_P_ int fd, int revents) EV_NOEXCEPT; #if EV_SIGNAL_ENABLE EV_API_DECL void ev_feed_signal (int signum) EV_NOEXCEPT; EV_API_DECL void ev_feed_signal_event (EV_P_ int signum) EV_NOEXCEPT; #endif EV_API_DECL void ev_invoke (EV_P_ void *w, int revents); EV_API_DECL int ev_clear_pending (EV_P_ void *w) EV_NOEXCEPT; EV_API_DECL void ev_io_start (EV_P_ ev_io *w) EV_NOEXCEPT; EV_API_DECL void ev_io_stop (EV_P_ ev_io *w) EV_NOEXCEPT; EV_API_DECL void ev_timer_start (EV_P_ ev_timer *w) EV_NOEXCEPT; EV_API_DECL void ev_timer_stop (EV_P_ ev_timer *w) EV_NOEXCEPT; /* stops if active and no repeat, restarts if active and repeating, starts if inactive and repeating */ EV_API_DECL void ev_timer_again (EV_P_ ev_timer *w) EV_NOEXCEPT; /* return remaining time */ EV_API_DECL ev_tstamp ev_timer_remaining (EV_P_ ev_timer *w) EV_NOEXCEPT; #if EV_PERIODIC_ENABLE EV_API_DECL void ev_periodic_start (EV_P_ ev_periodic *w) EV_NOEXCEPT; EV_API_DECL void ev_periodic_stop (EV_P_ ev_periodic *w) EV_NOEXCEPT; EV_API_DECL void ev_periodic_again (EV_P_ ev_periodic *w) EV_NOEXCEPT; #endif /* only supported in the default loop */ #if EV_SIGNAL_ENABLE EV_API_DECL void ev_signal_start (EV_P_ ev_signal *w) EV_NOEXCEPT; EV_API_DECL void ev_signal_stop (EV_P_ ev_signal *w) EV_NOEXCEPT; #endif /* only supported in the default loop */ # if EV_CHILD_ENABLE EV_API_DECL void ev_child_start (EV_P_ ev_child *w) EV_NOEXCEPT; EV_API_DECL void ev_child_stop (EV_P_ ev_child *w) EV_NOEXCEPT; # endif # if EV_STAT_ENABLE EV_API_DECL void ev_stat_start (EV_P_ ev_stat *w) EV_NOEXCEPT; EV_API_DECL void ev_stat_stop (EV_P_ ev_stat *w) EV_NOEXCEPT; EV_API_DECL void ev_stat_stat (EV_P_ ev_stat *w) EV_NOEXCEPT; # endif # if EV_IDLE_ENABLE EV_API_DECL void ev_idle_start (EV_P_ ev_idle *w) EV_NOEXCEPT; EV_API_DECL void ev_idle_stop (EV_P_ ev_idle *w) EV_NOEXCEPT; # endif #if EV_PREPARE_ENABLE EV_API_DECL void ev_prepare_start (EV_P_ ev_prepare *w) EV_NOEXCEPT; EV_API_DECL void ev_prepare_stop (EV_P_ ev_prepare *w) EV_NOEXCEPT; #endif #if EV_CHECK_ENABLE EV_API_DECL void ev_check_start (EV_P_ ev_check *w) EV_NOEXCEPT; EV_API_DECL void ev_check_stop (EV_P_ ev_check *w) EV_NOEXCEPT; #endif # if EV_FORK_ENABLE EV_API_DECL void ev_fork_start (EV_P_ ev_fork *w) EV_NOEXCEPT; EV_API_DECL void ev_fork_stop (EV_P_ ev_fork *w) EV_NOEXCEPT; # endif # if EV_CLEANUP_ENABLE EV_API_DECL void ev_cleanup_start (EV_P_ ev_cleanup *w) EV_NOEXCEPT; EV_API_DECL void ev_cleanup_stop (EV_P_ ev_cleanup *w) EV_NOEXCEPT; # endif # if EV_EMBED_ENABLE /* only supported when loop to be embedded is in fact embeddable */ EV_API_DECL void ev_embed_start (EV_P_ ev_embed *w) EV_NOEXCEPT; EV_API_DECL void ev_embed_stop (EV_P_ ev_embed *w) EV_NOEXCEPT; EV_API_DECL void ev_embed_sweep (EV_P_ ev_embed *w) EV_NOEXCEPT; # endif # if EV_ASYNC_ENABLE EV_API_DECL void ev_async_start (EV_P_ ev_async *w) EV_NOEXCEPT; EV_API_DECL void ev_async_stop (EV_P_ ev_async *w) EV_NOEXCEPT; EV_API_DECL void ev_async_send (EV_P_ ev_async *w) EV_NOEXCEPT; # endif #if EV_COMPAT3 #define EVLOOP_NONBLOCK EVRUN_NOWAIT #define EVLOOP_ONESHOT EVRUN_ONCE #define EVUNLOOP_CANCEL EVBREAK_CANCEL #define EVUNLOOP_ONE EVBREAK_ONE #define EVUNLOOP_ALL EVBREAK_ALL #if EV_PROTOTYPES EV_INLINE void ev_loop (EV_P_ int flags) { ev_run (EV_A_ flags); } EV_INLINE void ev_unloop (EV_P_ int how ) { ev_break (EV_A_ how ); } EV_INLINE void ev_default_destroy (void) { ev_loop_destroy (EV_DEFAULT); } EV_INLINE void ev_default_fork (void) { ev_loop_fork (EV_DEFAULT); } #if EV_FEATURE_API EV_INLINE unsigned int ev_loop_count (EV_P) { return ev_iteration (EV_A); } EV_INLINE unsigned int ev_loop_depth (EV_P) { return ev_depth (EV_A); } EV_INLINE void ev_loop_verify (EV_P) { ev_verify (EV_A); } #endif #endif #else typedef struct ev_loop ev_loop; #endif #endif EV_CPP(}) #endif uacme-1.7.6/libev/ev_linuxaio.c0000644000000000000000000005175514733013114013307 00000000000000/* * libev linux aio fd activity backend * * Copyright (c) 2019 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ /* * general notes about linux aio: * * a) at first, the linux aio IOCB_CMD_POLL functionality introduced in * 4.18 looks too good to be true: both watchers and events can be * batched, and events can even be handled in userspace using * a ring buffer shared with the kernel. watchers can be canceled * regardless of whether the fd has been closed. no problems with fork. * ok, the ring buffer is 200% undocumented (there isn't even a * header file), but otherwise, it's pure bliss! * b) ok, watchers are one-shot, so you have to re-arm active ones * on every iteration. so much for syscall-less event handling, * but at least these re-arms can be batched, no big deal, right? * c) well, linux as usual: the documentation lies to you: io_submit * sometimes returns EINVAL because the kernel doesn't feel like * handling your poll mask - ttys can be polled for POLLOUT, * POLLOUT|POLLIN, but polling for POLLIN fails. just great, * so we have to fall back to something else (hello, epoll), * but at least the fallback can be slow, because these are * exceptional cases, right? * d) hmm, you have to tell the kernel the maximum number of watchers * you want to queue when initialising the aio context. but of * course the real limit is magically calculated in the kernel, and * is often higher then we asked for. so we just have to destroy * the aio context and re-create it a bit larger if we hit the limit. * (starts to remind you of epoll? well, it's a bit more deterministic * and less gambling, but still ugly as hell). * e) that's when you find out you can also hit an arbitrary system-wide * limit. or the kernel simply doesn't want to handle your watchers. * what the fuck do we do then? you guessed it, in the middle * of event handling we have to switch to 100% epoll polling. and * that better is as fast as normal epoll polling, so you practically * have to use the normal epoll backend with all its quirks. * f) end result of this train wreck: it inherits all the disadvantages * from epoll, while adding a number on its own. why even bother to use * it? because if conditions are right and your fds are supported and you * don't hit a limit, this backend is actually faster, doesn't gamble with * your fds, batches watchers and events and doesn't require costly state * recreates. well, until it does. * g) all of this makes this backend use almost twice as much code as epoll. * which in turn uses twice as much code as poll. and that#s not counting * the fact that this backend also depends on the epoll backend, making * it three times as much code as poll, or kqueue. * h) bleah. why can't linux just do kqueue. sure kqueue is ugly, but by now * it's clear that whatever linux comes up with is far, far, far worse. */ #include /* actually linux/time.h, but we must assume they are compatible */ #include #include /*****************************************************************************/ /* syscall wrapdadoop - this section has the raw api/abi definitions */ #include /* no glibc wrappers */ /* aio_abi.h is not versioned in any way, so we cannot test for its existance */ #define IOCB_CMD_POLL 5 /* taken from linux/fs/aio.c. yup, that's a .c file. * not only is this totally undocumented, not even the source code * can tell you what the future semantics of compat_features and * incompat_features are, or what header_length actually is for. */ #define AIO_RING_MAGIC 0xa10a10a1 #define EV_AIO_RING_INCOMPAT_FEATURES 0 struct aio_ring { unsigned id; /* kernel internal index number */ unsigned nr; /* number of io_events */ unsigned head; /* Written to by userland or by kernel. */ unsigned tail; unsigned magic; unsigned compat_features; unsigned incompat_features; unsigned header_length; /* size of aio_ring */ struct io_event io_events[0]; }; inline_size int evsys_io_setup (unsigned nr_events, aio_context_t *ctx_idp) { return ev_syscall2 (SYS_io_setup, nr_events, ctx_idp); } inline_size int evsys_io_destroy (aio_context_t ctx_id) { return ev_syscall1 (SYS_io_destroy, ctx_id); } inline_size int evsys_io_submit (aio_context_t ctx_id, long nr, struct iocb *cbp[]) { return ev_syscall3 (SYS_io_submit, ctx_id, nr, cbp); } inline_size int evsys_io_cancel (aio_context_t ctx_id, struct iocb *cbp, struct io_event *result) { return ev_syscall3 (SYS_io_cancel, ctx_id, cbp, result); } inline_size int evsys_io_getevents (aio_context_t ctx_id, long min_nr, long nr, struct io_event *events, struct timespec *timeout) { return ev_syscall5 (SYS_io_getevents, ctx_id, min_nr, nr, events, timeout); } /*****************************************************************************/ /* actual backed implementation */ ecb_cold static int linuxaio_nr_events (EV_P) { /* we start with 16 iocbs and incraese from there * that's tiny, but the kernel has a rather low system-wide * limit that can be reached quickly, so let's be parsimonious * with this resource. * Rest assured, the kernel generously rounds up small and big numbers * in different ways (but doesn't seem to charge you for it). * The 15 here is because the kernel usually has a power of two as aio-max-nr, * and this helps to take advantage of that limit. */ /* we try to fill 4kB pages exactly. * the ring buffer header is 32 bytes, every io event is 32 bytes. * the kernel takes the io requests number, doubles it, adds 2 * and adds the ring buffer. * the way we use this is by starting low, and then roughly doubling the * size each time we hit a limit. */ int requests = 15 << linuxaio_iteration; int one_page = (4096 / sizeof (struct io_event) ) / 2; /* how many fit into one page */ int first_page = ((4096 - sizeof (struct aio_ring)) / sizeof (struct io_event) - 2) / 2; /* how many fit into the first page */ /* if everything fits into one page, use count exactly */ if (requests > first_page) /* otherwise, round down to full pages and add the first page */ requests = requests / one_page * one_page + first_page; return requests; } /* we use out own wrapper structure in case we ever want to do something "clever" */ typedef struct aniocb { struct iocb io; /*int inuse;*/ } *ANIOCBP; inline_size void linuxaio_array_needsize_iocbp (ANIOCBP *base, int offset, int count) { while (count--) { /* TODO: quite the overhead to allocate every iocb separately, maybe use our own allocator? */ ANIOCBP iocb = (ANIOCBP)ev_malloc (sizeof (*iocb)); /* full zero initialise is probably not required at the moment, but * this is not well documented, so we better do it. */ memset (iocb, 0, sizeof (*iocb)); iocb->io.aio_lio_opcode = IOCB_CMD_POLL; iocb->io.aio_fildes = offset; base [offset++] = iocb; } } ecb_cold static void linuxaio_free_iocbp (EV_P) { while (linuxaio_iocbpmax--) ev_free (linuxaio_iocbps [linuxaio_iocbpmax]); linuxaio_iocbpmax = 0; /* next resize will completely reallocate the array, at some overhead */ } static void linuxaio_modify (EV_P_ int fd, int oev, int nev) { array_needsize (ANIOCBP, linuxaio_iocbps, linuxaio_iocbpmax, fd + 1, linuxaio_array_needsize_iocbp); ANIOCBP iocb = linuxaio_iocbps [fd]; ANFD *anfd = &anfds [fd]; if (ecb_expect_false (iocb->io.aio_reqprio < 0)) { /* we handed this fd over to epoll, so undo this first */ /* we do it manually because the optimisations on epoll_modify won't do us any good */ epoll_ctl (backend_fd, EPOLL_CTL_DEL, fd, 0); anfd->emask = 0; iocb->io.aio_reqprio = 0; } else if (ecb_expect_false (iocb->io.aio_buf)) { /* iocb active, so cancel it first before resubmit */ /* this assumes we only ever get one call per fd per loop iteration */ for (;;) { /* on all relevant kernels, io_cancel fails with EINPROGRESS on "success" */ if (ecb_expect_false (evsys_io_cancel (linuxaio_ctx, &iocb->io, (struct io_event *)0) == 0)) break; if (ecb_expect_true (errno == EINPROGRESS)) break; /* the EINPROGRESS test is for nicer error message. clumsy. */ if (errno != EINTR) { assert (("libev: linuxaio unexpected io_cancel failed", errno != EINTR && errno != EINPROGRESS)); break; } } /* increment generation counter to avoid handling old events */ ++anfd->egen; } iocb->io.aio_buf = (nev & EV_READ ? POLLIN : 0) | (nev & EV_WRITE ? POLLOUT : 0); if (nev) { iocb->io.aio_data = (uint32_t)fd | ((__u64)(uint32_t)anfd->egen << 32); /* queue iocb up for io_submit */ /* this assumes we only ever get one call per fd per loop iteration */ ++linuxaio_submitcnt; array_needsize (struct iocb *, linuxaio_submits, linuxaio_submitmax, linuxaio_submitcnt, array_needsize_noinit); linuxaio_submits [linuxaio_submitcnt - 1] = &iocb->io; } } static void linuxaio_epoll_cb (EV_P_ struct ev_io *w, int revents) { epoll_poll (EV_A_ 0); } inline_speed void linuxaio_fd_rearm (EV_P_ int fd) { anfds [fd].events = 0; linuxaio_iocbps [fd]->io.aio_buf = 0; fd_change (EV_A_ fd, EV_ANFD_REIFY); } static void linuxaio_parse_events (EV_P_ struct io_event *ev, int nr) { while (nr) { int fd = ev->data & 0xffffffff; uint32_t gen = ev->data >> 32; int res = ev->res; assert (("libev: iocb fd must be in-bounds", fd >= 0 && fd < anfdmax)); /* only accept events if generation counter matches */ if (ecb_expect_true (gen == (uint32_t)anfds [fd].egen)) { /* feed events, we do not expect or handle POLLNVAL */ fd_event ( EV_A_ fd, (res & (POLLOUT | POLLERR | POLLHUP) ? EV_WRITE : 0) | (res & (POLLIN | POLLERR | POLLHUP) ? EV_READ : 0) ); /* linux aio is oneshot: rearm fd. TODO: this does more work than strictly needed */ linuxaio_fd_rearm (EV_A_ fd); } --nr; ++ev; } } /* get any events from ring buffer, return true if any were handled */ static int linuxaio_get_events_from_ring (EV_P) { struct aio_ring *ring = (struct aio_ring *)linuxaio_ctx; unsigned head, tail; /* the kernel reads and writes both of these variables, */ /* as a C extension, we assume that volatile use here */ /* both makes reads atomic and once-only */ head = *(volatile unsigned *)&ring->head; ECB_MEMORY_FENCE_ACQUIRE; tail = *(volatile unsigned *)&ring->tail; if (head == tail) return 0; /* parse all available events, but only once, to avoid starvation */ if (ecb_expect_true (tail > head)) /* normal case around */ linuxaio_parse_events (EV_A_ ring->io_events + head, tail - head); else /* wrapped around */ { linuxaio_parse_events (EV_A_ ring->io_events + head, ring->nr - head); linuxaio_parse_events (EV_A_ ring->io_events, tail); } ECB_MEMORY_FENCE_RELEASE; /* as an extension to C, we hope that the volatile will make this atomic and once-only */ *(volatile unsigned *)&ring->head = tail; return 1; } inline_size int linuxaio_ringbuf_valid (EV_P) { struct aio_ring *ring = (struct aio_ring *)linuxaio_ctx; return ecb_expect_true (ring->magic == AIO_RING_MAGIC) && ring->incompat_features == EV_AIO_RING_INCOMPAT_FEATURES && ring->header_length == sizeof (struct aio_ring); /* TODO: or use it to find io_event[0]? */ } /* read at least one event from kernel, or timeout */ inline_size void linuxaio_get_events (EV_P_ ev_tstamp timeout) { struct timespec ts; struct io_event ioev[8]; /* 256 octet stack space */ int want = 1; /* how many events to request */ int ringbuf_valid = linuxaio_ringbuf_valid (EV_A); if (ecb_expect_true (ringbuf_valid)) { /* if the ring buffer has any events, we don't wait or call the kernel at all */ if (linuxaio_get_events_from_ring (EV_A)) return; /* if the ring buffer is empty, and we don't have a timeout, then don't call the kernel */ if (!timeout) return; } else /* no ringbuffer, request slightly larger batch */ want = sizeof (ioev) / sizeof (ioev [0]); /* no events, so wait for some * for fairness reasons, we do this in a loop, to fetch all events */ for (;;) { int res; EV_RELEASE_CB; EV_TS_SET (ts, timeout); res = evsys_io_getevents (linuxaio_ctx, 1, want, ioev, &ts); EV_ACQUIRE_CB; if (res < 0) if (errno == EINTR) /* ignored, retry */; else ev_syserr ("(libev) linuxaio io_getevents"); else if (res) { /* at least one event available, handle them */ linuxaio_parse_events (EV_A_ ioev, res); if (ecb_expect_true (ringbuf_valid)) { /* if we have a ring buffer, handle any remaining events in it */ linuxaio_get_events_from_ring (EV_A); /* at this point, we should have handled all outstanding events */ break; } else if (res < want) /* otherwise, if there were fewere events than we wanted, we assume there are no more */ break; } else break; /* no events from the kernel, we are done */ timeout = EV_TS_CONST (0.); /* only wait in the first iteration */ } } inline_size int linuxaio_io_setup (EV_P) { linuxaio_ctx = 0; return evsys_io_setup (linuxaio_nr_events (EV_A), &linuxaio_ctx); } static void linuxaio_poll (EV_P_ ev_tstamp timeout) { int submitted; /* first phase: submit new iocbs */ /* io_submit might return less than the requested number of iocbs */ /* this is, afaics, only because of errors, but we go by the book and use a loop, */ /* which allows us to pinpoint the erroneous iocb */ for (submitted = 0; submitted < linuxaio_submitcnt; ) { int res = evsys_io_submit (linuxaio_ctx, linuxaio_submitcnt - submitted, linuxaio_submits + submitted); if (ecb_expect_false (res < 0)) if (errno == EINVAL) { /* This happens for unsupported fds, officially, but in my testing, * also randomly happens for supported fds. We fall back to good old * poll() here, under the assumption that this is a very rare case. * See https://lore.kernel.org/patchwork/patch/1047453/ to see * discussion about such a case (ttys) where polling for POLLIN * fails but POLLIN|POLLOUT works. */ struct iocb *iocb = linuxaio_submits [submitted]; epoll_modify (EV_A_ iocb->aio_fildes, 0, anfds [iocb->aio_fildes].events); iocb->aio_reqprio = -1; /* mark iocb as epoll */ res = 1; /* skip this iocb - another iocb, another chance */ } else if (errno == EAGAIN) { /* This happens when the ring buffer is full, or some other shit we * don't know and isn't documented. Most likely because we have too * many requests and linux aio can't be assed to handle them. * In this case, we try to allocate a larger ring buffer, freeing * ours first. This might fail, in which case we have to fall back to 100% * epoll. * God, how I hate linux not getting its act together. Ever. */ evsys_io_destroy (linuxaio_ctx); linuxaio_submitcnt = 0; /* rearm all fds with active iocbs */ { int fd; for (fd = 0; fd < linuxaio_iocbpmax; ++fd) if (linuxaio_iocbps [fd]->io.aio_buf) linuxaio_fd_rearm (EV_A_ fd); } ++linuxaio_iteration; if (linuxaio_io_setup (EV_A) < 0) { /* TODO: rearm all and recreate epoll backend from scratch */ /* TODO: might be more prudent? */ /* to bad, we can't get a new aio context, go 100% epoll */ linuxaio_free_iocbp (EV_A); ev_io_stop (EV_A_ &linuxaio_epoll_w); ev_ref (EV_A); linuxaio_ctx = 0; backend = EVBACKEND_EPOLL; backend_modify = epoll_modify; backend_poll = epoll_poll; } timeout = EV_TS_CONST (0.); /* it's easiest to handle this mess in another iteration */ return; } else if (errno == EBADF) { assert (("libev: event loop rejected bad fd", errno != EBADF)); fd_kill (EV_A_ linuxaio_submits [submitted]->aio_fildes); res = 1; /* skip this iocb */ } else if (errno == EINTR) /* not seen in reality, not documented */ res = 0; /* silently ignore and retry */ else { ev_syserr ("(libev) linuxaio io_submit"); res = 0; } submitted += res; } linuxaio_submitcnt = 0; /* second phase: fetch and parse events */ linuxaio_get_events (EV_A_ timeout); } inline_size int linuxaio_init (EV_P_ int flags) { /* would be great to have a nice test for IOCB_CMD_POLL instead */ /* also: test some semi-common fd types, such as files and ttys in recommended_backends */ /* 4.18 introduced IOCB_CMD_POLL, 4.19 made epoll work, and we need that */ if (ev_linux_version () < 0x041300) return 0; if (!epoll_init (EV_A_ 0)) return 0; linuxaio_iteration = 0; if (linuxaio_io_setup (EV_A) < 0) { epoll_destroy (EV_A); return 0; } ev_io_init (&linuxaio_epoll_w, linuxaio_epoll_cb, backend_fd, EV_READ); ev_set_priority (&linuxaio_epoll_w, EV_MAXPRI); ev_io_start (EV_A_ &linuxaio_epoll_w); ev_unref (EV_A); /* watcher should not keep loop alive */ backend_modify = linuxaio_modify; backend_poll = linuxaio_poll; linuxaio_iocbpmax = 0; linuxaio_iocbps = 0; linuxaio_submits = 0; linuxaio_submitmax = 0; linuxaio_submitcnt = 0; return EVBACKEND_LINUXAIO; } inline_size void linuxaio_destroy (EV_P) { epoll_destroy (EV_A); linuxaio_free_iocbp (EV_A); evsys_io_destroy (linuxaio_ctx); /* fails in child, aio context is destroyed */ } ecb_cold static void linuxaio_fork (EV_P) { linuxaio_submitcnt = 0; /* all pointers were invalidated */ linuxaio_free_iocbp (EV_A); /* this frees all iocbs, which is very heavy-handed */ evsys_io_destroy (linuxaio_ctx); /* fails in child, aio context is destroyed */ linuxaio_iteration = 0; /* we start over in the child */ while (linuxaio_io_setup (EV_A) < 0) ev_syserr ("(libev) linuxaio io_setup"); /* forking epoll should also effectively unregister all fds from the backend */ epoll_fork (EV_A); /* epoll_fork already did this. hopefully */ /*fd_rearm_all (EV_A);*/ ev_io_stop (EV_A_ &linuxaio_epoll_w); ev_io_set (EV_A_ &linuxaio_epoll_w, backend_fd, EV_READ); ev_io_start (EV_A_ &linuxaio_epoll_w); } uacme-1.7.6/libev/ev_wrap.h0000644000000000000000000002017114733013114012421 00000000000000/* DO NOT EDIT, automatically generated by update_ev_wrap */ #ifndef EV_WRAP_H #define EV_WRAP_H #define acquire_cb ((loop)->acquire_cb) #define activecnt ((loop)->activecnt) #define anfdmax ((loop)->anfdmax) #define anfds ((loop)->anfds) #define async_pending ((loop)->async_pending) #define asynccnt ((loop)->asynccnt) #define asyncmax ((loop)->asyncmax) #define asyncs ((loop)->asyncs) #define backend ((loop)->backend) #define backend_fd ((loop)->backend_fd) #define backend_mintime ((loop)->backend_mintime) #define backend_modify ((loop)->backend_modify) #define backend_poll ((loop)->backend_poll) #define checkcnt ((loop)->checkcnt) #define checkmax ((loop)->checkmax) #define checks ((loop)->checks) #define cleanupcnt ((loop)->cleanupcnt) #define cleanupmax ((loop)->cleanupmax) #define cleanups ((loop)->cleanups) #define curpid ((loop)->curpid) #define epoll_epermcnt ((loop)->epoll_epermcnt) #define epoll_epermmax ((loop)->epoll_epermmax) #define epoll_eperms ((loop)->epoll_eperms) #define epoll_eventmax ((loop)->epoll_eventmax) #define epoll_events ((loop)->epoll_events) #define evpipe ((loop)->evpipe) #define fdchangecnt ((loop)->fdchangecnt) #define fdchangemax ((loop)->fdchangemax) #define fdchanges ((loop)->fdchanges) #define forkcnt ((loop)->forkcnt) #define forkmax ((loop)->forkmax) #define forks ((loop)->forks) #define fs_2625 ((loop)->fs_2625) #define fs_fd ((loop)->fs_fd) #define fs_hash ((loop)->fs_hash) #define fs_w ((loop)->fs_w) #define idleall ((loop)->idleall) #define idlecnt ((loop)->idlecnt) #define idlemax ((loop)->idlemax) #define idles ((loop)->idles) #define invoke_cb ((loop)->invoke_cb) #define io_blocktime ((loop)->io_blocktime) #define iocp ((loop)->iocp) #define iouring_cq_cqes ((loop)->iouring_cq_cqes) #define iouring_cq_head ((loop)->iouring_cq_head) #define iouring_cq_overflow ((loop)->iouring_cq_overflow) #define iouring_cq_ring ((loop)->iouring_cq_ring) #define iouring_cq_ring_entries ((loop)->iouring_cq_ring_entries) #define iouring_cq_ring_mask ((loop)->iouring_cq_ring_mask) #define iouring_cq_ring_size ((loop)->iouring_cq_ring_size) #define iouring_cq_tail ((loop)->iouring_cq_tail) #define iouring_entries ((loop)->iouring_entries) #define iouring_epoll_w ((loop)->iouring_epoll_w) #define iouring_fd ((loop)->iouring_fd) #define iouring_max_entries ((loop)->iouring_max_entries) #define iouring_sq_array ((loop)->iouring_sq_array) #define iouring_sq_dropped ((loop)->iouring_sq_dropped) #define iouring_sq_flags ((loop)->iouring_sq_flags) #define iouring_sq_head ((loop)->iouring_sq_head) #define iouring_sq_ring ((loop)->iouring_sq_ring) #define iouring_sq_ring_entries ((loop)->iouring_sq_ring_entries) #define iouring_sq_ring_mask ((loop)->iouring_sq_ring_mask) #define iouring_sq_ring_size ((loop)->iouring_sq_ring_size) #define iouring_sq_tail ((loop)->iouring_sq_tail) #define iouring_sqes ((loop)->iouring_sqes) #define iouring_sqes_size ((loop)->iouring_sqes_size) #define iouring_tfd ((loop)->iouring_tfd) #define iouring_tfd_to ((loop)->iouring_tfd_to) #define iouring_tfd_w ((loop)->iouring_tfd_w) #define iouring_to_submit ((loop)->iouring_to_submit) #define kqueue_changecnt ((loop)->kqueue_changecnt) #define kqueue_changemax ((loop)->kqueue_changemax) #define kqueue_changes ((loop)->kqueue_changes) #define kqueue_eventmax ((loop)->kqueue_eventmax) #define kqueue_events ((loop)->kqueue_events) #define kqueue_fd_pid ((loop)->kqueue_fd_pid) #define linuxaio_ctx ((loop)->linuxaio_ctx) #define linuxaio_epoll_w ((loop)->linuxaio_epoll_w) #define linuxaio_iocbpmax ((loop)->linuxaio_iocbpmax) #define linuxaio_iocbps ((loop)->linuxaio_iocbps) #define linuxaio_iteration ((loop)->linuxaio_iteration) #define linuxaio_submitcnt ((loop)->linuxaio_submitcnt) #define linuxaio_submitmax ((loop)->linuxaio_submitmax) #define linuxaio_submits ((loop)->linuxaio_submits) #define loop_count ((loop)->loop_count) #define loop_depth ((loop)->loop_depth) #define loop_done ((loop)->loop_done) #define mn_now ((loop)->mn_now) #define now_floor ((loop)->now_floor) #define origflags ((loop)->origflags) #define pending_w ((loop)->pending_w) #define pendingcnt ((loop)->pendingcnt) #define pendingmax ((loop)->pendingmax) #define pendingpri ((loop)->pendingpri) #define pendings ((loop)->pendings) #define periodiccnt ((loop)->periodiccnt) #define periodicmax ((loop)->periodicmax) #define periodics ((loop)->periodics) #define pipe_w ((loop)->pipe_w) #define pipe_write_skipped ((loop)->pipe_write_skipped) #define pipe_write_wanted ((loop)->pipe_write_wanted) #define pollcnt ((loop)->pollcnt) #define pollidxmax ((loop)->pollidxmax) #define pollidxs ((loop)->pollidxs) #define pollmax ((loop)->pollmax) #define polls ((loop)->polls) #define port_eventmax ((loop)->port_eventmax) #define port_events ((loop)->port_events) #define postfork ((loop)->postfork) #define preparecnt ((loop)->preparecnt) #define preparemax ((loop)->preparemax) #define prepares ((loop)->prepares) #define release_cb ((loop)->release_cb) #define rfeedcnt ((loop)->rfeedcnt) #define rfeedmax ((loop)->rfeedmax) #define rfeeds ((loop)->rfeeds) #define rtmn_diff ((loop)->rtmn_diff) #define sig_pending ((loop)->sig_pending) #define sigfd ((loop)->sigfd) #define sigfd_set ((loop)->sigfd_set) #define sigfd_w ((loop)->sigfd_w) #define timeout_blocktime ((loop)->timeout_blocktime) #define timercnt ((loop)->timercnt) #define timerfd ((loop)->timerfd) #define timerfd_w ((loop)->timerfd_w) #define timermax ((loop)->timermax) #define timers ((loop)->timers) #define userdata ((loop)->userdata) #define vec_eo ((loop)->vec_eo) #define vec_max ((loop)->vec_max) #define vec_ri ((loop)->vec_ri) #define vec_ro ((loop)->vec_ro) #define vec_wi ((loop)->vec_wi) #define vec_wo ((loop)->vec_wo) #else #undef EV_WRAP_H #undef acquire_cb #undef activecnt #undef anfdmax #undef anfds #undef async_pending #undef asynccnt #undef asyncmax #undef asyncs #undef backend #undef backend_fd #undef backend_mintime #undef backend_modify #undef backend_poll #undef checkcnt #undef checkmax #undef checks #undef cleanupcnt #undef cleanupmax #undef cleanups #undef curpid #undef epoll_epermcnt #undef epoll_epermmax #undef epoll_eperms #undef epoll_eventmax #undef epoll_events #undef evpipe #undef fdchangecnt #undef fdchangemax #undef fdchanges #undef forkcnt #undef forkmax #undef forks #undef fs_2625 #undef fs_fd #undef fs_hash #undef fs_w #undef idleall #undef idlecnt #undef idlemax #undef idles #undef invoke_cb #undef io_blocktime #undef iocp #undef iouring_cq_cqes #undef iouring_cq_head #undef iouring_cq_overflow #undef iouring_cq_ring #undef iouring_cq_ring_entries #undef iouring_cq_ring_mask #undef iouring_cq_ring_size #undef iouring_cq_tail #undef iouring_entries #undef iouring_epoll_w #undef iouring_fd #undef iouring_max_entries #undef iouring_sq_array #undef iouring_sq_dropped #undef iouring_sq_flags #undef iouring_sq_head #undef iouring_sq_ring #undef iouring_sq_ring_entries #undef iouring_sq_ring_mask #undef iouring_sq_ring_size #undef iouring_sq_tail #undef iouring_sqes #undef iouring_sqes_size #undef iouring_tfd #undef iouring_tfd_to #undef iouring_tfd_w #undef iouring_to_submit #undef kqueue_changecnt #undef kqueue_changemax #undef kqueue_changes #undef kqueue_eventmax #undef kqueue_events #undef kqueue_fd_pid #undef linuxaio_ctx #undef linuxaio_epoll_w #undef linuxaio_iocbpmax #undef linuxaio_iocbps #undef linuxaio_iteration #undef linuxaio_submitcnt #undef linuxaio_submitmax #undef linuxaio_submits #undef loop_count #undef loop_depth #undef loop_done #undef mn_now #undef now_floor #undef origflags #undef pending_w #undef pendingcnt #undef pendingmax #undef pendingpri #undef pendings #undef periodiccnt #undef periodicmax #undef periodics #undef pipe_w #undef pipe_write_skipped #undef pipe_write_wanted #undef pollcnt #undef pollidxmax #undef pollidxs #undef pollmax #undef polls #undef port_eventmax #undef port_events #undef postfork #undef preparecnt #undef preparemax #undef prepares #undef release_cb #undef rfeedcnt #undef rfeedmax #undef rfeeds #undef rtmn_diff #undef sig_pending #undef sigfd #undef sigfd_set #undef sigfd_w #undef timeout_blocktime #undef timercnt #undef timerfd #undef timerfd_w #undef timermax #undef timers #undef userdata #undef vec_eo #undef vec_max #undef vec_ri #undef vec_ro #undef vec_wi #undef vec_wo #endif uacme-1.7.6/libev/libev.m40000644000000000000000000000335714555530552012173 00000000000000dnl this file is part of libev, do not make local modifications dnl http://software.schmorp.de/pkg/libev dnl libev support AC_CHECK_HEADERS(sys/inotify.h sys/epoll.h sys/event.h port.h poll.h sys/timerfd.h) AC_CHECK_HEADERS(sys/select.h sys/eventfd.h sys/signalfd.h linux/aio_abi.h linux/fs.h) AC_CHECK_FUNCS(inotify_init epoll_ctl kqueue port_create poll select eventfd signalfd) AC_CHECK_FUNCS(clock_gettime, [], [ dnl on linux, try syscall wrapper first if test $(uname) = Linux; then AC_MSG_CHECKING(for clock_gettime syscall) AC_LINK_IFELSE([AC_LANG_PROGRAM( [#include #include #include ], [struct timespec ts; int status = syscall (SYS_clock_gettime, CLOCK_REALTIME, &ts)])], [ac_have_clock_syscall=1 AC_DEFINE(HAVE_CLOCK_SYSCALL, 1, Define to 1 to use the syscall interface for clock_gettime) AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no)]) fi if test -z "$LIBEV_M4_AVOID_LIBRT" && test -z "$ac_have_clock_syscall"; then AC_CHECK_LIB(rt, clock_gettime) unset ac_cv_func_clock_gettime AC_CHECK_FUNCS(clock_gettime) fi ]) AC_CHECK_FUNCS(nanosleep, [], [ if test -z "$LIBEV_M4_AVOID_LIBRT"; then AC_CHECK_LIB(rt, nanosleep) unset ac_cv_func_nanosleep AC_CHECK_FUNCS(nanosleep) fi ]) AC_CHECK_TYPE(__kernel_rwf_t, [ AC_DEFINE(HAVE_KERNEL_RWF_T, 1, Define to 1 if linux/fs.h defined kernel_rwf_t) ], [], [#include ]) if test -z "$LIBEV_M4_AVOID_LIBM"; then LIBM=m fi AC_SEARCH_LIBS(floor, $LIBM, [AC_DEFINE(HAVE_FLOOR, 1, Define to 1 if the floor function is available)]) uacme-1.7.6/libev/ev_poll.c0000644000000000000000000001102314555530552012421 00000000000000/* * libev poll fd activity backend * * Copyright (c) 2007,2008,2009,2010,2011,2016,2019 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ #include inline_size void array_needsize_pollidx (int *base, int offset, int count) { /* using memset (.., -1, ...) is tempting, we we try * to be ultraportable */ base += offset; while (count--) *base++ = -1; } static void poll_modify (EV_P_ int fd, int oev, int nev) { int idx; if (oev == nev) return; array_needsize (int, pollidxs, pollidxmax, fd + 1, array_needsize_pollidx); idx = pollidxs [fd]; if (idx < 0) /* need to allocate a new pollfd */ { pollidxs [fd] = idx = pollcnt++; array_needsize (struct pollfd, polls, pollmax, pollcnt, array_needsize_noinit); polls [idx].fd = fd; } assert (polls [idx].fd == fd); if (nev) polls [idx].events = (nev & EV_READ ? POLLIN : 0) | (nev & EV_WRITE ? POLLOUT : 0); else /* remove pollfd */ { pollidxs [fd] = -1; if (ecb_expect_true (idx < --pollcnt)) { polls [idx] = polls [pollcnt]; pollidxs [polls [idx].fd] = idx; } } } static void poll_poll (EV_P_ ev_tstamp timeout) { struct pollfd *p; int res; EV_RELEASE_CB; res = poll (polls, pollcnt, EV_TS_TO_MSEC (timeout)); EV_ACQUIRE_CB; if (ecb_expect_false (res < 0)) { if (errno == EBADF) fd_ebadf (EV_A); else if (errno == ENOMEM && !syserr_cb) fd_enomem (EV_A); else if (errno != EINTR) ev_syserr ("(libev) poll"); } else for (p = polls; res; ++p) { assert (("libev: poll returned illegal result, broken BSD kernel?", p < polls + pollcnt)); if (ecb_expect_false (p->revents)) /* this expect is debatable */ { --res; if (ecb_expect_false (p->revents & POLLNVAL)) { assert (("libev: poll found invalid fd in poll set", 0)); fd_kill (EV_A_ p->fd); } else fd_event ( EV_A_ p->fd, (p->revents & (POLLOUT | POLLERR | POLLHUP) ? EV_WRITE : 0) | (p->revents & (POLLIN | POLLERR | POLLHUP) ? EV_READ : 0) ); } } } inline_size int poll_init (EV_P_ int flags) { backend_mintime = EV_TS_CONST (1e-3); backend_modify = poll_modify; backend_poll = poll_poll; pollidxs = 0; pollidxmax = 0; polls = 0; pollmax = 0; pollcnt = 0; return EVBACKEND_POLL; } inline_size void poll_destroy (EV_P) { ev_free (pollidxs); ev_free (polls); } uacme-1.7.6/libev/ev_select.c0000644000000000000000000002122514555530552012737 00000000000000/* * libev select fd activity backend * * Copyright (c) 2007,2008,2009,2010,2011 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ #ifndef _WIN32 /* for unix systems */ # include # ifndef __hpux /* for REAL unix systems */ # include # endif #endif #ifndef EV_SELECT_USE_FD_SET # ifdef NFDBITS # define EV_SELECT_USE_FD_SET 0 # else # define EV_SELECT_USE_FD_SET 1 # endif #endif #if EV_SELECT_IS_WINSOCKET # undef EV_SELECT_USE_FD_SET # define EV_SELECT_USE_FD_SET 1 # undef NFDBITS # define NFDBITS 0 #endif #if !EV_SELECT_USE_FD_SET # define NFDBYTES (NFDBITS / 8) #endif #include static void select_modify (EV_P_ int fd, int oev, int nev) { if (oev == nev) return; { #if EV_SELECT_USE_FD_SET #if EV_SELECT_IS_WINSOCKET SOCKET handle = anfds [fd].handle; #else int handle = fd; #endif assert (("libev: fd >= FD_SETSIZE passed to fd_set-based select backend", fd < FD_SETSIZE)); /* FD_SET is broken on windows (it adds the fd to a set twice or more, * which eventually leads to overflows). Need to call it only on changes. */ #if EV_SELECT_IS_WINSOCKET if ((oev ^ nev) & EV_READ) #endif if (nev & EV_READ) FD_SET (handle, (fd_set *)vec_ri); else FD_CLR (handle, (fd_set *)vec_ri); #if EV_SELECT_IS_WINSOCKET if ((oev ^ nev) & EV_WRITE) #endif if (nev & EV_WRITE) FD_SET (handle, (fd_set *)vec_wi); else FD_CLR (handle, (fd_set *)vec_wi); #else int word = fd / NFDBITS; fd_mask mask = 1UL << (fd % NFDBITS); if (ecb_expect_false (vec_max <= word)) { int new_max = word + 1; vec_ri = ev_realloc (vec_ri, new_max * NFDBYTES); vec_ro = ev_realloc (vec_ro, new_max * NFDBYTES); /* could free/malloc */ vec_wi = ev_realloc (vec_wi, new_max * NFDBYTES); vec_wo = ev_realloc (vec_wo, new_max * NFDBYTES); /* could free/malloc */ #ifdef _WIN32 vec_eo = ev_realloc (vec_eo, new_max * NFDBYTES); /* could free/malloc */ #endif for (; vec_max < new_max; ++vec_max) ((fd_mask *)vec_ri) [vec_max] = ((fd_mask *)vec_wi) [vec_max] = 0; } ((fd_mask *)vec_ri) [word] |= mask; if (!(nev & EV_READ)) ((fd_mask *)vec_ri) [word] &= ~mask; ((fd_mask *)vec_wi) [word] |= mask; if (!(nev & EV_WRITE)) ((fd_mask *)vec_wi) [word] &= ~mask; #endif } } static void select_poll (EV_P_ ev_tstamp timeout) { struct timeval tv; int res; int fd_setsize; EV_RELEASE_CB; EV_TV_SET (tv, timeout); #if EV_SELECT_USE_FD_SET fd_setsize = sizeof (fd_set); #else fd_setsize = vec_max * NFDBYTES; #endif memcpy (vec_ro, vec_ri, fd_setsize); memcpy (vec_wo, vec_wi, fd_setsize); #ifdef _WIN32 /* pass in the write set as except set. * the idea behind this is to work around a windows bug that causes * errors to be reported as an exception and not by setting * the writable bit. this is so uncontrollably lame. */ memcpy (vec_eo, vec_wi, fd_setsize); res = select (vec_max * NFDBITS, (fd_set *)vec_ro, (fd_set *)vec_wo, (fd_set *)vec_eo, &tv); #elif EV_SELECT_USE_FD_SET fd_setsize = anfdmax < FD_SETSIZE ? anfdmax : FD_SETSIZE; res = select (fd_setsize, (fd_set *)vec_ro, (fd_set *)vec_wo, 0, &tv); #else res = select (vec_max * NFDBITS, (fd_set *)vec_ro, (fd_set *)vec_wo, 0, &tv); #endif EV_ACQUIRE_CB; if (ecb_expect_false (res < 0)) { #if EV_SELECT_IS_WINSOCKET errno = WSAGetLastError (); #endif #ifdef WSABASEERR /* on windows, select returns incompatible error codes, fix this */ if (errno >= WSABASEERR && errno < WSABASEERR + 1000) if (errno == WSAENOTSOCK) errno = EBADF; else errno -= WSABASEERR; #endif #ifdef _WIN32 /* select on windows erroneously returns EINVAL when no fd sets have been * provided (this is documented). what microsoft doesn't tell you that this bug * exists even when the fd sets _are_ provided, so we have to check for this bug * here and emulate by sleeping manually. * we also get EINVAL when the timeout is invalid, but we ignore this case here * and assume that EINVAL always means: you have to wait manually. */ if (errno == EINVAL) { if (timeout) { unsigned long ms = EV_TS_TO_MSEC (timeout); Sleep (ms ? ms : 1); } return; } #endif if (errno == EBADF) fd_ebadf (EV_A); else if (errno == ENOMEM && !syserr_cb) fd_enomem (EV_A); else if (errno != EINTR) ev_syserr ("(libev) select"); return; } #if EV_SELECT_USE_FD_SET { int fd; for (fd = 0; fd < anfdmax; ++fd) if (anfds [fd].events) { int events = 0; #if EV_SELECT_IS_WINSOCKET SOCKET handle = anfds [fd].handle; #else int handle = fd; #endif if (FD_ISSET (handle, (fd_set *)vec_ro)) events |= EV_READ; if (FD_ISSET (handle, (fd_set *)vec_wo)) events |= EV_WRITE; #ifdef _WIN32 if (FD_ISSET (handle, (fd_set *)vec_eo)) events |= EV_WRITE; #endif if (ecb_expect_true (events)) fd_event (EV_A_ fd, events); } } #else { int word, bit; for (word = vec_max; word--; ) { fd_mask word_r = ((fd_mask *)vec_ro) [word]; fd_mask word_w = ((fd_mask *)vec_wo) [word]; #ifdef _WIN32 word_w |= ((fd_mask *)vec_eo) [word]; #endif if (word_r || word_w) for (bit = NFDBITS; bit--; ) { fd_mask mask = 1UL << bit; int events = 0; events |= word_r & mask ? EV_READ : 0; events |= word_w & mask ? EV_WRITE : 0; if (ecb_expect_true (events)) fd_event (EV_A_ word * NFDBITS + bit, events); } } } #endif } inline_size int select_init (EV_P_ int flags) { backend_mintime = EV_TS_CONST (1e-6); backend_modify = select_modify; backend_poll = select_poll; #if EV_SELECT_USE_FD_SET vec_ri = ev_malloc (sizeof (fd_set)); FD_ZERO ((fd_set *)vec_ri); vec_ro = ev_malloc (sizeof (fd_set)); vec_wi = ev_malloc (sizeof (fd_set)); FD_ZERO ((fd_set *)vec_wi); vec_wo = ev_malloc (sizeof (fd_set)); #ifdef _WIN32 vec_eo = ev_malloc (sizeof (fd_set)); #endif #else vec_max = 0; vec_ri = 0; vec_ro = 0; vec_wi = 0; vec_wo = 0; #ifdef _WIN32 vec_eo = 0; #endif #endif return EVBACKEND_SELECT; } inline_size void select_destroy (EV_P) { ev_free (vec_ri); ev_free (vec_ro); ev_free (vec_wi); ev_free (vec_wo); #ifdef _WIN32 ev_free (vec_eo); #endif } uacme-1.7.6/libev/ev_kqueue.c0000644000000000000000000001566014555530552012765 00000000000000/* * libev kqueue backend * * Copyright (c) 2007,2008,2009,2010,2011,2012,2013,2016,2019 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ #include #include #include #include #include inline_speed void kqueue_change (EV_P_ int fd, int filter, int flags, int fflags) { ++kqueue_changecnt; array_needsize (struct kevent, kqueue_changes, kqueue_changemax, kqueue_changecnt, array_needsize_noinit); EV_SET (&kqueue_changes [kqueue_changecnt - 1], fd, filter, flags, fflags, 0, 0); } /* OS X at least needs this */ #ifndef EV_ENABLE # define EV_ENABLE 0 #endif #ifndef NOTE_EOF # define NOTE_EOF 0 #endif static void kqueue_modify (EV_P_ int fd, int oev, int nev) { if (oev != nev) { if (oev & EV_READ) kqueue_change (EV_A_ fd, EVFILT_READ , EV_DELETE, 0); if (oev & EV_WRITE) kqueue_change (EV_A_ fd, EVFILT_WRITE, EV_DELETE, 0); } /* to detect close/reopen reliably, we have to re-add */ /* event requests even when oev == nev */ if (nev & EV_READ) kqueue_change (EV_A_ fd, EVFILT_READ , EV_ADD | EV_ENABLE, NOTE_EOF); if (nev & EV_WRITE) kqueue_change (EV_A_ fd, EVFILT_WRITE, EV_ADD | EV_ENABLE, NOTE_EOF); } static void kqueue_poll (EV_P_ ev_tstamp timeout) { int res, i; struct timespec ts; /* need to resize so there is enough space for errors */ if (kqueue_changecnt > kqueue_eventmax) { ev_free (kqueue_events); kqueue_eventmax = array_nextsize (sizeof (struct kevent), kqueue_eventmax, kqueue_changecnt); kqueue_events = (struct kevent *)ev_malloc (sizeof (struct kevent) * kqueue_eventmax); } EV_RELEASE_CB; EV_TS_SET (ts, timeout); res = kevent (backend_fd, kqueue_changes, kqueue_changecnt, kqueue_events, kqueue_eventmax, &ts); EV_ACQUIRE_CB; kqueue_changecnt = 0; if (ecb_expect_false (res < 0)) { if (errno != EINTR) ev_syserr ("(libev) kqueue kevent"); return; } for (i = 0; i < res; ++i) { int fd = kqueue_events [i].ident; if (ecb_expect_false (kqueue_events [i].flags & EV_ERROR)) { int err = kqueue_events [i].data; /* we are only interested in errors for fds that we are interested in :) */ if (anfds [fd].events) { if (err == ENOENT) /* resubmit changes on ENOENT */ kqueue_modify (EV_A_ fd, 0, anfds [fd].events); else if (err == EBADF) /* on EBADF, we re-check the fd */ { if (fd_valid (fd)) kqueue_modify (EV_A_ fd, 0, anfds [fd].events); else { assert (("libev: kqueue found invalid fd", 0)); fd_kill (EV_A_ fd); } } else /* on all other errors, we error out on the fd */ { assert (("libev: kqueue found invalid fd", 0)); fd_kill (EV_A_ fd); } } } else fd_event ( EV_A_ fd, kqueue_events [i].filter == EVFILT_READ ? EV_READ : kqueue_events [i].filter == EVFILT_WRITE ? EV_WRITE : 0 ); } if (ecb_expect_false (res == kqueue_eventmax)) { ev_free (kqueue_events); kqueue_eventmax = array_nextsize (sizeof (struct kevent), kqueue_eventmax, kqueue_eventmax + 1); kqueue_events = (struct kevent *)ev_malloc (sizeof (struct kevent) * kqueue_eventmax); } } inline_size int kqueue_init (EV_P_ int flags) { /* initialize the kernel queue */ kqueue_fd_pid = getpid (); if ((backend_fd = kqueue ()) < 0) return 0; fcntl (backend_fd, F_SETFD, FD_CLOEXEC); /* not sure if necessary, hopefully doesn't hurt */ backend_mintime = EV_TS_CONST (1e-9); /* apparently, they did the right thing in freebsd */ backend_modify = kqueue_modify; backend_poll = kqueue_poll; kqueue_eventmax = 64; /* initial number of events receivable per poll */ kqueue_events = (struct kevent *)ev_malloc (sizeof (struct kevent) * kqueue_eventmax); kqueue_changes = 0; kqueue_changemax = 0; kqueue_changecnt = 0; return EVBACKEND_KQUEUE; } inline_size void kqueue_destroy (EV_P) { ev_free (kqueue_events); ev_free (kqueue_changes); } inline_size void kqueue_fork (EV_P) { /* some BSD kernels don't just destroy the kqueue itself, * but also close the fd, which isn't documented, and * impossible to support properly. * we remember the pid of the kqueue call and only close * the fd if the pid is still the same. * this leaks fds on sane kernels, but BSD interfaces are * notoriously buggy and rarely get fixed. */ pid_t newpid = getpid (); if (newpid == kqueue_fd_pid) close (backend_fd); kqueue_fd_pid = newpid; while ((backend_fd = kqueue ()) < 0) ev_syserr ("(libev) kqueue"); fcntl (backend_fd, F_SETFD, FD_CLOEXEC); /* re-register interest in fds */ fd_rearm_all (EV_A); } /* sys/event.h defines EV_ERROR */ #undef EV_ERROR uacme-1.7.6/libev/ev.c0000644000000000000000000042467214733013114011401 00000000000000/* * libev event processing core, watcher management * * Copyright (c) 2007-2019 Marc Alexander Lehmann * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ /* this big block deduces configuration from config.h */ #ifndef EV_STANDALONE # ifdef EV_CONFIG_H # include EV_CONFIG_H # else # include "config.h" # endif # if HAVE_FLOOR # ifndef EV_USE_FLOOR # define EV_USE_FLOOR 1 # endif # endif # if HAVE_CLOCK_SYSCALL # ifndef EV_USE_CLOCK_SYSCALL # define EV_USE_CLOCK_SYSCALL 1 # ifndef EV_USE_REALTIME # define EV_USE_REALTIME 0 # endif # ifndef EV_USE_MONOTONIC # define EV_USE_MONOTONIC 1 # endif # endif # elif !defined EV_USE_CLOCK_SYSCALL # define EV_USE_CLOCK_SYSCALL 0 # endif # if HAVE_CLOCK_GETTIME # ifndef EV_USE_MONOTONIC # define EV_USE_MONOTONIC 1 # endif # ifndef EV_USE_REALTIME # define EV_USE_REALTIME 0 # endif # else # ifndef EV_USE_MONOTONIC # define EV_USE_MONOTONIC 0 # endif # ifndef EV_USE_REALTIME # define EV_USE_REALTIME 0 # endif # endif # if HAVE_NANOSLEEP # ifndef EV_USE_NANOSLEEP # define EV_USE_NANOSLEEP EV_FEATURE_OS # endif # else # undef EV_USE_NANOSLEEP # define EV_USE_NANOSLEEP 0 # endif # if HAVE_SELECT && HAVE_SYS_SELECT_H # ifndef EV_USE_SELECT # define EV_USE_SELECT EV_FEATURE_BACKENDS # endif # else # undef EV_USE_SELECT # define EV_USE_SELECT 0 # endif # if HAVE_POLL && HAVE_POLL_H # ifndef EV_USE_POLL # define EV_USE_POLL EV_FEATURE_BACKENDS # endif # else # undef EV_USE_POLL # define EV_USE_POLL 0 # endif # if HAVE_EPOLL_CTL && HAVE_SYS_EPOLL_H # ifndef EV_USE_EPOLL # define EV_USE_EPOLL EV_FEATURE_BACKENDS # endif # else # undef EV_USE_EPOLL # define EV_USE_EPOLL 0 # endif # if HAVE_LINUX_AIO_ABI_H # ifndef EV_USE_LINUXAIO # define EV_USE_LINUXAIO EV_FEATURE_BACKENDS # endif # else # undef EV_USE_LINUXAIO # define EV_USE_LINUXAIO 0 # endif # if HAVE_LINUX_FS_H && HAVE_SYS_TIMERFD_H && HAVE_KERNEL_RWF_T # ifndef EV_USE_IOURING # define EV_USE_IOURING EV_FEATURE_BACKENDS # endif # else # undef EV_USE_IOURING # define EV_USE_IOURING 0 # endif # if HAVE_KQUEUE && HAVE_SYS_EVENT_H # ifndef EV_USE_KQUEUE # define EV_USE_KQUEUE EV_FEATURE_BACKENDS # endif # else # undef EV_USE_KQUEUE # define EV_USE_KQUEUE 0 # endif # if HAVE_PORT_H && HAVE_PORT_CREATE # ifndef EV_USE_PORT # define EV_USE_PORT EV_FEATURE_BACKENDS # endif # else # undef EV_USE_PORT # define EV_USE_PORT 0 # endif # if HAVE_INOTIFY_INIT && HAVE_SYS_INOTIFY_H # ifndef EV_USE_INOTIFY # define EV_USE_INOTIFY EV_FEATURE_OS # endif # else # undef EV_USE_INOTIFY # define EV_USE_INOTIFY 0 # endif # if HAVE_SIGNALFD && HAVE_SYS_SIGNALFD_H # ifndef EV_USE_SIGNALFD # define EV_USE_SIGNALFD EV_FEATURE_OS # endif # else # undef EV_USE_SIGNALFD # define EV_USE_SIGNALFD 0 # endif # if HAVE_EVENTFD # ifndef EV_USE_EVENTFD # define EV_USE_EVENTFD EV_FEATURE_OS # endif # else # undef EV_USE_EVENTFD # define EV_USE_EVENTFD 0 # endif # if HAVE_SYS_TIMERFD_H # ifndef EV_USE_TIMERFD # define EV_USE_TIMERFD EV_FEATURE_OS # endif # else # undef EV_USE_TIMERFD # define EV_USE_TIMERFD 0 # endif #endif /* OS X, in its infinite idiocy, actually HARDCODES * a limit of 1024 into their select. Where people have brains, * OS X engineers apparently have a vacuum. Or maybe they were * ordered to have a vacuum, or they do anything for money. * This might help. Or not. * Note that this must be defined early, as other include files * will rely on this define as well. */ #define _DARWIN_UNLIMITED_SELECT 1 #include #include #include #include #include #include #include #include #include #include #include #ifdef EV_H # include EV_H #else # include "ev.h" #endif #if EV_NO_THREADS # undef EV_NO_SMP # define EV_NO_SMP 1 # undef ECB_NO_THREADS # define ECB_NO_THREADS 1 #endif #if EV_NO_SMP # undef EV_NO_SMP # define ECB_NO_SMP 1 #endif #ifndef _WIN32 # include # include # include #else # include # define WIN32_LEAN_AND_MEAN # include # include # ifndef EV_SELECT_IS_WINSOCKET # define EV_SELECT_IS_WINSOCKET 1 # endif # undef EV_AVOID_STDIO #endif /* this block tries to deduce configuration from header-defined symbols and defaults */ /* try to deduce the maximum number of signals on this platform */ #if defined EV_NSIG /* use what's provided */ #elif defined NSIG # define EV_NSIG (NSIG) #elif defined _NSIG # define EV_NSIG (_NSIG) #elif defined SIGMAX # define EV_NSIG (SIGMAX+1) #elif defined SIG_MAX # define EV_NSIG (SIG_MAX+1) #elif defined _SIG_MAX # define EV_NSIG (_SIG_MAX+1) #elif defined MAXSIG # define EV_NSIG (MAXSIG+1) #elif defined MAX_SIG # define EV_NSIG (MAX_SIG+1) #elif defined SIGARRAYSIZE # define EV_NSIG (SIGARRAYSIZE) /* Assume ary[SIGARRAYSIZE] */ #elif defined _sys_nsig # define EV_NSIG (_sys_nsig) /* Solaris 2.5 */ #else # define EV_NSIG (8 * sizeof (sigset_t) + 1) #endif #ifndef EV_USE_FLOOR # define EV_USE_FLOOR 0 #endif #ifndef EV_USE_CLOCK_SYSCALL # if __linux && __GLIBC__ == 2 && __GLIBC_MINOR__ < 17 # define EV_USE_CLOCK_SYSCALL EV_FEATURE_OS # else # define EV_USE_CLOCK_SYSCALL 0 # endif #endif #if !(_POSIX_TIMERS > 0) # ifndef EV_USE_MONOTONIC # define EV_USE_MONOTONIC 0 # endif # ifndef EV_USE_REALTIME # define EV_USE_REALTIME 0 # endif #endif #ifndef EV_USE_MONOTONIC # if defined _POSIX_MONOTONIC_CLOCK && _POSIX_MONOTONIC_CLOCK >= 0 # define EV_USE_MONOTONIC EV_FEATURE_OS # else # define EV_USE_MONOTONIC 0 # endif #endif #ifndef EV_USE_REALTIME # define EV_USE_REALTIME !EV_USE_CLOCK_SYSCALL #endif #ifndef EV_USE_NANOSLEEP # if _POSIX_C_SOURCE >= 199309L # define EV_USE_NANOSLEEP EV_FEATURE_OS # else # define EV_USE_NANOSLEEP 0 # endif #endif #ifndef EV_USE_SELECT # define EV_USE_SELECT EV_FEATURE_BACKENDS #endif #ifndef EV_USE_POLL # ifdef _WIN32 # define EV_USE_POLL 0 # else # define EV_USE_POLL EV_FEATURE_BACKENDS # endif #endif #ifndef EV_USE_EPOLL # if __linux && (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 4)) # define EV_USE_EPOLL EV_FEATURE_BACKENDS # else # define EV_USE_EPOLL 0 # endif #endif #ifndef EV_USE_KQUEUE # define EV_USE_KQUEUE 0 #endif #ifndef EV_USE_PORT # define EV_USE_PORT 0 #endif #ifndef EV_USE_LINUXAIO # if __linux /* libev currently assumes linux/aio_abi.h is always available on linux */ # define EV_USE_LINUXAIO 1 # else # define EV_USE_LINUXAIO 0 # endif #endif #ifndef EV_USE_IOURING # if __linux /* later checks might disable again */ # define EV_USE_IOURING 1 # else # define EV_USE_IOURING 0 # endif #endif #ifndef EV_USE_INOTIFY # if __linux && (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 4)) # define EV_USE_INOTIFY EV_FEATURE_OS # else # define EV_USE_INOTIFY 0 # endif #endif #ifndef EV_PID_HASHSIZE # define EV_PID_HASHSIZE EV_FEATURE_DATA ? 16 : 1 #endif #ifndef EV_INOTIFY_HASHSIZE # define EV_INOTIFY_HASHSIZE EV_FEATURE_DATA ? 16 : 1 #endif #ifndef EV_USE_EVENTFD # if __linux && (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 7)) # define EV_USE_EVENTFD EV_FEATURE_OS # else # define EV_USE_EVENTFD 0 # endif #endif #ifndef EV_USE_SIGNALFD # if __linux && (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 7)) # define EV_USE_SIGNALFD EV_FEATURE_OS # else # define EV_USE_SIGNALFD 0 # endif #endif #ifndef EV_USE_TIMERFD # if __linux && (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 8)) # define EV_USE_TIMERFD EV_FEATURE_OS # else # define EV_USE_TIMERFD 0 # endif #endif #if 0 /* debugging */ # define EV_VERIFY 3 # define EV_USE_4HEAP 1 # define EV_HEAP_CACHE_AT 1 #endif #ifndef EV_VERIFY # define EV_VERIFY (EV_FEATURE_API ? 1 : 0) #endif #ifndef EV_USE_4HEAP # define EV_USE_4HEAP EV_FEATURE_DATA #endif #ifndef EV_HEAP_CACHE_AT # define EV_HEAP_CACHE_AT EV_FEATURE_DATA #endif #ifdef __ANDROID__ /* supposedly, android doesn't typedef fd_mask */ # undef EV_USE_SELECT # define EV_USE_SELECT 0 /* supposedly, we need to include syscall.h, not sys/syscall.h, so just disable */ # undef EV_USE_CLOCK_SYSCALL # define EV_USE_CLOCK_SYSCALL 0 #endif /* aix's poll.h seems to cause lots of trouble */ #ifdef _AIX /* AIX has a completely broken poll.h header */ # undef EV_USE_POLL # define EV_USE_POLL 0 #endif /* on linux, we can use a (slow) syscall to avoid a dependency on pthread, */ /* which makes programs even slower. might work on other unices, too. */ #if EV_USE_CLOCK_SYSCALL # include # ifdef SYS_clock_gettime # define clock_gettime(id, ts) syscall (SYS_clock_gettime, (id), (ts)) # undef EV_USE_MONOTONIC # define EV_USE_MONOTONIC 1 # define EV_NEED_SYSCALL 1 # else # undef EV_USE_CLOCK_SYSCALL # define EV_USE_CLOCK_SYSCALL 0 # endif #endif /* this block fixes any misconfiguration where we know we run into trouble otherwise */ #ifndef CLOCK_MONOTONIC # undef EV_USE_MONOTONIC # define EV_USE_MONOTONIC 0 #endif #ifndef CLOCK_REALTIME # undef EV_USE_REALTIME # define EV_USE_REALTIME 0 #endif #if !EV_STAT_ENABLE # undef EV_USE_INOTIFY # define EV_USE_INOTIFY 0 #endif #if __linux && EV_USE_IOURING # include # if LINUX_VERSION_CODE < KERNEL_VERSION(4,14,0) # undef EV_USE_IOURING # define EV_USE_IOURING 0 # endif #endif #if !EV_USE_NANOSLEEP /* hp-ux has it in sys/time.h, which we unconditionally include above */ # if !defined _WIN32 && !defined __hpux # include # endif #endif #if EV_USE_LINUXAIO # include # if SYS_io_getevents && EV_USE_EPOLL /* linuxaio backend requires epoll backend */ # define EV_NEED_SYSCALL 1 # else # undef EV_USE_LINUXAIO # define EV_USE_LINUXAIO 0 # endif #endif #if EV_USE_IOURING # include # if !SYS_io_uring_setup && __linux && !__alpha # define SYS_io_uring_setup 425 # define SYS_io_uring_enter 426 # define SYS_io_uring_wregister 427 # endif # if SYS_io_uring_setup && EV_USE_EPOLL /* iouring backend requires epoll backend */ # define EV_NEED_SYSCALL 1 # else # undef EV_USE_IOURING # define EV_USE_IOURING 0 # endif #endif #if EV_USE_INOTIFY # include # include /* some very old inotify.h headers don't have IN_DONT_FOLLOW */ # ifndef IN_DONT_FOLLOW # undef EV_USE_INOTIFY # define EV_USE_INOTIFY 0 # endif #endif #if EV_USE_EVENTFD /* our minimum requirement is glibc 2.7 which has the stub, but not the full header */ # include # ifndef EFD_NONBLOCK # define EFD_NONBLOCK O_NONBLOCK # endif # ifndef EFD_CLOEXEC # ifdef O_CLOEXEC # define EFD_CLOEXEC O_CLOEXEC # else # define EFD_CLOEXEC 02000000 # endif # endif EV_CPP(extern "C") int (eventfd) (unsigned int initval, int flags); #endif #if EV_USE_SIGNALFD /* our minimum requirement is glibc 2.7 which has the stub, but not the full header */ # include # ifndef SFD_NONBLOCK # define SFD_NONBLOCK O_NONBLOCK # endif # ifndef SFD_CLOEXEC # ifdef O_CLOEXEC # define SFD_CLOEXEC O_CLOEXEC # else # define SFD_CLOEXEC 02000000 # endif # endif EV_CPP (extern "C") int (signalfd) (int fd, const sigset_t *mask, int flags); struct signalfd_siginfo { uint32_t ssi_signo; char pad[128 - sizeof (uint32_t)]; }; #endif /* for timerfd, libev core requires TFD_TIMER_CANCEL_ON_SET &c */ #if EV_USE_TIMERFD # include /* timerfd is only used for periodics */ # if !(defined (TFD_TIMER_CANCEL_ON_SET) && defined (TFD_CLOEXEC) && defined (TFD_NONBLOCK)) || !EV_PERIODIC_ENABLE # undef EV_USE_TIMERFD # define EV_USE_TIMERFD 0 # endif #endif /*****************************************************************************/ #if EV_VERIFY >= 3 # define EV_FREQUENT_CHECK ev_verify (EV_A) #else # define EV_FREQUENT_CHECK do { } while (0) #endif /* * This is used to work around floating point rounding problems. * This value is good at least till the year 4000. */ #define MIN_INTERVAL 0.0001220703125 /* 1/2**13, good till 4000 */ /*#define MIN_INTERVAL 0.00000095367431640625 /* 1/2**20, good till 2200 */ #define MIN_TIMEJUMP 1. /* minimum timejump that gets detected (if monotonic clock available) */ #define MAX_BLOCKTIME 59.743 /* never wait longer than this time (to detect time jumps) */ /* find a portable timestamp that is "always" in the future but fits into time_t. * this is quite hard, and we are mostly guessing - we handle 32 bit signed/unsigned time_t, * and sizes larger than 32 bit, and maybe the unlikely floating point time_t */ #define EV_TSTAMP_HUGE \ (sizeof (time_t) >= 8 ? 10000000000000. \ : 0 < (time_t)4294967295 ? 4294967295. \ : 2147483647.) \ #ifndef EV_TS_CONST # define EV_TS_CONST(nv) nv # define EV_TS_TO_MSEC(a) a * 1e3 + 0.9999 # define EV_TS_FROM_USEC(us) us * 1e-6 # define EV_TV_SET(tv,t) do { tv.tv_sec = (long)t; tv.tv_usec = (long)((t - tv.tv_sec) * 1e6); } while (0) # define EV_TS_SET(ts,t) do { ts.tv_sec = (long)t; ts.tv_nsec = (long)((t - ts.tv_sec) * 1e9); } while (0) # define EV_TV_GET(tv) ((tv).tv_sec + (tv).tv_usec * 1e-6) # define EV_TS_GET(ts) ((ts).tv_sec + (ts).tv_nsec * 1e-9) #endif /* the following is ecb.h embedded into libev - use update_ev_c to update from an external copy */ /* ECB.H BEGIN */ /* * libecb - http://software.schmorp.de/pkg/libecb * * Copyright (©) 2009-2015 Marc Alexander Lehmann * Copyright (©) 2011 Emanuele Giaquinta * All rights reserved. * * Redistribution and use in source and binary forms, with or without modifica- * tion, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MER- * CHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPE- * CIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTH- * ERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * Alternatively, the contents of this file may be used under the terms of * the GNU General Public License ("GPL") version 2 or any later version, * in which case the provisions of the GPL are applicable instead of * the above. If you wish to allow the use of your version of this file * only under the terms of the GPL and not to allow others to use your * version of this file under the BSD license, indicate your decision * by deleting the provisions above and replace them with the notice * and other provisions required by the GPL. If you do not delete the * provisions above, a recipient may use your version of this file under * either the BSD or the GPL. */ #ifndef ECB_H #define ECB_H /* 16 bits major, 16 bits minor */ #define ECB_VERSION 0x00010006 #ifdef _WIN32 typedef signed char int8_t; typedef unsigned char uint8_t; typedef signed short int16_t; typedef unsigned short uint16_t; typedef signed int int32_t; typedef unsigned int uint32_t; #if __GNUC__ typedef signed long long int64_t; typedef unsigned long long uint64_t; #else /* _MSC_VER || __BORLANDC__ */ typedef signed __int64 int64_t; typedef unsigned __int64 uint64_t; #endif #ifdef _WIN64 #define ECB_PTRSIZE 8 typedef uint64_t uintptr_t; typedef int64_t intptr_t; #else #define ECB_PTRSIZE 4 typedef uint32_t uintptr_t; typedef int32_t intptr_t; #endif #else #include #if (defined INTPTR_MAX ? INTPTR_MAX : ULONG_MAX) > 0xffffffffU #define ECB_PTRSIZE 8 #else #define ECB_PTRSIZE 4 #endif #endif #define ECB_GCC_AMD64 (__amd64 || __amd64__ || __x86_64 || __x86_64__) #define ECB_MSVC_AMD64 (_M_AMD64 || _M_X64) /* work around x32 idiocy by defining proper macros */ #if ECB_GCC_AMD64 || ECB_MSVC_AMD64 #if _ILP32 #define ECB_AMD64_X32 1 #else #define ECB_AMD64 1 #endif #endif /* many compilers define _GNUC_ to some versions but then only implement * what their idiot authors think are the "more important" extensions, * causing enormous grief in return for some better fake benchmark numbers. * or so. * we try to detect these and simply assume they are not gcc - if they have * an issue with that they should have done it right in the first place. */ #if !defined __GNUC_MINOR__ || defined __INTEL_COMPILER || defined __SUNPRO_C || defined __SUNPRO_CC || defined __llvm__ || defined __clang__ #define ECB_GCC_VERSION(major,minor) 0 #else #define ECB_GCC_VERSION(major,minor) (__GNUC__ > (major) || (__GNUC__ == (major) && __GNUC_MINOR__ >= (minor))) #endif #define ECB_CLANG_VERSION(major,minor) (__clang_major__ > (major) || (__clang_major__ == (major) && __clang_minor__ >= (minor))) #if __clang__ && defined __has_builtin #define ECB_CLANG_BUILTIN(x) __has_builtin (x) #else #define ECB_CLANG_BUILTIN(x) 0 #endif #if __clang__ && defined __has_extension #define ECB_CLANG_EXTENSION(x) __has_extension (x) #else #define ECB_CLANG_EXTENSION(x) 0 #endif #define ECB_CPP (__cplusplus+0) #define ECB_CPP11 (__cplusplus >= 201103L) #define ECB_CPP14 (__cplusplus >= 201402L) #define ECB_CPP17 (__cplusplus >= 201703L) #if ECB_CPP #define ECB_C 0 #define ECB_STDC_VERSION 0 #else #define ECB_C 1 #define ECB_STDC_VERSION __STDC_VERSION__ #endif #define ECB_C99 (ECB_STDC_VERSION >= 199901L) #define ECB_C11 (ECB_STDC_VERSION >= 201112L) #define ECB_C17 (ECB_STDC_VERSION >= 201710L) #if ECB_CPP #define ECB_EXTERN_C extern "C" #define ECB_EXTERN_C_BEG ECB_EXTERN_C { #define ECB_EXTERN_C_END } #else #define ECB_EXTERN_C extern #define ECB_EXTERN_C_BEG #define ECB_EXTERN_C_END #endif /*****************************************************************************/ /* ECB_NO_THREADS - ecb is not used by multiple threads, ever */ /* ECB_NO_SMP - ecb might be used in multiple threads, but only on a single cpu */ #if ECB_NO_THREADS #define ECB_NO_SMP 1 #endif #if ECB_NO_SMP #define ECB_MEMORY_FENCE do { } while (0) #endif /* http://www-01.ibm.com/support/knowledgecenter/SSGH3R_13.1.0/com.ibm.xlcpp131.aix.doc/compiler_ref/compiler_builtins.html */ #if __xlC__ && ECB_CPP #include #endif #if 1400 <= _MSC_VER #include /* fence functions _ReadBarrier, also bit search functions _BitScanReverse */ #endif #ifndef ECB_MEMORY_FENCE #if ECB_GCC_VERSION(2,5) || defined __INTEL_COMPILER || (__llvm__ && __GNUC__) || __SUNPRO_C >= 0x5110 || __SUNPRO_CC >= 0x5110 #define ECB_MEMORY_FENCE_RELAXED __asm__ __volatile__ ("" : : : "memory") #if __i386 || __i386__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("lock; orb $0, -1(%%esp)" : : : "memory") #define ECB_MEMORY_FENCE_ACQUIRE __asm__ __volatile__ ("" : : : "memory") #define ECB_MEMORY_FENCE_RELEASE __asm__ __volatile__ ("" : : : "memory") #elif ECB_GCC_AMD64 #define ECB_MEMORY_FENCE __asm__ __volatile__ ("mfence" : : : "memory") #define ECB_MEMORY_FENCE_ACQUIRE __asm__ __volatile__ ("" : : : "memory") #define ECB_MEMORY_FENCE_RELEASE __asm__ __volatile__ ("" : : : "memory") #elif __powerpc__ || __ppc__ || __powerpc64__ || __ppc64__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("sync" : : : "memory") #elif defined __ARM_ARCH_2__ \ || defined __ARM_ARCH_3__ || defined __ARM_ARCH_3M__ \ || defined __ARM_ARCH_4__ || defined __ARM_ARCH_4T__ \ || defined __ARM_ARCH_5__ || defined __ARM_ARCH_5E__ \ || defined __ARM_ARCH_5T__ || defined __ARM_ARCH_5TE__ \ || defined __ARM_ARCH_5TEJ__ /* should not need any, unless running old code on newer cpu - arm doesn't support that */ #elif defined __ARM_ARCH_6__ || defined __ARM_ARCH_6J__ \ || defined __ARM_ARCH_6K__ || defined __ARM_ARCH_6ZK__ \ || defined __ARM_ARCH_6T2__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("mcr p15,0,%0,c7,c10,5" : : "r" (0) : "memory") #elif defined __ARM_ARCH_7__ || defined __ARM_ARCH_7A__ \ || defined __ARM_ARCH_7R__ || defined __ARM_ARCH_7M__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("dmb" : : : "memory") #elif __aarch64__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("dmb ish" : : : "memory") #elif (__sparc || __sparc__) && !