-.gitignore
*.*~*
TAGS
lib/doc
configure
aclocal.m4
*.lo
+*.la
obs/
-
+Makefile.in
+Makefile
+stamp-h1
+libtool
- Application runs its own event loop, using fd's for select and
performs I/O using the libradsec send/receive calls
(a.k.a. on-your-own mode)
-- Fully reentrant (FIXME: issues with libfreeradius-radius?)
- User chooses allocation regime
Note that as of 0.0.2.dev libradsec suffers from way too much focus on
* Dependencies
Details apply to Ubuntu 10.10.
-- libfreeradius-radius (2.1.9+dfsg-1ubuntu1)
- sudo apt-get install libfreeradius-dev libfreeradius2
- libconfuse (2.7-1)
sudo apt-get install libconfuse-dev libconfuse0
- libevent from source (release-2.0.10-stable)
# library interface is _changed_.
-SUBDIRS = . examples include
+SUBDIRS = radius . include examples
INCLUDES = -I$(srcdir)/include
AM_CFLAGS = -Wall -g
lib_LTLIBRARIES = libradsec.la
libradsec_la_SOURCES = \
+ avp.c \
compat.c \
conf.c \
conn.c \
rsp_tlscommon.c
endif
+libradsec_la_LIBADD = radius/libradsec-radius.la
libradsec_la_LDFLAGS = -version-info 0:0:0 -export-symbols radsec.sym
-libradsec_la_CFLAGS = $(AM_CFLAGS) -DDEBUG -DDEBUG_LEVENT
+libradsec_la_CFLAGS = $(AM_CFLAGS) -DHAVE_CONFIG_H -Werror # -DDEBUG -DDEBUG_LEVENT
#include <config.h>
#endif
-#include <freeradius/libradius.h>
+#include <radius/client.h>
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
--- /dev/null
+/* Copyright 2011 JANET(UK). All rights reserved.
+ See the file COPYING for licensing information. */
+
+#if defined HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+#include <assert.h>
+
+#include <radsec/radsec.h>
+#include <radius/client.h>
+
+#define RS_ERR(err) ((err) < 0 ? -err : RSE_OK)
+
+void
+rs_avp_free (rs_avp **vps)
+{
+ nr_vp_free (vps);
+}
+
+size_t
+rs_avp_length (rs_const_avp *vp)
+{
+ if (vp == NULL)
+ return 0;
+
+ return vp->length;
+}
+
+rs_attr_type_t
+rs_avp_typeof (rs_const_avp *vp)
+{
+ if (vp == NULL)
+ return RS_TYPE_INVALID;
+
+ return vp->da->type;
+}
+
+void
+rs_avp_attrid (rs_const_avp *vp,
+ unsigned int *attr,
+ unsigned int *vendor)
+{
+ assert (vp != NULL);
+
+ *attr = vp->da->attr;
+ *vendor = vp->da->vendor;
+}
+
+const char *
+rs_avp_name (rs_const_avp *vp)
+{
+ return (vp != NULL) ? vp->da->name : NULL;
+}
+
+void
+rs_avp_append (rs_avp **head, rs_avp *tail)
+{
+ nr_vps_append (head, tail);
+}
+
+rs_avp *
+rs_avp_find (rs_avp *vp, unsigned int attr, unsigned int vendor)
+{
+ if (vp == NULL)
+ return NULL;
+
+ return nr_vps_find (vp, attr, vendor);
+}
+
+rs_const_avp *
+rs_avp_find_const (rs_const_avp *vp,
+ unsigned int attr, unsigned int vendor)
+{
+ if (vp == NULL)
+ return NULL;
+
+ return nr_vps_find ((rs_avp *)vp, attr, vendor);
+}
+
+rs_avp *
+rs_avp_alloc (unsigned int attr, unsigned int vendor)
+{
+ const DICT_ATTR *da;
+ VALUE_PAIR *vp;
+
+ da = nr_dict_attr_byvalue (attr, vendor);
+ if (da == NULL) {
+ vp = nr_vp_alloc_raw (attr, vendor);
+ } else {
+ vp = nr_vp_alloc (da);
+ }
+
+ if (vp == NULL)
+ return NULL;
+
+ return vp;
+}
+
+rs_avp *
+rs_avp_dup (rs_const_avp *vp)
+{
+ rs_avp *vp2;
+
+ if (vp->da->flags.unknown)
+ vp2 = nr_vp_alloc_raw (vp->da->attr, vp->da->vendor);
+ else
+ vp2 = nr_vp_alloc (vp->da);
+ if (vp2 == NULL)
+ return NULL;
+
+ vp2->length = vp->length;
+ vp2->tag = vp->tag;
+ vp2->next = NULL;
+
+#ifdef RS_TYPE_TLV
+ if (rs_avp_is_tlv (vp)) {
+ vp2->vp_tlv = malloc (vp->length);
+ if (vp2->vp_tlv == NULL) {
+ rs_avp_free (vp2);
+ return NULL;
+ }
+ memcpy (vp2->vp_tlv, vp->vp_tlv, vp->length);
+ return vp2;
+ }
+#endif
+
+ memcpy (vp2->vp_strvalue, vp->vp_strvalue, vp->length);
+ if (rs_avp_is_string (vp))
+ vp2->vp_strvalue[vp->length] = '\0';
+
+ return vp2;
+}
+
+rs_avp *
+rs_avp_next (rs_avp *vp)
+{
+ return (vp != NULL) ? vp->next : NULL;
+}
+
+rs_const_avp *
+rs_avp_next_const (rs_const_avp *vp)
+{
+ return (vp != NULL) ? vp->next : NULL;
+}
+
+int
+rs_avp_delete (rs_avp **first,
+ unsigned int attr, unsigned int vendor)
+{
+ int found = 0;
+ rs_avp **p;
+
+ for (p = first; *p != NULL; p++) {
+ if ((*p)->da->attr == attr &&
+ (*p)->da->vendor == vendor) {
+ rs_avp *next = (*p)->next;
+
+ (*p)->next = NULL;
+ rs_avp_free (p);
+
+ *p = next;
+ found++;
+ }
+ }
+
+ return found ? RSE_OK : RSE_ATTR_UNKNOWN;
+}
+
+const char *
+rs_avp_string_value (rs_const_avp *vp)
+{
+ if (!rs_avp_is_string (vp))
+ return NULL;
+
+ return vp->vp_strvalue;
+}
+
+int
+rs_avp_string_set (rs_avp *vp, const char *str)
+{
+ int err;
+
+ if (vp == NULL)
+ return RSE_INVAL;
+ if (!rs_avp_is_string (vp))
+ return RSE_ATTR_INVALID;
+
+ err = nr_vp_set_data (vp, str, strlen (str));
+ return RS_ERR(err);
+}
+
+uint32_t
+rs_avp_integer_value (rs_const_avp *vp)
+{
+ if (!rs_avp_is_integer (vp))
+ return 0;
+ return vp->vp_integer;
+}
+
+int
+rs_avp_integer_set (rs_avp *vp, uint32_t val)
+{
+ int err;
+
+ if (vp == NULL)
+ return RSE_INVAL;
+ if (!rs_avp_is_integer (vp))
+ return RSE_ATTR_INVALID;
+
+ err = nr_vp_set_data (vp, &val, sizeof (val));
+ return RS_ERR(err);
+}
+
+uint32_t
+rs_avp_ipaddr_value (rs_const_avp *vp)
+{
+ if (!rs_avp_is_ipaddr (vp))
+ return 0;
+ return vp->vp_ipaddr;
+}
+
+int
+rs_avp_ipaddr_set (rs_avp *vp, struct in_addr in)
+{
+ int err;
+
+ if (vp == NULL)
+ return RSE_INVAL;
+ if (!rs_avp_is_ipaddr (vp))
+ return RSE_ATTR_INVALID;
+
+ err = nr_vp_set_data (vp, &in, sizeof (in));
+ return RS_ERR(err);
+}
+
+time_t
+rs_avp_date_value (rs_const_avp *vp)
+{
+ if (!rs_avp_is_date (vp))
+ return 0;
+ return vp->vp_date;
+}
+
+int
+rs_avp_date_set (rs_avp *vp, time_t date)
+{
+ uint32_t date32;
+ int err;
+
+ if (vp == NULL)
+ return RSE_INVAL;
+ if (!rs_avp_is_date (vp))
+ return RSE_ATTR_INVALID;
+ if (date > 0xFFFFFFFF)
+ return RSE_ATTR_INVALID;
+
+ date32 = (uint32_t)date;
+ err = nr_vp_set_data (vp, &date32, sizeof (date32));
+
+ return RS_ERR(err);
+}
+
+const unsigned char *
+rs_avp_octets_value_const_ptr (rs_const_avp *vp)
+{
+ return rs_avp_octets_value_ptr ((rs_avp *)vp);
+}
+
+unsigned char *
+rs_avp_octets_value_ptr (rs_avp *vp)
+{
+ if (vp == NULL)
+ return NULL;
+
+#ifdef RS_TYPE_TLV
+ if (rs_avp_is_tlv (vp))
+ return vp->vp_tlv;
+#endif
+
+ return vp->vp_octets;
+}
+
+int
+rs_avp_octets_value_byref (rs_avp *vp,
+ unsigned char **p,
+ size_t *len)
+{
+ if (vp == NULL)
+ return RSE_INVAL;
+
+ *len = vp->length;
+ *p = (unsigned char *)rs_avp_octets_value_ptr (vp);
+
+ return RSE_OK;
+}
+
+int
+rs_avp_octets_value (rs_const_avp *vp,
+ unsigned char *buf,
+ size_t *len)
+{
+ if (vp == NULL)
+ return RSE_INVAL;
+
+ if (vp->length > *len) {
+ *len = vp->length;
+ return RSE_ATTR_TOO_SMALL;
+ }
+
+ *len = vp->length;
+
+#ifdef RS_TYPE_TLV
+ if (rs_avp_is_tlv (vp))
+ memcpy (buf, vp->vp_tlv, vp->length);
+ else
+#endif
+ memcpy (buf, vp->vp_octets, vp->length);
+
+ return RSE_OK;
+}
+
+int
+rs_avp_fragmented_value (rs_const_avp *vps,
+ unsigned char *buf,
+ size_t *len)
+{
+ size_t total_len = 0;
+ unsigned char *p;
+ rs_const_avp *vp;
+
+ if (vps == NULL)
+ return RSE_INVAL;
+
+ if (!rs_avp_is_octets (vps) &&
+ !rs_avp_is_string (vps))
+ return RSE_ATTR_INVALID;
+
+ for (vp = vps;
+ vp != NULL;
+ vp = rs_avp_find_const (vp->next, vp->da->attr, vp->da->vendor))
+ total_len += vp->length;
+
+ if (*len < total_len) {
+ *len = total_len;
+ return RSE_ATTR_TOO_SMALL;
+ }
+
+ for (vp = vps, p = buf;
+ vp != NULL;
+ vp = rs_avp_find_const (vp->next, vp->da->attr, vp->da->vendor)) {
+ memcpy (p, vp->vp_octets, vp->length);
+ p += vp->length;
+ }
+
+ *len = total_len;
+
+ return RSE_OK;
+}
+
+int
+rs_avp_octets_set (rs_avp *vp,
+ const unsigned char *buf,
+ size_t len)
+{
+ int err;
+
+ if (!rs_avp_is_octets (vp))
+ return RSE_ATTR_INVALID;
+
+ err = nr_vp_set_data (vp, buf, len);
+
+ return RS_ERR(err);
+}
+
+int
+rs_avp_ifid_value (rs_const_avp *vp, uint8_t val[8])
+{
+ if (!rs_avp_is_ifid (vp))
+ return RSE_ATTR_INVALID;
+
+ memcpy (val, vp->vp_ifid, 8);
+
+ return RSE_OK;
+}
+
+int
+rs_avp_ifid_set (rs_avp *vp, const uint8_t val[8])
+{
+ int err;
+
+ if (!rs_avp_is_ifid (vp))
+ return RSE_ATTR_INVALID;
+
+ err = nr_vp_set_data (vp, val, 8);
+ return RS_ERR(err);
+}
+
+uint8_t
+rs_avp_byte_value (rs_const_avp *vp)
+{
+ if (!rs_avp_is_byte (vp))
+ return 0;
+ return vp->vp_integer;
+}
+
+int
+rs_avp_byte_set (rs_avp *vp, uint8_t val)
+{
+ int err;
+
+ if (!rs_avp_is_byte (vp))
+ return RSE_ATTR_INVALID;
+
+ err = nr_vp_set_data (vp, &val, sizeof (val));
+ return RS_ERR(err);
+}
+
+uint16_t
+rs_avp_short_value (rs_const_avp *vp)
+{
+ if (!rs_avp_is_short (vp))
+ return 0;
+ return vp->vp_integer;
+}
+
+int
+rs_avp_short_set (rs_avp *vp, uint16_t val)
+{
+ int err;
+
+ if (!rs_avp_is_short (vp))
+ return RSE_ATTR_INVALID;
+
+ err = nr_vp_set_data (vp, &val, sizeof (val));
+ return RS_ERR(err);
+}
+
+int
+rs_attr_find (const char *name,
+ unsigned int *attr,
+ unsigned int *vendor)
+{
+ const DICT_ATTR *da;
+
+ da = nr_dict_attr_byname (name);
+ if (da == NULL)
+ return RSE_ATTR_UNKNOWN;
+
+ *attr = da->attr;
+ *vendor = da->vendor;
+
+ return RSE_OK;
+}
+
+int
+rs_attr_display_name (unsigned int attr,
+ unsigned int vendor,
+ char *buffer,
+ size_t bufsize,
+ int canonical)
+{
+ const DICT_ATTR *da = NULL;
+ DICT_ATTR da2;
+ int err;
+
+ if (!canonical) {
+ da = nr_dict_attr_byvalue (attr, vendor);
+ }
+ if (da == NULL) {
+ err = nr_dict_attr_2struct(&da2, attr, vendor,
+ buffer, bufsize);
+ if (err < 0)
+ return -err;
+ } else {
+ snprintf(buffer, bufsize, "%s", da->name);
+ }
+
+ return RSE_OK;
+}
+
+int
+rs_attr_parse_name (const char *name,
+ unsigned int *attr,
+ unsigned int *vendor)
+{
+ const DICT_ATTR *da;
+
+ if (strncmp(name, "Attr-", 5) == 0) {
+ char *s = (char *)&name[5];
+ unsigned int tmp;
+
+ tmp = strtoul(s, &s, 10);
+ if (*s == '.') {
+ s++;
+
+ switch (tmp) {
+ case PW_VENDOR_SPECIFIC:
+ *vendor = strtoul(s, &s, 10);
+ if (*s != '.')
+ return RSE_ATTR_BAD_NAME;
+
+ s++;
+
+ *attr = strtoul(s, &s, 10);
+ if (*s != '\0')
+ return RSE_ATTR_BAD_NAME;
+
+ break;
+ default:
+ return RSE_ATTR_BAD_NAME;
+ }
+ } else {
+ *attr = tmp;
+ *vendor = 0;
+ }
+ } else {
+ da = nr_dict_attr_byname (name);
+ if (da == NULL)
+ return RSE_ATTR_UNKNOWN;
+
+ *attr = da->attr;
+ *vendor = da->vendor;
+ }
+
+ return RSE_OK;
+}
+
+size_t
+rs_avp_display_value (rs_const_avp *vp,
+ char *buffer,
+ size_t buflen)
+{
+ return nr_vp_snprintf_value (buffer, buflen, vp);
+}
+
#! /bin/sh
# Attempt to guess a canonical system name.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
+# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009
# Free Software Foundation, Inc.
-timestamp='2009-12-30'
+timestamp='2009-11-20'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
GNU config.guess ($timestamp)
Originally written by Per Bothner.
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
-Software Foundation, Inc.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
+2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
#! /bin/sh
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
-# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
+# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009
# Free Software Foundation, Inc.
-timestamp='2010-01-22'
+timestamp='2009-11-20'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
version="\
GNU config.sub ($timestamp)
-Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
-Software Foundation, Inc.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
+2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
| sparclite-* \
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
| tahoe-* | thumb-* \
- | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
- | tile-* | tilegx-* \
+ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \
| tron-* \
| ubicom32-* \
| v850-* | v850e-* | vax-* \
basic_machine=tic6x-unknown
os=-coff
;;
- # This must be matched before tile*.
- tilegx*)
- basic_machine=tilegx-unknown
- os=-linux-gnu
- ;;
tile*)
basic_machine=tile-unknown
os=-linux-gnu
-dicos*)
os=-dicos
;;
- -nacl*)
- ;;
-none)
;;
*)
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301, USA.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# Generated from ltmain.m4sh.
-# ltmain.sh (GNU libtool) 2.2.6b
+# libtool (GNU libtool) 2.2.10
# Written by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
-# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, 2007 2008 Free Software Foundation, Inc.
+# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006,
+# 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
# This is free software; see the source for copying conditions. There is NO
# warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# Provide generalized library-building support services.
#
-# --config show all configuration variables
-# --debug enable verbose shell tracing
-# -n, --dry-run display commands without modifying any files
-# --features display basic configuration information and exit
-# --mode=MODE use operation mode MODE
-# --preserve-dup-deps don't remove duplicate dependency libraries
-# --quiet, --silent don't print informational messages
-# --tag=TAG use configuration variables from tag TAG
-# -v, --verbose print informational messages (default)
-# --version print version information
-# -h, --help print short or long help message
+# --config show all configuration variables
+# --debug enable verbose shell tracing
+# -n, --dry-run display commands without modifying any files
+# --features display basic configuration information and exit
+# --mode=MODE use operation mode MODE
+# --preserve-dup-deps don't remove duplicate dependency libraries
+# --quiet, --silent don't print informational messages
+# --no-quiet, --no-silent
+# print informational messages (default)
+# --tag=TAG use configuration variables from tag TAG
+# -v, --verbose print more informational messages than default
+# --no-verbose don't print the extra informational messages
+# --version print version information
+# -h, --help, --help-all print short, long, or detailed help message
#
# MODE must be one of the following:
#
-# clean remove files from the build directory
-# compile compile a source file into a libtool object
-# execute automatically set library path, then run a program
-# finish complete the installation of libtool libraries
-# install install libraries or executables
-# link create a library or an executable
-# uninstall remove libraries from an installed directory
+# clean remove files from the build directory
+# compile compile a source file into a libtool object
+# execute automatically set library path, then run a program
+# finish complete the installation of libtool libraries
+# install install libraries or executables
+# link create a library or an executable
+# uninstall remove libraries from an installed directory
#
-# MODE-ARGS vary depending on the MODE.
+# MODE-ARGS vary depending on the MODE. When passed as first option,
+# `--mode=MODE' may be abbreviated as `MODE' or a unique abbreviation of that.
# Try `$progname --help --mode=MODE' for a more detailed description of MODE.
#
# When reporting a bug, please describe a test case to reproduce it and
# include the following information:
#
-# host-triplet: $host
-# shell: $SHELL
-# compiler: $LTCC
-# compiler flags: $LTCFLAGS
-# linker: $LD (gnu? $with_gnu_ld)
-# $progname: (GNU libtool) 2.2.6b Debian-2.2.6b-2ubuntu1
-# automake: $automake_version
-# autoconf: $autoconf_version
+# host-triplet: $host
+# shell: $SHELL
+# compiler: $LTCC
+# compiler flags: $LTCFLAGS
+# linker: $LD (gnu? $with_gnu_ld)
+# $progname: (GNU libtool) 2.2.10
+# automake: $automake_version
+# autoconf: $autoconf_version
#
# Report bugs to <bug-libtool@gnu.org>.
-PROGRAM=ltmain.sh
+PROGRAM=libtool
PACKAGE=libtool
-VERSION="2.2.6b Debian-2.2.6b-2ubuntu1"
+VERSION=2.2.10
TIMESTAMP=""
-package_revision=1.3017
+package_revision=1.3175
# Be Bourne compatible
if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then
BIN_SH=xpg4; export BIN_SH # for Tru64
DUALCASE=1; export DUALCASE # for MKS sh
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+ eval 'cat <<_LTECHO_EOF
+$1
+_LTECHO_EOF'
+}
+
# NLS nuisances: We save the old values to restore during execute mode.
-# Only set LANG and LC_ALL to C if already set.
-# These must not be set unconditionally because not all systems understand
-# e.g. LANG=C (notably SCO).
lt_user_locale=
lt_safe_locale=
for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES
lt_safe_locale=\"$lt_var=C; \$lt_safe_locale\"
fi"
done
+LC_ALL=C
+LANGUAGE=C
+export LANGUAGE LC_ALL
$lt_unset CDPATH
+# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh
+# is ksh but when the shell is invoked as "sh" and the current value of
+# the _XPG environment variable is not equal to 1 (one), the special
+# positional parameter $0, within a function call, is the name of the
+# function.
+progpath="$0"
: ${CP="cp -f"}
-: ${ECHO="echo"}
-: ${EGREP="/bin/grep -E"}
-: ${FGREP="/bin/grep -F"}
-: ${GREP="/bin/grep"}
+test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'}
+: ${EGREP="grep -E"}
+: ${FGREP="grep -F"}
+: ${GREP="grep"}
: ${LN_S="ln -s"}
: ${MAKE="make"}
: ${MKDIR="mkdir"}
: ${MV="mv -f"}
: ${RM="rm -f"}
-: ${SED="/bin/sed"}
+: ${SED="sed"}
: ${SHELL="${CONFIG_SHELL-/bin/sh}"}
: ${Xsed="$SED -e 1s/^X//"}
func_dirname_and_basename ()
{
# Extract subdirectory from the argument.
- func_dirname_result=`$ECHO "X${1}" | $Xsed -e "$dirname"`
+ func_dirname_result=`$ECHO "${1}" | $SED -e "$dirname"`
if test "X$func_dirname_result" = "X${1}"; then
func_dirname_result="${3}"
else
func_dirname_result="$func_dirname_result${2}"
fi
- func_basename_result=`$ECHO "X${1}" | $Xsed -e "$basename"`
+ func_basename_result=`$ECHO "${1}" | $SED -e "$basename"`
}
# Generated shell functions inserted here.
-# Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh
-# is ksh but when the shell is invoked as "sh" and the current value of
-# the _XPG environment variable is not equal to 1 (one), the special
-# positional parameter $0, within a function call, is the name of the
-# function.
-progpath="$0"
+# These SED scripts presuppose an absolute path with a trailing slash.
+pathcar='s,^/\([^/]*\).*$,\1,'
+pathcdr='s,^/[^/]*,,'
+removedotparts=':dotsl
+ s@/\./@/@g
+ t dotsl
+ s,/\.$,/,'
+collapseslashes='s@/\{1,\}@/@g'
+finalslash='s,/*$,/,'
+
+# func_normal_abspath PATH
+# Remove doubled-up and trailing slashes, "." path components,
+# and cancel out any ".." path components in PATH after making
+# it an absolute path.
+# value returned in "$func_normal_abspath_result"
+func_normal_abspath ()
+{
+ # Start from root dir and reassemble the path.
+ func_normal_abspath_result=
+ func_normal_abspath_tpath=$1
+ func_normal_abspath_altnamespace=
+ case $func_normal_abspath_tpath in
+ "")
+ # Empty path, that just means $cwd.
+ func_stripname '' '/' "`pwd`"
+ func_normal_abspath_result=$func_stripname_result
+ return
+ ;;
+ # The next three entries are used to spot a run of precisely
+ # two leading slashes without using negated character classes;
+ # we take advantage of case's first-match behaviour.
+ ///*)
+ # Unusual form of absolute path, do nothing.
+ ;;
+ //*)
+ # Not necessarily an ordinary path; POSIX reserves leading '//'
+ # and for example Cygwin uses it to access remote file shares
+ # over CIFS/SMB, so we conserve a leading double slash if found.
+ func_normal_abspath_altnamespace=/
+ ;;
+ /*)
+ # Absolute path, do nothing.
+ ;;
+ *)
+ # Relative path, prepend $cwd.
+ func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath
+ ;;
+ esac
+ # Cancel out all the simple stuff to save iterations. We also want
+ # the path to end with a slash for ease of parsing, so make sure
+ # there is one (and only one) here.
+ func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \
+ -e "$removedotparts" -e "$collapseslashes" -e "$finalslash"`
+ while :; do
+ # Processed it all yet?
+ if test "$func_normal_abspath_tpath" = / ; then
+ # If we ascended to the root using ".." the result may be empty now.
+ if test -z "$func_normal_abspath_result" ; then
+ func_normal_abspath_result=/
+ fi
+ break
+ fi
+ func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \
+ -e "$pathcar"`
+ func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \
+ -e "$pathcdr"`
+ # Figure out what to do with it
+ case $func_normal_abspath_tcomponent in
+ "")
+ # Trailing empty path component, ignore it.
+ ;;
+ ..)
+ # Parent dir; strip last assembled component from result.
+ func_dirname "$func_normal_abspath_result"
+ func_normal_abspath_result=$func_dirname_result
+ ;;
+ *)
+ # Actual path component, append it.
+ func_normal_abspath_result=$func_normal_abspath_result/$func_normal_abspath_tcomponent
+ ;;
+ esac
+ done
+ # Restore leading double-slash if one was found on entry.
+ func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result
+}
+
+# func_relative_path SRCDIR DSTDIR
+# generates a relative path from SRCDIR to DSTDIR, with a trailing
+# slash if non-empty, suitable for immediately appending a filename
+# without needing to append a separator.
+# value returned in "$func_relative_path_result"
+func_relative_path ()
+{
+ func_relative_path_result=
+ func_normal_abspath "$1"
+ func_relative_path_tlibdir=$func_normal_abspath_result
+ func_normal_abspath "$2"
+ func_relative_path_tbindir=$func_normal_abspath_result
+
+ # Ascend the tree starting from libdir
+ while :; do
+ # check if we have found a prefix of bindir
+ case $func_relative_path_tbindir in
+ $func_relative_path_tlibdir)
+ # found an exact match
+ func_relative_path_tcancelled=
+ break
+ ;;
+ $func_relative_path_tlibdir*)
+ # found a matching prefix
+ func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir"
+ func_relative_path_tcancelled=$func_stripname_result
+ if test -z "$func_relative_path_result"; then
+ func_relative_path_result=.
+ fi
+ break
+ ;;
+ *)
+ func_dirname $func_relative_path_tlibdir
+ func_relative_path_tlibdir=${func_dirname_result}
+ if test "x$func_relative_path_tlibdir" = x ; then
+ # Have to descend all the way to the root!
+ func_relative_path_result=../$func_relative_path_result
+ func_relative_path_tcancelled=$func_relative_path_tbindir
+ break
+ fi
+ func_relative_path_result=../$func_relative_path_result
+ ;;
+ esac
+ done
+
+ # Now calculate path; take care to avoid doubling-up slashes.
+ func_stripname '' '/' "$func_relative_path_result"
+ func_relative_path_result=$func_stripname_result
+ func_stripname '/' '/' "$func_relative_path_tcancelled"
+ if test "x$func_stripname_result" != x ; then
+ func_relative_path_result=${func_relative_path_result}/${func_stripname_result}
+ fi
+
+ # Normalisation. If bindir is libdir, return empty string,
+ # else relative path ending with a slash; either way, target
+ # file name can be directly appended.
+ if test ! -z "$func_relative_path_result"; then
+ func_stripname './' '' "$func_relative_path_result/"
+ func_relative_path_result=$func_stripname_result
+ fi
+}
# The name of this program:
-# In the unlikely event $progname began with a '-', it would play havoc with
-# func_echo (imagine progname=-n), so we prepend ./ in that case:
func_dirname_and_basename "$progpath"
progname=$func_basename_result
-case $progname in
- -*) progname=./$progname ;;
-esac
# Make sure we have an absolute path for reexecution:
case $progpath in
:
}
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+ $ECHO "$*"
+}
+
# func_error arg...
# Echo program name prefixed message to standard error.
func_error ()
case $my_directory_path in */*) ;; *) break ;; esac
# ...otherwise throw away the child directory and loop
- my_directory_path=`$ECHO "X$my_directory_path" | $Xsed -e "$dirname"`
+ my_directory_path=`$ECHO "$my_directory_path" | $SED -e "$dirname"`
done
- my_dir_list=`$ECHO "X$my_dir_list" | $Xsed -e 's,:*$,,'`
+ my_dir_list=`$ECHO "$my_dir_list" | $SED 's,:*$,,'`
save_mkdir_p_IFS="$IFS"; IFS=':'
for my_dir in $my_dir_list; do
func_fatal_error "cannot create temporary directory \`$my_tmpdir'"
fi
- $ECHO "X$my_tmpdir" | $Xsed
+ $ECHO "$my_tmpdir"
}
{
case $1 in
*[\\\`\"\$]*)
- func_quote_for_eval_unquoted_result=`$ECHO "X$1" | $Xsed -e "$sed_quote_subst"` ;;
+ func_quote_for_eval_unquoted_result=`$ECHO "$1" | $SED "$sed_quote_subst"` ;;
*)
func_quote_for_eval_unquoted_result="$1" ;;
esac
{
case $1 in
*[\\\`\"]*)
- my_arg=`$ECHO "X$1" | $Xsed \
+ my_arg=`$ECHO "$1" | $SED \
-e "$double_quote_subst" -e "$sed_double_backslash"` ;;
*)
my_arg="$1" ;;
}
-
-
-
# func_version
# Echo version message to standard output and exit.
func_version ()
{
- $SED -n '/^# '$PROGRAM' (GNU /,/# warranty; / {
+ $SED -n '/(C)/!b go
+ :more
+ /\./!{
+ N
+ s/\n# / /
+ b more
+ }
+ :go
+ /^# '$PROGRAM' (GNU /,/# warranty; / {
s/^# //
s/^# *$//
s/\((C)\)[ 0-9,-]*\( [1-9][0-9]*\)/\1\2/
# Echo short help message to standard output and exit.
func_usage ()
{
- $SED -n '/^# Usage:/,/# -h/ {
+ $SED -n '/^# Usage:/,/^# *.*--help/ {
s/^# //
s/^# *$//
s/\$progname/'$progname'/
p
}' < "$progpath"
- $ECHO
+ echo
$ECHO "run \`$progname --help | more' for full usage"
exit $?
}
-# func_help
-# Echo long help message to standard output and exit.
+# func_help [NOEXIT]
+# Echo long help message to standard output and exit,
+# unless 'noexit' is passed as argument.
func_help ()
{
$SED -n '/^# Usage:/,/# Report bugs to/ {
s/\$autoconf_version/'"`(autoconf --version) 2>/dev/null |$SED 1q`"'/
p
}' < "$progpath"
- exit $?
+ ret=$?
+ if test -z "$1"; then
+ exit $ret
+ fi
}
# func_missing_arg argname
# exit_cmd.
func_missing_arg ()
{
- func_error "missing argument for $1"
+ func_error "missing argument for $1."
exit_cmd=exit
}
-# Check that we have a working $ECHO.
-if test "X$1" = X--no-reexec; then
- # Discard the --no-reexec flag, and continue.
- shift
-elif test "X$1" = X--fallback-echo; then
- # Avoid inline document here, it may be left over
- :
-elif test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t'; then
- # Yippee, $ECHO works!
- :
-else
- # Restart under the correct shell, and then maybe $ECHO will work.
- exec $SHELL "$progpath" --no-reexec ${1+"$@"}
-fi
-
-if test "X$1" = X--fallback-echo; then
- # used as fallback echo
- shift
- cat <<EOF
-$*
-EOF
- exit $EXIT_SUCCESS
-fi
magic="%%%MAGIC variable%%%"
magic_exe="%%%MAGIC EXE variable%%%"
# Display the features supported by this script.
func_features ()
{
- $ECHO "host: $host"
+ echo "host: $host"
if test "$build_libtool_libs" = yes; then
- $ECHO "enable shared libraries"
+ echo "enable shared libraries"
else
- $ECHO "disable shared libraries"
+ echo "disable shared libraries"
fi
if test "$build_old_libs" = yes; then
- $ECHO "enable static libraries"
+ echo "enable static libraries"
else
- $ECHO "disable static libraries"
+ echo "disable static libraries"
fi
exit $?
--quiet|--silent) preserve_args="$preserve_args $opt"
opt_silent=:
+ opt_verbose=false
+ ;;
+
+ --no-quiet|--no-silent)
+ preserve_args="$preserve_args $opt"
+ opt_silent=false
;;
--verbose| -v) preserve_args="$preserve_args $opt"
opt_silent=false
+ opt_verbose=:
+ ;;
+
+ --no-verbose) preserve_args="$preserve_args $opt"
+ opt_verbose=false
;;
--tag) test "$#" -eq 0 && func_missing_arg "$opt" && break
-\?|-h) func_usage ;;
--help) opt_help=: ;;
+ --help-all) opt_help=': help-all' ;;
--version) func_version ;;
-*) func_fatal_help "unrecognized option \`$opt'" ;;
func_quote_for_eval "$arg"
CC_quoted="$CC_quoted $func_quote_for_eval_result"
done
+ CC_expanded=`func_echo_all $CC`
+ CC_quoted_expanded=`func_echo_all $CC_quoted`
case $@ in
# Blanks in the command may have been stripped by the calling shell,
# but not from the CC environment variable when configure was run.
- " $CC "* | "$CC "* | " `$ECHO $CC` "* | "`$ECHO $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$ECHO $CC_quoted` "* | "`$ECHO $CC_quoted` "*) ;;
+ " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \
+ " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) ;;
# Blanks at the start of $base_compile will cause this to fail
# if we don't check for them as well.
*)
func_quote_for_eval "$arg"
CC_quoted="$CC_quoted $func_quote_for_eval_result"
done
+ CC_expanded=`func_echo_all $CC`
+ CC_quoted_expanded=`func_echo_all $CC_quoted`
case "$@ " in
- " $CC "* | "$CC "* | " `$ECHO $CC` "* | "`$ECHO $CC` "* | " $CC_quoted"* | "$CC_quoted "* | " `$ECHO $CC_quoted` "* | "`$ECHO $CC_quoted` "*)
+ " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \
+ " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*)
# The compiler in the base compile command matches
# the one in the tagged configuration.
# Assume this is the tagged configuration we want.
*.[cCFSifmso] | \
*.ada | *.adb | *.ads | *.asm | \
*.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \
- *.[fF][09]? | *.for | *.java | *.obj | *.sx)
+ *.[fF][09]? | *.for | *.java | *.obj | *.sx | *.cu | *.cup)
func_xform "$libobj"
libobj=$func_xform_result
;;
# Calculate the filename of the output object if compiler does
# not support -o with -c
if test "$compiler_c_o" = no; then
- output_obj=`$ECHO "X$srcfile" | $Xsed -e 's%^.*/%%' -e 's%\.[^.]*$%%'`.${objext}
+ output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.${objext}
lockfile="$output_obj.lock"
else
output_obj=
}
$opt_help || {
-test "$mode" = compile && func_mode_compile ${1+"$@"}
+ test "$mode" = compile && func_mode_compile ${1+"$@"}
}
func_mode_help ()
-o OUTPUT-FILE set the output file name to OUTPUT-FILE
-no-suppress do not suppress compiler output for multiple passes
- -prefer-pic try to building PIC objects only
- -prefer-non-pic try to building non-PIC objects only
+ -prefer-pic try to build PIC objects only
+ -prefer-non-pic try to build non-PIC objects only
-shared do not build a \`.o' file suitable for static linking
-static only build a \`.o' file suitable for static linking
+ -Wc,FLAG pass FLAG directly to the compiler
COMPILE-COMMAND is a command to be used in creating a \`standard' object file
from the given SOURCEFILE.
The following components of INSTALL-COMMAND are treated specially:
- -inst-prefix PREFIX-DIR Use PREFIX-DIR as a staging area for installation
+ -inst-prefix-dir PREFIX-DIR Use PREFIX-DIR as a staging area for installation
The rest of the components are interpreted as arguments to that command (only
BSD-compatible install options are recognized)."
-all-static do not do any dynamic linking at all
-avoid-version do not add a version suffix if possible
+ -bindir BINDIR specify path to binaries directory (for systems where
+ libraries must be found in the PATH setting at runtime)
-dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime
-dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols
-export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3)
-version-info CURRENT[:REVISION[:AGE]]
specify library version info [each variable defaults to 0]
-weak LIBNAME declare that the target provides the LIBNAME interface
+ -Wc,FLAG
+ -Xcompiler FLAG pass linker-specific FLAG directly to the compiler
+ -Wl,FLAG
+ -Xlinker FLAG pass linker-specific FLAG directly to the linker
+ -XCClinker FLAG pass link-specific FLAG to the compiler driver (CC)
All other options (arguments beginning with \`-') are ignored.
;;
esac
- $ECHO
+ echo
$ECHO "Try \`$progname --help' for more information about other modes."
-
- exit $?
}
- # Now that we've collected a possible --mode arg, show help if necessary
- $opt_help && func_mode_help
+# Now that we've collected a possible --mode arg, show help if necessary
+if $opt_help; then
+ if test "$opt_help" = :; then
+ func_mode_help
+ else
+ {
+ func_help noexit
+ for mode in compile link execute install finish uninstall clean; do
+ func_mode_help
+ done
+ } | sed -n '1p; 2,$s/^Usage:/ or: /p'
+ {
+ func_help noexit
+ for mode in compile link execute install finish uninstall clean; do
+ echo
+ func_mode_help
+ done
+ } |
+ sed '1d
+ /^When reporting/,/^Report/{
+ H
+ d
+ }
+ $x
+ /information about other modes/d
+ /more detailed .*MODE/d
+ s/^Usage:.*--mode=\([^ ]*\) .*/Description of \1 mode:/'
+ fi
+ exit $?
+fi
# func_mode_execute arg...
for file
do
case $file in
- -*) ;;
+ -* | *.la | *.lo ) ;;
*)
# Do a test to see if this is really a libtool program.
if func_ltwrapper_script_p "$file"; then
# Display what would be done.
if test -n "$shlibpath_var"; then
eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\""
- $ECHO "export $shlibpath_var"
+ echo "export $shlibpath_var"
fi
$ECHO "$cmd$args"
exit $EXIT_SUCCESS
# Exit here if they wanted silent mode.
$opt_silent && exit $EXIT_SUCCESS
- $ECHO "X----------------------------------------------------------------------" | $Xsed
- $ECHO "Libraries have been installed in:"
+ echo "----------------------------------------------------------------------"
+ echo "Libraries have been installed in:"
for libdir in $libdirs; do
$ECHO " $libdir"
done
- $ECHO
- $ECHO "If you ever happen to want to link against installed libraries"
- $ECHO "in a given directory, LIBDIR, you must either use libtool, and"
- $ECHO "specify the full pathname of the library, or use the \`-LLIBDIR'"
- $ECHO "flag during linking and do at least one of the following:"
+ echo
+ echo "If you ever happen to want to link against installed libraries"
+ echo "in a given directory, LIBDIR, you must either use libtool, and"
+ echo "specify the full pathname of the library, or use the \`-LLIBDIR'"
+ echo "flag during linking and do at least one of the following:"
if test -n "$shlibpath_var"; then
- $ECHO " - add LIBDIR to the \`$shlibpath_var' environment variable"
- $ECHO " during execution"
+ echo " - add LIBDIR to the \`$shlibpath_var' environment variable"
+ echo " during execution"
fi
if test -n "$runpath_var"; then
- $ECHO " - add LIBDIR to the \`$runpath_var' environment variable"
- $ECHO " during linking"
+ echo " - add LIBDIR to the \`$runpath_var' environment variable"
+ echo " during linking"
fi
if test -n "$hardcode_libdir_flag_spec"; then
libdir=LIBDIR
$ECHO " - have your system administrator run these commands:$admincmds"
fi
if test -f /etc/ld.so.conf; then
- $ECHO " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'"
+ echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'"
fi
- $ECHO
+ echo
- $ECHO "See any operating system documentation about shared libraries for"
+ echo "See any operating system documentation about shared libraries for"
case $host in
solaris2.[6789]|solaris2.1[0-9])
- $ECHO "more information, such as the ld(1), crle(1) and ld.so(8) manual"
- $ECHO "pages."
+ echo "more information, such as the ld(1), crle(1) and ld.so(8) manual"
+ echo "pages."
;;
*)
- $ECHO "more information, such as the ld(1) and ld.so(8) manual pages."
+ echo "more information, such as the ld(1) and ld.so(8) manual pages."
;;
esac
- $ECHO "X----------------------------------------------------------------------" | $Xsed
+ echo "----------------------------------------------------------------------"
exit $EXIT_SUCCESS
}
# install_prog (especially on Windows NT).
if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh ||
# Allow the use of GNU shtool's install command.
- $ECHO "X$nonopt" | $GREP shtool >/dev/null; then
+ case $nonopt in *shtool*) :;; *) false;; esac; then
# Aesthetically quote it.
func_quote_for_eval "$nonopt"
install_prog="$func_quote_for_eval_result "
# Aesthetically quote it.
func_quote_for_eval "$arg"
install_prog="$install_prog$func_quote_for_eval_result"
+ install_shared_prog=$install_prog
+ case " $install_prog " in
+ *[\\\ /]cp\ *) install_cp=: ;;
+ *) install_cp=false ;;
+ esac
# We need to accept at least all the BSD install flags.
dest=
install_type=
isdir=no
stripme=
+ no_mode=:
for arg
do
+ arg2=
if test -n "$dest"; then
files="$files $dest"
dest=$arg
case $arg in
-d) isdir=yes ;;
-f)
- case " $install_prog " in
- *[\\\ /]cp\ *) ;;
- *) prev=$arg ;;
- esac
+ if $install_cp; then :; else
+ prev=$arg
+ fi
;;
-g | -m | -o)
prev=$arg
*)
# If the previous option needed an argument, then skip it.
if test -n "$prev"; then
+ if test "x$prev" = x-m && test -n "$install_override_mode"; then
+ arg2=$install_override_mode
+ no_mode=false
+ fi
prev=
else
dest=$arg
# Aesthetically quote the argument.
func_quote_for_eval "$arg"
install_prog="$install_prog $func_quote_for_eval_result"
+ if test -n "$arg2"; then
+ func_quote_for_eval "$arg2"
+ fi
+ install_shared_prog="$install_shared_prog $func_quote_for_eval_result"
done
test -z "$install_prog" && \
test -n "$prev" && \
func_fatal_help "the \`$prev' option requires an argument"
+ if test -n "$install_override_mode" && $no_mode; then
+ if $install_cp; then :; else
+ func_quote_for_eval "$install_override_mode"
+ install_shared_prog="$install_shared_prog -m $func_quote_for_eval_result"
+ fi
+ fi
+
if test -z "$files"; then
if test -z "$dest"; then
func_fatal_help "no file or destination specified"
if test -n "$relink_command"; then
# Determine the prefix the user has applied to our future dir.
- inst_prefix_dir=`$ECHO "X$destdir" | $Xsed -e "s%$libdir\$%%"`
+ inst_prefix_dir=`$ECHO "$destdir" | $SED -e "s%$libdir\$%%"`
# Don't allow the user to place us outside of our expected
# location b/c this prevents finding dependent libraries that
if test -n "$inst_prefix_dir"; then
# Stick the inst_prefix_dir data into the link command.
- relink_command=`$ECHO "X$relink_command" | $Xsed -e "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"`
+ relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"`
else
- relink_command=`$ECHO "X$relink_command" | $Xsed -e "s%@inst_prefix_dir@%%"`
+ relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%%"`
fi
func_warning "relinking \`$file'"
test -n "$relink_command" && srcname="$realname"T
# Install the shared library and build the symlinks.
- func_show_eval "$install_prog $dir/$srcname $destdir/$realname" \
+ func_show_eval "$install_shared_prog $dir/$srcname $destdir/$realname" \
'exit $?'
tstripme="$stripme"
case $host_os in
if test -f "$lib"; then
func_source "$lib"
fi
- libfile="$libdir/"`$ECHO "X$lib" | $Xsed -e 's%^.*/%%g'` ### testsuite: skip nested quoting test
+ libfile="$libdir/"`$ECHO "$lib" | $SED 's%^.*/%%g'` ### testsuite: skip nested quoting test
if test -n "$libdir" && test ! -f "$libfile"; then
func_warning "\`$lib' has not been installed in \`$libdir'"
finalize=no
file="$func_basename_result"
outputname="$tmpdir/$file"
# Replace the output file specification.
- relink_command=`$ECHO "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'`
+ relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'`
$opt_silent || {
func_quote_for_expand "$relink_command"
}
else
# Install the binary that we compiled earlier.
- file=`$ECHO "X$file$stripped_ext" | $Xsed -e "s%\([^/]*\)$%$objdir/\1%"`
+ file=`$ECHO "$file$stripped_ext" | $SED "s%\([^/]*\)$%$objdir/\1%"`
fi
fi
extern \"C\" {
#endif
+#if defined(__GNUC__) && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4))
+#pragma GCC diagnostic ignored \"-Wstrict-prototypes\"
+#endif
+
/* External symbol declarations for the compiler. */\
"
$opt_dry_run || echo ': @PROGRAM@ ' > "$nlist"
# Add our own program objects to the symbol list.
- progfiles=`$ECHO "X$objs$old_deplibs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+ progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP`
for progfile in $progfiles; do
func_verbose "extracting global C symbols from \`$progfile'"
$opt_dry_run || eval "$NM $progfile | $global_symbol_pipe >> '$nlist'"
eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T'
eval '$MV "$nlist"T "$nlist"'
case $host in
- *cygwin | *mingw* | *cegcc* )
+ *cygwin* | *mingw* | *cegcc* )
eval "echo EXPORTS "'> "$output_objdir/$outputname.def"'
eval 'cat "$nlist" >> "$output_objdir/$outputname.def"'
;;
if test -f "$nlist"S; then
eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$my_dlsyms"'
else
- $ECHO '/* NONE */' >> "$output_objdir/$my_dlsyms"
+ echo '/* NONE */' >> "$output_objdir/$my_dlsyms"
fi
- $ECHO >> "$output_objdir/$my_dlsyms" "\
+ echo >> "$output_objdir/$my_dlsyms" "\
/* The mapping between symbol names and symbols. */
typedef struct {
"
case $host in
*cygwin* | *mingw* | *cegcc* )
- $ECHO >> "$output_objdir/$my_dlsyms" "\
+ echo >> "$output_objdir/$my_dlsyms" "\
/* DATA imports from DLLs on WIN32 con't be const, because
runtime relocations are performed -- see ld's documentation
on pseudo-relocs. */"
lt_dlsym_const=const ;;
esac
- $ECHO >> "$output_objdir/$my_dlsyms" "\
+ echo >> "$output_objdir/$my_dlsyms" "\
extern $lt_dlsym_const lt_dlsymlist
lt_${my_prefix}_LTX_preloaded_symbols[];
$lt_dlsym_const lt_dlsymlist
eval "$global_symbol_to_c_name_address_lib_prefix" < "$nlist" >> "$output_objdir/$my_dlsyms"
;;
esac
- $ECHO >> "$output_objdir/$my_dlsyms" "\
+ echo >> "$output_objdir/$my_dlsyms" "\
{0, (void *) 0}
};
case $host in
*cygwin* | *mingw* | *cegcc* )
if test -f "$output_objdir/$my_outputname.def"; then
- compile_command=`$ECHO "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
- finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
+ compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
+ finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"`
else
- compile_command=`$ECHO "X$compile_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
- finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
+ compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+ finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"`
fi
;;
*)
- compile_command=`$ECHO "X$compile_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
- finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$symfileobj%"`
+ compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"`
+ finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"`
;;
esac
;;
# really was required.
# Nullify the symbol file.
- compile_command=`$ECHO "X$compile_command" | $Xsed -e "s% @SYMFILE@%%"`
- finalize_command=`$ECHO "X$finalize_command" | $Xsed -e "s% @SYMFILE@%%"`
+ compile_command=`$ECHO "$compile_command" | $SED "s% @SYMFILE@%%"`
+ finalize_command=`$ECHO "$finalize_command" | $SED "s% @SYMFILE@%%"`
fi
}
# Need a lot of goo to handle *both* DLLs and import libs
# Has to be a shell function in order to 'eat' the argument
# that is supplied when $file_magic_command is called.
+# Despite the name, also deal with 64 bit binaries.
func_win32_libid ()
{
$opt_debug
win32_libid_type="x86 archive import"
;;
*ar\ archive*) # could be an import, or static
+ # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD.
if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null |
- $EGREP 'file format pe-i386(.*architecture: i386)?' >/dev/null ; then
+ $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then
win32_nmres=`eval $NM -f posix -A $1 |
$SED -n -e '
1,100{
$opt_debug
f_ex_an_ar_dir="$1"; shift
f_ex_an_ar_oldlib="$1"
- func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" 'exit $?'
+ if test "$lock_old_archive_extraction" = yes; then
+ lockfile=$f_ex_an_ar_oldlib.lock
+ until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do
+ func_echo "Waiting for $lockfile to be removed"
+ sleep 2
+ done
+ fi
+ func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" \
+ 'stat=$?; rm -f "$lockfile"; exit $stat'
+ if test "$lock_old_archive_extraction" = yes; then
+ $opt_dry_run || rm -f "$lockfile"
+ fi
if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then
:
else
darwin_file=
darwin_files=
for darwin_file in $darwin_filelist; do
- darwin_files=`find unfat-$$ -name $darwin_file -print | $NL2SP`
+ darwin_files=`find unfat-$$ -name $darwin_file -print | sort | $NL2SP`
$LIPO -create -output "$darwin_file" $darwin_files
done # $darwin_filelist
$RM -rf unfat-$$
func_extract_an_archive "$my_xdir" "$my_xabs"
;;
esac
- my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | $NL2SP`
+ my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | sort | $NL2SP`
done
func_extract_archives_result="$my_oldobjs"
}
-
-# func_emit_wrapper_part1 [arg=no]
+# func_emit_wrapper [arg=no]
#
-# Emit the first part of a libtool wrapper script on stdout.
-# For more information, see the description associated with
-# func_emit_wrapper(), below.
-func_emit_wrapper_part1 ()
+# Emit a libtool wrapper script on stdout.
+# Don't directly open a file because we may want to
+# incorporate the script contents within a cygwin/mingw
+# wrapper executable. Must ONLY be called from within
+# func_mode_link because it depends on a number of variables
+# set therein.
+#
+# ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR
+# variable will take. If 'yes', then the emitted script
+# will assume that the directory in which it is stored is
+# the $objdir directory. This is a cygwin/mingw-specific
+# behavior.
+func_emit_wrapper ()
{
- func_emit_wrapper_part1_arg1=no
- if test -n "$1" ; then
- func_emit_wrapper_part1_arg1=$1
- fi
+ func_emit_wrapper_arg1=${1-no}
$ECHO "\
#! $SHELL
# Sed substitution that helps us do robust quoting. It backslashifies
# metacharacters that are still active within double-quoted strings.
-Xsed='${SED} -e 1s/^X//'
sed_quote_subst='$sed_quote_subst'
# Be Bourne compatible
else
# When we are sourced in execute mode, \$file and \$ECHO are already set.
if test \"\$libtool_execute_magic\" != \"$magic\"; then
- ECHO=\"$qecho\"
- file=\"\$0\"
- # Make sure echo works.
- if test \"X\$1\" = X--no-reexec; then
- # Discard the --no-reexec flag, and continue.
- shift
- elif test \"X\`{ \$ECHO '\t'; } 2>/dev/null\`\" = 'X\t'; then
- # Yippee, \$ECHO works!
- :
- else
- # Restart under the correct shell, and then maybe \$ECHO will work.
- exec $SHELL \"\$0\" --no-reexec \${1+\"\$@\"}
- fi
- fi\
+ file=\"\$0\""
+
+ qECHO=`$ECHO "$ECHO" | $SED "$sed_quote_subst"`
+ $ECHO "\
+
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+ eval 'cat <<_LTECHO_EOF
+\$1
+_LTECHO_EOF'
+}
+ ECHO=\"$qECHO\"
+ fi
+
+# Very basic option parsing. These options are (a) specific to
+# the libtool wrapper, (b) are identical between the wrapper
+# /script/ and the wrapper /executable/ which is used only on
+# windows platforms, and (c) all begin with the string "--lt-"
+# (application programs are unlikely to have options which match
+# this pattern).
+#
+# There are only two supported options: --lt-debug and
+# --lt-dump-script. There is, deliberately, no --lt-help.
+#
+# The first argument to this parsing function should be the
+# script's $0 value, followed by "$@".
+lt_option_debug=
+func_parse_lt_options ()
+{
+ lt_script_arg0=\$0
+ shift
+ for lt_opt
+ do
+ case \"\$lt_opt\" in
+ --lt-debug) lt_option_debug=1 ;;
+ --lt-dump-script)
+ lt_dump_D=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%/[^/]*$%%'\`
+ test \"X\$lt_dump_D\" = \"X\$lt_script_arg0\" && lt_dump_D=.
+ lt_dump_F=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%^.*/%%'\`
+ cat \"\$lt_dump_D/\$lt_dump_F\"
+ exit 0
+ ;;
+ --lt-*)
+ \$ECHO \"Unrecognized --lt- option: '\$lt_opt'\" 1>&2
+ exit 1
+ ;;
+ esac
+ done
+
+ # Print the debug banner immediately:
+ if test -n \"\$lt_option_debug\"; then
+ echo \"${outputname}:${output}:\${LINENO}: libtool wrapper (GNU $PACKAGE$TIMESTAMP) $VERSION\" 1>&2
+ fi
+}
+
+# Used when --lt-debug. Prints its arguments to stdout
+# (redirection is the responsibility of the caller)
+func_lt_dump_args ()
+{
+ lt_dump_args_N=1;
+ for lt_arg
+ do
+ \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[\$lt_dump_args_N]: \$lt_arg\"
+ lt_dump_args_N=\`expr \$lt_dump_args_N + 1\`
+ done
+}
+
+# Core function for launching the target application
+func_exec_program_core ()
+{
"
- $ECHO "\
+ case $host in
+ # Backslashes separate directories on plain windows
+ *-*-mingw | *-*-os2* | *-cegcc*)
+ $ECHO "\
+ if test -n \"\$lt_option_debug\"; then
+ \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir\\\\\$program\" 1>&2
+ func_lt_dump_args \${1+\"\$@\"} 1>&2
+ fi
+ exec \"\$progdir\\\\\$program\" \${1+\"\$@\"}
+"
+ ;;
+
+ *)
+ $ECHO "\
+ if test -n \"\$lt_option_debug\"; then
+ \$ECHO \"${outputname}:${output}:\${LINENO}: newargv[0]: \$progdir/\$program\" 1>&2
+ func_lt_dump_args \${1+\"\$@\"} 1>&2
+ fi
+ exec \"\$progdir/\$program\" \${1+\"\$@\"}
+"
+ ;;
+ esac
+ $ECHO "\
+ \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2
+ exit 1
+}
+
+# A function to encapsulate launching the target application
+# Strips options in the --lt-* namespace from \$@ and
+# launches target application with the remaining arguments.
+func_exec_program ()
+{
+ for lt_wr_arg
+ do
+ case \$lt_wr_arg in
+ --lt-*) ;;
+ *) set x \"\$@\" \"\$lt_wr_arg\"; shift;;
+ esac
+ shift
+ done
+ func_exec_program_core \${1+\"\$@\"}
+}
+
+ # Parse options
+ func_parse_lt_options \"\$0\" \${1+\"\$@\"}
# Find the directory that this script lives in.
- thisdir=\`\$ECHO \"X\$file\" | \$Xsed -e 's%/[^/]*$%%'\`
+ thisdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*$%%'\`
test \"x\$thisdir\" = \"x\$file\" && thisdir=.
# Follow symbolic links until we get to the real thisdir.
- file=\`ls -ld \"\$file\" | ${SED} -n 's/.*-> //p'\`
+ file=\`ls -ld \"\$file\" | $SED -n 's/.*-> //p'\`
while test -n \"\$file\"; do
- destdir=\`\$ECHO \"X\$file\" | \$Xsed -e 's%/[^/]*\$%%'\`
+ destdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*\$%%'\`
# If there was a directory component, then change thisdir.
if test \"x\$destdir\" != \"x\$file\"; then
esac
fi
- file=\`\$ECHO \"X\$file\" | \$Xsed -e 's%^.*/%%'\`
- file=\`ls -ld \"\$thisdir/\$file\" | ${SED} -n 's/.*-> //p'\`
+ file=\`\$ECHO \"\$file\" | $SED 's%^.*/%%'\`
+ file=\`ls -ld \"\$thisdir/\$file\" | $SED -n 's/.*-> //p'\`
done
-"
-}
-# end: func_emit_wrapper_part1
-
-# func_emit_wrapper_part2 [arg=no]
-#
-# Emit the second part of a libtool wrapper script on stdout.
-# For more information, see the description associated with
-# func_emit_wrapper(), below.
-func_emit_wrapper_part2 ()
-{
- func_emit_wrapper_part2_arg1=no
- if test -n "$1" ; then
- func_emit_wrapper_part2_arg1=$1
- fi
-
- $ECHO "\
# Usually 'no', except on cygwin/mingw when embedded into
# the cwrapper.
- WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_part2_arg1
+ WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_arg1
if test \"\$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR\" = \"yes\"; then
# special case for '.'
if test \"\$thisdir\" = \".\"; then
fi
# remove .libs from thisdir
case \"\$thisdir\" in
- *[\\\\/]$objdir ) thisdir=\`\$ECHO \"X\$thisdir\" | \$Xsed -e 's%[\\\\/][^\\\\/]*$%%'\` ;;
+ *[\\\\/]$objdir ) thisdir=\`\$ECHO \"\$thisdir\" | $SED 's%[\\\\/][^\\\\/]*$%%'\` ;;
$objdir ) thisdir=. ;;
esac
fi
# Some systems cannot cope with colon-terminated $shlibpath_var
# The second colon is a workaround for a bug in BeOS R4 sed
- $shlibpath_var=\`\$ECHO \"X\$$shlibpath_var\" | \$Xsed -e 's/::*\$//'\`
+ $shlibpath_var=\`\$ECHO \"\$$shlibpath_var\" | $SED 's/::*\$//'\`
export $shlibpath_var
"
$ECHO "\
if test \"\$libtool_execute_magic\" != \"$magic\"; then
# Run the actual program with our arguments.
-"
- case $host in
- # Backslashes separate directories on plain windows
- *-*-mingw | *-*-os2* | *-cegcc*)
- $ECHO "\
- exec \"\$progdir\\\\\$program\" \${1+\"\$@\"}
-"
- ;;
-
- *)
- $ECHO "\
- exec \"\$progdir/\$program\" \${1+\"\$@\"}
-"
- ;;
- esac
- $ECHO "\
- \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2
- exit 1
+ func_exec_program \${1+\"\$@\"}
fi
else
# The program doesn't exist.
\$ECHO \"\$0: error: \\\`\$progdir/\$program' does not exist\" 1>&2
\$ECHO \"This script is just a wrapper for \$program.\" 1>&2
- $ECHO \"See the $PACKAGE documentation for more information.\" 1>&2
+ \$ECHO \"See the $PACKAGE documentation for more information.\" 1>&2
exit 1
fi
fi\
"
}
-# end: func_emit_wrapper_part2
-
-
-# func_emit_wrapper [arg=no]
-#
-# Emit a libtool wrapper script on stdout.
-# Don't directly open a file because we may want to
-# incorporate the script contents within a cygwin/mingw
-# wrapper executable. Must ONLY be called from within
-# func_mode_link because it depends on a number of variables
-# set therein.
-#
-# ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR
-# variable will take. If 'yes', then the emitted script
-# will assume that the directory in which it is stored is
-# the $objdir directory. This is a cygwin/mingw-specific
-# behavior.
-func_emit_wrapper ()
-{
- func_emit_wrapper_arg1=no
- if test -n "$1" ; then
- func_emit_wrapper_arg1=$1
- fi
-
- # split this up so that func_emit_cwrapperexe_src
- # can call each part independently.
- func_emit_wrapper_part1 "${func_emit_wrapper_arg1}"
- func_emit_wrapper_part2 "${func_emit_wrapper_arg1}"
-}
# func_to_host_path arg
func_to_host_path ()
{
func_to_host_path_result="$1"
- if test -n "$1" ; then
+ if test -n "$1"; then
case $host in
*mingw* )
lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g'
case $build in
*mingw* ) # actually, msys
# awkward: cmd appends spaces to result
- lt_sed_strip_trailing_spaces="s/[ ]*\$//"
- func_to_host_path_tmp1=`( cmd //c echo "$1" |\
- $SED -e "$lt_sed_strip_trailing_spaces" ) 2>/dev/null || echo ""`
- func_to_host_path_result=`echo "$func_to_host_path_tmp1" |\
- $SED -e "$lt_sed_naive_backslashify"`
+ func_to_host_path_result=`( cmd //c echo "$1" ) 2>/dev/null |
+ $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"`
;;
*cygwin* )
- func_to_host_path_tmp1=`cygpath -w "$1"`
- func_to_host_path_result=`echo "$func_to_host_path_tmp1" |\
- $SED -e "$lt_sed_naive_backslashify"`
+ func_to_host_path_result=`cygpath -w "$1" |
+ $SED -e "$lt_sed_naive_backslashify"`
;;
* )
# Unfortunately, winepath does not exit with a non-zero
# the odd construction:
func_to_host_path_tmp1=`winepath -w "$1" 2>/dev/null`
if test "$?" -eq 0 && test -n "${func_to_host_path_tmp1}"; then
- func_to_host_path_result=`echo "$func_to_host_path_tmp1" |\
+ func_to_host_path_result=`$ECHO "$func_to_host_path_tmp1" |
$SED -e "$lt_sed_naive_backslashify"`
else
# Allow warning below.
- func_to_host_path_result=""
+ func_to_host_path_result=
fi
;;
esac
if test -z "$func_to_host_path_result" ; then
func_error "Could not determine host path corresponding to"
- func_error " '$1'"
+ func_error " \`$1'"
func_error "Continuing, but uninstalled executables may not work."
# Fallback:
func_to_host_path_result="$1"
func_to_host_pathlist ()
{
func_to_host_pathlist_result="$1"
- if test -n "$1" ; then
+ if test -n "$1"; then
case $host in
*mingw* )
lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g'
# Remove leading and trailing path separator characters from
# ARG. msys behavior is inconsistent here, cygpath turns them
# into '.;' and ';.', and winepath ignores them completely.
- func_to_host_pathlist_tmp2="$1"
- # Once set for this call, this variable should not be
- # reassigned. It is used in tha fallback case.
- func_to_host_pathlist_tmp1=`echo "$func_to_host_pathlist_tmp2" |\
- $SED -e 's|^:*||' -e 's|:*$||'`
+ func_stripname : : "$1"
+ func_to_host_pathlist_tmp1=$func_stripname_result
case $build in
*mingw* ) # Actually, msys.
# Awkward: cmd appends spaces to result.
- lt_sed_strip_trailing_spaces="s/[ ]*\$//"
- func_to_host_pathlist_tmp2=`( cmd //c echo "$func_to_host_pathlist_tmp1" |\
- $SED -e "$lt_sed_strip_trailing_spaces" ) 2>/dev/null || echo ""`
- func_to_host_pathlist_result=`echo "$func_to_host_pathlist_tmp2" |\
- $SED -e "$lt_sed_naive_backslashify"`
+ func_to_host_pathlist_result=`
+ ( cmd //c echo "$func_to_host_pathlist_tmp1" ) 2>/dev/null |
+ $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"`
;;
*cygwin* )
- func_to_host_pathlist_tmp2=`cygpath -w -p "$func_to_host_pathlist_tmp1"`
- func_to_host_pathlist_result=`echo "$func_to_host_pathlist_tmp2" |\
+ func_to_host_pathlist_result=`cygpath -w -p "$func_to_host_pathlist_tmp1" |
$SED -e "$lt_sed_naive_backslashify"`
;;
* )
if test -z "$func_to_host_pathlist_result" ; then
func_to_host_pathlist_result="$func_to_host_path_result"
else
- func_to_host_pathlist_result="$func_to_host_pathlist_result;$func_to_host_path_result"
+ func_append func_to_host_pathlist_result ";$func_to_host_path_result"
fi
fi
fi
- IFS=:
done
IFS=$func_to_host_pathlist_oldIFS
;;
esac
- if test -z "$func_to_host_pathlist_result" ; then
+ if test -z "$func_to_host_pathlist_result"; then
func_error "Could not determine the host path(s) corresponding to"
- func_error " '$1'"
+ func_error " \`$1'"
func_error "Continuing, but uninstalled executables may not work."
# Fallback. This may break if $1 contains DOS-style drive
# specifications. The fix is not to complicate the expression
;;
esac
case "$1" in
- *: ) func_to_host_pathlist_result="$func_to_host_pathlist_result;"
+ *: ) func_append func_to_host_pathlist_result ";"
;;
esac
;;
This wrapper executable should never be moved out of the build directory.
If it is, it will not operate correctly.
-
- Currently, it simply execs the wrapper *script* "$SHELL $output",
- but could eventually absorb all of the scripts functionality and
- exec $objdir/$outputname directly.
*/
EOF
cat <<"EOF"
+#ifdef _MSC_VER
+# define _CRT_SECURE_NO_DEPRECATE 1
+#endif
#include <stdio.h>
#include <stdlib.h>
#ifdef _MSC_VER
# include <direct.h>
# include <process.h>
# include <io.h>
-# define setmode _setmode
#else
# include <unistd.h>
# include <stdint.h>
# ifdef __CYGWIN__
# include <io.h>
-# define HAVE_SETENV
-# ifdef __STRICT_ANSI__
-char *realpath (const char *, char *);
-int putenv (char *);
-int setenv (const char *, const char *, int);
-# endif
# endif
#endif
#include <malloc.h>
#include <fcntl.h>
#include <sys/stat.h>
+/* declarations of non-ANSI functions */
+#if defined(__MINGW32__)
+# ifdef __STRICT_ANSI__
+int _putenv (const char *);
+# endif
+#elif defined(__CYGWIN__)
+# ifdef __STRICT_ANSI__
+char *realpath (const char *, char *);
+int putenv (char *);
+int setenv (const char *, const char *, int);
+# endif
+/* #elif defined (other platforms) ... */
+#endif
+
+/* portability defines, excluding path handling macros */
+#if defined(_MSC_VER)
+# define setmode _setmode
+# define stat _stat
+# define chmod _chmod
+# define getcwd _getcwd
+# define putenv _putenv
+# define S_IXUSR _S_IEXEC
+# ifndef _INTPTR_T_DEFINED
+# define _INTPTR_T_DEFINED
+# define intptr_t int
+# endif
+#elif defined(__MINGW32__)
+# define setmode _setmode
+# define stat _stat
+# define chmod _chmod
+# define getcwd _getcwd
+# define putenv _putenv
+#elif defined(__CYGWIN__)
+# define HAVE_SETENV
+# define FOPEN_WB "wb"
+/* #elif defined (other platforms) ... */
+#endif
+
#if defined(PATH_MAX)
# define LT_PATHMAX PATH_MAX
#elif defined(MAXPATHLEN)
# define S_IXGRP 0
#endif
-#ifdef _MSC_VER
-# define S_IXUSR _S_IEXEC
-# define stat _stat
-# ifndef _INTPTR_T_DEFINED
-# define intptr_t int
-# endif
-#endif
-
+/* path handling portability macros */
#ifndef DIR_SEPARATOR
# define DIR_SEPARATOR '/'
# define PATH_SEPARATOR ':'
# define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2)
#endif /* PATH_SEPARATOR_2 */
-#ifdef __CYGWIN__
-# define FOPEN_WB "wb"
-#endif
-
#ifndef FOPEN_WB
# define FOPEN_WB "w"
#endif
if (stale) { free ((void *) stale); stale = 0; } \
} while (0)
-#undef LTWRAPPER_DEBUGPRINTF
-#if defined DEBUGWRAPPER
-# define LTWRAPPER_DEBUGPRINTF(args) ltwrapper_debugprintf args
-static void
-ltwrapper_debugprintf (const char *fmt, ...)
-{
- va_list args;
- va_start (args, fmt);
- (void) vfprintf (stderr, fmt, args);
- va_end (args);
-}
+#if defined(LT_DEBUGWRAPPER)
+static int lt_debug = 1;
#else
-# define LTWRAPPER_DEBUGPRINTF(args)
+static int lt_debug = 0;
#endif
-const char *program_name = NULL;
+const char *program_name = "libtool-wrapper"; /* in case xstrdup fails */
void *xmalloc (size_t num);
char *xstrdup (const char *string);
int make_executable (const char *path);
int check_executable (const char *path);
char *strendzap (char *str, const char *pat);
-void lt_fatal (const char *message, ...);
+void lt_debugprintf (const char *file, int line, const char *fmt, ...);
+void lt_fatal (const char *file, int line, const char *message, ...);
+static const char *nonnull (const char *s);
+static const char *nonempty (const char *s);
void lt_setenv (const char *name, const char *value);
char *lt_extend_str (const char *orig_value, const char *add, int to_end);
-void lt_opt_process_env_set (const char *arg);
-void lt_opt_process_env_prepend (const char *arg);
-void lt_opt_process_env_append (const char *arg);
-int lt_split_name_value (const char *arg, char** name, char** value);
void lt_update_exe_path (const char *name, const char *value);
void lt_update_lib_path (const char *name, const char *value);
-
-static const char *script_text_part1 =
-EOF
-
- func_emit_wrapper_part1 yes |
- $SED -e 's/\([\\"]\)/\\\1/g' \
- -e 's/^/ "/' -e 's/$/\\n"/'
- echo ";"
- cat <<EOF
-
-static const char *script_text_part2 =
+char **prepare_spawn (char **argv);
+void lt_dump_script (FILE *f);
EOF
- func_emit_wrapper_part2 yes |
- $SED -e 's/\([\\"]\)/\\\1/g' \
- -e 's/^/ "/' -e 's/$/\\n"/'
- echo ";"
cat <<EOF
const char * MAGIC_EXE = "$magic_exe";
cat <<"EOF"
#define LTWRAPPER_OPTION_PREFIX "--lt-"
-#define LTWRAPPER_OPTION_PREFIX_LENGTH 5
-static const size_t opt_prefix_len = LTWRAPPER_OPTION_PREFIX_LENGTH;
static const char *ltwrapper_option_prefix = LTWRAPPER_OPTION_PREFIX;
-
static const char *dumpscript_opt = LTWRAPPER_OPTION_PREFIX "dump-script";
-
-static const size_t env_set_opt_len = LTWRAPPER_OPTION_PREFIX_LENGTH + 7;
-static const char *env_set_opt = LTWRAPPER_OPTION_PREFIX "env-set";
- /* argument is putenv-style "foo=bar", value of foo is set to bar */
-
-static const size_t env_prepend_opt_len = LTWRAPPER_OPTION_PREFIX_LENGTH + 11;
-static const char *env_prepend_opt = LTWRAPPER_OPTION_PREFIX "env-prepend";
- /* argument is putenv-style "foo=bar", new value of foo is bar${foo} */
-
-static const size_t env_append_opt_len = LTWRAPPER_OPTION_PREFIX_LENGTH + 10;
-static const char *env_append_opt = LTWRAPPER_OPTION_PREFIX "env-append";
- /* argument is putenv-style "foo=bar", new value of foo is ${foo}bar */
+static const char *debug_opt = LTWRAPPER_OPTION_PREFIX "debug";
int
main (int argc, char *argv[])
int i;
program_name = (char *) xstrdup (base_name (argv[0]));
- LTWRAPPER_DEBUGPRINTF (("(main) argv[0] : %s\n", argv[0]));
- LTWRAPPER_DEBUGPRINTF (("(main) program_name : %s\n", program_name));
+ newargz = XMALLOC (char *, argc + 1);
- /* very simple arg parsing; don't want to rely on getopt */
+ /* very simple arg parsing; don't want to rely on getopt
+ * also, copy all non cwrapper options to newargz, except
+ * argz[0], which is handled differently
+ */
+ newargc=0;
for (i = 1; i < argc; i++)
{
if (strcmp (argv[i], dumpscript_opt) == 0)
esac
cat <<"EOF"
- printf ("%s", script_text_part1);
- printf ("%s", script_text_part2);
+ lt_dump_script (stdout);
return 0;
}
+ if (strcmp (argv[i], debug_opt) == 0)
+ {
+ lt_debug = 1;
+ continue;
+ }
+ if (strcmp (argv[i], ltwrapper_option_prefix) == 0)
+ {
+ /* however, if there is an option in the LTWRAPPER_OPTION_PREFIX
+ namespace, but it is not one of the ones we know about and
+ have already dealt with, above (inluding dump-script), then
+ report an error. Otherwise, targets might begin to believe
+ they are allowed to use options in the LTWRAPPER_OPTION_PREFIX
+ namespace. The first time any user complains about this, we'll
+ need to make LTWRAPPER_OPTION_PREFIX a configure-time option
+ or a configure.ac-settable value.
+ */
+ lt_fatal (__FILE__, __LINE__,
+ "unrecognized %s option: '%s'",
+ ltwrapper_option_prefix, argv[i]);
+ }
+ /* otherwise ... */
+ newargz[++newargc] = xstrdup (argv[i]);
}
+ newargz[++newargc] = NULL;
+
+EOF
+ cat <<EOF
+ /* The GNU banner must be the first non-error debug message */
+ lt_debugprintf (__FILE__, __LINE__, "libtool wrapper (GNU $PACKAGE$TIMESTAMP) $VERSION\n");
+EOF
+ cat <<"EOF"
+ lt_debugprintf (__FILE__, __LINE__, "(main) argv[0]: %s\n", argv[0]);
+ lt_debugprintf (__FILE__, __LINE__, "(main) program_name: %s\n", program_name);
- newargz = XMALLOC (char *, argc + 1);
tmp_pathspec = find_executable (argv[0]);
if (tmp_pathspec == NULL)
- lt_fatal ("Couldn't find %s", argv[0]);
- LTWRAPPER_DEBUGPRINTF (("(main) found exe (before symlink chase) at : %s\n",
- tmp_pathspec));
+ lt_fatal (__FILE__, __LINE__, "couldn't find %s", argv[0]);
+ lt_debugprintf (__FILE__, __LINE__,
+ "(main) found exe (before symlink chase) at: %s\n",
+ tmp_pathspec);
actual_cwrapper_path = chase_symlinks (tmp_pathspec);
- LTWRAPPER_DEBUGPRINTF (("(main) found exe (after symlink chase) at : %s\n",
- actual_cwrapper_path));
+ lt_debugprintf (__FILE__, __LINE__,
+ "(main) found exe (after symlink chase) at: %s\n",
+ actual_cwrapper_path);
XFREE (tmp_pathspec);
- actual_cwrapper_name = xstrdup( base_name (actual_cwrapper_path));
+ actual_cwrapper_name = xstrdup (base_name (actual_cwrapper_path));
strendzap (actual_cwrapper_path, actual_cwrapper_name);
/* wrapper name transforms */
target_name = tmp_pathspec;
tmp_pathspec = 0;
- LTWRAPPER_DEBUGPRINTF (("(main) libtool target name: %s\n",
- target_name));
+ lt_debugprintf (__FILE__, __LINE__,
+ "(main) libtool target name: %s\n",
+ target_name);
EOF
cat <<EOF
lt_update_lib_path (LIB_PATH_VARNAME, LIB_PATH_VALUE);
lt_update_exe_path (EXE_PATH_VARNAME, EXE_PATH_VALUE);
- newargc=0;
- for (i = 1; i < argc; i++)
- {
- if (strncmp (argv[i], env_set_opt, env_set_opt_len) == 0)
- {
- if (argv[i][env_set_opt_len] == '=')
- {
- const char *p = argv[i] + env_set_opt_len + 1;
- lt_opt_process_env_set (p);
- }
- else if (argv[i][env_set_opt_len] == '\0' && i + 1 < argc)
- {
- lt_opt_process_env_set (argv[++i]); /* don't copy */
- }
- else
- lt_fatal ("%s missing required argument", env_set_opt);
- continue;
- }
- if (strncmp (argv[i], env_prepend_opt, env_prepend_opt_len) == 0)
- {
- if (argv[i][env_prepend_opt_len] == '=')
- {
- const char *p = argv[i] + env_prepend_opt_len + 1;
- lt_opt_process_env_prepend (p);
- }
- else if (argv[i][env_prepend_opt_len] == '\0' && i + 1 < argc)
- {
- lt_opt_process_env_prepend (argv[++i]); /* don't copy */
- }
- else
- lt_fatal ("%s missing required argument", env_prepend_opt);
- continue;
- }
- if (strncmp (argv[i], env_append_opt, env_append_opt_len) == 0)
- {
- if (argv[i][env_append_opt_len] == '=')
- {
- const char *p = argv[i] + env_append_opt_len + 1;
- lt_opt_process_env_append (p);
- }
- else if (argv[i][env_append_opt_len] == '\0' && i + 1 < argc)
- {
- lt_opt_process_env_append (argv[++i]); /* don't copy */
- }
- else
- lt_fatal ("%s missing required argument", env_append_opt);
- continue;
- }
- if (strncmp (argv[i], ltwrapper_option_prefix, opt_prefix_len) == 0)
- {
- /* however, if there is an option in the LTWRAPPER_OPTION_PREFIX
- namespace, but it is not one of the ones we know about and
- have already dealt with, above (inluding dump-script), then
- report an error. Otherwise, targets might begin to believe
- they are allowed to use options in the LTWRAPPER_OPTION_PREFIX
- namespace. The first time any user complains about this, we'll
- need to make LTWRAPPER_OPTION_PREFIX a configure-time option
- or a configure.ac-settable value.
- */
- lt_fatal ("Unrecognized option in %s namespace: '%s'",
- ltwrapper_option_prefix, argv[i]);
- }
- /* otherwise ... */
- newargz[++newargc] = xstrdup (argv[i]);
- }
- newargz[++newargc] = NULL;
-
- LTWRAPPER_DEBUGPRINTF (("(main) lt_argv_zero : %s\n", (lt_argv_zero ? lt_argv_zero : "<NULL>")));
+ lt_debugprintf (__FILE__, __LINE__, "(main) lt_argv_zero: %s\n",
+ nonnull (lt_argv_zero));
for (i = 0; i < newargc; i++)
{
- LTWRAPPER_DEBUGPRINTF (("(main) newargz[%d] : %s\n", i, (newargz[i] ? newargz[i] : "<NULL>")));
+ lt_debugprintf (__FILE__, __LINE__, "(main) newargz[%d]: %s\n",
+ i, nonnull (newargz[i]));
}
EOF
mingw*)
cat <<"EOF"
/* execv doesn't actually work on mingw as expected on unix */
+ newargz = prepare_spawn (newargz);
rval = _spawnv (_P_WAIT, lt_argv_zero, (const char * const *) newargz);
if (rval == -1)
{
/* failed to start process */
- LTWRAPPER_DEBUGPRINTF (("(main) failed to launch target \"%s\": errno = %d\n", lt_argv_zero, errno));
+ lt_debugprintf (__FILE__, __LINE__,
+ "(main) failed to launch target \"%s\": %s\n",
+ lt_argv_zero, nonnull (strerror (errno)));
return 127;
}
return rval;
{
void *p = (void *) malloc (num);
if (!p)
- lt_fatal ("Memory exhausted");
+ lt_fatal (__FILE__, __LINE__, "memory exhausted");
return p;
}
{
struct stat st;
- LTWRAPPER_DEBUGPRINTF (("(check_executable) : %s\n",
- path ? (*path ? path : "EMPTY!") : "NULL!"));
+ lt_debugprintf (__FILE__, __LINE__, "(check_executable): %s\n",
+ nonempty (path));
if ((!path) || (!*path))
return 0;
int rval = 0;
struct stat st;
- LTWRAPPER_DEBUGPRINTF (("(make_executable) : %s\n",
- path ? (*path ? path : "EMPTY!") : "NULL!"));
+ lt_debugprintf (__FILE__, __LINE__, "(make_executable): %s\n",
+ nonempty (path));
if ((!path) || (!*path))
return 0;
int tmp_len;
char *concat_name;
- LTWRAPPER_DEBUGPRINTF (("(find_executable) : %s\n",
- wrapper ? (*wrapper ? wrapper : "EMPTY!") : "NULL!"));
+ lt_debugprintf (__FILE__, __LINE__, "(find_executable): %s\n",
+ nonempty (wrapper));
if ((wrapper == NULL) || (*wrapper == '\0'))
return NULL;
{
/* empty path: current directory */
if (getcwd (tmp, LT_PATHMAX) == NULL)
- lt_fatal ("getcwd failed");
+ lt_fatal (__FILE__, __LINE__, "getcwd failed: %s",
+ nonnull (strerror (errno)));
tmp_len = strlen (tmp);
concat_name =
XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
}
/* Relative path | not found in path: prepend cwd */
if (getcwd (tmp, LT_PATHMAX) == NULL)
- lt_fatal ("getcwd failed");
+ lt_fatal (__FILE__, __LINE__, "getcwd failed: %s",
+ nonnull (strerror (errno)));
tmp_len = strlen (tmp);
concat_name = XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1);
memcpy (concat_name, tmp, tmp_len);
int has_symlinks = 0;
while (strlen (tmp_pathspec) && !has_symlinks)
{
- LTWRAPPER_DEBUGPRINTF (("checking path component for symlinks: %s\n",
- tmp_pathspec));
+ lt_debugprintf (__FILE__, __LINE__,
+ "checking path component for symlinks: %s\n",
+ tmp_pathspec);
if (lstat (tmp_pathspec, &s) == 0)
{
if (S_ISLNK (s.st_mode) != 0)
}
else
{
- char *errstr = strerror (errno);
- lt_fatal ("Error accessing file %s (%s)", tmp_pathspec, errstr);
+ lt_fatal (__FILE__, __LINE__,
+ "error accessing file \"%s\": %s",
+ tmp_pathspec, nonnull (strerror (errno)));
}
}
XFREE (tmp_pathspec);
tmp_pathspec = realpath (pathspec, buf);
if (tmp_pathspec == 0)
{
- lt_fatal ("Could not follow symlinks for %s", pathspec);
+ lt_fatal (__FILE__, __LINE__,
+ "could not follow symlinks for %s", pathspec);
}
return xstrdup (tmp_pathspec);
#endif
return str;
}
+void
+lt_debugprintf (const char *file, int line, const char *fmt, ...)
+{
+ va_list args;
+ if (lt_debug)
+ {
+ (void) fprintf (stderr, "%s:%s:%d: ", program_name, file, line);
+ va_start (args, fmt);
+ (void) vfprintf (stderr, fmt, args);
+ va_end (args);
+ }
+}
+
static void
-lt_error_core (int exit_status, const char *mode,
+lt_error_core (int exit_status, const char *file,
+ int line, const char *mode,
const char *message, va_list ap)
{
- fprintf (stderr, "%s: %s: ", program_name, mode);
+ fprintf (stderr, "%s:%s:%d: %s: ", program_name, file, line, mode);
vfprintf (stderr, message, ap);
fprintf (stderr, ".\n");
}
void
-lt_fatal (const char *message, ...)
+lt_fatal (const char *file, int line, const char *message, ...)
{
va_list ap;
va_start (ap, message);
- lt_error_core (EXIT_FAILURE, "FATAL", message, ap);
+ lt_error_core (EXIT_FAILURE, file, line, "FATAL", message, ap);
va_end (ap);
}
+static const char *
+nonnull (const char *s)
+{
+ return s ? s : "(null)";
+}
+
+static const char *
+nonempty (const char *s)
+{
+ return (s && !*s) ? "(empty)" : nonnull (s);
+}
+
void
lt_setenv (const char *name, const char *value)
{
- LTWRAPPER_DEBUGPRINTF (("(lt_setenv) setting '%s' to '%s'\n",
- (name ? name : "<NULL>"),
- (value ? value : "<NULL>")));
+ lt_debugprintf (__FILE__, __LINE__,
+ "(lt_setenv) setting '%s' to '%s'\n",
+ nonnull (name), nonnull (value));
{
#ifdef HAVE_SETENV
/* always make a copy, for consistency with !HAVE_SETENV */
return new_value;
}
-int
-lt_split_name_value (const char *arg, char** name, char** value)
-{
- const char *p;
- int len;
- if (!arg || !*arg)
- return 1;
-
- p = strchr (arg, (int)'=');
-
- if (!p)
- return 1;
-
- *value = xstrdup (++p);
-
- len = strlen (arg) - strlen (*value);
- *name = XMALLOC (char, len);
- strncpy (*name, arg, len-1);
- (*name)[len - 1] = '\0';
-
- return 0;
-}
-
-void
-lt_opt_process_env_set (const char *arg)
-{
- char *name = NULL;
- char *value = NULL;
-
- if (lt_split_name_value (arg, &name, &value) != 0)
- {
- XFREE (name);
- XFREE (value);
- lt_fatal ("bad argument for %s: '%s'", env_set_opt, arg);
- }
-
- lt_setenv (name, value);
- XFREE (name);
- XFREE (value);
-}
-
-void
-lt_opt_process_env_prepend (const char *arg)
-{
- char *name = NULL;
- char *value = NULL;
- char *new_value = NULL;
-
- if (lt_split_name_value (arg, &name, &value) != 0)
- {
- XFREE (name);
- XFREE (value);
- lt_fatal ("bad argument for %s: '%s'", env_prepend_opt, arg);
- }
-
- new_value = lt_extend_str (getenv (name), value, 0);
- lt_setenv (name, new_value);
- XFREE (new_value);
- XFREE (name);
- XFREE (value);
-}
-
-void
-lt_opt_process_env_append (const char *arg)
-{
- char *name = NULL;
- char *value = NULL;
- char *new_value = NULL;
-
- if (lt_split_name_value (arg, &name, &value) != 0)
- {
- XFREE (name);
- XFREE (value);
- lt_fatal ("bad argument for %s: '%s'", env_append_opt, arg);
- }
-
- new_value = lt_extend_str (getenv (name), value, 1);
- lt_setenv (name, new_value);
- XFREE (new_value);
- XFREE (name);
- XFREE (value);
-}
-
void
lt_update_exe_path (const char *name, const char *value)
{
- LTWRAPPER_DEBUGPRINTF (("(lt_update_exe_path) modifying '%s' by prepending '%s'\n",
- (name ? name : "<NULL>"),
- (value ? value : "<NULL>")));
+ lt_debugprintf (__FILE__, __LINE__,
+ "(lt_update_exe_path) modifying '%s' by prepending '%s'\n",
+ nonnull (name), nonnull (value));
if (name && *name && value && *value)
{
void
lt_update_lib_path (const char *name, const char *value)
{
- LTWRAPPER_DEBUGPRINTF (("(lt_update_lib_path) modifying '%s' by prepending '%s'\n",
- (name ? name : "<NULL>"),
- (value ? value : "<NULL>")));
+ lt_debugprintf (__FILE__, __LINE__,
+ "(lt_update_lib_path) modifying '%s' by prepending '%s'\n",
+ nonnull (name), nonnull (value));
if (name && *name && value && *value)
{
}
}
+EOF
+ case $host_os in
+ mingw*)
+ cat <<"EOF"
+
+/* Prepares an argument vector before calling spawn().
+ Note that spawn() does not by itself call the command interpreter
+ (getenv ("COMSPEC") != NULL ? getenv ("COMSPEC") :
+ ({ OSVERSIONINFO v; v.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
+ GetVersionEx(&v);
+ v.dwPlatformId == VER_PLATFORM_WIN32_NT;
+ }) ? "cmd.exe" : "command.com").
+ Instead it simply concatenates the arguments, separated by ' ', and calls
+ CreateProcess(). We must quote the arguments since Win32 CreateProcess()
+ interprets characters like ' ', '\t', '\\', '"' (but not '<' and '>') in a
+ special way:
+ - Space and tab are interpreted as delimiters. They are not treated as
+ delimiters if they are surrounded by double quotes: "...".
+ - Unescaped double quotes are removed from the input. Their only effect is
+ that within double quotes, space and tab are treated like normal
+ characters.
+ - Backslashes not followed by double quotes are not special.
+ - But 2*n+1 backslashes followed by a double quote become
+ n backslashes followed by a double quote (n >= 0):
+ \" -> "
+ \\\" -> \"
+ \\\\\" -> \\"
+ */
+#define SHELL_SPECIAL_CHARS "\"\\ \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037"
+#define SHELL_SPACE_CHARS " \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037"
+char **
+prepare_spawn (char **argv)
+{
+ size_t argc;
+ char **new_argv;
+ size_t i;
+
+ /* Count number of arguments. */
+ for (argc = 0; argv[argc] != NULL; argc++)
+ ;
+
+ /* Allocate new argument vector. */
+ new_argv = XMALLOC (char *, argc + 1);
+
+ /* Put quoted arguments into the new argument vector. */
+ for (i = 0; i < argc; i++)
+ {
+ const char *string = argv[i];
+
+ if (string[0] == '\0')
+ new_argv[i] = xstrdup ("\"\"");
+ else if (strpbrk (string, SHELL_SPECIAL_CHARS) != NULL)
+ {
+ int quote_around = (strpbrk (string, SHELL_SPACE_CHARS) != NULL);
+ size_t length;
+ unsigned int backslashes;
+ const char *s;
+ char *quoted_string;
+ char *p;
+
+ length = 0;
+ backslashes = 0;
+ if (quote_around)
+ length++;
+ for (s = string; *s != '\0'; s++)
+ {
+ char c = *s;
+ if (c == '"')
+ length += backslashes + 1;
+ length++;
+ if (c == '\\')
+ backslashes++;
+ else
+ backslashes = 0;
+ }
+ if (quote_around)
+ length += backslashes + 1;
+
+ quoted_string = XMALLOC (char, length + 1);
+
+ p = quoted_string;
+ backslashes = 0;
+ if (quote_around)
+ *p++ = '"';
+ for (s = string; *s != '\0'; s++)
+ {
+ char c = *s;
+ if (c == '"')
+ {
+ unsigned int j;
+ for (j = backslashes + 1; j > 0; j--)
+ *p++ = '\\';
+ }
+ *p++ = c;
+ if (c == '\\')
+ backslashes++;
+ else
+ backslashes = 0;
+ }
+ if (quote_around)
+ {
+ unsigned int j;
+ for (j = backslashes; j > 0; j--)
+ *p++ = '\\';
+ *p++ = '"';
+ }
+ *p = '\0';
+
+ new_argv[i] = quoted_string;
+ }
+ else
+ new_argv[i] = (char *) string;
+ }
+ new_argv[argc] = NULL;
+
+ return new_argv;
+}
+EOF
+ ;;
+ esac
+
+ cat <<"EOF"
+void lt_dump_script (FILE* f)
+{
+EOF
+ func_emit_wrapper yes |
+ $SED -e 's/\([\\"]\)/\\\1/g' \
+ -e 's/^/ fputs ("/' -e 's/$/\\n", f);/'
+ cat <<"EOF"
+}
EOF
}
# end: func_emit_cwrapperexe_src
+# func_win32_import_lib_p ARG
+# True if ARG is an import lib, as indicated by $file_magic_cmd
+func_win32_import_lib_p ()
+{
+ $opt_debug
+ case `eval $file_magic_cmd \"\$1\" 2>/dev/null | $SED -e 10q` in
+ *import*) : ;;
+ *) false ;;
+ esac
+}
+
# func_mode_link arg...
func_mode_link ()
{
new_inherited_linker_flags=
avoid_version=no
+ bindir=
dlfiles=
dlprefiles=
dlself=no
esac
case $prev in
+ bindir)
+ bindir="$arg"
+ prev=
+ continue
+ ;;
dlfiles|dlprefiles)
if test "$preload" = no; then
# Add the symbol object into the linking commands.
continue
;;
+ -bindir)
+ prev=bindir
+ continue
+ ;;
+
-dlopen)
prev=dlfiles
continue
esac
case $host in
*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*)
- testbindir=`$ECHO "X$dir" | $Xsed -e 's*/lib$*/bin*'`
+ testbindir=`$ECHO "$dir" | $SED 's*/lib$*/bin*'`
case :$dllsearchpath: in
*":$dir:"*) ;;
::) dllsearchpath=$dir;;
-l*)
if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then
case $host in
- *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc*)
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc* | *-*-haiku*)
# These systems don't actually have a C or math library (as such)
continue
;;
for flag in $args; do
IFS="$save_ifs"
func_quote_for_eval "$flag"
- arg="$arg $wl$func_quote_for_eval_result"
+ arg="$arg $func_quote_for_eval_result"
compiler_flags="$compiler_flags $func_quote_for_eval_result"
done
IFS="$save_ifs"
arg="$func_quote_for_eval_result"
;;
- # -64, -mips[0-9] enable 64-bit mode on the SGI compiler
- # -r[0-9][0-9]* specifies the processor on the SGI compiler
- # -xarch=*, -xtarget=* enable 64-bit mode on the Sun compiler
- # +DA*, +DD* enable 64-bit mode on the HP compiler
- # -q* pass through compiler args for the IBM compiler
- # -m*, -t[45]*, -txscale* pass through architecture-specific
- # compiler args for GCC
- # -F/path gives path to uninstalled frameworks, gcc on darwin
- # -p, -pg, --coverage, -fprofile-* pass through profiling flag for GCC
- # @file GCC response files
+ # Flags to be passed through unchanged, with rationale:
+ # -64, -mips[0-9] enable 64-bit mode for the SGI compiler
+ # -r[0-9][0-9]* specify processor for the SGI compiler
+ # -xarch=*, -xtarget=* enable 64-bit mode for the Sun compiler
+ # +DA*, +DD* enable 64-bit mode for the HP compiler
+ # -q* compiler args for the IBM compiler
+ # -m*, -t[45]*, -txscale* architecture-specific flags for GCC
+ # -F/path path to uninstalled frameworks, gcc on darwin
+ # -p, -pg, --coverage, -fprofile-* profiling flags for GCC
+ # @file GCC response files
+ # -tp=* Portland pgcc target processor selection
-64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \
- -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*)
+ -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*)
func_quote_for_eval "$arg"
arg="$func_quote_for_eval_result"
func_append compile_command " $arg"
if test -n "$shlibpath_var"; then
# get the directories listed in $shlibpath_var
- eval shlib_search_path=\`\$ECHO \"X\${$shlibpath_var}\" \| \$Xsed -e \'s/:/ /g\'\`
+ eval shlib_search_path=\`\$ECHO \"\${$shlibpath_var}\" \| \$SED \'s/:/ /g\'\`
else
shlib_search_path=
fi
case $pass in
dlopen) libs="$dlfiles" ;;
dlpreopen) libs="$dlprefiles" ;;
- link)
- libs="$deplibs %DEPLIBS%"
- test "X$link_all_deplibs" != Xno && libs="$libs $dependency_libs"
- ;;
+ link) libs="$deplibs %DEPLIBS% $dependency_libs" ;;
esac
fi
if test "$linkmode,$pass" = "lib,dlpreopen"; then
# Collect preopened libtool deplibs, except any this library
# has declared as weak libs
for deplib in $dependency_libs; do
- deplib_base=`$ECHO "X$deplib" | $Xsed -e "$basename"`
+ func_basename "$deplib"
+ deplib_base=$func_basename_result
case " $weak_libs " in
*" $deplib_base "*) ;;
*) deplibs="$deplibs $deplib" ;;
match_pattern*)
set dummy $deplibs_check_method; shift
match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"`
- if eval "\$ECHO \"X$deplib\"" 2>/dev/null | $Xsed -e 10q \
+ if eval "\$ECHO \"$deplib\"" 2>/dev/null | $SED 10q \
| $EGREP "$match_pattern_regex" > /dev/null; then
valid_a_lib=yes
fi
;;
esac
if test "$valid_a_lib" != yes; then
- $ECHO
+ echo
$ECHO "*** Warning: Trying to link with static lib archive $deplib."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have"
- $ECHO "*** because the file extensions .$libext of this argument makes me believe"
- $ECHO "*** that it is just a static archive that I should not use here."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have"
+ echo "*** because the file extensions .$libext of this argument makes me believe"
+ echo "*** that it is just a static archive that I should not use here."
else
- $ECHO
+ echo
$ECHO "*** Warning: Linking the shared library $output against the"
$ECHO "*** static library $deplib is not portable!"
deplibs="$deplib $deplibs"
# Convert "-framework foo" to "foo.ltframework"
if test -n "$inherited_linker_flags"; then
- tmp_inherited_linker_flags=`$ECHO "X$inherited_linker_flags" | $Xsed -e 's/-framework \([^ $]*\)/\1.ltframework/g'`
+ tmp_inherited_linker_flags=`$ECHO "$inherited_linker_flags" | $SED 's/-framework \([^ $]*\)/\1.ltframework/g'`
for tmp_inherited_linker_flag in $tmp_inherited_linker_flags; do
case " $new_inherited_linker_flags " in
*" $tmp_inherited_linker_flag "*) ;;
esac
done
fi
- dependency_libs=`$ECHO "X $dependency_libs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
+ dependency_libs=`$ECHO " $dependency_libs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
if test "$linkmode,$pass" = "lib,link" ||
test "$linkmode,$pass" = "prog,scan" ||
{ test "$linkmode" != prog && test "$linkmode" != lib; }; then
# It is a libtool convenience library, so add in its objects.
convenience="$convenience $ladir/$objdir/$old_library"
old_convenience="$old_convenience $ladir/$objdir/$old_library"
- tmp_libs=
- for deplib in $dependency_libs; do
- deplibs="$deplib $deplibs"
- if $opt_duplicate_deps ; then
- case "$tmp_libs " in
- *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
- esac
- fi
- tmp_libs="$tmp_libs $deplib"
- done
elif test "$linkmode" != prog && test "$linkmode" != lib; then
func_fatal_error "\`$lib' is not a convenience library"
fi
+ tmp_libs=
+ for deplib in $dependency_libs; do
+ deplibs="$deplib $deplibs"
+ if $opt_duplicate_deps ; then
+ case "$tmp_libs " in
+ *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;;
+ esac
+ fi
+ tmp_libs="$tmp_libs $deplib"
+ done
continue
fi # $pass = conv
fi
done
if test -z "$dlopenmodule" && test "$shouldnotlink" = yes && test "$pass" = link; then
- $ECHO
+ echo
if test "$linkmode" = prog; then
$ECHO "*** Warning: Linking the executable $output against the loadable module"
else
if test "X$dlopenmodule" != "X$lib"; then
$ECHO "*** Warning: lib $linklib is a module, not a shared library"
if test -z "$old_library" ; then
- $ECHO
- $ECHO "*** And there doesn't seem to be a static archive available"
- $ECHO "*** The link will probably fail, sorry"
+ echo
+ echo "*** And there doesn't seem to be a static archive available"
+ echo "*** The link will probably fail, sorry"
else
add="$dir/$old_library"
fi
# Just print a warning and add the library to dependency_libs so
# that the program can be linked against the static library.
- $ECHO
+ echo
$ECHO "*** Warning: This system can not link to static lib archive $lib."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have."
if test "$module" = yes; then
- $ECHO "*** But as you try to build a module library, libtool will still create "
- $ECHO "*** a static module, that should work as long as the dlopening application"
- $ECHO "*** is linked with the -dlopen flag to resolve symbols at runtime."