(__sparc_v8__ || defined __sparcv8) #define ECB_MEMORY_FENCE __asm__ __volatile__ ("membar #LoadStore | #LoadLoad | #StoreStore | #StoreLoad" : : : "memory") #define ECB_MEMORY_FENCE_ACQUIRE __asm__ __volatile__ ("membar #LoadStore | #LoadLoad" : : : "memory") #define ECB_MEMORY_FENCE_RELEASE __asm__ __volatile__ ("membar #LoadStore | #StoreStore") #elif defined __s390__ || defined __s390x__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("bcr 15,0" : : : "memory") #elif defined __mips__ /* GNU/Linux emulates sync on mips1 architectures, so we force its use */ /* anybody else who still uses mips1 is supposed to send in their version, with detection code. */ #define ECB_MEMORY_FENCE __asm__ __volatile__ (".set mips2; sync; .set mips0" : : : "memory") #elif defined __alpha__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("mb" : : : "memory") #elif defined __hppa__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("" : : : "memory") #define ECB_MEMORY_FENCE_RELEASE __asm__ __volatile__ ("") #elif defined __ia64__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("mf" : : : "memory") #elif defined __m68k__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("" : : : "memory") #elif defined __m88k__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("tb1 0,%%r0,128" : : : "memory") #elif defined __sh__ #define ECB_MEMORY_FENCE __asm__ __volatile__ ("" : : : "memory") #endif #endif #endif #ifndef ECB_MEMORY_FENCE #if ECB_GCC_VERSION(4,7) /* see comment below (stdatomic.h) about the C11 memory model. */ #define ECB_MEMORY_FENCE __atomic_thread_fence (__ATOMIC_SEQ_CST) #define ECB_MEMORY_FENCE_ACQUIRE __atomic_thread_fence (__ATOMIC_ACQUIRE) #define ECB_MEMORY_FENCE_RELEASE __atomic_thread_fence (__ATOMIC_RELEASE) #define ECB_MEMORY_FENCE_RELAXED __atomic_thread_fence (__ATOMIC_RELAXED) #elif ECB_CLANG_EXTENSION(c_atomic) /* see comment below (stdatomic.h) about the C11 memory model. */ #define ECB_MEMORY_FENCE __c11_atomic_thread_fence (__ATOMIC_SEQ_CST) #define ECB_MEMORY_FENCE_ACQUIRE __c11_atomic_thread_fence (__ATOMIC_ACQUIRE) #define ECB_MEMORY_FENCE_RELEASE __c11_atomic_thread_fence (__ATOMIC_RELEASE) #define ECB_MEMORY_FENCE_RELAXED __c11_atomic_thread_fence (__ATOMIC_RELAXED) #elif ECB_GCC_VERSION(4,4) || defined __INTEL_COMPILER || defined __clang__ #define ECB_MEMORY_FENCE __sync_synchronize () #elif _MSC_VER >= 1500 /* VC++ 2008 */ /* apparently, microsoft broke all the memory barrier stuff in Visual Studio 2008... */ #pragma intrinsic(_ReadBarrier,_WriteBarrier,_ReadWriteBarrier) #define ECB_MEMORY_FENCE _ReadWriteBarrier (); MemoryBarrier() #define ECB_MEMORY_FENCE_ACQUIRE _ReadWriteBarrier (); MemoryBarrier() /* according to msdn, _ReadBarrier is not a load fence */ #define ECB_MEMORY_FENCE_RELEASE _WriteBarrier (); MemoryBarrier() #elif _MSC_VER >= 1400 /* VC++ 2005 */ #pragma intrinsic(_ReadBarrier,_WriteBarrier,_ReadWriteBarrier) #define ECB_MEMORY_FENCE _ReadWriteBarrier () #define ECB_MEMORY_FENCE_ACQUIRE _ReadWriteBarrier () /* according to msdn, _ReadBarrier is not a load fence */ #define ECB_MEMORY_FENCE_RELEASE _WriteBarrier () #elif defined _WIN32 #include #define ECB_MEMORY_FENCE MemoryBarrier () /* actually just xchg on x86... scary */ #elif __SUNPRO_C >= 0x5110 || __SUNPRO_CC >= 0x5110 #include #define ECB_MEMORY_FENCE __machine_rw_barrier () #define ECB_MEMORY_FENCE_ACQUIRE __machine_acq_barrier () #define ECB_MEMORY_FENCE_RELEASE __machine_rel_barrier () #define ECB_MEMORY_FENCE_RELAXED __compiler_barrier () #elif __xlC__ #define ECB_MEMORY_FENCE __sync () #endif #endif #ifndef ECB_MEMORY_FENCE #if ECB_C11 && !defined __STDC_NO_ATOMICS__ /* we assume that these memory fences work on all variables/all memory accesses, */ /* not just C11 atomics and atomic accesses */ #include #define ECB_MEMORY_FENCE atomic_thread_fence (memory_order_seq_cst) #define ECB_MEMORY_FENCE_ACQUIRE atomic_thread_fence (memory_order_acquire) #define ECB_MEMORY_FENCE_RELEASE atomic_thread_fence (memory_order_release) #endif #endif #ifndef ECB_MEMORY_FENCE #if !ECB_AVOID_PTHREADS /* * if you get undefined symbol references to pthread_mutex_lock, * or failure to find pthread.h, then you should implement * the ECB_MEMORY_FENCE operations for your cpu/compiler * OR provide pthread.h and link against the posix thread library * of your system. */ #include #define ECB_NEEDS_PTHREADS 1 #define ECB_MEMORY_FENCE_NEEDS_PTHREADS 1 static pthread_mutex_t ecb_mf_lock = PTHREAD_MUTEX_INITIALIZER; #define ECB_MEMORY_FENCE do { pthread_mutex_lock (&ecb_mf_lock); pthread_mutex_unlock (&ecb_mf_lock); } while (0) #endif #endif #if !defined ECB_MEMORY_FENCE_ACQUIRE && defined ECB_MEMORY_FENCE #define ECB_MEMORY_FENCE_ACQUIRE ECB_MEMORY_FENCE #endif #if !defined ECB_MEMORY_FENCE_RELEASE && defined ECB_MEMORY_FENCE #define ECB_MEMORY_FENCE_RELEASE ECB_MEMORY_FENCE #endif #if !defined ECB_MEMORY_FENCE_RELAXED && defined ECB_MEMORY_FENCE #define ECB_MEMORY_FENCE_RELAXED ECB_MEMORY_FENCE /* very heavy-handed */ #endif /*****************************************************************************/ #if ECB_CPP #define ecb_inline static inline #elif ECB_GCC_VERSION(2,5) #define ecb_inline static __inline__ #elif ECB_C99 #define ecb_inline static inline #else #define ecb_inline static #endif #if ECB_GCC_VERSION(3,3) #define ecb_restrict __restrict__ #elif ECB_C99 #define ecb_restrict restrict #else #define ecb_restrict #endif typedef int ecb_bool; #define ECB_CONCAT_(a, b) a ## b #define ECB_CONCAT(a, b) ECB_CONCAT_(a, b) #define ECB_STRINGIFY_(a) # a #define ECB_STRINGIFY(a) ECB_STRINGIFY_(a) #define ECB_STRINGIFY_EXPR(expr) ((expr), ECB_STRINGIFY_ (expr)) #define ecb_function_ ecb_inline #if ECB_GCC_VERSION(3,1) || ECB_CLANG_VERSION(2,8) #define ecb_attribute(attrlist) __attribute__ (attrlist) #else #define ecb_attribute(attrlist) #endif #if ECB_GCC_VERSION(3,1) || ECB_CLANG_BUILTIN(__builtin_constant_p) #define ecb_is_constant(expr) __builtin_constant_p (expr) #else /* possible C11 impl for integral types typedef struct ecb_is_constant_struct ecb_is_constant_struct; #define ecb_is_constant(expr) _Generic ((1 ? (struct ecb_is_constant_struct *)0 : (void *)((expr) - (expr)), ecb_is_constant_struct *: 0, default: 1)) */ #define ecb_is_constant(expr) 0 #endif #if ECB_GCC_VERSION(3,1) || ECB_CLANG_BUILTIN(__builtin_expect) #define ecb_expect(expr,value) __builtin_expect ((expr),(value)) #else #define ecb_expect(expr,value) (expr) #endif #if ECB_GCC_VERSION(3,1) || ECB_CLANG_BUILTIN(__builtin_prefetch) #define ecb_prefetch(addr,rw,locality) __builtin_prefetch (addr, rw, locality) #else #define ecb_prefetch(addr,rw,locality) #endif /* no emulation for ecb_decltype */ #if ECB_CPP11 // older implementations might have problems with decltype(x)::type, work around it template struct ecb_decltype_t { typedef T type; }; #define ecb_decltype(x) ecb_decltype_t::type #elif ECB_GCC_VERSION(3,0) || ECB_CLANG_VERSION(2,8) #define ecb_decltype(x) __typeof__ (x) #endif #if _MSC_VER >= 1300 #define ecb_deprecated __declspec (deprecated) #else #define ecb_deprecated ecb_attribute ((__deprecated__)) #endif #if _MSC_VER >= 1500 #define ecb_deprecated_message(msg) __declspec (deprecated (msg)) #elif ECB_GCC_VERSION(4,5) #define ecb_deprecated_message(msg) ecb_attribute ((__deprecated__ (msg)) #else #define ecb_deprecated_message(msg) ecb_deprecated #endif #if _MSC_VER >= 1400 #define ecb_noinline __declspec (noinline) #else #define ecb_noinline ecb_attribute ((__noinline__)) #endif #define ecb_unused ecb_attribute ((__unused__)) #define ecb_const ecb_attribute ((__const__)) #define ecb_pure ecb_attribute ((__pure__)) #if ECB_C11 || __IBMC_NORETURN /* http://www-01.ibm.com/support/knowledgecenter/SSGH3R_13.1.0/com.ibm.xlcpp131.aix.doc/language_ref/noreturn.html */ #define ecb_noreturn _Noreturn #elif ECB_CPP11 #define ecb_noreturn [[noreturn]] #elif _MSC_VER >= 1200 /* http://msdn.microsoft.com/en-us/library/k6ktzx3s.aspx */ #define ecb_noreturn __declspec (noreturn) #else #define ecb_noreturn ecb_attribute ((__noreturn__)) #endif #if ECB_GCC_VERSION(4,3) #define ecb_artificial ecb_attribute ((__artificial__)) #define ecb_hot ecb_attribute ((__hot__)) #define ecb_cold ecb_attribute ((__cold__)) #else #define ecb_artificial #define ecb_hot #define ecb_cold #endif /* put around conditional expressions if you are very sure that the */ /* expression is mostly true or mostly false. note that these return */ /* booleans, not the expression. */ #define ecb_expect_false(expr) ecb_expect (!!(expr), 0) #define ecb_expect_true(expr) ecb_expect (!!(expr), 1) /* for compatibility to the rest of the world */ #define ecb_likely(expr) ecb_expect_true (expr) #define ecb_unlikely(expr) ecb_expect_false (expr) /* count trailing zero bits and count # of one bits */ #if ECB_GCC_VERSION(3,4) \ || (ECB_CLANG_BUILTIN(__builtin_clz) && ECB_CLANG_BUILTIN(__builtin_clzll) \ && ECB_CLANG_BUILTIN(__builtin_ctz) && ECB_CLANG_BUILTIN(__builtin_ctzll) \ && ECB_CLANG_BUILTIN(__builtin_popcount)) /* we assume int == 32 bit, long == 32 or 64 bit and long long == 64 bit */ #define ecb_ld32(x) (__builtin_clz (x) ^ 31) #define ecb_ld64(x) (__builtin_clzll (x) ^ 63) #define ecb_ctz32(x) __builtin_ctz (x) #define ecb_ctz64(x) __builtin_ctzll (x) #define ecb_popcount32(x) __builtin_popcount (x) /* no popcountll */ #else ecb_function_ ecb_const int ecb_ctz32 (uint32_t x); ecb_function_ ecb_const int ecb_ctz32 (uint32_t x) { #if 1400 <= _MSC_VER && (_M_IX86 || _M_X64 || _M_IA64 || _M_ARM) unsigned long r; _BitScanForward (&r, x); return (int)r; #else int r = 0; x &= ~x + 1; /* this isolates the lowest bit */ #if ECB_branchless_on_i386 r += !!(x & 0xaaaaaaaa) << 0; r += !!(x & 0xcccccccc) << 1; r += !!(x & 0xf0f0f0f0) << 2; r += !!(x & 0xff00ff00) << 3; r += !!(x & 0xffff0000) << 4; #else if (x & 0xaaaaaaaa) r += 1; if (x & 0xcccccccc) r += 2; if (x & 0xf0f0f0f0) r += 4; if (x & 0xff00ff00) r += 8; if (x & 0xffff0000) r += 16; #endif return r; #endif } ecb_function_ ecb_const int ecb_ctz64 (uint64_t x); ecb_function_ ecb_const int ecb_ctz64 (uint64_t x) { #if 1400 <= _MSC_VER && (_M_X64 || _M_IA64 || _M_ARM) unsigned long r; _BitScanForward64 (&r, x); return (int)r; #else int shift = x & 0xffffffff ? 0 : 32; return ecb_ctz32 (x >> shift) + shift; #endif } ecb_function_ ecb_const int ecb_popcount32 (uint32_t x); ecb_function_ ecb_const int ecb_popcount32 (uint32_t x) { x -= (x >> 1) & 0x55555555; x = ((x >> 2) & 0x33333333) + (x & 0x33333333); x = ((x >> 4) + x) & 0x0f0f0f0f; x *= 0x01010101; return x >> 24; } ecb_function_ ecb_const int ecb_ld32 (uint32_t x); ecb_function_ ecb_const int ecb_ld32 (uint32_t x) { #if 1400 <= _MSC_VER && (_M_IX86 || _M_X64 || _M_IA64 || _M_ARM) unsigned long r; _BitScanReverse (&r, x); return (int)r; #else int r = 0; if (x >> 16) { x >>= 16; r += 16; } if (x >> 8) { x >>= 8; r += 8; } if (x >> 4) { x >>= 4; r += 4; } if (x >> 2) { x >>= 2; r += 2; } if (x >> 1) { r += 1; } return r; #endif } ecb_function_ ecb_const int ecb_ld64 (uint64_t x); ecb_function_ ecb_const int ecb_ld64 (uint64_t x) { #if 1400 <= _MSC_VER && (_M_X64 || _M_IA64 || _M_ARM) unsigned long r; _BitScanReverse64 (&r, x); return (int)r; #else int r = 0; if (x >> 32) { x >>= 32; r += 32; } return r + ecb_ld32 (x); #endif } #endif ecb_function_ ecb_const ecb_bool ecb_is_pot32 (uint32_t x); ecb_function_ ecb_const ecb_bool ecb_is_pot32 (uint32_t x) { return !(x & (x - 1)); } ecb_function_ ecb_const ecb_bool ecb_is_pot64 (uint64_t x); ecb_function_ ecb_const ecb_bool ecb_is_pot64 (uint64_t x) { return !(x & (x - 1)); } ecb_function_ ecb_const uint8_t ecb_bitrev8 (uint8_t x); ecb_function_ ecb_const uint8_t ecb_bitrev8 (uint8_t x) { return ( (x * 0x0802U & 0x22110U) | (x * 0x8020U & 0x88440U)) * 0x10101U >> 16; } ecb_function_ ecb_const uint16_t ecb_bitrev16 (uint16_t x); ecb_function_ ecb_const uint16_t ecb_bitrev16 (uint16_t x) { x = ((x >> 1) & 0x5555) | ((x & 0x5555) << 1); x = ((x >> 2) & 0x3333) | ((x & 0x3333) << 2); x = ((x >> 4) & 0x0f0f) | ((x & 0x0f0f) << 4); x = ( x >> 8 ) | ( x << 8); return x; } ecb_function_ ecb_const uint32_t ecb_bitrev32 (uint32_t x); ecb_function_ ecb_const uint32_t ecb_bitrev32 (uint32_t x) { x = ((x >> 1) & 0x55555555) | ((x & 0x55555555) << 1); x = ((x >> 2) & 0x33333333) | ((x & 0x33333333) << 2); x = ((x >> 4) & 0x0f0f0f0f) | ((x & 0x0f0f0f0f) << 4); x = ((x >> 8) & 0x00ff00ff) | ((x & 0x00ff00ff) << 8); x = ( x >> 16 ) | ( x << 16); return x; } /* popcount64 is only available on 64 bit cpus as gcc builtin */ /* so for this version we are lazy */ ecb_function_ ecb_const int ecb_popcount64 (uint64_t x); ecb_function_ ecb_const int ecb_popcount64 (uint64_t x) { return ecb_popcount32 (x) + ecb_popcount32 (x >> 32); } ecb_inline ecb_const uint8_t ecb_rotl8 (uint8_t x, unsigned int count); ecb_inline ecb_const uint8_t ecb_rotr8 (uint8_t x, unsigned int count); ecb_inline ecb_const uint16_t ecb_rotl16 (uint16_t x, unsigned int count); ecb_inline ecb_const uint16_t ecb_rotr16 (uint16_t x, unsigned int count); ecb_inline ecb_const uint32_t ecb_rotl32 (uint32_t x, unsigned int count); ecb_inline ecb_const uint32_t ecb_rotr32 (uint32_t x, unsigned int count); ecb_inline ecb_const uint64_t ecb_rotl64 (uint64_t x, unsigned int count); ecb_inline ecb_const uint64_t ecb_rotr64 (uint64_t x, unsigned int count); ecb_inline ecb_const uint8_t ecb_rotl8 (uint8_t x, unsigned int count) { return (x >> ( 8 - count)) | (x << count); } ecb_inline ecb_const uint8_t ecb_rotr8 (uint8_t x, unsigned int count) { return (x << ( 8 - count)) | (x >> count); } ecb_inline ecb_const uint16_t ecb_rotl16 (uint16_t x, unsigned int count) { return (x >> (16 - count)) | (x << count); } ecb_inline ecb_const uint16_t ecb_rotr16 (uint16_t x, unsigned int count) { return (x << (16 - count)) | (x >> count); } ecb_inline ecb_const uint32_t ecb_rotl32 (uint32_t x, unsigned int count) { return (x >> (32 - count)) | (x << count); } ecb_inline ecb_const uint32_t ecb_rotr32 (uint32_t x, unsigned int count) { return (x << (32 - count)) | (x >> count); } ecb_inline ecb_const uint64_t ecb_rotl64 (uint64_t x, unsigned int count) { return (x >> (64 - count)) | (x << count); } ecb_inline ecb_const uint64_t ecb_rotr64 (uint64_t x, unsigned int count) { return (x << (64 - count)) | (x >> count); } #if ECB_GCC_VERSION(4,3) || (ECB_CLANG_BUILTIN(__builtin_bswap32) && ECB_CLANG_BUILTIN(__builtin_bswap64)) #if ECB_GCC_VERSION(4,8) || ECB_CLANG_BUILTIN(__builtin_bswap16) #define ecb_bswap16(x) __builtin_bswap16 (x) #else #define ecb_bswap16(x) (__builtin_bswap32 (x) >> 16) #endif #define ecb_bswap32(x) __builtin_bswap32 (x) #define ecb_bswap64(x) __builtin_bswap64 (x) #elif _MSC_VER #include #define ecb_bswap16(x) ((uint16_t)_byteswap_ushort ((uint16_t)(x))) #define ecb_bswap32(x) ((uint32_t)_byteswap_ulong ((uint32_t)(x))) #define ecb_bswap64(x) ((uint64_t)_byteswap_uint64 ((uint64_t)(x))) #else ecb_function_ ecb_const uint16_t ecb_bswap16 (uint16_t x); ecb_function_ ecb_const uint16_t ecb_bswap16 (uint16_t x) { return ecb_rotl16 (x, 8); } ecb_function_ ecb_const uint32_t ecb_bswap32 (uint32_t x); ecb_function_ ecb_const uint32_t ecb_bswap32 (uint32_t x) { return (((uint32_t)ecb_bswap16 (x)) << 16) | ecb_bswap16 (x >> 16); } ecb_function_ ecb_const uint64_t ecb_bswap64 (uint64_t x); ecb_function_ ecb_const uint64_t ecb_bswap64 (uint64_t x) { return (((uint64_t)ecb_bswap32 (x)) << 32) | ecb_bswap32 (x >> 32); } #endif #if ECB_GCC_VERSION(4,5) || ECB_CLANG_BUILTIN(__builtin_unreachable) #define ecb_unreachable() __builtin_unreachable () #else /* this seems to work fine, but gcc always emits a warning for it :/ */ ecb_inline ecb_noreturn void ecb_unreachable (void); ecb_inline ecb_noreturn void ecb_unreachable (void) { } #endif /* try to tell the compiler that some condition is definitely true */ #define ecb_assume(cond) if (!(cond)) ecb_unreachable (); else 0 ecb_inline ecb_const uint32_t ecb_byteorder_helper (void); ecb_inline ecb_const uint32_t ecb_byteorder_helper (void) { /* the union code still generates code under pressure in gcc, */ /* but less than using pointers, and always seems to */ /* successfully return a constant. */ /* the reason why we have this horrible preprocessor mess */ /* is to avoid it in all cases, at least on common architectures */ /* or when using a recent enough gcc version (>= 4.6) */ #if (defined __BYTE_ORDER__ && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) \ || ((__i386 || __i386__ || _M_IX86 || ECB_GCC_AMD64 || ECB_MSVC_AMD64) && !__VOS__) #define ECB_LITTLE_ENDIAN 1 return 0x44332211; #elif (defined __BYTE_ORDER__ && __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) \ || ((__AARCH64EB__ || __MIPSEB__ || __ARMEB__) && !__VOS__) #define ECB_BIG_ENDIAN 1 return 0x11223344; #else union { uint8_t c[4]; uint32_t u; } u = { 0x11, 0x22, 0x33, 0x44 }; return u.u; #endif } ecb_inline ecb_const ecb_bool ecb_big_endian (void); ecb_inline ecb_const ecb_bool ecb_big_endian (void) { return ecb_byteorder_helper () == 0x11223344; } ecb_inline ecb_const ecb_bool ecb_little_endian (void); ecb_inline ecb_const ecb_bool ecb_little_endian (void) { return ecb_byteorder_helper () == 0x44332211; } #if ECB_GCC_VERSION(3,0) || ECB_C99 #define ecb_mod(m,n) ((m) % (n) + ((m) % (n) < 0 ? (n) : 0)) #else #define ecb_mod(m,n) ((m) < 0 ? ((n) - 1 - ((-1 - (m)) % (n))) : ((m) % (n))) #endif #if ECB_CPP template static inline T ecb_div_rd (T val, T div) { return val < 0 ? - ((-val + div - 1) / div) : (val ) / div; } template static inline T ecb_div_ru (T val, T div) { return val < 0 ? - ((-val ) / div) : (val + div - 1) / div; } #else #define ecb_div_rd(val,div) ((val) < 0 ? - ((-(val) + (div) - 1) / (div)) : ((val) ) / (div)) #define ecb_div_ru(val,div) ((val) < 0 ? - ((-(val) ) / (div)) : ((val) + (div) - 1) / (div)) #endif #if ecb_cplusplus_does_not_suck /* does not work for local types (http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2008/n2657.htm) */ template static inline int ecb_array_length (const T (&arr)[N]) { return N; } #else #define ecb_array_length(name) (sizeof (name) / sizeof (name [0])) #endif ecb_function_ ecb_const uint32_t ecb_binary16_to_binary32 (uint32_t x); ecb_function_ ecb_const uint32_t ecb_binary16_to_binary32 (uint32_t x) { unsigned int s = (x & 0x8000) << (31 - 15); int e = (x >> 10) & 0x001f; unsigned int m = x & 0x03ff; if (ecb_expect_false (e == 31)) /* infinity or NaN */ e = 255 - (127 - 15); else if (ecb_expect_false (!e)) { if (ecb_expect_true (!m)) /* zero, handled by code below by forcing e to 0 */ e = 0 - (127 - 15); else { /* subnormal, renormalise */ unsigned int s = 10 - ecb_ld32 (m); m = (m << s) & 0x3ff; /* mask implicit bit */ e -= s - 1; } } /* e and m now are normalised, or zero, (or inf or nan) */ e += 127 - 15; return s | (e << 23) | (m << (23 - 10)); } ecb_function_ ecb_const uint16_t ecb_binary32_to_binary16 (uint32_t x); ecb_function_ ecb_const uint16_t ecb_binary32_to_binary16 (uint32_t x) { unsigned int s = (x >> 16) & 0x00008000; /* sign bit, the easy part */ unsigned int e = ((x >> 23) & 0x000000ff) - (127 - 15); /* the desired exponent */ unsigned int m = x & 0x007fffff; x &= 0x7fffffff; /* if it's within range of binary16 normals, use fast path */ if (ecb_expect_true (0x38800000 <= x && x <= 0x477fefff)) { /* mantissa round-to-even */ m += 0x00000fff + ((m >> (23 - 10)) & 1); /* handle overflow */ if (ecb_expect_false (m >= 0x00800000)) { m >>= 1; e += 1; } return s | (e << 10) | (m >> (23 - 10)); } /* handle large numbers and infinity */ if (ecb_expect_true (0x477fefff < x && x <= 0x7f800000)) return s | 0x7c00; /* handle zero, subnormals and small numbers */ if (ecb_expect_true (x < 0x38800000)) { /* zero */ if (ecb_expect_true (!x)) return s; /* handle subnormals */ /* too small, will be zero */ if (e < (14 - 24)) /* might not be sharp, but is good enough */ return s; m |= 0x00800000; /* make implicit bit explicit */ /* very tricky - we need to round to the nearest e (+10) bit value */ { unsigned int bits = 14 - e; unsigned int half = (1 << (bits - 1)) - 1; unsigned int even = (m >> bits) & 1; /* if this overflows, we will end up with a normalised number */ m = (m + half + even) >> bits; } return s | m; } /* handle NaNs, preserve leftmost nan bits, but make sure we don't turn them into infinities */ m >>= 13; return s | 0x7c00 | m | !m; } /*******************************************************************************/ /* floating point stuff, can be disabled by defining ECB_NO_LIBM */ /* basically, everything uses "ieee pure-endian" floating point numbers */ /* the only noteworthy exception is ancient armle, which uses order 43218765 */ #if 0 \ || __i386 || __i386__ \ || ECB_GCC_AMD64 \ || __powerpc__ || __ppc__ || __powerpc64__ || __ppc64__ \ || defined __s390__ || defined __s390x__ \ || defined __mips__ \ || defined __alpha__ \ || defined __hppa__ \ || defined __ia64__ \ || defined __m68k__ \ || defined __m88k__ \ || defined __sh__ \ || defined _M_IX86 || defined ECB_MSVC_AMD64 || defined _M_IA64 \ || (defined __arm__ && (defined __ARM_EABI__ || defined __EABI__ || defined __VFP_FP__ || defined _WIN32_WCE || defined __ANDROID__)) \ || defined __aarch64__ #define ECB_STDFP 1 #include /* for memcpy */ #else #define ECB_STDFP 0 #endif #ifndef ECB_NO_LIBM #include /* for frexp*, ldexp*, INFINITY, NAN */ /* only the oldest of old doesn't have this one. solaris. */ #ifdef INFINITY #define ECB_INFINITY INFINITY #else #define ECB_INFINITY HUGE_VAL #endif #ifdef NAN #define ECB_NAN NAN #else #define ECB_NAN ECB_INFINITY #endif #if ECB_C99 || _XOPEN_VERSION >= 600 || _POSIX_VERSION >= 200112L #define ecb_ldexpf(x,e) ldexpf ((x), (e)) #define ecb_frexpf(x,e) frexpf ((x), (e)) #else #define ecb_ldexpf(x,e) (float) ldexp ((double) (x), (e)) #define ecb_frexpf(x,e) (float) frexp ((double) (x), (e)) #endif /* convert a float to ieee single/binary32 */ ecb_function_ ecb_const uint32_t ecb_float_to_binary32 (float x); ecb_function_ ecb_const uint32_t ecb_float_to_binary32 (float x) { uint32_t r; #if ECB_STDFP memcpy (&r, &x, 4); #else /* slow emulation, works for anything but -0 */ uint32_t m; int e; if (x == 0e0f ) return 0x00000000U; if (x > +3.40282346638528860e+38f) return 0x7f800000U; if (x < -3.40282346638528860e+38f) return 0xff800000U; if (x != x ) return 0x7fbfffffU; m = ecb_frexpf (x, &e) * 0x1000000U; r = m & 0x80000000U; if (r) m = -m; if (e <= -126) { m &= 0xffffffU; m >>= (-125 - e); e = -126; } r |= (e + 126) << 23; r |= m & 0x7fffffU; #endif return r; } /* converts an ieee single/binary32 to a float */ ecb_function_ ecb_const float ecb_binary32_to_float (uint32_t x); ecb_function_ ecb_const float ecb_binary32_to_float (uint32_t x) { float r; #if ECB_STDFP memcpy (&r, &x, 4); #else /* emulation, only works for normals and subnormals and +0 */ int neg = x >> 31; int e = (x >> 23) & 0xffU; x &= 0x7fffffU; if (e) x |= 0x800000U; else e = 1; /* we distrust ldexpf a bit and do the 2**-24 scaling by an extra multiply */ r = ecb_ldexpf (x * (0.5f / 0x800000U), e - 126); r = neg ? -r : r; #endif return r; } /* convert a double to ieee double/binary64 */ ecb_function_ ecb_const uint64_t ecb_double_to_binary64 (double x); ecb_function_ ecb_const uint64_t ecb_double_to_binary64 (double x) { uint64_t r; #if ECB_STDFP memcpy (&r, &x, 8); #else /* slow emulation, works for anything but -0 */ uint64_t m; int e; if (x == 0e0 ) return 0x0000000000000000U; if (x > +1.79769313486231470e+308) return 0x7ff0000000000000U; if (x < -1.79769313486231470e+308) return 0xfff0000000000000U; if (x != x ) return 0X7ff7ffffffffffffU; m = frexp (x, &e) * 0x20000000000000U; r = m & 0x8000000000000000;; if (r) m = -m; if (e <= -1022) { m &= 0x1fffffffffffffU; m >>= (-1021 - e); e = -1022; } r |= ((uint64_t)(e + 1022)) << 52; r |= m & 0xfffffffffffffU; #endif return r; } /* converts an ieee double/binary64 to a double */ ecb_function_ ecb_const double ecb_binary64_to_double (uint64_t x); ecb_function_ ecb_const double ecb_binary64_to_double (uint64_t x) { double r; #if ECB_STDFP memcpy (&r, &x, 8); #else /* emulation, only works for normals and subnormals and +0 */ int neg = x >> 63; int e = (x >> 52) & 0x7ffU; x &= 0xfffffffffffffU; if (e) x |= 0x10000000000000U; else e = 1; /* we distrust ldexp a bit and do the 2**-53 scaling by an extra multiply */ r = ldexp (x * (0.5 / 0x10000000000000U), e - 1022); r = neg ? -r : r; #endif return r; } /* convert a float to ieee half/binary16 */ ecb_function_ ecb_const uint16_t ecb_float_to_binary16 (float x); ecb_function_ ecb_const uint16_t ecb_float_to_binary16 (float x) { return ecb_binary32_to_binary16 (ecb_float_to_binary32 (x)); } /* convert an ieee half/binary16 to float */ ecb_function_ ecb_const float ecb_binary16_to_float (uint16_t x); ecb_function_ ecb_const float ecb_binary16_to_float (uint16_t x) { return ecb_binary32_to_float (ecb_binary16_to_binary32 (x)); } #endif #endif /* ECB.H END */ #if ECB_MEMORY_FENCE_NEEDS_PTHREADS /* if your architecture doesn't need memory fences, e.g. because it is * single-cpu/core, or if you use libev in a project that doesn't use libev * from multiple threads, then you can define ECB_NO_THREADS when compiling * libev, in which cases the memory fences become nops. * alternatively, you can remove this #error and link against libpthread, * which will then provide the memory fences. */ # error "memory fences not defined for your architecture, please report" #endif #ifndef ECB_MEMORY_FENCE # define ECB_MEMORY_FENCE do { } while (0) # define ECB_MEMORY_FENCE_ACQUIRE ECB_MEMORY_FENCE # define ECB_MEMORY_FENCE_RELEASE ECB_MEMORY_FENCE #endif #define inline_size ecb_inline #if EV_FEATURE_CODE # define inline_speed ecb_inline #else # define inline_speed ecb_noinline static #endif /*****************************************************************************/ /* raw syscall wrappers */ #if EV_NEED_SYSCALL #include /* * define some syscall wrappers for common architectures * this is mostly for nice looks during debugging, not performance. * our syscalls return < 0, not == -1, on error. which is good * enough for linux aio. * TODO: arm is also common nowadays, maybe even mips and x86 * TODO: after implementing this, it suddenly looks like overkill, but its hard to remove... */ #if __GNUC__ && __linux && ECB_AMD64 && !defined __OPTIMIZE_SIZE__ /* the costly errno access probably kills this for size optimisation */ #define ev_syscall(nr,narg,arg1,arg2,arg3,arg4,arg5,arg6) \ ({ \ long res; \ register unsigned long r6 __asm__ ("r9" ); \ register unsigned long r5 __asm__ ("r8" ); \ register unsigned long r4 __asm__ ("r10"); \ register unsigned long r3 __asm__ ("rdx"); \ register unsigned long r2 __asm__ ("rsi"); \ register unsigned long r1 __asm__ ("rdi"); \ if (narg >= 6) r6 = (unsigned long)(arg6); \ if (narg >= 5) r5 = (unsigned long)(arg5); \ if (narg >= 4) r4 = (unsigned long)(arg4); \ if (narg >= 3) r3 = (unsigned long)(arg3); \ if (narg >= 2) r2 = (unsigned long)(arg2); \ if (narg >= 1) r1 = (unsigned long)(arg1); \ __asm__ __volatile__ ( \ "syscall\n\t" \ : "=a" (res) \ : "0" (nr), "r" (r1), "r" (r2), "r" (r3), "r" (r4), "r" (r5) \ : "cc", "r11", "cx", "memory"); \ errno = -res; \ res; \ }) #endif #ifdef ev_syscall #define ev_syscall0(nr) ev_syscall (nr, 0, 0, 0, 0, 0, 0, 0) #define ev_syscall1(nr,arg1) ev_syscall (nr, 1, arg1, 0, 0, 0, 0, 0) #define ev_syscall2(nr,arg1,arg2) ev_syscall (nr, 2, arg1, arg2, 0, 0, 0, 0) #define ev_syscall3(nr,arg1,arg2,arg3) ev_syscall (nr, 3, arg1, arg2, arg3, 0, 0, 0) #define ev_syscall4(nr,arg1,arg2,arg3,arg4) ev_syscall (nr, 3, arg1, arg2, arg3, arg4, 0, 0) #define ev_syscall5(nr,arg1,arg2,arg3,arg4,arg5) ev_syscall (nr, 5, arg1, arg2, arg3, arg4, arg5, 0) #define ev_syscall6(nr,arg1,arg2,arg3,arg4,arg5,arg6) ev_syscall (nr, 6, arg1, arg2, arg3, arg4, arg5,arg6) #else #define ev_syscall0(nr) syscall (nr) #define ev_syscall1(nr,arg1) syscall (nr, arg1) #define ev_syscall2(nr,arg1,arg2) syscall (nr, arg1, arg2) #define ev_syscall3(nr,arg1,arg2,arg3) syscall (nr, arg1, arg2, arg3) #define ev_syscall4(nr,arg1,arg2,arg3,arg4) syscall (nr, arg1, arg2, arg3, arg4) #define ev_syscall5(nr,arg1,arg2,arg3,arg4,arg5) syscall (nr, arg1, arg2, arg3, arg4, arg5) #define ev_syscall6(nr,arg1,arg2,arg3,arg4,arg5,arg6) syscall (nr, arg1, arg2, arg3, arg4, arg5,arg6) #endif #endif /*****************************************************************************/ #define NUMPRI (EV_MAXPRI - EV_MINPRI + 1) #if EV_MINPRI == EV_MAXPRI # define ABSPRI(w) (((W)w), 0) #else # define ABSPRI(w) (((W)w)->priority - EV_MINPRI) #endif #define EMPTY /* required for microsofts broken pseudo-c compiler */ typedef ev_watcher *W; typedef ev_watcher_list *WL; typedef ev_watcher_time *WT; #define ev_active(w) ((W)(w))->active #define ev_at(w) ((WT)(w))->at #if EV_USE_REALTIME /* sig_atomic_t is used to avoid per-thread variables or locking but still */ /* giving it a reasonably high chance of working on typical architectures */ static EV_ATOMIC_T have_realtime; /* did clock_gettime (CLOCK_REALTIME) work? */ #endif #if EV_USE_MONOTONIC static EV_ATOMIC_T have_monotonic; /* did clock_gettime (CLOCK_MONOTONIC) work? */ #endif #ifndef EV_FD_TO_WIN32_HANDLE # define EV_FD_TO_WIN32_HANDLE(fd) _get_osfhandle (fd) #endif #ifndef EV_WIN32_HANDLE_TO_FD # define EV_WIN32_HANDLE_TO_FD(handle) _open_osfhandle (handle, 0) #endif #ifndef EV_WIN32_CLOSE_FD # define EV_WIN32_CLOSE_FD(fd) close (fd) #endif #ifdef _WIN32 # include "ev_win32.c" #endif /*****************************************************************************/ #if EV_USE_LINUXAIO # include /* probably only needed for aio_context_t */ #endif /* define a suitable floor function (only used by periodics atm) */ #if EV_USE_FLOOR # include # define ev_floor(v) floor (v) #else #include /* a floor() replacement function, should be independent of ev_tstamp type */ ecb_noinline static ev_tstamp ev_floor (ev_tstamp v) { /* the choice of shift factor is not terribly important */ #if FLT_RADIX != 2 /* assume FLT_RADIX == 10 */ const ev_tstamp shift = sizeof (unsigned long) >= 8 ? 10000000000000000000. : 1000000000.; #else const ev_tstamp shift = sizeof (unsigned long) >= 8 ? 18446744073709551616. : 4294967296.; #endif /* special treatment for negative arguments */ if (ecb_expect_false (v < 0.)) { ev_tstamp f = -ev_floor (-v); return f - (f == v ? 0 : 1); } /* argument too large for an unsigned long? then reduce it */ if (ecb_expect_false (v >= shift)) { ev_tstamp f; if (v == v - 1.) return v; /* very large numbers are assumed to be integer */ f = shift * ev_floor (v * (1. / shift)); return f + ev_floor (v - f); } /* fits into an unsigned long */ return (unsigned long)v; } #endif /*****************************************************************************/ #ifdef __linux # include #endif ecb_noinline ecb_cold static unsigned int ev_linux_version (void) { #ifdef __linux unsigned int v = 0; struct utsname buf; int i; char *p = buf.release; if (uname (&buf)) return 0; for (i = 3+1; --i; ) { unsigned int c = 0; for (;;) { if (*p >= '0' && *p <= '9') c = c * 10 + *p++ - '0'; else { p += *p == '.'; break; } } v = (v << 8) | c; } return v; #else return 0; #endif } /*****************************************************************************/ #if EV_AVOID_STDIO ecb_noinline ecb_cold static void ev_printerr (const char *msg) { write (STDERR_FILENO, msg, strlen (msg)); } #endif static void (*syserr_cb)(const char *msg) EV_NOEXCEPT; ecb_cold void ev_set_syserr_cb (void (*cb)(const char *msg) EV_NOEXCEPT) EV_NOEXCEPT { syserr_cb = cb; } ecb_noinline ecb_cold static void ev_syserr (const char *msg) { if (!msg) msg = "(libev) system error"; if (syserr_cb) syserr_cb (msg); else { #if EV_AVOID_STDIO ev_printerr (msg); ev_printerr (": "); ev_printerr (strerror (errno)); ev_printerr ("\n"); #else perror (msg); #endif abort (); } } static void * ev_realloc_emul (void *ptr, long size) EV_NOEXCEPT { /* some systems, notably openbsd and darwin, fail to properly * implement realloc (x, 0) (as required by both ansi c-89 and * the single unix specification, so work around them here. * recently, also (at least) fedora and debian started breaking it, * despite documenting it otherwise. */ if (size) return realloc (ptr, size); free (ptr); return 0; } static void *(*alloc)(void *ptr, long size) EV_NOEXCEPT = ev_realloc_emul; ecb_cold void ev_set_allocator (void *(*cb)(void *ptr, long size) EV_NOEXCEPT) EV_NOEXCEPT { alloc = cb; } inline_speed void * ev_realloc (void *ptr, long size) { ptr = alloc (ptr, size); if (!ptr && size) { #if EV_AVOID_STDIO ev_printerr ("(libev) memory allocation failed, aborting.\n"); #else fprintf (stderr, "(libev) cannot allocate %ld bytes, aborting.", size); #endif abort (); } return ptr; } #define ev_malloc(size) ev_realloc (0, (size)) #define ev_free(ptr) ev_realloc ((ptr), 0) /*****************************************************************************/ /* set in reify when reification needed */ #define EV_ANFD_REIFY 1 /* file descriptor info structure */ typedef struct { WL head; unsigned char events; /* the events watched for */ unsigned char reify; /* flag set when this ANFD needs reification (EV_ANFD_REIFY, EV__IOFDSET) */ unsigned char emask; /* some backends store the actual kernel mask in here */ unsigned char eflags; /* flags field for use by backends */ #if EV_USE_EPOLL unsigned int egen; /* generation counter to counter epoll bugs */ #endif #if EV_SELECT_IS_WINSOCKET || EV_USE_IOCP SOCKET handle; #endif #if EV_USE_IOCP OVERLAPPED or, ow; #endif } ANFD; /* stores the pending event set for a given watcher */ typedef struct { W w; int events; /* the pending event set for the given watcher */ } ANPENDING; #if EV_USE_INOTIFY /* hash table entry per inotify-id */ typedef struct { WL head; } ANFS; #endif /* Heap Entry */ #if EV_HEAP_CACHE_AT /* a heap element */ typedef struct { ev_tstamp at; WT w; } ANHE; #define ANHE_w(he) (he).w /* access watcher, read-write */ #define ANHE_at(he) (he).at /* access cached at, read-only */ #define ANHE_at_cache(he) (he).at = (he).w->at /* update at from watcher */ #else /* a heap element */ typedef WT ANHE; #define ANHE_w(he) (he) #define ANHE_at(he) (he)->at #define ANHE_at_cache(he) #endif #if EV_MULTIPLICITY struct ev_loop { ev_tstamp ev_rt_now; #define ev_rt_now ((loop)->ev_rt_now) #define VAR(name,decl) decl; #include "ev_vars.h" #undef VAR }; #include "ev_wrap.h" static struct ev_loop default_loop_struct; #ifdef EV_API_STATIC static #endif struct ev_loop *ev_default_loop_ptr = 0; #else #ifdef EV_API_STATIC static #endif ev_tstamp ev_rt_now = EV_TS_CONST (0.); #define VAR(name,decl) static decl; #include "ev_vars.h" #undef VAR static int ev_default_loop_ptr; #endif #if EV_FEATURE_API # define EV_RELEASE_CB if (ecb_expect_false (release_cb)) release_cb (EV_A) # define EV_ACQUIRE_CB if (ecb_expect_false (acquire_cb)) acquire_cb (EV_A) # define EV_INVOKE_PENDING invoke_cb (EV_A) #else # define EV_RELEASE_CB (void)0 # define EV_ACQUIRE_CB (void)0 # define EV_INVOKE_PENDING ev_invoke_pending (EV_A) #endif #define EVBREAK_RECURSE 0x80 /*****************************************************************************/ #ifndef EV_HAVE_EV_TIME ev_tstamp ev_time (void) EV_NOEXCEPT { #if EV_USE_REALTIME if (ecb_expect_true (have_realtime)) { struct timespec ts; clock_gettime (CLOCK_REALTIME, &ts); return EV_TS_GET (ts); } #endif { struct timeval tv; gettimeofday (&tv, 0); return EV_TV_GET (tv); } } #endif inline_size ev_tstamp get_clock (void) { #if EV_USE_MONOTONIC if (ecb_expect_true (have_monotonic)) { struct timespec ts; clock_gettime (CLOCK_MONOTONIC, &ts); return EV_TS_GET (ts); } #endif return ev_time (); } #if EV_MULTIPLICITY ev_tstamp ev_now (EV_P) EV_NOEXCEPT { return ev_rt_now; } #endif void ev_sleep (ev_tstamp delay) EV_NOEXCEPT { if (delay > EV_TS_CONST (0.)) { #if EV_USE_NANOSLEEP struct timespec ts; EV_TS_SET (ts, delay); nanosleep (&ts, 0); #elif defined _WIN32 /* maybe this should round up, as ms is very low resolution */ /* compared to select (µs) or nanosleep (ns) */ Sleep ((unsigned long)(EV_TS_TO_MSEC (delay))); #else struct timeval tv; /* here we rely on sys/time.h + sys/types.h + unistd.h providing select */ /* something not guaranteed by newer posix versions, but guaranteed */ /* by older ones */ EV_TV_SET (tv, delay); select (0, 0, 0, 0, &tv); #endif } } /*****************************************************************************/ #define MALLOC_ROUND 4096 /* prefer to allocate in chunks of this size, must be 2**n and >> 4 longs */ /* find a suitable new size for the given array, */ /* hopefully by rounding to a nice-to-malloc size */ inline_size int array_nextsize (int elem, int cur, int cnt) { int ncur = cur + 1; do ncur <<= 1; while (cnt > ncur); /* if size is large, round to MALLOC_ROUND - 4 * longs to accommodate malloc overhead */ if (elem * ncur > MALLOC_ROUND - sizeof (void *) * 4) { ncur *= elem; ncur = (ncur + elem + (MALLOC_ROUND - 1) + sizeof (void *) * 4) & ~(MALLOC_ROUND - 1); ncur = ncur - sizeof (void *) * 4; ncur /= elem; } return ncur; } ecb_noinline ecb_cold static void * array_realloc (int elem, void *base, int *cur, int cnt) { *cur = array_nextsize (elem, *cur, cnt); return ev_realloc (base, elem * *cur); } #define array_needsize_noinit(base,offset,count) #define array_needsize_zerofill(base,offset,count) \ memset ((void *)(base + offset), 0, sizeof (*(base)) * (count)) #define array_needsize(type,base,cur,cnt,init) \ if (ecb_expect_false ((cnt) > (cur))) \ { \ ecb_unused int ocur_ = (cur); \ (base) = (type *)array_realloc \ (sizeof (type), (base), &(cur), (cnt)); \ init ((base), ocur_, ((cur) - ocur_)); \ } #if 0 #define array_slim(type,stem) \ if (stem ## max < array_roundsize (stem ## cnt >> 2)) \ { \ stem ## max = array_roundsize (stem ## cnt >> 1); \ base = (type *)ev_realloc (base, sizeof (type) * (stem ## max));\ fprintf (stderr, "slimmed down " # stem " to %d\n", stem ## max);/*D*/\ } #endif #define array_free(stem, idx) \ ev_free (stem ## s idx); stem ## cnt idx = stem ## max idx = 0; stem ## s idx = 0 /*****************************************************************************/ /* dummy callback for pending events */ ecb_noinline static void pendingcb (EV_P_ ev_prepare *w, int revents) { } ecb_noinline void ev_feed_event (EV_P_ void *w, int revents) EV_NOEXCEPT { W w_ = (W)w; int pri = ABSPRI (w_); if (ecb_expect_false (w_->pending)) pendings [pri][w_->pending - 1].events |= revents; else { w_->pending = ++pendingcnt [pri]; array_needsize (ANPENDING, pendings [pri], pendingmax [pri], w_->pending, array_needsize_noinit); pendings [pri][w_->pending - 1].w = w_; pendings [pri][w_->pending - 1].events = revents; } pendingpri = NUMPRI - 1; } inline_speed void feed_reverse (EV_P_ W w) { array_needsize (W, rfeeds, rfeedmax, rfeedcnt + 1, array_needsize_noinit); rfeeds [rfeedcnt++] = w; } inline_size void feed_reverse_done (EV_P_ int revents) { do ev_feed_event (EV_A_ rfeeds [--rfeedcnt], revents); while (rfeedcnt); } inline_speed void queue_events (EV_P_ W *events, int eventcnt, int type) { int i; for (i = 0; i < eventcnt; ++i) ev_feed_event (EV_A_ events [i], type); } /*****************************************************************************/ inline_speed void fd_event_nocheck (EV_P_ int fd, int revents) { ANFD *anfd = anfds + fd; ev_io *w; for (w = (ev_io *)anfd->head; w; w = (ev_io *)((WL)w)->next) { int ev = w->events & revents; if (ev) ev_feed_event (EV_A_ (W)w, ev); } } /* do not submit kernel events for fds that have reify set */ /* because that means they changed while we were polling for new events */ inline_speed void fd_event (EV_P_ int fd, int revents) { ANFD *anfd = anfds + fd; if (ecb_expect_true (!anfd->reify)) fd_event_nocheck (EV_A_ fd, revents); } void ev_feed_fd_event (EV_P_ int fd, int revents) EV_NOEXCEPT { if (fd >= 0 && fd < anfdmax) fd_event_nocheck (EV_A_ fd, revents); } /* make sure the external fd watch events are in-sync */ /* with the kernel/libev internal state */ inline_size void fd_reify (EV_P) { int i; #if EV_SELECT_IS_WINSOCKET || EV_USE_IOCP for (i = 0; i < fdchangecnt; ++i) { int fd = fdchanges [i]; ANFD *anfd = anfds + fd; if (anfd->reify & EV__IOFDSET && anfd->head) { SOCKET handle = EV_FD_TO_WIN32_HANDLE (fd); if (handle != anfd->handle) { unsigned long arg; assert (("libev: only socket fds supported in this configuration", ioctlsocket (handle, FIONREAD, &arg) == 0)); /* handle changed, but fd didn't - we need to do it in two steps */ backend_modify (EV_A_ fd, anfd->events, 0); anfd->events = 0; anfd->handle = handle; } } } #endif for (i = 0; i < fdchangecnt; ++i) { int fd = fdchanges [i]; ANFD *anfd = anfds + fd; ev_io *w; unsigned char o_events = anfd->events; unsigned char o_reify = anfd->reify; anfd->reify = 0; /*if (ecb_expect_true (o_reify & EV_ANFD_REIFY)) probably a deoptimisation */ { anfd->events = 0; for (w = (ev_io *)anfd->head; w; w = (ev_io *)((WL)w)->next) anfd->events |= (unsigned char)w->events; if (o_events != anfd->events) o_reify = EV__IOFDSET; /* actually |= */ } if (o_reify & EV__IOFDSET) backend_modify (EV_A_ fd, o_events, anfd->events); } fdchangecnt = 0; } /* something about the given fd changed */ inline_size void fd_change (EV_P_ int fd, int flags) { unsigned char reify = anfds [fd].reify; anfds [fd].reify |= flags; if (ecb_expect_true (!reify)) { ++fdchangecnt; array_needsize (int, fdchanges, fdchangemax, fdchangecnt, array_needsize_noinit); fdchanges [fdchangecnt - 1] = fd; } } /* the given fd is invalid/unusable, so make sure it doesn't hurt us anymore */ inline_speed ecb_cold void fd_kill (EV_P_ int fd) { ev_io *w; while ((w = (ev_io *)anfds [fd].head)) { ev_io_stop (EV_A_ w); ev_feed_event (EV_A_ (W)w, EV_ERROR | EV_READ | EV_WRITE); } } /* check whether the given fd is actually valid, for error recovery */ inline_size ecb_cold int fd_valid (int fd) { #ifdef _WIN32 return EV_FD_TO_WIN32_HANDLE (fd) != -1; #else return fcntl (fd, F_GETFD) != -1; #endif } /* called on EBADF to verify fds */ ecb_noinline ecb_cold static void fd_ebadf (EV_P) { int fd; for (fd = 0; fd < anfdmax; ++fd) if (anfds [fd].events) if (!fd_valid (fd) && errno == EBADF) fd_kill (EV_A_ fd); } /* called on ENOMEM in select/poll to kill some fds and retry */ ecb_noinline ecb_cold static void fd_enomem (EV_P) { int fd; for (fd = anfdmax; fd--; ) if (anfds [fd].events) { fd_kill (EV_A_ fd); break; } } /* usually called after fork if backend needs to re-arm all fds from scratch */ ecb_noinline static void fd_rearm_all (EV_P) { int fd; for (fd = 0; fd < anfdmax; ++fd) if (anfds [fd].events) { anfds [fd].events = 0; anfds [fd].emask = 0; fd_change (EV_A_ fd, EV__IOFDSET | EV_ANFD_REIFY); } } /* used to prepare libev internal fd's */ /* this is not fork-safe */ inline_speed void fd_intern (int fd) { #ifdef _WIN32 unsigned long arg = 1; ioctlsocket (EV_FD_TO_WIN32_HANDLE (fd), FIONBIO, &arg); #else fcntl (fd, F_SETFD, FD_CLOEXEC); fcntl (fd, F_SETFL, O_NONBLOCK); #endif } /*****************************************************************************/ /* * the heap functions want a real array index. array index 0 is guaranteed to not * be in-use at any time. the first heap entry is at array [HEAP0]. DHEAP gives * the branching factor of the d-tree. */ /* * at the moment we allow libev the luxury of two heaps, * a small-code-size 2-heap one and a ~1.5kb larger 4-heap * which is more cache-efficient. * the difference is about 5% with 50000+ watchers. */ #if EV_USE_4HEAP #define DHEAP 4 #define HEAP0 (DHEAP - 1) /* index of first element in heap */ #define HPARENT(k) ((((k) - HEAP0 - 1) / DHEAP) + HEAP0) #define UPHEAP_DONE(p,k) ((p) == (k)) /* away from the root */ inline_speed void downheap (ANHE *heap, int N, int k) { ANHE he = heap [k]; ANHE *E = heap + N + HEAP0; for (;;) { ev_tstamp minat; ANHE *minpos; ANHE *pos = heap + DHEAP * (k - HEAP0) + HEAP0 + 1; /* find minimum child */ if (ecb_expect_true (pos + DHEAP - 1 < E)) { /* fast path */ (minpos = pos + 0), (minat = ANHE_at (*minpos)); if ( minat > ANHE_at (pos [1])) (minpos = pos + 1), (minat = ANHE_at (*minpos)); if ( minat > ANHE_at (pos [2])) (minpos = pos + 2), (minat = ANHE_at (*minpos)); if ( minat > ANHE_at (pos [3])) (minpos = pos + 3), (minat = ANHE_at (*minpos)); } else if (pos < E) { /* slow path */ (minpos = pos + 0), (minat = ANHE_at (*minpos)); if (pos + 1 < E && minat > ANHE_at (pos [1])) (minpos = pos + 1), (minat = ANHE_at (*minpos)); if (pos + 2 < E && minat > ANHE_at (pos [2])) (minpos = pos + 2), (minat = ANHE_at (*minpos)); if (pos + 3 < E && minat > ANHE_at (pos [3])) (minpos = pos + 3), (minat = ANHE_at (*minpos)); } else break; if (ANHE_at (he) <= minat) break; heap [k] = *minpos; ev_active (ANHE_w (*minpos)) = k; k = minpos - heap; } heap [k] = he; ev_active (ANHE_w (he)) = k; } #else /* not 4HEAP */ #define HEAP0 1 #define HPARENT(k) ((k) >> 1) #define UPHEAP_DONE(p,k) (!(p)) /* away from the root */ inline_speed void downheap (ANHE *heap, int N, int k) { ANHE he = heap [k]; for (;;) { int c = k << 1; if (c >= N + HEAP0) break; c += c + 1 < N + HEAP0 && ANHE_at (heap [c]) > ANHE_at (heap [c + 1]) ? 1 : 0; if (ANHE_at (he) <= ANHE_at (heap [c])) break; heap [k] = heap [c]; ev_active (ANHE_w (heap [k])) = k; k = c; } heap [k] = he; ev_active (ANHE_w (he)) = k; } #endif /* towards the root */ inline_speed void upheap (ANHE *heap, int k) { ANHE he = heap [k]; for (;;) { int p = HPARENT (k); if (UPHEAP_DONE (p, k) || ANHE_at (heap [p]) <= ANHE_at (he)) break; heap [k] = heap [p]; ev_active (ANHE_w (heap [k])) = k; k = p; } heap [k] = he; ev_active (ANHE_w (he)) = k; } /* move an element suitably so it is in a correct place */ inline_size void adjustheap (ANHE *heap, int N, int k) { if (k > HEAP0 && ANHE_at (heap [k]) <= ANHE_at (heap [HPARENT (k)])) upheap (heap, k); else downheap (heap, N, k); } /* rebuild the heap: this function is used only once and executed rarely */ inline_size void reheap (ANHE *heap, int N) { int i; /* we don't use floyds algorithm, upheap is simpler and is more cache-efficient */ /* also, this is easy to implement and correct for both 2-heaps and 4-heaps */ for (i = 0; i < N; ++i) upheap (heap, i + HEAP0); } /*****************************************************************************/ /* associate signal watchers to a signal signal */ typedef struct { EV_ATOMIC_T pending; #if EV_MULTIPLICITY EV_P; #endif WL head; } ANSIG; static ANSIG signals [EV_NSIG - 1]; /*****************************************************************************/ #if EV_SIGNAL_ENABLE || EV_ASYNC_ENABLE ecb_noinline ecb_cold static void evpipe_init (EV_P) { if (!ev_is_active (&pipe_w)) { int fds [2]; # if EV_USE_EVENTFD fds [0] = -1; fds [1] = eventfd (0, EFD_NONBLOCK | EFD_CLOEXEC); if (fds [1] < 0 && errno == EINVAL) fds [1] = eventfd (0, 0); if (fds [1] < 0) # endif { while (pipe (fds)) ev_syserr ("(libev) error creating signal/async pipe"); fd_intern (fds [0]); } evpipe [0] = fds [0]; if (evpipe [1] < 0) evpipe [1] = fds [1]; /* first call, set write fd */ else { /* on subsequent calls, do not change evpipe [1] */ /* so that evpipe_write can always rely on its value. */ /* this branch does not do anything sensible on windows, */ /* so must not be executed on windows */ dup2 (fds [1], evpipe [1]); close (fds [1]); } fd_intern (evpipe [1]); ev_io_set (&pipe_w, evpipe [0] < 0 ? evpipe [1] : evpipe [0], EV_READ); ev_io_start (EV_A_ &pipe_w); ev_unref (EV_A); /* watcher should not keep loop alive */ } } inline_speed void evpipe_write (EV_P_ EV_ATOMIC_T *flag) { ECB_MEMORY_FENCE; /* push out the write before this function was called, acquire flag */ if (ecb_expect_true (*flag)) return; *flag = 1; ECB_MEMORY_FENCE_RELEASE; /* make sure flag is visible before the wakeup */ pipe_write_skipped = 1; ECB_MEMORY_FENCE; /* make sure pipe_write_skipped is visible before we check pipe_write_wanted */ if (pipe_write_wanted) { int old_errno; pipe_write_skipped = 0; ECB_MEMORY_FENCE_RELEASE; old_errno = errno; /* save errno because write will clobber it */ #if EV_USE_EVENTFD if (evpipe [0] < 0) { uint64_t counter = 1; write (evpipe [1], &counter, sizeof (uint64_t)); } else #endif { #ifdef _WIN32 WSABUF buf; DWORD sent; buf.buf = (char *)&buf; buf.len = 1; WSASend (EV_FD_TO_WIN32_HANDLE (evpipe [1]), &buf, 1, &sent, 0, 0, 0); #else write (evpipe [1], &(evpipe [1]), 1); #endif } errno = old_errno; } } /* called whenever the libev signal pipe */ /* got some events (signal, async) */ static void pipecb (EV_P_ ev_io *iow, int revents) { int i; if (revents & EV_READ) { #if EV_USE_EVENTFD if (evpipe [0] < 0) { uint64_t counter; read (evpipe [1], &counter, sizeof (uint64_t)); } else #endif { char dummy[4]; #ifdef _WIN32 WSABUF buf; DWORD recvd; DWORD flags = 0; buf.buf = dummy; buf.len = sizeof (dummy); WSARecv (EV_FD_TO_WIN32_HANDLE (evpipe [0]), &buf, 1, &recvd, &flags, 0, 0); #else read (evpipe [0], &dummy, sizeof (dummy)); #endif } } pipe_write_skipped = 0; ECB_MEMORY_FENCE; /* push out skipped, acquire flags */ #if EV_SIGNAL_ENABLE if (sig_pending) { sig_pending = 0; ECB_MEMORY_FENCE; for (i = EV_NSIG - 1; i--; ) if (ecb_expect_false (signals [i].pending)) ev_feed_signal_event (EV_A_ i + 1); } #endif #if EV_ASYNC_ENABLE if (async_pending) { async_pending = 0; ECB_MEMORY_FENCE; for (i = asynccnt; i--; ) if (asyncs [i]->sent) { asyncs [i]->sent = 0; ECB_MEMORY_FENCE_RELEASE; ev_feed_event (EV_A_ asyncs [i], EV_ASYNC); } } #endif } /*****************************************************************************/ void ev_feed_signal (int signum) EV_NOEXCEPT { #if EV_MULTIPLICITY EV_P; ECB_MEMORY_FENCE_ACQUIRE; EV_A = signals [signum - 1].loop; if (!EV_A) return; #endif signals [signum - 1].pending = 1; evpipe_write (EV_A_ &sig_pending); } static void ev_sighandler (int signum) { #ifdef _WIN32 signal (signum, ev_sighandler); #endif ev_feed_signal (signum); } ecb_noinline void ev_feed_signal_event (EV_P_ int signum) EV_NOEXCEPT { WL w; if (ecb_expect_false (signum <= 0 || signum >= EV_NSIG)) return; --signum; #if EV_MULTIPLICITY /* it is permissible to try to feed a signal to the wrong loop */ /* or, likely more useful, feeding a signal nobody is waiting for */ if (ecb_expect_false (signals [signum].loop != EV_A)) return; #endif signals [signum].pending = 0; ECB_MEMORY_FENCE_RELEASE; for (w = signals [signum].head; w; w = w->next) ev_feed_event (EV_A_ (W)w, EV_SIGNAL); } #if EV_USE_SIGNALFD static void sigfdcb (EV_P_ ev_io *iow, int revents) { struct signalfd_siginfo si[2], *sip; /* these structs are big */ for (;;) { ssize_t res = read (sigfd, si, sizeof (si)); /* not ISO-C, as res might be -1, but works with SuS */ for (sip = si; (char *)sip < (char *)si + res; ++sip) ev_feed_signal_event (EV_A_ sip->ssi_signo); if (res < (ssize_t)sizeof (si)) break; } } #endif #endif /*****************************************************************************/ #if EV_CHILD_ENABLE static WL childs [EV_PID_HASHSIZE]; static ev_signal childev; #ifndef WIFCONTINUED # define WIFCONTINUED(status) 0 #endif /* handle a single child status event */ inline_speed void child_reap (EV_P_ int chain, int pid, int status) { ev_child *w; int traced = WIFSTOPPED (status) || WIFCONTINUED (status); for (w = (ev_child *)childs [chain & ((EV_PID_HASHSIZE) - 1)]; w; w = (ev_child *)((WL)w)->next) { if ((w->pid == pid || !w->pid) && (!traced || (w->flags & 1))) { ev_set_priority (w, EV_MAXPRI); /* need to do it *now*, this *must* be the same prio as the signal watcher itself */ w->rpid = pid; w->rstatus = status; ev_feed_event (EV_A_ (W)w, EV_CHILD); } } } #ifndef WCONTINUED # define WCONTINUED 0 #endif /* called on sigchld etc., calls waitpid */ static void childcb (EV_P_ ev_signal *sw, int revents) { int pid, status; /* some systems define WCONTINUED but then fail to support it (linux 2.4) */ if (0 >= (pid = waitpid (-1, &status, WNOHANG | WUNTRACED | WCONTINUED))) if (!WCONTINUED || errno != EINVAL || 0 >= (pid = waitpid (-1, &status, WNOHANG | WUNTRACED))) return; /* make sure we are called again until all children have been reaped */ /* we need to do it this way so that the callback gets called before we continue */ ev_feed_event (EV_A_ (W)sw, EV_SIGNAL); child_reap (EV_A_ pid, pid, status); if ((EV_PID_HASHSIZE) > 1) child_reap (EV_A_ 0, pid, status); /* this might trigger a watcher twice, but feed_event catches that */ } #endif /*****************************************************************************/ #if EV_USE_TIMERFD static void periodics_reschedule (EV_P); static void timerfdcb (EV_P_ ev_io *iow, int revents) { struct itimerspec its = { 0 }; /* since we can't easily come zup with a (portable) maximum value of time_t, * we wake up once per month, which hopefully is rare enough to not * be a problem. */ its.it_value.tv_sec = ev_rt_now + 86400 * 30; timerfd_settime (timerfd, TFD_TIMER_ABSTIME | TFD_TIMER_CANCEL_ON_SET, &its, 0); ev_rt_now = ev_time (); /* periodics_reschedule only needs ev_rt_now */ /* but maybe in the future we want the full treatment. */ /* now_floor = EV_TS_CONST (0.); time_update (EV_A_ EV_TSTAMP_HUGE); */ periodics_reschedule (EV_A); } ecb_noinline ecb_cold static void evtimerfd_init (EV_P) { if (!ev_is_active (&timerfd_w)) { timerfd = timerfd_create (CLOCK_REALTIME, TFD_NONBLOCK | TFD_CLOEXEC); if (timerfd >= 0) { fd_intern (timerfd); /* just to be sure */ ev_io_init (&timerfd_w, timerfdcb, timerfd, EV_READ); ev_set_priority (&sigfd_w, EV_MINPRI); ev_io_start (EV_A_ &timerfd_w); ev_unref (EV_A); /* watcher should not keep loop alive */ /* (re-) arm timer */ timerfdcb (EV_A_ 0, 0); } } } #endif /*****************************************************************************/ #if EV_USE_IOCP # include "ev_iocp.c" #endif #if EV_USE_PORT # include "ev_port.c" #endif #if EV_USE_KQUEUE # include "ev_kqueue.c" #endif #if EV_USE_EPOLL # include "ev_epoll.c" #endif #if EV_USE_LINUXAIO # include "ev_linuxaio.c" #endif #if EV_USE_IOURING # include "ev_iouring.c" #endif #if EV_USE_POLL # include "ev_poll.c" #endif #if EV_USE_SELECT # include "ev_select.c" #endif ecb_cold int ev_version_major (void) EV_NOEXCEPT { return EV_VERSION_MAJOR; } ecb_cold int ev_version_minor (void) EV_NOEXCEPT { return EV_VERSION_MINOR; } /* return true if we are running with elevated privileges and should ignore env variables */ inline_size ecb_cold int enable_secure (void) { #ifdef _WIN32 return 0; #else return getuid () != geteuid () || getgid () != getegid (); #endif } ecb_cold unsigned int ev_supported_backends (void) EV_NOEXCEPT { unsigned int flags = 0; if (EV_USE_PORT ) flags |= EVBACKEND_PORT; if (EV_USE_KQUEUE ) flags |= EVBACKEND_KQUEUE; if (EV_USE_EPOLL ) flags |= EVBACKEND_EPOLL; if (EV_USE_LINUXAIO) flags |= EVBACKEND_LINUXAIO; if (EV_USE_IOURING ) flags |= EVBACKEND_IOURING; if (EV_USE_POLL ) flags |= EVBACKEND_POLL; if (EV_USE_SELECT ) flags |= EVBACKEND_SELECT; return flags; } ecb_cold unsigned int ev_recommended_backends (void) EV_NOEXCEPT { unsigned int flags = ev_supported_backends (); #ifndef __NetBSD__ /* kqueue is borked on everything but netbsd apparently */ /* it usually doesn't work correctly on anything but sockets and pipes */ flags &= ~EVBACKEND_KQUEUE; #endif #ifdef __APPLE__ /* only select works correctly on that "unix-certified" platform */ flags &= ~EVBACKEND_KQUEUE; /* horribly broken, even for sockets */ flags &= ~EVBACKEND_POLL; /* poll is based on kqueue from 10.5 onwards */ #endif #ifdef __FreeBSD__ flags &= ~EVBACKEND_POLL; /* poll return value is unusable (http://forums.freebsd.org/archive/index.php/t-10270.html) */ #endif /* TODO: linuxaio is very experimental */ #if !EV_RECOMMEND_LINUXAIO flags &= ~EVBACKEND_LINUXAIO; #endif /* TODO: linuxaio is super experimental */ #if !EV_RECOMMEND_IOURING flags &= ~EVBACKEND_IOURING; #endif return flags; } ecb_cold unsigned int ev_embeddable_backends (void) EV_NOEXCEPT { int flags = EVBACKEND_EPOLL | EVBACKEND_KQUEUE | EVBACKEND_PORT; /* epoll embeddability broken on all linux versions up to at least 2.6.23 */ if (ev_linux_version () < 0x020620) /* disable it on linux < 2.6.32 */ flags &= ~EVBACKEND_EPOLL; /* EVBACKEND_LINUXAIO is theoretically embeddable, but suffers from a performance overhead */ /* EVBACKEND_IOURING is practically embeddable, but the current implementation is not * because our backend_fd is the epoll fd we need as fallback. * if the kernel ever is fixed, this might change... */ return flags; } unsigned int ev_backend (EV_P) EV_NOEXCEPT { return backend; } #if EV_FEATURE_API unsigned int ev_iteration (EV_P) EV_NOEXCEPT { return loop_count; } unsigned int ev_depth (EV_P) EV_NOEXCEPT { return loop_depth; } void ev_set_io_collect_interval (EV_P_ ev_tstamp interval) EV_NOEXCEPT { io_blocktime = interval; } void ev_set_timeout_collect_interval (EV_P_ ev_tstamp interval) EV_NOEXCEPT { timeout_blocktime = interval; } void ev_set_userdata (EV_P_ void *data) EV_NOEXCEPT { userdata = data; } void * ev_userdata (EV_P) EV_NOEXCEPT { return userdata; } void ev_set_invoke_pending_cb (EV_P_ ev_loop_callback invoke_pending_cb) EV_NOEXCEPT { invoke_cb = invoke_pending_cb; } void ev_set_loop_release_cb (EV_P_ void (*release)(EV_P) EV_NOEXCEPT, void (*acquire)(EV_P) EV_NOEXCEPT) EV_NOEXCEPT { release_cb = release; acquire_cb = acquire; } #endif /* initialise a loop structure, must be zero-initialised */ ecb_noinline ecb_cold static void loop_init (EV_P_ unsigned int flags) EV_NOEXCEPT { if (!backend) { origflags = flags; #if EV_USE_REALTIME if (!have_realtime) { struct timespec ts; if (!clock_gettime (CLOCK_REALTIME, &ts)) have_realtime = 1; } #endif #if EV_USE_MONOTONIC if (!have_monotonic) { struct timespec ts; if (!clock_gettime (CLOCK_MONOTONIC, &ts)) have_monotonic = 1; } #endif /* pid check not overridable via env */ #ifndef _WIN32 if (flags & EVFLAG_FORKCHECK) curpid = getpid (); #endif if (!