+ echo "*** But as you try to build a module library, libtool will still create "
+ echo "*** a static module, that should work as long as the dlopening application"
+ echo "*** is linked with the -dlopen flag to resolve symbols at runtime."
if test -z "$global_symbol_pipe"; then
- $ECHO
- $ECHO "*** However, this would only work if libtool was able to extract symbol"
- $ECHO "*** lists from a program, using \`nm' or equivalent, but libtool could"
- $ECHO "*** not find such a program. So, this module is probably useless."
- $ECHO "*** \`nm' from GNU binutils and a full rebuild may help."
+ echo
+ echo "*** However, this would only work if libtool was able to extract symbol"
+ echo "*** lists from a program, using \`nm' or equivalent, but libtool could"
+ echo "*** not find such a program. So, this module is probably useless."
+ echo "*** \`nm' from GNU binutils and a full rebuild may help."
fi
if test "$build_old_libs" = no; then
build_libtool_libs=module
compile_deplibs="$new_inherited_linker_flags $compile_deplibs"
finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs"
else
- compiler_flags="$compiler_flags "`$ECHO "X $new_inherited_linker_flags" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
+ compiler_flags="$compiler_flags "`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
fi
fi
dependency_libs="$newdependency_libs"
if test "$deplibs_check_method" != pass_all; then
func_fatal_error "cannot build libtool library \`$output' from non-libtool objects on this host:$objs"
else
- $ECHO
+ echo
$ECHO "*** Warning: Linking the shared library $output against the non-libtool"
$ECHO "*** objects $objs is not portable!"
libobjs="$libobjs $objs"
age="$number_minor"
revision="$number_revision"
;;
- freebsd-aout|freebsd-elf|sunos)
+ freebsd-aout|freebsd-elf|qnx|sunos)
current="$number_major"
revision="$number_minor"
age="0"
revision="$number_minor"
lt_irix_increment=no
;;
- *)
- func_fatal_configuration "$modename: unknown library version type \`$version_type'"
- ;;
esac
;;
no)
oldlibs="$oldlibs $output_objdir/$libname.$libext"
# Transform .lo files to .o files.
- oldobjs="$objs "`$ECHO "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}'$/d' -e "$lo2o" | $NL2SP`
+ oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; $lo2o" | $NL2SP`
fi
# Eliminate all temporary directories.
#for path in $notinst_path; do
- # lib_search_path=`$ECHO "X$lib_search_path " | $Xsed -e "s% $path % %g"`
- # deplibs=`$ECHO "X$deplibs " | $Xsed -e "s% -L$path % %g"`
- # dependency_libs=`$ECHO "X$dependency_libs " | $Xsed -e "s% -L$path % %g"`
+ # lib_search_path=`$ECHO "$lib_search_path " | $SED "s% $path % %g"`
+ # deplibs=`$ECHO "$deplibs " | $SED "s% -L$path % %g"`
+ # dependency_libs=`$ECHO "$dependency_libs " | $SED "s% -L$path % %g"`
#done
if test -n "$xrpath"; then
if test "$build_libtool_libs" = yes; then
if test -n "$rpath"; then
case $host in
- *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc*)
+ *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc* | *-*-haiku*)
# these systems don't actually have a c library (as such)!
;;
*-*-rhapsody* | *-*-darwin1.[012])
newdeplibs="$newdeplibs $i"
else
droppeddeps=yes
- $ECHO
+ echo
$ECHO "*** Warning: dynamic linker does not accept needed library $i."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which I believe you do not have"
- $ECHO "*** because a test_compile did reveal that the linker did not use it for"
- $ECHO "*** its dynamic dependency list that programs get resolved with at runtime."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which I believe you do not have"
+ echo "*** because a test_compile did reveal that the linker did not use it for"
+ echo "*** its dynamic dependency list that programs get resolved with at runtime."
fi
fi
;;
newdeplibs="$newdeplibs $i"
else
droppeddeps=yes
- $ECHO
+ echo
$ECHO "*** Warning: dynamic linker does not accept needed library $i."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have"
- $ECHO "*** because a test_compile did reveal that the linker did not use this one"
- $ECHO "*** as a dynamic dependency that programs can get resolved with at runtime."
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have"
+ echo "*** because a test_compile did reveal that the linker did not use this one"
+ echo "*** as a dynamic dependency that programs can get resolved with at runtime."
fi
fi
else
droppeddeps=yes
- $ECHO
+ echo
$ECHO "*** Warning! Library $i is needed by this library but I was not able to"
- $ECHO "*** make it link in! You will probably need to install it or some"
- $ECHO "*** library that it depends on before this library will be fully"
- $ECHO "*** functional. Installing it before continuing would be even better."
+ echo "*** make it link in! You will probably need to install it or some"
+ echo "*** library that it depends on before this library will be fully"
+ echo "*** functional. Installing it before continuing would be even better."
fi
;;
*)
potliblink=`ls -ld $potlib | ${SED} 's/.* -> //'`
case $potliblink in
[\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";;
- *) potlib=`$ECHO "X$potlib" | $Xsed -e 's,[^/]*$,,'`"$potliblink";;
+ *) potlib=`$ECHO "$potlib" | $SED 's,[^/]*$,,'`"$potliblink";;
esac
done
if eval $file_magic_cmd \"\$potlib\" 2>/dev/null |
fi
if test -n "$a_deplib" ; then
droppeddeps=yes
- $ECHO
+ echo
$ECHO "*** Warning: linker path does not have real file for library $a_deplib."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have"
- $ECHO "*** because I did check the linker path looking for a file starting"
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have"
+ echo "*** because I did check the linker path looking for a file starting"
if test -z "$potlib" ; then
$ECHO "*** with $libname but no candidates were found. (...for file magic test)"
else
potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
for potent_lib in $potential_libs; do
potlib="$potent_lib" # see symlink-check above in file_magic test
- if eval "\$ECHO \"X$potent_lib\"" 2>/dev/null | $Xsed -e 10q | \
+ if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \
$EGREP "$match_pattern_regex" > /dev/null; then
newdeplibs="$newdeplibs $a_deplib"
a_deplib=""
fi
if test -n "$a_deplib" ; then
droppeddeps=yes
- $ECHO
+ echo
$ECHO "*** Warning: linker path does not have real file for library $a_deplib."
- $ECHO "*** I have the capability to make that library automatically link in when"
- $ECHO "*** you link to this library. But I can only do this if you have a"
- $ECHO "*** shared version of the library, which you do not appear to have"
- $ECHO "*** because I did check the linker path looking for a file starting"
+ echo "*** I have the capability to make that library automatically link in when"
+ echo "*** you link to this library. But I can only do this if you have a"
+ echo "*** shared version of the library, which you do not appear to have"
+ echo "*** because I did check the linker path looking for a file starting"
if test -z "$potlib" ; then
$ECHO "*** with $libname but no candidates were found. (...for regex pattern test)"
else
;;
none | unknown | *)
newdeplibs=""
- tmp_deplibs=`$ECHO "X $deplibs" | $Xsed \
- -e 's/ -lc$//' -e 's/ -[LR][^ ]*//g'`
+ tmp_deplibs=`$ECHO " $deplibs" | $SED 's/ -lc$//; s/ -[LR][^ ]*//g'`
if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then
for i in $predeps $postdeps ; do
# can't use Xsed below, because $i might contain '/'
- tmp_deplibs=`$ECHO "X $tmp_deplibs" | $Xsed -e "s,$i,,"`
+ tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s,$i,,"`
done
fi
- if $ECHO "X $tmp_deplibs" | $Xsed -e 's/[ ]//g' |
- $GREP . >/dev/null; then
- $ECHO
+ case $tmp_deplibs in
+ *[!\ \ ]*)
+ echo
if test "X$deplibs_check_method" = "Xnone"; then
- $ECHO "*** Warning: inter-library dependencies are not supported in this platform."
+ echo "*** Warning: inter-library dependencies are not supported in this platform."
else
- $ECHO "*** Warning: inter-library dependencies are not known to be supported."
+ echo "*** Warning: inter-library dependencies are not known to be supported."
fi
- $ECHO "*** All declared inter-library dependencies are being dropped."
+ echo "*** All declared inter-library dependencies are being dropped."
droppeddeps=yes
- fi
+ ;;
+ esac
;;
esac
versuffix=$versuffix_save
case $host in
*-*-rhapsody* | *-*-darwin1.[012])
# On Rhapsody replace the C library with the System framework
- newdeplibs=`$ECHO "X $newdeplibs" | $Xsed -e 's/ -lc / System.ltframework /'`
+ newdeplibs=`$ECHO " $newdeplibs" | $SED 's/ -lc / System.ltframework /'`
;;
esac
if test "$droppeddeps" = yes; then
if test "$module" = yes; then
- $ECHO
- $ECHO "*** Warning: libtool could not satisfy all declared inter-library"
+ echo
+ echo "*** Warning: libtool could not satisfy all declared inter-library"
$ECHO "*** dependencies of module $libname. Therefore, libtool will create"
- $ECHO "*** a static module, that should work as long as the dlopening"
- $ECHO "*** application is linked with the -dlopen flag."
+ echo "*** a static module, that should work as long as the dlopening"
+ echo "*** application is linked with the -dlopen flag."
if test -z "$global_symbol_pipe"; then
- $ECHO
- $ECHO "*** However, this would only work if libtool was able to extract symbol"
- $ECHO "*** lists from a program, using \`nm' or equivalent, but libtool could"
- $ECHO "*** not find such a program. So, this module is probably useless."
- $ECHO "*** \`nm' from GNU binutils and a full rebuild may help."
+ echo
+ echo "*** However, this would only work if libtool was able to extract symbol"
+ echo "*** lists from a program, using \`nm' or equivalent, but libtool could"
+ echo "*** not find such a program. So, this module is probably useless."
+ echo "*** \`nm' from GNU binutils and a full rebuild may help."
fi
if test "$build_old_libs" = no; then
oldlibs="$output_objdir/$libname.$libext"
build_libtool_libs=no
fi
else
- $ECHO "*** The inter-library dependencies that have been dropped here will be"
- $ECHO "*** automatically added whenever a program is linked with this library"
- $ECHO "*** or is declared to -dlopen it."
+ echo "*** The inter-library dependencies that have been dropped here will be"
+ echo "*** automatically added whenever a program is linked with this library"
+ echo "*** or is declared to -dlopen it."
if test "$allow_undefined" = no; then
- $ECHO
- $ECHO "*** Since this library must not contain undefined symbols,"
- $ECHO "*** because either the platform does not support them or"
- $ECHO "*** it was explicitly requested with -no-undefined,"
- $ECHO "*** libtool will only create a static version of it."
+ echo
+ echo "*** Since this library must not contain undefined symbols,"
+ echo "*** because either the platform does not support them or"
+ echo "*** it was explicitly requested with -no-undefined,"
+ echo "*** libtool will only create a static version of it."
if test "$build_old_libs" = no; then
oldlibs="$output_objdir/$libname.$libext"
build_libtool_libs=module
# Time to change all our "foo.ltframework" stuff back to "-framework foo"
case $host in
*-*-darwin*)
- newdeplibs=`$ECHO "X $newdeplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- new_inherited_linker_flags=`$ECHO "X $new_inherited_linker_flags" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- deplibs=`$ECHO "X $deplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
+ newdeplibs=`$ECHO " $newdeplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ new_inherited_linker_flags=`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ deplibs=`$ECHO " $deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
;;
esac
done
# Use standard objects if they are pic
- test -z "$pic_flag" && libobjs=`$ECHO "X$libobjs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+ test -z "$pic_flag" && libobjs=`$ECHO "$libobjs" | $SP2NL | $SED "$lo2o" | $NL2SP`
test "X$libobjs" = "X " && libobjs=
delfiles=
if test -n "$export_symbols" && test -n "$include_expsyms"; then
tmp_export_symbols="$export_symbols"
test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols"
- $opt_dry_run || eval '$ECHO "X$include_expsyms" | $Xsed | $SP2NL >> "$tmp_export_symbols"'
+ $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"'
fi
if test "X$skipped_export" != "X:" && test -n "$orig_export_symbols"; then
save_libobjs=$libobjs
fi
save_output=$output
- output_la=`$ECHO "X$output" | $Xsed -e "$basename"`
+ func_basename "$output"
+ output_la=$func_basename_result
# Clear the reloadable object creation command queue and
# initialize k to one.
if test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "$with_gnu_ld" = yes; then
output=${output_objdir}/${output_la}.lnkscript
func_verbose "creating GNU ld script: $output"
- $ECHO 'INPUT (' > $output
+ echo 'INPUT (' > $output
for obj in $save_libobjs
do
$ECHO "$obj" >> $output
done
- $ECHO ')' >> $output
+ echo ')' >> $output
delfiles="$delfiles $output"
elif test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "X$file_list_spec" != X; then
output=${output_objdir}/${output_la}.lnk
# command to the queue.
if test "$k" -eq 1 ; then
# The first file doesn't have a previous command to add.
- eval concat_cmds=\"$reload_cmds $objlist $last_robj\"
+ reload_objs=$objlist
+ eval concat_cmds=\"$reload_cmds\"
else
# All subsequent reloadable object files will link in
# the last one created.
- eval concat_cmds=\"\$concat_cmds~$reload_cmds $objlist $last_robj~\$RM $last_robj\"
+ reload_objs="$objlist $last_robj"
+ eval concat_cmds=\"\$concat_cmds~$reload_cmds~\$RM $last_robj\"
fi
last_robj=$output_objdir/$output_la-${k}.$objext
func_arith $k + 1
k=$func_arith_result
output=$output_objdir/$output_la-${k}.$objext
- objlist=$obj
+ objlist=" $obj"
func_len " $last_robj"
func_arith $len0 + $func_len_result
len=$func_arith_result
# reloadable object file. All subsequent reloadable object
# files will link in the last one created.
test -z "$concat_cmds" || concat_cmds=$concat_cmds~
- eval concat_cmds=\"\${concat_cmds}$reload_cmds $objlist $last_robj\"
+ reload_objs="$objlist $last_robj"
+ eval concat_cmds=\"\${concat_cmds}$reload_cmds\"
if test -n "$last_robj"; then
eval concat_cmds=\"\${concat_cmds}~\$RM $last_robj\"
fi
if test -n "$export_symbols" && test -n "$include_expsyms"; then
tmp_export_symbols="$export_symbols"
test -n "$orig_export_symbols" && tmp_export_symbols="$orig_export_symbols"
- $opt_dry_run || eval '$ECHO "X$include_expsyms" | $Xsed | $SP2NL >> "$tmp_export_symbols"'
+ $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"'
fi
if test -n "$orig_export_symbols"; then
if test -n "$convenience"; then
if test -n "$whole_archive_flag_spec"; then
eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\"
- reload_conv_objs=$reload_objs\ `$ECHO "X$tmp_whole_archive_flags" | $Xsed -e 's|,| |g'`
+ reload_conv_objs=$reload_objs\ `$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'`
else
gentop="$output_objdir/${obj}x"
generated="$generated $gentop"
fi
# Create the old-style object.
- reload_objs="$objs$old_deplibs "`$ECHO "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}$'/d' -e '/\.lib$/d' -e "$lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test
+ reload_objs="$objs$old_deplibs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; /\.lib$/d; $lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test
output="$obj"
func_execute_cmds "$reload_cmds" 'exit $?'
case $host in
*-*-rhapsody* | *-*-darwin1.[012])
# On Rhapsody replace the C library is the System framework
- compile_deplibs=`$ECHO "X $compile_deplibs" | $Xsed -e 's/ -lc / System.ltframework /'`
- finalize_deplibs=`$ECHO "X $finalize_deplibs" | $Xsed -e 's/ -lc / System.ltframework /'`
+ compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's/ -lc / System.ltframework /'`
+ finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's/ -lc / System.ltframework /'`
;;
esac
esac
fi
# Time to change all our "foo.ltframework" stuff back to "-framework foo"
- compile_deplibs=`$ECHO "X $compile_deplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
- finalize_deplibs=`$ECHO "X $finalize_deplibs" | $Xsed -e 's% \([^ $]*\).ltframework% -framework \1%g'`
+ compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
+ finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'`
;;
esac
if test -n "$libobjs" && test "$build_old_libs" = yes; then
# Transform all the library objects into standard objects.
- compile_command=`$ECHO "X$compile_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
- finalize_command=`$ECHO "X$finalize_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+ compile_command=`$ECHO "$compile_command" | $SP2NL | $SED "$lo2o" | $NL2SP`
+ finalize_command=`$ECHO "$finalize_command" | $SP2NL | $SED "$lo2o" | $NL2SP`
fi
func_generate_dlsyms "$outputname" "@PROGRAM@" "no"
wrappers_required=yes
case $host in
+ *cegcc* | *mingw32ce*)
+ # Disable wrappers for cegcc and mingw32ce hosts, we are cross compiling anyway.
+ wrappers_required=no
+ ;;
*cygwin* | *mingw* )
if test "$build_libtool_libs" != yes; then
wrappers_required=no
fi
;;
- *cegcc)
- # Disable wrappers for cegcc, we are cross compiling anyway.
- wrappers_required=no
- ;;
*)
if test "$need_relink" = no || test "$build_libtool_libs" != yes; then
wrappers_required=no
esac
if test "$wrappers_required" = no; then
# Replace the output file specification.
- compile_command=`$ECHO "X$compile_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'`
+ compile_command=`$ECHO "$compile_command" | $SED 's%@OUTPUT@%'"$output"'%g'`
link_command="$compile_command$compile_rpath"
# We have no uninstalled library dependencies, so finalize right now.
# We don't need to create a wrapper script.
link_command="$compile_var$compile_command$compile_rpath"
# Replace the output file specification.
- link_command=`$ECHO "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'`
+ link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output"'%g'`
# Delete the old output file.
$opt_dry_run || $RM $output
# Link the executable and exit
if test "$fast_install" != no; then
link_command="$finalize_var$compile_command$finalize_rpath"
if test "$fast_install" = yes; then
- relink_command=`$ECHO "X$compile_var$compile_command$compile_rpath" | $Xsed -e 's%@OUTPUT@%\$progdir/\$file%g'`
+ relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'`
else
# fast_install is set to needless
relink_command=
fi
# Replace the output file specification.
- link_command=`$ECHO "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'`
+ link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'`
# Delete the old output files.
$opt_dry_run || $RM $output $output_objdir/$outputname $output_objdir/lt-$outputname
fi
done
relink_command="(cd `pwd`; $relink_command)"
- relink_command=`$ECHO "X$relink_command" | $Xsed -e "$sed_quote_subst"`
- fi
-
- # Quote $ECHO for shipping.
- if test "X$ECHO" = "X$SHELL $progpath --fallback-echo"; then
- case $progpath in
- [\\/]* | [A-Za-z]:[\\/]*) qecho="$SHELL $progpath --fallback-echo";;
- *) qecho="$SHELL `pwd`/$progpath --fallback-echo";;
- esac
- qecho=`$ECHO "X$qecho" | $Xsed -e "$sed_quote_subst"`
- else
- qecho=`$ECHO "X$ECHO" | $Xsed -e "$sed_quote_subst"`
+ relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"`
fi
# Only actually do things if not in dry run mode.
done | sort | sort -uc >/dev/null 2>&1); then
:
else
- $ECHO "copying selected object files to avoid basename conflicts..."
+ echo "copying selected object files to avoid basename conflicts..."
gentop="$output_objdir/${outputname}x"
generated="$generated $gentop"
func_mkdir_p "$gentop"
done
# Quote the link command for shipping.
relink_command="(cd `pwd`; $SHELL $progpath $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)"
- relink_command=`$ECHO "X$relink_command" | $Xsed -e "$sed_quote_subst"`
+ relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"`
if test "$hardcode_automatic" = yes ; then
relink_command=
fi
fi
$RM $output
# place dlname in correct position for cygwin
+ # In fact, it would be nice if we could use this code for all target
+ # systems that can't hard-code library paths into their executables
+ # and that have no shared library path variable independent of PATH,
+ # but it turns out we can't easily determine that from inspecting
+ # libtool variables, so we have to hard-code the OSs to which it
+ # applies here; at the moment, that means platforms that use the PE
+ # object format with DLL files. See the long comment at the top of
+ # tests/bindir.at for full details.
tdlname=$dlname
case $host,$output,$installed,$module,$dlname in
- *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll) tdlname=../bin/$dlname ;;
+ *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll)
+ # If a -bindir argument was supplied, place the dll there.
+ if test "x$bindir" != x ;
+ then
+ func_relative_path "$install_libdir" "$bindir"
+ tdlname=$func_relative_path_result$dlname
+ else
+ # Otherwise fall back on heuristic.
+ tdlname=../bin/$dlname
+ fi
+ ;;
esac
$ECHO > $output "\
# $outputname - a libtool library file
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301, USA.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
#endif
#include <confuse.h>
+#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include <radsec/radsec.h>
#if 0
# common config options
- dictionary = STRING
# common realm config options
realm NAME {
};
cfg_opt_t opts[] =
{
- CFG_STR ("dictionary", NULL, CFGF_NONE),
CFG_SEC ("realm", realm_opts, CFGF_TITLE | CFGF_MULTI),
CFG_END ()
};
if (config == NULL)
return rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__, NULL);
ctx->config = config;
- config->dictionary = cfg_getstr (cfg, "dictionary");
for (i = 0; i < cfg_size (cfg, "realm"); i++)
{
AC_MSG_ERROR([required library libconfuse not found]))
AC_CHECK_LIB([event_core], [event_get_version],,
AC_MSG_ERROR([required library libevent_core not found]))
-AC_CHECK_LIB([freeradius-radius], [rad_alloc],,
- AC_MSG_ERROR([required library libfreeradius-radius not found]))
# Enable-knobs.
## Enable TLS (RadSec).
# Checks for header files.
AC_CHECK_HEADERS(
- [netdb.h netinet/in.h stdint.h stdlib.h string.h sys/socket.h unistd.h])
+ [sys/time.h time.h netdb.h netinet/in.h stdint.h stdlib.h strings.h string.h \
+ sys/socket.h unistd.h syslog.h sys/select.h fcntl.h arpa/inet.h])
# Checks for typedefs, structures, and compiler characteristics.
AC_TYPE_SIZE_T
AC_CHECK_FUNCS([memset socket strdup strerror strrchr])
AC_CONFIG_FILES([Makefile
+ radius/Makefile
include/Makefile
examples/Makefile
tests/Makefile])
#endif
#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
#include <assert.h>
#include <event2/event.h>
#include <event2/bufferevent.h>
#include <stdio.h>
#include <assert.h>
-#include <freeradius/libradius.h>
+#include <radius/client.h>
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
#include "debug.h"
return;
p = pkt->rpkt;
- fprintf (stderr, "\tCode: %u, Identifier: %u, Lenght: %u\n",
+ fprintf (stderr, "\tCode: %u, Identifier: %u, Lenght: %zu\n",
p->code,
p->id,
- p->data_len);
+ p->sizeof_data);
fflush (stderr);
}
#endif
#include <stdio.h>
+#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
static const char *_errtxt[] = {
- "SUCCESS", /* 0 RSE_OK */
- "out of memory", /* 1 RSE_NOMEM */
- "not yet implemented", /* 2 RSE_NOSYS */
- "invalid handle", /* 3 RSE_INVALID_CTX */
- "invalid connection", /* 4 RSE_INVALID_CONN */
- "connection type mismatch", /* 5 RSE_CONN_TYPE_MISMATCH */
- "FreeRadius error", /* 6 RSE_FR */
- "bad hostname or port", /* 7 RSE_BADADDR */
- "no peer configured", /* 8 RSE_NOPEER */
- "libevent error", /* 9 RSE_EVENT */
- "socket error", /* 10 RSE_SOCKERR */
- "invalid configuration file", /* 11 RSE_CONFIG */
- "authentication failed", /* 12 RSE_BADAUTH */
- "internal error", /* 13 RSE_INTERNAL */
- "SSL error", /* 14 RSE_SSLERR */
- "invalid packet", /* 15 RSE_INVALID_PKT */
- "connect timeout", /* 16 RSE_TIMEOUT_CONN */
- "invalid argument", /* 17 RSE_INVAL */
- "I/O timeout", /* 18 RSE_TIMEOUT_IO */
- "timeout", /* 19 RSE_TIMEOUT */
- "peer disconnected", /* 20 RSE_DISCO */
- "invalid credentials", /* 21 RSE_CRED */
- "certificate validation error", /* 22 RSE_CERT */
+ "SUCCESS", /* 0 RSE_OK */
+ "out of memory", /* 1 RSE_NOMEM */
+ "not yet implemented", /* 2 RSE_NOSYS */
+ "invalid handle", /* 3 RSE_INVALID_CTX */
+ "invalid connection", /* 4 RSE_INVALID_CONN */
+ "connection type mismatch", /* 5 RSE_CONN_TYPE_MISMATCH */
+ "FreeRadius error", /* 6 RSE_FR */
+ "bad hostname or port", /* 7 RSE_BADADDR */
+ "no peer configured", /* 8 RSE_NOPEER */
+ "libevent error", /* 9 RSE_EVENT */
+ "socket error", /* 10 RSE_SOCKERR */
+ "invalid configuration file", /* 11 RSE_CONFIG */
+ "authentication failed", /* 12 RSE_BADAUTH */
+ "internal error", /* 13 RSE_INTERNAL */
+ "SSL error", /* 14 RSE_SSLERR */
+ "invalid packet", /* 15 RSE_INVALID_PKT */
+ "connect timeout", /* 16 RSE_TIMEOUT_CONN */
+ "invalid argument", /* 17 RSE_INVAL */
+ "I/O timeout", /* 18 RSE_TIMEOUT_IO */
+ "timeout", /* 19 RSE_TIMEOUT */
+ "peer disconnected", /* 20 RSE_DISCO */
+ "resource is in use", /* 21 RSE_INUSE */
+ "packet is too small", /* 22 RSE_PACKET_TOO_SMALL */
+ "packet is too large", /* 23 RSE_PACKET_TOO_LARGE */
+ "attribute overflows packet", /* 24 RSE_ATTR_OVERFLOW */
+ "attribute is too small", /* 25 RSE_ATTR_TOO_SMALL */
+ "attribute is too large", /* 26 RSE_ATTR_TOO_LARGE */
+ "unknown attribute", /* 27 RSE_ATTR_UNKNOWN */
+ "invalid name for attribute", /* 28 RSE_ATTR_BAD_NAME */
+ "invalid value for attribute", /* 29 RSE_ATTR_VALUE_MALFORMED */
+ "invalid attribute", /* 30 RSE_ATTR_INVALID */
+ "too many attributes in the packet", /* 31 RSE_TOO_MANY_ATTRS */
+ "attribute type unknown", /* 32 RSE_ATTR_TYPE_UNKNOWN */
+ "invalid message authenticator", /* 33 RSE_MSG_AUTH_LEN */
+ "incorrect message authenticator", /* 34 RSE_MSG_AUTH_WRONG */
+ "request is required", /* 35 RSE_REQUEST_REQUIRED */
+ "invalid request code", /* 36 RSE_REQUEST_CODE_INVALID */
+ "incorrect request authenticator", /* 37 RSE_AUTH_VECTOR_WRONG */
+ "response code is unsupported", /* 38 RSE_INVALID_RESPONSE_CODE */
+ "response ID is invalid", /* 39 RSE_INVALID_RESPONSE_ID */
+ "response from the wrong source address", /* 40 RSE_INVALID_RESPONSE_SRC */
+ "no packet data", /* 41 RSE_NO_PACKET_DATA */
+ "vendor is unknown", /* 42 RSE_VENDOR_UNKNOWN */
+ "invalid credentials", /* 43 RSE_CRED */
+ "certificate validation error", /* 44 RSE_CERT */
};
#define ERRTXT_SIZE (sizeof(_errtxt) / sizeof(*_errtxt))
#endif
#include <assert.h>
+#include <string.h>
+#include <errno.h>
+
#include <event2/event.h>
#include <event2/bufferevent.h>
#if defined (RS_ENABLE_TLS)
#include <stdlib.h>
#include <assert.h>
#include <event2/event.h>
-#include <freeradius/libradius.h>
#include <radsec/radsec.h>
+#include <radsec/radsec-impl.h>
#include <radsec/request.h>
#include "err.h"
#include "debug.h" /* For rs_dump_packet(). */
{
struct rs_peer *server;
- if (rs_context_init_freeradius_dict (h, "/usr/share/freeradius/dictionary"))
- goto cleanup;
if (rs_conn_create (h, &conn, NULL))
goto cleanup;
rs_conn_set_type (conn, RS_CONN_TYPE_UDP);
#else /* defined (USE_CONFIG_FILE) */
if (rs_context_read_config (h, config_fn))
goto cleanup;
- if (rs_context_init_freeradius_dict (h, NULL))
- goto cleanup;
if (rs_conn_create (h, &conn, configuration))
goto cleanup;
#endif /* defined (USE_CONFIG_FILE) */
if (resp)
{
rs_dump_packet (resp);
- if (rs_packet_frpkt (resp)->code == PW_AUTHENTICATION_ACK)
+ if (rs_packet_code (resp) == PW_ACCESS_ACCEPT)
printf ("Good auth.\n");
else
- printf ("Bad auth: %d\n", rs_packet_frpkt (resp)->code);
+ printf ("Bad auth: %d\n", rs_packet_code (resp));
}
else
fprintf (stderr, "%s: no response\n", __func__);
-dictionary = "/home/linus/usr/moonshot/share/freeradius/dictionary"
-
realm blocking-udp {
type = "UDP"
timeout = 2
radsec/radsec.h \
radsec/radsec-impl.h \
radsec/request.h \
- radsec/request-impl.h
+ radsec/request-impl.h \
+ radsec/radius.h
EXTRA_SRC = $(RADSEC_EXPORT)
nobase_include_HEADERS = $(RADSEC_EXPORT)
+
+clean-local:
+ rm -f radsec/radius.h
+
/* See the file COPYING for licensing information. */
-#include <freeradius/libradius.h>
+#ifndef _RADSEC_RADSEC_IMPL_H_
+#define _RADSEC_RADSEC_IMPL_H_ 1
+
#include <event2/util.h>
#include <confuse.h>
#if defined(RS_ENABLE_TLS)
/** Top configuration object. */
struct rs_config {
- char *dictionary;
struct rs_realm *realms;
cfg_t *cfg;
};
struct rs_config *config;
struct rs_alloc_scheme alloc_scheme;
struct rs_error *err;
- fr_randctx fr_randctx;
};
struct rs_connection {
rs_packet_sent_flag,
};
+struct radius_packet;
+
struct rs_packet {
struct rs_connection *conn;
unsigned int flags;
uint8_t hdr[RS_HEADER_LEN];
- RADIUS_PACKET *rpkt; /* FreeRADIUS object. */
+ struct radius_packet *rpkt; /* FreeRADIUS object. */
struct rs_packet *next; /* Used for UDP output queue. */
};
#define min(a, b) ((a) < (b) ? (a) : (b))
#define max(a, b) ((a) > (b) ? (a) : (b))
+#endif /* _RADSEC_RADSEC_IMPL_H_ */
+
/* Local Variables: */
/* c-file-style: "stroustrup" */
/* End: */
/* See the file COPYING for licensing information. */
-#include <unistd.h>
-#include <sys/time.h>
+#ifndef _RADSEC_RADSEC_H_
+#define _RADSEC_RADSEC_H_ 1
-#ifdef SYSCONFDIR
-#define RS_FREERADIUS_DICT SYSCONFDIR "/raddb/dictionary"
-#else /* !SYSCONFDIR */
-#define RS_FREERADIUS_DICT "/usr/local/raddb/dictionary"
-#endif /* !SYSCONFDIR */
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_ARPA_INET_H
+#include <arpa/inet.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
enum rs_error_code {
RSE_OK = 0,
RSE_INVALID_CTX = 3,
RSE_INVALID_CONN = 4,
RSE_CONN_TYPE_MISMATCH = 5,
- RSE_FR = 6, /* FreeRADIUS error. */
+ RSE_FR = 6,
RSE_BADADDR = 7,
RSE_NOPEER = 8,
RSE_EVENT = 9, /* libevent error. */
RSE_TIMEOUT_IO = 18, /* I/O timeout. */
RSE_TIMEOUT = 19, /* High level timeout. */
RSE_DISCO = 20,
- RSE_CRED = 21, /* Credentials. */
- RSE_CERT = 22, /* Cert validation. */
+ RSE_INUSE = 21,
+ RSE_PACKET_TOO_SMALL = 22,
+ RSE_PACKET_TOO_LARGE = 23,
+ RSE_ATTR_OVERFLOW = 24,
+ RSE_ATTR_TOO_SMALL = 25,
+ RSE_ATTR_TOO_LARGE = 26,
+ RSE_ATTR_UNKNOWN = 27,
+ RSE_ATTR_BAD_NAME = 28,
+ RSE_ATTR_VALUE_MALFORMED = 29,
+ RSE_ATTR_INVALID = 30,
+ RSE_TOO_MANY_ATTRS = 31,
+ RSE_ATTR_TYPE_UNKNOWN = 32,
+ RSE_MSG_AUTH_LEN = 33,
+ RSE_MSG_AUTH_WRONG = 34,
+ RSE_REQUEST_REQUIRED = 35,
+ RSE_INVALID_REQUEST_CODE = 36,
+ RSE_AUTH_VECTOR_WRONG = 37,
+ RSE_INVALID_RESPONSE_CODE = 38,
+ RSE_INVALID_RESPONSE_ID = 39,
+ RSE_INVALID_RESPONSE_SRC = 40,
+ RSE_NO_PACKET_DATA = 41,
+ RSE_VENDOR_UNKNOWN = 42,
+ RSE_CRED = 43,
+ RSE_CERT = 44,
+ RSE_MAX = RSE_CERT
};
enum rs_conn_type {
};
typedef unsigned int rs_conn_type_t;
+typedef enum rs_attr_type_t {
+ RS_TYPE_INVALID = 0, /**< Invalid data type */
+ RS_TYPE_STRING, /**< printable-text */
+ RS_TYPE_INTEGER, /**< a 32-bit unsigned integer */
+ RS_TYPE_IPADDR, /**< an IPv4 address */
+ RS_TYPE_DATE, /**< a 32-bit date, of seconds since January 1, 1970 */
+ RS_TYPE_OCTETS, /**< a sequence of binary octets */
+ RS_TYPE_IFID, /**< an Interface Id */
+ RS_TYPE_IPV6ADDR, /**< an IPv6 address */
+ RS_TYPE_IPV6PREFIX, /**< an IPv6 prefix */
+ RS_TYPE_BYTE, /**< an 8-bit integer */
+ RS_TYPE_SHORT, /**< a 16-bit integer */
+} rs_attr_type_t;
+
+#define PW_ACCESS_REQUEST 1
+#define PW_ACCESS_ACCEPT 2
+#define PW_ACCESS_REJECT 3
+#define PW_ACCOUNTING_REQUEST 4
+#define PW_ACCOUNTING_RESPONSE 5
+#define PW_ACCOUNTING_STATUS 6
+#define PW_PASSWORD_REQUEST 7
+#define PW_PASSWORD_ACK 8
+#define PW_PASSWORD_REJECT 9
+#define PW_ACCOUNTING_MESSAGE 10
+#define PW_ACCESS_CHALLENGE 11
+#define PW_STATUS_SERVER 12
+#define PW_STATUS_CLIENT 13
+#define PW_DISCONNECT_REQUEST 40
+#define PW_DISCONNECT_ACK 41
+#define PW_DISCONNECT_NAK 42
+#define PW_COA_REQUEST 43
+#define PW_COA_ACK 44
+#define PW_COA_NAK 45
#if defined (__cplusplus)
extern "C" {
struct rs_conn; /* radsec-impl.h */
struct rs_error; /* radsec-impl.h */
struct rs_peer; /* radsec-impl.h */
-struct radius_packet; /* <freeradius/libradius.h> */
+struct radius_packet; /* <radius/client.h> */
+struct value_pair; /* <radius/client.h> */
struct event_base; /* <event2/event-internal.h> */
typedef void *(*rs_calloc_fp) (size_t nmemb, size_t size);
rs_conn_packet_sent_cb sent_cb;
};
+typedef struct value_pair rs_avp;
+typedef const struct value_pair rs_const_avp;
/* Function prototypes. */
all other libradsec objects have been freed. */
void rs_context_destroy(struct rs_context *ctx);
-/** Initialize FreeRADIUS dictionary needed for creating packets.
-
- \a ctx Context.
-
- \a dict Optional string with full path to FreeRADIUS dictionary.
- If \a dict is NULL the path to the dictionary file is taken from
- the "dictionary" configuration directive. Note that the
- configuration file must be read prior to using this option (see \a
- rs_context_read_config).
-
- \return RSE_OK (0) on success, RSE_NOMEM on memory allocation
- error and RSE_FR on FreeRADIUS error. */
-int rs_context_init_freeradius_dict(struct rs_context *ctx, const char *dict);
-
/** Set allocation scheme to use. \a scheme is the allocation scheme
to use, see \a rs_alloc_scheme. \return On success, RSE_OK (0) is
returned. On error, !0 is returned and a struct \a rs_error is
rs_err_conn_pop. */
int rs_packet_send(struct rs_packet *pkt, void *user_data);
-/** Return the FreeRADIUS packet associated with packet \a pkt. */
-struct radius_packet *rs_packet_frpkt(struct rs_packet *pkt);
-
/** Create a RADIUS authentication request packet associated with
connection \a conn. Optionally, User-Name and User-Password
attributes are added to the packet using the data in \a user_name
const char *user_name,
const char *user_pw);
+/*** Append \a tail to packet \a pkt. */
+int
+rs_packet_append_avp(struct rs_packet *pkt,
+ unsigned int attribute, unsigned int vendor,
+ const void *data, size_t data_len);
+
+/*** Get pointer to \a pkt attribute value pairs. */
+void
+rs_packet_avps(struct rs_packet *pkt, rs_avp ***vps);
+
+/*** Get RADIUS packet type of \a pkt. */
+unsigned int
+rs_packet_code(struct rs_packet *pkt);
+
+/*** Get RADIUS AVP from \a pkt. */
+rs_const_avp *
+rs_packet_find_avp(struct rs_packet *pkt, unsigned int attr, unsigned int vendor);
+
+/*** Set packet identifier in \a pkt; returns old identifier */
+int
+rs_packet_set_id (struct rs_packet *pkt, int id);
+
/************/
/* Config. */
/************/
char *rs_err_msg(struct rs_error *err);
int rs_err_code(struct rs_error *err, int dofree_flag);
+/************/
+/* AVPs. */
+/************/
+#define rs_avp_is_string(vp) (rs_avp_typeof(vp) == RS_TYPE_STRING)
+#define rs_avp_is_integer(vp) (rs_avp_typeof(vp) == RS_TYPE_INTEGER)
+#define rs_avp_is_ipaddr(vp) (rs_avp_typeof(vp) == RS_TYPE_IPADDR)
+#define rs_avp_is_date(vp) (rs_avp_typeof(vp) == RS_TYPE_DATE)
+#define rs_avp_is_octets(vp) (rs_avp_typeof(vp) == RS_TYPE_OCTETS)
+#define rs_avp_is_ifid(vp) (rs_avp_typeof(vp) == RS_TYPE_IFID)
+#define rs_avp_is_ipv6addr(vp) (rs_avp_typeof(vp) == RS_TYPE_IPV6ADDR)
+#define rs_avp_is_ipv6prefix(vp) (rs_avp_typeof(vp) == RS_TYPE_IPV6PREFIX)
+#define rs_avp_is_byte(vp) (rs_avp_typeof(vp) == RS_TYPE_BYTE)
+#define rs_avp_is_short(vp) (rs_avp_typeof(vp) == RS_TYPE_SHORT)
+#define rs_avp_is_tlv(vp) (rs_avp_typeof(vp) == RS_TYPE_TLV)
+
+/** The maximum length of a RADIUS attribute.
+ *
+ * The RFCs require that a RADIUS attribute transport no more than
+ * 253 octets of data. We add an extra byte for a trailing NUL, so
+ * that the VALUE_PAIR::vp_strvalue field can be handled as a C
+ * string.
+ */
+#define RS_MAX_STRING_LEN 254
+
+/** Free the AVP list \a vps */
+void
+rs_avp_free(rs_avp **vps);
+
+/** Return the length of AVP \a vp in bytes */
+size_t
+rs_avp_length(rs_const_avp *vp);
+
+/** Return the type of \a vp */
+rs_attr_type_t
+rs_avp_typeof(rs_const_avp *vp);
+
+/** Retrieve the attribute and vendor ID of \a vp */
+void
+rs_avp_attrid(rs_const_avp *vp, unsigned int *attr, unsigned int *vendor);
+
+/** Add \a vp to the list pointed to by \a head */
+void
+rs_avp_append(rs_avp **head, rs_avp *vp);
+
+/** Find an AVP in \a vp that matches \a attr and \a vendor */
+rs_avp *
+rs_avp_find(rs_avp *vp, unsigned int attr, unsigned int vendor);
+
+/** Find an AVP in \a vp that matches \a attr and \a vendor */
+rs_const_avp *
+rs_avp_find_const(rs_const_avp *vp, unsigned int attr, unsigned int vendor);
+
+/** Alloc a new AVP for \a attr and \a vendor */
+rs_avp *
+rs_avp_alloc(unsigned int attr, unsigned int vendor);
+
+/** Duplicate existing AVP \a vp */
+rs_avp *
+rs_avp_dup(rs_const_avp *vp);
+
+/** Remove matching AVP from list \a vps */
+int
+rs_avp_delete(rs_avp **vps, unsigned int attr, unsigned int vendor);
+
+/** Return next AVP in list */
+rs_avp *
+rs_avp_next(rs_avp *vp);
+
+/** Return next AVP in list */
+rs_const_avp *
+rs_avp_next_const(rs_const_avp *avp);
+
+/** Return string value of \a vp */
+const char *
+rs_avp_string_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to string \a str */
+int
+rs_avp_string_set(rs_avp *vp, const char *str);
+
+/** Return integer value of \a vp */
+uint32_t
+rs_avp_integer_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to integer \a val */
+int
+rs_avp_integer_set(rs_avp *vp, uint32_t val);
+
+/** Return IPv4 value of \a vp */
+uint32_t
+rs_avp_ipaddr_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to IPv4 address \a in */
+int
+rs_avp_ipaddr_set(rs_avp *vp, struct in_addr in);
+
+/** Return POSIX time value of \a vp */
+time_t
+rs_avp_date_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to POSIX time \a date */
+int
+rs_avp_date_set(rs_avp *vp, time_t date);
+
+/** Return constant pointer to octets in \a vp */
+const unsigned char *
+rs_avp_octets_value_const_ptr(rs_const_avp *vp);
+
+/** Return pointer to octets in \a vp */
+unsigned char *
+rs_avp_octets_value_ptr(rs_avp *vp);
+
+/** Retrieve octet pointer \a p and length \a len from \a vp */
+int
+rs_avp_octets_value_byref(rs_avp *vp,
+ unsigned char **p,
+ size_t *len);
+
+/** Copy octets from \a vp into \a buf and \a len */
+int
+rs_avp_octets_value(rs_const_avp *vp,
+ unsigned char *buf,
+ size_t *len);
+
+/**
+ * Copy octets possibly fragmented across multiple VPs
+ * into \a buf and \a len
+ */
+int
+rs_avp_fragmented_value(rs_const_avp *vps,
+ unsigned char *buf,
+ size_t *len);
+
+/** Copy \a len octets in \a buf to AVP \a vp */
+int
+rs_avp_octets_set(rs_avp *vp,
+ const unsigned char *buf,
+ size_t len);
+
+/** Return IFID value of \a vp */
+int
+rs_avp_ifid_value(rs_const_avp *vp, uint8_t val[8]);
+
+int
+rs_avp_ifid_set(rs_avp *vp, const uint8_t val[8]);
+
+/** Return byte value of \a vp */
+uint8_t
+rs_avp_byte_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to byte \a val */
+int
+rs_avp_byte_set(rs_avp *vp, uint8_t val);
+
+/** Return short value of \a vp */
+uint16_t
+rs_avp_short_value(rs_const_avp *vp);
+
+/** Set AVP \a vp to short integer \a val */
+int
+rs_avp_short_set(rs_avp *vp, uint16_t val);
+
+/** Display possibly \a canonical attribute name into \a buffer */
+int
+rs_attr_display_name (unsigned int attr,
+ unsigned int vendor,
+ char *buffer,
+ size_t bufsize,
+ int canonical);
+
+/** Display AVP \a vp into \a buffer */
+size_t
+rs_avp_display_value(rs_const_avp *vp,
+ char *buffer,
+ size_t buflen);
+
+int
+rs_attr_parse_name (const char *name,
+ unsigned int *attr,
+ unsigned int *vendor);
+
+/** Lookup attribute \a name */
+int
+rs_attr_find(const char *name,
+ unsigned int *attr,
+ unsigned int *vendor);
+
+/** Return dictionary name for AVP \a vp */
+const char *
+rs_avp_name(rs_const_avp *vp);
+
#if defined (__cplusplus)
}
#endif
+#endif /* _RADSEC_RADSEC_H_ */
+
/* Local Variables: */
/* c-file-style: "stroustrup" */
/* End: */
/* See the file COPYING for licensing information. */
+#ifndef _RADSEC_REQUEST_IMPL_H_
+#define _RADSEC_REQUEST_IMPL_H_ 1
+
#if defined (__cplusplus)
extern "C" {
#endif
#if defined (__cplusplus)
}
#endif
+
+#endif /* _RADSEC_REQUEST_IMPL_H_ */
/* See the file COPYING for licensing information. */
+#ifndef _RADSEC_REQUEST_H_
+#define _RADSEC_REQUEST_H_ 1
+
struct rs_request;
#if defined (__cplusplus)
#if defined (__cplusplus)
}
#endif
+
+#endif /* _RADSEC_REQUEST_H_ */
# libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
#
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
-# 2006, 2007, 2008 Free Software Foundation, Inc.