(flags & EVFLAG_NOENV) && !enable_secure () && getenv ("LIBEV_FLAGS")) flags = atoi (getenv ("LIBEV_FLAGS")); ev_rt_now = ev_time (); mn_now = get_clock (); now_floor = mn_now; rtmn_diff = ev_rt_now - mn_now; #if EV_FEATURE_API invoke_cb = ev_invoke_pending; #endif io_blocktime = 0.; timeout_blocktime = 0.; backend = 0; backend_fd = -1; sig_pending = 0; #if EV_ASYNC_ENABLE async_pending = 0; #endif pipe_write_skipped = 0; pipe_write_wanted = 0; evpipe [0] = -1; evpipe [1] = -1; #if EV_USE_INOTIFY fs_fd = flags & EVFLAG_NOINOTIFY ? -1 : -2; #endif #if EV_USE_SIGNALFD sigfd = flags & EVFLAG_SIGNALFD ? -2 : -1; #endif #if EV_USE_TIMERFD timerfd = flags & EVFLAG_NOTIMERFD ? -1 : -2; #endif if (!(flags & EVBACKEND_MASK)) flags |= ev_recommended_backends (); #if EV_USE_IOCP if (!backend && (flags & EVBACKEND_IOCP )) backend = iocp_init (EV_A_ flags); #endif #if EV_USE_PORT if (!backend && (flags & EVBACKEND_PORT )) backend = port_init (EV_A_ flags); #endif #if EV_USE_KQUEUE if (!backend && (flags & EVBACKEND_KQUEUE )) backend = kqueue_init (EV_A_ flags); #endif #if EV_USE_IOURING if (!backend && (flags & EVBACKEND_IOURING )) backend = iouring_init (EV_A_ flags); #endif #if EV_USE_LINUXAIO if (!backend && (flags & EVBACKEND_LINUXAIO)) backend = linuxaio_init (EV_A_ flags); #endif #if EV_USE_EPOLL if (!backend && (flags & EVBACKEND_EPOLL )) backend = epoll_init (EV_A_ flags); #endif #if EV_USE_POLL if (!backend && (flags & EVBACKEND_POLL )) backend = poll_init (EV_A_ flags); #endif #if EV_USE_SELECT if (!backend && (flags & EVBACKEND_SELECT )) backend = select_init (EV_A_ flags); #endif ev_prepare_init (&pending_w, pendingcb); #if EV_SIGNAL_ENABLE || EV_ASYNC_ENABLE ev_init (&pipe_w, pipecb); ev_set_priority (&pipe_w, EV_MAXPRI); #endif } } /* free up a loop structure */ ecb_cold void ev_loop_destroy (EV_P) { int i; #if EV_MULTIPLICITY /* mimic free (0) */ if (!EV_A) return; #endif #if EV_CLEANUP_ENABLE /* queue cleanup watchers (and execute them) */ if (ecb_expect_false (cleanupcnt)) { queue_events (EV_A_ (W *)cleanups, cleanupcnt, EV_CLEANUP); EV_INVOKE_PENDING; } #endif #if EV_CHILD_ENABLE if (ev_is_default_loop (EV_A) && ev_is_active (&childev)) { ev_ref (EV_A); /* child watcher */ ev_signal_stop (EV_A_ &childev); } #endif if (ev_is_active (&pipe_w)) { /*ev_ref (EV_A);*/ /*ev_io_stop (EV_A_ &pipe_w);*/ if (evpipe [0] >= 0) EV_WIN32_CLOSE_FD (evpipe [0]); if (evpipe [1] >= 0) EV_WIN32_CLOSE_FD (evpipe [1]); } #if EV_USE_SIGNALFD if (ev_is_active (&sigfd_w)) close (sigfd); #endif #if EV_USE_TIMERFD if (ev_is_active (&timerfd_w)) close (timerfd); #endif #if EV_USE_INOTIFY if (fs_fd >= 0) close (fs_fd); #endif if (backend_fd >= 0) close (backend_fd); #if EV_USE_IOCP if (backend == EVBACKEND_IOCP ) iocp_destroy (EV_A); #endif #if EV_USE_PORT if (backend == EVBACKEND_PORT ) port_destroy (EV_A); #endif #if EV_USE_KQUEUE if (backend == EVBACKEND_KQUEUE ) kqueue_destroy (EV_A); #endif #if EV_USE_IOURING if (backend == EVBACKEND_IOURING ) iouring_destroy (EV_A); #endif #if EV_USE_LINUXAIO if (backend == EVBACKEND_LINUXAIO) linuxaio_destroy (EV_A); #endif #if EV_USE_EPOLL if (backend == EVBACKEND_EPOLL ) epoll_destroy (EV_A); #endif #if EV_USE_POLL if (backend == EVBACKEND_POLL ) poll_destroy (EV_A); #endif #if EV_USE_SELECT if (backend == EVBACKEND_SELECT ) select_destroy (EV_A); #endif for (i = NUMPRI; i--; ) { array_free (pending, [i]); #if EV_IDLE_ENABLE array_free (idle, [i]); #endif } ev_free (anfds); anfds = 0; anfdmax = 0; /* have to use the microsoft-never-gets-it-right macro */ array_free (rfeed, EMPTY); array_free (fdchange, EMPTY); array_free (timer, EMPTY); #if EV_PERIODIC_ENABLE array_free (periodic, EMPTY); #endif #if EV_FORK_ENABLE array_free (fork, EMPTY); #endif #if EV_CLEANUP_ENABLE array_free (cleanup, EMPTY); #endif array_free (prepare, EMPTY); array_free (check, EMPTY); #if EV_ASYNC_ENABLE array_free (async, EMPTY); #endif backend = 0; #if EV_MULTIPLICITY if (ev_is_default_loop (EV_A)) #endif ev_default_loop_ptr = 0; #if EV_MULTIPLICITY else ev_free (EV_A); #endif } #if EV_USE_INOTIFY inline_size void infy_fork (EV_P); #endif inline_size void loop_fork (EV_P) { #if EV_USE_PORT if (backend == EVBACKEND_PORT ) port_fork (EV_A); #endif #if EV_USE_KQUEUE if (backend == EVBACKEND_KQUEUE ) kqueue_fork (EV_A); #endif #if EV_USE_IOURING if (backend == EVBACKEND_IOURING ) iouring_fork (EV_A); #endif #if EV_USE_LINUXAIO if (backend == EVBACKEND_LINUXAIO) linuxaio_fork (EV_A); #endif #if EV_USE_EPOLL if (backend == EVBACKEND_EPOLL ) epoll_fork (EV_A); #endif #if EV_USE_INOTIFY infy_fork (EV_A); #endif if (postfork != 2) { #if EV_USE_SIGNALFD /* surprisingly, nothing needs to be done for signalfd, accoridng to docs, it does the right thing on fork */ #endif #if EV_USE_TIMERFD if (ev_is_active (&timerfd_w)) { ev_ref (EV_A); ev_io_stop (EV_A_ &timerfd_w); close (timerfd); timerfd = -2; evtimerfd_init (EV_A); /* reschedule periodics, in case we missed something */ ev_feed_event (EV_A_ &timerfd_w, EV_CUSTOM); } #endif #if EV_SIGNAL_ENABLE || EV_ASYNC_ENABLE if (ev_is_active (&pipe_w)) { /* pipe_write_wanted must be false now, so modifying fd vars should be safe */ ev_ref (EV_A); ev_io_stop (EV_A_ &pipe_w); if (evpipe [0] >= 0) EV_WIN32_CLOSE_FD (evpipe [0]); evpipe_init (EV_A); /* iterate over everything, in case we missed something before */ ev_feed_event (EV_A_ &pipe_w, EV_CUSTOM); } #endif } postfork = 0; } #if EV_MULTIPLICITY ecb_cold struct ev_loop * ev_loop_new (unsigned int flags) EV_NOEXCEPT { EV_P = (struct ev_loop *)ev_malloc (sizeof (struct ev_loop)); memset (EV_A, 0, sizeof (struct ev_loop)); loop_init (EV_A_ flags); if (ev_backend (EV_A)) return EV_A; ev_free (EV_A); return 0; } #endif /* multiplicity */ #if EV_VERIFY ecb_noinline ecb_cold static void verify_watcher (EV_P_ W w) { assert (("libev: watcher has invalid priority", ABSPRI (w) >= 0 && ABSPRI (w) < NUMPRI)); if (w->pending) assert (("libev: pending watcher not on pending queue", pendings [ABSPRI (w)][w->pending - 1].w == w)); } ecb_noinline ecb_cold static void verify_heap (EV_P_ ANHE *heap, int N) { int i; for (i = HEAP0; i < N + HEAP0; ++i) { assert (("libev: active index mismatch in heap", ev_active (ANHE_w (heap [i])) == i)); assert (("libev: heap condition violated", i == HEAP0 || ANHE_at (heap [HPARENT (i)]) <= ANHE_at (heap [i]))); assert (("libev: heap at cache mismatch", ANHE_at (heap [i]) == ev_at (ANHE_w (heap [i])))); verify_watcher (EV_A_ (W)ANHE_w (heap [i])); } } ecb_noinline ecb_cold static void array_verify (EV_P_ W *ws, int cnt) { while (cnt--) { assert (("libev: active index mismatch", ev_active (ws [cnt]) == cnt + 1)); verify_watcher (EV_A_ ws [cnt]); } } #endif #if EV_FEATURE_API void ecb_cold ev_verify (EV_P) EV_NOEXCEPT { #if EV_VERIFY int i; WL w, w2; assert (activecnt >= -1); assert (fdchangemax >= fdchangecnt); for (i = 0; i < fdchangecnt; ++i) assert (("libev: negative fd in fdchanges", fdchanges [i] >= 0)); assert (anfdmax >= 0); for (i = 0; i < anfdmax; ++i) { int j = 0; for (w = w2 = anfds [i].head; w; w = w->next) { verify_watcher (EV_A_ (W)w); if (j++ & 1) { assert (("libev: io watcher list contains a loop", w != w2)); w2 = w2->next; } assert (("libev: inactive fd watcher on anfd list", ev_active (w) == 1)); assert (("libev: fd mismatch between watcher and anfd", ((ev_io *)w)->fd == i)); } } assert (timermax >= timercnt); verify_heap (EV_A_ timers, timercnt); #if EV_PERIODIC_ENABLE assert (periodicmax >= periodiccnt); verify_heap (EV_A_ periodics, periodiccnt); #endif for (i = NUMPRI; i--; ) { assert (pendingmax [i] >= pendingcnt [i]); #if EV_IDLE_ENABLE assert (idleall >= 0); assert (idlemax [i] >= idlecnt [i]); array_verify (EV_A_ (W *)idles [i], idlecnt [i]); #endif } #if EV_FORK_ENABLE assert (forkmax >= forkcnt); array_verify (EV_A_ (W *)forks, forkcnt); #endif #if EV_CLEANUP_ENABLE assert (cleanupmax >= cleanupcnt); array_verify (EV_A_ (W *)cleanups, cleanupcnt); #endif #if EV_ASYNC_ENABLE assert (asyncmax >= asynccnt); array_verify (EV_A_ (W *)asyncs, asynccnt); #endif #if EV_PREPARE_ENABLE assert (preparemax >= preparecnt); array_verify (EV_A_ (W *)prepares, preparecnt); #endif #if EV_CHECK_ENABLE assert (checkmax >= checkcnt); array_verify (EV_A_ (W *)checks, checkcnt); #endif # if 0 #if EV_CHILD_ENABLE for (w = (ev_child *)childs [chain & ((EV_PID_HASHSIZE) - 1)]; w; w = (ev_child *)((WL)w)->next) for (signum = EV_NSIG; signum--; ) if (signals [signum].pending) #endif # endif #endif } #endif #if EV_MULTIPLICITY ecb_cold struct ev_loop * #else int #endif ev_default_loop (unsigned int flags) EV_NOEXCEPT { if (!ev_default_loop_ptr) { #if EV_MULTIPLICITY EV_P = ev_default_loop_ptr = &default_loop_struct; #else ev_default_loop_ptr = 1; #endif loop_init (EV_A_ flags); if (ev_backend (EV_A)) { #if EV_CHILD_ENABLE ev_signal_init (&childev, childcb, SIGCHLD); ev_set_priority (&childev, EV_MAXPRI); ev_signal_start (EV_A_ &childev); ev_unref (EV_A); /* child watcher should not keep loop alive */ #endif } else ev_default_loop_ptr = 0; } return ev_default_loop_ptr; } void ev_loop_fork (EV_P) EV_NOEXCEPT { postfork = 1; } /*****************************************************************************/ void ev_invoke (EV_P_ void *w, int revents) { EV_CB_INVOKE ((W)w, revents); } unsigned int ev_pending_count (EV_P) EV_NOEXCEPT { int pri; unsigned int count = 0; for (pri = NUMPRI; pri--; ) count += pendingcnt [pri]; return count; } ecb_noinline void ev_invoke_pending (EV_P) { pendingpri = NUMPRI; do { --pendingpri; /* pendingpri possibly gets modified in the inner loop */ while (pendingcnt [pendingpri]) { ANPENDING *p = pendings [pendingpri] + --pendingcnt [pendingpri]; p->w->pending = 0; EV_CB_INVOKE (p->w, p->events); EV_FREQUENT_CHECK; } } while (pendingpri); } #if EV_IDLE_ENABLE /* make idle watchers pending. this handles the "call-idle */ /* only when higher priorities are idle" logic */ inline_size void idle_reify (EV_P) { if (ecb_expect_false (idleall)) { int pri; for (pri = NUMPRI; pri--; ) { if (pendingcnt [pri]) break; if (idlecnt [pri]) { queue_events (EV_A_ (W *)idles [pri], idlecnt [pri], EV_IDLE); break; } } } } #endif /* make timers pending */ inline_size void timers_reify (EV_P) { EV_FREQUENT_CHECK; if (timercnt && ANHE_at (timers [HEAP0]) < mn_now) { do { ev_timer *w = (ev_timer *)ANHE_w (timers [HEAP0]); /*assert (("libev: inactive timer on timer heap detected", ev_is_active (w)));*/ /* first reschedule or stop timer */ if (w->repeat) { ev_at (w) += w->repeat; if (ev_at (w) < mn_now) ev_at (w) = mn_now; assert (("libev: negative ev_timer repeat value found while processing timers", w->repeat > EV_TS_CONST (0.))); ANHE_at_cache (timers [HEAP0]); downheap (timers, timercnt, HEAP0); } else ev_timer_stop (EV_A_ w); /* nonrepeating: stop timer */ EV_FREQUENT_CHECK; feed_reverse (EV_A_ (W)w); } while (timercnt && ANHE_at (timers [HEAP0]) < mn_now); feed_reverse_done (EV_A_ EV_TIMER); } } #if EV_PERIODIC_ENABLE ecb_noinline static void periodic_recalc (EV_P_ ev_periodic *w) { ev_tstamp interval = w->interval > MIN_INTERVAL ? w->interval : MIN_INTERVAL; ev_tstamp at = w->offset + interval * ev_floor ((ev_rt_now - w->offset) / interval); /* the above almost always errs on the low side */ while (at <= ev_rt_now) { ev_tstamp nat = at + w->interval; /* when resolution fails us, we use ev_rt_now */ if (ecb_expect_false (nat == at)) { at = ev_rt_now; break; } at = nat; } ev_at (w) = at; } /* make periodics pending */ inline_size void periodics_reify (EV_P) { EV_FREQUENT_CHECK; while (periodiccnt && ANHE_at (periodics [HEAP0]) < ev_rt_now) { do { ev_periodic *w = (ev_periodic *)ANHE_w (periodics [HEAP0]); /*assert (("libev: inactive timer on periodic heap detected", ev_is_active (w)));*/ /* first reschedule or stop timer */ if (w->reschedule_cb) { ev_at (w) = w->reschedule_cb (w, ev_rt_now); assert (("libev: ev_periodic reschedule callback returned time in the past", ev_at (w) >= ev_rt_now)); ANHE_at_cache (periodics [HEAP0]); downheap (periodics, periodiccnt, HEAP0); } else if (w->interval) { periodic_recalc (EV_A_ w); ANHE_at_cache (periodics [HEAP0]); downheap (periodics, periodiccnt, HEAP0); } else ev_periodic_stop (EV_A_ w); /* nonrepeating: stop timer */ EV_FREQUENT_CHECK; feed_reverse (EV_A_ (W)w); } while (periodiccnt && ANHE_at (periodics [HEAP0]) < ev_rt_now); feed_reverse_done (EV_A_ EV_PERIODIC); } } /* simply recalculate all periodics */ /* TODO: maybe ensure that at least one event happens when jumping forward? */ ecb_noinline ecb_cold static void periodics_reschedule (EV_P) { int i; /* adjust periodics after time jump */ for (i = HEAP0; i < periodiccnt + HEAP0; ++i) { ev_periodic *w = (ev_periodic *)ANHE_w (periodics [i]); if (w->reschedule_cb) ev_at (w) = w->reschedule_cb (w, ev_rt_now); else if (w->interval) periodic_recalc (EV_A_ w); ANHE_at_cache (periodics [i]); } reheap (periodics, periodiccnt); } #endif /* adjust all timers by a given offset */ ecb_noinline ecb_cold static void timers_reschedule (EV_P_ ev_tstamp adjust) { int i; for (i = 0; i < timercnt; ++i) { ANHE *he = timers + i + HEAP0; ANHE_w (*he)->at += adjust; ANHE_at_cache (*he); } } /* fetch new monotonic and realtime times from the kernel */ /* also detect if there was a timejump, and act accordingly */ inline_speed void time_update (EV_P_ ev_tstamp max_block) { #if EV_USE_MONOTONIC if (ecb_expect_true (have_monotonic)) { int i; ev_tstamp odiff = rtmn_diff; mn_now = get_clock (); /* only fetch the realtime clock every 0.5*MIN_TIMEJUMP seconds */ /* interpolate in the meantime */ if (ecb_expect_true (mn_now - now_floor < EV_TS_CONST (MIN_TIMEJUMP * .5))) { ev_rt_now = rtmn_diff + mn_now; return; } now_floor = mn_now; ev_rt_now = ev_time (); /* loop a few times, before making important decisions. * on the choice of "4": one iteration isn't enough, * in case we get preempted during the calls to * ev_time and get_clock. a second call is almost guaranteed * to succeed in that case, though. and looping a few more times * doesn't hurt either as we only do this on time-jumps or * in the unlikely event of having been preempted here. */ for (i = 4; --i; ) { ev_tstamp diff; rtmn_diff = ev_rt_now - mn_now; diff = odiff - rtmn_diff; if (ecb_expect_true ((diff < EV_TS_CONST (0.) ? -diff : diff) < EV_TS_CONST (MIN_TIMEJUMP))) return; /* all is well */ ev_rt_now = ev_time (); mn_now = get_clock (); now_floor = mn_now; } /* no timer adjustment, as the monotonic clock doesn't jump */ /* timers_reschedule (EV_A_ rtmn_diff - odiff) */ # if EV_PERIODIC_ENABLE periodics_reschedule (EV_A); # endif } else #endif { ev_rt_now = ev_time (); if (ecb_expect_false (mn_now > ev_rt_now || ev_rt_now > mn_now + max_block + EV_TS_CONST (MIN_TIMEJUMP))) { /* adjust timers. this is easy, as the offset is the same for all of them */ timers_reschedule (EV_A_ ev_rt_now - mn_now); #if EV_PERIODIC_ENABLE periodics_reschedule (EV_A); #endif } mn_now = ev_rt_now; } } int ev_run (EV_P_ int flags) { #if EV_FEATURE_API ++loop_depth; #endif assert (("libev: ev_loop recursion during release detected", loop_done != EVBREAK_RECURSE)); loop_done = EVBREAK_CANCEL; EV_INVOKE_PENDING; /* in case we recurse, ensure ordering stays nice and clean */ do { #if EV_VERIFY >= 2 ev_verify (EV_A); #endif #ifndef _WIN32 if (ecb_expect_false (curpid)) /* penalise the forking check even more */ if (ecb_expect_false (getpid () != curpid)) { curpid = getpid (); postfork = 1; } #endif #if EV_FORK_ENABLE /* we might have forked, so queue fork handlers */ if (ecb_expect_false (postfork)) if (forkcnt) { queue_events (EV_A_ (W *)forks, forkcnt, EV_FORK); EV_INVOKE_PENDING; } #endif #if EV_PREPARE_ENABLE /* queue prepare watchers (and execute them) */ if (ecb_expect_false (preparecnt)) { queue_events (EV_A_ (W *)prepares, preparecnt, EV_PREPARE); EV_INVOKE_PENDING; } #endif if (ecb_expect_false (loop_done)) break; /* we might have forked, so reify kernel state if necessary */ if (ecb_expect_false (postfork)) loop_fork (EV_A); /* update fd-related kernel structures */ fd_reify (EV_A); /* calculate blocking time */ { ev_tstamp waittime = 0.; ev_tstamp sleeptime = 0.; /* remember old timestamp for io_blocktime calculation */ ev_tstamp prev_mn_now = mn_now; /* update time to cancel out callback processing overhead */ time_update (EV_A_ EV_TS_CONST (EV_TSTAMP_HUGE)); /* from now on, we want a pipe-wake-up */ pipe_write_wanted = 1; ECB_MEMORY_FENCE; /* make sure pipe_write_wanted is visible before we check for potential skips */ if (ecb_expect_true (!(flags & EVRUN_NOWAIT || idleall || !activecnt || pipe_write_skipped))) { waittime = EV_TS_CONST (MAX_BLOCKTIME); if (timercnt) { ev_tstamp to = ANHE_at (timers [HEAP0]) - mn_now; if (waittime > to) waittime = to; } #if EV_PERIODIC_ENABLE if (periodiccnt) { ev_tstamp to = ANHE_at (periodics [HEAP0]) - ev_rt_now; if (waittime > to) waittime = to; } #endif /* don't let timeouts decrease the waittime below timeout_blocktime */ if (ecb_expect_false (waittime < timeout_blocktime)) waittime = timeout_blocktime; /* now there are two more special cases left, either we have * already-expired timers, so we should not sleep, or we have timers * that expire very soon, in which case we need to wait for a minimum * amount of time for some event loop backends. */ if (ecb_expect_false (waittime < backend_mintime)) waittime = waittime <= EV_TS_CONST (0.) ? EV_TS_CONST (0.) : backend_mintime; /* extra check because io_blocktime is commonly 0 */ if (ecb_expect_false (io_blocktime)) { sleeptime = io_blocktime - (mn_now - prev_mn_now); if (sleeptime > waittime - backend_mintime) sleeptime = waittime - backend_mintime; if (ecb_expect_true (sleeptime > EV_TS_CONST (0.))) { ev_sleep (sleeptime); waittime -= sleeptime; } } } #if EV_FEATURE_API ++loop_count; #endif assert ((loop_done = EVBREAK_RECURSE, 1)); /* assert for side effect */ backend_poll (EV_A_ waittime); assert ((loop_done = EVBREAK_CANCEL, 1)); /* assert for side effect */ pipe_write_wanted = 0; /* just an optimisation, no fence needed */ ECB_MEMORY_FENCE_ACQUIRE; if (pipe_write_skipped) { assert (("libev: pipe_w not active, but pipe not written", ev_is_active (&pipe_w))); ev_feed_event (EV_A_ &pipe_w, EV_CUSTOM); } /* update ev_rt_now, do magic */ time_update (EV_A_ waittime + sleeptime); } /* queue pending timers and reschedule them */ timers_reify (EV_A); /* relative timers called last */ #if EV_PERIODIC_ENABLE periodics_reify (EV_A); /* absolute timers called first */ #endif #if EV_IDLE_ENABLE /* queue idle watchers unless other events are pending */ idle_reify (EV_A); #endif #if EV_CHECK_ENABLE /* queue check watchers, to be executed first */ if (ecb_expect_false (checkcnt)) queue_events (EV_A_ (W *)checks, checkcnt, EV_CHECK); #endif EV_INVOKE_PENDING; } while (ecb_expect_true ( activecnt && !loop_done && !(flags & (EVRUN_ONCE | EVRUN_NOWAIT)) )); if (loop_done == EVBREAK_ONE) loop_done = EVBREAK_CANCEL; #if EV_FEATURE_API --loop_depth; #endif return activecnt; } void ev_break (EV_P_ int how) EV_NOEXCEPT { loop_done = how; } void ev_ref (EV_P) EV_NOEXCEPT { ++activecnt; } void ev_unref (EV_P) EV_NOEXCEPT { --activecnt; } void ev_now_update (EV_P) EV_NOEXCEPT { time_update (EV_A_ EV_TSTAMP_HUGE); } void ev_suspend (EV_P) EV_NOEXCEPT { ev_now_update (EV_A); } void ev_resume (EV_P) EV_NOEXCEPT { ev_tstamp mn_prev = mn_now; ev_now_update (EV_A); timers_reschedule (EV_A_ mn_now - mn_prev); #if EV_PERIODIC_ENABLE /* TODO: really do this? */ periodics_reschedule (EV_A); #endif } /*****************************************************************************/ /* singly-linked list management, used when the expected list length is short */ inline_size void wlist_add (WL *head, WL elem) { elem->next = *head; *head = elem; } inline_size void wlist_del (WL *head, WL elem) { while (*head) { if (ecb_expect_true (*head == elem)) { *head = elem->next; break; } head = &(*head)->next; } } /* internal, faster, version of ev_clear_pending */ inline_speed void clear_pending (EV_P_ W w) { if (w->pending) { pendings [ABSPRI (w)][w->pending - 1].w = (W)&pending_w; w->pending = 0; } } int ev_clear_pending (EV_P_ void *w) EV_NOEXCEPT { W w_ = (W)w; int pending = w_->pending; if (ecb_expect_true (pending)) { ANPENDING *p = pendings [ABSPRI (w_)] + pending - 1; p->w = (W)&pending_w; w_->pending = 0; return p->events; } else return 0; } inline_size void pri_adjust (EV_P_ W w) { int pri = ev_priority (w); pri = pri < EV_MINPRI ? EV_MINPRI : pri; pri = pri > EV_MAXPRI ? EV_MAXPRI : pri; ev_set_priority (w, pri); } inline_speed void ev_start (EV_P_ W w, int active) { pri_adjust (EV_A_ w); w->active = active; ev_ref (EV_A); } inline_size void ev_stop (EV_P_ W w) { ev_unref (EV_A); w->active = 0; } /*****************************************************************************/ ecb_noinline void ev_io_start (EV_P_ ev_io *w) EV_NOEXCEPT { int fd = w->fd; if (ecb_expect_false (ev_is_active (w))) return; assert (("libev: ev_io_start called with negative fd", fd >= 0)); assert (("libev: ev_io_start called with illegal event mask", !(w->events & ~(EV__IOFDSET | EV_READ | EV_WRITE)))); #if EV_VERIFY >= 2 assert (("libev: ev_io_start called on watcher with invalid fd", fd_valid (fd))); #endif EV_FREQUENT_CHECK; ev_start (EV_A_ (W)w, 1); array_needsize (ANFD, anfds, anfdmax, fd + 1, array_needsize_zerofill); wlist_add (&anfds[fd].head, (WL)w); /* common bug, apparently */ assert (("libev: ev_io_start called with corrupted watcher", ((WL)w)->next != (WL)w)); fd_change (EV_A_ fd, w->events & EV__IOFDSET | EV_ANFD_REIFY); w->events &= ~EV__IOFDSET; EV_FREQUENT_CHECK; } ecb_noinline void ev_io_stop (EV_P_ ev_io *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; assert (("libev: ev_io_stop called with illegal fd (must stay constant after start!)", w->fd >= 0 && w->fd < anfdmax)); #if EV_VERIFY >= 2 assert (("libev: ev_io_stop called on watcher with invalid fd", fd_valid (w->fd))); #endif EV_FREQUENT_CHECK; wlist_del (&anfds[w->fd].head, (WL)w); ev_stop (EV_A_ (W)w); fd_change (EV_A_ w->fd, EV_ANFD_REIFY); EV_FREQUENT_CHECK; } ecb_noinline void ev_timer_start (EV_P_ ev_timer *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; ev_at (w) += mn_now; assert (("libev: ev_timer_start called with negative timer repeat value", w->repeat >= 0.)); EV_FREQUENT_CHECK; ++timercnt; ev_start (EV_A_ (W)w, timercnt + HEAP0 - 1); array_needsize (ANHE, timers, timermax, ev_active (w) + 1, array_needsize_noinit); ANHE_w (timers [ev_active (w)]) = (WT)w; ANHE_at_cache (timers [ev_active (w)]); upheap (timers, ev_active (w)); EV_FREQUENT_CHECK; /*assert (("libev: internal timer heap corruption", timers [ev_active (w)] == (WT)w));*/ } ecb_noinline void ev_timer_stop (EV_P_ ev_timer *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; { int active = ev_active (w); assert (("libev: internal timer heap corruption", ANHE_w (timers [active]) == (WT)w)); --timercnt; if (ecb_expect_true (active < timercnt + HEAP0)) { timers [active] = timers [timercnt + HEAP0]; adjustheap (timers, timercnt, active); } } ev_at (w) -= mn_now; ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } ecb_noinline void ev_timer_again (EV_P_ ev_timer *w) EV_NOEXCEPT { EV_FREQUENT_CHECK; clear_pending (EV_A_ (W)w); if (ev_is_active (w)) { if (w->repeat) { ev_at (w) = mn_now + w->repeat; ANHE_at_cache (timers [ev_active (w)]); adjustheap (timers, timercnt, ev_active (w)); } else ev_timer_stop (EV_A_ w); } else if (w->repeat) { ev_at (w) = w->repeat; ev_timer_start (EV_A_ w); } EV_FREQUENT_CHECK; } ev_tstamp ev_timer_remaining (EV_P_ ev_timer *w) EV_NOEXCEPT { return ev_at (w) - (ev_is_active (w) ? mn_now : EV_TS_CONST (0.)); } #if EV_PERIODIC_ENABLE ecb_noinline void ev_periodic_start (EV_P_ ev_periodic *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; #if EV_USE_TIMERFD if (timerfd == -2) evtimerfd_init (EV_A); #endif if (w->reschedule_cb) ev_at (w) = w->reschedule_cb (w, ev_rt_now); else if (w->interval) { assert (("libev: ev_periodic_start called with negative interval value", w->interval >= 0.)); periodic_recalc (EV_A_ w); } else ev_at (w) = w->offset; EV_FREQUENT_CHECK; ++periodiccnt; ev_start (EV_A_ (W)w, periodiccnt + HEAP0 - 1); array_needsize (ANHE, periodics, periodicmax, ev_active (w) + 1, array_needsize_noinit); ANHE_w (periodics [ev_active (w)]) = (WT)w; ANHE_at_cache (periodics [ev_active (w)]); upheap (periodics, ev_active (w)); EV_FREQUENT_CHECK; /*assert (("libev: internal periodic heap corruption", ANHE_w (periodics [ev_active (w)]) == (WT)w));*/ } ecb_noinline void ev_periodic_stop (EV_P_ ev_periodic *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; { int active = ev_active (w); assert (("libev: internal periodic heap corruption", ANHE_w (periodics [active]) == (WT)w)); --periodiccnt; if (ecb_expect_true (active < periodiccnt + HEAP0)) { periodics [active] = periodics [periodiccnt + HEAP0]; adjustheap (periodics, periodiccnt, active); } } ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } ecb_noinline void ev_periodic_again (EV_P_ ev_periodic *w) EV_NOEXCEPT { /* TODO: use adjustheap and recalculation */ ev_periodic_stop (EV_A_ w); ev_periodic_start (EV_A_ w); } #endif #ifndef SA_RESTART # define SA_RESTART 0 #endif #if EV_SIGNAL_ENABLE ecb_noinline void ev_signal_start (EV_P_ ev_signal *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; assert (("libev: ev_signal_start called with illegal signal number", w->signum > 0 && w->signum < EV_NSIG)); #if EV_MULTIPLICITY assert (("libev: a signal must not be attached to two different loops", !signals [w->signum - 1].loop || signals [w->signum - 1].loop == loop)); signals [w->signum - 1].loop = EV_A; ECB_MEMORY_FENCE_RELEASE; #endif EV_FREQUENT_CHECK; #if EV_USE_SIGNALFD if (sigfd == -2) { sigfd = signalfd (-1, &sigfd_set, SFD_NONBLOCK | SFD_CLOEXEC); if (sigfd < 0 && errno == EINVAL) sigfd = signalfd (-1, &sigfd_set, 0); /* retry without flags */ if (sigfd >= 0) { fd_intern (sigfd); /* doing it twice will not hurt */ sigemptyset (&sigfd_set); ev_io_init (&sigfd_w, sigfdcb, sigfd, EV_READ); ev_set_priority (&sigfd_w, EV_MAXPRI); ev_io_start (EV_A_ &sigfd_w); ev_unref (EV_A); /* signalfd watcher should not keep loop alive */ } } if (sigfd >= 0) { /* TODO: check .head */ sigaddset (&sigfd_set, w->signum); sigprocmask (SIG_BLOCK, &sigfd_set, 0); signalfd (sigfd, &sigfd_set, 0); } #endif ev_start (EV_A_ (W)w, 1); wlist_add (&signals [w->signum - 1].head, (WL)w); if (!((WL)w)->next) # if EV_USE_SIGNALFD if (sigfd < 0) /*TODO*/ # endif { # ifdef _WIN32 evpipe_init (EV_A); signal (w->signum, ev_sighandler); # else struct sigaction sa; evpipe_init (EV_A); sa.sa_handler = ev_sighandler; sigfillset (&sa.sa_mask); sa.sa_flags = SA_RESTART; /* if restarting works we save one iteration */ sigaction (w->signum, &sa, 0); if (origflags & EVFLAG_NOSIGMASK) { sigemptyset (&sa.sa_mask); sigaddset (&sa.sa_mask, w->signum); sigprocmask (SIG_UNBLOCK, &sa.sa_mask, 0); } #endif } EV_FREQUENT_CHECK; } ecb_noinline void ev_signal_stop (EV_P_ ev_signal *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; wlist_del (&signals [w->signum - 1].head, (WL)w); ev_stop (EV_A_ (W)w); if (!signals [w->signum - 1].head) { #if EV_MULTIPLICITY signals [w->signum - 1].loop = 0; /* unattach from signal */ #endif #if EV_USE_SIGNALFD if (sigfd >= 0) { sigset_t ss; sigemptyset (&ss); sigaddset (&ss, w->signum); sigdelset (&sigfd_set, w->signum); signalfd (sigfd, &sigfd_set, 0); sigprocmask (SIG_UNBLOCK, &ss, 0); } else #endif signal (w->signum, SIG_DFL); } EV_FREQUENT_CHECK; } #endif #if EV_CHILD_ENABLE void ev_child_start (EV_P_ ev_child *w) EV_NOEXCEPT { #if EV_MULTIPLICITY assert (("libev: child watchers are only supported in the default loop", loop == ev_default_loop_ptr)); #endif if (ecb_expect_false (ev_is_active (w))) return; EV_FREQUENT_CHECK; ev_start (EV_A_ (W)w, 1); wlist_add (&childs [w->pid & ((EV_PID_HASHSIZE) - 1)], (WL)w); EV_FREQUENT_CHECK; } void ev_child_stop (EV_P_ ev_child *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; wlist_del (&childs [w->pid & ((EV_PID_HASHSIZE) - 1)], (WL)w); ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } #endif #if EV_STAT_ENABLE # ifdef _WIN32 # undef lstat # define lstat(a,b) _stati64 (a,b) # endif #define DEF_STAT_INTERVAL 5.0074891 #define NFS_STAT_INTERVAL 30.1074891 /* for filesystems potentially failing inotify */ #define MIN_STAT_INTERVAL 0.1074891 ecb_noinline static void stat_timer_cb (EV_P_ ev_timer *w_, int revents); #if EV_USE_INOTIFY /* the * 2 is to allow for alignment padding, which for some reason is >> 8 */ # define EV_INOTIFY_BUFSIZE (sizeof (struct inotify_event) * 2 + NAME_MAX) ecb_noinline static void infy_add (EV_P_ ev_stat *w) { w->wd = inotify_add_watch (fs_fd, w->path, IN_ATTRIB | IN_DELETE_SELF | IN_MOVE_SELF | IN_MODIFY | IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO | IN_DONT_FOLLOW | IN_MASK_ADD); if (w->wd >= 0) { struct statfs sfs; /* now local changes will be tracked by inotify, but remote changes won't */ /* unless the filesystem is known to be local, we therefore still poll */ /* also do poll on <2.6.25, but with normal frequency */ if (!fs_2625) w->timer.repeat = w->interval ? w->interval : DEF_STAT_INTERVAL; else if (!statfs (w->path, &sfs) && (sfs.f_type == 0x1373 /* devfs */ || sfs.f_type == 0x4006 /* fat */ || sfs.f_type == 0x4d44 /* msdos */ || sfs.f_type == 0xEF53 /* ext2/3 */ || sfs.f_type == 0x72b6 /* jffs2 */ || sfs.f_type == 0x858458f6 /* ramfs */ || sfs.f_type == 0x5346544e /* ntfs */ || sfs.f_type == 0x3153464a /* jfs */ || sfs.f_type == 0x9123683e /* btrfs */ || sfs.f_type == 0x52654973 /* reiser3 */ || sfs.f_type == 0x01021994 /* tmpfs */ || sfs.f_type == 0x58465342 /* xfs */)) w->timer.repeat = 0.; /* filesystem is local, kernel new enough */ else w->timer.repeat = w->interval ? w->interval : NFS_STAT_INTERVAL; /* remote, use reduced frequency */ } else { /* can't use inotify, continue to stat */ w->timer.repeat = w->interval ? w->interval : DEF_STAT_INTERVAL; /* if path is not there, monitor some parent directory for speedup hints */ /* note that exceeding the hardcoded path limit is not a correctness issue, */ /* but an efficiency issue only */ if ((errno == ENOENT || errno == EACCES) && strlen (w->path) < 4096) { char path [4096]; strcpy (path, w->path); do { int mask = IN_MASK_ADD | IN_DELETE_SELF | IN_MOVE_SELF | (errno == EACCES ? IN_ATTRIB : IN_CREATE | IN_MOVED_TO); char *pend = strrchr (path, '/'); if (!pend || pend == path) break; *pend = 0; w->wd = inotify_add_watch (fs_fd, path, mask); } while (w->wd < 0 && (errno == ENOENT || errno == EACCES)); } } if (w->wd >= 0) wlist_add (&fs_hash [w->wd & ((EV_INOTIFY_HASHSIZE) - 1)].head, (WL)w); /* now re-arm timer, if required */ if (ev_is_active (&w->timer)) ev_ref (EV_A); ev_timer_again (EV_A_ &w->timer); if (ev_is_active (&w->timer)) ev_unref (EV_A); } ecb_noinline static void infy_del (EV_P_ ev_stat *w) { int slot; int wd = w->wd; if (wd < 0) return; w->wd = -2; slot = wd & ((EV_INOTIFY_HASHSIZE) - 1); wlist_del (&fs_hash [slot].head, (WL)w); /* remove this watcher, if others are watching it, they will rearm */ inotify_rm_watch (fs_fd, wd); } ecb_noinline static void infy_wd (EV_P_ int slot, int wd, struct inotify_event *ev) { if (slot < 0) /* overflow, need to check for all hash slots */ for (slot = 0; slot < (EV_INOTIFY_HASHSIZE); ++slot) infy_wd (EV_A_ slot, wd, ev); else { WL w_; for (w_ = fs_hash [slot & ((EV_INOTIFY_HASHSIZE) - 1)].head; w_; ) { ev_stat *w = (ev_stat *)w_; w_ = w_->next; /* lets us remove this watcher and all before it */ if (w->wd == wd || wd == -1) { if (ev->mask & (IN_IGNORED | IN_UNMOUNT | IN_DELETE_SELF)) { wlist_del (&fs_hash [slot & ((EV_INOTIFY_HASHSIZE) - 1)].head, (WL)w); w->wd = -1; infy_add (EV_A_ w); /* re-add, no matter what */ } stat_timer_cb (EV_A_ &w->timer, 0); } } } } static void infy_cb (EV_P_ ev_io *w, int revents) { char buf [EV_INOTIFY_BUFSIZE]; int ofs; int len = read (fs_fd, buf, sizeof (buf)); for (ofs = 0; ofs < len; ) { struct inotify_event *ev = (struct inotify_event *)(buf + ofs); infy_wd (EV_A_ ev->wd, ev->wd, ev); ofs += sizeof (struct inotify_event) + ev->len; } } inline_size ecb_cold void ev_check_2625 (EV_P) { /* kernels < 2.6.25 are borked * http://www.ussg.indiana.edu/hypermail/linux/kernel/0711.3/1208.html */ if (ev_linux_version () < 0x020619) return; fs_2625 = 1; } inline_size int infy_newfd (void) { #if defined IN_CLOEXEC && defined IN_NONBLOCK int fd = inotify_init1 (IN_CLOEXEC | IN_NONBLOCK); if (fd >= 0) return fd; #endif return inotify_init (); } inline_size void infy_init (EV_P) { if (fs_fd != -2) return; fs_fd = -1; ev_check_2625 (EV_A); fs_fd = infy_newfd (); if (fs_fd >= 0) { fd_intern (fs_fd); ev_io_init (&fs_w, infy_cb, fs_fd, EV_READ); ev_set_priority (&fs_w, EV_MAXPRI); ev_io_start (EV_A_ &fs_w); ev_unref (EV_A); } } inline_size void infy_fork (EV_P) { int slot; if (fs_fd < 0) return; ev_ref (EV_A); ev_io_stop (EV_A_ &fs_w); close (fs_fd); fs_fd = infy_newfd (); if (fs_fd >= 0) { fd_intern (fs_fd); ev_io_set (&fs_w, fs_fd, EV_READ); ev_io_start (EV_A_ &fs_w); ev_unref (EV_A); } for (slot = 0; slot < (EV_INOTIFY_HASHSIZE); ++slot) { WL w_ = fs_hash [slot].head; fs_hash [slot].head = 0; while (w_) { ev_stat *w = (ev_stat *)w_; w_ = w_->next; /* lets us add this watcher */ w->wd = -1; if (fs_fd >= 0) infy_add (EV_A_ w); /* re-add, no matter what */ else { w->timer.repeat = w->interval ? w->interval : DEF_STAT_INTERVAL; if (ev_is_active (&w->timer)) ev_ref (EV_A); ev_timer_again (EV_A_ &w->timer); if (ev_is_active (&w->timer)) ev_unref (EV_A); } } } } #endif #ifdef _WIN32 # define EV_LSTAT(p,b) _stati64 (p, b) #else # define EV_LSTAT(p,b) lstat (p, b) #endif void ev_stat_stat (EV_P_ ev_stat *w) EV_NOEXCEPT { if (lstat (w->path, &w->attr) < 0) w->attr.st_nlink = 0; else if (!w->attr.st_nlink) w->attr.st_nlink = 1; } ecb_noinline static void stat_timer_cb (EV_P_ ev_timer *w_, int revents) { ev_stat *w = (ev_stat *)(((char *)w_) - offsetof (ev_stat, timer)); ev_statdata prev = w->attr; ev_stat_stat (EV_A_ w); /* memcmp doesn't work on netbsd, they.... do stuff to their struct stat */ if ( prev.st_dev != w->attr.st_dev || prev.st_ino != w->attr.st_ino || prev.st_mode != w->attr.st_mode || prev.st_nlink != w->attr.st_nlink || prev.st_uid != w->attr.st_uid || prev.st_gid != w->attr.st_gid || prev.st_rdev != w->attr.st_rdev || prev.st_size != w->attr.st_size || prev.st_atime != w->attr.st_atime || prev.st_mtime != w->attr.st_mtime || prev.st_ctime != w->attr.st_ctime ) { /* we only update w->prev on actual differences */ /* in case we test more often than invoke the callback, */ /* to ensure that prev is always different to attr */ w->prev = prev; #if EV_USE_INOTIFY if (fs_fd >= 0) { infy_del (EV_A_ w); infy_add (EV_A_ w); ev_stat_stat (EV_A_ w); /* avoid race... */ } #endif ev_feed_event (EV_A_ w, EV_STAT); } } void ev_stat_start (EV_P_ ev_stat *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; ev_stat_stat (EV_A_ w); if (w->interval < MIN_STAT_INTERVAL && w->interval) w->interval = MIN_STAT_INTERVAL; ev_timer_init (&w->timer, stat_timer_cb, 0., w->interval ? w->interval : DEF_STAT_INTERVAL); ev_set_priority (&w->timer, ev_priority (w)); #if EV_USE_INOTIFY infy_init (EV_A); if (fs_fd >= 0) infy_add (EV_A_ w); else #endif { ev_timer_again (EV_A_ &w->timer); ev_unref (EV_A); } ev_start (EV_A_ (W)w, 1); EV_FREQUENT_CHECK; } void ev_stat_stop (EV_P_ ev_stat *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; #if EV_USE_INOTIFY infy_del (EV_A_ w); #endif if (ev_is_active (&w->timer)) { ev_ref (EV_A); ev_timer_stop (EV_A_ &w->timer); } ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } #endif #if EV_IDLE_ENABLE void ev_idle_start (EV_P_ ev_idle *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; pri_adjust (EV_A_ (W)w); EV_FREQUENT_CHECK; { int active = ++idlecnt [ABSPRI (w)]; ++idleall; ev_start (EV_A_ (W)w, active); array_needsize (ev_idle *, idles [ABSPRI (w)], idlemax [ABSPRI (w)], active, array_needsize_noinit); idles [ABSPRI (w)][active - 1] = w; } EV_FREQUENT_CHECK; } void ev_idle_stop (EV_P_ ev_idle *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; { int active = ev_active (w); idles [ABSPRI (w)][active - 1] = idles [ABSPRI (w)][--idlecnt [ABSPRI (w)]]; ev_active (idles [ABSPRI (w)][active - 1]) = active; ev_stop (EV_A_ (W)w); --idleall; } EV_FREQUENT_CHECK; } #endif #if EV_PREPARE_ENABLE void ev_prepare_start (EV_P_ ev_prepare *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; EV_FREQUENT_CHECK; ev_start (EV_A_ (W)w, ++preparecnt); array_needsize (ev_prepare *, prepares, preparemax, preparecnt, array_needsize_noinit); prepares [preparecnt - 1] = w; EV_FREQUENT_CHECK; } void ev_prepare_stop (EV_P_ ev_prepare *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; { int active = ev_active (w); prepares [active - 1] = prepares [--preparecnt]; ev_active (prepares [active - 1]) = active; } ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } #endif #if EV_CHECK_ENABLE void ev_check_start (EV_P_ ev_check *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; EV_FREQUENT_CHECK; ev_start (EV_A_ (W)w, ++checkcnt); array_needsize (ev_check *, checks, checkmax, checkcnt, array_needsize_noinit); checks [checkcnt - 1] = w; EV_FREQUENT_CHECK; } void ev_check_stop (EV_P_ ev_check *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; { int active = ev_active (w); checks [active - 1] = checks [--checkcnt]; ev_active (checks [active - 1]) = active; } ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } #endif #if EV_EMBED_ENABLE ecb_noinline void ev_embed_sweep (EV_P_ ev_embed *w) EV_NOEXCEPT { ev_run (w->other, EVRUN_NOWAIT); } static void embed_io_cb (EV_P_ ev_io *io, int revents) { ev_embed *w = (ev_embed *)(((char *)io) - offsetof (ev_embed, io)); if (ev_cb (w)) ev_feed_event (EV_A_ (W)w, EV_EMBED); else ev_run (w->other, EVRUN_NOWAIT); } static void embed_prepare_cb (EV_P_ ev_prepare *prepare, int revents) { ev_embed *w = (ev_embed *)(((char *)prepare) - offsetof (ev_embed, prepare)); { EV_P = w->other; while (fdchangecnt) { fd_reify (EV_A); ev_run (EV_A_ EVRUN_NOWAIT); } } } static void embed_fork_cb (EV_P_ ev_fork *fork_w, int revents) { ev_embed *w = (ev_embed *)(((char *)fork_w) - offsetof (ev_embed, fork)); ev_embed_stop (EV_A_ w); { EV_P = w->other; ev_loop_fork (EV_A); ev_run (EV_A_ EVRUN_NOWAIT); } ev_embed_start (EV_A_ w); } #if 0 static void embed_idle_cb (EV_P_ ev_idle *idle, int revents) { ev_idle_stop (EV_A_ idle); } #endif void ev_embed_start (EV_P_ ev_embed *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; { EV_P = w->other; assert (("libev: loop to be embedded is not embeddable", backend & ev_embeddable_backends ())); ev_io_init (&w->io, embed_io_cb, backend_fd, EV_READ); } EV_FREQUENT_CHECK; ev_set_priority (&w->io, ev_priority (w)); ev_io_start (EV_A_ &w->io); ev_prepare_init (&w->prepare, embed_prepare_cb); ev_set_priority (&w->prepare, EV_MINPRI); ev_prepare_start (EV_A_ &w->prepare); ev_fork_init (&w->fork, embed_fork_cb); ev_fork_start (EV_A_ &w->fork); /*ev_idle_init (&w->idle, e,bed_idle_cb);*/ ev_start (EV_A_ (W)w, 1); EV_FREQUENT_CHECK; } void ev_embed_stop (EV_P_ ev_embed *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; ev_io_stop (EV_A_ &w->io); ev_prepare_stop (EV_A_ &w->prepare); ev_fork_stop (EV_A_ &w->fork); ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } #endif #if EV_FORK_ENABLE void ev_fork_start (EV_P_ ev_fork *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; EV_FREQUENT_CHECK; ev_start (EV_A_ (W)w, ++forkcnt); array_needsize (ev_fork *, forks, forkmax, forkcnt, array_needsize_noinit); forks [forkcnt - 1] = w; EV_FREQUENT_CHECK; } void ev_fork_stop (EV_P_ ev_fork *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; { int active = ev_active (w); forks [active - 1] = forks [--forkcnt]; ev_active (forks [active - 1]) = active; } ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } #endif #if EV_CLEANUP_ENABLE void ev_cleanup_start (EV_P_ ev_cleanup *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; EV_FREQUENT_CHECK; ev_start (EV_A_ (W)w, ++cleanupcnt); array_needsize (ev_cleanup *, cleanups, cleanupmax, cleanupcnt, array_needsize_noinit); cleanups [cleanupcnt - 1] = w; /* cleanup watchers should never keep a refcount on the loop */ ev_unref (EV_A); EV_FREQUENT_CHECK; } void ev_cleanup_stop (EV_P_ ev_cleanup *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; ev_ref (EV_A); { int active = ev_active (w); cleanups [active - 1] = cleanups [--cleanupcnt]; ev_active (cleanups [active - 1]) = active; } ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } #endif #if EV_ASYNC_ENABLE void ev_async_start (EV_P_ ev_async *w) EV_NOEXCEPT { if (ecb_expect_false (ev_is_active (w))) return; w->sent = 0; evpipe_init (EV_A); EV_FREQUENT_CHECK; ev_start (EV_A_ (W)w, ++asynccnt); array_needsize (ev_async *, asyncs, asyncmax, asynccnt, array_needsize_noinit); asyncs [asynccnt - 1] = w; EV_FREQUENT_CHECK; } void ev_async_stop (EV_P_ ev_async *w) EV_NOEXCEPT { clear_pending (EV_A_ (W)w); if (ecb_expect_false (!ev_is_active (w))) return; EV_FREQUENT_CHECK; { int active = ev_active (w); asyncs [active - 1] = asyncs [--asynccnt]; ev_active (asyncs [active - 1]) = active; } ev_stop (EV_A_ (W)w); EV_FREQUENT_CHECK; } void ev_async_send (EV_P_ ev_async *w) EV_NOEXCEPT { w->sent = 1; evpipe_write (EV_A_ &async_pending); } #endif /*****************************************************************************/ struct ev_once { ev_io io; ev_timer to; void (*cb)(int revents, void *arg); void *arg; }; static void once_cb (EV_P_ struct ev_once *once, int revents) { void (*cb)(int revents, void *arg) = once->cb; void *arg = once->arg; ev_io_stop (EV_A_ &once->io); ev_timer_stop (EV_A_ &once->to); ev_free (once); cb (revents, arg); } static void once_cb_io (EV_P_ ev_io *w, int revents) { struct ev_once *once = (struct ev_once *)(((char *)w) - offsetof (struct ev_once, io)); once_cb (EV_A_ once, revents | ev_clear_pending (EV_A_ &once->to)); } static void once_cb_to (EV_P_ ev_timer *w, int revents) { struct ev_once *once = (struct ev_once *)(((char *)w) - offsetof (struct ev_once, to)); once_cb (EV_A_ once, revents | ev_clear_pending (EV_A_ &once->io)); } void ev_once (EV_P_ int fd, int events, ev_tstamp timeout, void (*cb)(int revents, void *arg), void *arg) EV_NOEXCEPT { struct ev_once *once = (struct ev_once *)ev_malloc (sizeof (struct ev_once)); once->cb = cb; once->arg = arg; ev_init (&once->io, once_cb_io); if (fd >= 0) { ev_io_set (&once->io, fd, events); ev_io_start (EV_A_ &once->io); } ev_init (&once->to, once_cb_to); if (timeout >= 0.) { ev_timer_set (&once->to, timeout, 0.); ev_timer_start (EV_A_ &once->to); } } /*****************************************************************************/ #if EV_WALK_ENABLE ecb_cold void ev_walk (EV_P_ int types, void (*cb)(EV_P_ int type, void *w)) EV_NOEXCEPT { int i, j; ev_watcher_list *wl, *wn; if (types & (EV_IO | EV_EMBED)) for (i = 0; i < anfdmax; ++i) for (wl = anfds [i].head; wl; ) { wn = wl->next; #if EV_EMBED_ENABLE if (ev_cb ((ev_io *)wl) == embed_io_cb) { if (types & EV_EMBED) cb (EV_A_ EV_EMBED, ((char *)wl) - offsetof (struct ev_embed, io)); } else #endif #if EV_USE_INOTIFY if (ev_cb ((ev_io *)wl) == infy_cb) ; else #endif if ((ev_io *)wl != &pipe_w) if (types & EV_IO) cb (EV_A_ EV_IO, wl); wl = wn; } if (types & (EV_TIMER | EV_STAT)) for (i = timercnt + HEAP0; i-- > HEAP0; ) #if EV_STAT_ENABLE /*TODO: timer is not always active*/ if (ev_cb ((ev_timer *)ANHE_w (timers [i])) == stat_timer_cb) { if (types & EV_STAT) cb (EV_A_ EV_STAT, ((char *)ANHE_w (timers [i])) - offsetof (struct ev_stat, timer)); } else #endif if (types & EV_TIMER) cb (EV_A_ EV_TIMER, ANHE_w (timers [i])); #if EV_PERIODIC_ENABLE if (types & EV_PERIODIC) for (i = periodiccnt + HEAP0; i-- > HEAP0; ) cb (EV_A_ EV_PERIODIC, ANHE_w (periodics [i])); #endif #if EV_IDLE_ENABLE if (types & EV_IDLE) for (j = NUMPRI; j--; ) for (i = idlecnt [j]; i--; ) cb (EV_A_ EV_IDLE, idles [j][i]); #endif #if EV_FORK_ENABLE if (types & EV_FORK) for (i = forkcnt; i--; ) if (ev_cb (forks [i]) != embed_fork_cb) cb (EV_A_ EV_FORK, forks [i]); #endif #if EV_ASYNC_ENABLE if (types & EV_ASYNC) for (i = asynccnt; i--; ) cb (EV_A_ EV_ASYNC, asyncs [i]); #endif #if EV_PREPARE_ENABLE if (types & EV_PREPARE) for (i = preparecnt; i--; ) # if EV_EMBED_ENABLE if (ev_cb (prepares [i]) != embed_prepare_cb) # endif cb (EV_A_ EV_PREPARE, prepares [i]); #endif #if EV_CHECK_ENABLE if (types & EV_CHECK) for (i = checkcnt; i--; ) cb (EV_A_ EV_CHECK, checks [i]); #endif #if EV_SIGNAL_ENABLE if (types & EV_SIGNAL) for (i = 0; i < EV_NSIG - 1; ++i) for (wl = signals [i].head; wl; ) { wn = wl->next; cb (EV_A_ EV_SIGNAL, wl); wl = wn; } #endif #if EV_CHILD_ENABLE if (types & EV_CHILD) for (i = (EV_PID_HASHSIZE); i--; ) for (wl = childs [i]; wl; ) { wn = wl->next; cb (EV_A_ EV_CHILD, wl); wl = wn; } #endif /* EV_STAT 0x00001000 /* stat data changed */ /* EV_EMBED 0x00010000 /* embedded event loop needs sweep */ } #endif #if EV_MULTIPLICITY #include "ev_wrap.h" #endif uacme-1.7.6/config.h.in0000644000000000000000000001522514734274626011555 00000000000000/* config.h.in. Generated from configure.ac by autoheader. */ /* Define to 1 if you have the header file. */ #undef HAVE_ARPA_INET_H /* Define to 1 if you have the `asprintf' function. */ #undef HAVE_ASPRINTF /* Define to 1 if you have the `clock_gettime' function. */ #undef HAVE_CLOCK_GETTIME /* Define to 1 to use the syscall interface for clock_gettime */ #undef HAVE_CLOCK_SYSCALL /* Define to 1 if you have the `epoll_ctl' function. */ #undef HAVE_EPOLL_CTL /* Define to 1 if you have the header file. */ #undef HAVE_ERR_H /* Define to 1 if you have the `eventfd' function. */ #undef HAVE_EVENTFD /* Define to 1 if the floor function is available */ #undef HAVE_FLOOR /* Define to 1 if you have the header file. */ #undef HAVE_GETOPT_H /* Define to 1 if you have the `getopt_long' function. */ #undef HAVE_GETOPT_LONG /* Define to 1 if you have the `gnutls_decode_rs_value' function. */ #undef HAVE_GNUTLS_DECODE_RS_VALUE /* Define to 1 if you have the `gnutls_x509_crq_set_tlsfeatures' function. */ #undef HAVE_GNUTLS_X509_CRQ_SET_TLSFEATURES /* Define to 1 if you have the `inotify_init' function. */ #undef HAVE_INOTIFY_INIT /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H /* Define to 1 if linux/fs.h defined kernel_rwf_t */ #undef HAVE_KERNEL_RWF_T /* Define to 1 if you have the `kqueue' function. */ #undef HAVE_KQUEUE /* Define to 1 if you have the `rt' library (-lrt). */ #undef HAVE_LIBRT /* Define to 1 if you have the header file. */ #undef HAVE_LINUX_AIO_ABI_H /* Define to 1 if you have the header file. */ #undef HAVE_LINUX_FS_H /* if mmap(MAP_ANON|MAP_SHARED) works */ #undef HAVE_MAP_ANON /* if mmap("/dev/zero", MAP_SHARED) works */ #undef HAVE_MAP_DEVZERO /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H /* Define to 1 if you have the `mmap' function. */ #undef HAVE_MMAP /* Define to 1 if you have the `nanosleep' function. */ #undef HAVE_NANOSLEEP /* Define to 1 if you have the header file. */ #undef HAVE_NETDB_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IN_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_TCP_H /* Define to 1 if you have the `open_memstream' function. */ #undef HAVE_OPEN_MEMSTREAM /* Define to 1 if you have the `poll' function. */ #undef HAVE_POLL /* Define to 1 if you have the header file. */ #undef HAVE_POLL_H /* Define to 1 if you have the `port_create' function. */ #undef HAVE_PORT_CREATE /* Define to 1 if you have the header file. */ #undef HAVE_PORT_H /* Define to 1 if you have the `select' function. */ #undef HAVE_SELECT /* Define to 1 if you have the `setproctitle' function. */ #undef HAVE_SETPROCTITLE /* Define to 1 if you have the `signalfd' function. */ #undef HAVE_SIGNALFD /* Define to 1 if you have the `splice' function. */ #undef HAVE_SPLICE /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H /* Define to 1 if you have the `strcasestr' function. */ #undef HAVE_STRCASESTR /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H /* Define to 1 if you have the header file. */ #undef HAVE_STRING_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_EPOLL_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_EVENTFD_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_EVENT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_INOTIFY_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_MMAN_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_RESOURCE_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SELECT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SIGNALFD_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SOCKET_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TIMERFD_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_UIO_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_UN_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_WAIT_H /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H /* Define to 1 if you have the `vasprintf' function. */ #undef HAVE_VASPRINTF /* Define if debugging is disabled */ #undef NDEBUG /* Name of package */ #undef PACKAGE /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT /* Define to the full name of this package. */ #undef PACKAGE_NAME /* Define to the full name and version of this package. */ #undef PACKAGE_STRING /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME /* Define to the home page for this package. */ #undef PACKAGE_URL /* Define to the version of this package. */ #undef PACKAGE_VERSION /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS /* if GnuTLS is enabled */ #undef USE_GNUTLS /* if libtasn1 is enabled */ #undef USE_LIBTASN1 /* if mbedTLS is enabled */ #undef USE_MBEDTLS /* if OpenSSL is enabled */ #undef USE_OPENSSL /* Enable extensions on AIX 3, Interix. */ #ifndef _ALL_SOURCE # undef _ALL_SOURCE #endif /* Enable GNU extensions on systems that have them. */ #ifndef _GNU_SOURCE # undef _GNU_SOURCE #endif /* Enable threading extensions on Solaris. */ #ifndef _POSIX_PTHREAD_SEMANTICS # undef _POSIX_PTHREAD_SEMANTICS #endif /* Enable extensions on HP NonStop. */ #ifndef _TANDEM_SOURCE # undef _TANDEM_SOURCE #endif /* Enable general extensions on Solaris. */ #ifndef __EXTENSIONS__ # undef __EXTENSIONS__ #endif /* Version number of package */ #undef VERSION /* Enable large inode numbers on Mac OS X 10.5. */ #ifndef _DARWIN_USE_64_BIT_INODE # define _DARWIN_USE_64_BIT_INODE 1 #endif /* Number of bits in a file offset, on hosts where this is settable. */ #undef _FILE_OFFSET_BITS /* Define for large files, on AIX-style hosts. */ #undef _LARGE_FILES /* Define to 1 if on MINIX. */ #undef _MINIX /* Define to 2 if the system does not provide POSIX.1 features except with this defined. */ #undef _POSIX_1_SOURCE /* Define to 1 if you need to in order for `stat' and other things to work. */ #undef _POSIX_SOURCE uacme-1.7.6/msg.h0000644000000000000000000000207314555533301010453 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #ifndef __MSG_H__ #define __MSG_H__ #include extern int g_loglevel; #ifdef __GNUC__ void __attribute__((format (printf, 2, 3))) msg(int level, const char *format, ...); #else void msg(int level, const char *format, ...); #endif void msg_hd(int level, const char *prefix, const void *data, size_t len); #endif uacme-1.7.6/NEWS0000644000000000000000000002131614734273512010220 00000000000000uacme NEWS Copyright (C) 2019-2024 Nicola Di Lieto ## [1.7.6] - 2024-12-29 ### Changed - Fix OpenSSL 3.x deprecated APIs - Fix cross compilation Closes https://github.com/ndilieto/uacme/issues/79 - uacme: Add environment variables Closes https://github.com/ndilieto/uacme/issues/63 - uacme: Add support for ACME Renewal Information (ARI) Closes https://github.com/ndilieto/uacme/issues/67 - uacme: Try obtaining new Reply-Nonce if server doesn't supply one Closes https://github.com/ndilieto/uacme/issues/82 - uacme: Add hook environment variables Closes https://github.com/ndilieto/uacme/issues/83 - uacme: Allow matching alternative chain by Authority Key Id Closes https://github.com/ndilieto/uacme/issues/85 - Documentation update - Add link to linode api hook ## [1.7.5] - 2024-01-28 ### Changed - fix ualpn exit code in client mode Fixes https://github.com/ndilieto/uacme/issues/76 - fix build with autoconf version 2.71 See https://github.com/ndilieto/uacme/pull/70 - uacme: nsupdate.sh overhaul and DNAME redirection support - add link to deSEC.io DNS integration - minor documentation changes including copyright year ## [1.7.4] - 2023-02-15 ### Changed - uacme: Validate token from ACME server. Fixes https://github.com/ndilieto/uacme/issues/64 - minor documentation changes including copyright year ## [1.7.3] - 2022-09-20 ### Changed - better compatibility with LibreSSL, require 3.4.2 or later - uacme: Enable --must-staple support with LibreSSL > 3.5.0 - ualpn: Fix build issue with mbedTLS 2.x see https://github.com/ndilieto/uacme/pull/61 ## [1.7.2] - 2022-07-20 ### Added - uacme: exponential backoff for status polling instead of constant 5s delay, to reduce load on server - uacme: -r option to allow specifying revocation code - compatibility with mbedTLS v3.2 - compatibility with LibreSSL (with some limitations, see https://github.com/ndilieto/uacme/commit/32546c7c ### Changed - uacme: fix silent failure in nsupdate.sh closes https://github.com/ndilieto/uacme/issues/45 - uacme: replace 'echo' with 'printf' in uacme.sh closes https://github.com/ndilieto/uacme/issues/48 - uacme: fix compilation warning - embed ax_check_compile_flag.m4 from autoconf-archive as requested in https://github.com/ndilieto/uacme/pull/57 - minor documentation changes including copyright year ## [1.7.1] - 2021-06-04 ### Changed - uacme: fix issue when running from inaccessible directory closes https://github.com/ndilieto/uacme/issues/41 - ualpn: use default user group when -u is specified ## [1.7] - 2021-01-17 ### Added - uacme: alternate chain selection by certificate fingerprint - uacme: print copyright with version - ualpn: print copyright with version - ualpn: add notice with version on startup ### Changed - ualpn: reject duplicate options where appropriate - ualpn: make ualpn.sh always outputs to stderr - ualpn: fix compilation warning - minor changes (typos) - update copyright years ## [1.6] - 2020-12-06 ### Added - uacme: support for RFC8555 External Account Binding closes https://github.com/ndilieto/uacme/issues/40 ### Changed - uacme: fix use after free in surrogate strcasestr function - uacme: make nsupdate.sh accept quoted TXT challenge values - uacme: minor cosmetic changes to log messages ## [1.5] - 2020-07-26 ### Added - uacme: -l option to allow selecting alternate chain - ualpn: mbedtls_x509_crt_parse_der_with_ext_cb support fixes https://github.com/ndilieto/uacme/issues/23 ### Changed - ualpn: move signal calls to beginning ## [1.4.1] - 2020-05-30 ### Changed - fix SIGPIPE of parent process in daemon mode https://github.com/ndilieto/uacme/issues/36 ## [1.4] - 2020-05-30 ### Changed - fix nsupdate.sh https://github.com/ndilieto/uacme/issues/32 - uacme: warn that --must-staple is ignored with CSRFILE - ualpn: swap -p and -P command line switches - ualpn: increase key buffer size as required by OpenSSL 3.x - ualpn: fix minor OpenBSD portability issues - ualpn: fix library link order when using built-in libev - minor cosmetic code/documentation changes - README.md now included in distribution ## [1.3] - 2020-05-08 ### Added - support for issuing certificates based on a CSR - mbedTLS implementation of OCSP check - nsupdate.sh dns-01 authentication script ### Changed - allow signing revocation requests with certificate key - improved handling of RFC8738 with OpenSSL/mbedTLS - fix memory leak in csr_gen upon some OpenSSL errors ## [1.2.4] - 2020-04-25 ### Changed - improve mbedTLS detection in configure.ac - check format string arguments with GCC - ualpn: fix incorrect message arguments ## [1.2.3] - 2020-04-22 ### Changed - fix Content-Type header parsing https://github.com/ndilieto/uacme/issues/22 ## [1.2.2] - 2020-04-18 ### Changed - fix ualpn socket type bug on uClibc based systems - fix configure.ac MAP_ANON cross-compilation test ## [1.2.1] - 2020-04-17 ### Changed - increase cert buf size to cope with long identifiers - fix gcc8 -Wstringop-truncation warning ## [1.2] - 2020-04-15 ### Added - uacme OCSP certificate status check - ualpn OpenSSL/mbedTLS implementations ### Changed - add key usage to ualpn challenge certificate - ensure top bit of ualpn certificate S/N is 0 with OpenSSL - fix ualpn memory leaks and corner case bugs - minor cosmetic code/documentation changes ## [1.1.2] - 2020-03-12 ### Changed - fix configure.ac typo affecting LDFLAGS - fix missing PIPE_BUF when building on hurd-386 ## [1.1.1] - 2020-03-12 ### Changed - fix typo breaking build without HAVE_SPLICE - fix addr_t name collision on s390x ## [1.1] - 2020-03-11 ### Added - IP identifier support (RFC8738) - tls-alpn-01 (RFC8737) challenge responder (ualpn) ## [1.0.22] - 2020-02-01 ### Changed - relax account status check (compatibility with buypass.no) - allow client challenge retry requests (RFC8555 section 7.1.6) - add wildcard clarification in manpage ## [1.0.21] - 2020-01-12 ### Changed - Quote variables in uacme.sh - Added LFS support (AC_SYS_LARGEFILE) ## [1.0.20] - 2019-10-03 ### Changed - improved HTTP header parsing to fix problem that can happen when retrieving directory over HTTP/2 ## [1.0.19] - 2019-09-30 ### Changed - fix configure script bug when using explicit PKG_CONFIG environment variable - explicitly set key usage in certificate request ## [1.0.18] - 2019-08-29 ### Added - support for OCSP Must-Staple (-m, --must-staple) ### Changed - explicitly set key usage constraints with mbedTLS - fix compilation warning with gcc7 on solaris ## [1.0.17] - 2019-07-03 ### Changed - fix pedantic compilation warning - configure fails if pkg-config isn't found ## [1.0.16] - 2019-06-17 ### Changed - configure script checks for libcurl HTTPS support - minor manpage corrections ## [1.0.15] - 2019-06-15 ### Changed - exit with error if both -a and -s are specified - avoid depending on libtasn1 if gnutls_decode_rs_value is available (requires gnutls 3.6.0 or later) ## [1.0.14] - 2019-06-12 ### Changed - Fix deprecated API when building with OpenSSL v1.1.1c ## [1.0.13] - 2019-06-05 ### Changed - Disable mbedTLS runtime version check if not available ## [1.0.12] - 2019-05-18 ### Changed - Ensure EC key params are always properly padded - Improved hook_run error checking ## [1.0.11] - 2019-05-17 ### Added - Key rollover (https://tools.ietf.org/html/rfc8555#section-7.3.5) ### Changed - Revoked cert files now renamed to 'revoked-TIMESTAMP.pem' - Key auth contains SHA256 digest for tls-alpn-01 (like dns-01) - Minor logging improvements ## [1.0.10] - 2019-05-12 ### Added - secp384r1 EC key support ### Changed - -b, --bits option accepts 256 or 384 for EC keys - enforce multiple of 8 RSA key size - improved acme_get and acme_post verbose logging - retry upon badNonce response according to RFC8555 6.5 ## [1.0.9] - 2019-05-09 ### Added - EC key/cert support (-t, --type=EC, default RSA) - RSA key length option (-b, --bits=BITS, default 2048) ## [1.0.8] - 2019-05-05 ### Added - OpenSSL support (./configure --with-openssl) ### Changed - exit codes: 0=success, 1=cert issuance skipped, 2=error - mbedtls: dynamically grow buffers when needed ## [1.0.7] - 2019-04-29 ### Added - HTTP User-Agent: header in all requests - --disable-docs configure option ### Changed - manpage version now updated automatically ## [1.0.6] - 2019-04-27 ### Changed - fixed uninitialized variable in authorize() function ## [1.0.5] - 2019-04-27 ### Changed - autoconf maintainer mode - cosmetic change to json primitive dump ## [1.0.4] - 2019-04-26 ### Added - debian packaging ## [1.0.3] - 2019-04-25 ### Changed - fixed gcc -pedantic warnings ## [1.0.2] - 2019-04-24 ### Added - support for mbedTLS (./configure --with-mbedtls) ## [1.0.1] - 2019-04-21 ### Changed - minor fixes to links in documentation ## [1.0] - 2019-04-21 ### Added - first public release uacme-1.7.6/docs/0000755000000000000000000000000014734275110010522 500000000000000uacme-1.7.6/docs/uacme.html0000644000000000000000000012046714734274730012443 00000000000000 UACME(1)

SYNOPSIS

uacme [-a|--acme-url URL] [-b|--bits BITS] [-c|--confdir DIR] [-d|--days DAYS] [-e|--eab KEYID:KEY] [-f|--force] [-h|--hook PROGRAM] [-i|--no-ari] [-l|--alternate N | FP] [-m|--must-staple] [-n|--never-create] [-o|--no-ocsp] [-r|--reason CODE] [-s|--staging] [-t|--type RSA|EC] [-v|--verbose …] [-V|--version] [-y|--yes] [-?|--help] new [EMAIL] | update [EMAIL] | deactivate | newkey | issue IDENTIFIER [ALTNAME …]] | issue CSRFILE | revoke CERTFILE [CERTKEYFILE]

DESCRIPTION

uacme is a client for the ACMEv2 protocol described in RFC8555, written in plain C with minimal dependencies (libcurl and one of GnuTLS, OpenSSL or mbedTLS). The ACMEv2 protocol allows a Certificate Authority (https://letsencrypt.org is a popular one) and an applicant to automate the process of verification and certificate issuance. The protocol also provides facilities for other certificate management functions, such as certificate revocation. For more information see https://tools.ietf.org/html/rfc8555

OPTIONS

-a, --acme-url URL

ACMEv2 server directory object URL. If not specified uacme uses one of the following:

https://acme-v02.api.letsencrypt.org/directory

production URL

https://acme-staging-v02.api.letsencrypt.org/directory

staging URL (see -s, --staging below)

-b, --bits BITS

key bit length (default 2048 for RSA, 256 for EC). Only applies to newly generated keys. RSA key length must be a multiple of 8 between 2048 and 8192. EC key length must be either 256 (NID_X9_62_prime256v1 curve) or 384 (NID_secp384r1 curve).

-c, --confdir CONFDIR

Use configuration directory CONFDIR (default /etc/ssl/uacme). The structure is as follows (multiple IDENTIFIERs allowed)

CONFDIR/private/key.pem

ACME account private key

CONFDIR/private/IDENTIFIER/key.pem

certificate key for IDENTIFIER

CONFDIR/IDENTIFIER/cert.pem

certificate for IDENTIFIER

-d, --days DAYS

Do not reissue certificates that are still valid for longer than DAYS (default 30). This only applies as a fallback if no server renewal information is available. See also -i, --no-ari and -o, --no-ocsp.

-e, --eab KEYID:KEY

Specify RFC8555 External Account Binding credentials according to https://tools.ietf.org/html/rfc8555#section-7.3.4, in order to associate a new ACME account with an existing account in a non-ACME system such as a CA customer database. KEYID must be an ASCII string. KEY must be base64url-encoded.

-f, --force

Force certificate reissuance regardless of expiration date and renewal information from the server.

-h, --hook PROGRAM

Challenge hook program. If not specified uacme interacts with the user for every ACME challenge, printing information about the challenge type, token and authorization on stderr. If specified uacme executes PROGRAM (a binary, a shell script or any file that can be executed by the operating system) for every challenge with the following 5 string arguments:

METHOD

one of begin, done or failed.

begin

is called at the beginning of the challenge. PROGRAM must return 0 to accept it. Any other return code declines the challenge. Neither done nor failed method calls are made for declined challenges.

done

is called upon successful completion of an accepted challenge.

failed

is called upon failure of an accepted challenge.

TYPE

challenge type (dns-01, http-01 or tls-alpn-01)

IDENT

The identifier the challenge refers to

TOKEN

The challenge token

AUTH

The key authorization (for dns-01 and tls-alpn-01 already converted to the base64url-encoded SHA256 digest format)

-i, --no-ari

Do not query or use the server’s certificate renewal information window to decide whether to reissue an existing certificate. See also -d, --days and -o, --no-ocsp.

-l, --alternate N | FP

According to https://tools.ietf.org/html/rfc8555#section-7.4.2 the server MAY provide one or more additional certificate download URLs, each pointing to alternative certificate chains starting with the same end-entity certificate. This option allows selecting one such chain in one of two ways. A positive integer N makes uacme select the Nth alternative chain in the order presented by the server. A colon (:) separated list of two or more 2-digit hexadecimal numbers FP makes uacme select the first alternative chain containing either a certificate whose SHA256 fingerprint begins with FP, or a certificate in which the Authority Key Identifier extension contains a keyIdentifier field beginning with FP. In all cases uacme falls back to the main certificate URL if it cannot match an alternative chain or the download thereof fails.

-m, --must-staple

Request certificates with the RFC7633 Certificate Status Request TLS Feature Extension, informally also known as "OCSP Must-Staple". This option is ignored when using an externally supplied Certificate Signing Request file (see USAGE below).

-n, --never-create

By default uacme creates directories/keys if they do not exist. When this option is specified uacme never does so and instead exits with an error if anything required is missing.

-o, --no-ocsp

When this flag is not specified and the certificate has an Authority Information Access extension with an OCSP server location according to https://tools.ietf.org/html/rfc5280#section-4.2.2.1 uacme makes an OCSP request to the server; if the certificate is reported as revoked uacme forces reissuance regardless of the expiration date. See also -d, --days.

-r, --reason CODE

Use CODE (default 0) as reason code in revocation requests. A list of values is at https://tools.ietf.org/html/rfc5280#section-5.3.1.

-s, --staging

Use Let’s Encrypt staging URL for testing. This only works if -a, --acme-url is NOT specified.

-t, --type=RSA | EC

Key type, either RSA or EC. Only applies to newly generated keys. The bit length can be specified with -b, --bits.

-v, --verbose

By default uacme only produces output upon errors or when user interaction is required. When this option is specified uacme prints information about what is going on on stderr. This option can be specified more than once to increase verbosity.

-V, --version

Print program version on stderr and exit.

-y, --yes

Autoaccept ACME server terms (if any) upon new account creation.

-?, --help

Print a brief usage text on stderr and exit.

USAGE

uacme [OPTIONS …] new [EMAIL]

Create a new ACME account with optional EMAIL contact. If the account private key does not exist at CONFDIR/private/key.pem a new key is generated unless -n, --never-create is specified. A valid account must be created before any other operation can succeed (with the exception of certificate revocation requests signed by the certificate private key). Any certificate issued by the ACME server is associated with a single account. An account can be associated with multiple certificates, subject of course to the rate limits imposed by the ACME server.

uacme [OPTIONS …] update [EMAIL]

Update the EMAIL associated with the ACME account corresponding to the account private key. If EMAIL is not specified the account contact email is removed.

uacme [OPTIONS …] deactivate

Deactivate the ACME account corresponding to the account private key. WARNING this action is irreversible. Users may wish to do this when the account key is compromised or decommissioned. A deactivated account can no longer request certificate issuances and revocations or access resources related to the account.

uacme [OPTIONS …] newkey

Change the ACME account private key. If the new account private key does not exist at CONFDIR/private/newkey.pem it is generated unless -n, --never-create is specified. The new key is then submitted to the server and if the operation succeeds the old key is hardlinked to CONFDIR/private/key-TIMESTAMP.pem before renaming CONFDIR/private/newkey.pem to CONFDIR/private/key.pem.

uacme [OPTIONS …] issue IDENTIFIER [ALTNAME …]

Issue a certificate for IDENTIFIER with zero or more ALTNAMEs. If a certificate is already available at CONFDIR/IDENTIFIER/cert.pem for the specified IDENTIFIER and ALTNAMEs and is still valid for longer than DAYS no action is taken unless -f, --force is specified or -o, --no-ocsp is not specified and the certificate is reported as revoked by the OCSP server. The new certificate is saved to CONFDIR/IDENTIFIER/cert.pem. If the certificate file already exists it is hardlinked to CONFDIR/IDENTIFIER/cert-TIMESTAMP.pem before overwriting. The private key for the certificate is loaded from CONFDIR/private/IDENTIFIER/key.pem. If no such file exists, a new key is generated unless -n, --never-create is specified. Wildcard IDENTIFIERs or ALTNAMEs are dealt with correctly, as long as the ACME server supports them; note that any such wildcards are automatically removed from the configuration subdirectory name: for example a certificate for *.test.com is saved to CONFDIR/test.com/cert.pem. IP address IDENTIFIERs and ALTNAMEs are also supported according to https://tools.ietf.org/html/rfc8738#section-3

uacme [OPTIONS …] issue CSRFILE

Issue a certificate based on a RFC2986 Certificate Signing Request contained in CSRFILE, which must be in PEM format. In this mode of issuance uacme neither needs nor generates the certificate private key, but it is of course the responsibility of the user to ensure that the CSR is constructed and signed appropriately. If a certificate file CSRBASE-cert.pem (where CSRBASE is obtained by stripping the extension, if any, from CSRFILE) is already available in the same directory containing CSRFILE, and is still valid for longer than DAYS no action is taken unless -f, --force is specified or -o, --no-ocsp is not specified and the certificate is reported as revoked by the OCSP server. If the certificate file already exists it is hardlinked to BASENAME-cert-TIMESTAMP.pem before overwriting. Wildcard identifiers in the CSR are dealt with correctly, as long as the ACME server supports them. IP addresses are also supported according to https://tools.ietf.org/html/rfc8738#section-3

uacme [OPTIONS …] revoke CERTFILE [CERTKEYFILE]

Revoke the certificate stored in CERTFILE. The revocation request is signed with the private key of either the certificate, when CERTKEYFILE is specified; or the ACME account associated with the certificate, when only CERTFILE is specified. In the first instance the account key and the configuration directory are not required. If successful CERTFILE is renamed to revoked-TIMESTAMP.pem. The reason code in the revocation request defaults to 0 but it can be specified by the user with -r, --reason.

ENVIRONMENT

UACME_CAINFO

String naming a file holding one or more CA certificates to verify the ACME server with.

UACME_CAPATH

String naming a directory holding multiple CA certificates to verify the ACME server with. If libcurl is built against OpenSSL, the certificate directory must be prepared using the OpenSSL c_rehash utility.

UACME_DNS_SERVERS

Comma separated list of DNS servers to be used instead of the system default. The format of the dns servers option is host[:port][,host[:port]]…

UACME_INTERFACE

String setting the interface name to use as outgoing network interface. The name can be an interface name, an IP address, or a hostname. If you prefer one of these, you can use the following special prefixes:

if!<name>

Interface name

host!<name>

IP address or hostname

ifhost!<interface>!<host>

Interface name and IP address or hostname

UACME_PROXY

String holding the proxy hostname or dotted numerical IP address. A numerical IPv6 address must be written within [brackets]. To specify port number in this string, append :[port] to the end of the host name. If not specified, default to using port 1080. The proxy string may be prefixed with [scheme]:// to specify which kind of proxy is used (http://, https://, socks4://, socks4a://, socks5://, socks5h://). The proxy can also be specified with its associated credentials like for ordinary URLs in the style: scheme://username:password@hostname

HOOK ENVIRONMENT

The following environment variables are exported for use by the hook program:

UACME_CONFDIR

Path to CONFDIR, see -c, --confdir

UACME_VERBOSE

Verbosity, see -v, --verbose

UACME_METHOD, UACME_TYPE, UACME_IDENT, UACME_TOKEN, UACME_AUTH

Copies of the hook program arguments, see -h, --hook

EXIT STATUS

0

Success

1

Certificate not reissued because it is still current

2

Failure (syntax or usage error; configuration error; processing failure; unexpected error).

EXAMPLE HOOK SCRIPT

The uacme.sh hook script included in the distribution can be used to automate the certificate issuance with http-01 challenges, provided a web server for the domain being validated runs on the same machine, with webroot at /var/www

#!/bin/sh
CHALLENGE_PATH=/var/www/.well-known/acme-challenge
ARGS=5
E_BADARGS=85
if test $# -ne "$ARGS"
then
    echo "Usage: $(basename "$0") method type ident token auth" 1>&2
    exit $E_BADARGS
fi
METHOD=$1
TYPE=$2
IDENT=$3
TOKEN=$4
AUTH=$5
case "$METHOD" in
    "begin")
        case "$TYPE" in
            http-01)
                echo -n "${AUTH}" > "${CHALLENGE_PATH}/${TOKEN}"
                exit $?
                ;;
            *)
                exit 1
                ;;
        esac
        ;;
    "done"|"failed")
        case "$TYPE" in
            http-01)
                rm "${CHALLENGE_PATH}/${TOKEN}"
                exit $?
                ;;
            *)
                exit 1
                ;;
        esac
        ;;
    *)
        echo "$0: invalid method" 1>&2
        exit 1
esac

BUGS

If you believe you have found a bug, please create a new issue at https://github.com/ndilieto/uacme/issues with any applicable information.

SEE ALSO

ualpn(1)

AUTHOR

uacme was written by Nicola Di Lieto

COPYRIGHT

Copyright © 2019-2024 Nicola Di Lieto <nicola.dilieto@gmail.com>

This file is part of uacme.

uacme is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

uacme is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

uacme-1.7.6/docs/ualpn.html0000644000000000000000000007752714734274730012500 00000000000000 UALPN(1)

SYNOPSIS

ualpn [-4|--ipv4] [-6|--ipv6] [-b|--bind address[@port]] [-c|--connect address[@port]] [-d|--daemon] [-l|--logfile file] [-m|--max-auths N] [-n|--num-workers N] [-p|--pidfile file] [-P|--proxy N] [-r|--chroot dir] [-s|--sock path] [-S|--sock-mode mode] [-t|--terminate] [-u|--user user[:group]] [-v|--verbose …] [-V|--version] [-?|--help]

DESCRIPTION

ualpn is a lightweight proxying ACMEv2 tls-alpn-01 challenge responder compliant with RFC8737 (https://tools.ietf.org/html/RFC8737) and RFC8738 (https://tools.ietf.org/html/RFC8738).

Depending on how it is invoked, ualpn runs in either client or server mode. In client mode ualpn connects to a running server mode instance of itself through a unix domain socket, in order to add or remove ACMEv2 authorizations. See CLIENT MODE below.

In server mode ualpn listens for incoming connections (by default on port 443, which is mandatory for tls-alpn-01 challenges). It then handles any such connection in one of two different ways:

  • if the connection begins with a "ClientHello" TLS handshake packet including a "acme-tls/1" RFC7301 Application Level Protocol Negotiation extension and a RFC6066 Server Name Indication extension matching an identifier for which it has an authorization, ualpn performs the tls-alpn-01 handshake and closes the connection;

  • otherwise ualpn transparently proxies the connection to one of the backend servers it is configured with. By default ualpn adds PROXY v1 headers (http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt) in order to safely transport connection information such as the client’s address to the backend. The PROXY protocol is currently supported by apache, nginx and several other server programs.

The event-driven implementation is based on libev (http://libev.schmorp.de) and considerably reduces the cost of context switches and memory usage. In addition on systems such as Linux supporting the splice() system call, ualpn is able to move network data without copying it to/from kernel/user address space.

OPTIONS

-4, --ipv4

Only listen to IPv4 connections

-6, --ipv6

Only listen to IPv6 connections

-b, --bind address[@port]

Enable server mode and listen to address. The address must be specified in numeric format using the standard IPv4 or IPv6 notation. Optionally, a port number can be given (default is 443). This flag can be specified multiple times to listen to multiple IP addresses. If this flag is not specified and server mode was enabled by some other option, ualpn listens to the wildcard interface; otherwise it runs in client mode (see CLIENT MODE below).

-c, --connect address[@port]

Enable server mode and add a new backend. The backend address must be specified in numeric format using the standard IPv4 or IPv6 notation. Optionally, a port number can be given (default is 443). This flag can be specified multiple times to add multiple backends. This flag must be specified at least once in server mode.

-d, --daemon

Enable server mode and fork in the background

-l, --logfile file

Log to file. By default ualpn logs to syslog if -d, --daemon was specified or stderr otherwise. See also -v, --verbose

-m, --max-auths N

Enable server mode and allow managing ACMEv2 tls-alpn-01 challenges for up to N different identifiers (default 100)

-n, --num-workers N

Enable server mode and spawn N worker processes (default 2) to handle connections. Note that worker processes are single threaded but thanks to the event based implementation each can handle several (potentially thousands) connections concurrently.

-p, --pidfile file

Specify pidfile location (default /var/run/ualpn.pid)

-P, --proxy N

Enable server mode and disable (0) or specify (1, 2) the PROXY header version (default 1). The backend server needs to be configured accordingly:

-r, --chroot dir

Enable server mode and specify a directory to chroot to. If logging to syslog it is necessary to ensure that a syslogd(8) socket is available at /dev/log in the chroot directory, otherwise ualpn will not produce any log output.

-s, --sock path

Specify unix socket path (default /var/run/ualpn.sock)

-S, --sock-mode mode

Enable server mode and specify socket access permissions (default 644)

-t, --terminate

Try to terminate a running ualpn server. This is achieved by looking up the process id stored by the server in the pidfile (see -p, --pidfile) and signalling it to terminate.

-u, --user user[:group]

Enable server mode and drop user (and optionally group) privileges to those of user after binding the sockets. Also affects the ownership of the unix socket, pidfile and logfile (if any).

-v, --verbose

By default ualpn only produces logs upon errors or warnings. When this option is specified ualpn also logs notice messages. This option can be specified more than once to increase verbosity and include information (twice) or debug (three times) messages.

-V, --version

Print program version on stderr and exit.

-?, --help

Print a brief usage text on stderr and exit.

CLIENT MODE

In client mode ualpn pipes stdin/stdout to/from the unix socket of the running server instance of itself. The protocol is ASCII text based, case sensitive, line oriented, with two commands:

auth identifier authorization

The auth command instructs the running ualpn server to handle ACMEv2 tls-alpn-01 challenges for identifier, which can be a string representing either a domain (type dns according to RFC8555 section 9.7.8) or an IP address (type ip according to RFC8738 section 6). authorization must contain the base64url encoding of the SHA-256 digest of the key authorization computed according to RFC8737 section 3 (note the uacme software executes hook scripts with the correct authorization passed as the 5th argument). Upon successful invocation of the auth command ualpn generates a self signed certificate as required by the tls-alpn-01 challenge, and then uses it to perform tls-alpn-01 handshakes for the given identifier.

unauth identifier

The unauth command instructs the running ualpn server to no longer handle ACMEv2 tls-alpn-01 challenges for identifier.

ualpn responds to both commands with a line beginning with either "OK" or "ERR", followed by a space and additional error information.

EXAMPLES

ualpn -vv -d -u nobody:nogroup -c 127.0.0.1@4443 -S 666

start ualpn as a daemon, binding to the default port 443 on the wildcard interface. Proxy connections to port 4443 on 127.0.0.1 After opening the sockets, drop the user privileges and run as nobody:nogroup. Allow anyone on the local host to access the unix socket. Also increase the verbosity to include notice and information messages.

echo "auth www.example.com DEi0apzMOdMT2DAro57oIvn-wEzPiYcAYDh2Cvjra3I" | ualpn

Instruct the running ualpn server to handle ACMEv2 tls-alpn-01 challenges for www.example.com with the given key authorization.

echo "unauth www.example.com" | ualpn

Instruct the running ualpn server to no longer handle ACMEv2 tls-alpn-01 challenges for www.example.com

EXIT STATUS

0

Success

1

Failure (syntax or usage error; configuration error; processing failure; unexpected error).

EXAMPLE UACME HOOK SCRIPT

The ualpn.sh hook script included in the distribution can be used to automate the certificate issuance with uacme, provided ualpn is listening on port 443 of the webserver for the domain being validated

#!/bin/sh
ARGS=5
E_BADARGS=85
if test $# -ne "$ARGS"
then
    echo "Usage: $(basename "$0") method type ident token auth" 1>&2
    exit $E_BADARGS
fi
METHOD=$1
TYPE=$2
IDENT=$3
TOKEN=$4
AUTH=$5
if [ "$TYPE" != "tls-alpn-01" ]; then
    exit 1
fi
case "$METHOD" in
    "begin")
        UALPN_OUT=$(echo "auth $IDENT $AUTH" | ualpn)
        if [ "x$UALPN_OUT" = "xOK" ]; then
            exit 0
        else
            exit 1
        fi
        ;;
    "done"|"failed")
        UALPN_OUT=$(echo "unauth $IDENT" | ualpn)
        if [ "x$UALPN_OUT" = "xOK" ]; then
            exit 0
        else
            exit 1
        fi
        ;;
    *)
        echo "$0: invalid method" 1>&2
        exit 1
esac

BUGS

If you believe you have found a bug, please create a new issue at https://github.com/ndilieto/uacme/issues with any applicable information.

SEE ALSO

uacme(1)

AUTHOR

ualpn was written by Nicola Di Lieto

COPYRIGHT

Copyright © 2019-2024 Nicola Di Lieto <nicola.dilieto@gmail.com>

This file is part of uacme.