+# 2006, 2007, 2008, 2009, 2010 Free Software Foundation,
+# Inc.
# Written by Gordon Matzigkeit, 1996
#
# This file is free software; the Free Software Foundation gives
m4_define([_LT_COPYING], [dnl
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005,
-# 2006, 2007, 2008 Free Software Foundation, Inc.
+# 2006, 2007, 2008, 2009, 2010 Free Software Foundation,
+# Inc.
# Written by Gordon Matzigkeit, 1996
#
# This file is part of GNU Libtool.
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
])
-# serial 56 LT_INIT
+# serial 57 LT_INIT
# LT_PREREQ(VERSION)
# ------------------
AC_DEFUN([LT_INIT],
[AC_PREREQ([2.58])dnl We use AC_INCLUDES_DEFAULT
+AC_REQUIRE([AC_CONFIG_AUX_DIR_DEFAULT])dnl
AC_BEFORE([$0], [LT_LANG])dnl
AC_BEFORE([$0], [LT_OUTPUT])dnl
AC_BEFORE([$0], [LTDL_INIT])dnl
AC_REQUIRE([LTOBSOLETE_VERSION])dnl
m4_require([_LT_PROG_LTMAIN])dnl
+_LT_SHELL_INIT([SHELL=${CONFIG_SHELL-/bin/sh}])
+
dnl Parse OPTIONS
_LT_SET_OPTIONS([$0], [$1])
*) break;;
esac
done
-cc_basename=`$ECHO "X$cc_temp" | $Xsed -e 's%.*/%%' -e "s%^$host_alias-%%"`
+cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"`
])
m4_defun([_LT_SETUP],
[AC_REQUIRE([AC_CANONICAL_HOST])dnl
AC_REQUIRE([AC_CANONICAL_BUILD])dnl
+AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl
+AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl
+
_LT_DECL([], [host_alias], [0], [The host system])dnl
_LT_DECL([], [host], [0])dnl
_LT_DECL([], [host_os], [0])dnl
_LT_CHECK_OBJDIR
m4_require([_LT_TAG_COMPILER])dnl
-_LT_PROG_ECHO_BACKSLASH
case $host_os in
aix3*)
;;
esac
-# Sed substitution that helps us do robust quoting. It backslashifies
-# metacharacters that are still active within double-quoted strings.
-sed_quote_subst='s/\([["`$\\]]\)/\\\1/g'
-
-# Same as above, but do not quote variable references.
-double_quote_subst='s/\([["`\\]]\)/\\\1/g'
-
-# Sed substitution to delay expansion of an escaped shell variable in a
-# double_quote_subst'ed string.
-delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
-
-# Sed substitution to delay expansion of an escaped single quote.
-delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
-
-# Sed substitution to avoid accidental globbing in evaled expressions
-no_glob_subst='s/\*/\\\*/g'
-
# Global variables:
ofile=libtool
can_build_shared=yes
])# _LT_SETUP
+# _LT_PREPARE_SED_QUOTE_VARS
+# --------------------------
+# Define a few sed substitution that help us do robust quoting.
+m4_defun([_LT_PREPARE_SED_QUOTE_VARS],
+[# Backslashify metacharacters that are still active within
+# double-quoted strings.
+sed_quote_subst='s/\([["`$\\]]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\([["`\\]]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# Sed substitution to delay expansion of an escaped single quote.
+delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g'
+
+# Sed substitution to avoid accidental globbing in evaled expressions
+no_glob_subst='s/\*/\\\*/g'
+])
+
# _LT_PROG_LTMAIN
# ---------------
# Note that this code is called both from `configure', and `config.status'
# declaration there will have the same value as in `configure'. VARNAME
# must have a single quote delimited value for this to work.
m4_define([_LT_CONFIG_STATUS_DECLARE],
-[$1='`$ECHO "X$][$1" | $Xsed -e "$delay_single_quote_subst"`'])
+[$1='`$ECHO "$][$1" | $SED "$delay_single_quote_subst"`'])
# _LT_CONFIG_STATUS_DECLARATIONS
# embedded single quotes properly. In configure, this macro expands
# each variable declared with _LT_DECL (and _LT_TAGDECL) into:
#
-# <var>='`$ECHO "X$<var>" | $Xsed -e "$delay_single_quote_subst"`'
+# <var>='`$ECHO "$<var>" | $SED "$delay_single_quote_subst"`'
m4_defun([_LT_CONFIG_STATUS_DECLARATIONS],
[m4_foreach([_lt_var], m4_quote(lt_decl_all_varnames),
[m4_n([_LT_CONFIG_STATUS_DECLARE(_lt_var)])])])
LTCFLAGS='$LTCFLAGS'
compiler='$compiler_DEFAULT'
+# A function that is used when there is no print builtin or printf.
+func_fallback_echo ()
+{
+ eval 'cat <<_LTECHO_EOF
+\$[]1
+_LTECHO_EOF'
+}
+
# Quote evaled strings.
for var in lt_decl_all_varnames([[ \
]], lt_decl_quote_varnames); do
- case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
+ case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
*[[\\\\\\\`\\"\\\$]]*)
- eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\""
;;
*)
eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
# Double-quote double-evaled strings.
for var in lt_decl_all_varnames([[ \
]], lt_decl_dquote_varnames); do
- case \`eval \\\\\$ECHO "X\\\\\$\$var"\` in
+ case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in
*[[\\\\\\\`\\"\\\$]]*)
- eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"X\\\$\$var\\" | \\\$Xsed -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
+ eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\""
;;
*)
eval "lt_\$var=\\\\\\"\\\$\$var\\\\\\""
esac
done
-# Fix-up fallback echo if it was mangled by the above quoting rules.
-case \$lt_ECHO in
-*'\\\[$]0 --fallback-echo"')dnl "
- lt_ECHO=\`\$ECHO "X\$lt_ECHO" | \$Xsed -e 's/\\\\\\\\\\\\\\\[$]0 --fallback-echo"\[$]/\[$]0 --fallback-echo"/'\`
- ;;
-esac
-
_LT_OUTPUT_LIBTOOL_INIT
])
+# _LT_GENERATED_FILE_INIT(FILE, [COMMENT])
+# ------------------------------------
+# Generate a child script FILE with all initialization necessary to
+# reuse the environment learned by the parent script, and make the
+# file executable. If COMMENT is supplied, it is inserted after the
+# `#!' sequence but before initialization text begins. After this
+# macro, additional text can be appended to FILE to form the body of
+# the child script. The macro ends with non-zero status if the
+# file could not be fully written (such as if the disk is full).
+m4_ifdef([AS_INIT_GENERATED],
+[m4_defun([_LT_GENERATED_FILE_INIT],[AS_INIT_GENERATED($@)])],
+[m4_defun([_LT_GENERATED_FILE_INIT],
+[m4_require([AS_PREPARE])]dnl
+[m4_pushdef([AS_MESSAGE_LOG_FD])]dnl
+[lt_write_fail=0
+cat >$1 <<_ASEOF || lt_write_fail=1
+#! $SHELL
+# Generated by $as_me.
+$2
+SHELL=\${CONFIG_SHELL-$SHELL}
+export SHELL
+_ASEOF
+cat >>$1 <<\_ASEOF || lt_write_fail=1
+AS_SHELL_SANITIZE
+_AS_PREPARE
+exec AS_MESSAGE_FD>&1
+_ASEOF
+test $lt_write_fail = 0 && chmod +x $1[]dnl
+m4_popdef([AS_MESSAGE_LOG_FD])])])# _LT_GENERATED_FILE_INIT
# LT_OUTPUT
# ---------
AC_DEFUN([LT_OUTPUT],
[: ${CONFIG_LT=./config.lt}
AC_MSG_NOTICE([creating $CONFIG_LT])
-cat >"$CONFIG_LT" <<_LTEOF
-#! $SHELL
-# Generated by $as_me.
-# Run this file to recreate a libtool stub with the current configuration.
-
-lt_cl_silent=false
-SHELL=\${CONFIG_SHELL-$SHELL}
-_LTEOF
+_LT_GENERATED_FILE_INIT(["$CONFIG_LT"],
+[# Run this file to recreate a libtool stub with the current configuration.])
cat >>"$CONFIG_LT" <<\_LTEOF
-AS_SHELL_SANITIZE
-_AS_PREPARE
-
-exec AS_MESSAGE_FD>&1
+lt_cl_silent=false
exec AS_MESSAGE_LOG_FD>>config.log
{
echo
m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION])
configured by $[0], generated by m4_PACKAGE_STRING.
-Copyright (C) 2008 Free Software Foundation, Inc.
+Copyright (C) 2010 Free Software Foundation, Inc.
This config.lt script is free software; the Free Software Foundation
gives unlimited permision to copy, distribute and modify it."
# appending to config.log, which fails on DOS, as config.log is still kept
# open by configure. Here we exec the FD to /dev/null, effectively closing
# config.log, so it can be properly (re)opened and appended to by config.lt.
-if test "$no_create" != yes; then
- lt_cl_success=:
- test "$silent" = yes &&
- lt_config_lt_args="$lt_config_lt_args --quiet"
- exec AS_MESSAGE_LOG_FD>/dev/null
- $SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false
- exec AS_MESSAGE_LOG_FD>>config.log
- $lt_cl_success || AS_EXIT(1)
-fi
+lt_cl_success=:
+test "$silent" = yes &&
+ lt_config_lt_args="$lt_config_lt_args --quiet"
+exec AS_MESSAGE_LOG_FD>/dev/null
+$SHELL "$CONFIG_LT" $lt_config_lt_args || lt_cl_success=false
+exec AS_MESSAGE_LOG_FD>>config.log
+$lt_cl_success || AS_EXIT(1)
])# LT_OUTPUT
AU_DEFUN([AC_LIBTOOL_F77], [LT_LANG(Fortran 77)])
AU_DEFUN([AC_LIBTOOL_FC], [LT_LANG(Fortran)])
AU_DEFUN([AC_LIBTOOL_GCJ], [LT_LANG(Java)])
+AU_DEFUN([AC_LIBTOOL_RC], [LT_LANG(Windows Resource)])
dnl aclocal-1.4 backwards compatibility:
dnl AC_DEFUN([AC_LIBTOOL_CXX], [])
dnl AC_DEFUN([AC_LIBTOOL_F77], [])
dnl AC_DEFUN([AC_LIBTOOL_FC], [])
dnl AC_DEFUN([AC_LIBTOOL_GCJ], [])
+dnl AC_DEFUN([AC_LIBTOOL_RC], [])
# _LT_TAG_COMPILER
[lt_cv_ld_exported_symbols_list=no])
LDFLAGS="$save_LDFLAGS"
])
+ AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load],
+ [lt_cv_ld_force_load=no
+ cat > conftest.c << _LT_EOF
+int forced_loaded() { return 2;}
+_LT_EOF
+ echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&AS_MESSAGE_LOG_FD
+ $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&AS_MESSAGE_LOG_FD
+ echo "$AR cru libconftest.a conftest.o" >&AS_MESSAGE_LOG_FD
+ $AR cru libconftest.a conftest.o 2>&AS_MESSAGE_LOG_FD
+ echo "$RANLIB libconftest.a" >&AS_MESSAGE_LOG_FD
+ $RANLIB libconftest.a 2>&AS_MESSAGE_LOG_FD
+ cat > conftest.c << _LT_EOF
+int main() { return 0;}
+_LT_EOF
+ echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD
+ $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err
+ _lt_result=$?
+ if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then
+ lt_cv_ld_force_load=yes
+ else
+ cat conftest.err >&AS_MESSAGE_LOG_FD
+ fi
+ rm -f conftest.err libconftest.a conftest conftest.c
+ rm -rf conftest.dSYM
+ ])
case $host_os in
rhapsody* | darwin1.[[012]])
_lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;;
else
_lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}'
fi
- if test "$DSYMUTIL" != ":"; then
+ if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then
_lt_dsymutil='~$DSYMUTIL $lib || :'
else
_lt_dsymutil=
_LT_TAGVAR(hardcode_direct, $1)=no
_LT_TAGVAR(hardcode_automatic, $1)=yes
_LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported
- _LT_TAGVAR(whole_archive_flag_spec, $1)=''
+ if test "$lt_cv_ld_force_load" = "yes"; then
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`'
+ else
+ _LT_TAGVAR(whole_archive_flag_spec, $1)=''
+ fi
_LT_TAGVAR(link_all_deplibs, $1)=yes
_LT_TAGVAR(allow_undefined_flag, $1)="$_lt_dar_allow_undefined"
case $cc_basename in
*) _lt_dar_can_shared=$GCC ;;
esac
if test "$_lt_dar_can_shared" = "yes"; then
- output_verbose_link_cmd=echo
+ output_verbose_link_cmd=func_echo_all
_LT_TAGVAR(archive_cmds, $1)="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod${_lt_dsymutil}"
_LT_TAGVAR(module_cmds, $1)="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags${_lt_dsymutil}"
_LT_TAGVAR(archive_expsym_cmds, $1)="sed 's,^,_,' < \$export_symbols > \$output_objdir/\${libname}-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring ${_lt_dar_single_mod}${_lt_dar_export_syms}${_lt_dsymutil}"
# _LT_SHELL_INIT(ARG)
# -------------------
m4_define([_LT_SHELL_INIT],
-[ifdef([AC_DIVERSION_NOTICE],
- [AC_DIVERT_PUSH(AC_DIVERSION_NOTICE)],
- [AC_DIVERT_PUSH(NOTICE)])
-$1
-AC_DIVERT_POP
-])# _LT_SHELL_INIT
+[m4_divert_text([M4SH-INIT], [$1
+])])# _LT_SHELL_INIT
+
# _LT_PROG_ECHO_BACKSLASH
# -----------------------
-# Add some code to the start of the generated configure script which
-# will find an echo command which doesn't interpret backslashes.
+# Find how we can fake an echo command that does not interpret backslash.
+# In particular, with Autoconf 2.60 or later we add some code to the start
+# of the generated configure script which will find a shell with a builtin
+# printf (which we can use as an echo command).
m4_defun([_LT_PROG_ECHO_BACKSLASH],
-[_LT_SHELL_INIT([
-# Check that we are running under the correct shell.
-SHELL=${CONFIG_SHELL-/bin/sh}
-
-case X$lt_ECHO in
-X*--fallback-echo)
- # Remove one level of quotation (which was required for Make).
- ECHO=`echo "$lt_ECHO" | sed 's,\\\\\[$]\\[$]0,'[$]0','`
- ;;
-esac
-
-ECHO=${lt_ECHO-echo}
-if test "X[$]1" = X--no-reexec; then
- # Discard the --no-reexec flag, and continue.
- shift
-elif test "X[$]1" = X--fallback-echo; then
- # Avoid inline document here, it may be left over
- :
-elif test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' ; then
- # Yippee, $ECHO works!
- :
+[ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+
+AC_MSG_CHECKING([how to print strings])
+# Test print first, because it will be a builtin if present.
+if test "X`print -r -- -n 2>/dev/null`" = X-n && \
+ test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then
+ ECHO='print -r --'
+elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then
+ ECHO='printf %s\n'
else
- # Restart under the correct shell.
- exec $SHELL "[$]0" --no-reexec ${1+"[$]@"}
-fi
-
-if test "X[$]1" = X--fallback-echo; then
- # used as fallback echo
- shift
- cat <<_LT_EOF
-[$]*
-_LT_EOF
- exit 0
+ # Use this function as a fallback that always works.
+ func_fallback_echo ()
+ {
+ eval 'cat <<_LTECHO_EOF
+$[]1
+_LTECHO_EOF'
+ }
+ ECHO='func_fallback_echo'
fi
-# The HP-UX ksh and POSIX shell print the target directory to stdout
-# if CDPATH is set.
-(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-
-if test -z "$lt_ECHO"; then
- if test "X${echo_test_string+set}" != Xset; then
- # find a string as large as possible, as long as the shell can cope with it
- for cmd in 'sed 50q "[$]0"' 'sed 20q "[$]0"' 'sed 10q "[$]0"' 'sed 2q "[$]0"' 'echo test'; do
- # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ...
- if { echo_test_string=`eval $cmd`; } 2>/dev/null &&
- { test "X$echo_test_string" = "X$echo_test_string"; } 2>/dev/null
- then
- break
- fi
- done
- fi
-
- if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
- echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- :
- else
- # The Solaris, AIX, and Digital Unix default echo programs unquote
- # backslashes. This makes it impossible to quote backslashes using
- # echo "$something" | sed 's/\\/\\\\/g'
- #
- # So, first we look for a working echo in the user's PATH.
-
- lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR
- for dir in $PATH /usr/ucb; do
- IFS="$lt_save_ifs"
- if (test -f $dir/echo || test -f $dir/echo$ac_exeext) &&
- test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' &&
- echo_testing_string=`($dir/echo "$echo_test_string") 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- ECHO="$dir/echo"
- break
- fi
- done
- IFS="$lt_save_ifs"
-
- if test "X$ECHO" = Xecho; then
- # We didn't find a better echo, so look for alternatives.
- if test "X`{ print -r '\t'; } 2>/dev/null`" = 'X\t' &&
- echo_testing_string=`{ print -r "$echo_test_string"; } 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- # This shell has a builtin print -r that does the trick.
- ECHO='print -r'
- elif { test -f /bin/ksh || test -f /bin/ksh$ac_exeext; } &&
- test "X$CONFIG_SHELL" != X/bin/ksh; then
- # If we have ksh, try running configure again with it.
- ORIGINAL_CONFIG_SHELL=${CONFIG_SHELL-/bin/sh}
- export ORIGINAL_CONFIG_SHELL
- CONFIG_SHELL=/bin/ksh
- export CONFIG_SHELL
- exec $CONFIG_SHELL "[$]0" --no-reexec ${1+"[$]@"}
- else
- # Try using printf.
- ECHO='printf %s\n'
- if test "X`{ $ECHO '\t'; } 2>/dev/null`" = 'X\t' &&
- echo_testing_string=`{ $ECHO "$echo_test_string"; } 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- # Cool, printf works
- :
- elif echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
- test "X$echo_testing_string" = 'X\t' &&
- echo_testing_string=`($ORIGINAL_CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- CONFIG_SHELL=$ORIGINAL_CONFIG_SHELL
- export CONFIG_SHELL
- SHELL="$CONFIG_SHELL"
- export SHELL
- ECHO="$CONFIG_SHELL [$]0 --fallback-echo"
- elif echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo '\t') 2>/dev/null` &&
- test "X$echo_testing_string" = 'X\t' &&
- echo_testing_string=`($CONFIG_SHELL "[$]0" --fallback-echo "$echo_test_string") 2>/dev/null` &&
- test "X$echo_testing_string" = "X$echo_test_string"; then
- ECHO="$CONFIG_SHELL [$]0 --fallback-echo"
- else
- # maybe with a smaller string...
- prev=:
-
- for cmd in 'echo test' 'sed 2q "[$]0"' 'sed 10q "[$]0"' 'sed 20q "[$]0"' 'sed 50q "[$]0"'; do
- if { test "X$echo_test_string" = "X`eval $cmd`"; } 2>/dev/null
- then
- break
- fi
- prev="$cmd"
- done
+# func_echo_all arg...
+# Invoke $ECHO with all args, space-separated.
+func_echo_all ()
+{
+ $ECHO "$*"
+}
- if test "$prev" != 'sed 50q "[$]0"'; then
- echo_test_string=`eval $prev`
- export echo_test_string
- exec ${ORIGINAL_CONFIG_SHELL-${CONFIG_SHELL-/bin/sh}} "[$]0" ${1+"[$]@"}
- else
- # Oops. We lost completely, so just stick with echo.
- ECHO=echo
- fi
- fi
- fi
- fi
- fi
-fi
+case "$ECHO" in
+ printf*) AC_MSG_RESULT([printf]) ;;
+ print*) AC_MSG_RESULT([print -r]) ;;
+ *) AC_MSG_RESULT([cat]) ;;
+esac
-# Copy echo and quote the copy suitably for passing to libtool from
-# the Makefile, instead of quoting the original, which is used later.
-lt_ECHO=$ECHO
-if test "X$lt_ECHO" = "X$CONFIG_SHELL [$]0 --fallback-echo"; then
- lt_ECHO="$CONFIG_SHELL \\\$\[$]0 --fallback-echo"
-fi
+m4_ifdef([_AS_DETECT_SUGGESTED],
+[_AS_DETECT_SUGGESTED([
+ test -n "${ZSH_VERSION+set}${BASH_VERSION+set}" || (
+ ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+ ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO
+ ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO
+ PATH=/empty FPATH=/empty; export PATH FPATH
+ test "X`printf %s $ECHO`" = "X$ECHO" \
+ || test "X`print -r -- $ECHO`" = "X$ECHO" )])])
-AC_SUBST(lt_ECHO)
-])
_LT_DECL([], [SHELL], [1], [Shell to use when invoking shell scripts])
-_LT_DECL([], [ECHO], [1],
- [An echo program that does not interpret backslashes])
+_LT_DECL([], [ECHO], [1], [An echo program that protects backslashes])
])# _LT_PROG_ECHO_BACKSLASH
;;
*-*-irix6*)
# Find out which ABI we are using.
- echo '[#]line __oline__ "configure"' > conftest.$ac_ext
+ echo '[#]line '$LINENO' "configure"' > conftest.$ac_ext
if AC_TRY_EVAL(ac_compile); then
if test "$lt_cv_prog_gnu_ld" = yes; then
case `/usr/bin/file conftest.$ac_objext` in
esac
old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib"
fi
+
+case $host_os in
+ darwin*)
+ lock_old_archive_extraction=yes ;;
+ *)
+ lock_old_archive_extraction=no ;;
+esac
_LT_DECL([], [old_postinstall_cmds], [2])
_LT_DECL([], [old_postuninstall_cmds], [2])
_LT_TAGDECL([], [old_archive_cmds], [2],
[Commands used to build an old-style archive])
+_LT_DECL([], [lock_old_archive_extraction], [0],
+ [Whether to use a lock for old archive extraction])
])# _LT_CMD_OLD_ARCHIVE
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&AS_MESSAGE_LOG_FD
- echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+ echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
- $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' >conftest.exp
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' >conftest.exp
$SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
if test ! -s conftest.er2 || diff conftest.exp conftest.er2 >/dev/null; then
$2=yes
if test -s conftest.err; then
# Append any errors to the config.log.
cat conftest.err 1>&AS_MESSAGE_LOG_FD
- $ECHO "X$_lt_linker_boilerplate" | $Xsed -e '/^$/d' > conftest.exp
+ $ECHO "$_lt_linker_boilerplate" | $SED '/^$/d' > conftest.exp
$SED '/^$/d; /^ *+/d' conftest.err >conftest.er2
if diff conftest.exp conftest.er2 >/dev/null; then
$2=yes
lt_cv_sys_max_cmd_len=8192;
;;
+ mint*)
+ # On MiNT this can take a long time and run out of memory.
+ lt_cv_sys_max_cmd_len=8192;
+ ;;
+
amigaos*)
# On AmigaOS with pdksh, this test takes hours, literally.
# So we just punt and use a minimum line length of 8192.
# If test is not a shell built-in, we'll probably end up computing a
# maximum length that is only half of the actual maximum length, but
# we can't tell.
- while { test "X"`$SHELL [$]0 --fallback-echo "X$teststring$teststring" 2>/dev/null` \
- = "XX$teststring$teststring"; } >/dev/null 2>&1 &&
+ while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \
+ = "X$teststring$teststring"; } >/dev/null 2>&1 &&
test $i != 17 # 1/2 MB should be enough
do
i=`expr $i + 1`
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-[#line __oline__ "configure"
+[#line $LINENO "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
# endif
#endif
-void fnord() { int i=42;}
+/* When -fvisbility=hidden is used, assume the code has been annotated
+ correspondingly for the symbols needed. */
+#if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3))
+void fnord () __attribute__((visibility("default")));
+#endif
+
+void fnord () { int i=42; }
int main ()
{
void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW);
if (self)
{
if (dlsym (self,"fnord")) status = $lt_dlno_uscore;
- else if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ else
+ {
+ if (dlsym( self,"_fnord")) status = $lt_dlneed_uscore;
+ else puts (dlerror ());
+ }
/* dlclose (self); */
}
else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [[^ ]]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:__oline__: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval echo "\"\$as_me:$LINENO: $lt_compile\"" >&AS_MESSAGE_LOG_FD)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&AS_MESSAGE_LOG_FD
- echo "$as_me:__oline__: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
+ echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings
- $ECHO "X$_lt_compiler_boilerplate" | $Xsed -e '/^$/d' > out/conftest.exp
+ $ECHO "$_lt_compiler_boilerplate" | $SED '/^$/d' > out/conftest.exp
$SED '/^$/d; /^ *+/d' out/conftest.err >out/conftest.er2
if test ! -s out/conftest.er2 || diff out/conftest.exp out/conftest.er2 >/dev/null; then
_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)=yes
m4_require([_LT_FILEUTILS_DEFAULTS])dnl
m4_require([_LT_DECL_OBJDUMP])dnl
m4_require([_LT_DECL_SED])dnl
+m4_require([_LT_CHECK_SHELL_FEATURES])dnl
AC_MSG_CHECKING([dynamic linker characteristics])
m4_if([$1],
[], [
darwin*) lt_awk_arg="/^libraries:/,/LR/" ;;
*) lt_awk_arg="/^libraries:/" ;;
esac
- lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e "s,=/,/,g"`
- if $ECHO "$lt_search_path_spec" | $GREP ';' >/dev/null ; then
+ case $host_os in
+ mingw* | cegcc*) lt_sed_strip_eq="s,=\([[A-Za-z]]:\),\1,g" ;;
+ *) lt_sed_strip_eq="s,=/,/,g" ;;
+ esac
+ lt_search_path_spec=`$CC -print-search-dirs | awk $lt_awk_arg | $SED -e "s/^libraries://" -e $lt_sed_strip_eq`
+ case $lt_search_path_spec in
+ *\;*)
# if the path contains ";" then we assume it to be the separator
# otherwise default to the standard path separator (i.e. ":") - it is
# assumed that no part of a normal pathname contains ";" but that should
# okay in the real world where ";" in dirpaths is itself problematic.
- lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED -e 's/;/ /g'`
- else
- lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
- fi
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED 's/;/ /g'`
+ ;;
+ *)
+ lt_search_path_spec=`$ECHO "$lt_search_path_spec" | $SED "s/$PATH_SEPARATOR/ /g"`
+ ;;
+ esac
# Ok, now we have the path, separated by spaces, we can step through it
# and add multilib dir if necessary.
lt_tmp_lt_search_path_spec=
lt_tmp_lt_search_path_spec="$lt_tmp_lt_search_path_spec $lt_sys_path"
fi
done
- lt_search_path_spec=`$ECHO $lt_tmp_lt_search_path_spec | awk '
+ lt_search_path_spec=`$ECHO "$lt_tmp_lt_search_path_spec" | awk '
BEGIN {RS=" "; FS="/|\n";} {
lt_foo="";
lt_count=0;
if (lt_foo != "") { lt_freq[[lt_foo]]++; }
if (lt_freq[[lt_foo]] == 1) { print lt_foo; }
}'`
- sys_lib_search_path_spec=`$ECHO $lt_search_path_spec`
+ # AWK program above erroneously prepends '/' to C:/dos/paths
+ # for these hosts.
+ case $host_os in
+ mingw* | cegcc*) lt_search_path_spec=`$ECHO "$lt_search_path_spec" |\
+ $SED 's,/\([[A-Za-z]]:\),\1,g'` ;;
+ esac
+ sys_lib_search_path_spec=`$ECHO "$lt_search_path_spec" | $lt_NL2SP`
else
sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
fi])
m68k)
library_names_spec='$libname.ixlibrary $libname.a'
# Create ${libname}_ixlibrary.a entries in /sys/libs.
- finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$ECHO "X$lib" | $Xsed -e '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
+ finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`func_echo_all "$lib" | $SED '\''s%^.*/\([[^/]]*\)\.ixlibrary$%\1%'\''`; test $RM /sys/libs/${libname}_ixlibrary.a; $show "cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a"; cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a || exit 1; done'
;;
esac
;;
cygwin*)
# Cygwin DLLs use 'cyg' prefix rather than 'lib'
soname_spec='`echo ${libname} | sed -e 's/^lib/cyg/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
- sys_lib_search_path_spec="/usr/lib /lib/w32api /lib /usr/local/lib"
+m4_if([$1], [],[
+ sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api"])
;;
mingw* | cegcc*)
# MinGW DLLs use traditional 'lib' prefix
soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}'
- sys_lib_search_path_spec=`$CC -print-search-dirs | $GREP "^libraries:" | $SED -e "s/^libraries://" -e "s,=/,/,g"`
- if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then
- # It is most probably a Windows format PATH printed by
- # mingw gcc, but we are running on Cygwin. Gcc prints its search
- # path with ; separators, and with drive letters. We can handle the
- # drive letters (cygwin fileutils understands them), so leave them,
- # especially as we might pass files found there to a mingw objdump,
- # which wouldn't understand a cygwinified path. Ahh.
- sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'`
- else
- sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"`
- fi
;;
pw32*)
# pw32 DLLs use 'pw' prefix rather than 'lib'
hardcode_into_libs=yes
;;
+haiku*)
+ version_type=linux
+ need_lib_prefix=no
+ need_version=no
+ dynamic_linker="$host_os runtime_loader"
+ library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}'
+ soname_spec='${libname}${release}${shared_ext}$major'
+ shlibpath_var=LIBRARY_PATH
+ shlibpath_overrides_runpath=yes
+ sys_lib_dlsearch_path_spec='/boot/home/config/lib /boot/common/lib /boot/system/lib'
+ hardcode_into_libs=yes
+ ;;
+
hpux9* | hpux10* | hpux11*)
# Give a soname corresponding to the major version so that dld.sl refuses to
# link against other versions.
soname_spec='${libname}${release}${shared_ext}$major'
;;
esac
- # HP-UX runs *really* slowly unless shared libraries are mode 555.
+ # HP-UX runs *really* slowly unless shared libraries are mode 555, ...
postinstall_cmds='chmod 555 $lib'
+ # or fails outright, so override atomically:
+ install_override_mode=555
;;
interix[[3-9]]*)
finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
shlibpath_var=LD_LIBRARY_PATH
shlibpath_overrides_runpath=no
+
# Some binutils ld are patched to set DT_RUNPATH
- save_LDFLAGS=$LDFLAGS
- save_libdir=$libdir
- eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \
- LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\""
- AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
- [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null],
- [shlibpath_overrides_runpath=yes])])
- LDFLAGS=$save_LDFLAGS
- libdir=$save_libdir
+ AC_CACHE_VAL([lt_cv_shlibpath_overrides_runpath],
+ [lt_cv_shlibpath_overrides_runpath=no
+ save_LDFLAGS=$LDFLAGS
+ save_libdir=$libdir
+ eval "libdir=/foo; wl=\"$_LT_TAGVAR(lt_prog_compiler_wl, $1)\"; \
+ LDFLAGS=\"\$LDFLAGS $_LT_TAGVAR(hardcode_libdir_flag_spec, $1)\""
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],
+ [AS_IF([ ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null],
+ [lt_cv_shlibpath_overrides_runpath=yes])])
+ LDFLAGS=$save_LDFLAGS
+ libdir=$save_libdir
+ ])
+ shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath
# This implies no fast_install, which is unacceptable.
# Some rework will be needed to allow for fast_install
# Append ld.so.conf contents to the search path
if test -f /etc/ld.so.conf; then
- lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;/^$/d' | tr '\n' ' '`
+ lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \[$]2)); skip = 1; } { if (!skip) print \[$]0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
fi
dynamic_linker='GNU/Linux ld.so'
;;
-netbsdelf*-gnu)
- version_type=linux
- need_lib_prefix=no
- need_version=no
- library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}'
- soname_spec='${libname}${release}${shared_ext}$major'
- shlibpath_var=LD_LIBRARY_PATH
- shlibpath_overrides_runpath=no
- hardcode_into_libs=yes
- dynamic_linker='NetBSD ld.elf_so'
- ;;
-
netbsd*)
version_type=sunos
need_lib_prefix=no
The last name is the one that the linker finds with -lNAME]])
_LT_DECL([], [soname_spec], [1],
[[The coded name of the library, if different from the real name]])
+_LT_DECL([], [install_override_mode], [1],
+ [Permission mode override for installation of shared libraries])
_LT_DECL([], [postinstall_cmds], [2],
[Command to use after installation of a shared archive])
_LT_DECL([], [postuninstall_cmds], [2],
AC_REQUIRE([AC_CANONICAL_BUILD])dnl
m4_require([_LT_DECL_SED])dnl
m4_require([_LT_DECL_EGREP])dnl
+m4_require([_LT_PROG_ECHO_BACKSLASH])dnl
AC_ARG_WITH([gnu-ld],
[AS_HELP_STRING([--with-gnu-ld],
fi
;;
esac
-_LT_DECL([], [reload_flag], [1], [How to create reloadable object files])dnl
-_LT_DECL([], [reload_cmds], [2])dnl
+_LT_TAGDECL([], [reload_flag], [1], [How to create reloadable object files])dnl
+_LT_TAGDECL([], [reload_cmds], [2])dnl
])# _LT_CMD_RELOAD
# Base MSYS/MinGW do not provide the 'file' command needed by
# func_win32_libid shell function, so use a weaker test based on 'objdump',
# unless we find 'file', for example because we are cross-compiling.
- if ( file / ) >/dev/null 2>&1; then
+ # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin.
+ if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then
lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL'
lt_cv_file_magic_cmd='func_win32_libid'
else
- lt_cv_deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?'
+ # Keep this pattern in sync with the one in func_win32_libid.
+ lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)'
lt_cv_file_magic_cmd='$OBJDUMP -f'
fi
;;
-cegcc)
+cegcc*)
# use the weaker test based on 'objdump'. See mingw*.
lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?'
lt_cv_file_magic_cmd='$OBJDUMP -f'
lt_cv_deplibs_check_method=pass_all
;;
+haiku*)
+ lt_cv_deplibs_check_method=pass_all
+ ;;
+
hpux10.20* | hpux11*)
lt_cv_file_magic_cmd=/usr/bin/file
case $host_cpu in
lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so
;;
hppa*64*)
- [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - PA-RISC [0-9].[0-9]']
+ [lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]']
lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl
;;
*)
- lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]].[[0-9]]) shared library'
+ lt_cv_deplibs_check_method='file_magic (s[[0-9]][[0-9]][[0-9]]|PA-RISC[[0-9]]\.[[0-9]]) shared library'
lt_cv_file_magic_test_file=/usr/lib/libc.sl
;;
esac
lt_cv_deplibs_check_method=pass_all
;;
-netbsd* | netbsdelf*-gnu)
+netbsd*)
if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then
lt_cv_deplibs_check_method='match_pattern /lib[[^/]]+(\.so\.[[0-9]]+\.[[0-9]]+|_pic\.a)$'
else
NM="$lt_cv_path_NM"
else
# Didn't find any BSD compatible name lister, look for dumpbin.
- AC_CHECK_TOOLS(DUMPBIN, ["dumpbin -symbols" "link -dump -symbols"], :)
+ if test -n "$DUMPBIN"; then :
+ # Let the user override the test.
+ else
+ AC_CHECK_TOOLS(DUMPBIN, [dumpbin "link -dump"], :)
+ case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in
+ *COFF*)
+ DUMPBIN="$DUMPBIN -symbols"
+ ;;
+ *)
+ DUMPBIN=:
+ ;;
+ esac
+ fi
AC_SUBST([DUMPBIN])
if test "$DUMPBIN" != ":"; then
NM="$DUMPBIN"
AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface],
[lt_cv_nm_interface="BSD nm"
echo "int some_variable = 0;" > conftest.$ac_ext
- (eval echo "\"\$as_me:__oline__: $ac_compile\"" >&AS_MESSAGE_LOG_FD)
+ (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&AS_MESSAGE_LOG_FD)
(eval "$ac_compile" 2>conftest.err)
cat conftest.err >&AS_MESSAGE_LOG_FD
- (eval echo "\"\$as_me:__oline__: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD)
+ (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&AS_MESSAGE_LOG_FD)
(eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
cat conftest.err >&AS_MESSAGE_LOG_FD
- (eval echo "\"\$as_me:__oline__: output\"" >&AS_MESSAGE_LOG_FD)
+ (eval echo "\"\$as_me:$LINENO: output\"" >&AS_MESSAGE_LOG_FD)
cat conftest.out >&AS_MESSAGE_LOG_FD
if $GREP 'External.*some_variable' conftest.out > /dev/null; then
lt_cv_nm_interface="MS dumpbin"
[AC_REQUIRE([AC_CANONICAL_HOST])dnl
LIBM=
case $host in
-*-*-beos* | *-*-cygwin* | *-*-pw32* | *-*-darwin*)
+*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*)
# These system don't have libm, or don't need it
;;
*-ncr-sysv4.3*)
_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=
if test "$GCC" = yes; then
- _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin'
+ case $cc_basename in
+ nvcc*)
+ _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -Xcompiler -fno-builtin' ;;
+ *)
+ _LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)=' -fno-builtin' ;;
+ esac
_LT_COMPILER_OPTION([if $compiler supports -fno-rtti -fno-exceptions],
lt_cv_prog_compiler_rtti_exceptions,
m4_defun([_LT_CMD_GLOBAL_SYMBOLS],
[AC_REQUIRE([AC_CANONICAL_HOST])dnl
AC_REQUIRE([AC_PROG_CC])dnl
+AC_REQUIRE([AC_PROG_AWK])dnl
AC_REQUIRE([LT_PATH_NM])dnl
AC_REQUIRE([LT_PATH_LD])dnl
m4_require([_LT_DECL_SED])dnl
if AC_TRY_EVAL(ac_compile); then
# Now try to grab the symbols.
nlist=conftest.nm
- if AC_TRY_EVAL(NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) && test -s "$nlist"; then
+ if AC_TRY_EVAL(NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) && test -s "$nlist"; then
# Try sorting and uniquifying the output.
if sort "$nlist" | uniq > "$nlist"T; then
mv -f "$nlist"T "$nlist"
# DJGPP does not support shared libraries at all
_LT_TAGVAR(lt_prog_compiler_pic, $1)=
;;
+ haiku*)
+ # PIC is the default for Haiku.
+ # The "-static" flag exists, but is broken.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)=
+ ;;
interix[[3-9]]*)
# Interix 3.x gcc -fpic/-fPIC options generate broken code.
# Instead, we relocate shared libraries at runtime.
_LT_TAGVAR(lt_prog_compiler_pic, $1)=
_LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
;;
- xlc* | xlC*)
- # IBM XL 8.0 on PPC
+ xlc* | xlC* | bgxl[[cC]]* | mpixl[[cC]]*)
+ # IBM XL 8.0, 9.0 on PPC and BlueGene
_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
_LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
;;
esac
;;
- netbsd* | netbsdelf*-gnu)
+ netbsd*)
;;
*qnx* | *nto*)
# QNX uses GNU C++, but need to define -shared option too, otherwise
;;
solaris*)
case $cc_basename in
- CC*)
+ CC* | sunCC*)
# Sun C++ 4.2, 5.x and Centerline C++
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fno-common'
;;
+ haiku*)
+ # PIC is the default for Haiku.
+ # The "-static" flag exists, but is broken.
+ _LT_TAGVAR(lt_prog_compiler_static, $1)=
+ ;;
+
hpux*)
# PIC is the default for 64-bit PA HP-UX, but not for 32-bit
# PA HP-UX. On IA64 HP-UX, PIC is the default but the pic flag
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC'
;;
esac
+
+ case $cc_basename in
+ nvcc*) # Cuda Compiler Driver 2.2
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker '
+ _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Xcompiler -fPIC'
+ ;;
+ esac
else
# PORTME Check for flag to pass linker flags through the system compiler.
case $host_os in
_LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared'
_LT_TAGVAR(lt_prog_compiler_static, $1)='--static'
;;
- pgcc* | pgf77* | pgf90* | pgf95*)
+ pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*)
# Portland Group compilers (*not* the Pentium gcc compiler,
# which looks to be a dead project)
_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
# All Alpha code is PIC.
_LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared'
;;
- xl*)
- # IBM XL C 8.0/Fortran 10.1 on PPC
+ xl* | bgxl* | bgf* | mpixl*)
+ # IBM XL C 8.0/Fortran 10.1, 11.1 on PPC and BlueGene
_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-qpic'
_LT_TAGVAR(lt_prog_compiler_static, $1)='-qstaticlink'
;;
*)
case `$CC -V 2>&1 | sed 5q` in
- *Sun\ C*)
- # Sun C 5.9
+ *Sun\ F* | *Sun*Fortran*)
+ # Sun Fortran 8.3 passes all unrecognized flags to the linker
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)=''
;;
- *Sun\ F*)
- # Sun Fortran 8.3 passes all unrecognized flags to the linker
+ *Sun\ C*)
+ # Sun C 5.9
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
- _LT_TAGVAR(lt_prog_compiler_wl, $1)=''
+ _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,'
;;
esac
;;
_LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC'
_LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic'
case $cc_basename in
- f77* | f90* | f95*)
+ f77* | f90* | f95* | sunf77* | sunf90* | sunf95*)
_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ';;
*)
_LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,';;
aix[[4-9]]*)
# If we're using GNU nm, then we don't want the "-C" option.
# -C means demangle to AIX nm, but means don't demangle with GNU nm
+ # Also, AIX nm treats weak defined symbols like other global defined
+ # symbols, whereas GNU nm marks them as "W".
if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
- _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
else
_LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
fi
cygwin* | mingw* | cegcc*)
_LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;/^.*[[ ]]__nm__/s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols'
;;
- linux* | k*bsd*-gnu)
- _LT_TAGVAR(link_all_deplibs, $1)=no
- ;;
*)
_LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols'
;;
openbsd*)
with_gnu_ld=no
;;
- linux* | k*bsd*-gnu)
- _LT_TAGVAR(link_all_deplibs, $1)=no
- ;;
esac
_LT_TAGVAR(ld_shlibs, $1)=yes
+
+ # On some targets, GNU ld is compatible enough with the native linker
+ # that we're better off using the native interface for both.
+ lt_use_gnu_ld_interface=no
if test "$with_gnu_ld" = yes; then
+ case $host_os in
+ aix*)
+ # The AIX port of GNU ld has always aspired to compatibility
+ # with the native linker. However, as the warning in the GNU ld
+ # block says, versions before 2.19.5* couldn't really create working
+ # shared libraries, regardless of the interface used.
+ case `$LD -v 2>&1` in
+ *\ \(GNU\ Binutils\)\ 2.19.5*) ;;
+ *\ \(GNU\ Binutils\)\ 2.[[2-9]]*) ;;
+ *\ \(GNU\ Binutils\)\ [[3-9]]*) ;;
+ *)
+ lt_use_gnu_ld_interface=yes
+ ;;
+ esac
+ ;;
+ *)
+ lt_use_gnu_ld_interface=yes
+ ;;
+ esac
+ fi
+
+ if test "$lt_use_gnu_ld_interface" = yes; then
# If archive_cmds runs LD, not CC, wlarc should be empty
wlarc='${wl}'
_LT_TAGVAR(ld_shlibs, $1)=no
cat <<_LT_EOF 1>&2
-*** Warning: the GNU linker, at least up to release 2.9.1, is reported
+*** Warning: the GNU linker, at least up to release 2.19, is reported
*** to be unable to reliably create shared libraries on AIX.
*** Therefore, libtool is disabling shared libraries support. If you
-*** really care for shared libraries, you may want to modify your PATH
-*** so that a non-GNU linker is found, and then restart.
+*** really care for shared libraries, you may want to install binutils
+*** 2.20 or above, or modify your PATH so that a non-GNU linker is found.
+*** You will then need to restart the configuration process.
_LT_EOF
fi
# _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
# as there is no search path for DLLs.
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols'
_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
_LT_TAGVAR(always_export_symbols, $1)=no
_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
fi
;;
+ haiku*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
interix[[3-9]]*)
_LT_TAGVAR(hardcode_direct, $1)=no
_LT_TAGVAR(hardcode_shlibpath_var, $1)=no
tmp_sharedflag='-shared'
case $cc_basename,$host_cpu in
pgcc*) # Portland Group C compiler
- _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
tmp_addflag=' $pic_flag'
;;
- pgf77* | pgf90* | pgf95*) # Portland Group f77 and f90 compilers
- _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ pgf77* | pgf90* | pgf95* | pgfortran*)
+ # Portland Group f77 and f90 compilers
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
tmp_addflag=' $pic_flag -Mnomain' ;;
ecc*,ia64* | icc*,ia64*) # Intel C compiler on ia64
tmp_addflag=' -i_dynamic' ;;
lf95*) # Lahey Fortran 8.1
_LT_TAGVAR(whole_archive_flag_spec, $1)=
tmp_sharedflag='--shared' ;;
- xl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below)
+ xl[[cC]]* | bgxl[[cC]]* | mpixl[[cC]]*) # IBM XL C 8.0 on PPC (deal with xlf below)
tmp_sharedflag='-qmkshrobj'
tmp_addflag= ;;
+ nvcc*) # Cuda Compiler Driver 2.2
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
+ _LT_TAGVAR(compiler_needs_object, $1)=yes
+ ;;
esac
case `$CC -V 2>&1 | sed 5q` in
*Sun\ C*) # Sun C 5.9
- _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
_LT_TAGVAR(compiler_needs_object, $1)=yes
tmp_sharedflag='-G' ;;
*Sun\ F*) # Sun Fortran 8.3
fi
case $cc_basename in
- xlf*)
+ xlf* | bgf* | bgxlf* | mpixlf*)
# IBM XL Fortran 10.1 on PPC cannot create shared libs itself
_LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)=
_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir'
- _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $compiler_flags -soname $soname -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib'
if test "x$supports_anon_versioning" = xyes; then
_LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~
cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~
echo "local: *; };" >> $output_objdir/$libname.ver~
- $LD -shared $libobjs $deplibs $compiler_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
+ $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib'
fi
;;
esac
fi
;;
- netbsd* | netbsdelf*-gnu)
+ netbsd*)
if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
_LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib'
wlarc=
else
# If we're using GNU nm, then we don't want the "-C" option.
# -C means demangle to AIX nm, but means don't demangle with GNU nm
+ # Also, AIX nm treats weak defined symbols like other global
+ # defined symbols, whereas GNU nm marks them as "W".
if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then
- _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
+ _LT_TAGVAR(export_symbols_cmds, $1)='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
else
_LT_TAGVAR(export_symbols_cmds, $1)='$NM -BCpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B")) && ([substr](\$ 3,1,1) != ".")) { print \$ 3 } }'\'' | sort -u > $export_symbols'
fi
if test "$aix_use_runtimelinking" = yes; then
shared_flag="$shared_flag "'${wl}-G'
fi
- _LT_TAGVAR(link_all_deplibs, $1)=no
else
# not using gcc
if test "$host_cpu" = ia64; then
# empty executable.
_LT_SYS_MODULE_PATH_AIX
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
- _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then $ECHO "X${wl}${allow_undefined_flag}" | $Xsed; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
else
if test "$host_cpu" = ia64; then
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
# -berok will link without error, but may produce a broken library.
_LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
- # Exported symbols can be pulled into shared objects from archives
- _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ if test "$with_gnu_ld" = yes; then
+ # We only use this code for GNU lds that support --whole-archive.