uacme is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

uacme is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

uacme-1.7.6/jsmn.h0000644000000000000000000002736714555530552010656 00000000000000/* * MIT License * * Copyright (c) 2010 Serge Zaitsev * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal * in the Software without restriction, including without limitation the rights * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE * SOFTWARE. */ #ifndef JSMN_H #define JSMN_H #include #ifdef __cplusplus extern "C" { #endif #ifdef JSMN_STATIC #define JSMN_API static #else #define JSMN_API extern #endif /** * JSON type identifier. Basic types are: * o Object * o Array * o String * o Other primitive: number, boolean (true/false) or null */ typedef enum { JSMN_UNDEFINED = 0, JSMN_OBJECT = 1, JSMN_ARRAY = 2, JSMN_STRING = 3, JSMN_PRIMITIVE = 4 } jsmntype_t; enum jsmnerr { /* Not enough tokens were provided */ JSMN_ERROR_NOMEM = -1, /* Invalid character inside JSON string */ JSMN_ERROR_INVAL = -2, /* The string is not a full JSON packet, more bytes expected */ JSMN_ERROR_PART = -3 }; /** * JSON token description. * type type (object, array, string etc.) * start start position in JSON data string * end end position in JSON data string */ typedef struct { jsmntype_t type; int start; int end; int size; #ifdef JSMN_PARENT_LINKS int parent; #endif } jsmntok_t; /** * JSON parser. Contains an array of token blocks available. Also stores * the string being parsed now and current position in that string. */ typedef struct { unsigned int pos; /* offset in the JSON string */ unsigned int toknext; /* next token to allocate */ int toksuper; /* superior token node, e.g. parent object or array */ } jsmn_parser; /** * Create JSON parser over an array of tokens */ JSMN_API void jsmn_init(jsmn_parser *parser); /** * Run JSON parser. It parses a JSON data string into and array of tokens, each * describing * a single JSON object. */ JSMN_API int jsmn_parse(jsmn_parser *parser, const char *js, const size_t len, jsmntok_t *tokens, const unsigned int num_tokens); #ifndef JSMN_HEADER /** * Allocates a fresh unused token from the token pool. */ static jsmntok_t *jsmn_alloc_token(jsmn_parser *parser, jsmntok_t *tokens, const size_t num_tokens) { jsmntok_t *tok; if (parser->toknext >= num_tokens) { return NULL; } tok = &tokens[parser->toknext++]; tok->start = tok->end = -1; tok->size = 0; #ifdef JSMN_PARENT_LINKS tok->parent = -1; #endif return tok; } /** * Fills token type and boundaries. */ static void jsmn_fill_token(jsmntok_t *token, const jsmntype_t type, const int start, const int end) { token->type = type; token->start = start; token->end = end; token->size = 0; } /** * Fills next available token with JSON primitive. */ static int jsmn_parse_primitive(jsmn_parser *parser, const char *js, const size_t len, jsmntok_t *tokens, const size_t num_tokens) { jsmntok_t *token; int start; start = parser->pos; for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) { switch (js[parser->pos]) { #ifndef JSMN_STRICT /* In strict mode primitive must be followed by "," or "}" or "]" */ case ':': #endif case '\t': case '\r': case '\n': case ' ': case ',': case ']': case '}': goto found; } if (js[parser->pos] < 32 || js[parser->pos] >= 127) { parser->pos = start; return JSMN_ERROR_INVAL; } } #ifdef JSMN_STRICT /* In strict mode primitive must be followed by a comma/object/array */ parser->pos = start; return JSMN_ERROR_PART; #endif found: if (tokens == NULL) { parser->pos--; return 0; } token = jsmn_alloc_token(parser, tokens, num_tokens); if (token == NULL) { parser->pos = start; return JSMN_ERROR_NOMEM; } jsmn_fill_token(token, JSMN_PRIMITIVE, start, parser->pos); #ifdef JSMN_PARENT_LINKS token->parent = parser->toksuper; #endif parser->pos--; return 0; } /** * Fills next token with JSON string. */ static int jsmn_parse_string(jsmn_parser *parser, const char *js, const size_t len, jsmntok_t *tokens, const size_t num_tokens) { jsmntok_t *token; int start = parser->pos; parser->pos++; /* Skip starting quote */ for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) { char c = js[parser->pos]; /* Quote: end of string */ if (c == '\"') { if (tokens == NULL) { return 0; } token = jsmn_alloc_token(parser, tokens, num_tokens); if (token == NULL) { parser->pos = start; return JSMN_ERROR_NOMEM; } jsmn_fill_token(token, JSMN_STRING, start + 1, parser->pos); #ifdef JSMN_PARENT_LINKS token->parent = parser->toksuper; #endif return 0; } /* Backslash: Quoted symbol expected */ if (c == '\\' && parser->pos + 1 < len) { int i; parser->pos++; switch (js[parser->pos]) { /* Allowed escaped symbols */ case '\"': case '/': case '\\': case 'b': case 'f': case 'r': case 'n': case 't': break; /* Allows escaped symbol \uXXXX */ case 'u': parser->pos++; for (i = 0; i < 4 && parser->pos < len && js[parser->pos] != '\0'; i++) { /* If it isn't a hex character we have an error */ if (!((js[parser->pos] >= 48 && js[parser->pos] <= 57) || /* 0-9 */ (js[parser->pos] >= 65 && js[parser->pos] <= 70) || /* A-F */ (js[parser->pos] >= 97 && js[parser->pos] <= 102))) { /* a-f */ parser->pos = start; return JSMN_ERROR_INVAL; } parser->pos++; } parser->pos--; break; /* Unexpected symbol */ default: parser->pos = start; return JSMN_ERROR_INVAL; } } } parser->pos = start; return JSMN_ERROR_PART; } /** * Parse JSON string and fill tokens. */ JSMN_API int jsmn_parse(jsmn_parser *parser, const char *js, const size_t len, jsmntok_t *tokens, const unsigned int num_tokens) { int r; int i; jsmntok_t *token; int count = parser->toknext; for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) { char c; jsmntype_t type; c = js[parser->pos]; switch (c) { case '{': case '[': count++; if (tokens == NULL) { break; } token = jsmn_alloc_token(parser, tokens, num_tokens); if (token == NULL) { return JSMN_ERROR_NOMEM; } if (parser->toksuper != -1) { jsmntok_t *t = &tokens[parser->toksuper]; #ifdef JSMN_STRICT /* In strict mode an object or array can't become a key */ if (t->type == JSMN_OBJECT) { return JSMN_ERROR_INVAL; } #endif t->size++; #ifdef JSMN_PARENT_LINKS token->parent = parser->toksuper; #endif } token->type = (c == '{' ? JSMN_OBJECT : JSMN_ARRAY); token->start = parser->pos; parser->toksuper = parser->toknext - 1; break; case '}': case ']': if (tokens == NULL) { break; } type = (c == '}' ? JSMN_OBJECT : JSMN_ARRAY); #ifdef JSMN_PARENT_LINKS if (parser->toknext < 1) { return JSMN_ERROR_INVAL; } token = &tokens[parser->toknext - 1]; for (;;) { if (token->start != -1 && token->end == -1) { if (token->type != type) { return JSMN_ERROR_INVAL; } token->end = parser->pos + 1; parser->toksuper = token->parent; break; } if (token->parent == -1) { if (token->type != type || parser->toksuper == -1) { return JSMN_ERROR_INVAL; } break; } token = &tokens[token->parent]; } #else for (i = parser->toknext - 1; i >= 0; i--) { token = &tokens[i]; if (token->start != -1 && token->end == -1) { if (token->type != type) { return JSMN_ERROR_INVAL; } parser->toksuper = -1; token->end = parser->pos + 1; break; } } /* Error if unmatched closing bracket */ if (i == -1) { return JSMN_ERROR_INVAL; } for (; i >= 0; i--) { token = &tokens[i]; if (token->start != -1 && token->end == -1) { parser->toksuper = i; break; } } #endif break; case '\"': r = jsmn_parse_string(parser, js, len, tokens, num_tokens); if (r < 0) { return r; } count++; if (parser->toksuper != -1 && tokens != NULL) { tokens[parser->toksuper].size++; } break; case '\t': case '\r': case '\n': case ' ': break; case ':': parser->toksuper = parser->toknext - 1; break; case ',': if (tokens != NULL && parser->toksuper != -1 && tokens[parser->toksuper].type != JSMN_ARRAY && tokens[parser->toksuper].type != JSMN_OBJECT) { #ifdef JSMN_PARENT_LINKS parser->toksuper = tokens[parser->toksuper].parent; #else for (i = parser->toknext - 1; i >= 0; i--) { if (tokens[i].type == JSMN_ARRAY || tokens[i].type == JSMN_OBJECT) { if (tokens[i].start != -1 && tokens[i].end == -1) { parser->toksuper = i; break; } } } #endif } break; #ifdef JSMN_STRICT /* In strict mode primitives are: numbers and booleans */ case '-': case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9': case 't': case 'f': case 'n': /* And they must not be keys of the object */ if (tokens != NULL && parser->toksuper != -1) { const jsmntok_t *t = &tokens[parser->toksuper]; if (t->type == JSMN_OBJECT || (t->type == JSMN_STRING && t->size != 0)) { return JSMN_ERROR_INVAL; } } #else /* In non-strict mode every unquoted value is a primitive */ default: #endif r = jsmn_parse_primitive(parser, js, len, tokens, num_tokens); if (r < 0) { return r; } count++; if (parser->toksuper != -1 && tokens != NULL) { tokens[parser->toksuper].size++; } break; #ifdef JSMN_STRICT /* Unexpected char in strict mode */ default: return JSMN_ERROR_INVAL; #endif } } if (tokens != NULL) { for (i = parser->toknext - 1; i >= 0; i--) { /* Unmatched opened object or array */ if (tokens[i].start != -1 && tokens[i].end == -1) { return JSMN_ERROR_PART; } } } return count; } /** * Creates a new parser based over a given buffer with an array of tokens * available. */ JSMN_API void jsmn_init(jsmn_parser *parser) { parser->pos = 0; parser->toknext = 0; parser->toksuper = -1; } #endif /* JSMN_HEADER */ #ifdef __cplusplus } #endif #endif /* JSMN_H */ uacme-1.7.6/ualpn.10000644000000000000000000003043314734274730010725 00000000000000'\" t .\" Title: ualpn .\" Author: [see the "AUTHOR" section] .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: 12/29/2024 .\" Manual: User Commands .\" Source: ualpn 1.7.6 .\" Language: English .\" .TH "UALPN" "1" "12/29/2024" "ualpn 1\&.7\&.6" "User Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" ualpn \- lightweight proxying ACMEv2 tls\-alpn\-01 responder .SH "SYNOPSIS" .sp \fBualpn\fR [\fB\-4\fR|\fB\-\-ipv4\fR] [\fB\-6\fR|\fB\-\-ipv6\fR] [\fB\-b\fR|\fB\-\-bind\fR \fIaddress\fR[@\fIport\fR]] [\fB\-c\fR|\fB\-\-connect\fR \fIaddress\fR[@\fIport\fR]] [\fB\-d\fR|\fB\-\-daemon\fR] [\fB\-l\fR|\fB\-\-logfile\fR \fIfile\fR] [\fB\-m\fR|\fB\-\-max\-auths\fR \fIN\fR] [\fB\-n\fR|\fB\-\-num\-workers\fR \fIN\fR] [\fB\-p\fR|\fB\-\-pidfile\fR \fIfile\fR] [\fB\-P\fR|\fB\-\-proxy\fR \fIN\fR] [\fB\-r\fR|\fB\-\-chroot\fR \fIdir\fR] [\fB\-s\fR|\fB\-\-sock\fR \fIpath\fR] [\fB\-S\fR|\fB\-\-sock\-mode\fR \fImode\fR] [\fB\-t\fR|\fB\-\-terminate\fR] [\fB\-u\fR|\fB\-\-user\fR \fIuser\fR[:\fIgroup\fR]] [\fB\-v\fR|\fB\-\-verbose\fR \&...] [\fB\-V\fR|\fB\-\-version\fR] [\fB\-?\fR|\fB\-\-help\fR] .SH "DESCRIPTION" .sp \fBualpn\fR is a lightweight proxying ACMEv2 tls\-alpn\-01 challenge responder compliant with RFC8737 (https://tools\&.ietf\&.org/html/RFC8737) and RFC8738 (https://tools\&.ietf\&.org/html/RFC8738)\&. .sp Depending on how it is invoked, \fBualpn\fR runs in either client or server mode\&. In client mode \fBualpn\fR connects to a running server mode instance of itself through a unix domain socket, in order to add or remove ACMEv2 authorizations\&. See CLIENT MODE below\&. .sp In server mode \fBualpn\fR listens for incoming connections (by default on port 443, which is mandatory for tls\-alpn\-01 challenges)\&. It then handles any such connection in one of two different ways: .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} if the connection begins with a "ClientHello" TLS handshake packet including a "acme\-tls/1" RFC7301 Application Level Protocol Negotiation extension \fBand\fR a RFC6066 Server Name Indication extension matching an identifier for which it has an authorization, \fBualpn\fR performs the tls\-alpn\-01 handshake and closes the connection; .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} otherwise \fBualpn\fR transparently proxies the connection to one of the backend servers it is configured with\&. By default \fBualpn\fR adds PROXY v1 headers (http://www\&.haproxy\&.org/download/1\&.8/doc/proxy\-protocol\&.txt) in order to safely transport connection information such as the client\(cqs address to the backend\&. The PROXY protocol is currently supported by apache, nginx and several other server programs\&. .RE .sp The event\-driven implementation is based on libev (http://libev\&.schmorp\&.de) and considerably reduces the cost of context switches and memory usage\&. In addition on systems such as Linux supporting the splice() system call, \fBualpn\fR is able to move network data without copying it to/from kernel/user address space\&. .SH "OPTIONS" .PP \fB\-4, \-\-ipv4\fR .RS 4 Only listen to IPv4 connections .RE .PP \fB\-6, \-\-ipv6\fR .RS 4 Only listen to IPv6 connections .RE .PP \fB\-b, \-\-bind\fR \fIaddress\fR[@\fIport\fR] .RS 4 Enable server mode and listen to \fIaddress\fR\&. The address must be specified in numeric format using the standard IPv4 or IPv6 notation\&. Optionally, a port number can be given (default is 443)\&. This flag can be specified multiple times to listen to multiple IP addresses\&. If this flag is not specified and server mode was enabled by some other option, \fBualpn\fR listens to the wildcard interface; otherwise it runs in client mode (see CLIENT MODE below)\&. .RE .PP \fB\-c, \-\-connect\fR \fIaddress\fR[@\fIport\fR] .RS 4 Enable server mode and add a new backend\&. The backend address must be specified in numeric format using the standard IPv4 or IPv6 notation\&. Optionally, a port number can be given (default is 443)\&. This flag can be specified multiple times to add multiple backends\&. This flag must be specified at least once in server mode\&. .RE .PP \fB\-d, \-\-daemon\fR .RS 4 Enable server mode and fork in the background .RE .PP \fB\-l, \-\-logfile\fR \fIfile\fR .RS 4 Log to \fIfile\fR\&. By default \fBualpn\fR logs to syslog if \fB\-d, \-\-daemon\fR was specified or stderr otherwise\&. See also \fB\-v, \-\-verbose\fR .RE .PP \fB\-m, \-\-max\-auths\fR \fIN\fR .RS 4 Enable server mode and allow managing ACMEv2 tls\-alpn\-01 challenges for up to \fIN\fR different identifiers (default 100) .RE .PP \fB\-n, \-\-num\-workers\fR \fIN\fR .RS 4 Enable server mode and spawn \fIN\fR worker processes (default 2) to handle connections\&. Note that worker processes are single threaded but thanks to the event based implementation each can handle several (potentially thousands) connections concurrently\&. .RE .PP \fB\-p, \-\-pidfile\fR \fIfile\fR .RS 4 Specify pidfile location (default /var/run/ualpn\&.pid) .RE .PP \fB\-P, \-\-proxy\fR \fIN\fR .RS 4 Enable server mode and disable (0) or specify (1, 2) the PROXY header version (default 1)\&. The backend server needs to be configured accordingly: .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} nginx: https://docs\&.nginx\&.com/nginx/admin\-guide/load\-balancer/using\-proxy\-protocol .RE .sp .RS 4 .ie n \{\ \h'-04'\(bu\h'+03'\c .\} .el \{\ .sp -1 .IP \(bu 2.3 .\} apache: https://httpd\&.apache\&.org/docs/2\&.4/mod/mod_remoteip\&.html#remoteipproxyprotocol .RE .RE .PP \fB\-r, \-\-chroot\fR \fIdir\fR .RS 4 Enable server mode and specify a directory to chroot to\&. If logging to syslog it is necessary to ensure that a syslogd(8) socket is available at /dev/log in the chroot directory, otherwise \fBualpn\fR will not produce any log output\&. .RE .PP \fB\-s, \-\-sock\fR \fIpath\fR .RS 4 Specify unix socket path (default /var/run/ualpn\&.sock) .RE .PP \fB\-S, \-\-sock\-mode\fR \fImode\fR .RS 4 Enable server mode and specify socket access permissions (default 644) .RE .PP \fB\-t, \-\-terminate\fR .RS 4 Try to terminate a running \fBualpn\fR server\&. This is achieved by looking up the process id stored by the server in the pidfile (see \fB\-p, \-\-pidfile\fR) and signalling it to terminate\&. .RE .PP \fB\-u, \-\-user\fR \fIuser\fR[:\fIgroup\fR] .RS 4 Enable server mode and drop user (and optionally group) privileges to those of \fIuser\fR after binding the sockets\&. Also affects the ownership of the unix socket, pidfile and logfile (if any)\&. .RE .PP \fB\-v, \-\-verbose\fR .RS 4 By default \fBualpn\fR only produces logs upon errors or warnings\&. When this option is specified \fBualpn\fR also logs notice messages\&. This option can be specified more than once to increase verbosity and include information (twice) or debug (three times) messages\&. .RE .PP \fB\-V, \-\-version\fR .RS 4 Print program version on stderr and exit\&. .RE .PP \fB\-?, \-\-help\fR .RS 4 Print a brief usage text on stderr and exit\&. .RE .SH "CLIENT MODE" .sp In client mode \fBualpn\fR pipes stdin/stdout to/from the unix socket of the running server instance of itself\&. The protocol is ASCII text based, case sensitive, line oriented, with two commands: .PP \fBauth\fR \fIidentifier\fR \fIauthorization\fR .RS 4 The \fBauth\fR command instructs the running \fBualpn\fR server to handle ACMEv2 tls\-alpn\-01 challenges for \fIidentifier\fR, which can be a string representing either a domain (type dns according to RFC8555 section 9\&.7\&.8) or an IP address (type ip according to RFC8738 section 6)\&. \fIauthorization\fR must contain the base64url encoding of the SHA\-256 digest of the key authorization computed according to RFC8737 section 3 (note the \fBuacme\fR software executes hook scripts with the correct \fIauthorization\fR passed as the 5th argument)\&. Upon successful invocation of the \fBauth\fR command \fBualpn\fR generates a self signed certificate as required by the tls\-alpn\-01 challenge, and then uses it to perform tls\-alpn\-01 handshakes for the given \fIidentifier\fR\&. .RE .PP \fBunauth\fR \fIidentifier\fR .RS 4 The \fBunauth\fR command instructs the running \fBualpn\fR server to no longer handle ACMEv2 tls\-alpn\-01 challenges for \fIidentifier\fR\&. .RE .sp \fBualpn\fR responds to both commands with a line beginning with either "OK" or "ERR", followed by a space and additional error information\&. .SH "EXAMPLES" .PP ualpn \-vv \-d \-u nobody:nogroup \-c 127\&.0\&.0\&.1@4443 \-S 666 .RS 4 start \fBualpn\fR as a daemon, binding to the default port 443 on the wildcard interface\&. Proxy connections to port 4443 on 127\&.0\&.0\&.1 After opening the sockets, drop the user privileges and run as nobody:nogroup\&. Allow anyone on the local host to access the unix socket\&. Also increase the verbosity to include notice and information messages\&. .RE .PP echo "auth www\&.example\&.com DEi0apzMOdMT2DAro57oIvn\-wEzPiYcAYDh2Cvjra3I" | ualpn .RS 4 Instruct the running \fBualpn\fR server to handle ACMEv2 tls\-alpn\-01 challenges for www\&.example\&.com with the given key authorization\&. .RE .PP echo "unauth www\&.example\&.com" | ualpn .RS 4 Instruct the running \fBualpn\fR server to no longer handle ACMEv2 tls\-alpn\-01 challenges for www\&.example\&.com .RE .SH "EXIT STATUS" .PP \fB0\fR .RS 4 Success .RE .PP \fB1\fR .RS 4 Failure (syntax or usage error; configuration error; processing failure; unexpected error)\&. .RE .SH "EXAMPLE UACME HOOK SCRIPT" .sp The \fIualpn\&.sh\fR hook script included in the distribution can be used to automate the certificate issuance with \fBuacme\fR, provided \fBualpn\fR is listening on port 443 of the webserver for the domain being validated .sp .if n \{\ .RS 4 .\} .nf #!/bin/sh ARGS=5 E_BADARGS=85 .fi .if n \{\ .RE .\} .sp .if n \{\ .RS 4 .\} .nf if test $# \-ne "$ARGS" then echo "Usage: $(basename "$0") method type ident token auth" 1>&2 exit $E_BADARGS fi .fi .if n \{\ .RE .\} .sp .if n \{\ .RS 4 .\} .nf METHOD=$1 TYPE=$2 IDENT=$3 TOKEN=$4 AUTH=$5 .fi .if n \{\ .RE .\} .sp .if n \{\ .RS 4 .\} .nf if [ "$TYPE" != "tls\-alpn\-01" ]; then exit 1 fi .fi .if n \{\ .RE .\} .sp .if n \{\ .RS 4 .\} .nf case "$METHOD" in "begin") UALPN_OUT=$(echo "auth $IDENT $AUTH" | ualpn) if [ "x$UALPN_OUT" = "xOK" ]; then exit 0 else exit 1 fi ;; "done"|"failed") UALPN_OUT=$(echo "unauth $IDENT" | ualpn) if [ "x$UALPN_OUT" = "xOK" ]; then exit 0 else exit 1 fi ;; *) echo "$0: invalid method" 1>&2 exit 1 esac .fi .if n \{\ .RE .\} .SH "BUGS" .sp If you believe you have found a bug, please create a new issue at https://github\&.com/ndilieto/uacme/issues with any applicable information\&. .SH "SEE ALSO" .sp \fBuacme\fR(1) .SH "AUTHOR" .sp \fBualpn\fR was written by Nicola Di Lieto .SH "COPYRIGHT" .sp Copyright \(co 2019\-2024 Nicola Di Lieto .sp This file is part of \fBuacme\fR\&. .sp \fBuacme\fR is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version\&. .sp \fBuacme\fR is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE\&. See the GNU General Public License for more details\&. .sp You should have received a copy of the GNU General Public License along with this program\&. If not, see http://www\&.gnu\&.org/licenses/\&. uacme-1.7.6/ualpn.sh0000755000000000000000000000266514555533301011201 00000000000000#!/bin/sh # Copyright (C) 2019-2024 Nicola Di Lieto # # This file is part of uacme. # # uacme is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # uacme is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . ARGS=5 E_BADARGS=85 if test $# -ne "$ARGS" then echo "Usage: $(basename "$0") method type ident token auth" 1>&2 exit $E_BADARGS fi METHOD=$1 TYPE=$2 IDENT=$3 TOKEN=$4 AUTH=$5 if [ "$TYPE" != "tls-alpn-01" ]; then echo "skipping $TYPE" 1>&2 exit 1 fi case "$METHOD" in "begin") UALPN_OUT=$(echo "auth $IDENT $AUTH" | ualpn) if [ "x$UALPN_OUT" = "xOK" ]; then exit 0 else exit 1 fi ;; "done"|"failed") UALPN_OUT=$(echo "unauth $IDENT" | ualpn) if [ "x$UALPN_OUT" = "xOK" ]; then exit 0 else exit 1 fi ;; *) echo "$0: invalid method" 1>&2 exit 1 esac uacme-1.7.6/curlwrap.h0000644000000000000000000000231514733757565011545 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #ifndef __CURLWRAP_H__ #define __CURLWRAP_H__ #include typedef struct { char *body; size_t body_len; char *headers; size_t headers_len; int code; } curldata_t; curldata_t *curldata_calloc(void); void curldata_free(curldata_t *c); curldata_t *curl_get(const char *url); curldata_t *curl_post(const char *url, void *post_data, size_t post_size, const char *header, ...); char *find_header(const char *headers, const char *name); #endif uacme-1.7.6/crypto.c0000644000000000000000000043201314733776701011214 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "base64.h" #include "crypto.h" #include "curlwrap.h" #include "json.h" #include "msg.h" #if !defined(USE_OPENSSL) #include "read-file.h" #endif #if defined(USE_GNUTLS) #include #include #if HAVE_GNUTLS_X509_CRQ_SET_TLSFEATURES #include #endif #if !HAVE_GNUTLS_DECODE_RS_VALUE #include #endif #elif defined(USE_OPENSSL) #include #include #include #include #if OPENSSL_VERSION_NUMBER >= 0x30000000L #include #endif #include #include #include #include #include #include #include #include #include #include #include #elif defined(USE_MBEDTLS) #include #include #include #include #include #include #include #include #include #include #include #include #include #include #endif #if defined(USE_GNUTLS) #if GNUTLS_VERSION_NUMBER < 0x03031e #error GnuTLS version 3.3.30 or later is required #endif bool crypto_init(void) { #if HAVE_GNUTLS_DECODE_RS_VALUE if (!gnutls_check_version("3.6.0")) { warnx("crypto_init: GnuTLS version 3.6.0 or later is required"); #elif HAVE_GNUTLS_X509_CRQ_SET_TLSFEATURES if (!gnutls_check_version("3.5.1")) { warnx("crypto_init: GnuTLS version 3.5.1 or later is required"); #else if (!gnutls_check_version("3.3.30")) { warnx("crypto_init: GnuTLS version 3.3.30 or later is required"); #endif return false; } gnutls_global_init(); return true; } void crypto_deinit(void) { gnutls_global_deinit(); } #elif defined(USE_OPENSSL) #if OPENSSL_VERSION_NUMBER < 0x1010100fL #error OpenSSL version 1.1.1 or later is required #endif #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3040200fL #error LibreSSL version 3.4.2 or later is required #endif bool crypto_init(void) { if (OpenSSL_version_num() < 0x1010100fL) { warnx("crypto_init: openssl version 1.1.1 or later is required"); return false; } return true; } void crypto_deinit(void) { } static void openssl_error(const char *prefix) { unsigned long e; while ((e = ERR_get_error()) != 0) { warnx("%s: openssl %s", prefix, ERR_error_string(e, NULL)); return; } } static bool openssl_hash_fast(const EVP_MD *type, const void *input, size_t len, unsigned char *output) { bool success = false; EVP_MD_CTX *emc = EVP_MD_CTX_create(); if (!emc) { openssl_error("openssl_hash_fast"); goto out; } if (!EVP_DigestInit_ex(emc, type, NULL)) { openssl_error("openssl_hash_fast"); goto out; } if (!EVP_DigestUpdate(emc, input, len)) { openssl_error("openssl_hash_fast"); goto out; } if (!EVP_DigestFinal_ex(emc, output, NULL)) { openssl_error("openssl_hash_fast"); goto out; } success = true; out: if (emc) EVP_MD_CTX_destroy(emc); return success; } static bool openssl_hmac_fast(const EVP_MD *type, const void *key, size_t keylen, const void *input, size_t len, unsigned char *output) { if (HMAC(type, key, keylen, input, len, output, NULL) == NULL) { openssl_error("openssl_hmac_fast"); return false; } return true; } #elif defined(USE_MBEDTLS) #if MBEDTLS_VERSION_NUMBER < 0x02100000 #error mbedTLS 2.x version 2.16 or later is required #endif #if MBEDTLS_VERSION_NUMBER >= 0x03000000 && MBEDTLS_VERSION_NUMBER < 0x03020000 #error mbedTLS 3.x version 3.2 or later is required #endif static mbedtls_entropy_context entropy; static mbedtls_ctr_drbg_context ctr_drbg; static const char *_mbedtls_strerror(int code) { static char buf[0x100]; mbedtls_strerror(code, buf, sizeof(buf)); return buf; } bool crypto_init(void) { #if defined(MBEDTLS_VERSION_C) unsigned int version = mbedtls_version_get_number(); if (version < 0x02100000) { warnx("crypto_init: mbedTLS 2.x version 2.16 or later is required"); return false; } if (version >= 0x03000000 && version < 0x03020000) { warnx("crypto_init: mbedTLS 3.x version 3.2 or later is required"); return false; } #endif mbedtls_entropy_init(&entropy); mbedtls_ctr_drbg_init(&ctr_drbg); int r = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0); if (r) { warnx("crypto_init: mbedtls_ctr_dbg_seed failed: %s", _mbedtls_strerror(r)); return false; } return true; } void crypto_deinit(void) { mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); } static int mbedtls_hash_fast(mbedtls_md_type_t md_type, const void *input, size_t len, unsigned char *output) { const mbedtls_md_info_t *mdi = mbedtls_md_info_from_type(md_type); if (!mdi) { warnx("mbedtls_hash_fast: md_info not found"); return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; } return mbedtls_md(mdi, input, len, output); } static int mbedtls_hmac_fast(mbedtls_md_type_t md_type, const void *key, size_t keylen, const void *input, size_t len, unsigned char *output) { const mbedtls_md_info_t *mdi = mbedtls_md_info_from_type(md_type); if (!mdi) { warnx("mbedtls_hmac_fast: md_info not found"); return MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE; } return mbedtls_md_hmac(mdi, key, keylen, input, len, output); } #endif #if !HAVE_STRCASESTR char *strcasestr(const char *haystack, const char *needle) { char *ret = NULL; char *_haystack = strdup(haystack); char *_needle = strdup(needle); if (!_haystack || !_needle) warn("strcasestr: strdup failed"); else { char *p; for (p = _haystack; *p; p++) *p = tolower(*p); for (p = _needle; *p; p++) *p = tolower(*p); ret = strstr(_haystack, _needle); if (ret) ret = (char *)haystack + (ret - _haystack); } free(_haystack); free(_needle); return ret; } #endif char *sha2_base64url(size_t bits, const char *format, ...) { char *input = NULL; size_t encoded_hash_len; char *encoded_hash = NULL; const unsigned int hash_len = (bits+7)/8; unsigned char *hash = NULL; va_list ap; va_start(ap, format); if (vasprintf(&input, format, ap) < 0) { warnx("sha2_base64url: vasprintf failed"); input = NULL; goto out; } hash = calloc(1, hash_len); if (!hash) { warn("sha2_base64url: calloc failed"); goto out; } #if defined(USE_GNUTLS) gnutls_digest_algorithm_t type; #elif defined(USE_OPENSSL) const EVP_MD *type; #elif defined(USE_MBEDTLS) mbedtls_md_type_t type; #endif switch (bits) { case 256: #if defined(USE_GNUTLS) type = GNUTLS_DIG_SHA256; #elif defined(USE_OPENSSL) type = EVP_sha256(); #elif defined(USE_MBEDTLS) type = MBEDTLS_MD_SHA256; #endif break; case 384: #if defined(USE_GNUTLS) type = GNUTLS_DIG_SHA384; #elif defined(USE_OPENSSL) type = EVP_sha384(); #elif defined(USE_MBEDTLS) type = MBEDTLS_MD_SHA384; #endif break; default: warnx("sha2_base64url: invalid hash bit length"); goto out; } #if defined(USE_GNUTLS) int r = gnutls_hash_fast(type, input, strlen(input), hash); if (r != GNUTLS_E_SUCCESS) { warnx("sha2_base64url: gnutls_hash_fast failed: %s", gnutls_strerror(r)); goto out; } #elif defined(USE_OPENSSL) if (!openssl_hash_fast(type, input, strlen(input), hash)) { warnx("sha2_base64url: openssl_hash_fast failed"); goto out; } #elif defined(USE_MBEDTLS) int r = mbedtls_hash_fast(type, input, strlen(input), hash); if (r != 0) { warnx("sha2_base64url: mbedtls_hash_fast failed: %s", _mbedtls_strerror(r)); goto out; } #endif encoded_hash_len = base64_ENCODED_LEN(hash_len, base64_VARIANT_URLSAFE_NO_PADDING); encoded_hash = calloc(1, encoded_hash_len); if (!encoded_hash) { warn("sha2_base64url: calloc failed"); goto out; } if (!bin2base64(encoded_hash, encoded_hash_len, hash, hash_len, base64_VARIANT_URLSAFE_NO_PADDING)) { warnx("sha2_base64url: bin2base64 failed"); free(encoded_hash); encoded_hash = NULL; goto out; } out: va_end(ap); free(input); free(hash); return encoded_hash; } char *hmac_base64url(size_t bits, const char *key, const char *format, ...) { char *input = NULL; size_t encoded_hash_len; char *encoded_hash = NULL; const unsigned int hash_len = (bits+7)/8; unsigned char *hash = NULL; size_t keylen = strlen(key); void *keybin = NULL; va_list ap; va_start(ap, format); if (vasprintf(&input, format, ap) < 0) { warnx("hmac_base64url: vasprintf failed"); input = NULL; goto out; } hash = calloc(1, hash_len); if (!hash) { warn("hmac_base64url: calloc failed"); goto out; } keybin = calloc(1, keylen); if (!keybin) { warn("hmac_base64url: calloc failed"); goto out; } if (base642bin(keybin, keylen, key, keylen, NULL, &keylen, NULL, base64_VARIANT_URLSAFE_NO_PADDING)) { warnx("hmac_base64url: failed to decode key"); goto out; } #if defined(USE_GNUTLS) gnutls_mac_algorithm_t type; #elif defined(USE_OPENSSL) const EVP_MD *type; #elif defined(USE_MBEDTLS) mbedtls_md_type_t type; #endif switch (bits) { case 256: #if defined(USE_GNUTLS) type = GNUTLS_MAC_SHA256; #elif defined(USE_OPENSSL) type = EVP_sha256(); #elif defined(USE_MBEDTLS) type = MBEDTLS_MD_SHA256; #endif break; case 384: #if defined(USE_GNUTLS) type = GNUTLS_MAC_SHA384; #elif defined(USE_OPENSSL) type = EVP_sha384(); #elif defined(USE_MBEDTLS) type = MBEDTLS_MD_SHA384; #endif break; case 512: #if defined(USE_GNUTLS) type = GNUTLS_MAC_SHA512; #elif defined(USE_OPENSSL) type = EVP_sha512(); #elif defined(USE_MBEDTLS) type = MBEDTLS_MD_SHA512; #endif break; default: warnx("hmac_base64url: invalid hmac bit length"); goto out; } #if defined(USE_GNUTLS) int r = gnutls_hmac_fast(type, keybin, keylen, input, strlen(input), hash); if (r != GNUTLS_E_SUCCESS) { warnx("hmac_base64url: gnutls_hmac_fast failed: %s", gnutls_strerror(r)); goto out; } #elif defined(USE_OPENSSL) if (!openssl_hmac_fast(type, keybin, keylen, input, strlen(input), hash)) { warnx("hmac_base64url: openssl_hmac_fast failed"); goto out; } #elif defined(USE_MBEDTLS) int r = mbedtls_hmac_fast(type, keybin, keylen, input, strlen(input), hash); if (r != 0) { warnx("hmac_base64url: mbedtls_hmac_fast failed: %s", _mbedtls_strerror(r)); goto out; } #endif encoded_hash_len = base64_ENCODED_LEN(hash_len, base64_VARIANT_URLSAFE_NO_PADDING); encoded_hash = calloc(1, encoded_hash_len); if (!encoded_hash) { warn("hmac_base64url: calloc failed"); goto out; } if (!bin2base64(encoded_hash, encoded_hash_len, hash, hash_len, base64_VARIANT_URLSAFE_NO_PADDING)) { warnx("hmac_base64url: bin2base64 failed"); free(encoded_hash); encoded_hash = NULL; goto out; } out: va_end(ap); free(input); free(hash); free(keybin); return encoded_hash; } static char *bn2str(const unsigned char *data, size_t data_len, size_t pad_len) { char *ret = NULL; unsigned char *buf = NULL; while (data_len && !*data) { data++; data_len--; } if (pad_len == 0) pad_len = data_len; else if (pad_len < data_len) { warnx("bn2str: insufficient pad_len"); goto out; } buf = calloc(1, pad_len); if (!buf) { warn("bn2str: calloc failed"); goto out; } memcpy(buf + pad_len - data_len, data, data_len); size_t encoded_len = base64_ENCODED_LEN(pad_len, base64_VARIANT_URLSAFE_NO_PADDING); ret = calloc(1, encoded_len); if (!ret) { warn("bn2str: calloc failed"); goto out; } if (!bin2base64(ret, encoded_len, buf, pad_len, base64_VARIANT_URLSAFE_NO_PADDING)) { free(ret); ret = NULL; } out: free(buf); return ret; } static bool rsa_params(privkey_t key, char **m, char **e) { int r; char *_m = NULL; char *_e = NULL; #if defined(USE_GNUTLS) gnutls_datum_t mod = {NULL, 0}; gnutls_datum_t exp = {NULL, 0}; if (gnutls_privkey_get_pk_algorithm(key, NULL) != GNUTLS_PK_RSA) { warnx("rsa_params: not a RSA key"); goto out; } r = gnutls_privkey_export_rsa_raw(key, &mod, &exp, NULL, NULL, NULL, NULL, NULL, NULL); if (r < 0) { warnx("rsa_params: gnutls_privkey_export_rsa_raw: %s", gnutls_strerror(r)); goto out; } _m = bn2str(mod.data, mod.size, 0); if (!_m) { warnx("rsa_params: bn2str failed"); goto out; } _e = bn2str(exp.data, exp.size, 0); if (!_e) { warnx("rsa_params: bn2str failed"); goto out; } #elif defined(USE_OPENSSL) unsigned char *data = NULL; #if OPENSSL_VERSION_NUMBER >= 0x30000000L BIGNUM *bm = NULL; BIGNUM *be = NULL; if (!EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_RSA_N, &bm)) { openssl_error("rsa_params"); goto out; } if (!EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_RSA_E, &be)) { openssl_error("rsa_params"); goto out; } #else const BIGNUM *bm = NULL; const BIGNUM *be = NULL; RSA *rsa = EVP_PKEY_get0_RSA(key); if (!rsa) { openssl_error("rsa_params"); goto out; } RSA_get0_key(rsa, &bm, &be, NULL); #endif r = BN_num_bytes(bm); data = calloc(1, r); if (!data) { warn("rsa_params: calloc failed"); goto out; } if (BN_bn2bin(bm, data) != r) { openssl_error("rsa_params"); goto out; } _m = bn2str(data, r, 0); if (!_m) { warnx("rsa_params: bn2str failed"); goto out; } free(data); r = BN_num_bytes(be); data = calloc(1, r); if (!data) { warn("rsa_params: calloc failed"); goto out; } if (BN_bn2bin(be, data) != r) { openssl_error("rsa_params"); goto out; } _e = bn2str(data, r, 0); if (!_e) { warnx("rsa_params: bn2str failed"); goto out; } #elif defined(USE_MBEDTLS) unsigned char *data = NULL; size_t len; mbedtls_mpi mn, me; mbedtls_mpi_init(&mn); mbedtls_mpi_init(&me); if (!mbedtls_pk_can_do(key, MBEDTLS_PK_RSA)) { warnx("rsa_params: not a RSA key"); goto out; } const mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*key); r = mbedtls_rsa_export(rsa, &mn, NULL, NULL, NULL, &me); if (r) { warnx("rsa_params: mbedtls_rsa_export failed: %s", _mbedtls_strerror(r)); goto out; } len = mbedtls_mpi_size(&mn); data = calloc(1, len); if (!data) { warnx("rsa_params: calloc failed"); goto out; } r = mbedtls_mpi_write_binary(&mn, data, len); if (r) { warnx("rsa_params: mbedtls_mpi_write_binary failed: %s", _mbedtls_strerror(r)); goto out; } _m = bn2str(data, len, 0); if (!_m) { warnx("rsa_params: bn2str failed"); goto out; } free(data); len = mbedtls_mpi_size(&me); data = calloc(1, len); if (!data) { warnx("rsa_params: calloc failed"); goto out; } r = mbedtls_mpi_write_binary(&me, data, len); if (r) { warnx("rsa_params: mbedtls_mpi_write_binary failed: %s", _mbedtls_strerror(r)); goto out; } _e = bn2str(data, len, 0); if (!_e) { warnx("rsa_params: bn2str failed"); goto out; } #endif out: #if defined(USE_GNUTLS) free(mod.data); free(exp.data); #elif defined(USE_OPENSSL) free(data); #if OPENSSL_VERSION_NUMBER >= 0x30000000L if (bm) BN_free(bm); if (be) BN_free(be); #endif #elif defined(USE_MBEDTLS) free(data); mbedtls_mpi_free(&mn); mbedtls_mpi_free(&me); #endif if (_e && _m) { if (e) *e = _e; else free(_e); if (m) *m = _m; else free(_m); return true; } else { free(_e); free(_m); return false; } } static size_t ec_params(privkey_t key, char **x, char **y) { int r; size_t bits = 0; char *_x = NULL; char *_y = NULL; #if defined(USE_GNUTLS) gnutls_ecc_curve_t curve; gnutls_datum_t dx = {NULL, 0}; gnutls_datum_t dy = {NULL, 0}; if (gnutls_privkey_get_pk_algorithm(key, NULL) != GNUTLS_PK_EC) { warnx("ec_params: not a EC key"); goto out; } r = gnutls_privkey_export_ecc_raw(key, &curve, &dx, &dy, NULL); if (r < 0) { warnx("ec_params: gnutls_privkey_export_ecc_raw: %s", gnutls_strerror(r)); goto out; } switch (curve) { case GNUTLS_ECC_CURVE_SECP256R1: bits = 256; break; case GNUTLS_ECC_CURVE_SECP384R1: bits = 384; break; default: warnx("ec_params: only \"prime256v1\" and \"secp384r1\" " "Elliptic Curves supported"); goto out; } _x = bn2str(dx.data, dx.size, (bits+7)/8); if (!_x) { warnx("ec_params: bn2str failed"); goto out; } _y = bn2str(dy.data, dy.size, (bits+7)/8); if (!_y) { warnx("ec_params: bn2str failed"); goto out; } #elif defined(USE_OPENSSL) unsigned char *data = NULL; BIGNUM *bx = BN_new(); BIGNUM *by = BN_new(); if (!bx || !by) { openssl_error("ec_params"); goto out; } #if OPENSSL_VERSION_NUMBER >= 0x30000000L char group[0x20]; if (!EVP_PKEY_get_utf8_string_param(key, OSSL_PKEY_PARAM_GROUP_NAME, group, sizeof(group), NULL)) { openssl_error("ec_params"); goto out; } if (strcasecmp(group, "prime256v1") == 0) bits = 256; else if (strcasecmp(group, "secp384r1") == 0) bits = 384; else { warnx("ec_params: only \"prime256v1\" and \"secp384r1\" " "Elliptic Curves supported"); goto out; } if (!EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_EC_PUB_X, &bx)) { openssl_error("ec_params"); goto out; } if (!EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_EC_PUB_Y, &by)) { openssl_error("ec_params"); goto out; } #else EC_KEY *ec = EVP_PKEY_get0_EC_KEY(key); if (!ec) { openssl_error("ec_params"); goto out; } const EC_GROUP *g = EC_KEY_get0_group(ec); if (!g) { openssl_error("ec_params"); } switch (EC_GROUP_get_curve_name(g)) { case NID_X9_62_prime256v1: bits = 256; break; case NID_secp384r1: bits = 384; break; default: warnx("ec_params: only \"prime256v1\" and \"secp384r1\" " "Elliptic Curves supported"); goto out; } const EC_POINT *pubkey = EC_KEY_get0_public_key(ec); if (!pubkey) { openssl_error("ec_params"); goto out; } if (!EC_POINT_get_affine_coordinates(g, pubkey, bx, by, NULL)) { openssl_error("ec_params"); goto out; } #endif r = BN_num_bytes(bx); data = calloc(1, r); if (!data) { warn("ec_params: calloc failed"); goto out; } if (BN_bn2bin(bx, data) != r) { openssl_error("ec_params"); goto out; } _x = bn2str(data, r, (bits+7)/8); if (!_x) { warnx("ec_params: bn2str failed"); goto out; } free(data); r = BN_num_bytes(by); data = calloc(1, r); if (!data) { warn("ec_params: calloc failed"); goto out; } if (BN_bn2bin(by, data) != r) { openssl_error("ec_params"); goto out; } _y = bn2str(data, r, (bits+7)/8); if (!_y) { warnx("ec_params: bn2str failed"); goto out; } #elif defined(USE_MBEDTLS) unsigned char *data = NULL; size_t len, olen, plen; mbedtls_ecp_group grp; mbedtls_ecp_point Q; mbedtls_ecp_group_init(&grp); mbedtls_ecp_point_init(&Q); if (!mbedtls_pk_can_do(key, MBEDTLS_PK_ECKEY)) { warnx("ec_params: not a EC key"); goto out; } const mbedtls_ecp_keypair *ec = mbedtls_pk_ec(*key); #if MBEDTLS_VERSION_NUMBER >= 0x03000000 mbedtls_mpi d; mbedtls_mpi_init(&d); r = mbedtls_ecp_export(ec, &grp, &d, &Q); mbedtls_mpi_free(&d); if (r) { warnx("ec_params: mbedtls_ecp_export failed: %s", _mbedtls_strerror(r)); goto out; } #else r = mbedtls_ecp_group_copy(&grp, &ec->grp); if (r) { warnx("ec_params: mbedtls_ecp_group_copy failed: %s", _mbedtls_strerror(r)); goto out; } r = mbedtls_ecp_copy(&Q, &ec->Q); if (r) { warnx("ec_params: mbedtls_ecp_copy failed: %s", _mbedtls_strerror(r)); goto out; } #endif switch (grp.id) { case MBEDTLS_ECP_DP_SECP256R1: bits = 256; break; case MBEDTLS_ECP_DP_SECP384R1: bits = 384; break; default: warnx("ec_params: only \"prime256v1\" and \"secp384r1\" " "Elliptic Curves supported"); goto out; } plen = mbedtls_mpi_size(&grp.P); len = 1 + 2 * plen; data = calloc(1, len); if (!data) { warnx("ec_params: calloc failed"); goto out; } r = mbedtls_ecp_point_write_binary(&grp, &Q, MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, data, len); if (r) { warnx("ec_params: mbedtls_ecp_point_write_binary failed: %s", _mbedtls_strerror(r)); goto out; } if (olen != len) { warnx("ec_params: wrong length (actual %zu, expected %zu)", olen, len); goto out; } if (data[0] != 0x04) { warnx("ec_params: key data corruption"); goto out; } _x = bn2str(data + 1, plen, (bits+7)/8); if (!_x) { warnx("ec_params: bn2str failed"); goto out; } _y = bn2str(data + 1 + plen, plen, (bits+7)/8); if (!_y) { warnx("ec_params: bn2str failed"); goto out; } #endif out: #if defined(USE_GNUTLS) free(dx.data); free(dy.data); #elif defined(USE_OPENSSL) if (bx) BN_free(bx); if (by) BN_free(by); free(data); #elif defined(USE_MBEDTLS) free(data); mbedtls_ecp_group_free(&grp); mbedtls_ecp_point_free(&Q); #endif if (_x && _y) { if (x) *x = _x; else free(_x); if (y) *y = _y; else free(_y); return bits; } else { free(_x); free(_y); return 0; } } keytype_t key_type(privkey_t key) { #if defined(USE_GNUTLS) switch (gnutls_privkey_get_pk_algorithm(key, NULL)) { case GNUTLS_PK_RSA: return PK_RSA; case GNUTLS_PK_EC: return PK_EC; #elif defined(USE_OPENSSL) switch (EVP_PKEY_base_id(key)) { case EVP_PKEY_RSA: return PK_RSA; case EVP_PKEY_EC: return PK_EC; #elif defined(USE_MBEDTLS) switch (mbedtls_pk_get_type(key)) { case MBEDTLS_PK_RSA: return PK_RSA; case MBEDTLS_PK_ECKEY: return PK_EC; #endif default: return PK_NONE; } } char *jws_jwk(privkey_t key, const char **crv, const char **alg) { char *ret = NULL; char *p1 = NULL; char *p2 = NULL; const char *_crv = NULL; switch (key_type(key)) { case PK_RSA: if (!rsa_params(key, &p1, &p2)) { warnx("jws_jwk: rsa_params failed"); goto out; } if (asprintf(&ret, "{\"kty\":\"RSA\",\"n\":\"%s\",\"e\":\"%s\"}", p1, p2) < 0) { warnx("jws_jwk: asprintf failed"); ret = NULL; goto out; } if (alg) *alg = "RS256"; break; case PK_EC: switch (ec_params(key, &p1, &p2)) { case 0: warnx("jws_jwk: ec_params failed"); goto out; case 256: _crv = "P-256"; if (crv) *crv = _crv; if (alg) *alg = "ES256"; break; case 384: _crv = "P-384"; if (crv) *crv = _crv; if (alg) *alg = "ES384"; break; default: warnx("jws_jwk: unsupported EC curve"); goto out; } if (asprintf(&ret, "{\"kty\":\"EC\",\"crv\":\"%s\"," "\"x\":\"%s\",\"y\":\"%s\"}", _crv, p1, p2) < 0) { warnx("jws_jwk: asprintf failed"); ret = NULL; goto out; } break; default: warnx("jws_jwk: only RSA/EC keys are supported"); goto out; } out: free(p1); free(p2); return ret; } char *jws_protected_jwk(const char *nonce, const char *url, privkey_t key) { char *ret = NULL; const char *crv = NULL; const char *alg = NULL; char *jwk = jws_jwk(key, &crv, &alg); if (!jwk) { warnx("jws_protected_jwk: jws_jwk failed"); goto out; } if (nonce) { if (asprintf(&ret, "{\"alg\":\"%s\",\"nonce\":\"%s\"," "\"url\":\"%s\",\"jwk\":%s}", alg, nonce, url, jwk) < 0) { warnx("jws_protected_jwk: asprintf failed"); ret = NULL; } } else { if (asprintf(&ret, "{\"alg\":\"%s\",\"url\":\"%s\",\"jwk\":%s}", alg, url, jwk) < 0) { warnx("jws_protected_jwk: asprintf failed"); ret = NULL; } } out: free(jwk); return ret; } char *jws_protected_kid(const char *nonce, const char *url, const char *kid, privkey_t key) { char *ret = NULL; const char *alg = NULL; switch (key_type(key)) { case PK_RSA: alg = "RS256"; break; case PK_EC: switch (ec_params(key, NULL, NULL)) { case 0: warnx("jws_protected_kid: ec_params failed"); goto out; case 256: alg = "ES256"; break; case 384: alg = "ES384"; break; default: warnx("jws_protected_kid: unsupported EC curve"); goto out; } break; default: warnx("jws_protected_kid: only RSA/EC keys are supported"); goto out; } if (asprintf(&ret, "{\"alg\":\"%s\",\"nonce\":\"%s\"," "\"url\":\"%s\",\"kid\":\"%s\"}", alg, nonce, url, kid) < 0) { warnx("jws_protected_kid: asprintf failed"); ret = NULL; } out: return ret; } char *jws_protected_eab(size_t bits, const char *keyid, const char *url) { char *ret = NULL; if (asprintf(&ret, "{\"alg\":\"HS%zu\",\"kid\":\"%s\",\"url\":\"%s\"}", bits, keyid, url) < 0) { warnx("jws_protected_eab: asprintf failed"); ret = NULL; } return ret; } char *jws_thumbprint(privkey_t key) { char *ret = NULL; char *p1 = NULL; char *p2 = NULL; const char *crv = NULL; switch (key_type(key)) { case PK_RSA: if (!rsa_params(key, &p1, &p2)) { warnx("jws_thumbprint: rsa_params failed"); goto out; } ret = sha2_base64url(256, "{\"e\":\"%s\",\"kty\":\"RSA\"," "\"n\":\"%s\"}", p2, p1); if (!ret) warnx("jws_thumbprint: sha2_base64url failed"); break; case PK_EC: switch (ec_params(key, &p1, &p2)) { case 0: warnx("jws_thumbprint: ec_params failed"); goto out; case 256: crv = "P-256"; break; case 384: crv = "P-384"; break; default: warnx("jws_thumbprint: unsupported EC curve"); goto out; } ret = sha2_base64url(256, "{\"crv\":\"%s\",\"kty\":\"EC\"," "\"x\":\"%s\",\"y\":\"%s\"}", crv, p1, p2); if (!ret) warnx("jws_thumbprint: sha2_base64url failed"); break; default: warnx("jws_thumbprint: only RSA/EC keys are supported"); goto out; } out: free(p1); free(p2); return ret; } #if defined(USE_GNUTLS) static unsigned char *gnutls_datum_data(gnutls_datum_t *d, bool free) { unsigned char *ret = malloc(d->size); if (!ret) { warn("gnutls_datum2mem: malloc failed"); goto out; } memcpy(ret, d->data, d->size); if (free) { gnutls_free(d->data); d->data = NULL; } out: return ret; } #endif bool ec_decode(size_t hash_size, unsigned char **sig, size_t *sig_size) { int r; #if defined(USE_GNUTLS) #if HAVE_GNUTLS_DECODE_RS_VALUE gnutls_datum_t dr = {NULL, 0}; gnutls_datum_t ds = {NULL, 0}; gnutls_datum_t dsig = {*sig, *sig_size}; r = gnutls_decode_rs_value(&dsig, &dr, &ds); if (r < 0) { warnx("ec_decode: gnutls_decode_rs_value: %s", gnutls_strerror(r)); return false; } unsigned char *tmp = calloc(1, 2*hash_size); if (!tmp) { warn("ec_decode: calloc failed"); gnutls_free(dr.data); gnutls_free(ds.data); return false; } if (dr.size >= hash_size) memcpy(tmp, dr.data + dr.size - hash_size, hash_size); else memcpy(tmp + hash_size - dr.size, dr.data, dr.size); if (ds.size >= hash_size) memcpy(tmp + hash_size, ds.data + ds.size - hash_size, hash_size); else memcpy(tmp + 2*hash_size - ds.size, ds.data, ds.size); gnutls_free(dr.data); gnutls_free(ds.data); #else int len; const unsigned char *p = *sig; int ps = *sig_size; unsigned long tag; unsigned char cls; r = asn1_get_tag_der(p, ps, &cls, &len, &tag); if (r != ASN1_SUCCESS) { warnx("ec_decode: asn1_get_tag_der: %s", asn1_strerror(r)); return false; } if (cls != ASN1_CLASS_STRUCTURED || tag != ASN1_TAG_SEQUENCE) { warnx("ec_decode: unexpected ASN1 tag"); return false; } p += len; ps -= len; r = asn1_get_length_der(p, ps, &len); if (r < 0) { warnx("ec_decode: asn1_get_length_der: %d", r); return false; } p += len; ps -= len; if (p + r != *sig + *sig_size) { warnx("ec_decode: signature lenght mismatch"); return false; } unsigned char *tmp = calloc(1, 2*hash_size); if (!tmp) { warn("ec_decode: calloc failed"); return false; } r = asn1_get_tag_der(p, ps, &cls, &len, &tag); if (r != ASN1_SUCCESS) { warnx("ec_decode: asn1_get_tag_der: %s", asn1_strerror(r)); free(tmp); return false; } if (cls != ASN1_CLASS_UNIVERSAL || tag != ASN1_TAG_INTEGER) { warnx("ec_decode: unexpected ASN1 tag"); free(tmp); return false; } p += len; ps -= len; r = asn1_get_length_der(p, ps, &len); if (r < 0) { warnx("ec_decode: asn1_get_length_der: %d", r); free(tmp); return false; } p += len; ps -= len; if (r >= (int)hash_size) memcpy(tmp, p + r - hash_size, hash_size); else memcpy(tmp + hash_size - r, p, r); p += r; ps -= r; r = asn1_get_tag_der(p, ps, &cls, &len, &tag); if (r != ASN1_SUCCESS) { warnx("ec_decode: asn1_get_tag_der: %s", asn1_strerror(r)); free(tmp); return false; } if (cls != ASN1_CLASS_UNIVERSAL || tag != ASN1_TAG_INTEGER) { warnx("ec_decode: unexpected ASN1 tag"); free(tmp); return false; } p += len; ps -= len; r = asn1_get_length_der(p, ps, &len); if (r < 0) { warnx("ec_decode: asn1_get_length_der: %d", r); free(tmp); return false; } p += len; ps -= len; if (r >= (int)hash_size) memcpy(tmp + hash_size, p + r - hash_size, hash_size); else memcpy(tmp + 2*hash_size - r, p, r); p += r; ps -= r; if (ps != 0) { warnx("ec_decode: signature lenght mismatch"); free(tmp); return false; } #endif #elif defined(USE_OPENSSL) const unsigned char *p = *sig; const BIGNUM *br = NULL; const BIGNUM *bs = NULL; ECDSA_SIG *s = d2i_ECDSA_SIG(NULL, &p, *sig_size); if (!s) { openssl_error("ec_decode"); return false; } ECDSA_SIG_get0(s, &br, &bs); unsigned char *tmp = calloc(1, 2*hash_size); if (!tmp) { warn("ec_decode: calloc failed"); ECDSA_SIG_free(s); return false; } r = BN_num_bytes(br); unsigned char *data = calloc(1, r); if (!data) { warn("ec_decode: calloc failed"); ECDSA_SIG_free(s); free(tmp); return false; } if (BN_bn2bin(br, data) != r) { openssl_error("ec_decode"); ECDSA_SIG_free(s); free(data); free(tmp); return false; } if (r >= (int)hash_size) memcpy(tmp, data + r - hash_size, hash_size); else memcpy(tmp + hash_size - r, data, r); free(data); r = BN_num_bytes(bs); data = calloc(1, r); if (!data) { warn("ec_decode: calloc failed"); ECDSA_SIG_free(s); free(tmp); return false; } if (BN_bn2bin(bs, data) != r) { openssl_error("ec_decode"); ECDSA_SIG_free(s); free(data); free(tmp); return false; } if (r >= (int)hash_size) memcpy(tmp + hash_size, data + r - hash_size, hash_size); else memcpy(tmp + 2*hash_size - r, data, r); ECDSA_SIG_free(s); free(data); #elif defined(USE_MBEDTLS) unsigned char *p = *sig; const unsigned char *end = p + *sig_size; size_t len; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r != 0) { warnx("ec_decode: mbedtls_asn1_get_tag failed: %s", _mbedtls_strerror(r)); return false; } if (p + len != end) { warnx("ec_decode: signature lenght mismatch"); return false; } unsigned char *tmp = calloc(1, 2*hash_size); if (!tmp) { warn("ec_decode: calloc failed"); return false; } r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER); if (r != 0) { warnx("ec_decode: mbedtls_asn1_get_tag failed: %s", _mbedtls_strerror(r)); free(tmp); return false; } if (len >= hash_size) memcpy(tmp, p + len - hash_size, hash_size); else memcpy(tmp + hash_size - len, p, len); p += len; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_INTEGER); if (r != 0) { warnx("ec_decode: mbedtls_asn1_get_tag failed: %s", _mbedtls_strerror(r)); free(tmp); return false; } if (len >= hash_size) memcpy(tmp + hash_size, p + len - hash_size, hash_size); else memcpy(tmp + 2*hash_size - len, p, len); #endif free(*sig); *sig = tmp; *sig_size = 2*hash_size; return true; } char *jws_encode(const char *protected, const char *payload, privkey_t key) { char *jws = NULL; char *encoded_payload = encode_base64url(payload); char *encoded_protected = encode_base64url(protected); char *encoded_combined = NULL; unsigned char *signature = NULL; size_t signature_size = 0; char *encoded_signature = NULL; size_t hash_size = 0; #if defined(USE_GNUTLS) gnutls_digest_algorithm_t hash_type; #elif defined(USE_OPENSSL) EVP_MD_CTX *emc = NULL; const EVP_MD *hash_type; unsigned int len; #elif defined(USE_MBEDTLS) mbedtls_md_type_t hash_type; unsigned char *hash = NULL; #endif if (!encoded_payload || !encoded_protected) { warnx("jws_encode: encode_base64url failed"); goto out; } if (asprintf(&encoded_combined, "%s.%s", encoded_protected, encoded_payload) < 0) { warnx("jws_encode: asprintf failed"); encoded_combined = NULL; goto out; } switch (key_type(key)) { case PK_RSA: hash_size = 32; #if defined(USE_GNUTLS) hash_type = GNUTLS_DIG_SHA256; #elif defined(USE_OPENSSL) hash_type = EVP_sha256(); #elif defined(USE_MBEDTLS) hash_type = MBEDTLS_MD_SHA256; #endif break; case PK_EC: switch (ec_params(key, NULL, NULL)) { case 0: warnx("jws_encode: ec_params failed"); goto out; case 256: hash_size = 32; #if defined(USE_GNUTLS) hash_type = GNUTLS_DIG_SHA256; #elif defined(USE_OPENSSL) hash_type = EVP_sha256(); #elif defined(USE_MBEDTLS) hash_type = MBEDTLS_MD_SHA256; #endif break; case 384: hash_size = 48; #if defined(USE_GNUTLS) hash_type = GNUTLS_DIG_SHA384; #elif defined(USE_OPENSSL) hash_type = EVP_sha384(); #elif defined(USE_MBEDTLS) hash_type = MBEDTLS_MD_SHA384; #endif break; default: warnx("jws_encode: unsupported EC curve"); goto out; } break; default: warnx("jws_encode: only RSA/EC keys are supported"); goto out; } #if defined(USE_GNUTLS) gnutls_datum_t data = { (unsigned char *)encoded_combined, strlen(encoded_combined)}; gnutls_datum_t sign = {NULL, 0}; int r = gnutls_privkey_sign_data(key, hash_type, 0, &data, &sign); if (r != GNUTLS_E_SUCCESS) { warnx("jws_encode: gnutls_privkey_sign_data: %s", gnutls_strerror(r)); goto out; } signature_size = sign.size; signature = gnutls_datum_data(&sign, true); if (!signature) { warnx("jws_encode: gnutls_datum_data failed"); goto out; } #elif defined(USE_OPENSSL) emc = EVP_MD_CTX_create(); if (!emc) { openssl_error("jws_encode"); goto out; } signature = calloc(1, EVP_PKEY_size(key)); if (!signature) { warn("jws_encode: calloc failed"); goto out; } if (!EVP_SignInit_ex(emc, hash_type, NULL)) { openssl_error("jws_encode"); goto out; } if (!EVP_SignUpdate(emc, encoded_combined, strlen(encoded_combined))) { openssl_error("jws_encode"); goto out; } if (!EVP_SignFinal(emc, signature, &len, key)) { openssl_error("jws_encode"); goto out; } signature_size = len; #elif defined(USE_MBEDTLS) hash = calloc(1, hash_size); if (!hash) { warn("jws_encode: calloc failed"); goto out; } int r = mbedtls_hash_fast(hash_type, encoded_combined, strlen(encoded_combined), hash); if (r != 0) { warnx("jws_encode: mbedtls_hash_fast failed: %s", _mbedtls_strerror(r)); goto out; } switch (mbedtls_pk_get_type(key)) { case MBEDTLS_PK_RSA: signature_size = mbedtls_pk_get_len(key); signature = calloc(1, signature_size); break; case MBEDTLS_PK_ECKEY: signature_size = 9+2*mbedtls_pk_get_len(key); signature = calloc(1, signature_size); break; default: warnx("jws_encode: only RSA/EC keys are supported"); goto out; } if (!signature) { warn("jws_encode: calloc failed"); goto out; } r = mbedtls_pk_sign(key, hash_type, hash, hash_size, signature, #if MBEDTLS_VERSION_NUMBER >= 0x03000000 signature_size, #endif &signature_size, mbedtls_ctr_drbg_random, &ctr_drbg); if (r != 0) { warnx("jws_encode: mbedtls_pk_sign failed: %s", _mbedtls_strerror(r)); goto out; } #endif if (key_type(key) == PK_EC && !ec_decode(hash_size, &signature, &signature_size)) { warnx("jws_encode: ec_decode failed"); goto out; } size_t encoded_signature_len = base64_ENCODED_LEN(signature_size, base64_VARIANT_URLSAFE_NO_PADDING); encoded_signature = calloc(1, encoded_signature_len); if (!encoded_signature) { warn("jws_encode: calloc failed"); goto out; } if (!bin2base64(encoded_signature, encoded_signature_len, signature, signature_size, base64_VARIANT_URLSAFE_NO_PADDING)) { warnx("jws_encode: bin2base64 failed"); goto out; } if (asprintf(&jws, "{\"protected\":\"%s\"," "\"payload\":\"%s\"," "\"signature\":\"%s\"}", encoded_protected, encoded_payload, encoded_signature) < 0) { warnx("jws_encode: asprintf failed"); jws = NULL; } out: #if defined(USE_OPENSSL) if (emc) EVP_MD_CTX_destroy(emc); #elif defined(USE_MBEDTLS) free(hash); #endif free(encoded_payload); free(encoded_protected); free(encoded_combined); free(encoded_signature); free(signature); return jws; } char *jws_encode_hmac(const char *protected, const char *payload, size_t bits, const char *key) { char *jws = NULL; char *encoded_payload = encode_base64url(payload); char *encoded_protected = encode_base64url(protected); char *encoded_signature = NULL; if (!encoded_payload || !encoded_protected) { warnx("jws_encode_hmac: encode_base64url failed"); goto out; } encoded_signature = hmac_base64url(bits, key, "%s.%s", encoded_protected, encoded_payload); if (!encoded_signature) { warnx("jws_encode_hmac: hmac_base64url failed"); goto out; } if (asprintf(&jws, "{\"protected\":\"%s\"," "\"payload\":\"%s\"," "\"signature\":\"%s\"}", encoded_protected, encoded_payload, encoded_signature) < 0) { warnx("jws_encode_hmac: asprintf failed"); jws = NULL; } out: free(encoded_payload); free(encoded_protected); free(encoded_signature); return jws; } static bool key_gen(keytype_t type, int bits, const char *keyfile) { bool success = false; int r; #if !defined(USE_OPENSSL) void *pem_data = NULL; size_t pem_size = 0; #endif #if defined(USE_GNUTLS) gnutls_x509_privkey_t key = NULL; r = gnutls_x509_privkey_init(&key); if (r != GNUTLS_E_SUCCESS) { warnx("key_gen: gnutls_x509_privkey_init: %s", gnutls_strerror(r)); goto out; } switch (type) { case PK_RSA: msg(1, "generating new %d-bit RSA key", bits); r = gnutls_x509_privkey_generate(key, GNUTLS_PK_RSA, bits, 0); break; case PK_EC: switch (bits) { case 256: msg(1, "generating new %d-bit EC key", bits); r = gnutls_x509_privkey_generate(key, GNUTLS_PK_EC, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1), 0); break; case 384: msg(1, "generating new %d-bit EC key", bits); r = gnutls_x509_privkey_generate(key, GNUTLS_PK_EC, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1), 0); break; default: warnx("key_gen: EC key size must be either 256 or 384"); goto out; } break; default: warnx("key_gen: only RSA/EC keys are supported"); goto out; } if (r != GNUTLS_E_SUCCESS) { warnx("key_gen: gnutls_x509_privkey_generate: %s", gnutls_strerror(r)); goto out; } gnutls_datum_t data = {NULL, 0}; r = gnutls_x509_privkey_export2(key, GNUTLS_X509_FMT_PEM, &data); if (r != GNUTLS_E_SUCCESS) { warnx("key_gen: gnutls_x509_privkey_export2: %s", gnutls_strerror(r)); goto out; } pem_size = data.size; pem_data = gnutls_datum_data(&data, true); if (!pem_data) { warnx("key_gen: gnutls_datum_data failed"); goto out; } #elif defined(USE_OPENSSL) EVP_PKEY *key = NULL; EVP_PKEY_CTX *epc = NULL; switch (type) { case PK_RSA: epc = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL); break; case PK_EC: epc = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); break; default: warnx("key_gen: only RSA/EC keys are supported"); goto out; } if (!epc) { openssl_error("key_gen"); goto out; } if (!EVP_PKEY_keygen_init(epc)) { openssl_error("key_gen"); goto out; } switch (type) { case PK_RSA: msg(1, "generating new %d-bit RSA key", bits); if (!EVP_PKEY_CTX_set_rsa_keygen_bits(epc, bits)) { openssl_error("key_gen"); goto out; } break; case PK_EC: switch (bits) { case 256: msg(1, "generating new %d-bit EC key", bits); if (!EVP_PKEY_CTX_set_ec_paramgen_curve_nid(epc, NID_X9_62_prime256v1)) { openssl_error("key_gen"); goto out; } break; case 384: msg(1, "generating new %d-bit EC key", bits); if (!EVP_PKEY_CTX_set_ec_paramgen_curve_nid(epc, NID_secp384r1)) { openssl_error("key_gen"); goto out; } break; default: warnx("key_gen: EC key size must be either 256 or 384"); goto out; } break; default: warnx("key_gen: only RSA/EC keys are supported"); goto out; } if (!EVP_PKEY_keygen(epc, &key)) { openssl_error("key_gen"); goto out; } #elif defined(USE_MBEDTLS) mbedtls_pk_context key; mbedtls_pk_init(&key); const mbedtls_pk_info_t *pki; switch (type) { case PK_RSA: pki = mbedtls_pk_info_from_type(MBEDTLS_PK_RSA); break; case PK_EC: pki = mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY); break; default: warnx("key_gen: only RSA/EC keys are supported"); goto out; } if (!pki) { warnx("key_gen: mbedtls_pk_info_from_type failed"); goto out; } r = mbedtls_pk_setup(&key, pki); if (r) { warnx("key_gen: mbedtls_pk_setup failed: %s", _mbedtls_strerror(r)); goto out; } switch (type) { case PK_RSA: msg(1, "generating new %d-bit RSA key", bits); r = mbedtls_rsa_gen_key(mbedtls_pk_rsa(key), mbedtls_ctr_drbg_random, &ctr_drbg, bits, 65537); if (r) { warnx("key_gen: mbedtls_rsa_gen_key failed: %s", _mbedtls_strerror(r)); goto out; } break; case PK_EC: switch (bits) { case 256: msg(1, "generating new %d-bit EC key", bits); r = mbedtls_ecp_gen_key(MBEDTLS_ECP_DP_SECP256R1, mbedtls_pk_ec(key), mbedtls_ctr_drbg_random, &ctr_drbg); break; case 384: msg(1, "generating new %d-bit EC key", bits); r = mbedtls_ecp_gen_key(MBEDTLS_ECP_DP_SECP384R1, mbedtls_pk_ec(key), mbedtls_ctr_drbg_random, &ctr_drbg); break; default: warnx("key_gen: EC key size must be either 256 or 384"); goto out; } if (r) { warnx("key_gen: mbedtls_ecp_gen_key failed: %s", _mbedtls_strerror(r)); goto out; } break; default: warnx("key_gen: only RSA/EC keys are supported"); goto out; } pem_size = 4096; while (1) { pem_data = calloc(1, pem_size); if (!pem_data) { warn("key_gen: calloc failed"); goto out; } r = mbedtls_pk_write_key_pem(&key, pem_data, pem_size); if (r == 0) break; else if (r == MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL) { free(pem_data); pem_size *= 2; } else { warnx("key_gen: mbedtls_pk_write_key_pem failed: %s", _mbedtls_strerror(r)); goto out; } } pem_size = strlen(pem_data); #endif mode_t prev = umask((S_IWUSR | S_IXUSR) | S_IRWXG | S_IRWXO); FILE *f = fopen(keyfile, "w"); umask(prev); if (!f) { warn("key_gen: failed to create %s", keyfile); goto out; } #if defined(USE_OPENSSL) r = PEM_write_PrivateKey(f, key, NULL, NULL, 0, NULL, NULL); fclose(f); if (!r) { openssl_error("key_gen"); warnx("key_gen: failed to write %s", keyfile); unlink(keyfile); goto out; } #else r = fwrite(pem_data, 1, pem_size, f); fclose(f); if (r != (int)pem_size) { warn("key_gen: failed to write to %s", keyfile); unlink(keyfile); goto out; } #endif msg(1, "key saved to %s", keyfile); success = true; out: #if defined(USE_GNUTLS) gnutls_x509_privkey_deinit(key); free(pem_data); #elif defined(USE_OPENSSL) if (key) EVP_PKEY_free(key); if (epc) EVP_PKEY_CTX_free(epc); #elif defined(USE_MBEDTLS) mbedtls_pk_free(&key); free(pem_data); #endif return success; } privkey_t key_load(keytype_t type, int bits, const char *format, ...) { privkey_t key = NULL; char *keyfile = NULL; #if !defined(USE_OPENSSL) int r; void *keydata = NULL; size_t keysize = 0; #endif va_list ap; va_start(ap, format); if (vasprintf(&keyfile, format, ap) < 0) keyfile = NULL; va_end(ap); if (!keyfile) { warnx("key_load: vasprintf failed"); goto out; } msg(1, "loading key from %s", keyfile); #if defined(USE_OPENSSL) while (!key) { FILE *f = fopen(keyfile, "r"); if (!f) { if (errno != ENOENT) { warn("key_load: failed to open %s", keyfile); goto out; } else { msg(1, "%s not found", keyfile); if (type == PK_NONE) { warnx("key_load: %s does not exist", keyfile); goto out; } if (!key_gen(type, bits, keyfile)) { warnx("key_load: key_gen failed"); goto out; } } } else { key = PEM_read_PrivateKey(f, NULL, NULL, NULL); fclose(f); if (!key) { openssl_error("key_load"); warnx("key_load: failed to read %s", keyfile); goto out; } } } #else while (!