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+ else
+ # Exported symbols can be pulled into shared objects from archives
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ fi
_LT_TAGVAR(archive_cmds_need_lc, $1)=yes
# This is similar to how AIX traditionally builds its shared libraries.
_LT_TAGVAR(archive_expsym_cmds, $1)="\$CC $shared_flag"' -o $output_objdir/$soname $libobjs $deplibs ${wl}-bnoentry $compiler_flags ${wl}-bE:$export_symbols${allow_undefined_flag}~$AR $AR_FLAGS $output_objdir/$libname$release.a $output_objdir/$soname'
# Tell ltmain to make .dll files, not .so files.
shrext_cmds=".dll"
# FIXME: Setting linknames here is a bad hack.
- _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `$ECHO "X$deplibs" | $Xsed -e '\''s/ -lc$//'\''` -link -dll~linknames='
+ _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames='
# The linker will automatically build a .lib file if we build a DLL.
_LT_TAGVAR(old_archive_from_new_cmds, $1)='true'
# FIXME: Should let the user specify the lib program.
;;
hpux10*)
- if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ if test "$GCC" = yes && test "$with_gnu_ld" = no; then
_LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
else
_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'
;;
hpux11*)
- if test "$GCC" = yes -a "$with_gnu_ld" = no; then
+ if test "$GCC" = yes && test "$with_gnu_ld" = no; then
case $host_cpu in
hppa*64*)
_LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags'
_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags'
;;
*)
- _LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'
+ m4_if($1, [], [
+ # Older versions of the 11.00 compiler do not understand -b yet
+ # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does)
+ _LT_LINKER_OPTION([if $CC understands -b],
+ _LT_TAGVAR(lt_cv_prog_compiler__b, $1), [-b],
+ [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'],
+ [_LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags'])],
+ [_LT_TAGVAR(archive_cmds, $1)='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags'])
;;
esac
fi
irix5* | irix6* | nonstopux*)
if test "$GCC" = yes; then
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
# Try to use the -exported_symbol ld option, if it does not
# work, assume that -exports_file does not work either and
# implicitly export all symbols.
save_LDFLAGS="$LDFLAGS"
LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null"
AC_LINK_IFELSE(int foo(void) {},
- _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib'
)
LDFLAGS="$save_LDFLAGS"
else
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
- _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib'
fi
_LT_TAGVAR(archive_cmds_need_lc, $1)='no'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
_LT_TAGVAR(link_all_deplibs, $1)=yes
;;
- netbsd* | netbsdelf*-gnu)
+ netbsd*)
if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then
_LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out
else
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
_LT_TAGVAR(hardcode_minus_L, $1)=yes
_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
- _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~$ECHO DATA >> $output_objdir/$libname.def~$ECHO " SINGLE NONSHARED" >> $output_objdir/$libname.def~$ECHO EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
+ _LT_TAGVAR(archive_cmds, $1)='$ECHO "LIBRARY $libname INITINSTANCE" > $output_objdir/$libname.def~$ECHO "DESCRIPTION \"$libname\"" >> $output_objdir/$libname.def~echo DATA >> $output_objdir/$libname.def~echo " SINGLE NONSHARED" >> $output_objdir/$libname.def~echo EXPORTS >> $output_objdir/$libname.def~emxexp $libobjs >> $output_objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $compiler_flags $output_objdir/$libname.def'
_LT_TAGVAR(old_archive_from_new_cmds, $1)='emximp -o $output_objdir/$libname.a $output_objdir/$libname.def'
;;
osf3*)
if test "$GCC" = yes; then
_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
else
_LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
fi
_LT_TAGVAR(archive_cmds_need_lc, $1)='no'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
osf4* | osf5*) # as osf3* with the addition of -msym flag
if test "$GCC" = yes; then
_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
else
_LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
_LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done; printf "%s\\n" "-hidden">> $lib.exp~
- $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
+ $CC -shared${allow_undefined_flag} ${wl}-input ${wl}$lib.exp $compiler_flags $libobjs $deplibs -soname $soname `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~$RM $lib.exp'
# Both c and cxx compiler support -rpath directly
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
# Test whether the compiler implicitly links with -lc since on some
# systems, -lgcc has to come before -lc. If gcc already passes -lc
# to ld, don't add -lc before -lgcc.
- AC_MSG_CHECKING([whether -lc should be explicitly linked in])
- $RM conftest*
- echo "$lt_simple_compile_test_code" > conftest.$ac_ext
-
- if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
- soname=conftest
- lib=conftest
- libobjs=conftest.$ac_objext
- deplibs=
- wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1)
- pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1)
- compiler_flags=-v
- linker_flags=-v
- verstring=
- output_objdir=.
- libname=conftest
- lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1)
- _LT_TAGVAR(allow_undefined_flag, $1)=
- if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1)
- then
- _LT_TAGVAR(archive_cmds_need_lc, $1)=no
- else
- _LT_TAGVAR(archive_cmds_need_lc, $1)=yes
- fi
- _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
- else
- cat conftest.err 1>&5
- fi
- $RM conftest*
- AC_MSG_RESULT([$_LT_TAGVAR(archive_cmds_need_lc, $1)])
+ AC_CACHE_CHECK([whether -lc should be explicitly linked in],
+ [lt_cv_]_LT_TAGVAR(archive_cmds_need_lc, $1),
+ [$RM conftest*
+ echo "$lt_simple_compile_test_code" > conftest.$ac_ext
+
+ if AC_TRY_EVAL(ac_compile) 2>conftest.err; then
+ soname=conftest
+ lib=conftest
+ libobjs=conftest.$ac_objext
+ deplibs=
+ wl=$_LT_TAGVAR(lt_prog_compiler_wl, $1)
+ pic_flag=$_LT_TAGVAR(lt_prog_compiler_pic, $1)
+ compiler_flags=-v
+ linker_flags=-v
+ verstring=
+ output_objdir=.
+ libname=conftest
+ lt_save_allow_undefined_flag=$_LT_TAGVAR(allow_undefined_flag, $1)
+ _LT_TAGVAR(allow_undefined_flag, $1)=
+ if AC_TRY_EVAL(_LT_TAGVAR(archive_cmds, $1) 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1)
+ then
+ lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=no
+ else
+ lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)=yes
+ fi
+ _LT_TAGVAR(allow_undefined_flag, $1)=$lt_save_allow_undefined_flag
+ else
+ cat conftest.err 1>&5
+ fi
+ $RM conftest*
+ ])
+ _LT_TAGVAR(archive_cmds_need_lc, $1)=$lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1)
;;
esac
fi
])# _LT_LANG_C_CONFIG
-# _LT_PROG_CXX
-# ------------
-# Since AC_PROG_CXX is broken, in that it returns g++ if there is no c++
-# compiler, we have our own version here.
-m4_defun([_LT_PROG_CXX],
-[
-pushdef([AC_MSG_ERROR], [_lt_caught_CXX_error=yes])
-AC_PROG_CXX
-if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
- ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
- (test "X$CXX" != "Xg++"))) ; then
- AC_PROG_CXXCPP
-else
- _lt_caught_CXX_error=yes
-fi
-popdef([AC_MSG_ERROR])
-])# _LT_PROG_CXX
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([_LT_PROG_CXX], [])
-
-
# _LT_LANG_CXX_CONFIG([TAG])
# --------------------------
# Ensure that the configuration variables for a C++ compiler are suitably
# defined. These variables are subsequently used by _LT_CONFIG to write
# the compiler configuration to `libtool'.
m4_defun([_LT_LANG_CXX_CONFIG],
-[AC_REQUIRE([_LT_PROG_CXX])dnl
-m4_require([_LT_FILEUTILS_DEFAULTS])dnl
+[m4_require([_LT_FILEUTILS_DEFAULTS])dnl
m4_require([_LT_DECL_EGREP])dnl
+if test -n "$CXX" && ( test "X$CXX" != "Xno" &&
+ ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) ||
+ (test "X$CXX" != "Xg++"))) ; then
+ AC_PROG_CXXCPP
+else
+ _lt_caught_CXX_error=yes
+fi
AC_LANG_PUSH(C++)
_LT_TAGVAR(archive_cmds_need_lc, $1)=no
_LT_TAGVAR(module_expsym_cmds, $1)=
_LT_TAGVAR(link_all_deplibs, $1)=unknown
_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
_LT_TAGVAR(no_undefined_flag, $1)=
_LT_TAGVAR(whole_archive_flag_spec, $1)=
_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
# Commands to make compiler produce verbose output that lists
# what "hidden" libraries, object files and flags are used when
# linking a shared library.
- output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
else
GXX=no
_LT_SYS_MODULE_PATH_AIX
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath"
- _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then $ECHO "X${wl}${allow_undefined_flag}" | $Xsed; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
+ _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag"
else
if test "$host_cpu" = ia64; then
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $libdir:/usr/lib:/lib'
# -berok will link without error, but may produce a broken library.
_LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-bernotok'
_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-berok'
- # Exported symbols can be pulled into shared objects from archives
- _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ if test "$with_gnu_ld" = yes; then
+ # We only use this code for GNU lds that support --whole-archive.
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive$convenience ${wl}--no-whole-archive'
+ else
+ # Exported symbols can be pulled into shared objects from archives
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='$convenience'
+ fi
_LT_TAGVAR(archive_cmds_need_lc, $1)=yes
# This is similar to how AIX traditionally builds its shared
# libraries.
# _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless,
# as there is no search path for DLLs.
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir'
+ _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols'
_LT_TAGVAR(allow_undefined_flag, $1)=unsupported
_LT_TAGVAR(always_export_symbols, $1)=no
_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes
gnu*)
;;
+ haiku*)
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib'
+ _LT_TAGVAR(link_all_deplibs, $1)=yes
+ ;;
+
hpux9*)
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir'
_LT_TAGVAR(hardcode_libdir_separator, $1)=:
# explicitly linking system object files so we need to strip them
# from the output so that they don't get included in the library
# dependencies.
- output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
;;
*)
if test "$GXX" = yes; then
# explicitly linking system object files so we need to strip them
# from the output so that they don't get included in the library
# dependencies.
- output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+ output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
;;
*)
if test "$GXX" = yes; then
case $cc_basename in
CC*)
# SGI C++
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -all -multigot $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
# Archives containing C++ object files must be created using
# "CC -ar", where "CC" is the IRIX C++ compiler. This is
*)
if test "$GXX" = yes; then
if test "$with_gnu_ld" = no; then
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
else
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib'
fi
fi
_LT_TAGVAR(link_all_deplibs, $1)=yes
# explicitly linking system object files so we need to strip them
# from the output so that they don't get included in the library
# dependencies.
- output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+ output_verbose_link_cmd='templist=`$CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1 | $GREP "ld"`; rm -f libconftest$shared_ext; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath,$libdir'
_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
pgCC* | pgcpp*)
# Portland Group C++ compiler
case `$CC -V` in
- *pgCC\ [[1-5]]* | *pgcpp\ [[1-5]]*)
+ *pgCC\ [[1-5]].* | *pgcpp\ [[1-5]].*)
_LT_TAGVAR(prelink_cmds, $1)='tpldir=Template.dir~
rm -rf $tpldir~
$CC --prelink_objects --instantiation_dir $tpldir $objs $libobjs $compile_deplibs~
- compile_command="$compile_command `find $tpldir -name \*.o | $NL2SP`"'
+ compile_command="$compile_command `find $tpldir -name \*.o | sort | $NL2SP`"'
_LT_TAGVAR(old_archive_cmds, $1)='tpldir=Template.dir~
rm -rf $tpldir~
$CC --prelink_objects --instantiation_dir $tpldir $oldobjs$old_deplibs~
- $AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | $NL2SP`~
+ $AR $AR_FLAGS $oldlib$oldobjs$old_deplibs `find $tpldir -name \*.o | sort | $NL2SP`~
$RANLIB $oldlib'
_LT_TAGVAR(archive_cmds, $1)='tpldir=Template.dir~
rm -rf $tpldir~
$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
- $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
+ $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
_LT_TAGVAR(archive_expsym_cmds, $1)='tpldir=Template.dir~
rm -rf $tpldir~
$CC --prelink_objects --instantiation_dir $tpldir $predep_objects $libobjs $deplibs $convenience $postdep_objects~
- $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
+ $CC -shared $pic_flag $predep_objects $libobjs $deplibs `find $tpldir -name \*.o | sort | $NL2SP` $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
;;
- *) # Version 6 will use weak symbols
+ *) # Version 6 and above use weak symbols
_LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname -o $lib'
_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname ${wl}-retain-symbols-file ${wl}$export_symbols -o $lib'
;;
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}--rpath ${wl}$libdir'
_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
- _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
;;
cxx*)
# Compaq C++
# explicitly linking system object files so we need to strip them
# from the output so that they don't get included in the library
# dependencies.
- output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`$ECHO "X$templist" | $Xsed -e "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld .*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "X$list" | $Xsed'
;;
- xl*)
+ xl* | mpixl* | bgxl*)
# IBM XL 8.0 on PPC, with GNU ld
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic'
_LT_TAGVAR(archive_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags'
_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G${allow_undefined_flag} -h$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-retain-symbols-file ${wl}$export_symbols'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir'
- _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; $ECHO \"$new_convenience\"` ${wl}--no-whole-archive'
+ _LT_TAGVAR(whole_archive_flag_spec, $1)='${wl}--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` ${wl}--no-whole-archive'
_LT_TAGVAR(compiler_needs_object, $1)=yes
# Not sure whether something based on
# $CC $CFLAGS -v conftest.$objext -o libconftest$shared_ext 2>&1
# would be better.
- output_verbose_link_cmd='echo'
+ output_verbose_link_cmd='func_echo_all'
# Archives containing C++ object files must be created using
# "CC -xar", where "CC" is the Sun C++ compiler. This is
_LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}-E'
_LT_TAGVAR(whole_archive_flag_spec, $1)="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
fi
- output_verbose_link_cmd=echo
+ output_verbose_link_cmd=func_echo_all
else
_LT_TAGVAR(ld_shlibs, $1)=no
fi
case $host in
osf3*)
_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && $ECHO "X${wl}-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $soname `test -n "$verstring" && func_echo_all "${wl}-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir'
;;
*)
_LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*'
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib'
_LT_TAGVAR(archive_expsym_cmds, $1)='for i in `cat $export_symbols`; do printf "%s %s\\n" -exported_symbol "\$i" >> $lib.exp; done~
echo "-hidden">> $lib.exp~
- $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp `test -n "$verstring" && $ECHO "X-set_version $verstring" | $Xsed` -update_registry ${output_objdir}/so_locations -o $lib~
+ $CC -shared$allow_undefined_flag $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -msym -soname $soname ${wl}-input ${wl}$lib.exp `test -n "$verstring" && $ECHO "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib~
$RM $lib.exp'
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-rpath $libdir'
;;
# explicitly linking system object files so we need to strip them
# from the output so that they don't get included in the library
# dependencies.
- output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`$ECHO "X$templist" | $Xsed -e "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; $ECHO "X$list" | $Xsed'
+ output_verbose_link_cmd='templist=`$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "ld" | $GREP -v "ld:"`; templist=`func_echo_all "$templist" | $SED "s/\(^.*ld.*\)\( .*ld.*$\)/\1/"`; list=""; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"'
;;
*)
if test "$GXX" = yes && test "$with_gnu_ld" = no; then
_LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*'
case $host in
osf3*)
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "X${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
;;
*)
- _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && $ECHO "${wl}-set_version ${wl}$verstring" | $Xsed` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
+ _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib'
;;
esac
# Commands to make compiler produce verbose output that lists
# what "hidden" libraries, object files and flags are used when
# linking a shared library.
- output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
else
# FIXME: insert proper C++ library support
solaris*)
case $cc_basename in
- CC*)
+ CC* | sunCC*)
# Sun C++ 4.2, 5.x and Centerline C++
_LT_TAGVAR(archive_cmds_need_lc,$1)=yes
_LT_TAGVAR(no_undefined_flag, $1)=' -zdefs'
esac
_LT_TAGVAR(link_all_deplibs, $1)=yes
- output_verbose_link_cmd='echo'
+ output_verbose_link_cmd='func_echo_all'
# Archives containing C++ object files must be created using
# "CC -xar", where "CC" is the Sun C++ compiler. This is
# Commands to make compiler produce verbose output that lists
# what "hidden" libraries, object files and flags are used when
# linking a shared library.
- output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+ output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
else
# g++ 2.7 appears to require `-G' NOT `-shared' on this
# platform.
# Commands to make compiler produce verbose output that lists
# what "hidden" libraries, object files and flags are used when
# linking a shared library.
- output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP "\-L"'
+ output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"'
fi
_LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-R $wl$libdir'
CC*)
_LT_TAGVAR(archive_cmds, $1)='$CC -G ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
_LT_TAGVAR(archive_expsym_cmds, $1)='$CC -G ${wl}-Bexport:$export_symbols ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
+ _LT_TAGVAR(old_archive_cmds, $1)='$CC -Tprelink_objects $oldobjs~
+ '"$_LT_TAGVAR(old_archive_cmds, $1)"
+ _LT_TAGVAR(reload_cmds, $1)='$CC -Tprelink_objects $reload_objs~
+ '"$_LT_TAGVAR(reload_cmds, $1)"
;;
*)
_LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-h,$soname -o $lib $libobjs $deplibs $compiler_flags'
solaris*)
case $cc_basename in
- CC*)
+ CC* | sunCC*)
# The more standards-conforming stlport4 library is
# incompatible with the Cstd library. Avoid specifying
# it if it's in CXXFLAGS. Ignore libCrun as
])# _LT_SYS_HIDDEN_LIBDEPS
-# _LT_PROG_F77
-# ------------
-# Since AC_PROG_F77 is broken, in that it returns the empty string
-# if there is no fortran compiler, we have our own version here.
-m4_defun([_LT_PROG_F77],
-[
-pushdef([AC_MSG_ERROR], [_lt_disable_F77=yes])
-AC_PROG_F77
-if test -z "$F77" || test "X$F77" = "Xno"; then
- _lt_disable_F77=yes
-fi
-popdef([AC_MSG_ERROR])
-])# _LT_PROG_F77
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([_LT_PROG_F77], [])
-
-
# _LT_LANG_F77_CONFIG([TAG])
# --------------------------
# Ensure that the configuration variables for a Fortran 77 compiler are
# suitably defined. These variables are subsequently used by _LT_CONFIG
# to write the compiler configuration to `libtool'.
m4_defun([_LT_LANG_F77_CONFIG],
-[AC_REQUIRE([_LT_PROG_F77])dnl
-AC_LANG_PUSH(Fortran 77)
+[AC_LANG_PUSH(Fortran 77)
+if test -z "$F77" || test "X$F77" = "Xno"; then
+ _lt_disable_F77=yes
+fi
_LT_TAGVAR(archive_cmds_need_lc, $1)=no
_LT_TAGVAR(allow_undefined_flag, $1)=
_LT_TAGVAR(module_expsym_cmds, $1)=
_LT_TAGVAR(link_all_deplibs, $1)=unknown
_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
_LT_TAGVAR(no_undefined_flag, $1)=
_LT_TAGVAR(whole_archive_flag_spec, $1)=
_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
])# _LT_LANG_F77_CONFIG
-# _LT_PROG_FC
-# -----------
-# Since AC_PROG_FC is broken, in that it returns the empty string
-# if there is no fortran compiler, we have our own version here.
-m4_defun([_LT_PROG_FC],
-[
-pushdef([AC_MSG_ERROR], [_lt_disable_FC=yes])
-AC_PROG_FC
-if test -z "$FC" || test "X$FC" = "Xno"; then
- _lt_disable_FC=yes
-fi
-popdef([AC_MSG_ERROR])
-])# _LT_PROG_FC
-
-dnl aclocal-1.4 backwards compatibility:
-dnl AC_DEFUN([_LT_PROG_FC], [])
-
-
# _LT_LANG_FC_CONFIG([TAG])
# -------------------------
# Ensure that the configuration variables for a Fortran compiler are
# suitably defined. These variables are subsequently used by _LT_CONFIG
# to write the compiler configuration to `libtool'.
m4_defun([_LT_LANG_FC_CONFIG],
-[AC_REQUIRE([_LT_PROG_FC])dnl
-AC_LANG_PUSH(Fortran)
+[AC_LANG_PUSH(Fortran)
+
+if test -z "$FC" || test "X$FC" = "Xno"; then
+ _lt_disable_FC=yes
+fi
_LT_TAGVAR(archive_cmds_need_lc, $1)=no
_LT_TAGVAR(allow_undefined_flag, $1)=
_LT_TAGVAR(module_expsym_cmds, $1)=
_LT_TAGVAR(link_all_deplibs, $1)=unknown
_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
_LT_TAGVAR(no_undefined_flag, $1)=
_LT_TAGVAR(whole_archive_flag_spec, $1)=
_LT_TAGVAR(enable_shared_with_static_runtimes, $1)=no
_LT_TAGVAR(archive_cmds_need_lc, $1)=no
_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds
+_LT_TAGVAR(reload_flag, $1)=$reload_flag
+_LT_TAGVAR(reload_cmds, $1)=$reload_cmds
## CAVEAT EMPTOR:
## There is no encapsulation within the following macros, do not change
func_dirname ()
{
# Extract subdirectory from the argument.
- func_dirname_result=`$ECHO "X${1}" | $Xsed -e "$dirname"`
+ func_dirname_result=`$ECHO "${1}" | $SED "$dirname"`
if test "X$func_dirname_result" = "X${1}"; then
func_dirname_result="${3}"
else
# func_basename file
func_basename ()
{
- func_basename_result=`$ECHO "X${1}" | $Xsed -e "$basename"`
+ func_basename_result=`$ECHO "${1}" | $SED "$basename"`
}
dnl func_dirname_and_basename
func_stripname ()
{
case ${2} in
- .*) func_stripname_result=`$ECHO "X${3}" \
- | $Xsed -e "s%^${1}%%" -e "s%\\\\${2}\$%%"`;;
- *) func_stripname_result=`$ECHO "X${3}" \
- | $Xsed -e "s%^${1}%%" -e "s%${2}\$%%"`;;
+ .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;;
+ *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;;
esac
}
# func_opt_split
func_opt_split ()
{
- func_opt_split_opt=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_opt"`
- func_opt_split_arg=`$ECHO "X${1}" | $Xsed -e "$my_sed_long_arg"`
+ func_opt_split_opt=`$ECHO "${1}" | $SED "$my_sed_long_opt"`
+ func_opt_split_arg=`$ECHO "${1}" | $SED "$my_sed_long_arg"`
}
# func_lo2o object
func_lo2o ()
{
- func_lo2o_result=`$ECHO "X${1}" | $Xsed -e "$lo2o"`
+ func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"`
}
# func_xform libobj-or-source
func_xform ()
{
- func_xform_result=`$ECHO "X${1}" | $Xsed -e 's/\.[[^.]]*$/.lo/'`
+ func_xform_result=`$ECHO "${1}" | $SED 's/\.[[^.]]*$/.lo/'`
}
# func_arith arithmetic-term...
# Helper functions for option handling. -*- Autoconf -*-
#
-# Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc.
+# Copyright (C) 2004, 2005, 2007, 2008, 2009 Free Software Foundation,
+# Inc.
# Written by Gary V. Vaughan, 2004
#
# This file is free software; the Free Software Foundation gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
-# serial 6 ltoptions.m4
+# serial 7 ltoptions.m4
# This is to help aclocal find these macros, as it can't see m4_define.
AC_DEFUN([LTOPTIONS_VERSION], [m4_if([1])])
[enable_win32_dll=yes
case $host in
-*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-cegcc*)
+*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*)
AC_CHECK_TOOL(AS, as, false)
AC_CHECK_TOOL(DLLTOOL, dlltool, false)
AC_CHECK_TOOL(OBJDUMP, objdump, false)
esac
test -z "$AS" && AS=as
-_LT_DECL([], [AS], [0], [Assembler program])dnl
+_LT_DECL([], [AS], [1], [Assembler program])dnl
test -z "$DLLTOOL" && DLLTOOL=dlltool
-_LT_DECL([], [DLLTOOL], [0], [DLL creation program])dnl
+_LT_DECL([], [DLLTOOL], [1], [DLL creation program])dnl
test -z "$OBJDUMP" && OBJDUMP=objdump
-_LT_DECL([], [OBJDUMP], [0], [Object dumper program])dnl
+_LT_DECL([], [OBJDUMP], [1], [Object dumper program])dnl
])# win32-dll
AU_DEFUN([AC_LIBTOOL_WIN32_DLL],
# Generated from ltversion.in.
-# serial 3017 ltversion.m4
+# serial 3175 ltversion.m4
# This file is part of GNU Libtool
-m4_define([LT_PACKAGE_VERSION], [2.2.6b])
-m4_define([LT_PACKAGE_REVISION], [1.3017])
+m4_define([LT_PACKAGE_VERSION], [2.2.10])
+m4_define([LT_PACKAGE_REVISION], [1.3175])
AC_DEFUN([LTVERSION_VERSION],
-[macro_version='2.2.6b'
-macro_revision='1.3017'
+[macro_version='2.2.10'
+macro_revision='1.3175'
_LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?])
_LT_DECL(, macro_revision, 0)
])
# lt~obsolete.m4 -- aclocal satisfying obsolete definitions. -*-Autoconf-*-
#
-# Copyright (C) 2004, 2005, 2007 Free Software Foundation, Inc.
+# Copyright (C) 2004, 2005, 2007, 2009 Free Software Foundation, Inc.
# Written by Scott James Remnant, 2004.
#
# This file is free software; the Free Software Foundation gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
-# serial 4 lt~obsolete.m4
+# serial 5 lt~obsolete.m4
# These exist entirely to fool aclocal when bootstrapping libtool.
#
m4_ifndef([_LT_AC_LANG_CXX], [AC_DEFUN([_LT_AC_LANG_CXX])])
m4_ifndef([_LT_AC_LANG_F77], [AC_DEFUN([_LT_AC_LANG_F77])])
m4_ifndef([_LT_AC_LANG_GCJ], [AC_DEFUN([_LT_AC_LANG_GCJ])])
-m4_ifndef([AC_LIBTOOL_RC], [AC_DEFUN([AC_LIBTOOL_RC])])
m4_ifndef([AC_LIBTOOL_LANG_C_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_C_CONFIG])])
m4_ifndef([_LT_AC_LANG_C_CONFIG], [AC_DEFUN([_LT_AC_LANG_C_CONFIG])])
m4_ifndef([AC_LIBTOOL_LANG_CXX_CONFIG], [AC_DEFUN([AC_LIBTOOL_LANG_CXX_CONFIG])])
m4_ifndef([_LT_AC_LANG_RC_CONFIG], [AC_DEFUN([_LT_AC_LANG_RC_CONFIG])])
m4_ifndef([AC_LIBTOOL_CONFIG], [AC_DEFUN([AC_LIBTOOL_CONFIG])])
m4_ifndef([_LT_AC_FILE_LTDLL_C], [AC_DEFUN([_LT_AC_FILE_LTDLL_C])])
+m4_ifndef([_LT_REQUIRED_DARWIN_CHECKS], [AC_DEFUN([_LT_REQUIRED_DARWIN_CHECKS])])
+m4_ifndef([_LT_AC_PROG_CXXCPP], [AC_DEFUN([_LT_AC_PROG_CXXCPP])])
+m4_ifndef([_LT_PREPARE_SED_QUOTE_VARS], [AC_DEFUN([_LT_PREPARE_SED_QUOTE_VARS])])
+m4_ifndef([_LT_PROG_ECHO_BACKSLASH], [AC_DEFUN([_LT_PROG_ECHO_BACKSLASH])])
+m4_ifndef([_LT_PROG_F77], [AC_DEFUN([_LT_PROG_F77])])
+m4_ifndef([_LT_PROG_FC], [AC_DEFUN([_LT_PROG_FC])])
+m4_ifndef([_LT_PROG_CXX], [AC_DEFUN([_LT_PROG_CXX])])
#endif
#include <assert.h>
+#include <radius/client.h>
#include <event2/bufferevent.h>
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
struct rs_packet *response,
struct rs_packet *request)
{
+ int err;
+
assert (conn);
assert (conn->active_peer);
assert (conn->active_peer->secret);
assert (request);
assert (request->rpkt);
+ response->rpkt->secret = conn->active_peer->secret;
+ response->rpkt->sizeof_secret = strlen (conn->active_peer->secret);
+
/* Verify header and message authenticator. */
- if (rad_verify (response->rpkt, request->rpkt, conn->active_peer->secret))
+ err = nr_packet_verify (response->rpkt, request->rpkt);
+ if (err)
{
- conn_close (&conn);
- return rs_err_conn_push_fl (conn, RSE_FR, __FILE__, __LINE__,
- "rad_verify: %s", fr_strerror ());
+ if (conn->is_connected)
+ rs_conn_disconnect(conn);
+ return rs_err_conn_push_fl (conn, -err, __FILE__, __LINE__,
+ "nr_packet_verify");
}
/* Decode and decrypt. */
- if (rad_decode (response->rpkt, request->rpkt, conn->active_peer->secret))
+ err = nr_packet_decode (response->rpkt, request->rpkt);
+ if (err)
{
- conn_close (&conn);
- return rs_err_conn_push_fl (conn, RSE_FR, __FILE__, __LINE__,
- "rad_decode: %s", fr_strerror ());
+ if (conn->is_connected)
+ rs_conn_disconnect(conn);
+ return rs_err_conn_push_fl (conn, -err, __FILE__, __LINE__,
+ "nr_packet_decode");
}
return RSE_OK;
int
packet_do_send (struct rs_packet *pkt)
{
- VALUE_PAIR *vp = NULL;
+ int err;
assert (pkt);
assert (pkt->conn);
assert (pkt->conn->active_peer->secret);
assert (pkt->rpkt);
- /* Add a Message-Authenticator, RFC 2869, if not already present. */
- /* FIXME: Make Message-Authenticator optional? */
- vp = paircreate (PW_MESSAGE_AUTHENTICATOR, PW_TYPE_OCTETS);
- if (!vp)
- return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
- "paircreate: %s", fr_strerror ());
- pairreplace (&pkt->rpkt->vps, vp);
+ pkt->rpkt->secret = pkt->conn->active_peer->secret;
+ pkt->rpkt->sizeof_secret = strlen (pkt->rpkt->secret);
/* Encode message. */
- if (rad_encode (pkt->rpkt, NULL, pkt->conn->active_peer->secret))
- return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
- "rad_encode: %s", fr_strerror ());
+ err = nr_packet_encode (pkt->rpkt, NULL);
+ if (err < 0)
+ return rs_err_conn_push_fl (pkt->conn, -err, __FILE__, __LINE__,
+ "nr_packet_encode");
/* Sign message. */
- if (rad_sign (pkt->rpkt, NULL, pkt->conn->active_peer->secret))
- return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
- "rad_sign: %s", fr_strerror ());
+ err = nr_packet_sign (pkt->rpkt, NULL);
+ if (err < 0)
+ return rs_err_conn_push_fl (pkt->conn, -err, __FILE__, __LINE__,
+ "nr_packet_sign");
#if defined (DEBUG)
{
char host[80], serv[80];
if (pkt->conn->bev) /* TCP. */
{
int err = bufferevent_write (pkt->conn->bev, pkt->rpkt->data,
- pkt->rpkt->data_len);
+ pkt->rpkt->length);
if (err < 0)
return rs_err_conn_push_fl (pkt->conn, RSE_EVENT, __FILE__, __LINE__,
"bufferevent_write: %s",
{
struct rs_packet *p;
RADIUS_PACKET *rpkt;
+ int err;
*pkt_out = NULL;
- rpkt = rad_alloc (1);
- if (!rpkt)
+ rpkt = rs_malloc (conn->ctx, sizeof(*rpkt) + RS_MAX_PACKET_LEN);
+ if (rpkt == NULL)
return rs_err_conn_push (conn, RSE_NOMEM, __func__);
- rpkt->id = conn->nextid++;
- p = (struct rs_packet *) malloc (sizeof (struct rs_packet));
- if (!p)
+ /*
+ * This doesn't make sense; the packet identifier is constant for
+ * an entire conversation. A separate API should be provided to
+ * allow the application to set the packet ID, or a conversation
+ * object should group related packets together.
+ */
+#if 0
+ rpkt->id = conn->nextid++
+#endif
+
+ err = nr_packet_init (rpkt, NULL, NULL,
+ PW_ACCESS_REQUEST,
+ rpkt + 1, RS_MAX_PACKET_LEN);
+ if (err < 0)
+ return rs_err_conn_push (conn, -err, __func__);
+
+ p = (struct rs_packet *) rs_calloc (conn->ctx, 1, sizeof (*p));
+ if (p == NULL)
{
- rad_free (&rpkt);
+ rs_free (conn->ctx, rpkt);
return rs_err_conn_push (conn, RSE_NOMEM, __func__);
}
- memset (p, 0, sizeof (struct rs_packet));
p->conn = conn;
p->rpkt = rpkt;
const char *user_name, const char *user_pw)
{
struct rs_packet *pkt;
- VALUE_PAIR *vp = NULL;
+ int err;
if (rs_packet_create (conn, pkt_out))
return -1;
+
pkt = *pkt_out;
- pkt->rpkt->code = PW_AUTHENTICATION_REQUEST;
+ pkt->rpkt->code = PW_ACCESS_REQUEST;
if (user_name)
{
- vp = pairmake ("User-Name", user_name, T_OP_EQ);
- if (vp == NULL)
- return rs_err_conn_push_fl (conn, RSE_FR, __FILE__, __LINE__,
- "pairmake: %s", fr_strerror ());
- pairadd (&pkt->rpkt->vps, vp);
+ err = rs_packet_append_avp (pkt, PW_USER_NAME, 0, user_name, 0);
+ if (err)
+ return err;
}
if (user_pw)
{
- vp = pairmake ("User-Password", user_pw, T_OP_EQ);
- if (vp == NULL)
- return rs_err_conn_push_fl (conn, RSE_FR, __FILE__, __LINE__,
- "pairmake: %s", fr_strerror ());
- pairadd (&pkt->rpkt->vps, vp);
+ err = rs_packet_append_avp (pkt, PW_USER_PASSWORD, 0, user_pw, 0);
+ if (err)
+ return err;
}
return RSE_OK;
}
-struct radius_packet *
-rs_packet_frpkt (struct rs_packet *pkt)
-{
- assert (pkt);
- return pkt->rpkt;
-}
-
void
rs_packet_destroy (struct rs_packet *pkt)
{
assert (pkt->conn);
assert (pkt->conn->ctx);
- rad_free (&pkt->rpkt); /* Note: This frees the VALUE_PAIR's too. */
+ rs_avp_free (&pkt->rpkt->vps);
+ rs_free (pkt->conn->ctx, pkt->rpkt);
rs_free (pkt->conn->ctx, pkt);
}
+
+int
+rs_packet_append_avp (struct rs_packet *pkt,
+ unsigned int attr, unsigned int vendor,
+ const void *data, size_t data_len)
+{
+ const DICT_ATTR *da;
+ int err;
+
+ assert (pkt);
+
+ da = nr_dict_attr_byvalue (attr, vendor);
+ if (da == NULL)
+ return RSE_ATTR_TYPE_UNKNOWN;
+
+ err = nr_packet_attr_append (pkt->rpkt, NULL, da, data, data_len);
+ if (err < 0)
+ return rs_err_conn_push (pkt->conn, -err, __func__);
+
+ return RSE_OK;
+}
+
+void
+rs_packet_avps (struct rs_packet *pkt, rs_avp ***vps)
+{
+ assert (pkt);
+ *vps = &pkt->rpkt->vps;
+}
+
+unsigned int
+rs_packet_code (struct rs_packet *pkt)
+{
+ assert (pkt);
+ return pkt->rpkt->code;
+}
+
+rs_const_avp *
+rs_packet_find_avp (struct rs_packet *pkt, unsigned int attr, unsigned int vendor)
+{
+ assert (pkt);
+ return rs_avp_find_const (pkt->rpkt->vps, attr, vendor);
+}
+
+int
+rs_packet_set_id (struct rs_packet *pkt, int id)
+{
+ int old = pkt->rpkt->id;
+
+ pkt->rpkt->id = id;
+
+ return old;
+}
#endif
#include <assert.h>
+#include <stdlib.h>
+#include <string.h>
+
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
#include "err.h"
--- /dev/null
+dictionaries.c
--- /dev/null
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- /dev/null
+AUTOMAKE_OPTIONS = foreign
+ACLOCAL_AMFLAGS = -I m4
+
+INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)
+AM_CFLAGS = -Wall -g
+
+noinst_LTLIBRARIES = libradsec-radius.la
+
+libradsec_radius_la_SOURCES = \
+ attrs.c \
+ crypto.c \
+ custom.c \
+ dict.c \
+ id.c \
+ parse.c \
+ print.c \
+ radpkt.c \
+ static.c \
+ valuepair.c
+
+libradsec_radius_la_CFLAGS = $(AM_CFLAGS) -DHAVE_CONFIG_H
+
+DICTIONARIES = \
+ share/dictionary.txt \
+ share/dictionary.juniper \
+ share/dictionary.microsoft \
+ share/dictionary.ukerna
+
+$(top_srcdir)/include/radsec/radius.h dictionaries.c: ${DICTIONARIES} convert.pl common.pl
+ $(srcdir)/convert.pl ${DICTIONARIES}
+
+static.$(OBJEXT): static.c dictionaries.c
+
+clean-local:
+ rm -f dictionaries.c
+
+$(libradsec_radius_la_SOURCES): $(top_srcdir)/include/radsec/radius.h
+
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/** \file attrs.c
+ * \brief Attribute encoding and decoding routines.
+ */
+
+#include "client.h"
+
+/*
+ * Encodes the data portion of an attribute.
+ * Returns -1 on error, or the length of the data portion.
+ */
+static ssize_t vp2data_any(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ int nest,
+ const VALUE_PAIR **pvp,
+ uint8_t *start, size_t room)
+{
+ uint32_t lvalue;
+ ssize_t len;
+ const uint8_t *data;
+ uint8_t *ptr = start;
+ uint8_t array[4];
+ const VALUE_PAIR *vp = *pvp;
+
+#ifdef RS_TYPE_TLV
+ /*
+ * See if we need to encode a TLV. The low portion of
+ * the attribute has already been placed into the packer.
+ * If there are still attribute bytes left, then go
+ * encode them as TLVs.
+ *
+ * If we cared about the stack, we could unroll the loop.
+ */
+ if ((nest > 0) && (nest <= nr_attr_max_tlv) &&
+ ((vp->da->attr >> nr_attr_shift[nest]) != 0)) {
+ return vp2data_tlvs(packet, original, nest, pvp,
+ start, room);
+ }
+#else
+ nest = nest; /* -Wunused */
+#endif
+
+ /*
+ * Set up the default sources for the data.
+ */
+ data = vp->vp_octets;
+ len = vp->length;
+
+ switch(vp->da->type) {
+ case RS_TYPE_IPV6PREFIX:
+ len = sizeof(vp->vp_ipv6prefix);
+ break;
+
+ case RS_TYPE_STRING:
+ case RS_TYPE_OCTETS:
+ case RS_TYPE_IFID:
+ case RS_TYPE_IPV6ADDR:
+#ifdef RS_TYPE_ABINARY
+ case RS_TYPE_ABINARY:
+#endif
+ /* nothing more to do */
+ break;
+
+ case RS_TYPE_BYTE:
+ len = 1; /* just in case */
+ array[0] = vp->vp_integer & 0xff;
+ data = array;
+ break;
+
+ case RS_TYPE_SHORT:
+ len = 2; /* just in case */
+ array[0] = (vp->vp_integer >> 8) & 0xff;
+ array[1] = vp->vp_integer & 0xff;
+ data = array;
+ break;
+
+ case RS_TYPE_INTEGER:
+ len = 4; /* just in case */
+ lvalue = htonl(vp->vp_integer);
+ memcpy(array, &lvalue, sizeof(lvalue));
+ data = array;
+ break;
+
+ case RS_TYPE_IPADDR:
+ data = (const uint8_t *) &vp->vp_ipaddr;
+ len = 4; /* just in case */
+ break;
+
+ /*
+ * There are no tagged date attributes.
+ */
+ case RS_TYPE_DATE:
+ lvalue = htonl(vp->vp_date);
+ data = (const uint8_t *) &lvalue;
+ len = 4; /* just in case */
+ break;
+
+#ifdef VENDORPEC_WIMAX
+ case RS_TYPE_SIGNED:
+ {
+ int32_t slvalue;
+
+ len = 4; /* just in case */
+ slvalue = htonl(vp->vp_signed);
+ memcpy(array, &slvalue, sizeof(slvalue));
+ break;
+ }
+#endif
+
+#ifdef RS_TYPE_TLV
+ case RS_TYPE_TLV:
+ data = vp->vp_tlv;
+ if (!data) {
+ nr_debug_error("ERROR: Cannot encode NULL TLV");
+ return -RSE_INVAL;
+ }
+ len = vp->length;
+ break;
+#endif
+
+ default: /* unknown type: ignore it */
+ nr_debug_error("ERROR: Unknown attribute type %d", vp->da->type);
+ return -RSE_ATTR_TYPE_UNKNOWN;
+ }
+
+ /*
+ * Bound the data to the calling size
+ */
+ if (len > (ssize_t) room) len = room;
+
+#ifndef FLAG_ENCRYPT_TUNNEL_PASSWORD
+ original = original; /* -Wunused */
+#endif
+
+ /*
+ * Encrypt the various password styles
+ *
+ * Attributes with encrypted values MUST be less than
+ * 128 bytes long.
+ */
+ switch (vp->da->flags.encrypt) {
+ case FLAG_ENCRYPT_USER_PASSWORD:
+ len = nr_password_encrypt(ptr, room, data, len,
+ packet->secret, packet->vector);
+ break;
+
+#ifdef FLAG_ENCRYPT_TUNNEL_PASSWORD
+ case FLAG_ENCRYPT_TUNNEL_PASSWORD:
+ lvalue = 0;
+ if (vp->da->flags.has_tag) lvalue = 1;
+
+ /*
+ * Check if there's enough room. If there isn't,
+ * we discard the attribute.
+ *
+ * This is ONLY a problem if we have multiple VSA's
+ * in one Vendor-Specific, though.
+ */
+ if (room < (18 + lvalue)) {
+ *pvp = vp->next;
+ return 0;
+ }
+
+ switch (packet->code) {
+ case PW_ACCESS_ACCEPT:
+ case PW_ACCESS_REJECT:
+ case PW_ACCESS_CHALLENGE:
+ default:
+ if (!original) {
+ nr_debug_error("ERROR: No request packet, cannot encrypt %s attribute in the vp.", vp->da->name);
+ return -RSE_REQUEST_REQUIRED;
+ }
+
+ if (lvalue) ptr[0] = vp->tag;
+ len = nr_tunnelpw_encrypt(ptr + lvalue,
+ room - lvalue, data, len,
+ packet->secret,
+ original->vector);
+ if (len < 0) return len;
+ break;
+ case PW_ACCOUNTING_REQUEST:
+ case PW_DISCONNECT_REQUEST:
+ case PW_COA_REQUEST:
+ ptr[0] = vp->tag;
+ len = nr_tunnelpw_encrypt(ptr + 1, room, data, len - 1,
+ packet->secret,
+ packet->vector);
+ if (len < 0) return len;
+ break;
+ }
+ break;
+#endif
+
+ /*
+ * The code above ensures that this attribute
+ * always fits.
+ */
+#ifdef FLAG_ENCRYPT_ASCEND_SECRET
+ case FLAG_ENCRYPT_ASCEND_SECRET:
+ make_secret(ptr, packet->vector, packet->secret, data);
+ len = AUTH_VECTOR_LEN;
+ break;
+#endif
+
+ default:
+ if (vp->da->flags.has_tag && TAG_VALID(vp->tag)) {
+ if (vp->da->type == RS_TYPE_STRING) {
+ if (len > ((ssize_t) (room - 1))) len = room - 1;
+ ptr[0] = vp->tag;
+ ptr++;
+ } else if (vp->da->type == RS_TYPE_INTEGER) {
+ array[0] = vp->tag;
+ } /* else it can't be any other type */
+ }
+ memcpy(ptr, data, len);
+ break;
+ } /* switch over encryption flags */
+
+ *(pvp) = vp->next;
+ return len + (ptr - start);;
+}
+
+
+/*
+ * Encode an RFC format TLV. This could be a standard attribute,
+ * or a TLV data type. If it's a standard attribute, then
+ * vp->da->attr == attribute. Otherwise, attribute may be
+ * something else.
+ */
+static ssize_t vp2attr_rfc(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const VALUE_PAIR **pvp,
+ unsigned int attribute, uint8_t *ptr, size_t room)
+{
+ ssize_t len;
+
+ if (room < 2) {
+ *pvp = (*pvp)->next;
+ return 0;
+ }
+
+ ptr[0] = attribute & 0xff;
+ ptr[1] = 2;
+
+ if (room > ((unsigned) 255 - ptr[1])) room = 255 - ptr[1];
+
+ len = vp2data_any(packet, original, 0, pvp, ptr + ptr[1], room);
+ if (len < 0) return len;
+
+ ptr[1] += len;
+
+ return ptr[1];
+}
+
+
+#ifndef WITHOUT_VSAS
+/*
+ * Encode a VSA which is a TLV. If it's in the RFC format, call
+ * vp2attr_rfc. Otherwise, encode it here.
+ */
+static ssize_t vp2attr_vsa(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const VALUE_PAIR **pvp,
+ unsigned int attribute, unsigned int vendor,
+ uint8_t *ptr, size_t room)
+{
+ ssize_t len;
+ const DICT_VENDOR *dv;
+
+ /*
+ * Unknown vendor: RFC format.
+ * Known vendor and RFC format: go do that.
+ */
+ dv = nr_dict_vendor_byvalue(vendor);
+ if (!dv ||
+ (
+#ifdef RS_TYPE_TLV
+ !(*pvp)->flags.is_tlv &&
+#endif
+ (dv->type == 1) && (dv->length == 1))) {
+ return vp2attr_rfc(packet, original, pvp,
+ attribute, ptr, room);
+ }
+
+#ifdef RS_TYPE_TLV
+ if ((*pvp)->flags.is_tlv) {
+ return data2vp_tlvs(packet, original, 0, pvp,
+ ptr, room);
+ }
+#endif
+
+ switch (dv->type) {
+ default:
+ nr_debug_error("vp2attr_vsa: Internal sanity check failed,"
+ " type %u", (unsigned) dv->type);
+ return -RSE_INTERNAL;
+
+ case 4:
+ ptr[0] = 0; /* attr must be 24-bit */
+ ptr[1] = (attribute >> 16) & 0xff;
+ ptr[2] = (attribute >> 8) & 0xff;
+ ptr[3] = attribute & 0xff;
+ break;
+
+ case 2:
+ ptr[0] = (attribute >> 8) & 0xff;
+ ptr[1] = attribute & 0xff;
+ break;
+
+ case 1:
+ ptr[0] = attribute & 0xff;
+ break;
+ }
+
+ switch (dv->length) {
+ default:
+ nr_debug_error("vp2attr_vsa: Internal sanity check failed,"
+ " length %u", (unsigned) dv->length);
+ return -RSE_INTERNAL;
+
+ case 0:
+ break;
+
+ case 2:
+ ptr[dv->type] = 0;
+ /* FALL-THROUGH */
+
+ case 1:
+ ptr[dv->type + dv->length - 1] = dv->type + dv->length;
+ break;
+
+ }
+
+ if (room > ((unsigned) 255 - (dv->type + dv->length))) {
+ room = 255 - (dv->type + dv->length);
+ }
+
+ len = vp2data_any(packet, original, 0, pvp,
+ ptr + dv->type + dv->length, room);
+ if (len < 0) return len;
+
+ if (dv->length) ptr[dv->type + dv->length - 1] += len;
+
+ return dv->type + dv->length + len;
+}
+
+
+/*
+ * Encode a Vendor-Specific attribute.