(keydata = read_file(keyfile, &keysize))) { if (errno != ENOENT) { warn("key_load: failed to read %s", keyfile); goto out; } else { msg(1, "%s not found", keyfile); if (type == PK_NONE) { warnx("key_load: %s does not exist", keyfile); goto out; } if (!key_gen(type, bits, keyfile)) { warnx("key_load: key_gen failed"); goto out; } } } #endif #if defined(USE_GNUTLS) r = gnutls_privkey_init(&key); if (r != GNUTLS_E_SUCCESS) { warnx("key_load: gnutls_privkey_import_x509_raw: %s", gnutls_strerror(r)); goto out; } gnutls_datum_t data = {keydata, keysize}; r = gnutls_privkey_import_x509_raw(key, &data, GNUTLS_X509_FMT_PEM, NULL, 0); if (r != GNUTLS_E_SUCCESS) { warnx("key_load: gnutls_privkey_import_x509_raw: %s", gnutls_strerror(r)); gnutls_privkey_deinit(key); key = NULL; goto out; } r = gnutls_privkey_verify_params(key); if (r != GNUTLS_E_SUCCESS) { warnx("key_load: gnutls_privkey_verify_params: %s", gnutls_strerror(r)); gnutls_privkey_deinit(key); key = NULL; goto out; } #elif defined(USE_MBEDTLS) key = calloc(1, sizeof(*key)); if (!key) { warn("key_load: calloc failed"); goto out; } mbedtls_pk_init(key); r = mbedtls_pk_parse_key(key, keydata, keysize+1, NULL, 0 #if MBEDTLS_VERSION_NUMBER >= 0x03000000 , mbedtls_ctr_drbg_random, &ctr_drbg #endif ); if (r) { warnx("key_load: mbedtls_pk_parse failed: %s", _mbedtls_strerror(r)); free(key); key = NULL; goto out; } #endif switch (key_type(key)) { case PK_RSA: if (!rsa_params(key, NULL, NULL)) { warnx("key_load: invalid key"); privkey_deinit(key); key = NULL; } break; case PK_EC: if (!ec_params(key, NULL, NULL)) { warnx("key_load: invalid key"); privkey_deinit(key); key = NULL; } break; default: warnx("key_load: only RSA/EC keys are supported"); privkey_deinit(key); key = NULL; } out: free(keyfile); #if !defined(USE_OPENSSL) free(keydata); #endif return key; } bool is_ip(const char *s, unsigned char *ip, size_t *ip_len) { bool ret = false; struct addrinfo hints, *ai; memset(&hints, 0, sizeof(hints)); hints.ai_flags = AI_NUMERICHOST | AI_NUMERICSERV; hints.ai_family = AF_UNSPEC; if (getaddrinfo(s, NULL, &hints, &ai) == 0) { if (ai->ai_family == AF_INET) { if (ip_len && *ip_len >= sizeof(struct in_addr)) { struct sockaddr_in *s = (struct sockaddr_in *)ai->ai_addr; *ip_len = sizeof(struct in_addr); if (ip) memcpy(ip, &s->sin_addr, sizeof(struct in_addr)); } ret = true; } else if (ai->ai_family == AF_INET6) { if (ip_len && *ip_len >= sizeof(struct in6_addr)) { struct sockaddr_in6 *s = (struct sockaddr_in6 *)ai->ai_addr; *ip_len = sizeof(struct in6_addr); if (ip) memcpy(ip, &s->sin6_addr, sizeof(struct in6_addr)); } ret = true; } else if (ip_len) *ip_len = 0; freeaddrinfo(ai); } else if (ip_len) *ip_len = 0; return ret; } char *csr_gen(char * const *names, bool status_req, privkey_t key) { char *req = NULL; unsigned char *csrdata = NULL; size_t csrsize = 0; int r; #if !defined(USE_OPENSSL) unsigned char ip[16]; size_t ip_len; #endif #if defined(USE_GNUTLS) unsigned int key_usage = 0; gnutls_digest_algorithm_t hash_type; gnutls_pubkey_t pubkey = NULL; gnutls_x509_crq_t crq = NULL; #if HAVE_GNUTLS_X509_CRQ_SET_TLSFEATURES gnutls_x509_tlsfeatures_t tls_features = NULL; #endif #elif defined(USE_OPENSSL) const char *key_usage = NULL; const EVP_MD *hash_type; X509_REQ *crq = NULL; X509_NAME *name = NULL; STACK_OF(X509_EXTENSION) *exts = NULL; char *san = NULL; #elif defined(USE_MBEDTLS) unsigned int key_usage = 0; mbedtls_md_type_t hash_type; size_t buflen = 1024; unsigned char *buf = NULL; char *cn = NULL; mbedtls_x509write_csr csr; mbedtls_x509write_csr_init(&csr); #endif switch (key_type(key)) { case PK_RSA: #if defined(USE_GNUTLS) key_usage = GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT; hash_type = GNUTLS_DIG_SHA256; #elif defined(USE_OPENSSL) key_usage = "critical, digitalSignature, keyEncipherment"; hash_type = EVP_sha256(); #elif defined(USE_MBEDTLS) key_usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_ENCIPHERMENT; hash_type = MBEDTLS_MD_SHA256; #endif break; case PK_EC: #if defined(USE_GNUTLS) key_usage = GNUTLS_KEY_DIGITAL_SIGNATURE; #elif defined(USE_OPENSSL) key_usage = "critical, digitalSignature"; #elif defined(USE_MBEDTLS) key_usage = MBEDTLS_X509_KU_DIGITAL_SIGNATURE; #endif switch (ec_params(key, NULL, NULL)) { case 0: warnx("csr_gen: ec_params failed"); goto out; case 256: #if defined(USE_GNUTLS) hash_type = GNUTLS_DIG_SHA256; #elif defined(USE_OPENSSL) hash_type = EVP_sha256(); #elif defined(USE_MBEDTLS) hash_type = MBEDTLS_MD_SHA256; #endif break; case 384: #if defined(USE_GNUTLS) hash_type = GNUTLS_DIG_SHA384; #elif defined(USE_OPENSSL) hash_type = EVP_sha384(); #elif defined(USE_MBEDTLS) hash_type = MBEDTLS_MD_SHA384; #endif break; default: warnx("csr_gen: unsupported EC curve"); goto out; } break; default: warnx("csr_gen: only RSA/EC keys are supported"); goto out; } #if defined(USE_GNUTLS) r = gnutls_x509_crq_init(&crq); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_x509_crq_init: %s", gnutls_strerror(r)); goto out; } r = gnutls_x509_crq_set_dn_by_oid(crq, GNUTLS_OID_X520_COMMON_NAME, 0, *names, strlen(*names)); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_x509_crq_set_dn_by_oid: %s", gnutls_strerror(r)); goto out; } while (*names) { ip_len = sizeof(ip); if (is_ip(*names, ip, &ip_len)) r = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_IPADDRESS, ip, ip_len, GNUTLS_FSAN_APPEND); else r = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_DNSNAME, *names, strlen(*names), GNUTLS_FSAN_APPEND); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_x509_set_subject_alt_name: %s", gnutls_strerror(r)); goto out; } names++; } r = gnutls_x509_crq_set_key_usage(crq, key_usage); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_x509_crq_set_key_usage: %s", gnutls_strerror(r)); goto out; } if (status_req) { #if HAVE_GNUTLS_X509_CRQ_SET_TLSFEATURES r = gnutls_x509_tlsfeatures_init(&tls_features); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_x509_tlsfeatures_init: %s", gnutls_strerror(r)); goto out; } // status_request TLS feature (OCSP Must-Staple) r = gnutls_x509_tlsfeatures_add(tls_features, 5); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_x509_tlsfeatures_add: %s", gnutls_strerror(r)); goto out; } r = gnutls_x509_crq_set_tlsfeatures(crq, tls_features); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_x509_set_tlsfeatures: %s", gnutls_strerror(r)); goto out; } #else warnx("csr_gen: -m, --must-staple disabled at compile time " "- consider recompiling with GnuTLS 3.5.1 or later"); goto out; #endif } r = gnutls_pubkey_init(&pubkey); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_pubkey_init: %s", gnutls_strerror(r)); goto out; } r = gnutls_pubkey_import_privkey(pubkey, key, 0, 0); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_pubkey_import_privkey: %s", gnutls_strerror(r)); goto out; } r = gnutls_x509_crq_set_pubkey(crq, pubkey); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_x509_crq_set_pubkey: %s", gnutls_strerror(r)); goto out; } gnutls_digest_algorithm_t dig; unsigned int mand; r = gnutls_pubkey_get_preferred_hash_algorithm(pubkey, &dig, &mand); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_pubkey_get_preferred_hash_algorithm: %s", gnutls_strerror(r)); goto out; } if (mand == 0) dig = hash_type; else if (dig != hash_type) { warnx("csr_gen: unsupported message digest"); goto out; } r = gnutls_x509_crq_privkey_sign(crq, key, dig, 0); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_crq_privkey_sign: %s", gnutls_strerror(r)); goto out; } gnutls_datum_t data = {NULL, 0}; r = gnutls_x509_crq_export2(crq, GNUTLS_X509_FMT_DER, &data); if (r != GNUTLS_E_SUCCESS) { warnx("csr_gen: gnutls_x509_crq_export2: %s", gnutls_strerror(r)); goto out; } csrsize = data.size; csrdata = gnutls_datum_data(&data, true); if (!csrdata) { warnx("csr_gen: gnutls_datum_data failed"); goto out; } #elif defined(USE_OPENSSL) if (!(crq = X509_REQ_new())) { openssl_error("csr_gen"); goto out; } if (!(name = X509_NAME_new())) { openssl_error("csr_gen"); goto out; } if (!X509_REQ_set_pubkey(crq, key)) { openssl_error("csr_gen"); goto out; } if (!X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (unsigned char *)*names, -1, -1, 0)) { openssl_error("csr_gen"); goto out; } if (!X509_REQ_set_subject_name(crq, name)) { openssl_error("csr_gen"); goto out; } if (asprintf(&san, "%s:%s", is_ip(*names, NULL, NULL) ? "IP" : "DNS", *names) < 0) { warnx("csr_gen: asprintf failed"); san = NULL; goto out; } while (*++names) { char *tmp = NULL; if (asprintf(&tmp, "%s,%s:%s", san, is_ip(*names, NULL, NULL) ? "IP" : "DNS", *names) < 0) { warnx("csr_gen: asprintf failed"); goto out; } free(san); san = tmp; } exts = sk_X509_EXTENSION_new_null(); if (!exts) { openssl_error("csr_gen"); goto out; } X509_EXTENSION *ext = X509V3_EXT_conf_nid(NULL, NULL, NID_subject_alt_name, san); if (!ext) { openssl_error("csr_gen"); goto out; } sk_X509_EXTENSION_push(exts, ext); ext = X509V3_EXT_conf_nid(NULL, NULL, NID_key_usage, key_usage); if (!ext) { openssl_error("csr_gen"); goto out; } sk_X509_EXTENSION_push(exts, ext); if (status_req) { #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3050000fL warnx("csr_gen: -m, --must-staple is not supported by LibreSSL " "earlier than 3.5.0 - consider updating it"); goto out; #else ext = X509V3_EXT_conf_nid(NULL, NULL, NID_tlsfeature, "status_request"); if (!ext) { openssl_error("csr_gen"); goto out; } sk_X509_EXTENSION_push(exts, ext); #endif } if (!X509_REQ_add_extensions(crq, exts)) { openssl_error("csr_gen"); goto out; } if (!X509_REQ_sign(crq, key, hash_type)) { openssl_error("csr_gen"); goto out; } r = i2d_X509_REQ(crq, NULL); if (r < 0) { openssl_error("csr_gen"); goto out; } csrsize = r; csrdata = calloc(1, csrsize); if (!csrdata) { warn("csr_gen: calloc failed"); goto out; } unsigned char *tmp = csrdata; if (i2d_X509_REQ(crq, &tmp) != (int)csrsize) { openssl_error("csr_gen"); goto out; } #elif defined(USE_MBEDTLS) mbedtls_x509write_csr_set_key(&csr, key); mbedtls_x509write_csr_set_md_alg(&csr, hash_type); if (asprintf(&cn, "CN=%s", *names) < 0) { warnx("csr_gen: asprintf failed"); cn = NULL; goto out; } r = mbedtls_x509write_csr_set_key_usage(&csr, key_usage); if (r) { warnx("csr_gen: mbedtls_x509write_csr_set_key_usage failed: %s", _mbedtls_strerror(r)); goto out; } r = mbedtls_x509write_csr_set_subject_name(&csr, cn); if (r) { warnx("csr_gen: mbedtls_x509write_csr_set_subject_name failed: %s", _mbedtls_strerror(r)); goto out; } while (1) { buflen *= 2; free(buf); buf = calloc(1, buflen); if (!buf) { warn("csr_gen: calloc failed"); goto out; } unsigned char *p = buf + buflen; size_t len = 0; size_t count = 0; while (names[count]) count++; while (count--) { const unsigned char *data; size_t data_len; unsigned char tag; ip_len = sizeof(ip); if (is_ip(names[count], ip, &ip_len)) { tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | 7; data = ip; data_len = ip_len; } else { tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | 2; data = (const unsigned char *)names[count]; data_len = strlen(names[count]); } r = mbedtls_asn1_write_raw_buffer(&p, buf, data, data_len); if (r >= 0) len += r; else if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) break; else { warnx("csr_gen: mbedtls_asn1_write_raw_buffer failed: %s", _mbedtls_strerror(r)); goto out; } r = mbedtls_asn1_write_len(&p, buf, data_len); if (r >= 0) len += r; else if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) break; else { warnx("csr_gen: mbedtls_asn1_write_len failed: %s", _mbedtls_strerror(r)); goto out; } r = mbedtls_asn1_write_tag(&p, buf, tag); if (r >= 0) len += r; else if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) break; else { warnx("csr_gen: mbedtls_asn1_write_tag failed: %s", _mbedtls_strerror(r)); goto out; } } if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) continue; r = mbedtls_asn1_write_len(&p, buf, len); if (r >= 0) len += r; else if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) continue; else { warnx("csr_gen: mbedtls_asn1_write_len failed: %s", _mbedtls_strerror(r)); goto out; } r = mbedtls_asn1_write_tag(&p, buf, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r >= 0) len += r; else if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) continue; else { warnx("csr_gen: mbedtls_asn1_write_tag failed: %s", _mbedtls_strerror(r)); goto out; } r = mbedtls_x509write_csr_set_extension(&csr, MBEDTLS_OID_SUBJECT_ALT_NAME, MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_ALT_NAME), #if MBEDTLS_VERSION_NUMBER >= 0x03000000 0, #endif buf + buflen - len, len); if (r) { warnx("csr_gen: mbedtls_x509write_csr_set_extension failed: %s", _mbedtls_strerror(r)); goto out; } if (!status_req) break; p = buf + buflen; len = 0; // status_request TLS feature (OCSP Must-Staple) r = mbedtls_asn1_write_int(&p, buf, 5); if (r >= 0) len += r; else if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) continue; else { warnx("csr_gen: mbedtls_asn1_write_int failed: %s", _mbedtls_strerror(r)); goto out; } r = mbedtls_asn1_write_len(&p, buf, len); if (r >= 0) len += r; else if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) continue; else { warnx("csr_gen: mbedtls_asn1_write_len failed: %s", _mbedtls_strerror(r)); goto out; } r = mbedtls_asn1_write_tag(&p, buf, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r >= 0) len += r; else if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) continue; else { warnx("csr_gen: mbedtls_asn1_write_tag failed: %s", _mbedtls_strerror(r)); goto out; } r = mbedtls_x509write_csr_set_extension(&csr, // http://oid-info.com/get/1.3.6.1.5.5.7.1.24 // pe(1) id-pe-tlsfeature(24) MBEDTLS_OID_PKIX "\x01\x18", MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x18"), #if MBEDTLS_VERSION_NUMBER >= 0x03000000 0, #endif buf + buflen - len, len); if (r) { warnx("csr_gen: mbedtls_x509write_csr_set_extension failed: %s", _mbedtls_strerror(r)); goto out; } break; } while (1) { r = mbedtls_x509write_csr_der(&csr, buf, buflen, mbedtls_ctr_drbg_random, &ctr_drbg); if (r > 0) break; else if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { free(buf); buflen *= 2; buf = calloc(1, buflen); if (!buf) { warn("csr_gen: calloc failed"); goto out; } } else { warnx("csr_gen: mbedtls_x509write_csr_der failed: %s", _mbedtls_strerror(r)); goto out; } } csrsize = r; csrdata = calloc(1, csrsize); if (!csrdata) { warn("csr_gen: calloc failed"); goto out; } memcpy(csrdata, buf + buflen - csrsize, csrsize); #endif r = base64_ENCODED_LEN(csrsize, base64_VARIANT_URLSAFE_NO_PADDING); req = calloc(1, r); if (!req) { warn("csr_gen: calloc failed"); goto out; } if (!bin2base64(req, r, csrdata, csrsize, base64_VARIANT_URLSAFE_NO_PADDING)) { warnx("csr_gen: bin2base64 failed"); free(req); req = NULL; goto out; } out: #if defined(USE_GNUTLS) gnutls_pubkey_deinit(pubkey); #if HAVE_GNUTLS_X509_CRQ_SET_TLSFEATURES if (tls_features) gnutls_x509_tlsfeatures_deinit(tls_features); #endif gnutls_x509_crq_deinit(crq); #elif defined(USE_OPENSSL) if (name) X509_NAME_free(name); if (crq) X509_REQ_free(crq); if (exts) sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); free(san); #elif defined(USE_MBEDTLS) mbedtls_x509write_csr_free(&csr); free(buf); free(cn); #endif free(csrdata); return req; } #if defined(USE_GNUTLS) static char **csr_names(gnutls_x509_crq_t crq) { int i, r = 0, n = 0, ncn = 0, nsan = 0; char **ret = NULL; char **names = NULL; char *buf = NULL; char *ip = NULL; size_t size = 0; bool cn = true; do { r = cn ? gnutls_x509_crq_get_dn_by_oid(crq, GNUTLS_OID_X520_COMMON_NAME, ncn, 0, buf, &size) : gnutls_x509_crq_get_subject_alt_name(crq, nsan, buf, &size, NULL, NULL); switch (r) { case GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE: if (cn) { cn = false; r = GNUTLS_E_SUCCESS; } break; case GNUTLS_E_SHORT_MEMORY_BUFFER: buf = calloc(1, size); if (!buf) { warn("csr_names: calloc failed"); goto out; } break; case GNUTLS_SAN_IPADDRESS: ip = calloc(1, INET6_ADDRSTRLEN); if (!ip) { warnx("csr_names: calloc failed"); goto out; } if (!inet_ntop(size == 4 ? AF_INET : AF_INET6, buf, ip, INET6_ADDRSTRLEN)) { warnx("csr_names: invalid IP address in Subj Alt Name"); free(ip); ip = NULL; continue; } free(buf); buf = ip; ip = NULL; // intentional fallthrough case GNUTLS_E_SUCCESS: case GNUTLS_SAN_DNSNAME: for (i = 0; i < n; i++) { if (strcasecmp(buf, names[i]) == 0) break; } if (i < n) free(buf); else { names = realloc(names, (n + 2) * sizeof(buf)); if (!names) { warn("csr_names: realloc failed"); goto out; } names[n++] = buf; names[n] = NULL; } buf = NULL; size = 0; if (cn) ncn++; else nsan++; break; default: if (r < 0) { warnx("csr_names: %s: %s", cn ? "gnutls_x509_crq_get_dn_by_oid" : "gnutls_x509_crq_get_subject_alt_name", gnutls_strerror(r)); goto out; } } } while (r != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); if (n > 0) { ret = names; names = NULL; } out: for (i = 0; names && names[i]; i++) free(names[i]); free(names); return ret; } #elif defined(USE_OPENSSL) static char **csr_names(X509_REQ *crq) { int i, n = 0, ncn = -1, nsan = 0; char **ret = NULL; char **names = NULL; bool cn = true; X509_NAME *name = NULL; STACK_OF(X509_EXTENSION) *exts = NULL; GENERAL_NAMES* alts = NULL; name = X509_REQ_get_subject_name(crq); if (!name) cn = false; exts = X509_REQ_get_extensions(crq); if (exts) alts = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL); while (1) { char *nm = NULL; if (cn) { ncn = X509_NAME_get_index_by_NID(name, NID_commonName, ncn); if (ncn < 0) { cn = false; continue; } X509_NAME_ENTRY *entry = X509_NAME_get_entry(name, ncn); if (!entry) continue; ASN1_STRING *str = X509_NAME_ENTRY_get_data(entry); if (!str) continue; unsigned char *buf = NULL; int size = ASN1_STRING_to_UTF8(&buf, str); if (size < 0) { openssl_error("csr_names"); continue; } nm = strndup((const char *)buf, size); if (!nm) { warn("csr_names: strndup failed"); OPENSSL_free(buf); goto out; } OPENSSL_free(buf); } else if (alts && nsan < sk_GENERAL_NAME_num(alts)) { int type; GENERAL_NAME *gn = sk_GENERAL_NAME_value(alts, nsan++); if (!gn) continue; ASN1_STRING *value = GENERAL_NAME_get0_value(gn, &type); if (!value) continue; if (type == GEN_DNS) { unsigned char *buf = NULL; int size = ASN1_STRING_to_UTF8(&buf, value); if (size < 0) { openssl_error("csr_names"); continue; } nm = strndup((const char *)buf, size); if (!nm) { warn("csr_names: strndup failed"); OPENSSL_free(buf); goto out; } OPENSSL_free(buf); } else if (type == GEN_IPADD) { int af; int len; switch (ASN1_STRING_length(value)) { case 4: af = AF_INET; len = INET_ADDRSTRLEN; break; case 16: af = AF_INET6; len = INET6_ADDRSTRLEN; break; default: warnx("csr_names: invalid IP address in Subj Alt Name"); continue; } nm = calloc(1, len); if (!nm) { warnx("csr_names: calloc failed"); goto out; } if (!inet_ntop(af, ASN1_STRING_get0_data(value), nm, len)) { warnx("csr_names: invalid IP address in Subj Alt Name"); free(nm); continue; } } } else break; if (nm) { for (i = 0; i < n; i++) { if (strcasecmp(nm, names[i]) == 0) break; } if (i < n) free(nm); else { char **tmp = realloc(names, (n + 2) * sizeof(nm)); if (!tmp) { warn("csr_names: realloc failed"); free(nm); goto out; } names = tmp; names[n++] = nm; names[n] = NULL; } } } if (n > 0) { ret = names; names = NULL; } out: if (names) { for (i = 0; names[i]; i++) free(names[i]); free(names); } if (exts) sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); if (alts) sk_GENERAL_NAME_pop_free(alts, GENERAL_NAME_free); return ret; } #elif defined(USE_MBEDTLS) // Unlike the built-in mbedTLS parser this function supports IP identifiers static int ext_san(unsigned char *p, size_t len, mbedtls_x509_sequence *san) { unsigned char *end = p + len; unsigned char *end_ext; int r; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if (end != p + len) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; while (p < end) { r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; end_ext = p + len; r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_OID); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if (len != MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_ALT_NAME) || memcmp(MBEDTLS_OID_SUBJECT_ALT_NAME, p, len) != 0) { p = end_ext; continue; } p += len; int crit; r = mbedtls_asn1_get_bool(&p, end_ext, &crit); if (r && r != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_OCTET_STRING); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if (p + len != end_ext) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if (p + len != end_ext) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; while (p < end_ext) { unsigned char tag = *p++; r = mbedtls_asn1_get_len(&p, end_ext, &len); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if ((tag & MBEDTLS_ASN1_TAG_CLASS_MASK) != MBEDTLS_ASN1_CONTEXT_SPECIFIC) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_UNEXPECTED_TAG; if (san->buf.p) { if (san->next) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; san->next = mbedtls_calloc(1, sizeof(mbedtls_asn1_sequence)); if (!san->next) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_ALLOC_FAILED; san = san->next; } san->buf.tag = tag; san->buf.len = len; san->buf.p = p; p += len; } san->next = NULL; if (p != end_ext) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } return 0; } static int csr_san(const mbedtls_x509_csr *crq, mbedtls_x509_sequence *san) { unsigned char *p = crq->cri.p; size_t len = crq->cri.len; unsigned char *end = p + len; unsigned char *end_attr; int i = 0, r; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_FORMAT + r; r = mbedtls_asn1_get_int(&p, end, &i); if (r && r != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) return MBEDTLS_ERR_X509_INVALID_VERSION + r; if (i != 0) return MBEDTLS_ERR_X509_UNKNOWN_VERSION; for (i = 0; i < 2; i++) { r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_FORMAT + r; p += len; } r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC); if (r) return MBEDTLS_ERR_X509_INVALID_FORMAT + r; while (p < end) { r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_FORMAT + r; end_attr = p + len; r = mbedtls_asn1_get_tag(&p, end_attr, &len, MBEDTLS_ASN1_OID); if (r) return MBEDTLS_ERR_X509_INVALID_FORMAT + r; if (len == MBEDTLS_OID_SIZE(MBEDTLS_OID_PKCS9_CSR_EXT_REQ) && memcmp(MBEDTLS_OID_PKCS9_CSR_EXT_REQ, p, len) == 0) { p += len; r = mbedtls_asn1_get_tag(&p, end_attr, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET); if (r) return MBEDTLS_ERR_X509_INVALID_FORMAT + r; else return ext_san(p, len, san); } p = end_attr; } return 0; } static char **csr_names(mbedtls_x509_csr *crq) { int i, n = 0; char **ret = NULL; char **names = NULL; mbedtls_x509_name *name = &crq->subject; mbedtls_x509_sequence sans, *san = &sans; memset(&sans, 0, sizeof(sans)); i = csr_san(crq, san); if (i) { warnx("csr_names: csr_san failed: %s", _mbedtls_strerror(i)); goto out; } while (1) { char *nm = NULL; if (name) { if (MBEDTLS_OID_CMP(MBEDTLS_OID_AT_CN, &name->oid) == 0) { nm = strndup((const char *)name->val.p, name->val.len); if (!nm) { warn("csr_names: strndup failed"); goto out; } } name = name->next; } else if (san) { if (san->buf.tag == (MBEDTLS_ASN1_CONTEXT_SPECIFIC | 2)) { nm = strndup((const char *)san->buf.p, san->buf.len); if (!nm) { warn("csr_names: strndup failed"); goto out; } } else if (san->buf.tag == (MBEDTLS_ASN1_CONTEXT_SPECIFIC | 7)) { int af; int len = 0; switch (san->buf.len) { case 4: af = AF_INET; len = INET_ADDRSTRLEN; break; case 16: af = AF_INET6; len = INET6_ADDRSTRLEN; break; default: warnx("csr_names: invalid IP address in Subj Alt Name"); } if (len) { nm = calloc(1, len); if (!nm) { warnx("csr_names: calloc failed"); goto out; } if (!inet_ntop(af, san->buf.p, nm, len)) { warnx("csr_names: invalid IP address in Subj Alt Name"); free(nm); nm = NULL; } } } san = san->next; } else break; if (nm) { for (i = 0; i < n; i++) { if (strcasecmp(nm, names[i]) == 0) break; } if (i < n) free(nm); else { char **tmp = realloc(names, (n + 2) * sizeof(nm)); if (!tmp) { warn("csr_names: realloc failed"); free(nm); goto out; } names = tmp; names[n++] = nm; names[n] = NULL; } } } if (n > 0) { ret = names; names = NULL; } out: if (names) { for (i = 0; names[i]; i++) free(names[i]); free(names); } while (sans.next) { san = sans.next; sans.next = san->next; mbedtls_free(san); } return ret; } #endif char *csr_load(const char *file, char ***names) { int r; char *ret = NULL; void *csrdata = NULL; size_t csrsize = 0; #if defined(USE_GNUTLS) gnutls_x509_crq_t crq = NULL; #elif defined(USE_MBEDTLS) mbedtls_x509_csr _crq, *crq = &_crq; mbedtls_x509_csr_init(crq); #elif defined(USE_OPENSSL) X509_REQ *crq = NULL; #endif msg(1, "loading certificate request from %s", file); #if defined(USE_OPENSSL) FILE *f = NULL; if (!(f = fopen(file, "r"))) { warn("csr_load: failed to open %s", file); goto out; } crq = PEM_read_X509_REQ(f, NULL, NULL, NULL); fclose(f); if (!crq) { openssl_error("csr_load"); warnx("csr_load: failed to load %s", file); goto out; } r = i2d_X509_REQ(crq, NULL); if (r < 0) { openssl_error("csr_load"); goto out; } csrsize = r; csrdata = calloc(1, csrsize); if (!csrdata) { warn("csr_load: calloc failed"); goto out; } unsigned char *tmp = csrdata; if (i2d_X509_REQ(crq, &tmp) != (int)csrsize) { openssl_error("csr_load"); goto out; } #else csrdata = read_file(file, &csrsize); if (!csrdata) { warn("csr_load: failed to read %s", file); goto out; } #endif #if defined(USE_GNUTLS) gnutls_datum_t data = {csrdata, csrsize}; r = gnutls_x509_crq_init(&crq); if (r < 0) { warnx("csr_load: gnutls_x509_crq_init: %s", gnutls_strerror(r)); goto out; } r = gnutls_x509_crq_import(crq, &data, GNUTLS_X509_FMT_PEM); if (r < 0) { warnx("csr_load: gnutls_x509_crq_import: %s", gnutls_strerror(r)); goto out; } free(csrdata); csrdata = NULL; data.data = NULL; data.size = 0; r = gnutls_x509_crq_export2(crq, GNUTLS_X509_FMT_DER, &data); if (r != GNUTLS_E_SUCCESS) { warnx("csr_load: gnutls_x509_crq_export2: %s", gnutls_strerror(r)); goto out; } csrsize = data.size; csrdata = gnutls_datum_data(&data, true); if (!csrdata) { warnx("csr_load: gnutls_datum_data failed"); goto out; } #elif defined(USE_MBEDTLS) r = mbedtls_x509_csr_parse(crq, csrdata, csrsize+1); if (r < 0) { warnx("csr_load: mbedtls_x509_csr_parse failed: %s", _mbedtls_strerror(r)); goto out; } mbedtls_pem_context ctx; mbedtls_pem_init(&ctx); size_t len; r = mbedtls_pem_read_buffer(&ctx, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", csrdata, NULL, 0, &len); if (r) { warnx("csr_load: mbedtls_pem_read_buffer failed: %s", _mbedtls_strerror(r)); mbedtls_pem_free(&ctx); goto out; } free(csrdata); #if MBEDTLS_VERSION_NUMBER >= 0x03000000 const unsigned char *csrbuf = mbedtls_pem_get_buffer(&ctx, &csrsize); if (!csrbuf) { warn("csr_load: mbedtls_pem_get_buffer failed"); goto out; } #else const unsigned char *csrbuf = ctx.buf; csrsize = ctx.buflen; #endif csrdata = calloc(1, csrsize); if (!csrdata) { warn("csr_load: calloc failed"); mbedtls_pem_free(&ctx); goto out; } memcpy(csrdata, csrbuf, csrsize); mbedtls_pem_free(&ctx); #endif r = base64_ENCODED_LEN(csrsize, base64_VARIANT_URLSAFE_NO_PADDING); ret = calloc(1, r); if (!ret) { warn("csr_load: calloc failed"); goto out; } if (!bin2base64(ret, r, csrdata, csrsize, base64_VARIANT_URLSAFE_NO_PADDING)) { warnx("csr_load: bin2base64 failed"); free(ret); ret = NULL; goto out; } if (names) { char **tmp = csr_names(crq); if (tmp) *names = tmp; else { free(ret); ret = NULL; } } out: free(csrdata); #if defined(USE_GNUTLS) gnutls_x509_crq_deinit(crq); #elif defined(USE_MBEDTLS) mbedtls_x509_csr_free(crq); #elif defined(USE_OPENSSL) X509_REQ_free(crq); #endif return ret; } #if defined(USE_GNUTLS) static int cert_load(gnutls_x509_crt_t *crt, unsigned int crt_size, const char *format, ...) #elif defined(USE_OPENSSL) static int cert_load(X509 **crt, unsigned int crt_size, const char *format, ...) #elif defined(USE_MBEDTLS) static int cert_load(mbedtls_x509_crt **crt, const char *format, ...) #endif { char *certfile = NULL; #if !defined(USE_OPENSSL) void *certdata = NULL; size_t certsize = 0; #endif int ret = 0; int r; va_list ap; #if !defined(USE_MBEDTLS) if (crt_size < 1) return 0; #endif va_start(ap, format); if (vasprintf(&certfile, format, ap) < 0) certfile = NULL; va_end(ap); if (!certfile) { warnx("cert_load: vasprintf failed"); goto out; } #if defined(USE_OPENSSL) FILE *f = NULL; if (!(f = fopen(certfile, "r"))) { if (errno == ENOENT) msg(1, "%s does not exist", certfile); else warn("cert_load: failed to open %s", certfile); goto out; } for (r = 0; r < (int)crt_size; r++) { crt[r] = PEM_read_X509(f, NULL, NULL, NULL); if (!crt[r]) break; } fclose(f); if (r == 0) { openssl_error("cert_load"); warnx("cert_load: failed to load %s", certfile); goto out; } ret = r; #else certdata = read_file(certfile, &certsize); if (!certdata) { if (errno == ENOENT) msg(1, "%s does not exist", certfile); else warn("cert_load: failed to read %s", certfile); goto out; } #endif #if defined(USE_GNUTLS) gnutls_datum_t data = {certdata, certsize}; r = gnutls_x509_crt_list_import(crt, &crt_size, &data, GNUTLS_X509_FMT_PEM, GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (r < 0) { warnx("cert_load: gnutls_x509_crt_list_import: %s", gnutls_strerror(r)); goto out; } ret = r; #elif defined(USE_MBEDTLS) *crt = calloc(1, sizeof(**crt)); if (!*crt) { warn("cert_load: calloc failed"); goto out; } mbedtls_x509_crt_init(*crt); r = mbedtls_x509_crt_parse(*crt, certdata, certsize+1); if (r < 0) { warnx("cert_load: mbedtls_x509_crt_parse failed: %s", _mbedtls_strerror(r)); mbedtls_x509_crt_free(*crt); free(*crt); goto out; } if (r > 0) { warnx("cert_load: failed to parse %d certificates", r); mbedtls_x509_crt_free(*crt); free(*crt); goto out; } for (mbedtls_x509_crt *c = *crt; c; c = c->next) ret++; #endif out: #if !defined(USE_OPENSSL) free(certdata); #endif free(certfile); return ret; } #if defined(USE_MBEDTLS) static int mbedtls_crt_get_authority_key_id(mbedtls_x509_crt *crt, unsigned char **akid, size_t *size) { unsigned char *p = crt->v3_ext.p; unsigned char *end = p + crt->v3_ext.len; size_t len; int r; if (!p || p == end) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; if (p + len != end) return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; while (p < end) { unsigned char *end_ext; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; end_ext = p + len; r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_OID); if (r) return r; if (len != MBEDTLS_OID_SIZE(MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER) || memcmp(p, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER, len)) { p = end_ext; continue; } p += len; r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_BOOLEAN); if (r == 0) { if (len != 1) return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; p++; } else if (r != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) return r; r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_OCTET_STRING); if (r) return r; if (end_ext != p + len) return MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; r = mbedtls_asn1_get_tag(&p, p + len, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; r = mbedtls_asn1_get_tag(&p, p + len, &len, MBEDTLS_ASN1_CONTEXT_SPECIFIC); if (r) return r; *akid = p; *size = len; return 0; } return MBEDTLS_ERR_X509_UNKNOWN_OID; } #endif bool cert_match(const char *cert, unsigned char *fingerprint, size_t fingerprint_len) { size_t certsize = strlen(cert); bool ret = false; #if defined(USE_GNUTLS) gnutls_x509_crt_t *crt = NULL; unsigned int crt_size = 0; gnutls_datum_t data = {(unsigned char *)cert, certsize}; int r = gnutls_x509_crt_list_import2(&crt, &crt_size, &data, GNUTLS_X509_FMT_PEM, GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED); if (r < 0) { warnx("cert_match: gnutls_x509_crt_list_import2: %s", gnutls_strerror(r)); return ret; } for (unsigned int i = 0; i < crt_size; i++) { unsigned char fp[128]; if (!ret) { size_t s = sizeof(fp); r = gnutls_x509_crt_get_fingerprint(crt[i], GNUTLS_DIG_SHA256, fp, &s); if (r == 0 && fingerprint_len <= s && memcmp(fp, fingerprint, fingerprint_len) == 0) { msg(1, "certificate matched by fingerprint"); ret = true; } } if (!ret) { size_t s = sizeof(fp); r = gnutls_x509_crt_get_authority_key_id(crt[i], fp, &s, NULL); if (r == 0 && fingerprint_len <= s && memcmp(fp, fingerprint, fingerprint_len) == 0) { msg(1, "certificate matched by Authority Key Id"); ret = true; } } gnutls_x509_crt_deinit(crt[i]); } gnutls_free(crt); #elif defined(USE_OPENSSL) BIO *bio = BIO_new_mem_buf(cert, certsize); if (!bio) { openssl_error("cert_match"); return ret; } while (!BIO_eof(bio) && !ret) { unsigned char fp[32]; unsigned int s = sizeof(fp); X509 *crt = PEM_read_bio_X509(bio, NULL, NULL, NULL); if (!crt) break; if (X509_digest(crt, EVP_sha256(), fp, &s) && fingerprint_len <= s && memcmp(fp, fingerprint, fingerprint_len) == 0) { msg(1, "certificate matched by fingerprint"); ret = true; } else { AUTHORITY_KEYID *akid = X509_get_ext_d2i(crt, NID_authority_key_identifier, NULL, NULL); if (akid != NULL) { if (akid->keyid != NULL && fingerprint_len <= (size_t)ASN1_STRING_length(akid->keyid) && memcmp(ASN1_STRING_get0_data(akid->keyid), fingerprint, fingerprint_len) == 0) { msg(1, "certificate matched by Authority Key Id"); ret = true; } AUTHORITY_KEYID_free(akid); } } X509_free(crt); } BIO_free(bio); #elif defined(USE_MBEDTLS) mbedtls_x509_crt crt; mbedtls_x509_crt_init(&crt); int r = mbedtls_x509_crt_parse(&crt, (unsigned char *)cert, certsize+1); if (r < 0) { warnx("cert_match: mbedtls_x509_crt_parse failed: %s", _mbedtls_strerror(r)); mbedtls_x509_crt_free(&crt); return ret; } if (r > 0) { warnx("cert_load: failed to parse %d certificates", r); mbedtls_x509_crt_free(&crt); return ret; } for (mbedtls_x509_crt *c = &crt; c; c = c->next) { unsigned char fp[32]; unsigned char *akid; size_t akid_len; r = mbedtls_hash_fast(MBEDTLS_MD_SHA256, c->raw.p, c->raw.len, fp); if (r == 0 && fingerprint_len <= sizeof(fp) && memcmp(fp, fingerprint, fingerprint_len) == 0) { msg(1, "certificate matched by fingerprint"); ret = true; break; } r = mbedtls_crt_get_authority_key_id(c, &akid, &akid_len); if (r == 0 && fingerprint_len <= akid_len && memcmp(akid, fingerprint, fingerprint_len) == 0) { msg(1, "certificate matched by Authority Key Id"); ret = true; break; } } mbedtls_x509_crt_free(&crt); #endif return ret; } #if defined(USE_GNUTLS) static char *crt_ari_url(gnutls_x509_crt_t crt, const char *prefix) #elif defined(USE_OPENSSL) static char *crt_ari_url(X509 *crt, const char *prefix) #elif defined(USE_MBEDTLS) static char *crt_ari_url(mbedtls_x509_crt *crt, const char *prefix) #endif { char *url = NULL; unsigned char akid[128]; char akid_b64[base64_ENCODED_LEN(sizeof(akid), base64_VARIANT_URLSAFE_NO_PADDING)]; unsigned char serial[128]; char serial_b64[base64_ENCODED_LEN(sizeof(akid), base64_VARIANT_URLSAFE_NO_PADDING)]; size_t alen = sizeof(akid); size_t slen = sizeof(serial); #if defined(USE_GNUTLS) int r = gnutls_x509_crt_get_authority_key_id(crt, akid, &alen, NULL); if (r) return NULL; r = gnutls_x509_crt_get_serial(crt, serial, &slen); if (r) return NULL; #elif defined(USE_OPENSSL) AUTHORITY_KEYID *ak = X509_get_ext_d2i(crt, NID_authority_key_identifier, NULL, NULL); if (ak != NULL) { if (ak->keyid == NULL || alen < (size_t)ASN1_STRING_length(ak->keyid)) alen = 0; else { alen = (size_t)ASN1_STRING_length(ak->keyid); memcpy(akid, ASN1_STRING_get0_data(ak->keyid), alen); } AUTHORITY_KEYID_free(ak); if (alen == 0) return NULL; } else return NULL; const ASN1_INTEGER *sn = X509_get0_serialNumber(crt); if (!sn) return NULL; BIGNUM *bn = ASN1_INTEGER_to_BN(sn, NULL); if (!bn) { openssl_error("cert_ari_url"); return NULL; } if (slen < (size_t)BN_num_bytes(bn)) { BN_free(bn); return NULL; } else { slen = (size_t)BN_bn2bin(bn, serial); BN_free(bn); } #elif defined(USE_MBEDTLS) unsigned char *ak; size_t len; int r = mbedtls_crt_get_authority_key_id(crt, &ak, &len); if (r) return NULL; if (alen < len) return NULL; alen = len; memcpy(akid, ak, alen); if (!crt->serial.p || slen < crt->serial.len) return NULL; slen = crt->serial.len; memcpy(serial, crt->serial.p, slen); #endif if (!bin2base64(akid_b64, sizeof(akid_b64), akid, alen, base64_VARIANT_URLSAFE_NO_PADDING) || !bin2base64(serial_b64, sizeof(serial_b64), serial, slen, base64_VARIANT_URLSAFE_NO_PADDING)) { warnx("crt_ari_url: bin2base64 failed"); return NULL; } if (asprintf(&url, "%s/%s.%s", prefix, akid_b64, serial_b64) < 0) { warnx("crt_ari_url: asprintf failed"); url = NULL; } return url; } #if defined(USE_GNUTLS) static bool ocsp_check(gnutls_x509_crt_t *crt) { bool result = true; char *ocsp_uri = NULL; gnutls_ocsp_req_t req = NULL; gnutls_ocsp_resp_t rsp = NULL; gnutls_datum_t nreq = {NULL, 0}; gnutls_datum_t nrsp = {NULL, 0}; gnutls_datum_t req_data = {NULL, 0}; gnutls_datum_t d = {NULL, 0}; curldata_t *cd = NULL; int rc; if (!crt[0] || !crt[1]) goto out; for (unsigned int seq = 0; true; seq++) { d.data = NULL; d.size = 0; rc = gnutls_x509_crt_get_authority_info_access(crt[0], seq, GNUTLS_IA_OCSP_URI, &d, NULL); if (rc == GNUTLS_E_UNKNOWN_ALGORITHM) continue; else if (rc == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) break; else if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: unable to retrieve OCSP URI: %s", gnutls_strerror(rc)); break; } ocsp_uri = calloc(1, d.size+1); if (!ocsp_uri) { warn("ocsp_check: calloc failed"); gnutls_free(d.data); break; } memcpy(ocsp_uri, d.data, d.size); gnutls_free(d.data); break; } if (!ocsp_uri) goto out; rc = gnutls_ocsp_req_init(&req); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_req_init failed: %s", gnutls_strerror(rc)); goto out; } rc = gnutls_ocsp_req_add_cert(req, GNUTLS_DIG_SHA1, crt[1], crt[0]); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_req_add_cert failed: %s", gnutls_strerror(rc)); goto out; } rc = gnutls_ocsp_req_randomize_nonce(req); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_req_randomize failed: %s", gnutls_strerror(rc)); goto out; } rc = gnutls_ocsp_req_export(req, &req_data); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_req_export failed: %s", gnutls_strerror(rc)); goto out; } d.data = NULL; d.size = 0; rc = gnutls_ocsp_req_print(req, GNUTLS_OCSP_PRINT_FULL, &d); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_req_print failed: %s", gnutls_strerror(rc)); gnutls_free(d.data); goto out; } msg(2, "ocsp_check: %.*s", d.size, d.data); gnutls_free(d.data); msg(1, "querying OCSP server at %s", ocsp_uri); msg_hd(3, "ocsp_check: HTTP post:\n", req_data.data, req_data.size); cd = curl_post(ocsp_uri, req_data.data, req_data.size, "Content-Type: application/ocsp-request", NULL); if (!cd) { warnx("ocsp_check: curl_post(\"%s\") failed", ocsp_uri); goto out; } if (cd->headers) msg(3, "ocsp_check: HTTP headers:\n%s", cd->headers); if (cd->body) msg_hd(3, "ocsp_check: HTTP body:\n", cd->body, cd->body_len); rc = gnutls_ocsp_resp_init(&rsp); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_resp_init failed: %s", gnutls_strerror(rc)); goto out; } d.data = (unsigned char *)cd->body; d.size = cd->body_len; rc = gnutls_ocsp_resp_import(rsp, &d); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_resp_import failed: %s", gnutls_strerror(rc)); goto out; } d.data = NULL; d.size = 0; rc = gnutls_ocsp_resp_print(rsp, GNUTLS_OCSP_PRINT_FULL, &d); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_resp_print failed: %s", gnutls_strerror(rc)); gnutls_free(d.data); goto out; } msg(2, "ocsp_check: %.*s", d.size, d.data); gnutls_free(d.data); unsigned int verify; rc = gnutls_ocsp_resp_verify_direct(rsp, crt[1], &verify, 0); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_resp_verify_direct failed: %s", gnutls_strerror(rc)); goto out; } if (verify != 0) { warnx("warning: failed to verify OCSP response (%d)", verify); goto out; } rc = gnutls_ocsp_resp_get_status(rsp); if (rc != GNUTLS_OCSP_RESP_SUCCESSFUL) { if (rc < 0) warnx("ocsp_check: gnutls_ocsp_resp_get_status failed: %s", gnutls_strerror(rc)); else warnx("OCSP response was unsuccessful (%d)", rc); goto out; } rc = gnutls_ocsp_resp_check_crt(rsp, 0, crt[0]); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_resp_check_crt failed: %s", gnutls_strerror(rc)); goto out; } rc = gnutls_ocsp_req_get_nonce(req, NULL, &nreq); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_req_get_nonce failed: %s", gnutls_strerror(rc)); goto out; } rc = gnutls_ocsp_resp_get_nonce(rsp, NULL, &nrsp); if (rc != GNUTLS_E_SUCCESS) { if (rc != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { warnx("ocsp_check: gnutls_ocsp_rsp_get_nonce failed: %s", gnutls_strerror(rc)); goto out; } else msg(1, "OCSP response has no nonce"); } else if (nreq.size != nrsp.size || memcmp(nreq.data, nrsp.data, nreq.size)) { warnx("warning: OCSP response nonce mismatch"); goto out; } unsigned int cert_status; rc = gnutls_ocsp_resp_get_single(rsp, 0, NULL, NULL, NULL, NULL, &cert_status, NULL, NULL, NULL, NULL); if (rc != GNUTLS_E_SUCCESS) { warnx("ocsp_check: gnutls_ocsp_rsp_get_single failed: %s", gnutls_strerror(rc)); goto out; } switch (cert_status) { case GNUTLS_OCSP_CERT_GOOD: msg(1, "OCSP certificate status is GOOD"); break; case GNUTLS_OCSP_CERT_REVOKED: warnx("OCSP certificate status is REVOKED"); result = false; break; case GNUTLS_OCSP_CERT_UNKNOWN: default: msg(1, "OCSP certificate status is UNKNOWN"); break; } out: if (req) gnutls_ocsp_req_deinit(req); if (rsp) gnutls_ocsp_resp_deinit(rsp); gnutls_free(req_data.data); gnutls_free(nreq.data); gnutls_free(nrsp.data); curldata_free(cd); free(ocsp_uri); return result; } #elif defined(USE_OPENSSL) static bool ocsp_check(X509 **crt) { bool result = true; char *ocsp_uri = NULL; OCSP_REQUEST *req = NULL; unsigned char *reqdata = NULL; int reqsize = 0; OCSP_RESPONSE *rsp = NULL; OCSP_BASICRESP *brsp = NULL; OCSP_CERTID *id = NULL; STACK_OF(OCSP_CERTID) *ids = NULL; STACK_OF(OPENSSL_STRING) *ocsp_uris = NULL; STACK_OF(X509) *issuers = NULL; curldata_t *cd = NULL; int rc; if (!crt[0] || !crt[1]) goto out; ocsp_uris = X509_get1_ocsp(crt[0]); if (!ocsp_uris) { openssl_error("ocsp_check"); goto out; } for (int j = 0; !ocsp_uri && j < sk_OPENSSL_STRING_num(ocsp_uris); j++) { char *uri = sk_OPENSSL_STRING_value(ocsp_uris, j); if (uri && strlen(uri)) { ocsp_uri = strdup(uri); if (!ocsp_uri) { warn("ocsp_check: strdup failed"); goto out; } } } if (!ocsp_uri) goto out; req = OCSP_REQUEST_new(); if (!req) { openssl_error("ocsp_check"); goto out; } ids = sk_OCSP_CERTID_new_null(); if (!ids) { openssl_error("ocsp_check"); goto out; } id = OCSP_cert_to_id(EVP_sha1(), crt[0], crt[1]); if (!id || !sk_OCSP_CERTID_push(ids, id)) { openssl_error("ocsp_check"); goto out; } if (!OCSP_request_add0_id(req, id)) { openssl_error("ocsp_check"); goto out; } if (!OCSP_request_add1_nonce(req, NULL, -1)) { openssl_error("ocsp_check"); goto out; } rc = i2d_OCSP_REQUEST(req, NULL); if (rc < 0) { openssl_error("ocsp_check"); goto out; } reqsize = rc; reqdata = calloc(1, reqsize); if (!reqdata) { warn("ocsp_check: calloc failed"); goto out; } unsigned char *tmp = reqdata; if (i2d_OCSP_REQUEST(req, &tmp) != reqsize) { openssl_error("ocsp_check"); goto out; } if (g_loglevel > 1) { BIO *out = BIO_new(BIO_s_mem()); if (out) { if (OCSP_REQUEST_print(out, req, 0)) { char *data = NULL; int size = BIO_get_mem_data(out, &data); warnx("ocsp_check: %.*s", size, data); } BIO_free(out); } } msg(1, "querying OCSP server at %s", ocsp_uri); msg_hd(3, "ocsp_check: HTTP post:\n", reqdata, reqsize); cd = curl_post(ocsp_uri, reqdata, reqsize, "Content-Type: application/ocsp-request", NULL); if (!cd) { warnx("ocsp_check: curl_post(\"%s\") failed", ocsp_uri); goto out; } if (cd->headers) msg(3, "ocsp_check: HTTP headers:\n%s", cd->headers); if (cd->body) msg_hd(3, "ocsp_check: HTTP body:\n", cd->body, cd->body_len); const unsigned char *tmp2 = (const unsigned char *)cd->body; rsp = d2i_OCSP_RESPONSE(NULL, &tmp2, cd->body_len); if (!rsp) { openssl_error("ocsp_check"); goto out; } if (g_loglevel > 1) { BIO *out = BIO_new(BIO_s_mem()); if (out) { if (OCSP_RESPONSE_print(out, rsp, 0)) { char *data = NULL; int size = BIO_get_mem_data(out, &data); warnx("ocsp_check: %.*s", size, data); } BIO_free(out); } } rc = OCSP_response_status(rsp); if (rc != OCSP_RESPONSE_STATUS_SUCCESSFUL) { if (rc < 0) openssl_error("ocsp_check"); else warnx("OCSP response was unsuccessful (%d)", rc); goto out; } brsp = OCSP_response_get1_basic(rsp); if (!brsp) { openssl_error("ocsp_check"); goto out; } rc = OCSP_check_nonce(req, brsp); if (rc < 0) msg(1, "OCSP response has no nonce"); else if (rc == 0) { warnx("ocsp_check: OCSP_check_nonce failed"); goto out; } issuers = sk_X509_new_null(); if (!issuers) { openssl_error("ocsp_check"); goto out; } sk_X509_push(issuers, crt[1]); if (OCSP_basic_verify(brsp, issuers, NULL, OCSP_TRUSTOTHER) <= 0) { openssl_error("ocsp_check"); goto out; } int status; if (!OCSP_resp_find_status(brsp, id, &status, NULL, NULL, NULL, NULL)) { openssl_error("ocsp_check"); goto out; } switch (status) { case V_OCSP_CERTSTATUS_GOOD: msg(1, "OCSP certificate status is GOOD"); break; case V_OCSP_CERTSTATUS_REVOKED: warnx("OCSP certificate status is REVOKED"); result = false; break; case V_OCSP_CERTSTATUS_UNKNOWN: default: msg(1, "OCSP certificate status is UNKNOWN"); break; } out: free(ocsp_uri); free(reqdata); if (cd) curldata_free(cd); if (req) OCSP_REQUEST_free(req); if (rsp) OCSP_RESPONSE_free(rsp); if (brsp) OCSP_BASICRESP_free(brsp); if (ids) sk_OCSP_CERTID_free(ids); if (ocsp_uris) X509_email_free(ocsp_uris); if (issuers) sk_X509_free(issuers); return result; } #elif defined(USE_MBEDTLS) #define OID_AUTHORITY_INFO_ACCESS MBEDTLS_OID_PKIX "\x01\x01" #define OID_AD_OCSP MBEDTLS_OID_PKIX "\x30\x01" #define OID_AD_OCSP_BASIC OID_AD_OCSP "\x01" #define OID_AD_OCSP_NONCE OID_AD_OCSP "\x02" static int ext_parse_ocsp_uri(unsigned char *p, size_t len, const char **out) { unsigned char *end = p + len; unsigned char *end_ext; unsigned char *end_ad; int r; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if (end != p + len) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; while (p < end) { r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; end_ext = p + len; r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_OID); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if (len != MBEDTLS_OID_SIZE(OID_AUTHORITY_INFO_ACCESS) || memcmp(OID_AUTHORITY_INFO_ACCESS, p, len) != 0) { p = end_ext; continue; } p += len; int crit; r = mbedtls_asn1_get_bool(&p, end_ext, &crit); if (r && r != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_OCTET_STRING); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if (p + len != end_ext) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if (p + len != end_ext) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; while (p < end_ext) { r = mbedtls_asn1_get_tag(&p, end_ext, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; end_ad = p + len; r = mbedtls_asn1_get_tag(&p, end_ad, &len, MBEDTLS_ASN1_OID); if (r) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + r; if (len != MBEDTLS_OID_SIZE(OID_AD_OCSP) || memcmp(OID_AD_OCSP, p, len) != 0) { p = end_ad; continue; } p += len; r = mbedtls_asn1_get_tag(&p, end_ad, &len, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 6); if (r) { p = end_ad; continue; } *out = (const char *)p; return len; } if (p != end_ext) return MBEDTLS_ERR_X509_INVALID_EXTENSIONS + MBEDTLS_ERR_ASN1_LENGTH_MISMATCH; } return 0; } static int ocsp_req(mbedtls_x509_crt *crt, unsigned char *req, size_t size, const unsigned char **certid, size_t *certid_size) { int ret = 0; size_t ext_len = 0; size_t len = 0; const char *alg_oid; size_t alg_oid_len = 0; unsigned char hash[20]; unsigned char *p = req + size; mbedtls_x509_crt *issuer = crt->next; if (!issuer) return MBEDTLS_ERR_X509_BAD_INPUT_DATA; MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_raw_buffer(&p, req, crt->serial.p, crt->serial.len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, req, crt->serial.len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, req, crt->serial.tag)); for (size_t buf_size = 0x400; ; ) { unsigned char *buf = mbedtls_calloc(1, buf_size); if (!buf) return MBEDTLS_ERR_X509_ALLOC_FAILED; unsigned char *c = buf + buf_size; ret = mbedtls_pk_write_pubkey(&c, buf, &issuer->pk); if (ret >= 0) #if MBEDTLS_VERSION_NUMBER < 0x03000000 ret = mbedtls_sha1_ret(buf + buf_size - ret, ret, hash); #else ret = mbedtls_sha1(buf + buf_size - ret, ret, hash); #endif mbedtls_free(buf); if (ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { buf_size *= 2; continue; } if (ret < 0) return ret; break; } MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_octet_string(&p, req, hash, sizeof(hash))); #if MBEDTLS_VERSION_NUMBER < 0x03000000 ret = mbedtls_sha1_ret(crt->issuer_raw.p, crt->issuer_raw.len, hash); #else ret = mbedtls_sha1(crt->issuer_raw.p, crt->issuer_raw.len, hash); #endif if (ret) return ret; MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_octet_string(&p, req, hash, sizeof(hash))); ret = mbedtls_oid_get_oid_by_md(MBEDTLS_MD_SHA1, &alg_oid, &alg_oid_len); if (ret) return ret; MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_algorithm_identifier(&p, req, alg_oid, alg_oid_len, 0)); if (certid) *certid = p; if (certid_size) *certid_size = len; MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, req, len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, req, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, req, len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, req, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, req, len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, req, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); len += ext_len; MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, req, len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, req, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, req, len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, req, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)); memmove(req, p, len); if (certid) *certid -= p - req; return len; } static int ocsp_resp(unsigned char *p, size_t len, const unsigned char *certid, size_t certid_size, int *status) { const unsigned char *end = p + len; int i, r; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; r = mbedtls_asn1_get_tag(&p, end, &len, 10); // ASN1_ENUMERATED if (r) return r; if (len == 0 || len > sizeof(int) || (*p & 0x80)) return MBEDTLS_ERR_ASN1_INVALID_LENGTH; while (len--) r = (r << 8) | *p++; if (r) return r; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC); if (r) return r; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; end = p + len; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OID); if (r) return r; if (len != MBEDTLS_OID_SIZE(OID_AD_OCSP_BASIC) || memcmp(OID_AD_OCSP_BASIC, p, len) != 0) return MBEDTLS_ERR_ASN1_INVALID_DATA; p += len; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING); if (r) return r; end = p + len; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; end = p + len; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; end = p + len; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC); if (r && r != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) return r; if (r == 0) { int ver = 0; r = mbedtls_asn1_get_int(&p, end, &ver); if (r) return r; if (ver) return MBEDTLS_ERR_ASN1_INVALID_DATA; } for (i = 1; i < 3; i++) { r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC | i); if (r && r != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) return r; if (r == 0) break; } if (i > 2) return MBEDTLS_ERR_ASN1_INVALID_DATA; p += len; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_GENERALIZED_TIME); if (r) return r; p += len; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); if (r) return r; if (certid_size != len || memcmp(certid, p, len) != 0) return MBEDTLS_ERR_ASN1_INVALID_DATA; p += len; for (i = 0; i < 3; i++) { r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC | i); if (r && r != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) return r; if (r == 0) break; r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONTEXT_SPECIFIC | i); if (r && r != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) return r; if (r == 0) break; } if (i > 2) return MBEDTLS_ERR_ASN1_INVALID_DATA; else if (status) *status = i; return 0; } static bool ocsp_check(mbedtls_x509_crt *crt) { bool result = true; char *ocsp_uri = NULL; curldata_t *cd = NULL; unsigned char *req = NULL; size_t req_size = 0x100; const unsigned char *certid = NULL; size_t certid_size = 0; if (!crt->v3_ext.p || crt->v3_ext.len == 0) goto out; const char *tmp = NULL; int r = ext_parse_ocsp_uri(crt->v3_ext.p, crt->v3_ext.len, &tmp); if (r < 0) warnx("ocsp_check: ext_parse_ocsp_uri failed: %s", _mbedtls_strerror(r)); else if (r == 0) goto out; ocsp_uri = strndup(tmp, r); if (!ocsp_uri) { warn("ocsp_check: strndup failed"); goto out; } while (!req) { req = calloc(1, req_size); if (!req) { warn("ocsp_check: calloc failed"); goto out; } r = ocsp_req(crt, req, req_size, &certid, &certid_size); if (r == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL) { free(req); req = NULL; req_size *= 2; } else if (r < 0) { warnx("ocsp_check: ocsp_req failed: %s", _mbedtls_strerror(r)); goto out; } else req_size = r; } msg(1, "querying OCSP server at %s", ocsp_uri); msg_hd(3, "ocsp_check: HTTP post:\n", req, req_size); cd = curl_post(ocsp_uri, req, req_size, "Content-Type: application/ocsp-request", NULL); if (!cd) { warnx("ocsp_check: curl_post(\"%s\") failed", ocsp_uri); goto out; } if (cd->headers) msg(3, "ocsp_check: HTTP headers:\n%s", cd->headers); if (cd->body) msg_hd(3, "ocsp_check: HTTP body:\n", cd->body, cd->body_len); int status; r = ocsp_resp((unsigned char *)cd->body, cd->body_len, certid, certid_size, &status); if (r < 0) { warnx("ocsp_check: ocsp_resp failed: %s", _mbedtls_strerror(r)); goto out; } else if (r > 0) { warnx("OCSP response was unsuccessful (%d)", r); goto out; } else switch (status) { case 0: // GOOD msg(1, "OCSP certificate status is GOOD"); break; case 1: // REVOKED warnx("OCSP certificate status is REVOKED"); result = false; break; case 2: // UNKNOWN default: msg(1, "OCSP certificate status is UNKNOWN"); break; } out: free(ocsp_uri); free(req); if (cd) curldata_free(cd); return result; } #endif #if defined(USE_GNUTLS) int ari_check(gnutls_x509_crt_t crt, const char *ari_url) #elif defined(USE_OPENSSL) int ari_check(X509 *crt, const char *ari_url) #elif defined(USE_MBEDTLS) int ari_check(mbedtls_x509_crt *crt, const char *ari_url) #endif { int ret = -1; json_value_t *json = NULL; if (!ari_url) goto out; char *url = crt_ari_url(crt, ari_url); if (!url) goto out; msg(1, "checking certificate renewal info at %s", url); curldata_t *c = curl_get(url); free(url); if (!c) { warnx("ari_check: curl_get failed"); goto out; } if (c->headers) msg(3, "ari_check: HTTP headers\n%s", c->headers); if (c->body) msg(3, "ari_check: HTTP body\n%s", c->body); char *p = find_header(c->headers, "Content-Type"); if (p && strcasestr(p, "json")) json = json_parse(c->body, c->body_len); free(p); curldata_free(c); if (!json) { warnx("ari_check: failed to parse"); goto out; } const json_value_t *window = json_find(json, "suggestedWindow"); if (!window) { warnx("ari_check: missing suggestedWindow"); goto out; } const char *start = json_find_string(window, "start"); const char *end = json_find_string(window, "end"); if (!start || !end) { warnx("ari_check: missing start or end"); goto out; } msg(1, "certificate renewal window: start=%s end=%s", start, end); struct tm start_tm, end_tm; p = strptime(start, "%Y-%m-%dT%T%z", &start_tm); if (!p || *p) { warnx("ari_check: failed to parse start"); goto out; } p = strptime(end, "%Y-%m-%dT%T%z", &end_tm); if (!p || *p) { warnx("ari_check: failed to parse end"); goto out; } time_t start_t = mktime(&start_tm); if (start_t == (time_t)-1) { warnx("ari_check: invalid start"); goto out; } time_t end_t = mktime(&end_tm); if (end_t == (time_t)-1) { warnx("ari_check: invalid end"); goto out; } if (start_t >= end_t) { warnx("ari_check: invalid start/end"); goto out; } if (time(NULL) > start_t + (end_t - start_t) * ((float)rand()/RAND_MAX)) ret = 1; else ret = 0; out: json_free(json); return ret; } bool cert_valid(const char *certfile, char * const *names, const char *ari_url, int validity, bool status_check) { bool valid = false; #if defined(USE_GNUTLS) gnutls_x509_crt_t crt[2] = {NULL, NULL}; int ncrt = cert_load(crt, 2, "%s", certfile); if (ncrt <= 0) goto out; time_t expiration = gnutls_x509_crt_get_expiration_time(crt[0]); if (expiration == (time_t)-1) { warnx("cert_valid: gnutls_x509_crt_get_expiration_time failed"); goto out; } int days_left = (expiration - time(NULL))/(24*3600); msg(1, "%s expires in %d days", certfile, days_left); int ari = -1; if (days_left > 0) ari = ari_check(crt[0], ari_url); if (ari > 0 || (ari < 0 && days_left < validity)) { msg(1, "%s is due for renewal", certfile); goto out; } while (names && *names) { if (!gnutls_x509_crt_check_hostname2(crt[0], *names, GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS)) { msg(1, "%s does not include %s", certfile, *names); goto out; } names++; } valid = true; if (status_check) { if (ncrt < 2) warn("no issuer certificate in %s, skipping OCSP check", certfile); else valid = ocsp_check(crt); } out: for (int i = 0; i < ncrt; i++) if (crt[i]) gnutls_x509_crt_deinit(crt[i]); #elif defined(USE_OPENSSL) GENERAL_NAMES *san = NULL; X509_NAME *sname = NULL; X509 *crt[2] = {NULL, NULL}; int ncrt = cert_load(crt, 2, "%s", certfile); if (ncrt <= 0) goto out; int days_left; const ASN1_TIME *tm = X509_get0_notAfter(crt[0]); #if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3050000fL struct tm tcrt; if (tm && ASN1_time_parse((const char *)tm->data, tm->length, &tcrt, tm->type) != -1) { time_t now = time(NULL); struct tm *tnow = gmtime(&now); if (!tnow) { warnx("cert_valid: gmtime overflow"); goto out; } days_left = difftime(mktime(&tcrt), mktime(tnow))/(3600*24); } else { #else int sec; if (!tm || !ASN1_TIME_diff(&days_left, &sec, NULL, tm)) { #endif warnx("cert_valid: invalid expiration time format in %s", certfile); goto out; } msg(1, "%s expires in %d days", certfile, days_left); int ari = -1; if (days_left > 0) ari = ari_check(crt[0], ari_url); if (ari > 0 || (ari < 0 && days_left < validity)) { msg(1, "%s is due for renewal", certfile); goto out; } int crit = 0; san = X509_get_ext_d2i(crt[0], NID_subject_alt_name, &crit, NULL); if (!san && crit < 0) { openssl_error("cert_valid"); goto out; } sname = X509_get_subject_name(crt[0]); while (names && *names) { bool found = false; int count = sk_GENERAL_NAME_num(san); while (count-- && !found) { GENERAL_NAME *name = sk_GENERAL_NAME_value(san, count); if (!name) continue; int type; ASN1_STRING *value = GENERAL_NAME_get0_value(name, &type); if (!value) continue; if (type == GEN_DNS) { unsigned char *s = NULL; if (ASN1_STRING_to_UTF8(&s, (ASN1_STRING *)value) < 0) { openssl_error("cert_valid"); continue; } else if (s) { if (strcasecmp((char *)s, *names) == 0) found = true; OPENSSL_free(s); } } else if (type == GEN_IPADD) { char s[INET6_ADDRSTRLEN]; int af; switch (ASN1_STRING_length(value)) { case 4: af = AF_INET; break; case 16: af = AF_INET6; break; default: continue; } memset(s, 0, sizeof(s)); if (!inet_ntop(af, ASN1_STRING_get0_data(value), s, sizeof(s))) continue; if (strcasecmp(s, *names) == 0) found = true; } } if (sname) { for (int i = -1; !found; ) { i = X509_NAME_get_index_by_NID(sname, NID_commonName, i); if (i < 0) break; X509_NAME_ENTRY *entry = X509_NAME_get_entry(sname, i); if (!entry) continue; ASN1_STRING *str = X509_NAME_ENTRY_get_data(entry); if (!str) continue; unsigned char *s = NULL; if (ASN1_STRING_to_UTF8(&s, str) < 0) { openssl_error("cert_valid"); continue; } if (strcasecmp((char *)s, *names) == 0) found = true; OPENSSL_free(s); } } if (!found) { msg(1, "%s does not include %s", certfile, *names); goto out; } names++; } valid = true; if (status_check) { if (ncrt < 2) warn("no issuer certificate in %s, skipping OCSP check", certfile); else valid = ocsp_check(crt); } out: for (int i = 0; i < ncrt; i++) if (crt[i]) X509_free(crt[i]); if (san) GENERAL_NAMES_free(san); #elif defined(USE_MBEDTLS) mbedtls_x509_crt *crt = NULL; mbedtls_x509_sequence san; memset(&san, 0, sizeof(san)); int ncrt = cert_load(&crt, "%s", certfile); if (ncrt < 1) goto out; struct tm texp = { .tm_sec = crt->valid_to.sec, .tm_min = crt->valid_to.min, .tm_hour = crt->valid_to.hour, .tm_mday = crt->valid_to.day, .tm_mon = crt->valid_to.mon - 1, .tm_year = crt->valid_to.year - 1900, .tm_isdst = -1 }; time_t expiration = mktime(&texp); if (expiration == (time_t)-1) { warnx("cert_valid: failed to determine expiration time"); goto out; } int days_left = (expiration - time(NULL))/(24*3600); msg(1, "%s expires in %d days", certfile, days_left); int ari = -1; if (days_left > 0) ari = ari_check(crt, ari_url); if (ari > 0 || (ari < 0 && days_left < validity)) { msg(1, "%s is due for renewal", certfile); goto out; } #if MBEDTLS_VERSION_NUMBER >= 0x03000000 if (mbedtls_x509_crt_has_ext_type(crt, MBEDTLS_X509_EXT_SUBJECT_ALT_NAME)) { #else if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { #endif int r = ext_san(crt->v3_ext.p, crt->v3_ext.len, &san); if (r) { warnx("cert_valid: ext_san failed: %s", _mbedtls_strerror(r)); goto out; } } while (names && *names) { bool found = false; const mbedtls_x509_name *name = NULL; const mbedtls_x509_sequence *cur = NULL; for (cur = &san; cur && !found; cur = cur->next) { if (cur->buf.tag == (MBEDTLS_ASN1_CONTEXT_SPECIFIC|2)) { if (strncasecmp(*names, (const char *)cur->buf.p, strlen(*names)) == 0) found = true; } else if (cur->buf.tag == (MBEDTLS_ASN1_CONTEXT_SPECIFIC|7)) { char s[INET6_ADDRSTRLEN]; int af; switch (cur->buf.len) { case 4: af = AF_INET; break; case 16: af = AF_INET6; break; default: continue; } memset(s, 0, sizeof(s)); if (!inet_ntop(af, cur->buf.p, s, sizeof(s))) continue; if (strcasecmp(s, *names) == 0) found = true; } } for (name = &crt->subject; name != NULL && !found; name = name->next) { if (MBEDTLS_OID_CMP(MBEDTLS_OID_AT_CN, &name->oid) == 0 && strncasecmp(*names, (const char *)name->val.p, strlen(*names)) == 0) found = true; } if (!found) { msg(1, "%s does not include %s", certfile, *names); goto out; } names++; } valid = true; if (status_check) { if (ncrt < 2) warn("no issuer certificate in %s, skipping OCSP check", certfile); else valid = ocsp_check(crt); } out: if (crt) { mbedtls_x509_crt_free(crt); free(crt); } while (san.next) { mbedtls_x509_sequence *tmp = san.next; san.next = tmp->next; mbedtls_free(tmp); } #endif return valid; } char *cert_der_base64url(const char *certfile) { char *ret = NULL; void *certdata = NULL; size_t certsize = 0; int r; #if defined(USE_GNUTLS) gnutls_x509_crt_t crt = NULL; if (cert_load(&crt, 1, certfile) <= 0) { warnx("cert_der_base64url: cert_load failed"); goto out; } gnutls_datum_t data = {NULL, 0}; r = gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_DER, &data); gnutls_x509_crt_deinit(crt); if (r != GNUTLS_E_SUCCESS) { warnx("cert_der_base64url: gnutls_x509_crt_export2: %s", gnutls_strerror(r)); goto out; } certsize = data.size; certdata = gnutls_datum_data(&data, true); if (!certdata) goto out; #elif defined(USE_OPENSSL) X509 *crt = NULL; if (cert_load(&crt, 1, certfile) <= 0) { warnx("cert_der_base64url: cert_load failed"); goto out; } r = i2d_X509(crt, NULL); if (r < 0) { openssl_error("cert_der_base64url"); X509_free(crt); goto out; } certsize = r; certdata = calloc(1, certsize); if (!certdata) { warn("cert_der_base64url: calloc failed"); X509_free(crt); goto out; } unsigned char *tmp = certdata; r = i2d_X509(crt, &tmp); X509_free(crt); if (r != (int)certsize) { openssl_error("cert_der_base64url"); goto out; } #elif defined(USE_MBEDTLS) certdata = read_file(certfile, &certsize); if (!certdata) { warn("cert_der_base64url: error reading %s", certfile); goto out; } mbedtls_pem_context ctx; mbedtls_pem_init(&ctx); size_t len; r = mbedtls_pem_read_buffer(&ctx, "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----", certdata, NULL, 0, &len); if (r) { warnx("cert_der_base64url: mbedtls_pem_read_buffer failed: %s", _mbedtls_strerror(r)); mbedtls_pem_free(&ctx); goto out; } free(certdata); #if MBEDTLS_VERSION_NUMBER >= 0x03000000 const unsigned char *certbuf = mbedtls_pem_get_buffer(&ctx, &certsize); if (!certbuf) { warn("csr_der_base64url: mbedtls_pem_get_buffer failed"); goto out; } #else const unsigned char *certbuf = ctx.buf; certsize = ctx.buflen; #endif certdata = calloc(1, certsize); if (!certdata) { warn("cert_der_base64url: calloc failed"); mbedtls_pem_free(&ctx); goto out; } memcpy(certdata, certbuf, certsize); mbedtls_pem_free(&ctx); #endif r = base64_ENCODED_LEN(certsize, base64_VARIANT_URLSAFE_NO_PADDING); if (!(ret = calloc(1, r))) { warn("cert_der_base64url: calloc failed"); goto out; } if (!bin2base64(ret, r, certdata, certsize, base64_VARIANT_URLSAFE_NO_PADDING)) { warnx("cert_der_base64url: bin2base64 failed"); free(ret); ret = NULL; goto out; } out: free(certdata); return ret; } uacme-1.7.6/base64.c0000644000000000000000000002563114555533301010751 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #include #include #include #include #include #include #include #include #include "base64.h" /* Base64 routines adapted from https://www.libsodium.org */ /* * ISC License * * Copyright (c) 2013-2017 * Frank Denis * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ /* Derived from original code by CodesInChaos */ char *bin2hex(char *const hex, const size_t hex_maxlen, const unsigned char *const bin, const size_t bin_len) { size_t i = (size_t) 0U; unsigned int x; int b; int c; if (bin_len >= SIZE_MAX / 2 || hex_maxlen <= bin_len * 2U) { errx(2, "bin2hex length wrong"); } while (i < bin_len) { c = bin[i] & 0xf; b = bin[i] >> 4; x = (unsigned char) (87U + c + (((c - 10U) >> 8) & ~38U)) << 8 | (unsigned char) (87U + b + (((b - 10U) >> 8) & ~38U)); hex[i * 2U] = (char) x; x >>= 8; hex[i * 2U + 1U] = (char) x; i++; } hex[i * 2U] = 0U; return hex; } int hex2bin(unsigned char *const bin, const size_t bin_maxlen, const char *const hex, const size_t hex_len, const char *const ignore, size_t *const bin_len, const char **const hex_end) { size_t bin_pos = (size_t) 0U; size_t hex_pos = (size_t) 0U; int ret = 0; unsigned char c; unsigned char c_acc = 0U; unsigned char c_alpha0, c_alpha; unsigned char c_num0, c_num; unsigned char c_val; unsigned char state = 0U; while (hex_pos < hex_len) { c = (unsigned char) hex[hex_pos]; c_num = c ^ 48U; c_num0 = (c_num - 10U) >> 8; c_alpha = (c & ~32U) - 55U; c_alpha0 = ((c_alpha - 10U) ^ (c_alpha - 16U)) >> 8; if ((c_num0 | c_alpha0) == 0U) { if (ignore != NULL && state == 0U && strchr(ignore, c) != NULL) { hex_pos++; continue; } break; } c_val = (c_num0 & c_num) | (c_alpha0 & c_alpha); if (bin_pos >= bin_maxlen) { ret = -1; errno = ERANGE; break; } if (state == 0U) { c_acc = c_val * 16U; } else { bin[bin_pos++] = c_acc | c_val; } state = ~state; hex_pos++; } if (state != 0U) { hex_pos--; errno = EINVAL; ret = -1; } if (ret != 0) { bin_pos = (size_t) 0U; } if (hex_end != NULL) { *hex_end = &hex[hex_pos]; } else if (hex_pos != hex_len) { errno = EINVAL; ret = -1; } if (bin_len != NULL) { *bin_len = bin_pos; } return ret; } /* * Some macros for constant-time comparisons. These work over values in * the 0..255 range. Returned value is 0x00 on "false", 0xFF on "true". * * Original code by Thomas Pornin. */ #define EQ(x, y) \ ((((0U - ((unsigned int) (x) ^ (unsigned int) (y))) >> 8) & 0xFF) ^ 0xFF) #define GT(x, y) ((((unsigned int) (y) - (unsigned int) (x)) >> 8) & 0xFF) #define GE(x, y) (GT(y, x) ^ 0xFF) #define LT(x, y) GT(y, x) #define LE(x, y) GE(y, x) static int b64_byte_to_char(unsigned int x) { return (LT(x, 26) & (x + 'A')) | (GE(x, 26) & LT(x, 52) & (x + ('a' - 26))) | (GE(x, 52) & LT(x, 62) & (x + ('0' - 52))) | (EQ(x, 62) & '+') | (EQ(x, 63) & '/'); } static unsigned int b64_char_to_byte(int c) { const unsigned int x = (GE(c, 'A') & LE(c, 'Z') & (c - 'A')) | (GE(c, 'a') & LE(c, 'z') & (c - ('a' - 26))) | (GE(c, '0') & LE(c, '9') & (c - ('0' - 52))) | (EQ(c, '+') & 62) | (EQ(c, '/') & 63); return x | (EQ(x, 0) & (EQ(c, 'A') ^ 0xFF)); } static int b64_byte_to_urlsafe_char(unsigned int x) { return (LT(x, 26) & (x + 'A')) | (GE(x, 26) & LT(x, 52) & (x + ('a' - 26))) | (GE(x, 52) & LT(x, 62) & (x + ('0' - 52))) | (EQ(x, 62) & '-') | (EQ(x, 63) & '_'); } static unsigned int b64_urlsafe_char_to_byte(int c) { const unsigned x = (GE(c, 'A') & LE(c, 'Z') & (c - 'A')) | (GE(c, 'a') & LE(c, 'z') & (c - ('a' - 26))) | (GE(c, '0') & LE(c, '9') & (c - ('0' - 52))) | (EQ(c, '-') & 62) | (EQ(c, '_') & 63); return x | (EQ(x, 0) & (EQ(c, 'A') ^ 0xFF)); } #define VARIANT_NO_PADDING_MASK 0x2U #define VARIANT_URLSAFE_MASK 0x4U static void base64_check_variant(const int variant) { if ((((unsigned int) variant) & ~ 0x6U) != 0x1U) { errx(2, "base64_check_variant: invalid variant"); } } size_t base64_encoded_len(const size_t bin_len, const int variant) { base64_check_variant(variant); return base64_ENCODED_LEN(bin_len, variant); } char *bin2base64(char * const b64, const size_t b64_maxlen, const unsigned char * const bin, const size_t bin_len, const int variant) { size_t acc_len = (size_t) 0; size_t b64_len; size_t b64_pos = (size_t) 0; size_t bin_pos = (size_t) 0; size_t nibbles; size_t remainder; unsigned int acc = 0U; base64_check_variant(variant); nibbles = bin_len / 3; remainder = bin_len - 3 * nibbles; b64_len = nibbles * 4; if (remainder != 0) { if ((((unsigned int) variant) & VARIANT_NO_PADDING_MASK) == 0U) { b64_len += 4; } else { b64_len += 2 + (remainder >> 1); } } if (b64_maxlen <= b64_len) { errx(2, "bin2base64: maxlen < len"); } if ((((unsigned int) variant) & VARIANT_URLSAFE_MASK) != 0U) { while (bin_pos < bin_len) { acc = (acc << 8) + bin[bin_pos++]; acc_len += 8; while (acc_len >= 6) { acc_len -= 6; b64[b64_pos++] = (char) b64_byte_to_urlsafe_char((acc >> acc_len) & 0x3F); } } if (acc_len > 0) { b64[b64_pos++] = (char) b64_byte_to_urlsafe_char((acc << (6 - acc_len)) & 0x3F); } } else { while (bin_pos < bin_len) { acc = (acc << 8) + bin[bin_pos++]; acc_len += 8; while (acc_len >= 6) { acc_len -= 6; b64[b64_pos++] = (char) b64_byte_to_char((acc >> acc_len) & 0x3F); } } if (acc_len > 0) { b64[b64_pos++] = (char) b64_byte_to_char((acc << (6 - acc_len)) & 0x3F); } } assert(b64_pos <= b64_len); while (b64_pos < b64_len) { b64[b64_pos++] = '='; } do { b64[b64_pos++] = 0U; } while (b64_pos < b64_maxlen); return b64; } static int _base642bin_skip_padding(const char * const b64, const size_t b64_len, size_t * const b64_pos_p, const char * const ignore, size_t padding_len) { int c; while (padding_len > 0) { if (*b64_pos_p >= b64_len) { errno = ERANGE; return -1; } c = b64[*b64_pos_p]; if (c == '=') { padding_len--; } else if (ignore == NULL || strchr(ignore, c) == NULL) { errno = EINVAL; return -1; } (*b64_pos_p)++; } return 0; } int base642bin(unsigned char * const bin, const size_t bin_maxlen, const char * const b64, const size_t b64_len, const char * const ignore, size_t * const bin_len, const char ** const b64_end, const int variant) { size_t acc_len = (size_t) 0; size_t b64_pos = (size_t) 0; size_t bin_pos = (size_t) 0; int is_urlsafe; int ret = 0; unsigned int acc = 0U; unsigned int d; char c; base64_check_variant(variant); is_urlsafe = ((unsigned int) variant) & VARIANT_URLSAFE_MASK; while (b64_pos < b64_len) { c = b64[b64_pos]; if (is_urlsafe) { d = b64_urlsafe_char_to_byte(c); } else { d = b64_char_to_byte(c); } if (d == 0xFF) { if (ignore != NULL && strchr(ignore, c) != NULL) { b64_pos++; continue; } break; } acc = (acc << 6) + d; acc_len += 6; if (acc_len >= 8) { acc_len -= 8; if (bin_pos >= bin_maxlen) { errno = ERANGE; ret = -1; break; } bin[bin_pos++] = (acc >> acc_len) & 0xFF; } b64_pos++; } if (acc_len > 4U || (acc & ((1U << acc_len) - 1U)) != 0U) { ret = -1; } else if (ret == 0 && (((unsigned int) variant) & VARIANT_NO_PADDING_MASK) == 0U) { ret = _base642bin_skip_padding(b64, b64_len, &b64_pos, ignore, acc_len / 2); } if (ret != 0) { bin_pos = (size_t) 0U; } else if (ignore != NULL) { while (b64_pos < b64_len && strchr(ignore, b64[b64_pos]) != NULL) { b64_pos++; } } if (b64_end != NULL) { *b64_end = &b64[b64_pos]; } else if (b64_pos != b64_len) { errno = EINVAL; ret = -1; } if (bin_len != NULL) { *bin_len = bin_pos; } return ret; } char *encode_base64url(const char *str) { size_t encoded_len = base64_ENCODED_LEN(strlen(str), base64_VARIANT_URLSAFE_NO_PADDING); char *encoded = calloc(1, encoded_len); if (!encoded) return NULL; return bin2base64(encoded, encoded_len, (const unsigned char *)str, strlen(str), base64_VARIANT_URLSAFE_NO_PADDING); } uacme-1.7.6/sglib.h0000644000000000000000000021613114555530552010774 00000000000000/* This is SGLIB version 1.0.4 (C) by Marian Vittek, Bratislava, http://www.xref-tech.com/sglib, 2003-5 License Conditions: You can use a verbatim copy (including this copyright notice) of sglib freely in any project, commercial or not. You can also use derivative forms freely under terms of Open Source Software license or under terms of GNU Public License. If you need to use a derivative form in a commercial project, or you need sglib under any other license conditions, contact the author. */ #ifndef _SGLIB__h_ #define _SGLIB__h_ /* the assert is used exclusively to write unexpected error messages */ #include /* ---------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------- */ /* - LEVEL - 0 INTERFACE - */ /* ---------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------- */ /* ------------------------------ STATIC ARRAYS ------------------------------- */ /* ---------------------------------------------------------------------------- */ /* Basic algorithms for sorting arrays. Multiple depending arrays can be rearranged using user defined 'elem_exchangers' */ /* HEAP - SORT (level 0) */ #define SGLIB_ARRAY_SINGLE_HEAP_SORT(type, a, max, comparator) {\ SGLIB_ARRAY_HEAP_SORT(type, a, max, comparator, SGLIB_ARRAY_ELEMENTS_EXCHANGER);\ } #define SGLIB_ARRAY_HEAP_SORT(type, a, max, comparator, elem_exchanger) {\ int _k_;\ for(_k_=(max)/2; _k_>=0; _k_--) {\ SGLIB___ARRAY_HEAP_DOWN(type, a, _k_, max, comparator, elem_exchanger);\ }\ for(_k_=(max)-1; _k_>=0; _k_--) {\ elem_exchanger(type, a, 0, _k_);\ SGLIB___ARRAY_HEAP_DOWN(type, a, 0, _k_, comparator, elem_exchanger);\ }\ } #define SGLIB___ARRAY_HEAP_DOWN(type, a, ind, max, comparator, elem_exchanger) {\ int _m_, _l_, _r_, _i_;\ _i_ = (ind);\ _m_ = _i_;\ do {\ _i_ = _m_;\ _l_ = 2*_i_+1;\ _r_ = _l_+1;\ if (_l_ < (max)){\ if (comparator(((a)[_m_]), ((a)[_l_])) < 0) _m_ = _l_;\ if (_r_ < (max)) {\ if (comparator(((a)[_m_]), ((a)[_r_])) < 0) _m_ = _r_;\ }\ }\ if (_m_ != _i_) {\ elem_exchanger(type, a, _i_, _m_);\ }\ } while (_m_ != _i_);\ } /* QUICK - SORT (level 0) */ #define SGLIB_ARRAY_SINGLE_QUICK_SORT(type, a, max, comparator) {\ SGLIB_ARRAY_QUICK_SORT(type, a, max, comparator, SGLIB_ARRAY_ELEMENTS_EXCHANGER);\ } #define SGLIB_ARRAY_QUICK_SORT(type, a, max, comparator, elem_exchanger) {\ int _i_, _j_, _p_, _stacki_, _start_, _end_;\ /* can sort up to 2^64 elements */\ int _startStack_[64];\ int _endStack_[64];\ _startStack_[0] = 0;\ _endStack_[0] = (max);\ _stacki_ = 1;\ while (_stacki_ > 0) {\ _stacki_ --;\ _start_ = _startStack_[_stacki_];\ _end_ = _endStack_[_stacki_];\ while (_end_ - _start_ > 2) {\ _p_ = _start_;\ _i_ = _start_ + 1;\ _j_ = _end_ - 1;\ while (_i_<_j_) {\ for(; _i_<=_j_ && comparator(((a)[_i_]),((a)[_p_]))<=0; _i_++) ;\ if (_i_ > _j_) {\ /* all remaining elements lesseq than pivot */\ elem_exchanger(type, a, _j_, _p_);\ _i_ = _j_;\ } else {\ for(; _i_<=_j_ && comparator(((a)[_j_]),((a)[_p_]))>=0; _j_--) ;\ if (_i_ > _j_) {\ /* all remaining elements greater than pivot */\ elem_exchanger(type, a, _j_, _p_);\ _i_ = _j_;\ } else if (_i_ < _j_) {\ elem_exchanger(type, a, _i_, _j_);\ if (_i_+2 < _j_) {_i_++; _j_--;}\ else if (_i_+1 < _j_) _i_++;\ }\ }\ }\ /* O.K. i==j and pivot is on a[i] == a[j] */\ /* handle recursive calls without recursion */\ if (_i_-_start_ > 1 && _end_-_j_ > 1) {\ /* two recursive calls, use array-stack */\ if (_i_-_start_ < _end_-_j_-1) {\ _startStack_[_stacki_] = _j_+1;\ _endStack_[_stacki_] = _end_;\ _stacki_ ++;\ _end_ = _i_;\ } else {\ _startStack_[_stacki_] = _start_;\ _endStack_[_stacki_] = _i_;\ _stacki_ ++;\ _start_ = _j_+1;\ }\ } else {\ if (_i_-_start_ > 1) {\ _end_ = _i_;\ } else {\ _start_ = _j_+1;\ }\ }\ }\ if (_end_ - _start_ == 2) {\ if (comparator(((a)[_start_]),((a)[_end_-1])) > 0) {\ elem_exchanger(type, a, _start_, _end_-1);\ }\ }\ }\ } /* BINARY SEARCH (level 0) */ #define SGLIB_ARRAY_BINARY_SEARCH(type, a, start_index, end_index, key, comparator, found, result_index) {\ int _kk_, _cc_, _ii_, _jj_, _ff_;\ _ii_ = (start_index);\ _jj_ = (end_index);\ _ff_ = 0;\ while (_ii_ <= _jj_ && _ff_==0) {\ _kk_ = (_jj_+_ii_)/2;\ _cc_ = comparator(((a)[_kk_]), (key));\ if (_cc_ == 0) {\ (result_index) = _kk_;\ _ff_ = 1;\ } else if (_cc_ < 0) {\ _ii_ = _kk_+1;\ } else {\ _jj_ = _kk_-1;\ }\ }\ if (_ff_ == 0) {\ /* not found, but set its resulting place in the array */\ (result_index) = _jj_+1;\ }\ (found) = _ff_;\ } /* -------------------------------- queue (in an array) ------------------ */ /* queue is a quadruple (a,i,j,dim) such that: */ /* a is the array storing values */ /* i is the index of the first used element in the array */ /* j is the index of the first free element in the array */ /* dim is the size of the array a */ /* !!!!!!! This data structure is NOT documented, do not use it !!!!!!!!!! */ #define SGLIB_QUEUE_INIT(type, a, i, j) { i = j = 0; } #define SGLIB_QUEUE_IS_EMPTY(type, a, i, j) ((i)==(j)) #define SGLIB_QUEUE_IS_FULL(type, a, i, j, dim) ((i)==((j)+1)%(dim)) #define SGLIB_QUEUE_FIRST_ELEMENT(type, a, i, j) (a[i]) #define SGLIB_QUEUE_ADD_NEXT(type, a, i, j, dim) {\ if (SGLIB_QUEUE_IS_FULL(type, a, i, j, dim)) assert(0 && "the queue is full");\ (j) = ((j)+1) % (dim);\ } #define SGLIB_QUEUE_ADD(type, a, elem, i, j, dim) {\ a[j] = (elem);\ SGLIB_QUEUE_ADD_NEXT(type, a, i, j, dim);\ } #define SGLIB_QUEUE_DELETE_FIRST(type, a, i, j, dim) {\ if (SGLIB_QUEUE_IS_EMPTY(type, a, i, j)) assert(0 && "the queue is empty");\ (i) = ((i)+1) % (dim);\ } #define SGLIB_QUEUE_DELETE(type, a, i, j, dim) {\ SGLIB_QUEUE_DELETE_FIRST(type, a, i, j, dim);\ } /* ----------------- priority queue (heap) (in an array) -------------------- */ /* heap is a triple (a,i,dim) such that: */ /* a is the array storing values */ /* i is the index of the first free element in the array */ /* dim is the size of the array a */ /* !!!!!!! This data structure is NOT documented, do not use it !!!!!!!!!! */ #define SGLIB_HEAP_INIT(type, a, i) { i = 0; } #define SGLIB_HEAP_IS_EMPTY(type, a, i) ((i)==0) #define SGLIB_HEAP_IS_FULL(type, a, i, dim) ((i)==(dim)) #define SGLIB_HEAP_FIRST_ELEMENT(type, a, i) (a[0]) #define SGLIB_HEAP_ADD_NEXT(type, a, i, dim, comparator, elem_exchanger) {\ int _i_;\ if (SGLIB_HEAP_IS_FULL(type, a, i, dim)) assert(0 && "the heap is full");\ _i_ = (i)++;\ while (_i_ > 0 && comparator(a[_i_/2], a[_i_]) < 0) {\ elem_exchanger(type, a, (_i_/2), _i_);\ _i_ = _i_/2;\ }\ } #define SGLIB_HEAP_ADD(type, a, elem, i, dim, comparator) {\ if (SGLIB_HEAP_IS_FULL(type, a, i, dim)) assert(0 && "the heap is full");\ a[i] = (elem);\ SGLIB_HEAP_ADD_NEXT(type, a, i, dim, comparator, SGLIB_ARRAY_ELEMENTS_EXCHANGER);\ } #define SGLIB_HEAP_DELETE_FIRST(type, a, i, dim, comparator, elem_exchanger) {\ if (SGLIB_HEAP_IS_EMPTY(type, a, i)) assert(0 && "the heap is empty");\ (i)--;\ a[0] = a[i];\ SGLIB___ARRAY_HEAP_DOWN(type, a, 0, i, comparator, elem_exchanger);\ } #define SGLIB_HEAP_DELETE(type, a, i, dim, comparator) {\ SGLIB_HEAP_DELETE_FIRST(type, a, i, dim, comparator, SGLIB_ARRAY_ELEMENTS_EXCHANGER);\ } /* ----------------- hashed table of pointers (in an array) -------------------- */ /* This hashed table is storing pointers to objects (not containers). In this table there is a one-to-one mapping between 'objects' stored in the table and indexes where they are placed. Each index is pointing to exactly one 'object' and each 'object' stored in the table occurs on exactly one index. Once an object is stored in the table, it can be represented via its index. In case of collision while adding an object the index shifted by SGLIB_HASH_TAB_SHIFT_CONSTANT (constant can be redefined) You can NOT delete an element from such hash table. The only justification (I can see) for this data structure is an exchange file format, having an index table at the beginning and then refering objects via indexes. !!!!!!! This data structure is NOT documented, do not use it !!!!!!!!!! */ #define SGLIB_HASH_TAB_INIT(type, table, dim) {\ int _i_;\ for(_i_ = 0; _i_ < (dim); _i_++) (table)[_i_] = NULL;\ } #define SGLIB_HASH_TAB_ADD_IF_NOT_MEMBER(type, table, dim, elem, hash_function, comparator, member){\ unsigned _pos_;\ type *_elem_;\ SGLIB_HASH_TAB_FIND_MEMBER(type, table, dim, elem, _pos_, _elem_);\ (member) = (table)[_pos_];\ if (_elem_ == NULL) {\ if ((table)[_pos_] != NULL) assert(0 && "the hash table is full");\ (table)[_pos_] = (elem);\ }\ } #define SGLIB_HASH_TAB_FIND_MEMBER(type, table, dim, elem, hash_function, comparator, resultIndex, resultMember) {\ unsigned _i_;\ int _count_;\ type *_e_;\ _count = 0;\ _i_ = hash_function(elem);\ _i_ %= (dim);\ while ((_e_=(table)[_i_])!=NULL && comparator(_e_, (elem))!=0 && _count_<(dim)) {\ _count_ ++;\ _i_ = (_i_ + SGLIB_HASH_TAB_SHIFT_CONSTANT) % (dim);\ }\ (resultIndex) = _i_;\ if (_count_ < (dim)) (resultMember) = _e_;\ else (resultMember) = NULL;\ } #define SGLIB_HASH_TAB_IS_MEMBER(type, table, dim, elem, hash_function, resultIndex) {\ unsigned _i_;\ int _c_;\ type *_e_;\ _count = 0;\ _i_ = hash_function(elem);\ _i_ %= (dim);\ while ((_e_=(table)[_i_])!=NULL && _e_!=(elem) && _c_<(dim)) {\ _c_ ++;\ _i_ = (_i_ + SGLIB_HASH_TAB_SHIFT_CONSTANT) % (dim);\ }\ if (_e_==(elem)) (resultIndex) = _i_;\ else (resultIndex) = -1;\ } #define SGLIB_HASH_TAB_MAP_ON_ELEMENTS(type, table, dim, iteratedIndex, iteratedVariable, command) {\ unsigned iteratedIndex;\ type *iteratedVariable;\ for(iteratedIndex=0; iteratedIndex < (dim); iteratedIndex++) {\ iteratedVariable = (table)[iteratedIndex];\ if (iteratedVariable != NULL) {command;}\ }\ } /* ---------------------------------------------------------------------------- */ /* ------------------------- DYNAMIC DATA STRUCTURES -------------------------- */ /* ---------------------------------------------------------------------------- */ /* ------------------------------------ lists (level 0) --------------------- */ #define SGLIB_LIST_ADD(type, list, elem, next) {\ (elem)->next = (list);\ (list) = (elem);\ } #define SGLIB_LIST_CONCAT(type, first, second, next) {\ if ((first)==NULL) {\ (first) = (second);\ } else {\ type *_p_;\ for(_p_ = (first); _p_->next!=NULL; _p_=_p_->next) ;\ _p_->next = (second);\ }\ } #define SGLIB_LIST_DELETE(type, list, elem, next) {\ type **_p_;\ for(_p_ = &(list); *_p_!=NULL && *_p_!=(elem); _p_= &(*_p_)->next) ;\ assert(*_p_!=NULL && "element is not member of the container, use DELETE_IF_MEMBER instead"!=NULL);\ *_p_ = (*_p_)->next;\ } #define SGLIB_LIST_ADD_IF_NOT_MEMBER(type, list, elem, comparator, next, member) {\ type *_p_;\ for(_p_ = (list); _p_!=NULL && comparator(_p_, (elem)) != 0; _p_= _p_->next) ;\ (member) = _p_;\ if (_p_ == NULL) {\ SGLIB_LIST_ADD(type, list, elem, next);\ }\ } #define SGLIB_LIST_DELETE_IF_MEMBER(type, list, elem, comparator, next, member) {\ type **_p_;\ for(_p_ = &(list); *_p_!=NULL && comparator((*_p_), (elem)) != 0; _p_= &(*_p_)->next) ;\ (member) = *_p_;\ if (*_p_ != NULL) {\ *_p_ = (*_p_)->next;\ }\ } #define SGLIB_LIST_IS_MEMBER(type, list, elem, next, result) {\ type *_p_;\ for(_p_ = (list); _p_!=NULL && _p_ != (elem); _p_= _p_->next) ;\ (result) = (_p_!=NULL);\ } #define SGLIB_LIST_FIND_MEMBER(type, list, elem, comparator, next, member) {\ type *_p_;\ for(_p_ = (list); _p_!=NULL && comparator(_p_, (elem)) != 0; _p_= _p_->next) ;\ (member) = _p_;\ } #define SGLIB_LIST_MAP_ON_ELEMENTS(type, list, iteratedVariable, next, command) {\ type *_ne_;\ type *iteratedVariable;\ (iteratedVariable) = (list);\ while ((iteratedVariable)!=NULL) {\ _ne_ = (iteratedVariable)->next;\ {command;};\ (iteratedVariable) = _ne_;\ }\ } #define SGLIB_LIST_LEN(type, list, next, result) {\ type *_ce_;\ (void)(_ce_);\ (result) = 0;\ SGLIB_LIST_MAP_ON_ELEMENTS(type, list, _ce_, next, (result)++);\ } #define SGLIB_LIST_REVERSE(type, list, next) {\ type *_list_,*_tmp_,*_res_;\ _list_ = (list);\ _res_ = NULL;\ while (_list_!=NULL) {\ _tmp_ = _list_->next; _list_->next = _res_;\ _res_ = _list_; _list_ = _tmp_;\ }\ (list) = _res_;\ } #define SGLIB_LIST_SORT(type, list, comparator, next) {\ /* a non-recursive merge sort on lists */\ type *_r_;\ type *_a_, *_b_, *_todo_, *_t_, **_restail_;\ int _i_, _n_, _contFlag_;\ _r_ = (list);\ _contFlag_ = 1;\ for(_n_ = 1; _contFlag_; _n_ = _n_+_n_) {\ _todo_ = _r_; _r_ = NULL; _restail_ = &_r_; _contFlag_ =0;\ while (_todo_!=NULL) {\ _a_ = _todo_;\ for(_i_ = 1, _t_ = _a_; _i_ < _n_ && _t_!=NULL; _i_++, _t_ = _t_->next) ;\ if (_t_ ==NULL) {\ *_restail_ = _a_;\ break;\ }\ _b_ = _t_->next; _t_->next=NULL;\ for(_i_ =1, _t_ = _b_; _i_<_n_ && _t_!=NULL; _i_++, _t_ = _t_->next) ;\ if (_t_ ==NULL) {\ _todo_ =NULL;\ } else {\ _todo_ = _t_->next; _t_->next=NULL;\ }\ /* merge */\ while (_a_!=NULL && _b_!=NULL) {\ if (comparator(_a_, _b_) < 0) {\ *_restail_ = _a_; _restail_ = &(_a_->next); _a_ = _a_->next;\ } else {\ *_restail_ = _b_; _restail_ = &(_b_->next); _b_ = _b_->next;\ }\ }\ if (_a_!=NULL) *_restail_ = _a_;\ else *_restail_ = _b_;\ while (*_restail_!=NULL) _restail_ = &((*_restail_)->next);\ _contFlag_ =1;\ }\ }\ (list) = _r_;\ } /* --------------------------------- sorted list (level 0) --------------------- */ /* All operations suppose that the list is sorted and they preserve this property. */ #define SGLIB_SORTED_LIST_ADD(type, list, elem, comparator, next) {\ type **_e_;\ int _cmpres_;\ SGLIB_SORTED_LIST_FIND_MEMBER_OR_PLACE(type, list, elem, comparator, next, _cmpres_, _e_);\ (elem)->next = *_e_;\ *_e_ = (elem);\ } #define SGLIB_SORTED_LIST_ADD_IF_NOT_MEMBER(type, list, elem, comparator, next, member) {\ type **_e_;\ int _cmp_res_;\ SGLIB_SORTED_LIST_FIND_MEMBER_OR_PLACE(type, list, elem, comparator, next, _cmp_res_, _e_);\ if (_cmp_res_ != 0) {\ (elem)->next = *_e_;\ *_e_ = (elem);\ (member) = NULL;\ } else {\ (member) = *_e_;\ }\ } #define SGLIB_SORTED_LIST_DELETE(type, list, elem, next) {\ SGLIB_LIST_DELETE(type, list, elem, next);\ } #define SGLIB_SORTED_LIST_DELETE_IF_MEMBER(type, list, elem, comparator, next, member) {\ type **_e_;\ int _cmp_res_;\ SGLIB_SORTED_LIST_FIND_MEMBER_OR_PLACE(type, list, elem, comparator, next, _cmp_res_, _e_);\ if (_cmp_res_ == 0) {\ (member) = *_e_;\ *_e_ = (*_e_)->next;\ } else {\ (member) = NULL;\ }\ } #define SGLIB_SORTED_LIST_FIND_MEMBER(type, list, elem, comparator, next, member) {\ type *_p_;\ int _cmpres_ = 1;\ for(_p_ = (list); _p_!=NULL && (_cmpres_=comparator(_p_, (elem))) < 0; _p_=_p_->next) ;\ if (_cmpres_ != 0) (member) = NULL;\ else (member) = _p_;\ } #define SGLIB_SORTED_LIST_IS_MEMBER(type, list, elem, comparator, next, result) {\ type *_p_;\ for(_p_ = (list); _p_!=NULL && comparator(_p_, (elem)) < 0; _p_=_p_->next) ;\ while (_p_ != NULL && _p_ != (elem) && comparator(_p_, (elem)) == 0) _p_=_p_->next;\ (result) = (_p_ == (elem));\ } #define SGLIB_SORTED_LIST_FIND_MEMBER_OR_PLACE(type, list, elem, comparator, next, comparator_result, member_ptr) {\ (comparator_result) = -1;\ for((member_ptr) = &(list);\ *(member_ptr)!=NULL && ((comparator_result)=comparator((*member_ptr), (elem))) < 0;\ (member_ptr) = &(*(member_ptr))->next) ;\ } #define SGLIB_SORTED_LIST_LEN(type, list, next, result) {\ SGLIB_LIST_LEN(type, list, next, result);\ } #define SGLIB_SORTED_LIST_MAP_ON_ELEMENTS(type, list, iteratedVariable, next, command) {\ SGLIB_LIST_MAP_ON_ELEMENTS(type, list, iteratedVariable, next, command);\ } /* ------------------------------- double linked list (level 0) ------------------------- */ /* Lists with back pointer to previous element. Those lists implements deletion of an element in a constant time. */ #define SGLIB___DL_LIST_CREATE_SINGLETON(type, list, elem, previous, next) {\ (list) = (elem);\ (list)->next = (list)->previous = NULL;\ } #define SGLIB_DL_LIST_ADD_AFTER(type, place, elem, previous, next) {\ if ((place) == NULL) {\ SGLIB___DL_LIST_CREATE_SINGLETON(type, place, elem, previous, next);\ } else {\ (elem)->next = (place)->next;\ (elem)->previous = (place);\ (place)->next = (elem);\ if ((elem)->next != NULL) (elem)->next->previous = (elem);\ }\ } #define SGLIB_DL_LIST_ADD_BEFORE(type, place, elem, previous, next) {\ if ((place) == NULL) {\ SGLIB___DL_LIST_CREATE_SINGLETON(type, place, elem, previous, next);\ } else {\ (elem)->next = (place);\ (elem)->previous = (place)->previous;\ (place)->previous = (elem);\ if ((elem)->previous != NULL) (elem)->previous->next = (elem);\ }\ } #define SGLIB_DL_LIST_ADD(type, list, elem, previous, next) {\ SGLIB_DL_LIST_ADD_BEFORE(type, list, elem, previous, next)\ (list) = (elem);\ } #define SGLIB___DL_LIST_GENERIC_ADD_IF_NOT_MEMBER(type, list, elem, comparator, previous, next, member, the_add_operation) {\ type *_dlp_;\ for(_dlp_ = (list); _dlp_!=NULL && comparator(_dlp_, (elem)) != 0; _dlp_= _dlp_->previous) ;\ if (_dlp_ == NULL && (list) != NULL) {\ for(_dlp_ = (list)->next; _dlp_!=NULL && comparator(_dlp_, (elem)) != 0; _dlp_= _dlp_->next) ;\ }\ (member) = _dlp_;\ if (_dlp_ == NULL) {\ the_add_operation(type, list, elem, previous, next);\ }\ } #define SGLIB_DL_LIST_ADD_BEFORE_IF_NOT_MEMBER(type, list, elem, comparator, previous, next, member) {\ SGLIB___DL_LIST_GENERIC_ADD_IF_NOT_MEMBER(type, list, elem, comparator, previous, next, member, SGLIB_DL_LIST_ADD_BEFORE);\ } #define SGLIB_DL_LIST_ADD_AFTER_IF_NOT_MEMBER(type, list, elem, comparator, previous, next, member) {\ SGLIB___DL_LIST_GENERIC_ADD_IF_NOT_MEMBER(type, list, elem, comparator, previous, next, member, SGLIB_DL_LIST_ADD_AFTER);\ } #define SGLIB_DL_LIST_ADD_IF_NOT_MEMBER(type, list, elem, comparator, previous, next, member) {\ SGLIB___DL_LIST_GENERIC_ADD_IF_NOT_MEMBER(type, list, elem, comparator, previous, next, member, SGLIB_DL_LIST_ADD);\ } #define SGLIB_DL_LIST_CONCAT(type, first, second, previous, next) {\ if ((first)==NULL) {\ (first) = (second);\ } else if ((second)!=NULL) {\ type *_dlp_;\ for(_dlp_ = (first); _dlp_->next!=NULL; _dlp_=_dlp_->next) { };\ SGLIB_DL_LIST_ADD_AFTER(type, _dlp_, second, previous, next);\ }\ } #define SGLIB_DL_LIST_DELETE(type, list, elem, previous, next) {\ type *_l_;\ _l_ = (list);\ if (_l_ == (elem)) {\ if ((elem)->previous != NULL) _l_ = (elem)->previous;\ else _l_ = (elem)->next;\ }\ if ((elem)->next != NULL) (elem)->next->previous = (elem)->previous;\ if ((elem)->previous != NULL) (elem)->previous->next = (elem)->next;\ (list) = _l_;\ } #define SGLIB_DL_LIST_DELETE_IF_MEMBER(type, list, elem, comparator, previous, next, member) {\ type *_dlp_;\ for(_dlp_ = (list); _dlp_!=NULL && comparator(_dlp_, (elem)) != 0; _dlp_= _dlp_->previous) ;\ if (_dlp_ == NULL && (list) != NULL) {\ for(_dlp_ = (list)->next; _dlp_!=NULL && comparator(_dlp_, (elem)) != 0; _dlp_= _dlp_->next) ;\ }\ (member) = _dlp_;\ if (_dlp_ != NULL) {\ SGLIB_DL_LIST_DELETE(type, list, _dlp_, previous, next);\ }\ } #define SGLIB_DL_LIST_IS_MEMBER(type, list, elem, previous, next, result) {\ type *_dlp_;\ SGLIB_LIST_IS_MEMBER(type, list, elem, previous, result);\ if (result == 0 && (list) != NULL) {\ _dlp_ = (list)->next;\ SGLIB_LIST_IS_MEMBER(type, _dlp_, elem, next, result);\ }\ } #define SGLIB_DL_LIST_FIND_MEMBER(type, list, elem, comparator, previous, next, member) {\ type *_dlp_;\ SGLIB_LIST_FIND_MEMBER(type, list, elem, comparator, previous, member);\ if ((member) == NULL && (list) != NULL) {\ _dlp_ = (list)->next;\ SGLIB_LIST_FIND_MEMBER(type, _dlp_, elem, comparator, next, member);\ }\ } #define SGLIB_DL_LIST_MAP_ON_ELEMENTS(type, list, iteratedVariable, previous, next, command) {\ type *_dl_;\ type *iteratedVariable;\ (void)(iteratedVariable);\ if ((list)!=NULL) {\ _dl_ = (list)->next;\ SGLIB_LIST_MAP_ON_ELEMENTS(type, list, iteratedVariable, previous, command);\ SGLIB_LIST_MAP_ON_ELEMENTS(type, _dl_, iteratedVariable, next, command);\ }\ } #define SGLIB_DL_LIST_SORT(type, list, comparator, previous, next) {\ type *_dll_;\ _dll_ = (list);\ if (_dll_ != NULL) {\ for(; _dll_->previous!=NULL; _dll_=_dll_->previous) { };\ SGLIB_LIST_SORT(type, _dll_, comparator, next);\ SGLIB___DL_LIST_CREATE_FROM_LIST(type, _dll_, previous, next);\ (list) = _dll_;\ }\ } #define SGLIB_DL_LIST_GET_FIRST(type, list, previous, next, result) {\ type *_dll_;\ _dll_ = (list);\ if (_dll_ != NULL) {\ for(; _dll_->previous!=NULL; _dll_=_dll_->previous) ;\ }\ (result) = _dll_;\ } #define SGLIB_DL_LIST_GET_LAST(type, list, previous, next, result) {\ type *_dll_;\ _dll_ = (list);\ if (_dll_ != NULL) {\ for(; _dll_->next!=NULL; _dll_=_dll_->next) ;\ }\ (result) = _dll_;\ } #define SGLIB_DL_LIST_LEN(type, list, previous, next, result) {\ type *_dl_;\ int _r1_, _r2_;\ if ((list)==NULL) {\ (result) = 0;\ } else {\ SGLIB_LIST_LEN(type, list, previous, _r1_);\ _dl_ = (list)->next;\ SGLIB_LIST_LEN(type, _dl_, next, _r2_);\ (result) = _r1_ + _r2_;\ }\ } #define SGLIB_DL_LIST_REVERSE(type, list, previous, next) {\ type *_list_,*_nlist_,*_dlp_,*_dln_;\ _list_ = (list);\ if (_list_!=NULL) {\ _nlist_ = _list_->next;\ while (_list_!=NULL) {\ _dln_ = _list_->next;\ _dlp_ = _list_->previous;\ _list_->next = _dlp_;\ _list_->previous = _dln_;\ _list_ = _dlp_;\ }\ while (_nlist_!=NULL) {\ _dln_ = _nlist_->next;\ _dlp_ = _nlist_->previous;\ _nlist_->next = _dlp_;\ _nlist_->previous = _dln_;\ _nlist_ = _dln_;\ }\ }\ } #define SGLIB___DL_LIST_CREATE_FROM_LIST(type, list, previous, next) {\ type *_dlp_, *_dlt_;\ _dlp_ = NULL;\ for(_dlt_ = (list); _dlt_!=NULL; _dlt_ = _dlt_->next) {\ _dlt_->previous = _dlp_;\ _dlp_ = _dlt_;\ }\ } /* ------------------------------- binary tree traversal (level 0) -------------------- */ #define SGLIB___BIN_TREE_MAP_ON_ELEMENTS(type, tree, iteratedVariable, order, left, right, command) {\ /* this is non-recursive implementation of tree traversal */\ /* it maintains the path to the current node in the array '_path_' */\ /* the _path_[0] contains the root of the tree; */\ /* the _path_[_pathi_] contains the _current_element_ */\ /* the macro does not use the _current_element_ after execution of command */\ /* command can destroy it, it can free the element for example */\ type *_path_[SGLIB_MAX_TREE_DEEP];\ type *_right_[SGLIB_MAX_TREE_DEEP];\ char _pass_[SGLIB_MAX_TREE_DEEP];\ type *_cn_;\ int _pathi_;\ type *iteratedVariable;\ (void)(iteratedVariable);\ _cn_ = (tree);\ _pathi_ = 0;\ while (_cn_!=NULL) {\ /* push down to leftmost innermost element */\ while(_cn_!=NULL) {\ _path_[_pathi_] = _cn_;\ _right_[_pathi_] = _cn_->right;\ _pass_[_pathi_] = 0;\ _cn_ = _cn_->left;\ if (order == 0) {\ iteratedVariable = _path_[_pathi_];\ {command;}\ }\ _pathi_ ++;\ if (_pathi_ >= SGLIB_MAX_TREE_DEEP) assert(0 && "the binary_tree is too deep");\ }\ do {\ _pathi_ --;\ if ((order==1 && _pass_[_pathi_] == 0)\ || (order == 2 && (_pass_[_pathi_] == 1 || _right_[_pathi_]==NULL))) {\ iteratedVariable = _path_[_pathi_];\ {command;}\ }\ _pass_[_pathi_] ++;\ } while (_pathi_>0 && _right_[_pathi_]==NULL) ;\ _cn_ = _right_[_pathi_];\ _right_[_pathi_] = NULL;\ _pathi_ ++;\ }\ } #define SGLIB_BIN_TREE_MAP_ON_ELEMENTS(type, tree, _current_element_, left, right, command) {\ SGLIB___BIN_TREE_MAP_ON_ELEMENTS(type, tree, _current_element_, 1, left, right, command);\ } #define SGLIB_BIN_TREE_MAP_ON_ELEMENTS_PREORDER(type, tree, _current_element_, left, right, command) {\ SGLIB___BIN_TREE_MAP_ON_ELEMENTS(type, tree, _current_element_, 0, left, right, command);\ } #define SGLIB_BIN_TREE_MAP_ON_ELEMENTS_POSTORDER(type, tree, _current_element_, left, right, command) {\ SGLIB___BIN_TREE_MAP_ON_ELEMENTS(type, tree, _current_element_, 2, left, right, command);\ } #define SGLIB___BIN_TREE_FIND_MEMBER(type, tree, elem, left, right, comparator, res) {\ type *_s_;\ int _c_;\ _s_ = (tree);\ while (_s_!=NULL) {\ _c_ = comparator((elem), _s_);\ if (_c_ < 0) _s_ = _s_->left;\ else if (_c_ > 0) _s_ = _s_->right;\ else break;\ }\ (res) = _s_;\ } /* ---------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------- */ /* - LEVEL - 1 INTERFACE - */ /* ---------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------- */ /* ------------------------------ STATIC ARRAYS ------------------------------- */ /* ---------------------------------------------------------------------------- */ /* ----------------------------- array sorting (level 1) ---------------------- */ #define SGLIB_DEFINE_ARRAY_SORTING_PROTOTYPES(type, comparator) \ extern void sglib_##type##_array_quick_sort(type *a, int max);\ extern void sglib_##type##_array_heap_sort(type *a, int max);\ #define SGLIB_DEFINE_ARRAY_SORTING_FUNCTIONS(type, comparator) \ void sglib_##type##_array_quick_sort(type *a, int max) {\ SGLIB_ARRAY_SINGLE_QUICK_SORT(type, a, max, comparator);\ }\ void sglib_##type##_array_heap_sort(type *a, int max) {\ SGLIB_ARRAY_SINGLE_HEAP_SORT(type, a, max, comparator);\ }\ /* ----------------------------- array queue (level 1) ------------------- */ /* sglib's queue is stored in a fixed sized array */ /* queue_type MUST be a structure containing fields: */ /* afield is the array storing elem_type */ /* ifield is the index of the first element in the queue */ /* jfield is the index of the first free element after the queue */ /* dim is the size of the array afield */ /* !!!!!!! This data structure is NOT documented, do not use it !!!!!!!!!! */ #define SGLIB_DEFINE_QUEUE_PROTOTYPES(queue_type, elem_type, afield, ifield, jfield, dim) \ extern void sglib_##queue_type##_init(queue_type *q);\ extern int sglib_##queue_type##_is_empty(queue_type *q);\ extern int sglib_##queue_type##_is_full(queue_type *q);\ extern elem_type sglib_##queue_type##_first_element(queue_type *q);\ extern elem_type *sglib_##queue_type##_first_element_ptr(queue_type *q);\ extern void sglib_##queue_type##_add_next(queue_type *q);\ extern void sglib_##queue_type##_add(queue_type *q, elem_type elem);\ extern void sglib_##queue_type##_delete_first(queue_type *q);\ extern void sglib_##queue_type##_delete(queue_type *q); #define SGLIB_DEFINE_QUEUE_FUNCTIONS(queue_type, elem_type, afield, ifield, jfield, dim) \ void sglib_##queue_type##_init(queue_type *q) {\ SGLIB_QUEUE_INIT(elem_type, q->afield, q->ifield, q->jfield);\ }\ int sglib_##queue_type##_is_empty(queue_type *q) {\ return(SGLIB_QUEUE_IS_EMPTY(elem_type, q->afield, q->ifield, q->jfield));\ }\ int sglib_##queue_type##_is_full(queue_type *q) {\ return(SGLIB_QUEUE_IS_FULL(elem_type, q->afield, q->ifield, q->jfield));\ }\ elem_type sglib_##queue_type##_first_element(queue_type *q) {\ return(SGLIB_QUEUE_FIRST_ELEMENT(elem_type, q->afield, q->ifield, q->jfield));\ }\ elem_type *sglib_##queue_type##_first_element_ptr(queue_type *q) {\ return(& SGLIB_QUEUE_FIRST_ELEMENT(elem_type, q->afield, q->ifield, q->jfield));\ }\ void sglib_##queue_type##_add_next(queue_type *q) {\ SGLIB_QUEUE_ADD_NEXT(elem_type, q->afield, q->ifield, q->jfield, dim);\ }\ void sglib_##queue_type##_add(queue_type *q, elem_type elem) {\ SGLIB_QUEUE_ADD(elem_type, q->afield, elem, q->ifield, q->jfield, dim);\ }\ void sglib_##queue_type##_delete_first(queue_type *q) {\ SGLIB_QUEUE_DELETE_FIRST(elem_type, q->afield, q->ifield, q->jfield, dim);\ }\ void sglib_##queue_type##_delete(queue_type *q) {\ SGLIB_QUEUE_DELETE_FIRST(elem_type, q->afield, q->ifield, q->jfield, dim);\ } /* ------------------------ array heap (level 1) ------------------------- */ /* sglib's heap is a priority queue implemented in a fixed sized array */ /* heap_type MUST be a structure containing fields: */ /* afield is the array of size dim storing elem_type */ /* ifield is the index of the first free element after the queue */ /* !!!!!!! This data structure is NOT documented, do not use it !!!!!!!!!! */ #define SGLIB_DEFINE_HEAP_PROTOTYPES(heap_type, elem_type, afield, ifield, dim, comparator, elem_exchanger) \ extern void sglib_##heap_type##_init(heap_type *q);\ extern int sglib_##heap_type##_is_empty(heap_type *q);\ extern int sglib_##heap_type##_is_full(heap_type *q);\ extern elem_type sglib_##heap_type##_first_element(heap_type *q);\ extern elem_type *sglib_##heap_type##_first_element_ptr(heap_type *q);\ extern void sglib_##heap_type##_add_next(heap_type *q);\ extern void sglib_##heap_type##_add(heap_type *q, elem_type elem);\ extern void sglib_##heap_type##_delete_first(heap_type *q);\ extern void sglib_##heap_type##_delete(heap_type *q) #define SGLIB_DEFINE_HEAP_FUNCTIONS(heap_type, elem_type, afield, ifield, dim, comparator, elem_exchanger) \ void sglib_##heap_type##_init(heap_type *q) {\ SGLIB_HEAP_INIT(elem_type, q->afield, q->ifield);\ }\ int sglib_##heap_type##_is_empty(heap_type *q) {\ return(SGLIB_HEAP_IS_EMPTY(elem_type, q->afield, q->ifield));\ }\ int sglib_##heap_type##_is_full(heap_type *q) {\ return(SGLIB_HEAP_IS_FULL(elem_type, q->afield, q->ifield));\ }\ elem_type sglib_##heap_type##_first_element(heap_type *q) {\ return(SGLIB_HEAP_FIRST_ELEMENT(elem_type, q->afield, q->ifield));\ }\ elem_type *sglib_##heap_type##_first_element_ptr(heap_type *q) {\ return(& SGLIB_HEAP_FIRST_ELEMENT(elem_type, q->afield, q->ifield));\ }\ void sglib_##heap_type##_add_next(heap_type *q) {\ SGLIB_HEAP_ADD_NEXT(elem_type, q->afield, q->ifield, dim, comparator, elem_exchanger);\ }\ void sglib_##heap_type##_add(heap_type *q, elem_type elem) {\ SGLIB_HEAP_ADD(elem_type, q->afield, elem, q->ifield, dim, comparator, elem_exchanger);\ }\ void sglib_##heap_type##_delete_first(heap_type *q) {\ SGLIB_HEAP_DELETE_FIRST(elem_type, q->afield, q->ifield, dim, comparator, elem_exchanger);\ }\ void sglib_##heap_type##_delete(heap_type *q) {\ SGLIB_HEAP_DELETE_FIRST(elem_type, q->afield, q->ifield, dim, comparator, elem_exchanger);\ } /* ------------------------ hashed table (level 1) ------------------------- */ /* sglib's hash table is an array storing directly pointers to objects (not containers). In this table there is a one-to-one mapping between 'objects' stored in the table and indexes where they are placed. Each index is pointing to exactly one 'object' and each 'object' stored in the table occurs on exactly one index. Once an object is stored in the table, it can be represented via its index. type - is the type of elements dim - is the size of the hash array hash_function - is a hashing function mapping type* to unsigned comparator - is a comparator on elements !!!!!!! This data structure is NOT documented, do not use it !!!!!!!!!! */ #define SGLIB_DEFINE_HASHED_TABLE_PROTOTYPES(type, dim, hash_function, comparator) \ struct sglib_hashed_##type##_iterator {\ int currentIndex;\ int (*subcomparator)(type *, type *);\ type *equalto;\ };\ extern void sglib_hashed_##type##_init(type *table[dim]);\ extern int sglib_hashed_##type##_add_if_not_member(type *table[dim], type *elem, type **member);\ extern int sglib_hashed_##type##_is_member(type *table[dim], type *elem);\ extern type * sglib_hashed_##type##_find_member(type *table[dim], type *elem);\ extern type *sglib_hashed_##type##_it_init(struct sglib_hashed_##type##_iterator *it, type *table[dim]);\ extern type *sglib_hashed_##type##_it_init_on_equal(struct sglib_hashed_##type##_iterator *it, type *table[dim], int (*subcomparator)(type *, type *), type *equalto);\ extern type *sglib_hashed_##type##_it_current(struct sglib_hashed_##type##_iterator *it);\ extern type *sglib_hashed_##type##_it_next(struct sglib_hashed_##type##_iterator *it); #define SGLIB_DEFINE_HASHED_TABLE_FUNCTIONS(type, dim, hash_function, comparator) \ struct sglib_hashed_##type##_iterator {\ int currentIndex;\ type **table;\ int (*subcomparator)(type *, type *);\ type *equalto;\ };\ void sglib_hashed_##type##_init(type *table[dim]) {\ SGLIB_HASH_TAB_INIT(type, table, dim);\ }\ int sglib_hashed_##type##_add_if_not_member(type *table[dim], type *elem, type **member) {\ SGLIB_HASH_TAB_ADD_IF_NOT_MEMBER(type, table, dim, elem, hash_function, comparator, *member);\ }\ int sglib_hashed_##type##_is_member(type *table[dim], type *elem) {\ int ind;\ SGLIB_HASH_TAB_IS_MEMBER(type, table, dim, elem, hash_function, ind);\ return(ind != -1);\ }\ type * sglib_hashed_##type##_find_member(type *table[dim], type *elem) {\ type *mmb;\ int ind;\ SGLIB_HASH_TAB_FIND_MEMBER(type, table, dim, elem, hash_function, comparator, ind, mmb);\ return(mmb);\ }\ type *sglib_hashed_##type##_it_init_on_equal(struct sglib_hashed_##type##_iterator *it, type *table[dim], int (*subcomparator)(type *, type *), type *equalto) {\ int i;\ it->table = table;\ it->subcomparator = subcomparator;\ it->equalto = equalto;\ for(i=0; i<(dim) && table[i]==NULL; i++) ;\ it->currentIndex = i;\ if (i<(dim)) return(table[i]);\ return(NULL);\ }\ type *sglib_hashed_##type##_it_init(struct sglib_hashed_##type##_iterator *it, type *table[dim]) {\ sglib_hashed_##type##_it_init_on_equal(it, table, NULL, NULL);\ }\ type *sglib_hashed_##type##_it_current(struct sglib_hashed_##type##_iterator *it) {\ return(table[it->currentIndex]);\ }\ type *sglib_hashed_##type##_it_next(struct sglib_hashed_##type##_iterator *it) {\ i=it->currentIndex;\ if (i<(dim)) {\ for(i++; i<(dim) && table[i]==NULL; i++) ;\ }\ it->currentIndex = i;\ if (i<(dim)) return(table[i]);\ return(NULL);\ } /* ------------------- hashed container (only for level 1) -------------------- */ /* hashed container is a table of given fixed size containing another (dynamic) base container in each cell. Once an object should be inserted into the hashed container, a hash function is used to determine the cell where the object belongs and the object is inserted into the base container stored in this cell. Usually the base container is simply a list or a sorted list, but it can be a red-black tree as well. parameters: type - the type of the container stored in each cell. dim - the size of the hashed array hash_function - the hashing function hashing 'type *' to unsigned. */ #define SGLIB_DEFINE_HASHED_CONTAINER_PROTOTYPES(type, dim, hash_function) \ struct sglib_hashed_##type##_iterator {\ struct sglib_##type##_iterator containerIt;\ type **table;\ int currentIndex;\ int (*subcomparator)(type *, type *);\ type *equalto;\ };\ extern void sglib_hashed_##type##_init(type *table[dim]);\ extern void sglib_hashed_##type##_add(type *table[dim], type *elem);\ extern int sglib_hashed_##type##_add_if_not_member(type *table[dim], type *elem, type **member);\ extern void sglib_hashed_##type##_delete(type *table[dim], type *elem);\ extern int sglib_hashed_##type##_delete_if_member(type *table[dim], type *elem, type **memb);\ extern int sglib_hashed_##type##_is_member(type *table[dim], type *elem);\ extern type * sglib_hashed_##type##_find_member(type *table[dim], type *elem);\ extern type *sglib_hashed_##type##_it_init(struct sglib_hashed_##type##_iterator *it, type *table[dim]);\ extern type *sglib_hashed_##type##_it_init_on_equal(struct sglib_hashed_##type##_iterator *it, type *table[dim], int (*subcomparator)(type *, type *), type *equalto);\ extern type *sglib_hashed_##type##_it_current(struct sglib_hashed_##type##_iterator *it);\ extern type *sglib_hashed_##type##_it_next(struct sglib_hashed_##type##_iterator *it); #define SGLIB_DEFINE_HASHED_CONTAINER_FUNCTIONS(type, dim, hash_function) \ /*extern unsigned hash_function(type *elem);*/\ void sglib_hashed_##type##_init(type *table[dim]) {\ unsigned i;\ for(i=0; i<(dim); i++) table[i] = NULL;\ }\ void sglib_hashed_##type##_add(type *table[dim], type *elem) {\ unsigned i;\ i = ((unsigned)hash_function(elem)) % (dim);\ sglib_##type##_add(&(table)[i], elem);\ }\ int sglib_hashed_##type##_add_if_not_member(type *table[dim], type *elem, type **member) {\ unsigned i;\ i = ((unsigned)hash_function(elem)) % (dim);\ return(sglib_##type##_add_if_not_member(&(table)[i], elem, member));\ }\ void sglib_hashed_##type##_delete(type *table[dim], type *elem) {\ unsigned i;\ i = ((unsigned)hash_function(elem)) % (dim);\ sglib_##type##_delete(&(table)[i], elem);\ }\ int sglib_hashed_##type##_delete_if_member(type *table[dim], type *elem, type **memb) {\ unsigned i;\ i = ((unsigned)hash_function(elem)) % (dim);\ return(sglib_##type##_delete_if_member(&(table)[i], elem, memb));\ }\ int sglib_hashed_##type##_is_member(type *table[dim], type *elem) {\ unsigned i;\ i = ((unsigned)hash_function(elem)) % (dim);\ return(sglib_##type##_is_member((table)[i], elem));\ }\ type * sglib_hashed_##type##_find_member(type *table[dim], type *elem) {\ unsigned i;\ i = ((unsigned)hash_function(elem)) % (dim);\ return(sglib_##type##_find_member((table)[i], elem));\ }\ type *sglib_hashed_##type##_it_init_on_equal(struct sglib_hashed_##type##_iterator *it, type *table[dim], int (*subcomparator)(type *, type *), type *equalto) {\ type *e;\ it->table = table;\ it->currentIndex = 0;\ it->subcomparator = subcomparator;\ it->equalto = equalto;\ e = sglib_##type##_it_init_on_equal(&it->containerIt, table[it->currentIndex], it->subcomparator, it->equalto);\ if (e==NULL) e = sglib_hashed_##type##_it_next(it);\ return(e);\ }\ type *sglib_hashed_##type##_it_init(struct sglib_hashed_##type##_iterator *it, type *table[dim]) {\ return(sglib_hashed_##type##_it_init_on_equal(it, table, NULL, NULL));\ }\ type *sglib_hashed_##type##_it_current(struct sglib_hashed_##type##_iterator *it) {\ return(sglib_##type##_it_current(&it->containerIt));\ }\ type *sglib_hashed_##type##_it_next(struct sglib_hashed_##type##_iterator *it) {\ type *e;\ e = sglib_##type##_it_next(&it->containerIt);\ while (e==NULL && (++(it->currentIndex))<(dim)) {\ e = sglib_##type##_it_init_on_equal(&it->containerIt, it->table[it->currentIndex], it->subcomparator, it->equalto);\ }\ return(e);\ } /* ---------------------------------------------------------------------------- */ /* ------------------------- DYNAMIC DATA STRUCTURES -------------------------- */ /* ---------------------------------------------------------------------------- */ /* ------------------------------------ list (level 1) -------------------------------- */ #define SGLIB_DEFINE_LIST_PROTOTYPES(type, comparator, next) \ struct sglib_##type##_iterator {\ type *currentelem;\ type *nextelem;\ int (*subcomparator)(type *, type *);\ type *equalto;\ };\ extern void sglib_##type##_add(type **list, type *elem);\ extern int sglib_##type##_add_if_not_member(type **list, type *elem, type **member);\ extern void sglib_##type##_concat(type **first, type *second);\ extern void sglib_##type##_delete(type **list, type *elem);\ extern int sglib_##type##_delete_if_member(type **list, type *elem, type **member);\ extern int sglib_##type##_is_member(type *list, type *elem);\ extern type *sglib_##type##_find_member(type *list, type *elem);\ extern void sglib_##type##_sort(type **list);\ extern int sglib_##type##_len(type *list);\ extern void sglib_##type##_reverse(type **list);\ extern type *sglib_##type##_it_init(struct sglib_##type##_iterator *it, type *list);\ extern type *sglib_##type##_it_init_on_equal(struct sglib_##type##_iterator *it, type *list, int (*subcomparator)(type *, type *), type *equalto);\ extern type *sglib_##type##_it_current(struct sglib_##type##_iterator *it);\ extern type *sglib_##type##_it_next(struct sglib_##type##_iterator *it); #define SGLIB_DEFINE_LIST_FUNCTIONS(type, comparator, next) \ int sglib_##type##_is_member(type *list, type *elem) {\ int result;\ SGLIB_LIST_IS_MEMBER(type, list, elem, next, result);\ return(result);\ }\ type *sglib_##type##_find_member(type *list, type *elem) {\ type *result;\ SGLIB_LIST_FIND_MEMBER(type, list, elem, comparator, next, result);\ return(result);\ }\ int sglib_##type##_add_if_not_member(type **list, type *elem, type **member) {\ SGLIB_LIST_ADD_IF_NOT_MEMBER(type, *list, elem, comparator, next, *member);\ return(*member==NULL);\ }\ void sglib_##type##_add(type **list, type *elem) {\ SGLIB_LIST_ADD(type, *list, elem, next);\ }\ void sglib_##type##_concat(type **first, type *second) {\ SGLIB_LIST_CONCAT(type, *first, second, next);\ }\ void sglib_##type##_delete(type **list, type *elem) {\ SGLIB_LIST_DELETE(type, *list, elem, next);\ }\ int sglib_##type##_delete_if_member(type **list, type *elem, type **member) {\ SGLIB_LIST_DELETE_IF_MEMBER(type, *list, elem, comparator, next, *member);\ return(*member!=NULL);\ }\ void sglib_##type##_sort(type **list) {\ SGLIB_LIST_SORT(type, *list, comparator, next);\ }\ int sglib_##type##_len(type *list) {\ int res;\ SGLIB_LIST_LEN(type, list, next, res);\ return(res);\ }\ void sglib_##type##_reverse(type **list) {\ SGLIB_LIST_REVERSE(type, *list, next);\ }\ \ type *sglib_##type##_it_init_on_equal(struct sglib_##type##_iterator *it, type *list, int (*subcomparator)(type *, type *), type *equalto) {\ it->subcomparator = subcomparator;\ it->equalto = equalto;\ it->nextelem = list;\ return(sglib_##type##_it_next(it));\ }\ type *sglib_##type##_it_init(struct sglib_##type##_iterator *it, type *list) {\ return(sglib_##type##_it_init_on_equal(it, list, NULL, NULL));\ }\ type *sglib_##type##_it_current(struct sglib_##type##_iterator *it) {\ return(it->currentelem);\ }\ type *sglib_##type##_it_next(struct sglib_##type##_iterator *it) {\ type *ce, *eq;\ int (*scp)(type *, type *);\ ce = it->nextelem;\ it->nextelem = NULL;\ if (it->subcomparator != NULL) {\ eq = it->equalto;\ scp = it->subcomparator;\ while (ce!=NULL && scp(ce, eq)!=0) ce = ce->next;\ }\ it->currentelem = ce;\ if (ce != NULL) it->nextelem = ce->next;\ return(ce);\ } /* ----------------------------- sorted list (level 1) ----------------------------------- */ #define SGLIB_DEFINE_SORTED_LIST_PROTOTYPES(type, comparator, next) \ struct sglib_##type##_iterator {\ type *currentelem;\ type *nextelem;\ int (*subcomparator)(type *, type *);\ type *equalto;\ };\ extern void sglib_##type##_add(type **list, type *elem);\ extern int sglib_##type##_add_if_not_member(type **list, type *elem, type **member);\ extern void sglib_##type##_delete(type **list, type *elem);\ extern int sglib_##type##_delete_if_member(type **list, type *elem, type **member);\ extern int sglib_##type##_is_member(type *list, type *elem);\ extern type *sglib_##type##_find_member(type *list, type *elem);\ extern int sglib_##type##_len(type *list);\ extern void sglib_##type##_sort(type **list);\ extern type *sglib_##type##_it_init(struct sglib_##type##_iterator *it, type *list);\ extern type *sglib_##type##_it_init_on_equal(struct sglib_##type##_iterator *it, type *list, int (*subcomparator)(type *, type *), type *equalto);\ extern type *sglib_##type##_it_current(struct sglib_##type##_iterator *it);\ extern type *sglib_##type##_it_next(struct sglib_##type##_iterator *it); #define SGLIB_DEFINE_SORTED_LIST_FUNCTIONS(type, comparator, next) \ int sglib_##type##_is_member(type *list, type *elem) {\ int result;\ SGLIB_SORTED_LIST_IS_MEMBER(type, list, elem, comparator, next, result);\ return(result);\ }\ type *sglib_##type##_find_member(type *list, type *elem) {\ type *result;\ SGLIB_SORTED_LIST_FIND_MEMBER(type, list, elem, comparator, next, result);\ return(result);\ }\ int sglib_##type##_add_if_not_member(type **list, type *elem, type **member) {\ SGLIB_SORTED_LIST_ADD_IF_NOT_MEMBER(type, *list, elem, comparator, next, *member);\ return(*member==NULL);\ }\ void sglib_##type##_add(type **list, type *elem) {\ SGLIB_SORTED_LIST_ADD(type, *list, elem, comparator, next);\ }\ void sglib_##type##_delete(type **list, type *elem) {\ SGLIB_SORTED_LIST_DELETE(type, *list, elem, next);\ }\ int sglib_##type##_delete_if_member(type **list, type *elem, type **member) {\ SGLIB_SORTED_LIST_DELETE_IF_MEMBER(type, *list, elem, comparator, next, *member);\ return(*member!=NULL);\ }\ int sglib_##type##_len(type *list) {\ int res;\ SGLIB_SORTED_LIST_LEN(type, list, next, res);\ return(res);\ }\ void sglib_##type##_sort(type **list) {\ SGLIB_LIST_SORT(type, *list, comparator, next);\ }\ \ type *sglib_##type##_it_init_on_equal(struct sglib_##type##_iterator *it, type *list, int (*subcomparator)(type *, type *), type *equalto) {\ it->subcomparator = subcomparator;\ it->equalto = equalto;\ it->nextelem = list;\ return(sglib_##type##_it_next(it));\ }\ type *sglib_##type##_it_init(struct sglib_##type##_iterator *it, type *list) {\ return(sglib_##type##_it_init_on_equal(it, list, NULL, NULL));\ }\ type *sglib_##type##_it_current(struct sglib_##type##_iterator *it) {\ return(it->currentelem);\ }\ type *sglib_##type##_it_next(struct sglib_##type##_iterator *it) {\ type *ce, *eq;\ int (*scp)(type *, type *);\ int c;\ ce = it->nextelem;\ it->nextelem = NULL;\ if (it->subcomparator != NULL) {\ eq = it->equalto;\ scp = it->subcomparator;\ while (ce!=NULL && (c=scp(ce, eq)) < 0) ce = ce->next;\ if (ce != NULL && c > 0) ce = NULL;\ }\ it->currentelem = ce;\ if (ce != NULL) it->nextelem = ce->next;\ return(ce);\ } /* ----------------------------- double linked list (level 1) ------------------------------ */ #define SGLIB_DEFINE_DL_LIST_PROTOTYPES(type, comparator, previous, next) \ struct sglib_##type##_iterator {\ type *currentelem;\ type *prevelem;\ type *nextelem;\ int (*subcomparator)(type *, type *);\ type *equalto;\ };\ extern void sglib_##type##_add(type **list, type *elem);\ extern void sglib_##type##_add_before(type **list, type *elem);\ extern void sglib_##type##_add_after(type **list, type *elem);\ extern int sglib_##type##_add_if_not_member(type **list, type *elem, type **member);\ extern int sglib_##type##_add_before_if_not_member(type **list, type *elem, type **member);\ extern int sglib_##type##_add_after_if_not_member(type **list, type *elem, type **member);\ extern void sglib_##type##_concat(type **first, type *second);\ extern void sglib_##type##_delete(type **list, type *elem);\ extern int sglib_##type##_delete_if_member(type **list, type *elem, type **member);\ extern int sglib_##type##_is_member(type *list, type *elem);\ extern type *sglib_##type##_find_member(type *list, type *elem);\ extern type *sglib_##type##_get_first(type *list);\ extern type *sglib_##type##_get_last(type *list);\ extern void sglib_##type##_sort(type **list);\ extern int sglib_##type##_len(type *list);\ extern void sglib_##type##_reverse(type **list);\ extern type *sglib_##type##_it_init(struct sglib_##type##_iterator *it, type *list);\ extern type *sglib_##type##_it_init_on_equal(struct sglib_##type##_iterator *it, type *list, int (*subcomparator)(type *, type *), type *equalto);\ extern type *sglib_##type##_it_current(struct sglib_##type##_iterator *it);\ extern type *sglib_##type##_it_next(struct sglib_##type##_iterator *it); #define SGLIB_DEFINE_DL_LIST_FUNCTIONS(type, comparator, previous, next) \ void sglib_##type##_add(type **list, type *elem) {\ SGLIB_DL_LIST_ADD(type, *list, elem, previous, next);\ }\ void sglib_##type##_add_after(type **list, type *elem) {\ SGLIB_DL_LIST_ADD_AFTER(type, *list, elem, previous, next);\ }\ void sglib_##type##_add_before(type **list, type *elem) {\ SGLIB_DL_LIST_ADD_BEFORE(type, *list, elem, previous, next);\ }\ int sglib_##type##_add_if_not_member(type **list, type *elem, type **member) {\ SGLIB_DL_LIST_ADD_IF_NOT_MEMBER(type, *list, elem, comparator, previous, next, *member);\ return(*member==NULL);\ }\ int sglib_##type##_add_after_if_not_member(type **list, type *elem, type **member) {\ SGLIB_DL_LIST_ADD_AFTER_IF_NOT_MEMBER(type, *list, elem, comparator, previous, next, *member);\ return(*member==NULL);\ }\ int sglib_##type##_add_before_if_not_member(type **list, type *elem, type **member) {\ SGLIB_DL_LIST_ADD_BEFORE_IF_NOT_MEMBER(type, *list, elem, comparator, previous, next, *member);\ return(*member==NULL);\ }\ void sglib_##type##_concat(type **first, type *second) {\ SGLIB_DL_LIST_CONCAT(type, *first, second, previous, next);\ }\ void sglib_##type##_delete(type **list, type *elem) {\ SGLIB_DL_LIST_DELETE(type, *list, elem, previous, next);\ }\ int sglib_##type##_delete_if_member(type **list, type *elem, type **member) {\ SGLIB_DL_LIST_DELETE_IF_MEMBER(type, *list, elem, comparator, previous, next, *member);\ return(*member!=NULL);\ }\ int sglib_##type##_is_member(type *list, type *elem) {\ int result;\ SGLIB_DL_LIST_IS_MEMBER(type, list, elem, previous, next, result);\ return(result);\ }\ type *sglib_##type##_find_member(type *list, type *elem) {\ type *result;\ SGLIB_DL_LIST_FIND_MEMBER(type, list, elem, comparator, previous, next, result);\ return(result);\ }\ type *sglib_##type##_get_first(type *list) {\ type *result;\ SGLIB_DL_LIST_GET_FIRST(type, list, previous, next, result);\ return(result);\ }\ type *sglib_##type##_get_last(type *list) {\ type *result;\ SGLIB_DL_LIST_GET_LAST(type, list, previous, next, result);\ return(result);\ }\ void sglib_##type##_sort(type **list) {\ SGLIB_DL_LIST_SORT(type, *list, comparator, previous, next);\ }\ int sglib_##type##_len(type *list) {\ int res;\ SGLIB_DL_LIST_LEN(type, list, previous, next, res);\ return(res);\ }\ void sglib_##type##_reverse(type **list) {\ SGLIB_DL_LIST_REVERSE(type, *list, previous, next);\ }\ \ type *sglib_##type##_it_init_on_equal(struct sglib_##type##_iterator *it, type *list, int (*subcomparator)(type *, type *), type *equalto) {\ it->subcomparator = subcomparator;\ it->equalto = equalto;\ it->prevelem = list;\ it->nextelem = list;\ if (list != NULL) it->nextelem = list->next;\ return(sglib_##type##_it_next(it));\ }\ type *sglib_##type##_it_init(struct sglib_##type##_iterator *it, type *list) {\ return(sglib_##type##_it_init_on_equal(it, list, NULL, NULL));\ }\ type *sglib_##type##_it_current(struct sglib_##type##_iterator *it) {\ return(it->currentelem);\ }\ type *sglib_##type##_it_next(struct sglib_##type##_iterator *it) {\ type *ce, *eq;\ int (*scp)(type *, type *);\ ce = it->prevelem;\ it->prevelem = NULL;\ if (it->subcomparator != NULL) {\ eq = it->equalto;\ scp = it->subcomparator;\ while (ce!=NULL && scp(eq, ce)!=0) ce = ce->previous;\ }\ if (ce != NULL) {\ it->prevelem = ce->previous;\ } else {\ ce = it->nextelem;\ it->nextelem = NULL;\ if (it->subcomparator != NULL) {\ eq = it->equalto;\ scp = it->subcomparator;\ while (ce!=NULL && scp(ce, eq)!=0) ce = ce->next;\ }\ if (ce != NULL) it->nextelem = ce->next;\ }\ it->currentelem = ce;\ return(ce);\ } /* --------------------------------- red-black trees (level 1) -------------------------------- */ /* This implementation requires pointers to left and right sons (no parent pointer is needed) and one bit of additional information storing the color of the node. The implementation follows discrepancy fixing rules from: http://www.cis.ohio-state.edu/~gurari/course/cis680/cis680Ch11.html */ #define SGLIB___RBTREE_FIX_INSERTION_DISCREPANCY(type, tree, leftt, rightt, bits, RED, BLACK) {\ type *t, *tl, *a, *b, *c, *ar, *bl, *br, *cl, *cr;\ (void)(bl);\ (void)(ar);\ t = *tree;\ tl = t->leftt;\ if (t->rightt!=NULL && SGLIB___GET_VALUE(t->rightt->bits)==RED) {\ if (SGLIB___GET_VALUE(tl->bits)==RED) {\ if ((tl->leftt!=NULL && SGLIB___GET_VALUE(tl->leftt->bits)==RED)\ || (tl->rightt!=NULL && SGLIB___GET_VALUE(tl->rightt->bits)==RED)) {\ SGLIB___SET_VALUE(t->leftt->bits,BLACK);\ SGLIB___SET_VALUE(t->rightt->bits,BLACK);\ SGLIB___SET_VALUE(t->bits,RED);\ }\ }\ } else {\ if (SGLIB___GET_VALUE(tl->bits)==RED) {\ if (tl->leftt!=NULL && SGLIB___GET_VALUE(tl->leftt->bits)==RED) {\ a = t; b = tl; c = tl->leftt;\ br = b->rightt;\ a->leftt = br;\ b->leftt = c; b->rightt = a;\ SGLIB___SET_VALUE(a->bits,RED);\ SGLIB___SET_VALUE(b->bits,BLACK);\ *tree = b;\ } else if (tl->rightt!=NULL && SGLIB___GET_VALUE(tl->rightt->bits)==RED) {\ a = t; b = tl; ar=a->rightt;\ bl=b->leftt; c=b->rightt;\ cl=c->leftt; cr=c->rightt;\ b->rightt = cl;\ a->leftt = cr;\ c->leftt = b;\ c->rightt = a;\ SGLIB___SET_VALUE(c->bits,BLACK);\ SGLIB___SET_VALUE(a->bits,RED);\ *tree = c;\ }\ }\ }\ } #define SGLIB___RBTREE_FIX_DELETION_DISCREPANCY(type, tree, leftt, rightt, bits, RED, BLACK, res) {\ type *t, *a, *b, *c, *d, *ar, *bl, *br, *cl, *cr, *dl, *dr;\ (void)(ar);\ t = a = *tree;\ assert(t!=NULL);\ ar = a->rightt;\ b = t->leftt;\ if (b==NULL) {\ assert(SGLIB___GET_VALUE(t->bits)==RED);\ SGLIB___SET_VALUE(t->bits,BLACK);\ res = 0;\ } else {\ bl = b->leftt;\ br = b->rightt;\ if (SGLIB___GET_VALUE(b->bits)==RED) {\ if (br==NULL) {\ *tree = b;\ SGLIB___SET_VALUE(b->bits,BLACK);\ b->rightt = a;\ a->leftt = br;\ res = 0;\ } else {\ c = br;\ assert(c!=NULL && SGLIB___GET_VALUE(c->bits)==BLACK);\ cl = c->leftt;\ cr = c->rightt;\ if ((cl==NULL||SGLIB___GET_VALUE(cl->bits)==BLACK) && (cr==NULL||SGLIB___GET_VALUE(cr->bits)==BLACK)) {\ *tree = b;\ b->rightt = a;\ SGLIB___SET_VALUE(b->bits,BLACK);\ a->leftt = c;\ SGLIB___SET_VALUE(c->bits,RED);\ res = 0;\ } else if (cl!=NULL && SGLIB___GET_VALUE(cl->bits)==RED) {\ if (cr!=NULL && SGLIB___GET_VALUE(cr->bits)==RED) {\ d = cr;\ dl = d->leftt;\ dr = d->rightt;\ *tree = d;\ SGLIB___SET_VALUE(d->bits,BLACK);\ d->leftt = b;\ c->rightt = dl;\ d->rightt = a;\ a->leftt = dr;\ res = 0;\ } else {\ *tree = c;\ c->leftt = b;\ c->rightt = a;\ b->leftt = bl;\ b->rightt = cl;\ a->leftt = cr;\ SGLIB___SET_VALUE(cl->bits,BLACK);\ res = 0;\ }\ } else if (cr!=NULL && SGLIB___GET_VALUE(cr->bits)==RED) {\ assert(cl==NULL || SGLIB___GET_VALUE(cl->bits)==BLACK);\ d = cr;\ dl = d->leftt;\ dr = d->rightt;\ *tree = d;\ SGLIB___SET_VALUE(d->bits,BLACK);\ d->leftt = b;\ c->rightt = dl;\ d->rightt = a;\ a->leftt = dr;\ res = 0;\ } else {\ assert(0);\ res = 0;\ }\ }\ } else {\ if ((bl==NULL || SGLIB___GET_VALUE(bl->bits)==BLACK) && (br==NULL || SGLIB___GET_VALUE(br->bits)==BLACK)) {\ res = (SGLIB___GET_VALUE(a->bits)==BLACK);\ SGLIB___SET_VALUE(a->bits,BLACK);\ SGLIB___SET_VALUE(b->bits,RED);\ } else if (bl!=NULL && SGLIB___GET_VALUE(bl->bits)==RED) {\ if (br==NULL || SGLIB___GET_VALUE(br->bits)==BLACK) {\ *tree = b;\ SGLIB___SET_VALUE(b->bits,SGLIB___GET_VALUE(a->bits));\ SGLIB___SET_VALUE(a->bits,BLACK);\ b->rightt = a;\ a->leftt = br;\ SGLIB___SET_VALUE(bl->bits,BLACK);\ res = 0;\ } else {\ assert(bl!=NULL);\ assert(br!=NULL);\ assert(SGLIB___GET_VALUE(bl->bits)==RED);\ assert(SGLIB___GET_VALUE(br->bits)==RED);\ c = br;\ cl = c->leftt;\ cr = c->rightt;\ *tree = c;\ SGLIB___SET_VALUE(c->bits,SGLIB___GET_VALUE(a->bits));\ SGLIB___SET_VALUE(a->bits,BLACK);\ c->leftt = b;\ c->rightt = a;\ b->rightt = cl;\ a->leftt = cr;\ res = 0;\ }\ } else {\ assert(br!=NULL && SGLIB___GET_VALUE(br->bits)==RED);\ c = br;\ cl = c->leftt;\ cr = c->rightt;\ *tree = c;\ SGLIB___SET_VALUE(c->bits,SGLIB___GET_VALUE(a->bits));\ SGLIB___SET_VALUE(a->bits,BLACK);\ c->leftt = b;\ c->rightt = a;\ b->rightt = cl;\ a->leftt = cr;\ res = 0;\ }\ }\ }\ } #define SGLIB_DEFINE_RBTREE_FUNCTIONS_GENERAL(type, left, right, bits, comparator, RED, BLACK) \ static void sglib___##type##_fix_left_insertion_discrepancy(type **tree) {\ SGLIB___RBTREE_FIX_INSERTION_DISCREPANCY(type, tree, left, right, bits, RED, BLACK);\ }\ \ static void sglib___##type##_fix_right_insertion_discrepancy(type **tree) {\ SGLIB___RBTREE_FIX_INSERTION_DISCREPANCY(type, tree, right, left, bits, RED, BLACK);\ }\ \ static int sglib___##type##_fix_left_deletion_discrepancy(type **tree) {\ int res;\ SGLIB___RBTREE_FIX_DELETION_DISCREPANCY(type, tree, right, left, bits, RED, BLACK, res);\ return(res);\ }\ \ static int sglib___##type##_fix_right_deletion_discrepancy(type **tree) {\ int res;\ SGLIB___RBTREE_FIX_DELETION_DISCREPANCY(type, tree, left, right, bits, RED, BLACK, res);\ return(res);\ }\ \ static void sglib___##type##_add_recursive(type **tree, type *elem) {\ int cmp;\ type *t;\ t = *tree;\ if (t == NULL) {\ SGLIB___SET_VALUE(elem->bits,RED);\ *tree =elem;\ } else {\ cmp = comparator(elem, t);\ if (cmp < 0 || (cmp==0 && elemleft, elem);\ if (SGLIB___GET_VALUE(t->bits)==BLACK) sglib___##type##_fix_left_insertion_discrepancy(tree);\ } else {\ sglib___##type##_add_recursive(&t->right, elem);\ if (SGLIB___GET_VALUE(t->bits)==BLACK) sglib___##type##_fix_right_insertion_discrepancy(tree);\ }\ }\ }\ \ static int sglib___##type##_delete_rightmost_leaf(type **tree, type **theLeaf) {\ type *t;\ int res, deepDecreased;\ t = *tree;\ res = 0;\ assert(t!=NULL);\ if (t->right == NULL) {\ *theLeaf = t;\ if (t->left!=NULL) {\ if (SGLIB___GET_VALUE(t->bits)==BLACK && SGLIB___GET_VALUE(t->left->bits)==BLACK) res = 1;\ SGLIB___SET_VALUE(t->left->bits,BLACK);\ *tree = t->left;\ } else {\ *tree = NULL;\ res = (SGLIB___GET_VALUE(t->bits)==BLACK);\ }\ } else {\ deepDecreased = sglib___##type##_delete_rightmost_leaf(&t->right, theLeaf);\ if (deepDecreased) res = sglib___##type##_fix_right_deletion_discrepancy(tree);\ }\ return(res);\ }\ \ int sglib___##type##_delete_recursive(type **tree, type *elem) {\ type *t, *theLeaf;\ int cmp, res, deepDecreased;\ t = *tree;\ res = 0;\ if (t==NULL) {\ assert(0 && "The element to delete not found in the tree, use 'delete_if_member'"!