+ */
+ssize_t nr_vp2vsa(const RADIUS_PACKET *packet, const RADIUS_PACKET *original,
+ const VALUE_PAIR **pvp, uint8_t *ptr,
+ size_t room)
+{
+ ssize_t len;
+ uint32_t lvalue;
+ const VALUE_PAIR *vp = *pvp;
+
+#ifdef VENDORPEC_WIMAX
+ /*
+ * Double-check for WiMAX
+ */
+ if (vp->da->vendor == VENDORPEC_WIMAX) {
+ return nr_vp2wimax(packet, original, pvp,
+ ptr, room);
+ }
+#endif
+
+ if (vp->da->vendor > RS_MAX_VENDOR) {
+ nr_debug_error("nr_vp2vsa: Invalid arguments");
+ return -RSE_INVAL;
+ }
+
+ /*
+ * Not enough room for:
+ * attr, len, vendor-id
+ */
+ if (room < 6) {
+ *pvp = vp->next;
+ return 0;
+ }
+
+ /*
+ * Build the Vendor-Specific header
+ */
+ ptr[0] = PW_VENDOR_SPECIFIC;
+ ptr[1] = 6;
+ lvalue = htonl(vp->da->vendor);
+ memcpy(ptr + 2, &lvalue, 4);
+
+ if (room > ((unsigned) 255 - ptr[1])) room = 255 - ptr[1];
+
+ len = vp2attr_vsa(packet, original, pvp,
+ vp->da->attr, vp->da->vendor,
+ ptr + ptr[1], room);
+ if (len < 0) return len;
+
+ ptr[1] += len;
+
+ return ptr[1];
+}
+#endif
+
+
+/*
+ * Encode an RFC standard attribute 1..255
+ */
+ssize_t nr_vp2rfc(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const VALUE_PAIR **pvp,
+ uint8_t *ptr, size_t room)
+{
+ const VALUE_PAIR *vp = *pvp;
+
+ if (vp->da->vendor != 0) {
+ nr_debug_error("nr_vp2rfc called with VSA");
+ return -RSE_INVAL;
+ }
+
+ if ((vp->da->attr == 0) || (vp->da->attr > 255)) {
+ nr_debug_error("nr_vp2rfc called with non-standard attribute %u", vp->da->attr);
+ return -RSE_INVAL;
+ }
+
+#ifdef PW_CHARGEABLE_USER_IDENTITY
+ if ((vp->length == 0) &&
+ (vp->da != RS_DA_CHARGEABLE_USER_IDENTITY)) {
+ *pvp = vp->next;
+ return 0;
+ }
+#endif
+
+ return vp2attr_rfc(packet, original, pvp, vp->da->attr,
+ ptr, room);
+}
+
+#ifdef PW_CHAP_PASSWORD
+/*
+ * Encode an RFC standard attribute 1..255
+ */
+static ssize_t nr_chap2rfc(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const VALUE_PAIR **pvp,
+ uint8_t *ptr, size_t room)
+{
+ ssize_t rcode;
+ const VALUE_PAIR *vp = *pvp;
+ RS_MD5_CTX ctx;
+ uint8_t buffer[RS_MAX_STRING_LEN*2 + 1], *p;
+ VALUE_PAIR chap = {
+ RS_DA_CHAP_PASSWORD,
+ 17,
+ 0,
+ NULL,
+ {
+ .octets = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+ },
+ },
+ };
+
+ if ((vp->da->vendor != 0) || (vp->da != RS_DA_CHAP_PASSWORD)) {
+ nr_debug_error("nr_chap2rfc called with non-CHAP");
+ return -RSE_INVAL;
+ }
+
+ p = buffer;
+ *(p++) = nr_rand() & 0xff; /* id */
+
+ memcpy(p, vp->vp_strvalue, strlen(vp->vp_strvalue));
+ p += strlen(vp->vp_strvalue);
+
+ vp = nr_vps_find(packet->vps, PW_CHAP_CHALLENGE, 0);
+ if (vp) {
+ memcpy(p, vp->vp_octets, vp->length);
+ p += vp->length;
+ } else {
+ memcpy(p, packet->vector, sizeof(packet->vector));
+ p += sizeof(packet->vector);
+ }
+
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, buffer, p - buffer);
+ RS_MD5Final(&chap.vp_octets[1], &ctx);
+
+ chap.vp_octets[0] = buffer[0];
+ vp = &chap;
+
+ rcode = vp2attr_rfc(packet, original, &vp, chap.da->attr,
+ ptr, room);
+ if (rcode < 0) return rcode;
+
+ *pvp = (*pvp)->next;
+ return rcode;
+}
+#endif /* PW_CHAP_PASSWORD */
+
+#ifdef PW_MESSAGE_AUTHENTICATOR
+/** Fake Message-Authenticator.
+ *
+ * This structure is used to replace a Message-Authenticator in the
+ * input list of VALUE_PAIRs when encoding a packet. If the caller
+ * asks us to encode a Message-Authenticator, we ignore the one given
+ * to us by the caller (which may have the wrong length, etc.), and
+ * instead use this one, which has the correct length and data.
+ */
+static const VALUE_PAIR fake_ma = {
+ RS_DA_MESSAGE_AUTHENTICATOR,
+ 16,
+ 0,
+ NULL,
+ {
+ .octets = {
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+ },
+ }
+};
+#endif /* PW_MESSAGE_AUTHENTICATOR */
+
+/*
+ * Parse a data structure into a RADIUS attribute.
+ */
+ssize_t nr_vp2attr(const RADIUS_PACKET *packet, const RADIUS_PACKET *original,
+ const VALUE_PAIR **pvp, uint8_t *start,
+ size_t room)
+{
+ const VALUE_PAIR *vp = *pvp;
+
+ /*
+ * RFC format attributes take the fast path.
+ */
+ if (vp->da->vendor != 0) {
+#ifdef VENDORPEC_EXTENDED
+ if (vp->da->vendor > RS_MAX_VENDOR) {
+ return nr_vp2attr_extended(packet, original,
+ pvp, start, room);
+
+ }
+#endif
+
+#ifdef VENDORPEC_WIMAX
+ if (vp->da->vendor == VENDORPEC_WIMAX) {
+ return nr_vp2attr_wimax(packet, original,
+ pvp, start, room);
+ }
+#endif
+
+#ifndef WITHOUT_VSAS
+ return nr_vp2vsa(packet, original, pvp, start, room);
+#else
+ nr_debug_error("VSAs are not supported");
+ return -RSE_UNSUPPORTED;
+#endif
+ }
+
+ /*
+ * Ignore non-protocol attributes.
+ */
+ if (vp->da->attr > 255) {
+ *pvp = vp->next;
+ return 0;
+ }
+
+#ifdef PW_MESSAGE_AUTHENTICATOR
+ /*
+ * The caller wants a Message-Authenticator, but doesn't
+ * know how to calculate it, or what the correct values
+ * are. So... create one for him.
+ */
+ if (vp->da == RS_DA_MESSAGE_AUTHENTICATOR) {
+ ssize_t rcode;
+
+ vp = &fake_ma;
+ rcode = nr_vp2rfc(packet, original, &vp, start, room);
+ if (rcode <= 0) return rcode;
+ *pvp = (*pvp)->next;
+ return rcode;
+ }
+#endif
+
+#ifdef PW_CHAP_PASSWORD
+ /*
+ * The caller wants a CHAP-Password, but doesn't know how
+ * to calculate it, or what the correct values are. To
+ * help, we calculate it for him.
+ */
+ if (vp->da == RS_DA_CHAP_PASSWORD) {
+ int encoded = 0;
+
+ /*
+ * CHAP is ID + MD5(...). If it's length is NOT
+ * 17, then the caller has passed us a password,
+ * and wants us to encode it. If the length IS
+ * 17, then we need to double-check if the caller
+ * has already encoded it.
+ */
+ if (vp->length == 17) {
+ int i;
+
+ /*
+ * ASCII and UTF-8 disallow values 0..31.
+ * If they appear, then the CHAP-Password
+ * has already been encoded by the
+ * caller. The probability of a
+ * CHAP-Password being all 32..256 is
+ * (1-32/256)^17 =~ .10
+ *
+ * This check isn't perfect, but it
+ * should be pretty rare for people to
+ * have 17-character passwords *and* have
+ * them all 32..256.
+ */
+ for (i = 0; i < 17; i++) {
+ if (vp->vp_octets[i] < 32) {
+ encoded = 1;
+ break;
+ }
+ }
+ }
+
+ if (!encoded) {
+ return nr_chap2rfc(packet, original, pvp, start, room);
+ }
+ }
+#endif
+
+ return nr_vp2rfc(packet, original, pvp,
+ start, room);
+}
+
+
+/*
+ * Ignore unknown attributes, but "decoding" them into nothing.
+ */
+static ssize_t data2vp_raw(UNUSED const RADIUS_PACKET *packet,
+ UNUSED const RADIUS_PACKET *original,
+ unsigned int attribute,
+ unsigned int vendor,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp)
+{
+ VALUE_PAIR *vp;
+
+ if (length > sizeof(vp->vp_octets)) return -RSE_ATTR_OVERFLOW;
+
+ vp = nr_vp_alloc_raw(attribute, vendor);
+ if (!vp) return -RSE_NOMEM;
+
+ memcpy(vp->vp_octets, data, length);
+ vp->length = length;
+
+ *pvp = vp;
+ return length;
+}
+
+ssize_t nr_attr2vp_raw(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp)
+{
+
+ if (length < 2) return -RSE_PACKET_TOO_SMALL;
+ if (data[1] < 2) return -RSE_ATTR_TOO_SMALL;
+ if (data[1] > length) return -RSE_ATTR_OVERFLOW;
+
+ return data2vp_raw(packet, original, data[0], 0,
+ data + 2, data[1] - 2, pvp);
+}
+
+/*
+ * Create any kind of VP from the attribute contents.
+ *
+ * Will return -1 on error, or "length".
+ */
+static ssize_t data2vp_any(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ int nest,
+ unsigned int attribute, unsigned int vendor,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp)
+{
+#ifdef FLAG_ENCRYPT_TUNNEL_PASSWORD
+ ssize_t rcode;
+#endif
+ int data_offset = 0;
+ const DICT_ATTR *da;
+ VALUE_PAIR *vp = NULL;
+
+ if (length == 0) {
+ /*
+ * Hacks for CUI. The WiMAX spec says that it
+ * can be zero length, even though this is
+ * forbidden by the RADIUS specs. So... we make
+ * a special case for it.
+ */
+ if ((vendor == 0) &&
+ (attribute == PW_CHARGEABLE_USER_IDENTITY)) {
+ data = (const uint8_t *) "";
+ length = 1;
+ } else {
+ *pvp = NULL;
+ return 0;
+ }
+ }
+
+ da = nr_dict_attr_byvalue(attribute, vendor);
+
+ /*
+ * Unknown attribute. Create it as a "raw" attribute.
+ */
+ if (!da) {
+ raw:
+ if (vp) nr_vp_free(&vp);
+ return data2vp_raw(packet, original,
+ attribute, vendor, data, length, pvp);
+ }
+
+#ifdef RS_TYPE_TLV
+ /*
+ * TLVs are handled first. They can't be tagged, and
+ * they can't be encrypted.
+ */
+ if (da->da->type == RS_TYPE_TLV) {
+ return data2vp_tlvs(packet, original,
+ attribute, vendor, nest,
+ data, length, pvp);
+ }
+#else
+ nest = nest; /* -Wunused */
+#endif
+
+ /*
+ * The attribute is known, and well formed. We can now
+ * create it. The main failure from here on in is being
+ * out of memory.
+ */
+ vp = nr_vp_alloc(da);
+ if (!vp) return -RSE_NOMEM;
+
+ /*
+ * Handle tags.
+ */
+ if (vp->da->flags.has_tag) {
+ if (TAG_VALID(data[0])
+#ifdef FLAG_ENCRYPT_TUNNEL_PASSWORD
+ || (vp->da->flags.encrypt == FLAG_ENCRYPT_TUNNEL_PASSWORD)
+#endif
+ ) {
+ /*
+ * Tunnel passwords REQUIRE a tag, even
+ * if don't have a valid tag.
+ */
+ vp->tag = data[0];
+
+ if ((vp->da->type == RS_TYPE_STRING) ||
+ (vp->da->type == RS_TYPE_OCTETS)) {
+ if (length == 0) goto raw;
+ data_offset = 1;
+ }
+ }
+ }
+
+ /*
+ * Copy the data to be decrypted
+ */
+ vp->length = length - data_offset;
+ memcpy(&vp->vp_octets[0], data + data_offset, vp->length);
+
+ /*
+ * Decrypt the attribute.
+ */
+ switch (vp->da->flags.encrypt) {
+ /*
+ * User-Password
+ */
+ case FLAG_ENCRYPT_USER_PASSWORD:
+ if (original) {
+ rcode = nr_password_encrypt(vp->vp_octets,
+ sizeof(vp->vp_strvalue),
+ data + data_offset, vp->length,
+ packet->secret,
+ original->vector);
+ } else {
+ rcode = nr_password_encrypt(vp->vp_octets,
+ sizeof(vp->vp_strvalue),
+ data + data_offset, vp->length,
+ packet->secret,
+ packet->vector);
+ }
+ if (rcode < 0) goto raw;
+ vp->vp_strvalue[128] = '\0';
+ vp->length = strlen(vp->vp_strvalue);
+ break;
+
+ /*
+ * Tunnel-Password's may go ONLY
+ * in response packets.
+ */
+#ifdef FLAG_ENCRYPT_TUNNEL_PASSWORD
+ case FLAG_ENCRYPT_TUNNEL_PASSWORD:
+ if (!original) goto raw;
+
+ rcode = nr_tunnelpw_decrypt(vp->vp_octets,
+ sizeof(vp->vp_octets),
+ data + data_offset, vp->length,
+ packet->secret, original->vector);
+ if (rcode < 0) goto raw;
+ vp->length = rcode;
+ break;
+#endif
+
+
+#ifdef FLAG_ENCRYPT_ASCEND_SECRET
+ /*
+ * Ascend-Send-Secret
+ * Ascend-Receive-Secret
+ */
+ case FLAG_ENCRYPT_ASCEND_SECRET:
+ if (!original) {
+ goto raw;
+ } else {
+ uint8_t my_digest[AUTH_VECTOR_LEN];
+ make_secret(my_digest,
+ original->vector,
+ packet->secret, data);
+ memcpy(vp->vp_strvalue, my_digest,
+ AUTH_VECTOR_LEN );
+ vp->vp_strvalue[AUTH_VECTOR_LEN] = '\0';
+ vp->length = strlen(vp->vp_strvalue);
+ }
+ break;
+#endif
+
+ default:
+ break;
+ } /* switch over encryption flags */
+
+ /*
+ * Expected a certain length, but got something else.
+ */
+ if ((vp->da->flags.length != 0) &&
+ (vp->length != vp->da->flags.length)) {
+ goto raw;
+ }
+
+ switch (vp->da->type) {
+ case RS_TYPE_STRING:
+ case RS_TYPE_OCTETS:
+#ifdef RS_TYPE_ABINARY
+ case RS_TYPE_ABINARY:
+#endif
+ /* nothing more to do */
+ break;
+
+ case RS_TYPE_BYTE:
+ vp->vp_integer = vp->vp_octets[0];
+ break;
+
+
+ case RS_TYPE_SHORT:
+ vp->vp_integer = (vp->vp_octets[0] << 8) | vp->vp_octets[1];
+ break;
+
+ case RS_TYPE_INTEGER:
+ memcpy(&vp->vp_integer, vp->vp_octets, 4);
+ vp->vp_integer = ntohl(vp->vp_integer);
+
+ if (vp->da->flags.has_tag) vp->vp_integer &= 0x00ffffff;
+ break;
+
+ case RS_TYPE_DATE:
+ memcpy(&vp->vp_date, vp->vp_octets, 4);
+ vp->vp_date = ntohl(vp->vp_date);
+ break;
+
+
+ case RS_TYPE_IPADDR:
+ memcpy(&vp->vp_ipaddr, vp->vp_octets, 4);
+ break;
+
+ /*
+ * IPv6 interface ID is 8 octets long.
+ */
+ case RS_TYPE_IFID:
+ /* vp->vp_ifid == vp->vp_octets */
+ break;
+
+ /*
+ * IPv6 addresses are 16 octets long
+ */
+ case RS_TYPE_IPV6ADDR:
+ /* vp->vp_ipv6addr == vp->vp_octets */
+ break;
+
+ /*
+ * IPv6 prefixes are 2 to 18 octets long.
+ *
+ * RFC 3162: The first octet is unused.
+ * The second is the length of the prefix
+ * the rest are the prefix data.
+ *
+ * The prefix length can have value 0 to 128.
+ */
+ case RS_TYPE_IPV6PREFIX:
+ if (vp->length < 2 || vp->length > 18) goto raw;
+ if (vp->vp_octets[1] > 128) goto raw;
+
+ /*
+ * FIXME: double-check that
+ * (vp->vp_octets[1] >> 3) matches vp->length + 2
+ */
+ if (vp->length < 18) {
+ memset(vp->vp_octets + vp->length, 0,
+ 18 - vp->length);
+ }
+ break;
+
+#ifdef VENDORPEC_WIMAX
+ case RS_TYPE_SIGNED:
+ if (vp->length != 4) goto raw;
+
+ /*
+ * Overload vp_integer for ntohl, which takes
+ * uint32_t, not int32_t
+ */
+ memcpy(&vp->vp_integer, vp->vp_octets, 4);
+ vp->vp_integer = ntohl(vp->vp_integer);
+ memcpy(&vp->vp_signed, &vp->vp_integer, 4);
+ break;
+#endif
+
+#ifdef RS_TYPE_TLV
+ case RS_TYPE_TLV:
+ nr_vp_free(&vp);
+ nr_debug_error("data2vp_any: Internal sanity check failed");
+ return -RSE_ATTR_TYPE_UNKNOWN;
+#endif
+
+#ifdef VENDORPEC_WIMAX
+ case RS_TYPE_COMBO_IP:
+ if (vp->length == 4) {
+ vp->da->type = RS_TYPE_IPADDR;
+ memcpy(&vp->vp_ipaddr, vp->vp_octets, 4);
+ break;
+
+ } else if (vp->length == 16) {
+ vp->da->type = RS_TYPE_IPV6ADDR;
+ /* vp->vp_ipv6addr == vp->vp_octets */
+ break;
+
+ }
+ /* FALL-THROUGH */
+#endif
+
+ default:
+ goto raw;
+ }
+
+ *pvp = vp;
+
+ return length;
+}
+
+
+/*
+ * Create a "standard" RFC VALUE_PAIR from the given data.
+ */
+ssize_t nr_attr2vp_rfc(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp)
+{
+ ssize_t rcode;
+
+ if (length < 2) return -RSE_PACKET_TOO_SMALL;
+ if (data[1] < 2) return -RSE_ATTR_TOO_SMALL;
+ if (data[1] > length) return -RSE_ATTR_OVERFLOW;
+
+ rcode = data2vp_any(packet, original, 0,
+ data[0], 0, data + 2, data[1] - 2, pvp);
+ if (rcode < 0) return rcode;
+
+ return data[1];
+}
+
+#ifndef WITHOUT_VSAS
+/*
+ * Check if a set of RADIUS formatted TLVs are OK.
+ */
+int nr_tlv_ok(const uint8_t *data, size_t length,
+ size_t dv_type, size_t dv_length)
+{
+ const uint8_t *end = data + length;
+
+ if ((dv_length > 2) || (dv_type == 0) || (dv_type > 4)) {
+ nr_debug_error("nr_tlv_ok: Invalid arguments");
+ return -RSE_INVAL;
+ }
+
+ while (data < end) {
+ size_t attrlen;
+
+ if ((data + dv_type + dv_length) > end) {
+ nr_debug_error("Attribute header overflow");
+ return -RSE_ATTR_TOO_SMALL;
+ }
+
+ switch (dv_type) {
+ case 4:
+ if ((data[0] == 0) && (data[1] == 0) &&
+ (data[2] == 0) && (data[3] == 0)) {
+ zero:
+ nr_debug_error("Invalid attribute 0");
+ return -RSE_ATTR_INVALID;
+ }
+
+ if (data[0] != 0) {
+ nr_debug_error("Invalid attribute > 2^24");
+ return -RSE_ATTR_INVALID;
+ }
+ break;
+
+ case 2:
+ if ((data[1] == 0) && (data[1] == 0)) goto zero;
+ break;
+
+ case 1:
+ if (data[0] == 0) goto zero;
+ break;
+
+ default:
+ nr_debug_error("Internal sanity check failed");
+ return -RSE_INTERNAL;
+ }
+
+ switch (dv_length) {
+ case 0:
+ return 0;
+
+ case 2:
+ if (data[dv_type + 1] != 0) {
+ nr_debug_error("Attribute is longer than 256 octets");
+ return -RSE_ATTR_TOO_LARGE;
+ }
+ /* FALL-THROUGH */
+ case 1:
+ attrlen = data[dv_type + dv_length - 1];
+ break;
+
+
+ default:
+ nr_debug_error("Internal sanity check failed");
+ return -RSE_INTERNAL;
+ }
+
+ if (attrlen < (dv_type + dv_length)) {
+ nr_debug_error("Attribute header has invalid length");
+ return -RSE_PACKET_TOO_SMALL;
+ }
+
+ if (attrlen > length) {
+ nr_debug_error("Attribute overflows container");
+ return -RSE_ATTR_OVERFLOW;
+ }
+
+ data += attrlen;
+ length -= attrlen;
+ }
+
+ return 0;
+}
+
+
+/*
+ * Convert a top-level VSA to a VP.
+ */
+static ssize_t attr2vp_vsa(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ unsigned int vendor,
+ size_t dv_type, size_t dv_length,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp)
+{
+ unsigned int attribute;
+ ssize_t attrlen, my_len;
+
+#ifndef NDEBUG
+ if (length <= (dv_type + dv_length)) {
+ nr_debug_error("attr2vp_vsa: Failure to call nr_tlv_ok");
+ return -RSE_PACKET_TOO_SMALL;
+ }
+#endif
+
+ switch (dv_type) {
+ case 4:
+ /* data[0] must be zero */
+ attribute = data[1] << 16;
+ attribute |= data[2] << 8;
+ attribute |= data[3];
+ break;
+
+ case 2:
+ attribute = data[0] << 8;
+ attribute |= data[1];
+ break;
+
+ case 1:
+ attribute = data[0];
+ break;
+
+ default:
+ nr_debug_error("attr2vp_vsa: Internal sanity check failed");
+ return -RSE_INTERNAL;
+ }
+
+ switch (dv_length) {
+ case 2:
+ /* data[dv_type] must be zero */
+ attrlen = data[dv_type + 1];
+ break;
+
+ case 1:
+ attrlen = data[dv_type];
+ break;
+
+ case 0:
+ attrlen = length;
+ break;
+
+ default:
+ nr_debug_error("attr2vp_vsa: Internal sanity check failed");
+ return -RSE_INTERNAL;
+ }
+
+#ifndef NDEBUG
+ if (attrlen <= (ssize_t) (dv_type + dv_length)) {
+ nr_debug_error("attr2vp_vsa: Failure to call nr_tlv_ok");
+ return -RSE_PACKET_TOO_SMALL;
+ }
+#endif
+
+ attrlen -= (dv_type + dv_length);
+
+ my_len = data2vp_any(packet, original, 0,
+ attribute, vendor,
+ data + dv_type + dv_length, attrlen, pvp);
+ if (my_len < 0) return my_len;
+
+#ifndef NDEBUG
+ if (my_len != attrlen) {
+ nr_vp_free(pvp);
+ nr_debug_error("attr2vp_vsa: Incomplete decode %d != %d",
+ (int) my_len, (int) attrlen);
+ return -RSE_INTERNAL;
+ }
+#endif
+
+ return dv_type + dv_length + attrlen;
+}
+
+
+/*
+ * Create Vendor-Specifc VALUE_PAIRs from a RADIUS attribute.
+ */
+ssize_t nr_attr2vp_vsa(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp)
+{
+ size_t dv_type, dv_length;
+ ssize_t my_len;
+ uint32_t lvalue;
+ const DICT_VENDOR *dv;
+
+ if (length < 2) return -RSE_PACKET_TOO_SMALL;
+ if (data[1] < 2) return -RSE_ATTR_TOO_SMALL;
+ if (data[1] > length) return -RSE_ATTR_OVERFLOW;
+
+ if (data[0] != PW_VENDOR_SPECIFIC) {
+ nr_debug_error("nr_attr2vp_vsa: Invalid attribute");
+ return -RSE_INVAL;
+ }
+
+ /*
+ * Not enough room for a Vendor-Id.
+ * Or the high octet of the Vendor-Id is set.
+ */
+ if ((data[1] < 6) || (data[2] != 0)) {
+ return nr_attr2vp_raw(packet, original,
+ data, length, pvp);
+ }
+
+ memcpy(&lvalue, data + 2, 4);
+ lvalue = ntohl(lvalue);
+
+#ifdef VENDORPEC_WIMAX
+ /*
+ * WiMAX gets its own set of magic.
+ */
+ if (lvalue == VENDORPEC_WIMAX) {
+ return nr_attr2vp_wimax(packet, original,
+ data, length, pvp);
+ }
+#endif
+
+ dv_type = dv_length = 1;
+ dv = nr_dict_vendor_byvalue(lvalue);
+ if (!dv) {
+ return nr_attr2vp_rfc(packet, original,
+ data, length, pvp);
+ }
+
+ dv_type = dv->type;
+ dv_length = dv->length;
+
+ /*
+ * Attribute is not in the correct form.
+ */
+ if (nr_tlv_ok(data + 6, data[1] - 6, dv_type, dv_length) < 0) {
+ return nr_attr2vp_raw(packet, original,
+ data, length, pvp);
+ }
+
+ my_len = attr2vp_vsa(packet, original,
+ lvalue, dv_type, dv_length,
+ data + 6, data[1] - 6, pvp);
+ if (my_len < 0) return my_len;
+
+#ifndef NDEBUG
+ if (my_len != (data[1] - 6)) {
+ nr_vp_free(pvp);
+ nr_debug_error("nr_attr2vp_vsa: Incomplete decode");
+ return -RSE_INTERNAL;
+ }
+#endif
+
+ return data[1];
+}
+#endif /* WITHOUT_VSAS */
+
+
+/*
+ * Create a "normal" VALUE_PAIR from the given data.
+ */
+ssize_t nr_attr2vp(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp)
+{
+ if (length < 2) return -RSE_PACKET_TOO_SMALL;
+ if (data[1] < 2) return -RSE_ATTR_TOO_SMALL;
+ if (data[1] > length) return -RSE_ATTR_OVERFLOW;
+
+#ifndef WITHOUT_VSAS
+ /*
+ * VSAs get their own handler.
+ */
+ if (data[0] == PW_VENDOR_SPECIFIC) {
+ return nr_attr2vp_vsa(packet, original,
+ data, length, pvp);
+ }
+#endif
+
+#ifdef VENDORPEC_EXTENDED
+ /*
+ * Extended attribute format gets their own handler.
+ */
+ if (nr_dict_attr_byvalue(data[0], VENDORPEC_EXTENDED) != NULL) {
+ return nr_attr2vp_extended(packet, original,
+ data, length, pvp);
+ }
+#endif
+
+ return nr_attr2vp_rfc(packet, original, data, length, pvp);
+}
+
+ssize_t nr_attr2data(const RADIUS_PACKET *packet, ssize_t start,
+ unsigned int attribute, unsigned int vendor,
+ const uint8_t **pdata, size_t *plength)
+{
+ uint8_t *data, *attr;
+ const uint8_t *end;
+
+ if (!packet || !pdata || !plength) return -RSE_INVAL;
+
+ if (!packet->data) return -RSE_INVAL;
+ if (packet->length < 20) return -RSE_INVAL;
+
+ /*
+ * Too long or short, not good.
+ */
+ if ((start < 0) ||
+ ((start > 0) && (start < 20))) return -RSE_INVAL;
+
+ if ((size_t) start >= (packet->length - 2)) return -RSE_INVAL;
+
+ end = packet->data + packet->length;
+
+ /*
+ * Loop over the packet, converting attrs to VPs.
+ */
+ if (start == 0) {
+ data = packet->data + 20;
+ } else {
+ data = packet->data + start;
+ data += data[1];
+ if (data >= end) return 0;
+ }
+
+ for (attr = data; attr < end; attr += attr[1]) {
+ const DICT_VENDOR *dv = NULL;
+
+#ifndef NEBUG
+ /*
+ * This code is copied from packet_ok().
+ * It could be put into a separate function.
+ */
+ if ((attr + 2) > end) {
+ nr_debug_error("Attribute overflows packet");
+ return -RSE_ATTR_OVERFLOW;
+ }
+
+ if (attr[1] < 2) {
+ nr_debug_error("Attribute length is too small");
+ return -RSE_ATTR_TOO_SMALL;
+ }
+
+ if ((attr + attr[1]) > end) {
+ nr_debug_error("Attribute length is too large");
+ return -RSE_ATTR_TOO_LARGE;
+ }
+#endif
+
+ if ((vendor == 0) && (attr[0] == attribute)) {
+ *pdata = attr + 2;
+ *plength = attr[1] - 2;
+ return attr - packet->data;
+ }
+
+#ifndef WITHOUT_VSAS
+ if (vendor != 0) {
+ uint32_t vendorpec;
+
+ if (attr[0] != PW_VENDOR_SPECIFIC) continue;
+
+ if (attr[1] < 6) continue;
+
+ memcpy(&vendorpec, attr + 2, 4);
+ vendorpec = ntohl(vendorpec);
+ if (vendor != vendorpec) continue;
+
+ if (!dv) {
+ dv = nr_dict_vendor_byvalue(vendor);
+ if (dv &&
+ ((dv->type != 1) || (dv->length != 1))) {
+ return -RSE_VENDOR_UNKNOWN;
+ }
+ }
+
+ /*
+ * No data.
+ */
+ if (attr[1] < 9) continue;
+
+ /*
+ * Malformed, or more than one VSA in
+ * the Vendor-Specific
+ */
+ if (attr[7] + 6 != attr[1]) continue;
+
+ /*
+ * Not the right VSA.
+ */
+ if (attr[6] != attribute) continue;
+
+ *pdata = attr + 8;
+ *plength = attr[1] - 8;
+ return attr - packet->data;
+ }
+#endif
+ }
+
+ return 0; /* nothing more: stop */
+}
+
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/** \file client.h
+ * \brief Main header file.
+ */
+
+#ifndef _RADIUS_CLIENT_H_
+#define _RADIUS_CLIENT_H_ 1
+
+/*
+ * System-specific header files.
+ */
+#include <config.h>
+#include <errno.h>
+#include <stdio.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#ifdef HAVE_STDLIB_H
+#include <stdlib.h>
+#endif
+#ifdef HAVE_STRING_H
+#include <string.h>
+#endif
+#include <stdarg.h>
+#ifdef HAVE_NETDB_H
+#include <netdb.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+
+#include <radsec/radsec.h>
+#include <radsec/radsec-impl.h>
+#include <radsec/radius.h>
+
+/** \defgroup build Build Helpers
+ *
+ * These definitions give the GNU C compiler more information about
+ * the functions being compiled. They are used to either remove
+ * warnings, or to enable better warnings.
+ **/
+
+/** \defgroup custom Portability Functions
+ *
+ * These functions and definitions should be modified for your local
+ * system. See the individual definitions for details.
+ */
+
+/** \defgroup error Error handling
+ *
+ * These definitions and routines manage errors.
+ */
+
+/** \defgroup value_pair Attribute manipulation
+ *
+ * These routines manage structures which map to attributes.
+ */
+
+/**\defgroup dict Dictionary Lookup Functions
+ *
+ * \sa doc/dictionaries.txt
+ *
+ * The RADIUS dictionaries perform name to number mappings. The names
+ * are used only for administrator convenience, for parsing
+ * configuration files, and printing humanly-readable output. The
+ * numbers are used when encoding data in a packet.
+ *
+ * When attributes are decoded from a packet, the numbers are used to
+ * look up the associated name, which is then placed into a data
+ * structure.
+ *
+ * When the data structures are encoded into a packet, the numbers are
+ * used to create RFC and VSA format attributes.
+ *
+ * \attention The definitions, structures, and functions given below
+ * are useful only for implementing "low level" RADIUS
+ * functionality. There is usually no need to refer to them in a
+ * client application. The library should be used at a higher level,
+ * which exposes a much simpler API.
+ */
+
+/** \defgroup packet Packet manipulation
+ *
+ * These routines perform encoding and decoding of RADIUS packets.
+ */
+
+/** \defgroup print Print / parse functions
+ *
+ * These routines convert the internal data structures to a printable
+ * form, or parse them.
+ */
+
+/** \defgroup id ID allocation and freeing
+ *
+ * These routines manage RADIUS ID allocation.
+ */
+
+/** \defgroup attr Low-level attribute encode/decoding
+ *
+ * These routines perform "low level" encoding, decoding, sending, and
+ * reception of RADIUS attributes. They are called by the \ref packet
+ * functions.
+ *
+ * \attention The structures and functions given below are useful only
+ * for implementing "low level" RADIUS functionality. There is usually
+ * no need to refer to them in a client application. The library
+ * should be used at a higher level, which exposes a much simpler API.
+ */
+
+/** \defgroup internal Internal support functions.
+ *
+ * These functions are required to perform internal or "low-level"
+ * data manipulation. While they are exposed for completeness, they
+ * should not be called by any application.
+ */
+
+#ifdef PW_EAP_MESSAGE
+#ifndef PW_MESSAGE_AUTHENTICATOR
+#error EAP-Message requires Message-Authenticator
+#endif
+#endif
+
+#ifdef WITHOUT_OPENSSL
+#ifndef RS_MD5_CTX
+#error RS_MD5_CTX must be defined
+#endif
+#ifndef RS_MD5Init
+#error n_rMD5Init must be defined
+#endif
+#ifndef RS_MD5Update
+#error RS_MD5Updyae must be defined
+#endif
+#ifndef RS_MD5Final
+#error RS_MD5Final must be defined
+#endif
+#ifndef RS_MD5Transform
+#error RS_MD5Transform must be defined
+#endif
+
+#else /* WITHOUT_OPENSSL */
+
+#include <openssl/md5.h>
+/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
+#define RS_MD5_CTX MD5_CTX
+/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
+#define RS_MD5Init MD5_Init
+/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
+#define RS_MD5Update MD5_Update
+/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
+#define RS_MD5Final MD5_Final
+/** Define for compile-time selection of the MD5 functions. Defaults to using the OpenSSL functions. \ingroup custom */
+#define RS_MD5Transform MD5_Transform
+#endif
+
+#ifndef RS_MAX_PACKET_LEN
+/** The maximum size of a packet that the library will send or receive. \ingroup custom
+ *
+ * The RFC requirement is to handle at least 4K packets. However, if
+ * you expect to only do username/password authentication, this value
+ * can be set to a smaller value, such as 256.
+ *
+ * Be warned that any packets larger than this value will be ignored
+ * and silently discarded.
+ */
+#define RS_MAX_PACKET_LEN (4096)
+#endif
+
+#ifndef RS_MAX_ATTRIBUTES
+/** The maximum number of attributes that the library will allow in a packet. \ingroup custom
+ *
+ * Packets which contain more than ::RS_MAX_ATTRIBUTES will generate
+ * an error. This value is configurable because there may be a need
+ * to accept a large mumber of attributes.
+ *
+ * This value is ignored when packets are sent. The library will
+ * send as many attributes as it is told to send.
+ */
+#define RS_MAX_ATTRIBUTES (200)
+#endif
+
+#undef RS_MAX_PACKET_CODE
+/** The maximum RADIUS_PACKET::code which we can accept. \ingroup dict
+ *
+ * \attention This should not be changed, as it is used by other
+ * structures such as ::nr_packet_codes.
+ */
+#define RS_MAX_PACKET_CODE PW_COA_NAK
+
+/** The maximum vendor number which is permitted. \ingroup dict
+ *
+ * The RFCs require that the Vendor Id or Private Enterprise Number
+ * be encoded as 32 bits, with the upper 8 bits being zero.
+ */
+#define RS_MAX_VENDOR (1 << 24)
+
+/** Data Type Definitions. \ingroup dict
+ */
+#define TAG_VALID(x) ((x) < 0x20)
+
+/** The attribute is not encrypted. */
+#define FLAG_ENCRYPT_NONE (0)
+
+/** The attribute is encrypted using the RFC 2865 User-Password method */
+#define FLAG_ENCRYPT_USER_PASSWORD (1)
+
+/** The attribute is encrypted using the RFC 2868 Tunnel-Password method */
+#define FLAG_ENCRYPT_TUNNEL_PASSWORD (2)
+
+/** A set of flags which determine how the attribute should be handled.
+ *
+ * Most attributes are "normal", and do not require special handling.
+ * However, some require "encryption", tagging, or have other special
+ * formats. This structure contains the various options for the
+ * attribute formats.
+ */
+typedef struct attr_flags {
+ unsigned int has_tag : 1; /**< Attribute has an RFC 2868 tag */
+ unsigned int unknown : 1; /**< Attribute is unknown */
+#ifdef RS_TYPE_TLV
+ unsigned int has_tlv : 1; /* has sub attributes */
+ unsigned int is_tlv : 1; /* is a sub attribute */
+#endif
+ unsigned int extended : 1; /* extended attribute */
+ unsigned int extended_flags : 1; /* with flag */
+ unsigned int evs : 1; /* extended VSA */
+ uint8_t encrypt; /**< Attribute encryption method */
+ uint8_t length; /**< The expected length of the attribute */
+} ATTR_FLAGS;
+
+
+/** Defines an dictionary mapping for an attribute. \ingroup dict
+ *
+ * The RADIUS dictionaries map humanly readable names to protocol
+ * numbers. The protocol numbers are used to encode/decode the
+ * attributes in a packet.
+ */
+typedef struct nr_dict_attr {
+ unsigned int attr; /**< Attribute number */
+ rs_attr_type_t type; /**< Data type */
+ unsigned int vendor; /**< Vendor-Id number */
+ ATTR_FLAGS flags;
+ const char *name; /**< Printable name */
+} DICT_ATTR;
+
+/** Defines a dictionary mapping for a named enumeration. \ingroup dict
+ *
+ * This structure is currently not used.
+ */
+typedef struct nr_dict_value {
+ const DICT_ATTR *da; /**< pointer to a ::DICT_ATTR */
+ int value; /**< enumerated value */
+ char name[1]; /**< printable name */
+} DICT_VALUE;
+
+/** Defines an dictionary mapping for a vendor. \ingroup dict
+ *
+ * The RADIUS dictionaries map humanly readable vendor names to a
+ * Vendor-Id (or Private Enterprise Code) assigned by IANA. The
+ * Vendor-Id is used to encode/decode Vendor-Specific attributes in a
+ * packet.
+ */
+typedef struct nr_dict_vendor {
+ unsigned int vendor; /**< Vendor Private Enterprise Code */
+ size_t type; /**< size of Vendor-Type field */
+ size_t length; /**< size of Vendor-Length field */
+ const char *name; /**< Printable name */
+} DICT_VENDOR;
+
+/** Union holding all possible types of data for a ::VALUE_PAIR. \ingroup value_pair
+ *
+ */
+typedef union value_pair_data {
+ char strvalue[RS_MAX_STRING_LEN]; /* +1 for NUL */
+ uint8_t octets[253];
+ struct in_addr ipaddr;
+ struct in6_addr ipv6addr;
+ uint32_t date;
+ uint32_t integer;
+#ifdef RS_TYPE_SIGNED
+ int32_t sinteger;
+#endif
+#ifdef RS_TYPE_ABINARY
+ uint8_t filter[32];
+#endif
+ uint8_t ifid[8]; /* struct? */
+ uint8_t ipv6prefix[18]; /* struct? */
+#ifdef RS_TYPE_TLV
+ uint8_t *tlv;
+#endif
+} VALUE_PAIR_DATA;
+
+
+/** C structure version of a RADIUS attribute. \ingroup value_pair
+ *
+ * The library APIs use this structure to avoid depending on the
+ * details of the protocol.
+ */
+typedef struct value_pair {
+ const DICT_ATTR *da; /**< dictionary definition */
+ size_t length; /**< number of octets in the data */
+ int tag; /**< tag value if da->flags.has_tag */
+ struct value_pair *next; /**< enables a linked list of values */
+ VALUE_PAIR_DATA data; /**< the data of the attribute */
+} VALUE_PAIR;
+#define vp_strvalue data.strvalue
+#define vp_octets data.octets
+#define vp_ipv6addr data.ipv6addr
+#define vp_ifid data.ifid
+#define vp_ipv6prefix data.ipv6prefix
+#define vp_ipaddr data.ipaddr.s_addr
+#define vp_date data.integer
+#define vp_integer data.integer
+#ifdef RS_TYPE_ABINARY
+#define vp_filter data.filter
+#endif
+#ifdef RS_TYPE_ETHER
+#define vp_ether data.ether
+#endif
+#ifdef RS_TYPE_SIGNED
+#define vp_signed data.sinteger
+#endif
+#ifdef RS_TYPE_TLV
+#define vp_tlv data.tlv
+#endif
+
+#ifdef RS_TYPE_TLV
+#define RS_ATTR_MAX_TLV (4)
+extern const int nr_attr_shift[RS_ATTR_MAX_TLV];
+extern const int nr_attr_mask[RS_ATTR_MAX_TLV];
+extern const unsigned int nr_attr_max_tlv;
+#endif
+
+/** A structure which describes a RADIUS packet. \ingroup packet
+ *
+ * In general, it should not be necessary to refererence the elements
+ * of this structure.
+ */
+typedef struct radius_packet {
+ int sockfd; /** The socket descriptor */
+ struct sockaddr_storage src; /**< The packet source address */
+ struct sockaddr_storage dst; /**< the packet destination address */
+ const char *secret; /**< The shared secret */
+ size_t sizeof_secret; /**< Length of the shared secret */
+ unsigned int code; /**< The RADIUS Packet Code */
+ int id; /**< The RADIUS Packet Id */
+ size_t length; /**< The RADIUS Packet Length. This will be no larger than RADIUS_PACKET::sizeof_data */
+ uint8_t vector[16]; /**< A copy of the authentication vector */
+ int flags; /**< Internal flags. Do not modify this field. */
+ int attempts; /**< The number of transmission attempt */
+ uint8_t *data; /**< The raw packet data */
+ size_t sizeof_data; /**< size of the data buffer */
+ VALUE_PAIR *vps; /**< linked list of ::VALUE_PAIR */
+} RADIUS_PACKET;
+
+#define RS_PACKET_ENCODED (1 << 0)
+#define RS_PACKET_HEADER (1 << 1)
+#define RS_PACKET_SIGNED (1 << 2)
+#define RS_PACKET_OK (1 << 3)
+#define RS_PACKET_VERIFIED (1 << 4)
+#define RS_PACKET_DECODED (1 << 5)
+
+
+/** Track packets sent to a server. \ingroup id
+ *
+ * This data structure tracks Identifiers which are used to
+ * communicate with a particular destination server. The application
+ * should call nr_server_init() to initialize it. If necessary, the
+ * application should then call nr_server_set_ipv4() to open an IPv4
+ * socket to the server.
+ *
+ * If the RADIUS packets are being transported over an encapsulation
+ * layer (e.g. RADIUS over TLS), then nr_server_set_ipv4() does not
+ * need to be called. The ::nr_server_t structure should instead be
+ * associated wih the TLS session / socket.
+ */
+typedef struct nr_server_t {
+ int sockfd; /**< socket for sending packets */
+ int code; /**< default value for the Code */
+
+ struct sockaddr_storage src; /**< Source address of the packet */
+ struct sockaddr_storage dst; /**< Destination address of the packet */
+
+ /** The shared secret.
+ *
+ * See also nr_packet_send() and nr_packet_recv().
+ */
+ const char *secret;
+
+ /** The length of the shared secret.
+ *
+ * See also nr_packet_send() and nr_packet_recv().
+ */
+ size_t sizeof_secret;
+
+ int used; /**< Number of used IDs */
+
+ void *free_list; /**< For managing packets */
+
+ RADIUS_PACKET *ids[256]; /**< Pointers to "in flight" packets */
+} nr_server_t;
+
+
+/** Return a printable error message. \ingroup error
+ *
+ * This function returns a string describing the last error that
+ * occurred. These messages are intended for developers, and are not
+ * suitable for display to an end user. The application using this
+ * library should instead produce a "summary" message when an error
+ * occurs. e.g. "Failed to receive a response", is better than
+ * messages produced by this function, which contain text like
+ * "invalid response authentication vector". The first is
+ * understandable, the second is not.
+ *
+ * @param[in] error The error code (can be less than zero)
+ * @return A printable string describing the error.
+ */
+extern const char *nr_strerror(int error);
+
+/** Allocate a ::VALUE_PAIR which refers to a ::DICT_ATTR. \ingroup value_pair
+ *
+ * This returned ::VALUE_PAIR has no data associated with it. The
+ * nr_vp_set_data() function must be called before placing the
+ * ::VALUE_PAIR in a ::RADIUS_PACKET.
+ *
+ * @param[in] da The ::DICT_ATTR associated with the ::VALUE_PAIR
+ * @return The created ::VALUE_PAIR, or NULL on error.
+ */
+extern VALUE_PAIR *nr_vp_alloc(const DICT_ATTR *da);
+
+/** Free a ::VALUE_PAIR. \ingroup value_pair
+ *
+ * This function frees the ::VALUE_PAIR, and sets the head pointer to NULL.
+ * If head refers to a ::VALUE_PAIR list, then all of the structures in the
+ * list are freed.
+ *
+ * @param[in,out] head The pointer to a ::VALUE_PAIR, or a ::VALUE_PAIR list.
+ */
+extern void nr_vp_free(VALUE_PAIR **head);
+
+/** Initializes a ::VALUE_PAIR from a ::DICT_ATTR \ingroup value_pair
+ *
+ * This function assumes that the ::VALUE_PAIR points to existing
+ * and writable memory.
+ *
+ * @param[in,out] vp The ::VALUE_PAIR to be initialized
+ * @param[in] da The ::DICT_ATTR used to initialize the ::VALUE_PAIR
+ * @return The initialized ::VALUE_PAIR, or NULL on error.
+ */
+extern VALUE_PAIR *nr_vp_init(VALUE_PAIR *vp, const DICT_ATTR *da);
+
+/** Allocate a ::VALUE_PAIR which refers to an unknown attribute. \ingroup value_pair
+ *
+ * It is used when an attribute is received, and that attribute does
+ * not exist in the dictionaries.
+ *
+ * The returned ::VALUE_PAIR has no data (i.e. VALUE_PAIR::length is
+ * zero). The nr_vp_set_data() function must be called before
+ * placing the ::VALUE_PAIR in a ::RADIUS_PACKET.
+ *
+ * @param[in] attr The attribute number, 0..2^16
+ * @param[in] vendor The vendor number, 0..2^16
+ * @return The created ::VALUE_PAIR, or NULL on error.
+ */
+extern VALUE_PAIR *nr_vp_alloc_raw(unsigned int attr, unsigned int vendor);
+
+/** Set the data associated with a previously allocated ::VALUE_PAIR. \ingroup value_pair
+ *
+ * If this function succeeds, VALUE_PAIR::length is no longer zero,
+ * and the structure contains the data.
+ *
+ * @param[in,out] vp The ::VALUE_PAIR to update
+ * @param[in] data Data to set inside of the ::VALUE_PAIR
+ * @param[in] data_len Length of the data field
+ * @return <0 on error, 0 for "data was truncated"
+ * >0 for "data successfully added"
+ */
+extern int nr_vp_set_data(VALUE_PAIR *vp, const void *data, size_t data_len);
+
+/** Create a ::VALUE_PAIR and set its data. \ingroup value_pair
+ *
+ * @param[in] attr The attribute number of the ::VALUE_PAIR to create
+ * @param[in] vendor The vendor number of the ::VALUE_PAIR to create
+ * @param[in] data Data to set inside of the ::VALUE_PAIR
+ * @param[in] data_len Length of the data field
+ * @return The created ::VALUE_PAIR, or NULL on error.
+ */
+extern VALUE_PAIR *nr_vp_create(int attr, int vendor, const void *data,
+ size_t data_len);
+
+/** Append a ::VALUE_PAIR to the end of a ::VALUE_PAIR list. \ingroup value_pair
+ *
+ * @param[in,out] head The head of the ::VALUE_PAIR list. May not be NULL.
+ * @param[in] vp The ::VALUE_PAIR to append to the list.
+ */
+extern void nr_vps_append(VALUE_PAIR **head, VALUE_PAIR *vp);
+
+/** Search a ::VALUE_PAIR list for one of a given number. \ingroup value_pair
+ *
+ * @param[in] head The head of the ::VALUE_PAIR list to search.