=NULL);\ } else {\ cmp = comparator(elem, t);\ if (cmp < 0 || (cmp==0 && elemleft, elem);\ if (deepDecreased) {\ res = sglib___##type##_fix_left_deletion_discrepancy(tree);\ }\ } else if (cmp > 0 || (cmp==0 && elem>t)) {\ deepDecreased = sglib___##type##_delete_recursive(&t->right, elem);\ if (deepDecreased) {\ res = sglib___##type##_fix_right_deletion_discrepancy(tree);\ }\ } else {\ assert(elem==t && "Deleting an element which is non member of the tree, use 'delete_if_member'"!=NULL);\ if (t->left == NULL) {\ if (t->right == NULL) {\ /* a leaf, delete, it; */\ *tree = NULL;\ res = (SGLIB___GET_VALUE(t->bits)==BLACK);\ } else {\ if (SGLIB___GET_VALUE(t->bits)==0 && SGLIB___GET_VALUE(t->right->bits)==0) res = 1;\ SGLIB___SET_VALUE(t->right->bits,BLACK);\ *tree = t->right;\ }\ } else {\ /* propagate deletion until righmost leaf of left subtree */\ deepDecreased = sglib___##type##_delete_rightmost_leaf(&t->left, &theLeaf);\ theLeaf->left = t->left;\ theLeaf->right = t->right;\ SGLIB___SET_VALUE(theLeaf->bits,SGLIB___GET_VALUE(t->bits));\ *tree = theLeaf;\ if (deepDecreased) res = sglib___##type##_fix_left_deletion_discrepancy(tree);\ }\ }\ }\ return(res);\ }\ \ void sglib_##type##_add(type **tree, type *elem) {\ elem->left = elem->right = NULL;\ sglib___##type##_add_recursive(tree, elem);\ SGLIB___SET_VALUE((*tree)->bits,BLACK);\ }\ \ void sglib_##type##_delete(type **tree, type *elem) {\ sglib___##type##_delete_recursive(tree, elem);\ if (*tree!=NULL) SGLIB___SET_VALUE((*tree)->bits,BLACK);\ }\ \ type *sglib_##type##_find_member(type *t, type *elem) {\ type *res;\ SGLIB___BIN_TREE_FIND_MEMBER(type, t, elem, left, right, comparator, res);\ return(res);\ }\ \ int sglib_##type##_is_member(type *t, type *elem) {\ int cmp;\ while (t!=NULL) {\ cmp = comparator(elem, t);\ if (cmp < 0 || (cmp==0 && elemleft;\ } else if (cmp > 0 || (cmp==0 && elem>t)) {\ t = t->right;\ } else {\ assert(t == elem);\ return(1);\ }\ }\ return(0);\ }\ \ int sglib_##type##_delete_if_member(type **tree, type *elem, type **memb) {\ if ((*memb=sglib_##type##_find_member(*tree, elem))!=NULL) {\ sglib_##type##_delete(tree, *memb);\ return(1);\ } else {\ return(0);\ }\ }\ int sglib_##type##_add_if_not_member(type **tree, type *elem, type **memb) {\ if ((*memb=sglib_##type##_find_member(*tree, elem))==NULL) {\ sglib_##type##_add(tree, elem);\ return(1);\ } else {\ return(0);\ }\ }\ int sglib_##type##_len(type *t) {\ int n;\ type *e;\ (void)(e);\ n = 0;\ SGLIB_BIN_TREE_MAP_ON_ELEMENTS(type, t, e, left, right, n++);\ return(n);\ }\ \ void sglib__##type##_it_compute_current_elem(struct sglib_##type##_iterator *it) {\ int i,j;\ type *s, *eqt;\ int (*subcomparator)(type *, type *);\ eqt = it->equalto;\ subcomparator = it->subcomparator;\ it->currentelem = NULL;\ while(it->pathi > 0 && it->currentelem==NULL) {\ i = it->pathi-1;\ if (i >= 0) {\ if (it->pass[i] >= 2) {\ /* goto up */\ it->pathi --;\ } else {\ if (it->pass[i] == 0) {\ /* goto left */\ s = it->path[i]->left;\ } else {\ /* goto right */\ s = it->path[i]->right;\ }\ if (eqt != NULL) {\ if (subcomparator == NULL) {\ SGLIB___BIN_TREE_FIND_MEMBER(type, s, eqt, left, right, comparator, s);\ } else {\ SGLIB___BIN_TREE_FIND_MEMBER(type, s, eqt, left, right, subcomparator, s);\ }\ }\ if (s != NULL) {\ j = i+1;\ it->path[j] = s;\ it->pass[j] = 0;\ it->pathi ++;\ }\ it->pass[i] ++;\ }\ }\ if (it->pathi>0 && it->order == it->pass[it->pathi-1]) {\ it->currentelem = it->path[it->pathi-1];\ }\ }\ }\ type *sglib__##type##_it_init(struct sglib_##type##_iterator *it, type *tree, int order, int (*subcomparator)(type *, type *), type *equalto) {\ type *t;\ assert(it!=NULL);\ it->order = order;\ it->equalto = equalto;\ it->subcomparator = subcomparator;\ if (equalto == NULL) {\ t = tree;\ } else {\ if (subcomparator == NULL) {\ SGLIB___BIN_TREE_FIND_MEMBER(type, tree, equalto, left, right, comparator, t);\ } else {\ SGLIB___BIN_TREE_FIND_MEMBER(type, tree, equalto, left, right, subcomparator, t);\ }\ }\ if (t == NULL) {\ it->pathi = 0;\ it->currentelem = NULL;\ } else {\ it->pathi = 1;\ it->pass[0] = 0;\ it->path[0] = t;\ if (order == 0) {\ it->currentelem = t;\ } else {\ sglib__##type##_it_compute_current_elem(it);\ }\ }\ return(it->currentelem);\ }\ type *sglib_##type##_it_init(struct sglib_##type##_iterator *it, type *tree) {\ return(sglib__##type##_it_init(it, tree, 2, NULL, NULL));\ }\ type *sglib_##type##_it_init_preorder(struct sglib_##type##_iterator *it, type *tree) {\ return(sglib__##type##_it_init(it, tree, 0, NULL, NULL));\ }\ type *sglib_##type##_it_init_inorder(struct sglib_##type##_iterator *it, type *tree) {\ return(sglib__##type##_it_init(it, tree, 1, NULL, NULL));\ }\ type *sglib_##type##_it_init_postorder(struct sglib_##type##_iterator *it, type *tree) {\ return(sglib__##type##_it_init(it, tree, 2, NULL, NULL));\ }\ type *sglib_##type##_it_init_on_equal(struct sglib_##type##_iterator *it, type *tree, int (*subcomparator)(type *, type *), type *equalto) {\ return(sglib__##type##_it_init(it, tree, 1, subcomparator, equalto));\ }\ type *sglib_##type##_it_current(struct sglib_##type##_iterator *it) {\ return(it->currentelem);\ }\ type *sglib_##type##_it_next(struct sglib_##type##_iterator *it) {\ sglib__##type##_it_compute_current_elem(it);\ return(it->currentelem);\ }\ \ static void sglib___##type##_consistency_check_recursive(type *t, int *pathdeep, int cdeep) {\ if (t==NULL) {\ if (*pathdeep < 0) *pathdeep = cdeep;\ else assert(*pathdeep == cdeep);\ } else {\ if (t->left!=NULL) assert(comparator(t->left, t) <= 0);\ if (t->right!=NULL) assert(comparator(t, t->right) <= 0);\ if (SGLIB___GET_VALUE(t->bits) == RED) {\ assert(t->left == NULL || SGLIB___GET_VALUE(t->left->bits)==BLACK);\ assert(t->right == NULL || SGLIB___GET_VALUE(t->right->bits)==BLACK);\ sglib___##type##_consistency_check_recursive(t->left, pathdeep, cdeep);\ sglib___##type##_consistency_check_recursive(t->right, pathdeep, cdeep);\ } else {\ sglib___##type##_consistency_check_recursive(t->left, pathdeep, cdeep+1);\ sglib___##type##_consistency_check_recursive(t->right, pathdeep, cdeep+1);\ }\ }\ }\ \ void sglib___##type##_consistency_check(type *t) {\ int pathDeep;\ assert(t==NULL || SGLIB___GET_VALUE(t->bits) == BLACK);\ pathDeep = -1;\ sglib___##type##_consistency_check_recursive(t, &pathDeep, 0);\ } #define SGLIB_DEFINE_RBTREE_PROTOTYPES(type, left, right, colorbit, comparator) \ struct sglib_##type##_iterator {\ type *currentelem;\ char pass[SGLIB_MAX_TREE_DEEP];\ type *path[SGLIB_MAX_TREE_DEEP];\ short int pathi;\ short int order;\ type *equalto;\ int (*subcomparator)(type *, type *);\ };\ extern void sglib___##type##_consistency_check(type *t);\ extern void sglib_##type##_add(type **tree, type *elem);\ extern int sglib_##type##_add_if_not_member(type **tree, type *elem, type **memb);\ extern void sglib_##type##_delete(type **tree, type *elem);\ extern int sglib_##type##_delete_if_member(type **tree, type *elem, type **memb);\ extern int sglib_##type##_is_member(type *t, type *elem);\ extern type *sglib_##type##_find_member(type *t, type *elem);\ extern int sglib_##type##_len(type *t);\ extern type *sglib_##type##_it_init(struct sglib_##type##_iterator *it, type *tree);\ extern type *sglib_##type##_it_init_preorder(struct sglib_##type##_iterator *it, type *tree);\ extern type *sglib_##type##_it_init_inorder(struct sglib_##type##_iterator *it, type *tree);\ extern type *sglib_##type##_it_init_postorder(struct sglib_##type##_iterator *it, type *tree);\ extern type *sglib_##type##_it_init_on_equal(struct sglib_##type##_iterator *it, type *tree, int (*subcomparator)(type *, type *), type *equalto);\ extern type *sglib_##type##_it_current(struct sglib_##type##_iterator *it);\ extern type *sglib_##type##_it_next(struct sglib_##type##_iterator *it);\ #define SGLIB_DEFINE_RBTREE_FUNCTIONS(type, left, right, colorbit, comparator) \ SGLIB_DEFINE_RBTREE_FUNCTIONS_GENERAL(type, left, right, colorbit, comparator, 1, 0) /* ---------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------- */ /* - SUPPLEMENTARY DEFINITIONS - */ /* ---------------------------------------------------------------------------- */ /* ---------------------------------------------------------------------------- */ #define SGLIB___GET_VALUE(x) (x) #define SGLIB___SET_VALUE(x, value) {(x) = (value);} #define SGLIB_ARRAY_ELEMENTS_EXCHANGER(type, a, i, j) {type _sgl_aee_tmp_; _sgl_aee_tmp_=(a)[(i)]; (a)[(i)]=(a)[(j)]; (a)[(j)]= _sgl_aee_tmp_;} #define SGLIB_SAFE_NUMERIC_COMPARATOR(x, y) (((x)>(y)?1:((x)<(y)?-1:0))) #define SGLIB_SAFE_REVERSE_NUMERIC_COMPARATOR(x, y) (((x)>(y)?-1:((x)<(y)?1:0))) #define SGLIB_FAST_NUMERIC_COMPARATOR(x, y) ((int)((x) - (y))) #define SGLIB_FAST_REVERSE_NUMERIC_COMPARATOR(x, y) ((int)((y) - (x))) #define SGLIB_NUMERIC_COMPARATOR(x, y) SGLIB_SAFE_NUMERIC_COMPARATOR(x, y) #define SGLIB_REVERSE_NUMERIC_COMPARATOR(x, y) SGLIB_SAFE_REVERSE_NUMERIC_COMPARATOR(x, y) #ifndef SGLIB_MAX_TREE_DEEP #define SGLIB_MAX_TREE_DEEP 128 #endif #ifndef SGLIB_HASH_TAB_SHIFT_CONSTANT #define SGLIB_HASH_TAB_SHIFT_CONSTANT 16381 /* should be a prime */ /* #define SGLIB_HASH_TAB_SHIFT_CONSTANT 536870912*/ /* for large tables :) */ #endif #endif /* _SGLIB__h_ */ uacme-1.7.6/ualpn.1.txt0000644000000000000000000002404314734273761011546 00000000000000UALPN(1) ======== :doctype: manpage :man source: ualpn :man version: {revision} :man manual: User Commands NAME ---- ualpn - lightweight proxying ACMEv2 tls-alpn-01 responder SYNOPSIS -------- *ualpn* [*-4*|*--ipv4*] [*-6*|*--ipv6*] [*-b*|*--bind* 'address'[@'port']] [*-c*|*--connect* 'address'[@'port']] [*-d*|*--daemon*] [*-l*|*--logfile* 'file'] [*-m*|*--max-auths* 'N'] [*-n*|*--num-workers* 'N'] [*-p*|*--pidfile* 'file'] [*-P*|*--proxy* 'N'] [*-r*|*--chroot* 'dir'] [*-s*|*--sock* 'path'] [*-S*|*--sock-mode* 'mode'] [*-t*|*--terminate*] [*-u*|*--user* 'user'`[:`'group']] [*-v*|*--verbose* ...] [*-V*|*--version*] [*-?*|*--help*] DESCRIPTION ----------- *ualpn* is a lightweight proxying ACMEv2 tls-alpn-01 challenge responder compliant with RFC8737 () and RFC8738 (). Depending on how it is invoked, *ualpn* runs in either client or server mode. In client mode *ualpn* connects to a running server mode instance of itself through a unix domain socket, in order to add or remove ACMEv2 authorizations. See CLIENT MODE below. In server mode *ualpn* listens for incoming connections (by default on port 443, which is mandatory for tls-alpn-01 challenges). It then handles any such connection in one of two different ways: * if the connection begins with a "ClientHello" TLS handshake packet including a "acme-tls/1" RFC7301 Application Level Protocol Negotiation extension *and* a RFC6066 Server Name Indication extension matching an identifier for which it has an authorization, *ualpn* performs the tls-alpn-01 handshake and closes the connection; * otherwise *ualpn* transparently proxies the connection to one of the backend servers it is configured with. By default *ualpn* adds PROXY v1 headers () in order to safely transport connection information such as the client's address to the backend. The PROXY protocol is currently supported by apache, nginx and several other server programs. The event-driven implementation is based on libev () and considerably reduces the cost of context switches and memory usage. In addition on systems such as Linux supporting the `splice()` system call, *ualpn* is able to move network data without copying it to/from kernel/user address space. OPTIONS ------- *-4, --ipv4*:: Only listen to IPv4 connections *-6, --ipv6*:: Only listen to IPv6 connections *-b, --bind* 'address'[@'port']:: Enable server mode and listen to 'address'. The address must be specified in numeric format using the standard IPv4 or IPv6 notation. Optionally, a port number can be given (default is 443). This flag can be specified multiple times to listen to multiple IP addresses. If this flag is not specified and server mode was enabled by some other option, *ualpn* listens to the wildcard interface; otherwise it runs in client mode (see CLIENT MODE below). *-c, --connect* 'address'[@'port']:: Enable server mode and add a new backend. The backend address must be specified in numeric format using the standard IPv4 or IPv6 notation. Optionally, a port number can be given (default is 443). This flag can be specified multiple times to add multiple backends. This flag must be specified at least once in server mode. *-d, --daemon*:: Enable server mode and fork in the background *-l, --logfile* 'file':: Log to 'file'. By default *ualpn* logs to syslog if *-d, --daemon* was specified or stderr otherwise. See also *-v, --verbose* *-m, --max-auths* 'N':: Enable server mode and allow managing ACMEv2 tls-alpn-01 challenges for up to 'N' different identifiers (default 100) *-n, --num-workers* 'N':: Enable server mode and spawn 'N' worker processes (default 2) to handle connections. Note that worker processes are single threaded but thanks to the event based implementation each can handle several (potentially thousands) connections concurrently. *-p, --pidfile* 'file':: Specify pidfile location (default {runstatedir}/ualpn.pid) *-P, --proxy* 'N':: Enable server mode and disable (0) or specify (1, 2) the PROXY header version (default 1). The backend server needs to be configured accordingly: * nginx: * apache: *-r, --chroot* 'dir':: Enable server mode and specify a directory to chroot to. If logging to syslog it is necessary to ensure that a syslogd(8) socket is available at /dev/log in the chroot directory, otherwise *ualpn* will not produce any log output. *-s, --sock* 'path':: Specify unix socket path (default {runstatedir}/ualpn.sock) *-S, --sock-mode* 'mode':: Enable server mode and specify socket access permissions (default 644) *-t, --terminate*:: Try to terminate a running *ualpn* server. This is achieved by looking up the process id stored by the server in the pidfile (see *-p, --pidfile*) and signalling it to terminate. *-u, --user* 'user'`[:`'group'`]`:: Enable server mode and drop user (and optionally group) privileges to those of 'user' after binding the sockets. Also affects the ownership of the unix socket, pidfile and logfile (if any). *-v, --verbose*:: By default *ualpn* only produces logs upon errors or warnings. When this option is specified *ualpn* also logs notice messages. This option can be specified more than once to increase verbosity and include information (twice) or debug (three times) messages. *-V, --version*:: Print program version on stderr and exit. *-?, --help*:: Print a brief usage text on stderr and exit. CLIENT MODE ----------- In client mode *ualpn* pipes stdin/stdout to/from the unix socket of the running server instance of itself. The protocol is ASCII text based, case sensitive, line oriented, with two commands: *auth* 'identifier' 'authorization':: The *auth* command instructs the running *ualpn* server to handle ACMEv2 tls-alpn-01 challenges for 'identifier', which can be a string representing either a domain (type `dns` according to RFC8555 section 9.7.8) or an IP address (type `ip` according to RFC8738 section 6). 'authorization' must contain the base64url encoding of the SHA-256 digest of the key authorization computed according to RFC8737 section 3 (note the *uacme* software executes hook scripts with the correct 'authorization' passed as the 5th argument). Upon successful invocation of the *auth* command *ualpn* generates a self signed certificate as required by the tls-alpn-01 challenge, and then uses it to perform tls-alpn-01 handshakes for the given 'identifier'. *unauth* 'identifier':: The *unauth* command instructs the running *ualpn* server to no longer handle ACMEv2 tls-alpn-01 challenges for 'identifier'. *ualpn* responds to both commands with a line beginning with either "OK" or "ERR", followed by a space and additional error information. EXAMPLES -------- `ualpn -vv -d -u nobody:nogroup -c 127.0.0.1@4443 -S 666`:: start *ualpn* as a daemon, binding to the default port 443 on the wildcard interface. Proxy connections to port 4443 on 127.0.0.1 After opening the sockets, drop the user privileges and run as nobody:nogroup. Allow anyone on the local host to access the unix socket. Also increase the verbosity to include notice and information messages. `echo "auth www.example.com DEi0apzMOdMT2DAro57oIvn-wEzPiYcAYDh2Cvjra3I" | ualpn`:: Instruct the running *ualpn* server to handle ACMEv2 tls-alpn-01 challenges for www.example.com with the given key authorization. `echo "unauth www.example.com" | ualpn`:: Instruct the running *ualpn* server to no longer handle ACMEv2 tls-alpn-01 challenges for www.example.com EXIT STATUS ----------- *0*:: Success *1*:: Failure (syntax or usage error; configuration error; processing failure; unexpected error). EXAMPLE UACME HOOK SCRIPT ------------------------- The 'ualpn.sh' hook script included in the distribution can be used to automate the certificate issuance with *uacme*, provided *ualpn* is listening on port 443 of the webserver for the domain being validated #!/bin/sh ARGS=5 E_BADARGS=85 if test $# -ne "$ARGS" then echo "Usage: $(basename "$0") method type ident token auth" 1>&2 exit $E_BADARGS fi METHOD=$1 TYPE=$2 IDENT=$3 TOKEN=$4 AUTH=$5 if [ "$TYPE" != "tls-alpn-01" ]; then exit 1 fi case "$METHOD" in "begin") UALPN_OUT=$(echo "auth $IDENT $AUTH" | ualpn) if [ "x$UALPN_OUT" = "xOK" ]; then exit 0 else exit 1 fi ;; "done"|"failed") UALPN_OUT=$(echo "unauth $IDENT" | ualpn) if [ "x$UALPN_OUT" = "xOK" ]; then exit 0 else exit 1 fi ;; *) echo "$0: invalid method" 1>&2 exit 1 esac BUGS ---- If you believe you have found a bug, please create a new issue at https://github.com/ndilieto/uacme/issues with any applicable information. SEE ALSO -------- *uacme*(1) AUTHOR ------ *ualpn* was written by Nicola Di Lieto COPYRIGHT --------- Copyright (C) 2019-2024 Nicola Di Lieto This file is part of *uacme*. *uacme* is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. *uacme* is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . uacme-1.7.6/COPYING0000644000000000000000000010451314555530552010556 00000000000000 GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The GNU General Public License is a free, copyleft license for software and other kinds of works. The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things. To protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others. For example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. Developers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it. For the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions. Some devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users. Finally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free. The precise terms and conditions for copying, distribution and modification follow. TERMS AND CONDITIONS 0. Definitions. "This License" refers to version 3 of the GNU General Public License. "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks. "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations. To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work. A "covered work" means either the unmodified Program or a work based on the Program. To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well. To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying. An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion. 1. Source Code. The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work. A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language. The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it. The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work. The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source. The Corresponding Source for a work in source code form is that same work. 2. Basic Permissions. All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law. You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you. Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary. 3. Protecting Users' Legal Rights From Anti-Circumvention Law. No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures. When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures. 4. Conveying Verbatim Copies. You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program. You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee. 5. Conveying Modified Source Versions. You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: a) The work must carry prominent notices stating that you modified it, and giving a relevant date. b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices". c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it. d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange. b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge. c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b. d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements. e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work. A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product. "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM). The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network. Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying. 7. Additional Terms. "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions. When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission. Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors. All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying. If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms. Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way. 8. Termination. You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11). However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation. Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice. Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10. 9. Acceptance Not Required for Having Copies. You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so. 10. Automatic Licensing of Downstream Recipients. Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License. An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts. You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it. 11. Patents. A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version". A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License. Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version. In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party. If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid. If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it. A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007. Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law. 12. No Surrender of Others' Freedom. If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program. 13. Use with the GNU Affero General Public License. Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such. 14. Revised Versions of this License. The Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation. If the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program. Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version. 15. Disclaimer of Warranty. THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16. Limitation of Liability. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 17. Interpretation of Sections 15 and 16. If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: Copyright (C) This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an "about box". You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see . The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read . uacme-1.7.6/Makefile.in0000644000000000000000000016126614734274627011607 00000000000000# Makefile.in generated by automake 1.16.3 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2020 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ # Copyright (C) 2019-2024 Nicola Di Lieto # # This file is part of uacme. # # uacme is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # uacme is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : bin_PROGRAMS = uacme$(EXEEXT) $(am__EXEEXT_1) @ENABLE_UALPN_TRUE@am__append_1 = ualpn @ENABLE_LIBEV_TRUE@@ENABLE_UALPN_TRUE@am__append_2 = libev/ev.h @ENABLE_LIBEV_TRUE@@ENABLE_UALPN_TRUE@am__append_3 = -Ilibev @ENABLE_READFILE_TRUE@am__append_4 = read-file.c read-file.h @ENABLE_UALPN_TRUE@am__append_5 = ualpn.sh @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@am__append_6 = ualpn.1 @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@am__append_7 = docs/ualpn.html subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = \ $(top_srcdir)/build-aux/m4/ax_check_compile_flag.m4 \ $(top_srcdir)/build-aux/m4/ax_check_enable_debug.m4 \ $(top_srcdir)/build-aux/m4/ax_is_release.m4 \ $(top_srcdir)/libev/libev.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(top_srcdir)/configure \ $(am__configure_deps) $(am__dist_pkgdata_SCRIPTS_DIST) \ $(am__dist_html_DATA_DIST) $(am__DIST_COMMON) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ configure.lineno config.status.lineno mkinstalldirs = $(install_sh) -d CONFIG_HEADER = config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = @ENABLE_UALPN_TRUE@am__EXEEXT_1 = ualpn$(EXEEXT) am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgdatadir)" \ "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(htmldir)" PROGRAMS = $(bin_PROGRAMS) LIBRARIES = $(noinst_LIBRARIES) AM_V_AR = $(am__v_AR_@AM_V@) am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) am__v_AR_0 = @echo " AR " $@; am__v_AR_1 = libev_a_AR = $(AR) $(ARFLAGS) libev_a_LIBADD = am__libev_a_SOURCES_DIST = libev/ev.c am__dirstamp = $(am__leading_dot)dirstamp @ENABLE_LIBEV_TRUE@@ENABLE_UALPN_TRUE@am_libev_a_OBJECTS = \ @ENABLE_LIBEV_TRUE@@ENABLE_UALPN_TRUE@ libev/ev.$(OBJEXT) libev_a_OBJECTS = $(am_libev_a_OBJECTS) am__uacme_SOURCES_DIST = uacme.c base64.c base64.h crypto.c crypto.h \ curlwrap.c curlwrap.h json.c json.h jsmn.h msg.c msg.h \ read-file.c read-file.h @ENABLE_READFILE_TRUE@am__objects_1 = uacme-read-file.$(OBJEXT) am_uacme_OBJECTS = uacme-uacme.$(OBJEXT) uacme-base64.$(OBJEXT) \ uacme-crypto.$(OBJEXT) uacme-curlwrap.$(OBJEXT) \ uacme-json.$(OBJEXT) uacme-msg.$(OBJEXT) $(am__objects_1) uacme_OBJECTS = $(am_uacme_OBJECTS) am__DEPENDENCIES_1 = uacme_DEPENDENCIES = $(am__DEPENDENCIES_1) uacme_LINK = $(CCLD) $(uacme_CFLAGS) $(CFLAGS) $(uacme_LDFLAGS) \ $(LDFLAGS) -o $@ am__ualpn_SOURCES_DIST = ualpn.c base64.c base64.h log.c log.h sglib.h \ libev/ev.h am__objects_2 = @ENABLE_UALPN_TRUE@am_ualpn_OBJECTS = ualpn-ualpn.$(OBJEXT) \ @ENABLE_UALPN_TRUE@ ualpn-base64.$(OBJEXT) ualpn-log.$(OBJEXT) \ @ENABLE_UALPN_TRUE@ $(am__objects_2) ualpn_OBJECTS = $(am_ualpn_OBJECTS) @ENABLE_LIBEV_FALSE@@ENABLE_UALPN_TRUE@ualpn_DEPENDENCIES = \ @ENABLE_LIBEV_FALSE@@ENABLE_UALPN_TRUE@ $(am__DEPENDENCIES_1) @ENABLE_LIBEV_TRUE@@ENABLE_UALPN_TRUE@ualpn_DEPENDENCIES = libev.a \ @ENABLE_LIBEV_TRUE@@ENABLE_UALPN_TRUE@ $(am__DEPENDENCIES_1) ualpn_LINK = $(CCLD) $(ualpn_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ am__dist_pkgdata_SCRIPTS_DIST = uacme.sh nsupdate.sh ualpn.sh am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; am__install_max = 40 am__nobase_strip_setup = \ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` am__nobase_strip = \ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" am__nobase_list = $(am__nobase_strip_setup); \ for p in $$list; do echo "$$p $$p"; done | \ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ if (++n[$$2] == $(am__install_max)) \ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ END { for (dir in files) print dir, files[dir] }' am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__uninstall_files_from_dir = { \ test -z "$$files" \ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ $(am__cd) "$$dir" && rm -f $$files; }; \ } SCRIPTS = $(dist_pkgdata_SCRIPTS) AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp am__maybe_remake_depfiles = depfiles am__depfiles_remade = ./$(DEPDIR)/uacme-base64.Po \ ./$(DEPDIR)/uacme-crypto.Po ./$(DEPDIR)/uacme-curlwrap.Po \ ./$(DEPDIR)/uacme-json.Po ./$(DEPDIR)/uacme-msg.Po \ ./$(DEPDIR)/uacme-read-file.Po ./$(DEPDIR)/uacme-uacme.Po \ ./$(DEPDIR)/ualpn-base64.Po ./$(DEPDIR)/ualpn-log.Po \ ./$(DEPDIR)/ualpn-ualpn.Po libev/$(DEPDIR)/ev.Po am__mv = mv -f AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent am__v_lt_1 = COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) AM_V_CC = $(am__v_CC_@AM_V@) am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) am__v_CC_0 = @echo " CC " $@; am__v_CC_1 = CCLD = $(CC) LINK = $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(libev_a_SOURCES) $(uacme_SOURCES) $(ualpn_SOURCES) DIST_SOURCES = $(am__libev_a_SOURCES_DIST) $(am__uacme_SOURCES_DIST) \ $(am__ualpn_SOURCES_DIST) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac man1dir = $(mandir)/man1 NROFF = nroff MANS = $(dist_man1_MANS) am__dist_html_DATA_DIST = docs/uacme.html docs/ualpn.html DATA = $(dist_html_DATA) am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) \ config.h.in # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags CSCOPE = cscope AM_RECURSIVE_TARGETS = cscope am__DIST_COMMON = $(dist_man1_MANS) $(srcdir)/Makefile.in \ $(srcdir)/config.h.in $(top_srcdir)/build-aux/ar-lib \ $(top_srcdir)/build-aux/compile \ $(top_srcdir)/build-aux/depcomp \ $(top_srcdir)/build-aux/install-sh \ $(top_srcdir)/build-aux/missing AUTHORS COPYING ChangeLog \ INSTALL NEWS README THANKS build-aux/ar-lib build-aux/compile \ build-aux/depcomp build-aux/install-sh build-aux/missing DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) am__remove_distdir = \ if test -d "$(distdir)"; then \ find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ && rm -rf "$(distdir)" \ || { sleep 5 && rm -rf "$(distdir)"; }; \ else :; fi am__post_remove_distdir = $(am__remove_distdir) DIST_ARCHIVES = $(distdir).tar.gz GZIP_ENV = --best DIST_TARGETS = dist-gzip # Exists only to be overridden by the user if desired. AM_DISTCHECK_DVI_TARGET = dvi distuninstallcheck_listfiles = find . -type f -print am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \ | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$' distcleancheck_listfiles = find . -type f -print A2X = @A2X@ ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ ASCIIDOC = @ASCIIDOC@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CURL_CFLAGS = @CURL_CFLAGS@ CURL_CPPFLAGS = @CURL_CPPFLAGS@ CURL_LDADD = @CURL_LDADD@ CURL_LDFLAGS = @CURL_LDFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ GREP = @GREP@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ LDFLAGS = @LDFLAGS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LTLIBOBJS = @LTLIBOBJS@ MAINT = @MAINT@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ OBJEXT = @OBJEXT@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ RANLIB = @RANLIB@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ STRIP = @STRIP@ UALPN_LDADD = @UALPN_LDADD@ USE_GNUTLS = @USE_GNUTLS@ USE_LIBTASN1 = @USE_LIBTASN1@ USE_MBEDTLS = @USE_MBEDTLS@ USE_OPENSSL = @USE_OPENSSL@ VERSION = @VERSION@ WCFLAGS = @WCFLAGS@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ bindir = @bindir@ build_alias = @build_alias@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host_alias = @host_alias@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ ACLOCAL_AMFLAGS = -I build-aux/m4 ARFLAGS = cr @ENABLE_UALPN_TRUE@ualpn_SOURCES = ualpn.c base64.c base64.h log.c \ @ENABLE_UALPN_TRUE@ log.h sglib.h $(am__append_2) @ENABLE_UALPN_TRUE@ualpn_CPPFLAGS = \ @ENABLE_UALPN_TRUE@ -DRUNSTATEDIR="\"${runstatedir}\"" \ @ENABLE_UALPN_TRUE@ $(am__append_3) @ENABLE_UALPN_TRUE@ualpn_CFLAGS = $(WCFLAGS) @ENABLE_LIBEV_FALSE@@ENABLE_UALPN_TRUE@ualpn_LDADD = $(UALPN_LDADD) @ENABLE_LIBEV_TRUE@@ENABLE_UALPN_TRUE@ualpn_LDADD = libev.a $(UALPN_LDADD) @ENABLE_LIBEV_TRUE@@ENABLE_UALPN_TRUE@noinst_LIBRARIES = libev.a @ENABLE_LIBEV_TRUE@@ENABLE_UALPN_TRUE@libev_a_SOURCES = libev/ev.c uacme_SOURCES = uacme.c base64.c base64.h crypto.c crypto.h curlwrap.c \ curlwrap.h json.c json.h jsmn.h msg.c msg.h $(am__append_4) uacme_CPPFLAGS = -DRUNSTATEDIR="\"${runstatedir}\"" \ -DSYSCONFDIR="\"${sysconfdir}\"" \ $(CURL_CPPFLAGS) uacme_CFLAGS = $(CURL_CFLAGS) $(WCFLAGS) uacme_LDFLAGS = $(CURL_LDFLAGS) uacme_LDADD = $(CURL_LDADD) BUILT_SOURCES = $(top_srcdir)/.version dist_pkgdata_SCRIPTS = uacme.sh nsupdate.sh $(am__append_5) @ENABLE_DOCS_TRUE@dist_man1_MANS = uacme.1 $(am__append_6) @ENABLE_DOCS_TRUE@dist_html_DATA = docs/uacme.html $(am__append_7) EXTRA_DIST = GNUmakefile build-aux/git-version-gen uacme.sh nsupdate.sh \ uacme.1.txt uacme.1 docs/uacme.html ualpn.1.txt ualpn.1 \ docs/ualpn.html libev/ev_epoll.c libev/ev_iouring.c \ libev/ev_kqueue.c libev/ev_linuxaio.c libev/ev_poll.c \ libev/ev_port.c libev/ev_select.c libev/ev_vars.h \ libev/ev_wrap.h README.md CLEANFILES = valgrind.log all: $(BUILT_SOURCES) config.h $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: .SUFFIXES: .c .o .obj am--refresh: Makefile @: $(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ echo ' cd $(srcdir) && $(AUTOMAKE) --gnu'; \ $(am__cd) $(srcdir) && $(AUTOMAKE) --gnu \ && exit 0; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --gnu Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ echo ' $(SHELL) ./config.status'; \ $(SHELL) ./config.status;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) $(SHELL) ./config.status --recheck $(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) $(am__cd) $(srcdir) && $(AUTOCONF) $(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) $(am__aclocal_m4_deps): config.h: stamp-h1 @test -f $@ || rm -f stamp-h1 @test -f $@ || $(MAKE) $(AM_MAKEFLAGS) stamp-h1 stamp-h1: $(srcdir)/config.h.in $(top_builddir)/config.status @rm -f stamp-h1 cd $(top_builddir) && $(SHELL) ./config.status config.h $(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) rm -f stamp-h1 touch $@ distclean-hdr: -rm -f config.h stamp-h1 install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \ $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \ fi; \ for p in $$list; do echo "$$p $$p"; done | \ sed 's/$(EXEEXT)$$//' | \ while read p p1; do if test -f $$p \ ; then echo "$$p"; echo "$$p"; else :; fi; \ done | \ sed -e 'p;s,.*/,,;n;h' \ -e 's|.*|.|' \ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ sed 'N;N;N;s,\n, ,g' | \ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ if ($$2 == $$4) files[d] = files[d] " " $$1; \ else { print "f", $$3 "/" $$4, $$1; } } \ END { for (d in files) print "f", d, files[d] }' | \ while read type dir files; do \ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ test -z "$$files" || { \ echo " $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ $(INSTALL_PROGRAM_ENV) $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ } \ ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ files=`for p in $$list; do echo "$$p"; done | \ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ -e 's/$$/$(EXEEXT)/' \ `; \ test -n "$$list" || exit 0; \ echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS) clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) libev/$(am__dirstamp): @$(MKDIR_P) libev @: > libev/$(am__dirstamp) libev/$(DEPDIR)/$(am__dirstamp): @$(MKDIR_P) libev/$(DEPDIR) @: > libev/$(DEPDIR)/$(am__dirstamp) libev/ev.$(OBJEXT): libev/$(am__dirstamp) \ libev/$(DEPDIR)/$(am__dirstamp) libev.a: $(libev_a_OBJECTS) $(libev_a_DEPENDENCIES) $(EXTRA_libev_a_DEPENDENCIES) $(AM_V_at)-rm -f libev.a $(AM_V_AR)$(libev_a_AR) libev.a $(libev_a_OBJECTS) $(libev_a_LIBADD) $(AM_V_at)$(RANLIB) libev.a uacme$(EXEEXT): $(uacme_OBJECTS) $(uacme_DEPENDENCIES) $(EXTRA_uacme_DEPENDENCIES) @rm -f uacme$(EXEEXT) $(AM_V_CCLD)$(uacme_LINK) $(uacme_OBJECTS) $(uacme_LDADD) $(LIBS) ualpn$(EXEEXT): $(ualpn_OBJECTS) $(ualpn_DEPENDENCIES) $(EXTRA_ualpn_DEPENDENCIES) @rm -f ualpn$(EXEEXT) $(AM_V_CCLD)$(ualpn_LINK) $(ualpn_OBJECTS) $(ualpn_LDADD) $(LIBS) install-dist_pkgdataSCRIPTS: $(dist_pkgdata_SCRIPTS) @$(NORMAL_INSTALL) @list='$(dist_pkgdata_SCRIPTS)'; test -n "$(pkgdatadir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(pkgdatadir)'"; \ $(MKDIR_P) "$(DESTDIR)$(pkgdatadir)" || exit 1; \ fi; \ for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ if test -f "$$d$$p"; then echo "$$d$$p"; echo "$$p"; else :; fi; \ done | \ sed -e 'p;s,.*/,,;n' \ -e 'h;s|.*|.|' \ -e 'p;x;s,.*/,,;$(transform)' | sed 'N;N;N;s,\n, ,g' | \ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1; } \ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ if ($$2 == $$4) { files[d] = files[d] " " $$1; \ if (++n[d] == $(am__install_max)) { \ print "f", d, files[d]; n[d] = 0; files[d] = "" } } \ else { print "f", d "/" $$4, $$1 } } \ END { for (d in files) print "f", d, files[d] }' | \ while read type dir files; do \ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ test -z "$$files" || { \ echo " $(INSTALL_SCRIPT) $$files '$(DESTDIR)$(pkgdatadir)$$dir'"; \ $(INSTALL_SCRIPT) $$files "$(DESTDIR)$(pkgdatadir)$$dir" || exit $$?; \ } \ ; done uninstall-dist_pkgdataSCRIPTS: @$(NORMAL_UNINSTALL) @list='$(dist_pkgdata_SCRIPTS)'; test -n "$(pkgdatadir)" || exit 0; \ files=`for p in $$list; do echo "$$p"; done | \ sed -e 's,.*/,,;$(transform)'`; \ dir='$(DESTDIR)$(pkgdatadir)'; $(am__uninstall_files_from_dir) mostlyclean-compile: -rm -f *.$(OBJEXT) -rm -f libev/*.$(OBJEXT) distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uacme-base64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uacme-crypto.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uacme-curlwrap.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uacme-json.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uacme-msg.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uacme-read-file.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/uacme-uacme.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ualpn-base64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ualpn-log.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ualpn-ualpn.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@libev/$(DEPDIR)/ev.Po@am__quote@ # am--include-marker $(am__depfiles_remade): @$(MKDIR_P) $(@D) @echo '# dummy' >$@-t && $(am__mv) $@-t $@ am--depfiles: $(am__depfiles_remade) .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` uacme-uacme.o: uacme.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-uacme.o -MD -MP -MF $(DEPDIR)/uacme-uacme.Tpo -c -o uacme-uacme.o `test -f 'uacme.c' || echo '$(srcdir)/'`uacme.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-uacme.Tpo $(DEPDIR)/uacme-uacme.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='uacme.c' object='uacme-uacme.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-uacme.o `test -f 'uacme.c' || echo '$(srcdir)/'`uacme.c uacme-uacme.obj: uacme.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-uacme.obj -MD -MP -MF $(DEPDIR)/uacme-uacme.Tpo -c -o uacme-uacme.obj `if test -f 'uacme.c'; then $(CYGPATH_W) 'uacme.c'; else $(CYGPATH_W) '$(srcdir)/uacme.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-uacme.Tpo $(DEPDIR)/uacme-uacme.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='uacme.c' object='uacme-uacme.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-uacme.obj `if test -f 'uacme.c'; then $(CYGPATH_W) 'uacme.c'; else $(CYGPATH_W) '$(srcdir)/uacme.c'; fi` uacme-base64.o: base64.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-base64.o -MD -MP -MF $(DEPDIR)/uacme-base64.Tpo -c -o uacme-base64.o `test -f 'base64.c' || echo '$(srcdir)/'`base64.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-base64.Tpo $(DEPDIR)/uacme-base64.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='base64.c' object='uacme-base64.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-base64.o `test -f 'base64.c' || echo '$(srcdir)/'`base64.c uacme-base64.obj: base64.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-base64.obj -MD -MP -MF $(DEPDIR)/uacme-base64.Tpo -c -o uacme-base64.obj `if test -f 'base64.c'; then $(CYGPATH_W) 'base64.c'; else $(CYGPATH_W) '$(srcdir)/base64.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-base64.Tpo $(DEPDIR)/uacme-base64.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='base64.c' object='uacme-base64.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-base64.obj `if test -f 'base64.c'; then $(CYGPATH_W) 'base64.c'; else $(CYGPATH_W) '$(srcdir)/base64.c'; fi` uacme-crypto.o: crypto.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-crypto.o -MD -MP -MF $(DEPDIR)/uacme-crypto.Tpo -c -o uacme-crypto.o `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-crypto.Tpo $(DEPDIR)/uacme-crypto.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='crypto.c' object='uacme-crypto.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-crypto.o `test -f 'crypto.c' || echo '$(srcdir)/'`crypto.c uacme-crypto.obj: crypto.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-crypto.obj -MD -MP -MF $(DEPDIR)/uacme-crypto.Tpo -c -o uacme-crypto.obj `if test -f 'crypto.c'; then $(CYGPATH_W) 'crypto.c'; else $(CYGPATH_W) '$(srcdir)/crypto.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-crypto.Tpo $(DEPDIR)/uacme-crypto.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='crypto.c' object='uacme-crypto.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-crypto.obj `if test -f 'crypto.c'; then $(CYGPATH_W) 'crypto.c'; else $(CYGPATH_W) '$(srcdir)/crypto.c'; fi` uacme-curlwrap.o: curlwrap.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-curlwrap.o -MD -MP -MF $(DEPDIR)/uacme-curlwrap.Tpo -c -o uacme-curlwrap.o `test -f 'curlwrap.c' || echo '$(srcdir)/'`curlwrap.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-curlwrap.Tpo $(DEPDIR)/uacme-curlwrap.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curlwrap.c' object='uacme-curlwrap.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-curlwrap.o `test -f 'curlwrap.c' || echo '$(srcdir)/'`curlwrap.c uacme-curlwrap.obj: curlwrap.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-curlwrap.obj -MD -MP -MF $(DEPDIR)/uacme-curlwrap.Tpo -c -o uacme-curlwrap.obj `if test -f 'curlwrap.c'; then $(CYGPATH_W) 'curlwrap.c'; else $(CYGPATH_W) '$(srcdir)/curlwrap.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-curlwrap.Tpo $(DEPDIR)/uacme-curlwrap.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='curlwrap.c' object='uacme-curlwrap.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-curlwrap.obj `if test -f 'curlwrap.c'; then $(CYGPATH_W) 'curlwrap.c'; else $(CYGPATH_W) '$(srcdir)/curlwrap.c'; fi` uacme-json.o: json.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-json.o -MD -MP -MF $(DEPDIR)/uacme-json.Tpo -c -o uacme-json.o `test -f 'json.c' || echo '$(srcdir)/'`json.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-json.Tpo $(DEPDIR)/uacme-json.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='json.c' object='uacme-json.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-json.o `test -f 'json.c' || echo '$(srcdir)/'`json.c uacme-json.obj: json.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-json.obj -MD -MP -MF $(DEPDIR)/uacme-json.Tpo -c -o uacme-json.obj `if test -f 'json.c'; then $(CYGPATH_W) 'json.c'; else $(CYGPATH_W) '$(srcdir)/json.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-json.Tpo $(DEPDIR)/uacme-json.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='json.c' object='uacme-json.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-json.obj `if test -f 'json.c'; then $(CYGPATH_W) 'json.c'; else $(CYGPATH_W) '$(srcdir)/json.c'; fi` uacme-msg.o: msg.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-msg.o -MD -MP -MF $(DEPDIR)/uacme-msg.Tpo -c -o uacme-msg.o `test -f 'msg.c' || echo '$(srcdir)/'`msg.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-msg.Tpo $(DEPDIR)/uacme-msg.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='msg.c' object='uacme-msg.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-msg.o `test -f 'msg.c' || echo '$(srcdir)/'`msg.c uacme-msg.obj: msg.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-msg.obj -MD -MP -MF $(DEPDIR)/uacme-msg.Tpo -c -o uacme-msg.obj `if test -f 'msg.c'; then $(CYGPATH_W) 'msg.c'; else $(CYGPATH_W) '$(srcdir)/msg.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-msg.Tpo $(DEPDIR)/uacme-msg.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='msg.c' object='uacme-msg.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-msg.obj `if test -f 'msg.c'; then $(CYGPATH_W) 'msg.c'; else $(CYGPATH_W) '$(srcdir)/msg.c'; fi` uacme-read-file.o: read-file.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-read-file.o -MD -MP -MF $(DEPDIR)/uacme-read-file.Tpo -c -o uacme-read-file.o `test -f 'read-file.c' || echo '$(srcdir)/'`read-file.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-read-file.Tpo $(DEPDIR)/uacme-read-file.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='read-file.c' object='uacme-read-file.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-read-file.o `test -f 'read-file.c' || echo '$(srcdir)/'`read-file.c uacme-read-file.obj: read-file.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -MT uacme-read-file.obj -MD -MP -MF $(DEPDIR)/uacme-read-file.Tpo -c -o uacme-read-file.obj `if test -f 'read-file.c'; then $(CYGPATH_W) 'read-file.c'; else $(CYGPATH_W) '$(srcdir)/read-file.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/uacme-read-file.Tpo $(DEPDIR)/uacme-read-file.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='read-file.c' object='uacme-read-file.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(uacme_CPPFLAGS) $(CPPFLAGS) $(uacme_CFLAGS) $(CFLAGS) -c -o uacme-read-file.obj `if test -f 'read-file.c'; then $(CYGPATH_W) 'read-file.c'; else $(CYGPATH_W) '$(srcdir)/read-file.c'; fi` ualpn-ualpn.o: ualpn.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -MT ualpn-ualpn.o -MD -MP -MF $(DEPDIR)/ualpn-ualpn.Tpo -c -o ualpn-ualpn.o `test -f 'ualpn.c' || echo '$(srcdir)/'`ualpn.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ualpn-ualpn.Tpo $(DEPDIR)/ualpn-ualpn.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ualpn.c' object='ualpn-ualpn.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -c -o ualpn-ualpn.o `test -f 'ualpn.c' || echo '$(srcdir)/'`ualpn.c ualpn-ualpn.obj: ualpn.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -MT ualpn-ualpn.obj -MD -MP -MF $(DEPDIR)/ualpn-ualpn.Tpo -c -o ualpn-ualpn.obj `if test -f 'ualpn.c'; then $(CYGPATH_W) 'ualpn.c'; else $(CYGPATH_W) '$(srcdir)/ualpn.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ualpn-ualpn.Tpo $(DEPDIR)/ualpn-ualpn.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ualpn.c' object='ualpn-ualpn.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -c -o ualpn-ualpn.obj `if test -f 'ualpn.c'; then $(CYGPATH_W) 'ualpn.c'; else $(CYGPATH_W) '$(srcdir)/ualpn.c'; fi` ualpn-base64.o: base64.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -MT ualpn-base64.o -MD -MP -MF $(DEPDIR)/ualpn-base64.Tpo -c -o ualpn-base64.o `test -f 'base64.c' || echo '$(srcdir)/'`base64.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ualpn-base64.Tpo $(DEPDIR)/ualpn-base64.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='base64.c' object='ualpn-base64.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -c -o ualpn-base64.o `test -f 'base64.c' || echo '$(srcdir)/'`base64.c ualpn-base64.obj: base64.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -MT ualpn-base64.obj -MD -MP -MF $(DEPDIR)/ualpn-base64.Tpo -c -o ualpn-base64.obj `if test -f 'base64.c'; then $(CYGPATH_W) 'base64.c'; else $(CYGPATH_W) '$(srcdir)/base64.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ualpn-base64.Tpo $(DEPDIR)/ualpn-base64.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='base64.c' object='ualpn-base64.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -c -o ualpn-base64.obj `if test -f 'base64.c'; then $(CYGPATH_W) 'base64.c'; else $(CYGPATH_W) '$(srcdir)/base64.c'; fi` ualpn-log.o: log.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -MT ualpn-log.o -MD -MP -MF $(DEPDIR)/ualpn-log.Tpo -c -o ualpn-log.o `test -f 'log.c' || echo '$(srcdir)/'`log.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ualpn-log.Tpo $(DEPDIR)/ualpn-log.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='log.c' object='ualpn-log.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -c -o ualpn-log.o `test -f 'log.c' || echo '$(srcdir)/'`log.c ualpn-log.obj: log.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -MT ualpn-log.obj -MD -MP -MF $(DEPDIR)/ualpn-log.Tpo -c -o ualpn-log.obj `if test -f 'log.c'; then $(CYGPATH_W) 'log.c'; else $(CYGPATH_W) '$(srcdir)/log.c'; fi` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/ualpn-log.Tpo $(DEPDIR)/ualpn-log.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='log.c' object='ualpn-log.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ualpn_CPPFLAGS) $(CPPFLAGS) $(ualpn_CFLAGS) $(CFLAGS) -c -o ualpn-log.obj `if test -f 'log.c'; then $(CYGPATH_W) 'log.c'; else $(CYGPATH_W) '$(srcdir)/log.c'; fi` install-man1: $(dist_man1_MANS) @$(NORMAL_INSTALL) @list1='$(dist_man1_MANS)'; \ list2=''; \ test -n "$(man1dir)" \ && test -n "`echo $$list1$$list2`" \ || exit 0; \ echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ { for i in $$list1; do echo "$$i"; done; \ if test -n "$$list2"; then \ for i in $$list2; do echo "$$i"; done \ | sed -n '/\.1[a-z]*$$/p'; \ fi; \ } | while read p; do \ if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; echo "$$p"; \ done | \ sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ sed 'N;N;s,\n, ,g' | { \ list=; while read file base inst; do \ if test "$$base" = "$$inst"; then list="$$list $$file"; else \ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ fi; \ done; \ for i in $$list; do echo "$$i"; done | $(am__base_list) | \ while read files; do \ test -z "$$files" || { \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ done; } uninstall-man1: @$(NORMAL_UNINSTALL) @list='$(dist_man1_MANS)'; test -n "$(man1dir)" || exit 0; \ files=`{ for i in $$list; do echo "$$i"; done; \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) install-dist_htmlDATA: $(dist_html_DATA) @$(NORMAL_INSTALL) @list='$(dist_html_DATA)'; test -n "$(htmldir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(htmldir)'"; \ $(MKDIR_P) "$(DESTDIR)$(htmldir)" || exit 1; \ fi; \ for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; \ done | $(am__base_list) | \ while read files; do \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(htmldir)'"; \ $(INSTALL_DATA) $$files "$(DESTDIR)$(htmldir)" || exit $$?; \ done uninstall-dist_htmlDATA: @$(NORMAL_UNINSTALL) @list='$(dist_html_DATA)'; test -n "$(htmldir)" || list=; \ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ dir='$(DESTDIR)$(htmldir)'; $(am__uninstall_files_from_dir) ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-am TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-am CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscope: cscope.files test ! -s cscope.files \ || $(CSCOPE) -b -q $(AM_CSCOPEFLAGS) $(CSCOPEFLAGS) -i cscope.files $(CSCOPE_ARGS) clean-cscope: -rm -f cscope.files cscope.files: clean-cscope cscopelist cscopelist: cscopelist-am cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags -rm -f cscope.out cscope.in.out cscope.po.out cscope.files distdir: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) distdir-am distdir-am: $(DISTFILES) $(am__remove_distdir) test -d "$(distdir)" || mkdir "$(distdir)" @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done $(MAKE) $(AM_MAKEFLAGS) \ top_distdir="$(top_distdir)" distdir="$(distdir)" \ dist-hook -test -n "$(am__skip_mode_fix)" \ || find "$(distdir)" -type d ! -perm -755 \ -exec chmod u+rwx,go+rx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ || chmod -R a+r "$(distdir)" dist-gzip: distdir tardir=$(distdir) && $(am__tar) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).tar.gz $(am__post_remove_distdir) dist-bzip2: distdir tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2 $(am__post_remove_distdir) dist-lzip: distdir tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz $(am__post_remove_distdir) dist-xz: distdir tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz $(am__post_remove_distdir) dist-zstd: distdir tardir=$(distdir) && $(am__tar) | zstd -c $${ZSTD_CLEVEL-$${ZSTD_OPT--19}} >$(distdir).tar.zst $(am__post_remove_distdir) dist-tarZ: distdir @echo WARNING: "Support for distribution archives compressed with" \ "legacy program 'compress' is deprecated." >&2 @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z $(am__post_remove_distdir) dist-shar: distdir @echo WARNING: "Support for shar distribution archives is" \ "deprecated." >&2 @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 shar $(distdir) | eval GZIP= gzip $(GZIP_ENV) -c >$(distdir).shar.gz $(am__post_remove_distdir) dist-zip: distdir -rm -f $(distdir).zip zip -rq $(distdir).zip $(distdir) $(am__post_remove_distdir) dist dist-all: $(MAKE) $(AM_MAKEFLAGS) $(DIST_TARGETS) am__post_remove_distdir='@:' $(am__post_remove_distdir) # This target untars the dist file and tries a VPATH configuration. Then # it guarantees that the distribution is self-contained by making another # tarfile. distcheck: dist case '$(DIST_ARCHIVES)' in \ *.tar.gz*) \ eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).tar.gz | $(am__untar) ;;\ *.tar.bz2*) \ bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ *.tar.lz*) \ lzip -dc $(distdir).tar.lz | $(am__untar) ;;\ *.tar.xz*) \ xz -dc $(distdir).tar.xz | $(am__untar) ;;\ *.tar.Z*) \ uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ *.shar.gz*) \ eval GZIP= gzip $(GZIP_ENV) -dc $(distdir).shar.gz | unshar ;;\ *.zip*) \ unzip $(distdir).zip ;;\ *.tar.zst*) \ zstd -dc $(distdir).tar.zst | $(am__untar) ;;\ esac chmod -R a-w $(distdir) chmod u+w $(distdir) mkdir $(distdir)/_build $(distdir)/_build/sub $(distdir)/_inst chmod a-w $(distdir) test -d $(distdir)/_build || exit 0; \ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ && am__cwd=`pwd` \ && $(am__cd) $(distdir)/_build/sub \ && ../../configure \ $(AM_DISTCHECK_CONFIGURE_FLAGS) \ $(DISTCHECK_CONFIGURE_FLAGS) \ --srcdir=../.. --prefix="$$dc_install_base" \ && $(MAKE) $(AM_MAKEFLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) $(AM_DISTCHECK_DVI_TARGET) \ && $(MAKE) $(AM_MAKEFLAGS) check \ && $(MAKE) $(AM_MAKEFLAGS) install \ && $(MAKE) $(AM_MAKEFLAGS) installcheck \ && $(MAKE) $(AM_MAKEFLAGS) uninstall \ && $(MAKE) $(AM_MAKEFLAGS) distuninstallcheck_dir="$$dc_install_base" \ distuninstallcheck \ && chmod -R a-w "$$dc_install_base" \ && ({ \ (cd ../.. && umask 077 && mkdir "$$dc_destdir") \ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" install \ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" uninstall \ && $(MAKE) $(AM_MAKEFLAGS) DESTDIR="$$dc_destdir" \ distuninstallcheck_dir="$$dc_destdir" distuninstallcheck; \ } || { rm -rf "$$dc_destdir"; exit 1; }) \ && rm -rf "$$dc_destdir" \ && $(MAKE) $(AM_MAKEFLAGS) dist \ && rm -rf $(DIST_ARCHIVES) \ && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ && cd "$$am__cwd" \ || exit 1 $(am__post_remove_distdir) @(echo "$(distdir) archives ready for distribution: "; \ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' distuninstallcheck: @test -n '$(distuninstallcheck_dir)' || { \ echo 'ERROR: trying to run $@ with an empty' \ '$$(distuninstallcheck_dir)' >&2; \ exit 1; \ }; \ $(am__cd) '$(distuninstallcheck_dir)' || { \ echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \ exit 1; \ }; \ test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \ || { echo "ERROR: files left after uninstall:" ; \ if test -n "$(DESTDIR)"; then \ echo " (check DESTDIR support)"; \ fi ; \ $(distuninstallcheck_listfiles) ; \ exit 1; } >&2 distcleancheck: distclean @if test '$(srcdir)' = . ; then \ echo "ERROR: distcleancheck can only run from a VPATH build" ; \ exit 1 ; \ fi @test `$(distcleancheck_listfiles) | wc -l` -eq 0 \ || { echo "ERROR: files left in build directory after distclean:" ; \ $(distcleancheck_listfiles) ; \ exit 1; } >&2 check-am: all-am check: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) check-am all-am: Makefile $(PROGRAMS) $(LIBRARIES) $(SCRIPTS) $(MANS) $(DATA) \ config.h installdirs: for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(pkgdatadir)" "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(htmldir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) install-am install-exec: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data: install-data-am uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-am install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) -rm -f libev/$(DEPDIR)/$(am__dirstamp) -rm -f libev/$(am__dirstamp) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES) clean: clean-am clean-am: clean-binPROGRAMS clean-generic clean-noinstLIBRARIES \ mostlyclean-am distclean: distclean-am -rm -f $(am__CONFIG_DISTCLEAN_FILES) -rm -f ./$(DEPDIR)/uacme-base64.Po -rm -f ./$(DEPDIR)/uacme-crypto.Po -rm -f ./$(DEPDIR)/uacme-curlwrap.Po -rm -f ./$(DEPDIR)/uacme-json.Po -rm -f ./$(DEPDIR)/uacme-msg.Po -rm -f ./$(DEPDIR)/uacme-read-file.Po -rm -f ./$(DEPDIR)/uacme-uacme.Po -rm -f ./$(DEPDIR)/ualpn-base64.Po -rm -f ./$(DEPDIR)/ualpn-log.Po -rm -f ./$(DEPDIR)/ualpn-ualpn.Po -rm -f libev/$(DEPDIR)/ev.Po -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-hdr distclean-tags dvi: dvi-am dvi-am: html: html-am html-am: info: info-am info-am: install-data-am: install-dist_htmlDATA install-dist_pkgdataSCRIPTS \ install-man install-dvi: install-dvi-am install-dvi-am: install-exec-am: install-binPROGRAMS install-html: install-html-am install-html-am: install-info: install-info-am install-info-am: install-man: install-man1 install-pdf: install-pdf-am install-pdf-am: install-ps: install-ps-am install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am -rm -f $(am__CONFIG_DISTCLEAN_FILES) -rm -rf $(top_srcdir)/autom4te.cache -rm -f ./$(DEPDIR)/uacme-base64.Po -rm -f ./$(DEPDIR)/uacme-crypto.Po -rm -f ./$(DEPDIR)/uacme-curlwrap.Po -rm -f ./$(DEPDIR)/uacme-json.Po -rm -f ./$(DEPDIR)/uacme-msg.Po -rm -f ./$(DEPDIR)/uacme-read-file.Po -rm -f ./$(DEPDIR)/uacme-uacme.Po -rm -f ./$(DEPDIR)/ualpn-base64.Po -rm -f ./$(DEPDIR)/ualpn-log.Po -rm -f ./$(DEPDIR)/ualpn-ualpn.Po -rm -f libev/$(DEPDIR)/ev.Po -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic pdf: pdf-am pdf-am: ps: ps-am ps-am: uninstall-am: uninstall-binPROGRAMS uninstall-dist_htmlDATA \ uninstall-dist_pkgdataSCRIPTS uninstall-man uninstall-man: uninstall-man1 .MAKE: all check install install-am install-exec install-strip .PHONY: CTAGS GTAGS TAGS all all-am am--depfiles am--refresh check \ check-am clean clean-binPROGRAMS clean-cscope clean-generic \ clean-noinstLIBRARIES cscope cscopelist-am ctags ctags-am dist \ dist-all dist-bzip2 dist-gzip dist-hook dist-lzip dist-shar \ dist-tarZ dist-xz dist-zip dist-zstd distcheck distclean \ distclean-compile distclean-generic distclean-hdr \ distclean-tags distcleancheck distdir distuninstallcheck dvi \ dvi-am html html-am info info-am install install-am \ install-binPROGRAMS install-data install-data-am \ install-dist_htmlDATA install-dist_pkgdataSCRIPTS install-dvi \ install-dvi-am install-exec install-exec-am install-html \ install-html-am install-info install-info-am install-man \ install-man1 install-pdf install-pdf-am install-ps \ install-ps-am install-strip installcheck installcheck-am \ installdirs maintainer-clean maintainer-clean-generic \ mostlyclean mostlyclean-compile mostlyclean-generic pdf pdf-am \ ps ps-am tags tags-am uninstall uninstall-am \ uninstall-binPROGRAMS uninstall-dist_htmlDATA \ uninstall-dist_pkgdataSCRIPTS uninstall-man uninstall-man1 .PRECIOUS: Makefile @ENABLE_UALPN_TRUE@ -DSYSCONFDIR="\"${sysconfdir}\"" $(top_srcdir)/.version: echo $(VERSION) > $@-t && mv $@-t $@ dist-hook: echo $(VERSION) > $(distdir)/.tarball-version @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@ualpn.1: ualpn.1.txt $(top_srcdir)/.version @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@ $(AM_V_GEN)$(A2X) -L -d manpage -f manpage \ @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@ -a revision=$(VERSION) \ @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@ -a sysconfdir="${sysconfdir}" \ @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@ -a runstatedir="${runstatedir}" $< @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@docs/ualpn.html: ualpn.1.txt $(top_srcdir)/.version @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@ $(AM_V_GEN)$(ASCIIDOC) -d manpage -b html5 -o $@ \ @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@ -a revision=$(VERSION) \ @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@ -a sysconfdir="${sysconfdir}" \ @ENABLE_DOCS_TRUE@@ENABLE_UALPN_TRUE@ -a runstatedir="${runstatedir}" $< @ENABLE_DOCS_TRUE@uacme.1: uacme.1.txt $(top_srcdir)/.version @ENABLE_DOCS_TRUE@ $(AM_V_GEN)$(A2X) -L -d manpage -f manpage \ @ENABLE_DOCS_TRUE@ -a revision=$(VERSION) \ @ENABLE_DOCS_TRUE@ -a sysconfdir="${sysconfdir}" \ @ENABLE_DOCS_TRUE@ -a runstatedir="${runstatedir}" $< @ENABLE_DOCS_TRUE@docs/uacme.html: uacme.1.txt $(top_srcdir)/.version @ENABLE_DOCS_TRUE@ $(AM_V_GEN)$(ASCIIDOC) -d manpage -b html5 -o $@ \ @ENABLE_DOCS_TRUE@ -a revision=$(VERSION) \ @ENABLE_DOCS_TRUE@ -a sysconfdir="${sysconfdir}" \ @ENABLE_DOCS_TRUE@ -a runstatedir="${runstatedir}" $< .PHONY: valgrind valgrind: uacme valgrind --tool=memcheck --leak-check=yes --show-reachable=yes \ --num-callers=20 --track-fds=yes --log-file=valgrind.log \ $(builddir)/uacme $(VALGRIND_UACME_ARGS) # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: uacme-1.7.6/log.c0000644000000000000000000000707314555533301010446 00000000000000/* * Copyright (C) 2019-2024 Nicola Di Lieto * * This file is part of uacme. * * uacme is free software: you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * uacme is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see * . */ #include "config.h" #include #include #include #include #include #include #include #include #include "log.h" void log_stderr(int priority, const char *format, ...) { va_list ap; const char *pri; switch (priority) { case LOG_DEBUG: pri = "DEBUG"; break; case LOG_INFO: pri = "INFO"; break; case LOG_NOTICE: pri = "NOTICE"; break; case LOG_WARNING: pri = "WARNING"; break; case LOG_ERR: pri = "ERR"; break; case LOG_CRIT: pri = "CRIT"; break; default: pri = "UNKNOWN"; } fprintf(stderr, "%ld [%s] ", (long)getpid(), pri); va_start(ap, format); vfprintf(stderr, format, ap); va_end(ap); fputc('\n', stderr); } static void (*log_func)(int priority, const char *format, ...) = log_stderr; void set_log_func(void (*f)(int priority, const char *format, ...)) { log_func = f; } static void vmsgx(int priority, const char *format, va_list ap) { int errno_save = errno; char *buf = NULL; size_t buf_size = 0; FILE *f = open_memstream(&buf, &buf_size); if (!f) log_func(LOG_ERR, "vmsg(%s, ...): open_memstream: %s", format, strerror(errno)); else if (vfprintf(f, format, ap) < 0) log_func(LOG_ERR, "vmsg(%s, ...): vfprintf: %s", format, strerror(errno)); else if (fflush(f) != 0) log_func(LOG_ERR, "vmsgx(%s, ...): fflush: %s", format, strerror(errno)); else log_func(priority, "%s", buf); if (f) fclose(f); free(buf); errno = errno_save; return; } static void vmsg(int priority, const char *format, va_list ap) { int errno_save = errno; char *buf = NULL; size_t buf_size = 0; FILE *f = open_memstream(&buf, &buf_size); if (!f) log_func(LOG_ERR, "vmsg(%s, ...): open_memstream: %s", format, strerror(errno)); else if (vfprintf(f, format, ap) < 0) log_func(LOG_ERR, "vmsg(%s, ...): vfprintf: %s", format, strerror(errno)); else if (fprintf(f, ": %s", strerror(errno_save)) < 0) log_func(LOG_ERR, "vmsg(%s, ...): fprintf: %s", format, strerror(errno)); else if (fflush(f) != 0) log_func(LOG_ERR, "vmsgx(%s, ...): fflush: %s", format, strerror(errno)); else log_func(priority, "%s", buf); if (f) fclose(f); free(buf); errno = errno_save; return; } DEFINE_LOG_FUNC(debug, LOG_DEBUG) DEFINE_LOG_FUNC(info, LOG_INFO) DEFINE_LOG_FUNC(notice, LOG_NOTICE) DEFINE_LOG_FUNC(warn, LOG_WARNING) DEFINE_LOG_FUNC(err, LOG_ERR) DEFINE_LOG_FUNC(crit, LOG_CRIT)