+ * @param[in] attr The attribute number of the ::VALUE_PAIR to find
+ * @param[in] vendor The vendor number of the ::VALUE_PAIR to find
+ * @return The found ::VALUE_PAIR, or NULL if it was not found.
+ */
+extern VALUE_PAIR *nr_vps_find(VALUE_PAIR *head,
+ unsigned int attr, unsigned int vendor);
+
+/** Look up an attribute in the dictionaries. \ingroup dict
+ *
+ * The dictionary mapping contains information about the attribute,
+ * such as printable name, data type (ipaddr, integer, etc), and
+ * various other things used to encode/decode the attribute in a
+ * packet.
+ *
+ * \attention There is usually no need to call this function. Use
+ * the RS_DA_* definitions instead.
+ *
+ * @param[in] attr Value of the attribute
+ * @param[in] vendor Value of the vendor
+ * @return NULL for "not found", or a pointer to the attribute mapping.
+ */
+extern const DICT_ATTR *nr_dict_attr_byvalue(unsigned int attr,
+ unsigned int vendor);
+
+/** Look up an attribute in the dictionaries. \ingroup dict
+ *
+ * The dictionary mapping contains information about the attribute,
+ * such as printable name, data type (ipaddr, integer, etc), and
+ * various other things used to encode/decode the attribute in a
+ * packet.
+ *
+ * \attention There is usually no need to call this function.
+ *
+ * @param[in] name Name of the attribute
+ * @return NULL for "not found", or a pointer to the attribute mapping.
+ */
+extern const DICT_ATTR *nr_dict_attr_byname(const char *name);
+
+/** Converts raw data to a ::DICT_ATTR structure. \ingroup dict
+ *
+ * It is called when the library is asked to decode an attribute
+ * which is not in the pre-defined dictionaries.
+ *
+ * \attention There is usually no need to call this function.
+ *
+ * @param[in,out] da The ::DICT_ATTR structure to initialize
+ * @param[in] attr The attribute number
+ * @param[in] vendor The vendor number
+ * @param[in] buffer The buffer where the name of the attribute is stored
+ * @param[in] bufsize Size of the buffer
+ * @return <0 for error, 0 for success
+ */
+extern int nr_dict_attr_2struct(DICT_ATTR *da,
+ unsigned int attr, unsigned int vendor,
+ char *buffer, size_t bufsize);
+
+/** Unused. \ngroup dict
+ *
+ */
+extern const DICT_VALUE *nr_dict_value_byattr(unsigned int attr,
+ unsigned int vendor,
+ int value);
+
+/** Unused. \ngroup dict
+ *
+ */
+const DICT_VALUE *nr_dict_value_byname(unsigned int attr,
+ unsigned int vendor,
+ const char *name);
+
+/** Look up a vendor in the dictionaries. \ingroup dict
+ *
+ * The dictionary mapping contains information about the vendor, such
+ * as printable name, VSA encoding method, etc.
+ *
+ * \attention There is usually no need to call this function.
+ * Applications do not need access to low-level RADIUS protocol
+ * information.
+ *
+ * @param[in] name Name of the vendor.
+ * @return NULL for "not found", or a pointer to the vendor mapping.
+ */
+extern int nr_dict_vendor_byname(const char *name);
+
+/** Look up an vendor in the dictionaries. \ingroup dict
+ *
+ * The dictionary mapping contains information about the vendor, such
+ * as printable name, VSA encoding method, etc.
+ *
+ * \attention There is usually no need to call this function.
+ *
+ * @param[in] vendor Vendor-Id (or Private Enterprise code) for the vendor.
+ * @return NULL for "not found", or a pointer to the vendor mapping.
+ */
+extern const DICT_VENDOR *nr_dict_vendor_byvalue(unsigned int vendor);
+
+/** Static array of known vendors. \ingroup dict
+ *
+ * \attention This structure should only be accessed by internal RADIUS library
+ * functions.
+ */
+extern const DICT_VENDOR nr_dict_vendors[];
+
+/** The number of attribute definitions in the dictionary. \ingroup dict
+ *
+ * This number is guaranteed to be at least 256, for speed.
+ *
+ * \attention This variable should only be accessed by internal RADIUS library
+ * functions.
+ */
+extern const int nr_dict_num_attrs;
+
+/** The list of attribute definitions. \ingroup dict
+ *
+ * The "standard" RFC attributes are located in the first 256
+ * entries. Standard attributes without a dictionary definition are
+ * given an empty entry.
+ *
+ * The attributes are orderd by (vendor, attribute), in increasing
+ * order. This allows the dictionary lookups to find attributes by a
+ * binary search.
+ *
+ * \attention This variable should only be accessed by internal RADIUS library
+ * functions.
+ */
+extern const DICT_ATTR nr_dict_attrs[];
+
+/** The number of attributes with names. \ingroup dict
+ *
+ * \attention This variable should only be accessed by internal RADIUS library
+ * functions.
+ */
+extern const int nr_dict_num_names;
+
+/** The list of attribute definitions, organized by name. \ingroup dict
+ *
+ * The attributes are orderd by name (case insensitive), in
+ * increasing order. This allows the dictionary lookups to find
+ * attributes by a binary search.
+ *
+ * \attention This variable should only be accessed by internal RADIUS library
+ * functions.
+ */
+extern const DICT_ATTR const *nr_dict_attr_names[];
+
+/** Static array containing names the RADIUS_PACKET::code field. \ingroup dict
+ *
+ * The names are hard-coded and not in any dictionary because they do
+ * not change.
+ *
+ * The names are exported because they may be useful in your
+ * application. Packet codes which are not handled by the library
+ * have NULL for their names.
+ */
+extern const char *nr_packet_codes[RS_MAX_PACKET_CODE + 1];
+
+/** Verifies that a packet is "well formed". \ingroup packet
+ *
+ * This function performs basic validation to see if the packet is
+ * well formed. It is automatically called by nr_packet_decode().
+ *
+ * @param[in] packet A pointer to the ::RADIUS_PACKET data.
+ * @return <0 means malformed, >= 0 means well-formed.
+ */
+extern int nr_packet_ok(RADIUS_PACKET *packet);
+
+/** Verifies that a packet is "well formed". \ingroup packet
+ *
+ * This function performs basic validation to see if the packet is
+ * well formed. You should normally use nr_packet_ok() instead of
+ * this function.
+ *
+ * @param[in] data A pointer to the raw packet data.
+ * @param[in] sizeof_data The length of the raw packet data
+ * @return <0 means malformed, >= 0 means well-formed.
+ */
+extern int nr_packet_ok_raw(const uint8_t *data, size_t sizeof_data);
+
+/** Encodes a packet. \ingroup packet
+ *
+ * This function encodes a packet using the fields of the
+ * ::RADIUS_PACKET structure. The RADIUS_PACKET::code and
+ * RADIUS_PACKET::id fields are used to fill in the relevant fields
+ * of the raw (encoded) packet. The RADIUS_PACKET::vps list is
+ * walked to encode the attributes. The packet is signed, if
+ * required.
+ *
+ * The raw packet is placed into the RADIUS_PACKET::data field, up to
+ * RADIUS_PACKET::sizeof_data bytes. the RADIUS_PACKET::length field
+ * is updated with the length of the raw packet. This field is
+ * always less than, or equal to, the RADIUS_PACKET::size_data field.
+ * If there is insufficient room to store all of the attributes, then
+ * some attributes are silently discarded.
+ *
+ * The RADIUS_PACKET::vector field is either calculated as part of
+ * the signing process, or is initialized by this function to be a
+ * random sequence of bytes. That field should therefore be left
+ * alone by the caller.
+ *
+ * When the encoding has been successful, it sets the
+ * RADIUS_PACKET::encoded field to non-zero.
+ *
+ * In addition, all required attribute "encryption" is performed.
+ *
+ * User-Password. The vp_strvalue field is assumed to contain the
+ * "clear-text" version of the password. The encrypted version is
+ * calculated, and placed in the packet.
+ *
+ * CHAP-Password. The vp_strvalue field is assumed to contain the
+ * "clear-text" version of the password. The encrypted version is
+ * calculated, and placed in the packet. If the RADIUS_PACKET::vps
+ * list contains a CHAP-Challenge attribute, it is used. Otherwise
+ * the RADIUS_PACKET::vector field is used a the challenge.
+ *
+ * Message-Authenticator. The contents of the Message-Authenticator
+ * in the RADIUS_PACKET::vps list are ignored. Instead, a
+ * "place-holder" is put into the packt. Tthe correct value is
+ * calculated and placed into the packet by nr_packet_sign().
+ *
+ * The RADIUS_PACKET::vps list is left untouched by this function,
+ * even when attribute encryption or signing is performed. Any
+ * VALUE_PAIR structures can therefore be taken from static "const"
+ * variables.
+ *
+ * @param[in] packet The RADIUS packet to encode.
+ * @param[in] original The original request, when encoding a response.
+ * @return <0 on error, >= 0 on success.
+ */
+extern int nr_packet_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original);
+
+/** Decodes a packet. \ingroup packet
+ *
+ * This function decodes a packet from the RADIUS_PACKET::data field
+ * into a sequence of ::VALUE_PAIR structures in the
+ * RADIUS_PACKET::vps list.
+ *
+ * @param[in] packet The RADIUS packet to decode.
+ * @param[in] original The original request, when decoding a response.
+ * @return <0 on error, >= 0 on success.
+ */
+extern int nr_packet_decode(RADIUS_PACKET *packet, const RADIUS_PACKET *original);
+
+/** Signs a packet so that it can be sent. \ingroup packet
+ *
+ * This function calculates the Message-Authenticator (if required),
+ * and signs the packet.
+ *
+ * @param[in] packet The RADIUS packet to sign.
+ * @param[in] original The original request, when signing a response.
+ * @return <0 on error, >= 0 on success.
+ */
+extern int nr_packet_sign(RADIUS_PACKET *packet, const RADIUS_PACKET *original);
+
+/** Verifies that a packet is well-formed and contains the correct signature. \ingroup packet
+ *
+ * If "original" is specified, it also verifies that the packet is a
+ * response to the original request, and that it has the correct
+ * signature.
+ *
+ * @param[in] packet The RADIUS packet to verify.
+ * @param[in] original The original request, when verifying a response.
+ * @return <0 on error, >= 0 on success.
+ */
+extern int nr_packet_verify(RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original);
+
+/** Pretty-prints a hex dump of a RADIUS packet. \ingroup packet print
+ *
+ * This function is available only in debugging builds of the
+ * library. It is useful during development, but should not be used
+ * in a production system.
+ *
+ * The packet headers are printed individually, and each attribute is
+ * printed as "type length data..."
+ *
+ * @param[in] packet The RADIUS packet to print
+ */
+extern void nr_packet_print_hex(RADIUS_PACKET *packet);
+
+
+/** Return the given number of random bytes. \ingroup custom
+ *
+ * This function should be replaced by one that is specific to your
+ * system.
+ *
+ * This is a wrapper function which enables the library to be more
+ * portable.
+ *
+ * @param[in] data Location where the random bytes will be stored
+ * @param[in] data_len Number of bytes to store
+ * @return <0 on error, or the total number of bytes stored.
+ */
+extern ssize_t nr_rand_bytes(uint8_t *data, size_t data_len);
+
+/** Return a random 32-bit integer. \ingroup custom
+ *
+ * This function should be replaced by one that is specific to your
+ * system. The version supplied here just calls nr_rand_bytes() each
+ * time, which is slow.
+ *
+ * This is a wrapper function which enables the library to be more
+ * portable.
+ *
+ * @return An unsigned 32-bit random integer.
+ */
+extern uint32_t nr_rand(void);
+
+/** Add a time to the given ::struct timeval. \ingroup custom
+ *
+ * This is a wrapper function which enables the library to be more
+ * portable.
+ *
+ * @param[in,out] t The timeval to which the time is added.
+ * @param[in] seconds Time in seconds to add
+ * @param[in] usec Time in microseconds to add
+ */
+extern void nr_timeval_add(struct timeval *t, unsigned int seconds,
+ unsigned int usec);
+
+/** Compare two times. \ingroup custom
+ *
+ * This is a wrapper function which enables the library to be more
+ * portable.
+ *
+ * @param[in] a One timeval
+ * @param[in] b Another one
+ * @return a <=> b
+ */
+extern int nr_timeval_cmp(const struct timeval *a, const struct timeval *b);
+
+/** Initializes an ::nr_server_t. \ingroup id
+ *
+ * @param[in,ut] s The ::nr_server_t to initialize
+ * @param[in] code The packet code used for packets sent to this server
+ * @param[in] secret The shared secret used for packet sent to this server
+ * @return <0 for error, >= 0 for success
+ */
+extern int nr_server_init(nr_server_t *s, int code, const char *secret);
+
+/** Closes an ::nr_server_t data structure. \ingroup id
+ *
+ * Ensures that all IDs are free, and closes the socket.
+ *
+ * @param[in] s The server structure to close.
+ * @return <0 for error, 0 for success
+ */
+extern int nr_server_close(const nr_server_t *s);
+
+/** Allocate a RADIUS_PACKET::id value for sending a packet to a server. \ingroup id
+ *
+ * This function allocates a RADIUS_PACKET::id from the ::nr_server_t
+ * structure. It also fills in the RADIUS_PACKET::sockfd,
+ * RADIUS_PACKET::code, and RADIUS_PACKET::dst fields.
+ *
+ * @param[in] s The server structure which tracks the ID
+ * @param[in] packet The packet which needs an ID
+ * @return <0 for error, 0 for success
+ */
+extern int nr_server_id_alloc(nr_server_t *id, RADIUS_PACKET *packet);
+
+/** Re-allocate a RADIUS_PACKET::id value for sending a packet to a server. \ingroup id
+ *
+ * It is used when retransmitting an Accounting-Request packet to a
+ * server, after updating the Acct-Delay-Time field. The "realloc"
+ * name means that the new ID is allocated, and is guaranteed to be
+ * different from the old one.
+ *
+ * @param[in] s The server structure which tracks the ID
+ * @param[in] packet The packet which needs a new ID
+ * @return <0 for error, 0 for success
+ */
+extern int nr_server_id_realloc(nr_server_t *id, RADIUS_PACKET *packet);
+
+/** Free a RADIUS_PACKET::id value after sending a packet to a server. \ingroup id
+ *
+ * @param[in] s The server structure which tracks the ID
+ * @param[in] packet The packet which has an ID, and wants to free it
+ * @return <0 for error, 0 for success
+ */
+extern int nr_server_id_free(nr_server_t *id, RADIUS_PACKET *packet);
+
+
+/** Allocates a packet using malloc(), and initializes it. \ingroup id
+ *
+ * @param[in] s The server structure
+ * @param[in,out] packet_p Pointer to the ::RADIUS_PACKET to be allocated
+ * @return <0 for error, 0 for success
+ */
+extern int nr_server_packet_alloc(const nr_server_t *s, RADIUS_PACKET **packet_p);
+
+/** Record a humanly readable error message. \ingroup error
+ *
+ * \attention This structure should only be accessed by internal
+ * RADIUS library functions.
+ *
+ * @param[in] fmt The format to use.
+ */
+extern void nr_strerror_printf(const char *fmt, ...);
+
+#ifndef NDEBUG
+#define nr_debug_error nr_strerror_printf /** \ingroup error */
+#else
+#define nr_debug_error if (0) nr_strerror_printf
+#endif
+
+/** Encrypts or decrypts a User-Password attribute. \ingroup internal
+ *
+ * \attention This structure should only be accessed by internal
+ * RADIUS library functions.
+ *
+ * @param[out] output Buffer where the password is stored
+ * @param[out] outlen Size of the output buffer
+ * @param[in] input Input buffer with password
+ * @param[in] inlen Length of the input buffer
+ * @param[in] secret The shared secret
+ * @param[in] vector Authentication vector
+ * @return <0 on error, or the length of data in "output"
+ */
+extern ssize_t nr_password_encrypt(uint8_t *output, size_t outlen,
+ const uint8_t *input, size_t inlen,
+ const char *secret, const uint8_t *vector);
+
+/** Encrypts a Tunnel-Password attribute. \ingroup internal
+ *
+ * \attention This structure should only be accessed by internal
+ * RADIUS library functions.
+ *
+ * @param[out] output Buffer where the password is stored
+ * @param[out] outlen Size of the output buffer
+ * @param[in] input Input buffer with password
+ * @param[in] inlen Length of the input buffer
+ * @param[in] secret The shared secret
+ * @param[in] vector Authentication vector
+ * @return <0 on error, or the length of data in "output"
+ */
+extern ssize_t nr_tunnelpw_encrypt(uint8_t *output, size_t outlen,
+ const uint8_t *input, size_t inlen,
+ const char *secret, const uint8_t *vector);
+
+/** Decrypts a Tunnel-Password attribute. \ingroup internal
+ *
+ *
+ * \attention This structure should only be accessed by internal
+ * RADIUS library functions.
+ *
+ * @param[out] output Buffer where the password is stored
+ * @param[out] outlen Size of the output buffer
+ * @param[in] input Input buffer with password
+ * @param[in] inlen Length of the input buffer
+ * @param[in] secret The shared secret
+ * @param[in] vector Authentication vector
+ * @return <0 on error, or the length of data in "output"
+ */
+extern ssize_t nr_tunnelpw_decrypt(uint8_t *output, size_t outlen,
+ const uint8_t *input, size_t inlen,
+ const char *secret, const uint8_t *vector);
+
+/** Calculates an HMAC-MD5. \ingroup internal
+ *
+ * @param[in] data Data to be hashed
+ * @param[in] data_len Length of data to be hashed
+ * @param[in] key Key for the HMAC
+ * @param[in] key_len Length of the key
+ * @param[out] digest
+ */
+extern void nr_hmac_md5(const uint8_t *data, size_t data_len,
+ const uint8_t *key, size_t key_len,
+ uint8_t digest[16]);
+
+/** Checks if a TLV is properly formatted. \ingroup internal
+ *
+ * \attention This structure should only be accessed by internal
+ * RADIUS library functions.
+ *
+ * @param[in] data Data to check
+ * @param[in] length Length of the data field
+ * @param[in] dv_type Length of the TLV "type" field
+ * @param[in] dv_length Length of the TLV "length" field
+ * @return <0 on error, 0 for "TLV is OK"
+ */
+extern int nr_tlv_ok(const uint8_t *data, size_t length,
+ size_t dv_type, size_t dv_length);
+
+/** A callback function used by nr_packet_walk(). \ingroup packet
+ *
+ * The function should return 0 on success (i.e. keep walking), and
+ * otherwise a negative number indicating an error code
+ * (::nr_error_t). That negative number will be used as the return
+ * code for nr_packet_walk().
+ */
+typedef int (*nr_packet_walk_func_t)(void *, const DICT_ATTR *, const uint8_t *, size_t);
+
+/** Walks over all attributes in a packet. \ingroup packet
+ *
+ * This function is an iterator which calls a user-supplied callback
+ * function for each attribute in the packet. It should be used
+ * instead of manually walking over the attributes. There are a
+ * number of odd corner cases when handling Vendor-Specific
+ * attributes, and it is easy to get those corner cases wrong.
+ *
+ * This function iterates over *all* attributes, including nested
+ * VSAs. That is its main value.
+ *
+ * Encrypted attributes such as User-Password are not decrypted.
+ *
+ * @param[in] packet The packet containing the data
+ * @param[in] ctx A user-supplied context. May be NULL
+ * @param[in] callback The callback function where the information is passed.
+ *
+ * @return <0 for error,
+ * 0 for success.
+ */
+extern int nr_packet_walk(RADIUS_PACKET *packet, void *ctx,
+ nr_packet_walk_func_t callback);
+
+/** Initialize a packet
+ *
+ * If original is specified, the packet is initialized as a response
+ * to the original request.
+ *
+ * @param[in,out] packet The packet to initialize
+ * @param[in] original The original request (if any) to use as a template
+ * @param[in] secret Shared secret
+ * @param[in] code RADIUS Code field.
+ * @param[in] data Buffer where packets will be stored (RADIUS_PACKET::data)
+ * @param[in] sizeof_data Size of buffer (RADIUS_PACKET::sizeof_data)
+ * @return <0 on error, 0 for success.
+ */
+extern int nr_packet_init(RADIUS_PACKET *packet, const RADIUS_PACKET *original,
+ const char *secret, int code,
+ void *data, size_t sizeof_data);
+
+/** Add one attribute to the packet.
+ *
+ * This function can be used to add "raw" data to a packet. It
+ * allows the caller to extend the RADIUS packet without using a
+ * ::VALUE_PAIR data structure.
+ *
+ * Some attributes are handled specially by this function.
+ *
+ * EAP-Message. This attribute is automatically split into 253-octet
+ * chunks.
+ *
+ * User-Password, CHAP-Password, and Message-Authenticator. These
+ * attributes are automatically encrypted, as is done by
+ * nr_packet_encode().
+ *
+ * @param[in] packet The packet to edit
+ * @param[in] original The original request (if any)
+ * @param[in] da Pointer to the attribute definition
+ * @param[in] data Data to append to the packet
+ * @param[in] data_len Length of data to append to the packet
+ *
+ * @return <0 for error, >= 0 for "successfully appended data"
+ * The function returns the number of octets appended to the packet.
+ */
+extern ssize_t nr_packet_attr_append(RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const DICT_ATTR *da,
+ const void *data, size_t data_len);
+
+
+/** Encodes any ::VALUE_PAIR into an attribute. \ingroup attr
+ *
+ * This function can be called for any ::VALUE_PAIR. It will examine
+ * that structure, and call one of nr_vp2rfc() or nr_vp2vsa() as
+ * necessary.
+ *
+ * \attention This function should not be called.
+ *
+ * @param[in] packet Where to place the encoded attribute.
+ * @param[in] original The original request (optional), if "packet" is a response
+ * @param[in,out] pvp The ::VALUE_PAIR to encode. On any return >=0, it is updated to point to the "next" ::VALUE_PAIR which should be encoded.
+ * @param[in] data Where the attribute is to be encoded.
+ * @param[in] room How many octets are available for attribute encoding.
+ *
+ * @return <0 for error, or the number of octets used to encode the attribute.
+ */
+extern ssize_t nr_vp2attr(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const VALUE_PAIR **pvp, uint8_t *data, size_t room);
+
+/** Encodes an RFC "standard" ::VALUE_PAIR into an attribute. \ingroup attr
+ *
+ * \attention This function should not be called.
+ *
+ * @param[in] packet Where to place the encoded attribute.
+ * @param[in] original The original request (optional), if "packet" is a response
+ * @param[in,out] pvp The ::VALUE_PAIR to encode. On any return >=0, it is updated to point to the "next" ::VALUE_PAIR which should be encoded.
+ * @param[in] data Where the attribute is to be encoded.
+ * @param[in] room How many octets are available for attribute encoding.
+ *
+ * @return <0 for error, or the number of octets used to encode the attribute.
+ */
+extern ssize_t nr_vp2rfc(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const VALUE_PAIR **pvp,
+ uint8_t *data, size_t room);
+
+/** Decodes any attribute into a ::VALUE_PAIR. \ingroup attr
+ *
+ * \attention This function should not be called.
+ *
+ * @param[in] packet The packet containing the attribute to be decoded.
+ * @param[in] original The original request (optional), if "packet" is a response
+ * @param[out] pvp Where to place the decoded ::VALUE_PAIR. On any return >=0, it is updated to point to the ::VALUE_PAIR which was decoded from the packet.
+ * @param[in] data Where the attribute is to be encoded.
+ * @param[in] length How many octets are available for attribute decoding.
+ *
+ * @return <0 for error, or the number of octets used to decode the attribute.
+ */
+extern ssize_t nr_attr2vp(const RADIUS_PACKET *packet, const RADIUS_PACKET *original,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp);
+
+/** Decodes an RFC "standard" attribute into a ::VALUE_PAIR. \ingroup attr
+ *
+ * \attention This function should not be called.
+ *
+ * @param[in] packet The packet containing the attribute to be decoded.
+ * @param[in] original The original request (optional), if "packet" is a response
+ * @param[out] pvp Where to place the decoded ::VALUE_PAIR. On any return >=0, it is updated to point to the ::VALUE_PAIR which was decoded from the packet.
+ * @param[in] data Where the attribute is to be encoded.
+ * @param[in] length How many octets are available for attribute decoding.
+ *
+ * @return <0 for error, or the number of octets used to decode the attribute.
+ */
+extern ssize_t nr_attr2vp_rfc(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp);
+
+/** Decodes a Vendor-Specific attribute into a ::VALUE_PAIR. \ingroup attr
+ *
+ * \attention This function should not be called.
+ *
+ * @param[in] packet The packet containing the attribute to be decoded.
+ * @param[in] original The original request (optional), if "packet" is a response
+ * @param[out] pvp Where to place the decoded ::VALUE_PAIR. On any return >=0, it is updated to point to the ::VALUE_PAIR which was decoded from the packet.
+ * @param[in] data Where the attribute is to be encoded.
+ * @param[in] length How many octets are available for attribute decoding.
+ *
+ * @return <0 for error, or the number of octets used to decode the attribute.
+ */
+extern ssize_t nr_attr2vp_vsa(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp);
+
+/** Decodes an attribute with an unexpected length into a ::VALUE_PAIR. \ingroup attr
+ *
+ * \attention This function should not be called.
+ *
+ * @param[in] packet The packet containing the attribute to be decoded.
+ * @param[in] original The original request (optional), if "packet" is a response
+ * @param[out] pvp Where to place the decoded ::VALUE_PAIR. On any return >=0, it is updated to point to the ::VALUE_PAIR which was decoded from the packet.
+ * @param[in] data Where the attribute is to be encoded.
+ * @param[in] length How many octets are available for attribute decoding.
+ *
+ * @return <0 for error, or the number of octets used to decode the attribute.
+ */
+extern ssize_t nr_attr2vp_raw(const RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const uint8_t *data, size_t length,
+ VALUE_PAIR **pvp);
+
+/** Encodes a Vendor-Specific ::VALUE_PAIR into an attribute.
+ *
+ * \attention This function should not be called.
+ *
+ * @param[in] packet Where to place the encoded attribute.
+ * @param[in] original The original request (optional), if "packet" is a response
+ * @param[in,out] pvp The ::VALUE_PAIR to encode. On any return >=0, it is updated to point to the "next" ::VALUE_PAIR which should be encoded.
+ * @param[in] data Where the attribute is to be encoded.
+ * @param[in] room How many octets are available for attribute encoding.
+ *
+ * @return <0 for error, or the number of octets used to encode the attribute.
+ */
+extern ssize_t nr_vp2vsa(const RADIUS_PACKET *packet, const RADIUS_PACKET *original,
+ const VALUE_PAIR **pvp, uint8_t *data,
+ size_t room);
+
+/** Returns raw data from the RADIUS packet, for a given attribute. \ingroup attr
+ *
+ * This function can be called repeatedly to find all instances of a
+ * given attribute. The first time it is called, the "start"
+ * parameter should be zero. If the function returns a non-zero
+ * positive number, it means that there *may* be more attributes
+ * available. The returned value should be then passed via the
+ * "start" option in any subsequent calls to the function.
+ *
+ * This function should be called by an application when it wants
+ * access to data which is not in the pre-defined dictionaries.
+ *
+ * @param[in] packet The packet containing the attribute.
+ * @param[in] start Where in the packet we start searching for the attribute.
+ * @param[in] attr Value of the attribute to search for
+ * @param[in] vendor Value of the vendor (use 0 for IETF attributes)
+ * @param[out] pdata Pointer to the data. If no data was found, the pointer is unchanged.
+ * @param[out] plength Length of the data. If no data was found, the value pointed to is unchanged.
+ *
+ * @return <0 for error,
+ * 0 for "no attribute found, stop searching"
+ * >0 offset where the attribute was found.
+ */
+extern ssize_t nr_attr2data(const RADIUS_PACKET *packet, ssize_t start,
+ unsigned int attr, unsigned int vendor,
+ const uint8_t **pdata, size_t *plength);
+
+/** Pretty-print the entire ::VALUE_PAIR \ingroup print
+ *
+ * All data is printed in ASCII format. The data type of "octets" is
+ * printed as a hex string (e.g. 0xabcdef01...). The data type of
+ * "ipaddr" is printed as a dotted-quad (e.g. 192.0.2.15).
+ *
+ * The format is "Attribute-Name = value"
+ *
+ * @param[out] buffer Where the printable version of the ::VALUE_PAIR is stored
+ * @param[in] bufsize size of the output buffer
+ * @param[in] vp ::VALUE_PAIR to print
+ * @return length of data in buffer
+ */
+extern size_t nr_vp_snprintf(char *buffer, size_t bufsize, const VALUE_PAIR *vp);
+
+/** Pretty-print the VALUE_PAIR::data field \ingroup print
+ *
+ * Prints the value of a ::VALUE_PAIR, without the name or "=" sign.
+ *
+ * @param[out] buffer Where the printable version of the ::VALUE_PAIR is stored
+ * @param[in] bufsize size of the output buffer
+ * @param[in] vp ::VALUE_PAIR to print
+ * @return length of data in buffer
+ */
+extern size_t nr_vp_snprintf_value(char *buffer, size_t bufsize, const VALUE_PAIR *vp);
+
+/** Prints a list of :VALUE_PAIR structures to the given output. \ingroup print
+ *
+ * @param[in] fp Where to print the results
+ * @param[in] vps Linked list of ::VALUE_PAIR to print
+ */
+extern void nr_vp_fprintf_list(FILE *fp, const VALUE_PAIR *vps);
+
+/** Scan a string into a ::VALUE_PAIR. The counterpart to
+ * nr_vp_snprintf_value() \ingroup print
+ *
+ * @param[in] string Printable version of the ::VALUE_PAIR
+ * @param[out] pvp Newly allocated ::VALUE_PAIR
+ * @return <0 on error, 0 for success.
+ */
+extern int nr_vp_sscanf(const char *string, VALUE_PAIR **pvp);
+
+/** Scan the data portion of a ::VALUE_PAIR. The counterpart to
+ * nr_vp_snprintf_value() \ingroup print
+ *
+ * @param[in,out] vp The ::VALUE_PAIR where the data will be stored
+ * @param[in] value The string version of the data to be parsed
+ * @return <0 on error, >=0 for the number of characters parsed in value.
+ */
+extern ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value);
+
+#if defined(__GNUC__)
+# define PRINTF_LIKE(n) __attribute__ ((format(printf, n, n+1)))
+# define NEVER_RETURNS __attribute__ ((noreturn))
+# define UNUSED __attribute__ ((unused))
+# define BLANK_FORMAT " " /* GCC_LINT whines about empty formats */
+#else
+
+/** Macro used to quiet compiler warnings inside of the library. \ingroup build
+ *
+ */
+# define PRINTF_LIKE(n)
+
+/** Macro used to quiet compiler warnings inside of the library. \ingroup build
+ *
+ */
+# define NEVER_RETURNS
+
+/** Macro used to quiet compiler warnings inside of the library. \ingroup build
+ *
+ */
+# define UNUSED
+
+/** Macro used to quiet compiler warnings inside of the library. \ingroup build
+ *
+ */
+# define BLANK_FORMAT ""
+#endif
+
+#endif /* _RADIUS_CLIENT_H_ */
--- /dev/null
+######################################################################
+# Copyright (c) 2011, Network RADIUS SARL
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the <organization> nor the
+# names of its contributors may be used to endorse or promote products
+# derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+######################################################################
+our %attributes;
+our %vendor;
+our %vendorpec;
+our $begin_vendor = 0;
+
+$vendorpec{'0'} = "IETF";
+
+sub do_file()
+{
+ my $filename = shift;
+ my $fh;
+
+ $dir = $filename;
+ $dir =~ s:/[^/]+?$::;
+ $lineno = 0;
+
+ open $fh, "<$filename" or die "Failed to open $filename: $!\n";
+
+ while (<$fh>) {
+ $lineno++;
+ next if (/^\s*#/);
+ next if (/^\s*$/);
+ s/#.*//;
+ s/\s+$//;
+
+ next if ($_ eq "");
+
+ #
+ # Remember the vendor
+ #
+ if (/^VENDOR\s+([\w-]+)\s+(\w+)(.*)/) {
+ my $me = $1;
+
+ $vendor{$me}{'pec'} = $2;
+ $vendorpec{$2} = $me;
+
+ $vendor{$me}{'type'} = 1;
+ $vendor{$me}{'length'} = 1;
+
+ if ($3) {
+ $format=$3;
+ $format =~ s/^\s+//;
+
+ if ($format !~ /^format=(\d+),(\d+)$/) {
+ die "Unknown format $format\n";
+ }
+ $vendor{$me}{'type'} = $1;
+ $vendor{$me}{'length'} = $2;
+ }
+ next;
+ }
+
+ #
+ # Remember if we did begin-vendor.
+ #
+ if (/^BEGIN-VENDOR\s+([\w-]+)/) {
+ if (!defined $vendor{$1}) {
+ die "Unknown vendor $1\n";
+ }
+ $begin_vendor = $vendor{$1}{'pec'};
+ next;
+ }
+
+ #
+ # Remember if we did this.
+ #
+ if (/^END-VENDOR/) {
+ $begin_vendor = 0;
+ next;
+ }
+
+ #
+ # Get attribute.
+ #
+ if (/^ATTRIBUTE\s+([\w-\/.]+)\s+(\w+)\s+(\w+)(.*)/) {
+ $name=$1;
+ $value = $2;
+ $type = $3;
+ $stuff = $4;
+
+ $value =~ tr/[A-F]/[a-f]/; # normal form for hex
+ $value =~ tr/X/x/;
+
+ if ($value =~ /^0x/) {
+ $index = hex $value;
+ } else {
+ $index = $value;
+ }
+
+ next if (($begin_vendor == 0) && ($index > 255));
+
+ $index += ($begin_vendor << 16);
+
+ $attributes{$index}{'name'} = $name;
+ $attributes{$index}{'value'} = $value;
+ if ($begin_vendor ne "") {
+ $attributes{$index}{'vendor'} = $begin_vendor;
+ }
+
+ $type =~ tr/a-z/A-Z/;
+ $attributes{$index}{'type'} = "RS_TYPE_$type";
+
+ $stuff =~ s/^\s*//;
+
+ if ($stuff) {
+ foreach $text (split /,/, $stuff) {
+ if ($text eq "encrypt=1") {
+ $attributes{$index}{'flags'}{'encrypt'} = "FLAG_ENCRYPT_USER_PASSWORD";
+ } elsif ($text eq "encrypt=2") {
+ $attributes{$index}{'flags'}{'encrypt'} = "FLAG_ENCRYPT_TUNNEL_PASSWORD";
+
+ } elsif ($text eq "encrypt=3") {
+ $attributes{$index}{'flags'}{'encrypt'} = "FLAG_ENCRYPT_ASCEND_SECRET";
+
+ } elsif ($text eq "has_tag") {
+ $attributes{$index}{'flags'}{'has_tag'} = "1";
+
+ } elsif ($text =~ /\[(\d+)\]/) {
+ $attributes{$index}{'flags'}{'length'} = $1;
+
+ } else {
+ die "$filename: $lineno - Unknown flag $text\n";
+ }
+ }
+ }
+
+ if ($type eq "BYTE") {
+ $attributes{$index}{'flags'}{'length'} = "1";
+
+ } elsif ($type eq "SHORT") {
+ $attributes{$index}{'flags'}{'length'} = "2";
+
+ } elsif ($type eq "INTEGER") {
+ $attributes{$index}{'flags'}{'length'} = "4";
+
+ } elsif ($type eq "IPADDR") {
+ $attributes{$index}{'flags'}{'length'} = "4";
+
+ } elsif ($type eq "DATE") {
+ $attributes{$index}{'flags'}{'length'} = "4";
+
+ } elsif ($type eq "IFID") {
+ $attributes{$index}{'flags'}{'length'} = "8";
+
+ } elsif ($type eq "IPV6ADDR") {
+
+ $attributes{$index}{'flags'}{'length'} = "16";
+ }
+
+ $name2val{$name} = $index;
+ next;
+ }
+
+ #
+ # Values.
+ #
+ if (/^VALUE\s+([\d\w-\/.]+)\s+([\w-\/,.+]+)\s+(\w+)(.*)/) {
+ next;
+
+ $attr = $1;
+ $name = $2;
+ $value = $3;
+ $stuff = $d;
+
+ $value =~ tr/[A-F]/[a-f]/; # normal form for hex
+ $value =~ tr/X/x/;
+
+ if ($value =~ /^0x/) {
+ $index = hex $value;
+ } else {
+ $index = $value;
+ }
+
+ if (!defined $name2val{$attr}) {
+ print "# FIXME: FORWARD REF?\nVALUE $attr $name $value$stuff\n";
+ next;
+ }
+
+ $values{$name2val{$attr}}{$index} = "$attr $name $value$stuff";
+ next;
+ }
+
+ if (/^\$INCLUDE\s+(.*)$/) {
+ do_file("$dir/$1");
+ next;
+ }
+
+ die "unknown text in line $lineno of $filename: $_\n";
+ }
+
+ close $fh;
+}
+
+1;
--- /dev/null
+#!/usr/bin/env perl
+######################################################################
+# Copyright (c) 2011, Network RADIUS SARL
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the <organization> nor the
+# names of its contributors may be used to endorse or promote products
+# derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+######################################################################
+#
+# Converts dictionaries to C structures. Does not yet do "VALUE"s.
+#
+# Usage: ./convert.pl dictionary ...
+#
+# Reads input dictionaries, and outputs "radius.h" and "dictionaries.c"
+#
+# $Id$
+#
+require "common.pl";
+
+#
+# Read all of the dictionaries
+#
+while (@ARGV) {
+ $filename = shift;
+ do_file($filename);
+}
+
+#
+# For speed, the dictionary data structures have the first 256
+# attributes at fixed offsets in the array. If the user didn't
+# define them, then we set them here to be "raw" or unknown.
+#
+foreach $attr_val (0..255) {
+ next if defined $attributes{$attr_val};
+
+ $attributes{$attr_val}{'raw'} = 1;
+}
+
+if (scalar keys %attributes == 0) {
+ die "No attributes were defined\n";
+}
+
+
+open DICT, ">dictionaries.c" or die "Failed creating dictionaries.c: $!\n";
+
+#
+# Print out the data structues for the vendors.
+#
+if (scalar keys %vendor > 0) {
+ print DICT "const DICT_VENDOR nr_dict_vendors[] = {\n";
+ foreach $v (sort keys %vendor) {
+ print DICT " { \n";
+ print DICT " " . $vendor{$v}{'pec'} . ", \n";
+ print DICT " " . $vendor{$v}{'type'} . ",\n";
+ print DICT " " . $vendor{$v}{'length'} . ",\n";
+ print DICT " \"" . $v, "\"\n";
+ print DICT " },\n";
+ }
+ print DICT " { \n";
+ print DICT " 0,\n";
+ print DICT " 0,\n";
+ print DICT " 0,\n";
+ print DICT " NULL\n";
+ print DICT " },\n";
+ print DICT "};\n\n";
+}
+
+# needed for later.
+$vendor{""}{'pec'} = 0;
+
+sub printAttrFlag
+{
+ my $tmp = $attributes{$attr_val}{'flags'}{$_[0]};
+
+ if (!$tmp) {
+ $tmp = 0;
+ }
+
+ print DICT $tmp . ", ";
+}
+
+#
+# Print DICT out the attributes sorted by number.
+#
+my $offset = 0;
+my $num_names = 0;
+print DICT "const DICT_ATTR nr_dict_attrs[] = {\n";
+foreach $attr_val (sort {$a <=> $b} keys %attributes) {
+ print DICT " { /* $offset */ \n";
+
+ if (defined $attributes{$attr_val}{'raw'}) {
+ print DICT " 0\n",
+ } else {
+ print DICT " ", $attributes{$attr_val}{'value'}, ", \n";
+ print DICT " ", $attributes{$attr_val}{'type'}, ", \n";
+ print DICT " ", $attributes{$attr_val}{'vendor'}, ", \n";
+ print DICT " { ";
+ &printAttrFlag('has_tag');
+ &printAttrFlag('unknown');
+# &printAttrFlag('has_tlv');
+# &printAttrFlag('is_tlv');
+ &printAttrFlag('extended');
+ &printAttrFlag('extended_flags');
+ &printAttrFlag('evs');
+ &printAttrFlag('encrypt');
+ &printAttrFlag('length');
+ print DICT "},\n";
+ print DICT " \"", $attributes{$attr_val}{'name'}, "\", \n";
+ $num_names++;
+ }
+
+ $attributes{$attr_val}{'offset'} = $offset++;
+
+ print DICT " },\n";
+
+}
+print DICT "};\n\n";
+
+print DICT "const int nr_dict_num_attrs = ", $offset - 1, ";\n\n";
+print DICT "const int nr_dict_num_names = ", $num_names - 1, ";\n\n";
+
+my $offset = 0;
+print DICT "const DICT_ATTR *nr_dict_attr_names[] = {\n";
+foreach $attr_val (sort {lc($attributes{$a}{'name'}) cmp lc($attributes{$b}{'name'})} keys %attributes) {
+ next if (defined $attributes{$attr_val}{'raw'});
+
+ print DICT " &nr_dict_attrs[", $attributes{$attr_val}{'offset'}, "], /* ", $attributes{$attr_val}{'name'}, " */\n";
+}
+
+print DICT "};\n\n";
+close DICT;
+
+open HDR, ">../include/radsec/radius.h" or die "Failed creating radius.c: $!\n";
+
+print HDR "/* Automatically generated file. Do not edit */\n\n";
+
+foreach $v (sort keys %vendor) {
+ next if ($v eq "");
+
+ $name = $v;
+ $name =~ tr/a-z/A-Z/; # uppercase
+ $name =~ tr/A-Z0-9/_/c; # any ELSE becomes _
+
+ print HDR "#define VENDORPEC_", $name, " ", $vendor{$v}{'pec'}, "\n";
+}
+print HDR "\n";
+
+$begin_vendor = -1;
+foreach $attr_val (sort {$a <=> $b} keys %attributes) {
+ next if (defined $attributes{$attr_val}{'raw'});
+
+ if ($attributes{$attr_val}{'vendor'} != $begin_vendor) {
+ print HDR "\n/* ", $vendorpec{$attributes{$attr_val}{'vendor'}}, " */\n";
+ $begin_vendor = $attributes{$attr_val}{'vendor'};
+ }
+
+ $name = $attributes{$attr_val}{'name'};
+ $name =~ tr/a-z/A-Z/;
+ $name =~ tr/A-Z0-9/_/c;
+
+ print HDR "#define PW_", $name, " ", $attributes{$attr_val}{'value'}, "\n";
+}
+print HDR "\n";
+
+print HDR "/* Fixed offsets to dictionary definitions of attributes */\n";
+foreach $attr_val (sort {$a <=> $b} keys %attributes) {
+ next if (defined $attributes{$attr_val}{'raw'});
+
+ $name = $attributes{$attr_val}{'name'};
+ $name =~ tr/a-z/A-Z/;
+ $name =~ tr/-/_/;
+
+ print HDR "#define RS_DA_$name (&nr_dict_attrs[$attributes{$attr_val}{'offset'}])\n";
+}
+
+print HDR "/* Automatically generated file. Do not edit */\n";
+
+close HDR;
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/** \file crypto.c
+ * \brief Data obfuscation and signing, using MD5.
+ *
+ * The "encryption" methods defined here are export-safe. The
+ * technical cryptography name for these functions is "obfuscation".
+ * They cannot properly be called "encryption", in the same way that
+ * DES or AES performs encryption.
+ */
+
+/** \cond PRIVATE */
+
+#include "client.h"
+
+
+ssize_t nr_password_encrypt(uint8_t *output, size_t outlen,
+ const uint8_t *input, size_t inlen,
+ const char *secret, const uint8_t *vector)
+{
+ size_t i, j, len;
+ uint8_t digest[16];
+ RS_MD5_CTX ctx, secret_ctx;
+
+ if (!output || (outlen < 16) || !input || (inlen == 0) ||
+ !secret || !vector) {
+ return -RSE_INVAL;
+ }
+
+ len = inlen;
+ if (len > 128) return -RSE_ATTR_OVERFLOW;
+
+ len = (len + 0x0f) & ~0x0f; /* round up to 16 byte boundary */
+
+ if (outlen < len) return -RSE_ATTR_OVERFLOW;
+
+ memcpy(output, input, len);
+ memset(output + len, 0, 128 - len);
+
+ RS_MD5Init(&secret_ctx);
+ RS_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret));
+
+ for (j = 0; j < len; j += 16) {
+ ctx = secret_ctx;
+
+ if (j == 0) {
+ RS_MD5Update(&ctx, vector, 16);
+ RS_MD5Final(digest, &ctx);
+ } else {
+ RS_MD5Update(&ctx, &output[j - 16], 16);
+ RS_MD5Final(digest, &ctx);
+ }
+
+ for (i = 0; i < 16; i++) {
+ output[i + j] ^= digest[i];
+ }
+ }
+
+ return len;
+}
+
+#ifdef FLAG_ENCRYPT_TUNNEL_PASSWORD
+ssize_t nr_tunnelpw_encrypt(uint8_t *output, size_t outlen,
+ const uint8_t *input, size_t inlen,
+ const char *secret, const uint8_t *vector)
+{
+ size_t i, j, len;
+ RS_MD5_CTX ctx, secret_ctx;
+ uint8_t digest[16];
+
+ if (!output || (outlen < 18) || !input || (inlen == 0) ||
+ !secret || !vector) {
+ return -RSE_INVAL;
+ }
+
+ len = ((inlen + 1) + 0x0f) & ~0x0f;
+ if (len > 251) return -RSE_ATTR_OVERFLOW;
+
+ output[0] = (nr_rand() & 0xff) | 0x80;
+ output[1] = nr_rand() & 0xff;
+ output[2] = inlen;
+
+ memcpy(output + 3, input, inlen);
+ memset(output + 3 + inlen, 0, len - inlen - 1);
+
+ RS_MD5Init(&secret_ctx);
+ RS_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret));
+
+ for (j = 0; j < len; j += 16) {
+ ctx = secret_ctx;
+
+ if (j == 0) {
+ RS_MD5Update(&ctx, vector, 16);
+ RS_MD5Update(&ctx, output, 2);
+ RS_MD5Final(digest, &ctx);
+ } else {
+ RS_MD5Update(&ctx, &output[j + 2 - 16], 16);
+ RS_MD5Final(digest, &ctx);
+ }
+
+ for (i = 0; i < 16; i++) {
+ output[i + j + 2] ^= digest[i];
+ }
+ }
+
+ return len + 2;
+}
+
+ssize_t nr_tunnelpw_decrypt(uint8_t *output, size_t outlen,
+ const uint8_t *input, size_t inlen,
+ const char *secret, const uint8_t *vector)
+{
+ size_t i, j, len, encoded_len;
+ RS_MD5_CTX ctx, secret_ctx;
+ uint8_t digest[16];
+
+ if (!output || (outlen < 1) || !input || (inlen < 2) ||
+ !secret || !vector) {
+ return -RSE_INVAL;
+ }
+
+ if (inlen <= 3) {
+ output[0] = 0;
+ return 0;
+ }
+
+ len = inlen - 2;
+
+ if (outlen < (len - 1)) return -RSE_ATTR_OVERFLOW;
+
+ RS_MD5Init(&secret_ctx);
+ RS_MD5Update(&secret_ctx, (const uint8_t *) secret, strlen(secret));
+
+ ctx = secret_ctx;
+
+ RS_MD5Update(&ctx, vector, 16); /* MD5(secret + vector + salt) */
+ RS_MD5Update(&ctx, input, 2);
+ RS_MD5Final(digest, &ctx);
+
+ encoded_len = input[2] ^ digest[0];
+ if (encoded_len >= len) {
+ return -RSE_ATTR_TOO_LARGE;
+ }
+
+ for (i = 0; i < 15; i++) {
+ output[i] = input[i + 3] ^ digest[i + 1];
+ }
+
+ for (j = 16; j < len; j += 16) {
+ ctx = secret_ctx;
+
+ RS_MD5Update(&ctx, input + j - 16 + 2, 16);
+ RS_MD5Final(digest, &ctx);
+
+ for (i = 0; i < 16; i++) {
+ output[i + j - 1] = input[i + j + 2] ^ digest[i];
+ }
+
+
+ }
+
+ output[encoded_len] = '\0';
+ return encoded_len;
+}
+#endif
+
+void
+nr_hmac_md5(const uint8_t *data, size_t data_len,
+ const uint8_t *key, size_t key_len,
+ uint8_t digest[16])
+{
+ size_t i;
+ uint8_t k_ipad[64];
+ uint8_t k_opad[64];
+ uint8_t tk[16];
+ RS_MD5_CTX ctx;
+
+ if (key_len > 64) {
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, key, key_len);
+ RS_MD5Final(tk, &ctx);
+
+ key = tk;
+ key_len = 16;
+ }
+
+ memset(k_ipad, 0, sizeof(k_ipad));
+ memset(k_opad, 0, sizeof(k_opad));
+ memcpy(k_ipad, key, key_len);
+ memcpy(k_opad, key, key_len);
+
+ for (i = 0; i < sizeof(k_ipad); i++) {
+ k_ipad[i] ^= 0x36;
+ k_opad[i] ^= 0x5c;
+ }
+
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, k_ipad, sizeof(k_ipad));
+ RS_MD5Update(&ctx, data, data_len);
+ RS_MD5Final(digest, &ctx);
+
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, k_opad, sizeof(k_opad));
+ RS_MD5Update(&ctx, digest, 16);
+ RS_MD5Final(digest, &ctx);
+}
+
+/** \endcond */
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
+ * Copyright (c) 2006 Kungliga Tekniska HAÎåÎÝgskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/** \file custom.c
+ * \brief Functions which should be customized for your local system.
+ */
+
+#include "client.h"
+
+#include <unistd.h>
+#include <fcntl.h>
+
+#ifdef WIN32
+#include <wincrypt.h>
+
+volatile static HCRYPTPROV nr_cryptprovider = 0;
+
+static HCRYPTPROV
+nr_CryptProvider(void)
+{
+ BOOL rv;
+ HCRYPTPROV cryptprovider = 0;
+
+ if (nr_cryptprovider != 0)
+ return nr_cryptprovider;
+
+ rv = CryptAcquireContext(&cryptprovider, NULL,
+ MS_ENHANCED_PROV, PROV_RSA_FULL,
+ 0);
+
+ if (GetLastError() == NTE_BAD_KEYSET) {
+ if(!rv)
+ rv = CryptAcquireContext(&cryptprovider, NULL,
+ MS_ENHANCED_PROV, PROV_RSA_FULL,
+ CRYPT_NEWKEYSET);
+ }
+
+ if (rv &&
+ InterlockedCompareExchangePointer((PVOID *) &nr_cryptprovider,
+ (PVOID) cryptprovider, 0) != 0) {
+
+ CryptReleaseContext(cryptprovider, 0);
+ cryptprovider = nr_cryptprovider;
+ }
+
+ return cryptprovider;
+}
+
+ssize_t nr_rand_bytes(uint8_t *data, size_t data_len)
+{
+ if (CryptGenRandom(nr_CryptProvider(), data_len, data))
+ return 0;
+ return data_len;
+}
+#else
+ssize_t nr_rand_bytes(uint8_t *data, size_t data_len)
+{
+ static int fd = -1;
+
+ if (fd < 0) {
+ fd = open("/dev/urandom", O_RDONLY);
+ if (fd < 0) {
+ nr_strerror_printf("Error opening randomness: %s",
+ strerror(errno));
+ return 0;
+ }
+ }
+
+ return read(fd, data, data_len);
+}
+#endif /* WIN32 */
+
+uint32_t nr_rand(void)
+{
+ uint32_t lvalue;
+
+ nr_rand_bytes((void *)&lvalue, sizeof(lvalue));
+ return lvalue;
+}
+
+
+#ifndef USEC
+#define USEC (1000000)
+#endif
+
+void nr_timeval_add(struct timeval *t, unsigned int seconds, unsigned int usec)
+{
+ t->tv_sec += seconds;
+ t->tv_sec += usec / USEC;
+ t->tv_usec += usec % USEC;
+ if (t->tv_usec > USEC) {
+ t->tv_sec++;
+ t->tv_usec -= USEC;
+ }
+}
+
+int nr_timeval_cmp(const struct timeval *a, const struct timeval *b)
+{
+ if (a->tv_sec > b->tv_sec) return +1;
+ if (a->tv_sec < b->tv_sec) return -1;
+
+ if (a->tv_usec > b->tv_usec) return +1;
+ if (a->tv_usec < b->tv_usec) return -1;
+
+ return 0;
+}
+
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "client.h"
+#include <ctype.h>
+
+/** \file dict.c
+ * \brief Functions for name to number, and number to name mappings.
+ */
+
+const DICT_ATTR *nr_dict_attr_byvalue(unsigned int attr, unsigned int vendor)
+{
+ int start, half, end;
+
+ if (!vendor && (attr > 0) && (attr < 256)) {
+ if (nr_dict_attrs[attr].name) {
+ return &nr_dict_attrs[attr];
+ }
+ return NULL;
+ }
+
+ if (!vendor) return NULL; /* no "non-protocol" attributes */
+
+ start = 256; /* first 256 entries are "standard" ones */
+ end = nr_dict_num_attrs;
+
+ do {
+ half = (start + end) / 2;
+
+ if ((nr_dict_attrs[half].vendor == vendor) &&
+ (nr_dict_attrs[half].attr == attr)) {
+ return &nr_dict_attrs[half];
+ }
+
+ if ((vendor >= nr_dict_attrs[half].vendor) &&
+ (attr > nr_dict_attrs[half].attr)) {
+ start = half + 1;
+ } else {
+ end = half - 1;
+ }
+
+ } while (start <= end);
+
+ return NULL;
+}
+
+const DICT_ATTR *nr_dict_attr_byname(const char *name)
+{
+ int start, half, end;
+
+ start = 1;
+ end = nr_dict_num_names;
+
+ if (!name || !*name) return NULL;
+
+ do {
+ int rcode;
+
+ half = (start + end) / 2;
+
+ rcode = strcasecmp(name, nr_dict_attr_names[half]->name);
+ if (rcode == 0) return nr_dict_attr_names[half];
+
+ if (rcode > 0) {
+ start = half + 1;
+ } else {
+ end = half - 1;
+ }
+
+
+ } while (start <= end);
+
+ return NULL;
+}
+
+int nr_dict_attr_2struct(DICT_ATTR *da, unsigned int attr, unsigned int vendor,
+ char *buffer, size_t bufsize)
+{
+ if (!da || !buffer) return -RSE_INVAL;
+
+ if (!vendor) {
+ if (attr > 256) return -RSE_INVAL;
+
+ } else if (vendor > (1 << 24)) {
+ return -RSE_INVAL;
+ }
+
+ memset(da, 0, sizeof(*da));
+ da->attr = attr;
+ da->flags.unknown = 1;
+ da->type = RS_TYPE_OCTETS;
+ da->vendor = vendor;
+
+ if (da->vendor) {
+ snprintf(buffer, bufsize, "Attr-26.%u.%u",
+ vendor, attr);
+ } else {
+ snprintf(buffer, bufsize, "Attr-%u", attr);
+ }
+ da->name = buffer;
+
+ return 0;
+}
+
+
+const DICT_VALUE *nr_dict_value_byattr(UNUSED unsigned int attr,
+ UNUSED unsigned int vendor,
+ UNUSED int value)
+{
+ return NULL;
+}
+
+const DICT_VALUE *nr_dict_value_byname(UNUSED unsigned int attr,
+ UNUSED unsigned int vendor,
+ UNUSED const char *name)
+{
+ return NULL;
+}
+
+int nr_dict_vendor_byname(const char *name)
+{
+ const DICT_VENDOR *dv;
+
+ if (!name || !*name) return 0;
+
+ /*
+ * O(n) lookup.
+ */
+ for (dv = &nr_dict_vendors[0]; dv->name != NULL; dv++) {
+ if (strcasecmp(dv->name, name) == 0) return dv->vendor;
+ }
+
+ return 0;
+}
+
+const DICT_VENDOR *nr_dict_vendor_byvalue(unsigned int vendor)
+{
+ const DICT_VENDOR *dv;
+
+ /*
+ * O(n) lookup.
+ */
+ for (dv = &nr_dict_vendors[0]; dv->name != NULL; dv++) {
+ if (dv->vendor == vendor) return dv;
+ }
+
+ return NULL;
+}
--- /dev/null
+/**
+
+\file doc.txt
+\brief The main documentation.
+
+\mainpage The Network RADIUS Client Library
+
+This client library is intended for use in embedded systems. It is
+small with a simple API, yet has more functionality than most
+commercial or Open Source products.
+
+\section License
+
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+\ref dictionaries.txt "Dictionaries and dictionary formats"
+
+*/
--- /dev/null
+# Doxyfile 1.5.6
+
+# This file describes the settings to be used by the documentation system
+# doxygen (www.doxygen.org) for a project
+#
+# All text after a hash (#) is considered a comment and will be ignored
+# The format is:
+# TAG = value [value, ...]
+# For lists items can also be appended using:
+# TAG += value [value, ...]
+# Values that contain spaces should be placed between quotes (" ")
+
+#---------------------------------------------------------------------------
+# Project related configuration options
+#---------------------------------------------------------------------------
+
+# This tag specifies the encoding used for all characters in the config file
+# that follow. The default is UTF-8 which is also the encoding used for all
+# text before the first occurrence of this tag. Doxygen uses libiconv (or the
+# iconv built into libc) for the transcoding. See
+# http://www.gnu.org/software/libiconv for the list of possible encodings.
+
+DOXYFILE_ENCODING = UTF-8
+
+# The PROJECT_NAME tag is a single word (or a sequence of words surrounded
+# by quotes) that should identify the project.
+
+PROJECT_NAME = networkclient
+
+# The PROJECT_NUMBER tag can be used to enter a project or revision number.
+# This could be handy for archiving the generated documentation or
+# if some version control system is used.
+
+PROJECT_NUMBER =
+
+# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
+# base path where the generated documentation will be put.
+# If a relative path is entered, it will be relative to the location
+# where doxygen was started. If left blank the current directory will be used.
+
+OUTPUT_DIRECTORY =
+
+# If the CREATE_SUBDIRS tag is set to YES, then doxygen will create
+# 4096 sub-directories (in 2 levels) under the output directory of each output
+# format and will distribute the generated files over these directories.
+# Enabling this option can be useful when feeding doxygen a huge amount of
+# source files, where putting all generated files in the same directory would
+# otherwise cause performance problems for the file system.
+
+CREATE_SUBDIRS = NO
+
+# The OUTPUT_LANGUAGE tag is used to specify the language in which all
+# documentation generated by doxygen is written. Doxygen will use this
+# information to generate all constant output in the proper language.
+# The default language is English, other supported languages are:
+# Afrikaans, Arabic, Brazilian, Catalan, Chinese, Chinese-Traditional,
+# Croatian, Czech, Danish, Dutch, Farsi, Finnish, French, German, Greek,
+# Hungarian, Italian, Japanese, Japanese-en (Japanese with English messages),
+# Korean, Korean-en, Lithuanian, Norwegian, Macedonian, Persian, Polish,
+# Portuguese, Romanian, Russian, Serbian, Slovak, Slovene, Spanish, Swedish,
+# and Ukrainian.
+
+OUTPUT_LANGUAGE = English
+
+# If the BRIEF_MEMBER_DESC tag is set to YES (the default) Doxygen will
+# include brief member descriptions after the members that are listed in
+# the file and class documentation (similar to JavaDoc).
+# Set to NO to disable this.
+
+BRIEF_MEMBER_DESC = YES
+
+# If the REPEAT_BRIEF tag is set to YES (the default) Doxygen will prepend
+# the brief description of a member or function before the detailed description.
+# Note: if both HIDE_UNDOC_MEMBERS and BRIEF_MEMBER_DESC are set to NO, the
+# brief descriptions will be completely suppressed.
+
+REPEAT_BRIEF = YES
+
+# This tag implements a quasi-intelligent brief description abbreviator
+# that is used to form the text in various listings. Each string
+# in this list, if found as the leading text of the brief description, will be
+# stripped from the text and the result after processing the whole list, is
+# used as the annotated text. Otherwise, the brief description is used as-is.
+# If left blank, the following values are used ("$name" is automatically
+# replaced with the name of the entity): "The $name class" "The $name widget"
+# "The $name file" "is" "provides" "specifies" "contains"
+# "represents" "a" "an" "the"
+
+ABBREVIATE_BRIEF =
+
+# If the ALWAYS_DETAILED_SEC and REPEAT_BRIEF tags are both set to YES then
+# Doxygen will generate a detailed section even if there is only a brief
+# description.
+
+ALWAYS_DETAILED_SEC = NO
+
+# If the INLINE_INHERITED_MEMB tag is set to YES, doxygen will show all
+# inherited members of a class in the documentation of that class as if those
+# members were ordinary class members. Constructors, destructors and assignment
+# operators of the base classes will not be shown.
+
+INLINE_INHERITED_MEMB = NO
+
+# If the FULL_PATH_NAMES tag is set to YES then Doxygen will prepend the full
+# path before files name in the file list and in the header files. If set
+# to NO the shortest path that makes the file name unique will be used.
+
+FULL_PATH_NAMES = YES
+
+# If the FULL_PATH_NAMES tag is set to YES then the STRIP_FROM_PATH tag
+# can be used to strip a user-defined part of the path. Stripping is
+# only done if one of the specified strings matches the left-hand part of
+# the path. The tag can be used to show relative paths in the file list.
+# If left blank the directory from which doxygen is run is used as the
+# path to strip.
+
+STRIP_FROM_PATH =
+
+# The STRIP_FROM_INC_PATH tag can be used to strip a user-defined part of
+# the path mentioned in the documentation of a class, which tells
+# the reader which header file to include in order to use a class.
+# If left blank only the name of the header file containing the class
+# definition is used. Otherwise one should specify the include paths that
+# are normally passed to the compiler using the -I flag.
+
+STRIP_FROM_INC_PATH =
+
+# If the SHORT_NAMES tag is set to YES, doxygen will generate much shorter
+# (but less readable) file names. This can be useful is your file systems
+# doesn't support long names like on DOS, Mac, or CD-ROM.
+
+SHORT_NAMES = NO
+
+# If the JAVADOC_AUTOBRIEF tag is set to YES then Doxygen
+# will interpret the first line (until the first dot) of a JavaDoc-style
+# comment as the brief description. If set to NO, the JavaDoc
+# comments will behave just like regular Qt-style comments
+# (thus requiring an explicit @brief command for a brief description.)
+
+JAVADOC_AUTOBRIEF = NO
+
+# If the QT_AUTOBRIEF tag is set to YES then Doxygen will
+# interpret the first line (until the first dot) of a Qt-style
+# comment as the brief description. If set to NO, the comments
+# will behave just like regular Qt-style comments (thus requiring
+# an explicit \brief command for a brief description.)
+
+QT_AUTOBRIEF = NO
+
+# The MULTILINE_CPP_IS_BRIEF tag can be set to YES to make Doxygen
+# treat a multi-line C++ special comment block (i.e. a block of //! or ///
+# comments) as a brief description. This used to be the default behaviour.
+# The new default is to treat a multi-line C++ comment block as a detailed
+# description. Set this tag to YES if you prefer the old behaviour instead.
+
+MULTILINE_CPP_IS_BRIEF = NO
+
+# If the DETAILS_AT_TOP tag is set to YES then Doxygen
+# will output the detailed description near the top, like JavaDoc.
+# If set to NO, the detailed description appears after the member
+# documentation.
+
+DETAILS_AT_TOP = YES
+
+# If the INHERIT_DOCS tag is set to YES (the default) then an undocumented
+# member inherits the documentation from any documented member that it
+# re-implements.
+
+INHERIT_DOCS = YES
+
+# If the SEPARATE_MEMBER_PAGES tag is set to YES, then doxygen will produce
+# a new page for each member. If set to NO, the documentation of a member will
+# be part of the file/class/namespace that contains it.
+
+SEPARATE_MEMBER_PAGES = NO
+
+# The TAB_SIZE tag can be used to set the number of spaces in a tab.
+# Doxygen uses this value to replace tabs by spaces in code fragments.
+
+TAB_SIZE = 8
+
+# This tag can be used to specify a number of aliases that acts
+# as commands in the documentation. An alias has the form "name=value".
+# For example adding "sideeffect=\par Side Effects:\n" will allow you to
+# put the command \sideeffect (or @sideeffect) in the documentation, which
+# will result in a user-defined paragraph with heading "Side Effects:".
+# You can put \n's in the value part of an alias to insert newlines.
+
+ALIASES =
+
+# Set the OPTIMIZE_OUTPUT_FOR_C tag to YES if your project consists of C
+# sources only. Doxygen will then generate output that is more tailored for C.
+# For instance, some of the names that are used will be different. The list
+# of all members will be omitted, etc.
+
+OPTIMIZE_OUTPUT_FOR_C = YES
+
+# Set the OPTIMIZE_OUTPUT_JAVA tag to YES if your project consists of Java
+# sources only. Doxygen will then generate output that is more tailored for
+# Java. For instance, namespaces will be presented as packages, qualified
+# scopes will look different, etc.
+
+OPTIMIZE_OUTPUT_JAVA = NO
+
+# Set the OPTIMIZE_FOR_FORTRAN tag to YES if your project consists of Fortran
+# sources only. Doxygen will then generate output that is more tailored for
+# Fortran.
+
+OPTIMIZE_FOR_FORTRAN = NO
+
+# Set the OPTIMIZE_OUTPUT_VHDL tag to YES if your project consists of VHDL
+# sources. Doxygen will then generate output that is tailored for
+# VHDL.
+
+OPTIMIZE_OUTPUT_VHDL = NO
+
+# If you use STL classes (i.e. std::string, std::vector, etc.) but do not want
+# to include (a tag file for) the STL sources as input, then you should
+# set this tag to YES in order to let doxygen match functions declarations and
+# definitions whose arguments contain STL classes (e.g. func(std::string); v.s.
+# func(std::string) {}). This also make the inheritance and collaboration
+# diagrams that involve STL classes more complete and accurate.
+
+BUILTIN_STL_SUPPORT = NO
+
+# If you use Microsoft's C++/CLI language, you should set this option to YES to
+# enable parsing support.
+
+CPP_CLI_SUPPORT = NO
+
+# Set the SIP_SUPPORT tag to YES if your project consists of sip sources only.
+# Doxygen will parse them like normal C++ but will assume all classes use public
+# instead of private inheritance when no explicit protection keyword is present.
+
+SIP_SUPPORT = NO
+
+# For Microsoft's IDL there are propget and propput attributes to indicate getter
+# and setter methods for a property. Setting this option to YES (the default)
+# will make doxygen to replace the get and set methods by a property in the
+# documentation. This will only work if the methods are indeed getting or
+# setting a simple type. If this is not the case, or you want to show the
+# methods anyway, you should set this option to NO.
+
+IDL_PROPERTY_SUPPORT = YES
+
+# If member grouping is used in the documentation and the DISTRIBUTE_GROUP_DOC
+# tag is set to YES, then doxygen will reuse the documentation of the first
+# member in the group (if any) for the other members of the group. By default
+# all members of a group must be documented explicitly.
+
+DISTRIBUTE_GROUP_DOC = NO
+
+# Set the SUBGROUPING tag to YES (the default) to allow class member groups of
+# the same type (for instance a group of public functions) to be put as a
+# subgroup of that type (e.g. under the Public Functions section). Set it to
+# NO to prevent subgrouping. Alternatively, this can be done per class using
+# the \nosubgrouping command.
+
+SUBGROUPING = YES
+
+# When TYPEDEF_HIDES_STRUCT is enabled, a typedef of a struct, union, or enum
+# is documented as struct, union, or enum with the name of the typedef. So
+# typedef struct TypeS {} TypeT, will appear in the documentation as a struct
+# with name TypeT. When disabled the typedef will appear as a member of a file,
+# namespace, or class. And the struct will be named TypeS. This can typically
+# be useful for C code in case the coding convention dictates that all compound
+# types are typedef'ed and only the typedef is referenced, never the tag name.
+
+TYPEDEF_HIDES_STRUCT = NO
+
+#---------------------------------------------------------------------------
+# Build related configuration options
+#---------------------------------------------------------------------------
+
+# If the EXTRACT_ALL tag is set to YES doxygen will assume all entities in
+# documentation are documented, even if no documentation was available.
+# Private class members and static file members will be hidden unless
+# the EXTRACT_PRIVATE and EXTRACT_STATIC tags are set to YES
+
+EXTRACT_ALL = YES
+
+# If the EXTRACT_PRIVATE tag is set to YES all private members of a class
+# will be included in the documentation.
+
+EXTRACT_PRIVATE = NO
+
+# If the EXTRACT_STATIC tag is set to YES all static members of a file
+# will be included in the documentation.
+
+EXTRACT_STATIC = NO
+
+# If the EXTRACT_LOCAL_CLASSES tag is set to YES classes (and structs)
+# defined locally in source files will be included in the documentation.
+# If set to NO only classes defined in header files are included.
+
+EXTRACT_LOCAL_CLASSES = YES
+
+# This flag is only useful for Objective-C code. When set to YES local
+# methods, which are defined in the implementation section but not in
+# the interface are included in the documentation.
+# If set to NO (the default) only methods in the interface are included.
+
+EXTRACT_LOCAL_METHODS = NO
+
+# If this flag is set to YES, the members of anonymous namespaces will be
+# extracted and appear in the documentation as a namespace called
+# 'anonymous_namespace{file}', where file will be replaced with the base
+# name of the file that contains the anonymous namespace. By default
+# anonymous namespace are hidden.
+
+EXTRACT_ANON_NSPACES = NO
+
+# If the HIDE_UNDOC_MEMBERS tag is set to YES, Doxygen will hide all
+# undocumented members of documented classes, files or namespaces.
+# If set to NO (the default) these members will be included in the
+# various overviews, but no documentation section is generated.
+# This option has no effect if EXTRACT_ALL is enabled.
+
+HIDE_UNDOC_MEMBERS = NO
+
+# If the HIDE_UNDOC_CLASSES tag is set to YES, Doxygen will hide all
+# undocumented classes that are normally visible in the class hierarchy.
+# If set to NO (the default) these classes will be included in the various
+# overviews. This option has no effect if EXTRACT_ALL is enabled.
+
+HIDE_UNDOC_CLASSES = NO
+
+# If the HIDE_FRIEND_COMPOUNDS tag is set to YES, Doxygen will hide all
+# friend (class|struct|union) declarations.
+# If set to NO (the default) these declarations will be included in the
+# documentation.
+
+HIDE_FRIEND_COMPOUNDS = NO
+
+# If the HIDE_IN_BODY_DOCS tag is set to YES, Doxygen will hide any
+# documentation blocks found inside the body of a function.
+# If set to NO (the default) these blocks will be appended to the
+# function's detailed documentation block.
+
+HIDE_IN_BODY_DOCS = NO
+
+# The INTERNAL_DOCS tag determines if documentation
+# that is typed after a \internal command is included. If the tag is set
+# to NO (the default) then the documentation will be excluded.
+# Set it to YES to include the internal documentation.
+
+INTERNAL_DOCS = NO
+
+# If the CASE_SENSE_NAMES tag is set to NO then Doxygen will only generate
+# file names in lower-case letters. If set to YES upper-case letters are also
+# allowed. This is useful if you have classes or files whose names only differ
+# in case and if your file system supports case sensitive file names. Windows
+# and Mac users are advised to set this option to NO.
+
+CASE_SENSE_NAMES = NO
+
+# If the HIDE_SCOPE_NAMES tag is set to NO (the default) then Doxygen
+# will show members with their full class and namespace scopes in the
+# documentation. If set to YES the scope will be hidden.
+
+HIDE_SCOPE_NAMES = NO
+
+# If the SHOW_INCLUDE_FILES tag is set to YES (the default) then Doxygen
+# will put a list of the files that are included by a file in the documentation
+# of that file.
+
+SHOW_INCLUDE_FILES = YES
+
+# If the INLINE_INFO tag is set to YES (the default) then a tag [inline]
+# is inserted in the documentation for inline members.
+
+INLINE_INFO = YES
+
+# If the SORT_MEMBER_DOCS tag is set to YES (the default) then doxygen
+# will sort the (detailed) documentation of file and class members
+# alphabetically by member name. If set to NO the members will appear in
+# declaration order.
+
+SORT_MEMBER_DOCS = YES
+
+# If the SORT_BRIEF_DOCS tag is set to YES then doxygen will sort the
+# brief documentation of file, namespace and class members alphabetically
+# by member name. If set to NO (the default) the members will appear in
+# declaration order.
+
+SORT_BRIEF_DOCS = NO
+
+# If the SORT_GROUP_NAMES tag is set to YES then doxygen will sort the
+# hierarchy of group names into alphabetical order. If set to NO (the default)
+# the group names will appear in their defined order.
+
+SORT_GROUP_NAMES = NO
+
+# If the SORT_BY_SCOPE_NAME tag is set to YES, the class list will be
+# sorted by fully-qualified names, including namespaces. If set to
+# NO (the default), the class list will be sorted only by class name,
+# not including the namespace part.
+# Note: This option is not very useful if HIDE_SCOPE_NAMES is set to YES.
+# Note: This option applies only to the class list, not to the
+# alphabetical list.
+
+SORT_BY_SCOPE_NAME = NO
+
+# The GENERATE_TODOLIST tag can be used to enable (YES) or
+# disable (NO) the todo list. This list is created by putting \todo
+# commands in the documentation.
+
+GENERATE_TODOLIST = YES
+
+# The GENERATE_TESTLIST tag can be used to enable (YES) or
+# disable (NO) the test list. This list is created by putting \test
+# commands in the documentation.
+
+GENERATE_TESTLIST = YES
+
+# The GENERATE_BUGLIST tag can be used to enable (YES) or
+# disable (NO) the bug list. This list is created by putting \bug
+# commands in the documentation.
+
+GENERATE_BUGLIST = YES
+
+# The GENERATE_DEPRECATEDLIST tag can be used to enable (YES) or
+# disable (NO) the deprecated list. This list is created by putting
+# \deprecated commands in the documentation.
+
+GENERATE_DEPRECATEDLIST= YES
+
+# The ENABLED_SECTIONS tag can be used to enable conditional
+# documentation sections, marked by \if sectionname ... \endif.
+
+ENABLED_SECTIONS =
+
+# The MAX_INITIALIZER_LINES tag determines the maximum number of lines
+# the initial value of a variable or define consists of for it to appear in
+# the documentation. If the initializer consists of more lines than specified
+# here it will be hidden. Use a value of 0 to hide initializers completely.
+# The appearance of the initializer of individual variables and defines in the
+# documentation can be controlled using \showinitializer or \hideinitializer
+# command in the documentation regardless of this setting.
+
+MAX_INITIALIZER_LINES = 30
+
+# Set the SHOW_USED_FILES tag to NO to disable the list of files generated
+# at the bottom of the documentation of classes and structs. If set to YES the
+# list will mention the files that were used to generate the documentation.
+
+SHOW_USED_FILES = YES
+
+# If the sources in your project are distributed over multiple directories
+# then setting the SHOW_DIRECTORIES tag to YES will show the directory hierarchy
+# in the documentation. The default is NO.
+
+SHOW_DIRECTORIES = NO
+
+# Set the SHOW_FILES tag to NO to disable the generation of the Files page.
+# This will remove the Files entry from the Quick Index and from the
+# Folder Tree View (if specified). The default is YES.
+
+SHOW_FILES = YES
+
+# Set the SHOW_NAMESPACES tag to NO to disable the generation of the
+# Namespaces page. This will remove the Namespaces entry from the Quick Index
+# and from the Folder Tree View (if specified). The default is YES.
+
+SHOW_NAMESPACES = YES
+
+# The FILE_VERSION_FILTER tag can be used to specify a program or script that
+# doxygen should invoke to get the current version for each file (typically from
+# the version control system). Doxygen will invoke the program by executing (via
+# popen()) the command <command> <input-file>, where <command> is the value of
+# the FILE_VERSION_FILTER tag, and <input-file> is the name of an input file
+# provided by doxygen. Whatever the program writes to standard output
+# is used as the file version. See the manual for examples.
+
+FILE_VERSION_FILTER =
+
+#---------------------------------------------------------------------------
+# configuration options related to warning and progress messages
+#---------------------------------------------------------------------------
+
+# The QUIET tag can be used to turn on/off the messages that are generated
+# by doxygen. Possible values are YES and NO. If left blank NO is used.
+
+QUIET = NO
+
+# The WARNINGS tag can be used to turn on/off the warning messages that are
+# generated by doxygen. Possible values are YES and NO. If left blank
+# NO is used.
+
+WARNINGS = YES
+
+# If WARN_IF_UNDOCUMENTED is set to YES, then doxygen will generate warnings
+# for undocumented members. If EXTRACT_ALL is set to YES then this flag will
+# automatically be disabled.
+
+WARN_IF_UNDOCUMENTED = YES
+
+# If WARN_IF_DOC_ERROR is set to YES, doxygen will generate warnings for
+# potential errors in the documentation, such as not documenting some
+# parameters in a documented function, or documenting parameters that
+# don't exist or using markup commands wrongly.
+
+WARN_IF_DOC_ERROR = YES
+
+# This WARN_NO_PARAMDOC option can be abled to get warnings for
+# functions that are documented, but have no documentation for their parameters
+# or return value. If set to NO (the default) doxygen will only warn about
+# wrong or incomplete parameter documentation, but not about the absence of
+# documentation.
+
+WARN_NO_PARAMDOC = NO
+
+# The WARN_FORMAT tag determines the format of the warning messages that
+# doxygen can produce. The string should contain the $file, $line, and $text
+# tags, which will be replaced by the file and line number from which the
+# warning originated and the warning text. Optionally the format may contain
+# $version, which will be replaced by the version of the file (if it could
+# be obtained via FILE_VERSION_FILTER)
+
+WARN_FORMAT = "$file:$line: $text"
+
+# The WARN_LOGFILE tag can be used to specify a file to which warning
+# and error messages should be written. If left blank the output is written
+# to stderr.
+
+WARN_LOGFILE =
+
+#---------------------------------------------------------------------------
+# configuration options related to the input files
+#---------------------------------------------------------------------------
+
+# The INPUT tag can be used to specify the files and/or directories that contain
+# documented source files. You may enter file names like "myfile.cpp" or
+# directories like "/usr/src/myproject". Separate the files or directories
+# with spaces.
+
+INPUT = . doc/
+
+# This tag can be used to specify the character encoding of the source files
+# that doxygen parses. Internally doxygen uses the UTF-8 encoding, which is
+# also the default input encoding. Doxygen uses libiconv (or the iconv built
+# into libc) for the transcoding. See http://www.gnu.org/software/libiconv for
+# the list of possible encodings.
+
+INPUT_ENCODING = UTF-8
+
+# If the value of the INPUT tag contains directories, you can use the
+# FILE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
+# and *.h) to filter out the source-files in the directories. If left
+# blank the following patterns are tested:
+# *.c *.cc *.cxx *.cpp *.c++ *.java *.ii *.ixx *.ipp *.i++ *.inl *.h *.hh *.hxx
+# *.hpp *.h++ *.idl *.odl *.cs *.php *.php3 *.inc *.m *.mm *.py *.f90
+
+FILE_PATTERNS = *.txt *.[ch]
+
+# The RECURSIVE tag can be used to turn specify whether or not subdirectories
+# should be searched for input files as well. Possible values are YES and NO.
+# If left blank NO is used.
+
+RECURSIVE = NO
+
+# The EXCLUDE tag can be used to specify files and/or directories that should
+# excluded from the INPUT source files. This way you can easily exclude a
+# subdirectory from a directory tree whose root is specified with the INPUT tag.
+
+EXCLUDE =
+
+# The EXCLUDE_SYMLINKS tag can be used select whether or not files or
+# directories that are symbolic links (a Unix filesystem feature) are excluded
+# from the input.
+
+EXCLUDE_SYMLINKS = NO
+
+# If the value of the INPUT tag contains directories, you can use the
+# EXCLUDE_PATTERNS tag to specify one or more wildcard patterns to exclude
+# certain files from those directories. Note that the wildcards are matched
+# against the file with absolute path, so to exclude all test directories
+# for example use the pattern */test/*
+
+EXCLUDE_PATTERNS =
+
+# The EXCLUDE_SYMBOLS tag can be used to specify one or more symbol names
+# (namespaces, classes, functions, etc.) that should be excluded from the
+# output. The symbol name can be a fully qualified name, a word, or if the
+# wildcard * is used, a substring. Examples: ANamespace, AClass,
+# AClass::ANamespace, ANamespace::*Test
+
+EXCLUDE_SYMBOLS =
+
+# The EXAMPLE_PATH tag can be used to specify one or more files or
+# directories that contain example code fragments that are included (see
+# the \include command).
+
+EXAMPLE_PATH = examples
+
+# If the value of the EXAMPLE_PATH tag contains directories, you can use the
+# EXAMPLE_PATTERNS tag to specify one or more wildcard pattern (like *.cpp
+# and *.h) to filter out the source-files in the directories. If left
+# blank all files are included.
+
+EXAMPLE_PATTERNS = *.[ch]
+
+# If the EXAMPLE_RECURSIVE tag is set to YES then subdirectories will be
+# searched for input files to be used with the \include or \dontinclude
+# commands irrespective of the value of the RECURSIVE tag.
+# Possible values are YES and NO. If left blank NO is used.
+
+EXAMPLE_RECURSIVE = NO
+
+# The IMAGE_PATH tag can be used to specify one or more files or
+# directories that contain image that are included in the documentation (see
+# the \image command).
+
+IMAGE_PATH =
+
+# The INPUT_FILTER tag can be used to specify a program that doxygen should
+# invoke to filter for each input file. Doxygen will invoke the filter program
+# by executing (via popen()) the command <filter> <input-file>, where <filter>
+# is the value of the INPUT_FILTER tag, and <input-file> is the name of an
+# input file. Doxygen will then use the output that the filter program writes
+# to standard output. If FILTER_PATTERNS is specified, this tag will be
+# ignored.
+
+INPUT_FILTER =
+
+# The FILTER_PATTERNS tag can be used to specify filters on a per file pattern
+# basis. Doxygen will compare the file name with each pattern and apply the
+# filter if there is a match. The filters are a list of the form:
+# pattern=filter (like *.cpp=my_cpp_filter). See INPUT_FILTER for further
+# info on how filters are used. If FILTER_PATTERNS is empty, INPUT_FILTER
+# is applied to all files.
+
+FILTER_PATTERNS =
+
+# If the FILTER_SOURCE_FILES tag is set to YES, the input filter (if set using
+# INPUT_FILTER) will be used to filter the input files when producing source
+# files to browse (i.e. when SOURCE_BROWSER is set to YES).
+
+FILTER_SOURCE_FILES = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to source browsing
+#---------------------------------------------------------------------------
+
+# If the SOURCE_BROWSER tag is set to YES then a list of source files will
+# be generated. Documented entities will be cross-referenced with these sources.
+# Note: To get rid of all source code in the generated output, make sure also
+# VERBATIM_HEADERS is set to NO.
+
+SOURCE_BROWSER = NO
+
+# Setting the INLINE_SOURCES tag to YES will include the body
+# of functions and classes directly in the documentation.
+
+INLINE_SOURCES = NO
+
+# Setting the STRIP_CODE_COMMENTS tag to YES (the default) will instruct
+# doxygen to hide any special comment blocks from generated source code
+# fragments. Normal C and C++ comments will always remain visible.
+
+STRIP_CODE_COMMENTS = YES
+
+# If the REFERENCED_BY_RELATION tag is set to YES
+# then for each documented function all documented
+# functions referencing it will be listed.
+
+REFERENCED_BY_RELATION = YES
+
+# If the REFERENCES_RELATION tag is set to YES
+# then for each documented function all documented entities
+# called/used by that function will be listed.
+
+REFERENCES_RELATION = YES
+
+# If the REFERENCES_LINK_SOURCE tag is set to YES (the default)
+# and SOURCE_BROWSER tag is set to YES, then the hyperlinks from
+# functions in REFERENCES_RELATION and REFERENCED_BY_RELATION lists will
+# link to the source code. Otherwise they will link to the documentstion.
+
+REFERENCES_LINK_SOURCE = NO
+
+# If the USE_HTAGS tag is set to YES then the references to source code
+# will point to the HTML generated by the htags(1) tool instead of doxygen
+# built-in source browser. The htags tool is part of GNU's global source
+# tagging system (see http://www.gnu.org/software/global/global.html). You
+# will need version 4.8.6 or higher.
+
+USE_HTAGS = NO
+
+# If the VERBATIM_HEADERS tag is set to YES (the default) then Doxygen
+# will generate a verbatim copy of the header file for each class for
+# which an include is specified. Set to NO to disable this.
+
+VERBATIM_HEADERS = YES
+
+#---------------------------------------------------------------------------
+# configuration options related to the alphabetical class index
+#---------------------------------------------------------------------------
+
+# If the ALPHABETICAL_INDEX tag is set to YES, an alphabetical index
+# of all compounds will be generated. Enable this if the project
+# contains a lot of classes, structs, unions or interfaces.
+
+ALPHABETICAL_INDEX = NO
+
+# If the alphabetical index is enabled (see ALPHABETICAL_INDEX) then
+# the COLS_IN_ALPHA_INDEX tag can be used to specify the number of columns
+# in which this list will be split (can be a number in the range [1..20])
+
+COLS_IN_ALPHA_INDEX = 5
+
+# In case all classes in a project start with a common prefix, all
+# classes will be put under the same header in the alphabetical index.
+# The IGNORE_PREFIX tag can be used to specify one or more prefixes that
+# should be ignored while generating the index headers.
+
+IGNORE_PREFIX =
+
+#---------------------------------------------------------------------------
+# configuration options related to the HTML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_HTML tag is set to YES (the default) Doxygen will
+# generate HTML output.
+
+GENERATE_HTML = YES
+
+# The HTML_OUTPUT tag is used to specify where the HTML docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `html' will be used as the default path.
+
+HTML_OUTPUT = html
+
+# The HTML_FILE_EXTENSION tag can be used to specify the file extension for
+# each generated HTML page (for example: .htm,.php,.asp). If it is left blank
+# doxygen will generate files with .html extension.
+
+HTML_FILE_EXTENSION = .html
+
+# The HTML_HEADER tag can be used to specify a personal HTML header for
+# each generated HTML page. If it is left blank doxygen will generate a
+# standard header.
+
+HTML_HEADER =
+
+# The HTML_FOOTER tag can be used to specify a personal HTML footer for
+# each generated HTML page. If it is left blank doxygen will generate a
+# standard footer.
+
+HTML_FOOTER =
+
+# The HTML_STYLESHEET tag can be used to specify a user-defined cascading
+# style sheet that is used by each HTML page. It can be used to
+# fine-tune the look of the HTML output. If the tag is left blank doxygen
+# will generate a default style sheet. Note that doxygen will try to copy
+# the style sheet file to the HTML output directory, so don't put your own
+# stylesheet in the HTML output directory as well, or it will be erased!
+
+HTML_STYLESHEET =
+
+# If the HTML_ALIGN_MEMBERS tag is set to YES, the members of classes,
+# files or namespaces will be aligned in HTML using tables. If set to
+# NO a bullet list will be used.
+
+HTML_ALIGN_MEMBERS = YES
+
+# If the GENERATE_HTMLHELP tag is set to YES, additional index files
+# will be generated that can be used as input for tools like the
+# Microsoft HTML help workshop to generate a compiled HTML help file (.chm)
+# of the generated HTML documentation.
+
+GENERATE_HTMLHELP = NO
+
+# If the GENERATE_DOCSET tag is set to YES, additional index files
+# will be generated that can be used as input for Apple's Xcode 3
+# integrated development environment, introduced with OSX 10.5 (Leopard).
+# To create a documentation set, doxygen will generate a Makefile in the
+# HTML output directory. Running make will produce the docset in that
+# directory and running "make install" will install the docset in
+# ~/Library/Developer/Shared/Documentation/DocSets so that Xcode will find
+# it at startup.
+
+GENERATE_DOCSET = NO
+
+# When GENERATE_DOCSET tag is set to YES, this tag determines the name of the
+# feed. A documentation feed provides an umbrella under which multiple
+# documentation sets from a single provider (such as a company or product suite)
+# can be grouped.
+
+DOCSET_FEEDNAME = "Doxygen generated docs"
+
+# When GENERATE_DOCSET tag is set to YES, this tag specifies a string that
+# should uniquely identify the documentation set bundle. This should be a
+# reverse domain-name style string, e.g. com.mycompany.MyDocSet. Doxygen
+# will append .docset to the name.
+
+DOCSET_BUNDLE_ID = org.doxygen.Project
+
+# If the HTML_DYNAMIC_SECTIONS tag is set to YES then the generated HTML
+# documentation will contain sections that can be hidden and shown after the
+# page has loaded. For this to work a browser that supports
+# JavaScript and DHTML is required (for instance Mozilla 1.0+, Firefox
+# Netscape 6.0+, Internet explorer 5.0+, Konqueror, or Safari).
+
+HTML_DYNAMIC_SECTIONS = NO
+
+# If the GENERATE_HTMLHELP tag is set to YES, the CHM_FILE tag can
+# be used to specify the file name of the resulting .chm file. You
+# can add a path in front of the file if the result should not be
+# written to the html output directory.
+
+CHM_FILE =
+
+# If the GENERATE_HTMLHELP tag is set to YES, the HHC_LOCATION tag can
+# be used to specify the location (absolute path including file name) of
+# the HTML help compiler (hhc.exe). If non-empty doxygen will try to run
+# the HTML help compiler on the generated index.hhp.
+
+HHC_LOCATION =
+
+# If the GENERATE_HTMLHELP tag is set to YES, the GENERATE_CHI flag
+# controls if a separate .chi index file is generated (YES) or that
+# it should be included in the master .chm file (NO).
+
+GENERATE_CHI = NO
+
+# If the GENERATE_HTMLHELP tag is set to YES, the CHM_INDEX_ENCODING
+# is used to encode HtmlHelp index (hhk), content (hhc) and project file
+# content.
+
+CHM_INDEX_ENCODING =
+
+# If the GENERATE_HTMLHELP tag is set to YES, the BINARY_TOC flag
+# controls whether a binary table of contents is generated (YES) or a
+# normal table of contents (NO) in the .chm file.
+
+BINARY_TOC = NO
+
+# The TOC_EXPAND flag can be set to YES to add extra items for group members
+# to the contents of the HTML help documentation and to the tree view.
+
+TOC_EXPAND = NO
+
+# The DISABLE_INDEX tag can be used to turn on/off the condensed index at
+# top of each HTML page. The value NO (the default) enables the index and
+# the value YES disables it.
+
+DISABLE_INDEX = NO
+
+# This tag can be used to set the number of enum values (range [1..20])
+# that doxygen will group on one line in the generated HTML documentation.
+
+ENUM_VALUES_PER_LINE = 4
+
+# The GENERATE_TREEVIEW tag is used to specify whether a tree-like index
+# structure should be generated to display hierarchical information.
+# If the tag value is set to FRAME, a side panel will be generated
+# containing a tree-like index structure (just like the one that
+# is generated for HTML Help). For this to work a browser that supports
+# JavaScript, DHTML, CSS and frames is required (for instance Mozilla 1.0+,
+# Netscape 6.0+, Internet explorer 5.0+, or Konqueror). Windows users are
+# probably better off using the HTML help feature. Other possible values
+# for this tag are: HIERARCHIES, which will generate the Groups, Directories,
+# and Class Hiererachy pages using a tree view instead of an ordered list;
+# ALL, which combines the behavior of FRAME and HIERARCHIES; and NONE, which
+# disables this behavior completely. For backwards compatibility with previous
+# releases of Doxygen, the values YES and NO are equivalent to FRAME and NONE
+# respectively.
+
+GENERATE_TREEVIEW = YES
+
+# If the treeview is enabled (see GENERATE_TREEVIEW) then this tag can be
+# used to set the initial width (in pixels) of the frame in which the tree
+# is shown.
+
+TREEVIEW_WIDTH = 250
+
+# Use this tag to change the font size of Latex formulas included
+# as images in the HTML documentation. The default is 10. Note that
+# when you change the font size after a successful doxygen run you need
+# to manually remove any form_*.png images from the HTML output directory
+# to force them to be regenerated.
+
+FORMULA_FONTSIZE = 10
+
+#---------------------------------------------------------------------------
+# configuration options related to the LaTeX output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_LATEX tag is set to YES (the default) Doxygen will
+# generate Latex output.
+
+GENERATE_LATEX = NO
+
+# The LATEX_OUTPUT tag is used to specify where the LaTeX docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `latex' will be used as the default path.
+
+LATEX_OUTPUT = latex
+
+# The LATEX_CMD_NAME tag can be used to specify the LaTeX command name to be
+# invoked. If left blank `latex' will be used as the default command name.
+
+LATEX_CMD_NAME = latex
+
+# The MAKEINDEX_CMD_NAME tag can be used to specify the command name to
+# generate index for LaTeX. If left blank `makeindex' will be used as the
+# default command name.
+
+MAKEINDEX_CMD_NAME = makeindex
+
+# If the COMPACT_LATEX tag is set to YES Doxygen generates more compact
+# LaTeX documents. This may be useful for small projects and may help to
+# save some trees in general.
+
+COMPACT_LATEX = NO
+
+# The PAPER_TYPE tag can be used to set the paper type that is used
+# by the printer. Possible values are: a4, a4wide, letter, legal and
+# executive. If left blank a4wide will be used.
+
+PAPER_TYPE = a4wide
+
+# The EXTRA_PACKAGES tag can be to specify one or more names of LaTeX
+# packages that should be included in the LaTeX output.
+
+EXTRA_PACKAGES =
+
+# The LATEX_HEADER tag can be used to specify a personal LaTeX header for
+# the generated latex document. The header should contain everything until
+# the first chapter. If it is left blank doxygen will generate a
+# standard header. Notice: only use this tag if you know what you are doing!
+
+LATEX_HEADER =
+
+# If the PDF_HYPERLINKS tag is set to YES, the LaTeX that is generated
+# is prepared for conversion to pdf (using ps2pdf). The pdf file will
+# contain links (just like the HTML output) instead of page references
+# This makes the output suitable for online browsing using a pdf viewer.
+
+PDF_HYPERLINKS = YES
+
+# If the USE_PDFLATEX tag is set to YES, pdflatex will be used instead of
+# plain latex in the generated Makefile. Set this option to YES to get a
+# higher quality PDF documentation.
+
+USE_PDFLATEX = YES
+
+# If the LATEX_BATCHMODE tag is set to YES, doxygen will add the \\batchmode.
+# command to the generated LaTeX files. This will instruct LaTeX to keep
+# running if errors occur, instead of asking the user for help.
+# This option is also used when generating formulas in HTML.
+
+LATEX_BATCHMODE = NO
+
+# If LATEX_HIDE_INDICES is set to YES then doxygen will not
+# include the index chapters (such as File Index, Compound Index, etc.)
+# in the output.
+
+LATEX_HIDE_INDICES = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the RTF output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_RTF tag is set to YES Doxygen will generate RTF output
+# The RTF output is optimized for Word 97 and may not look very pretty with
+# other RTF readers or editors.
+
+GENERATE_RTF = NO
+
+# The RTF_OUTPUT tag is used to specify where the RTF docs will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `rtf' will be used as the default path.
+
+RTF_OUTPUT = rtf
+
+# If the COMPACT_RTF tag is set to YES Doxygen generates more compact
+# RTF documents. This may be useful for small projects and may help to
+# save some trees in general.
+
+COMPACT_RTF = NO
+
+# If the RTF_HYPERLINKS tag is set to YES, the RTF that is generated
+# will contain hyperlink fields. The RTF file will
+# contain links (just like the HTML output) instead of page references.
+# This makes the output suitable for online browsing using WORD or other
+# programs which support those fields.
+# Note: wordpad (write) and others do not support links.
+
+RTF_HYPERLINKS = NO
+
+# Load stylesheet definitions from file. Syntax is similar to doxygen's
+# config file, i.e. a series of assignments. You only have to provide
+# replacements, missing definitions are set to their default value.
+
+RTF_STYLESHEET_FILE =
+
+# Set optional variables used in the generation of an rtf document.
+# Syntax is similar to doxygen's config file.
+
+RTF_EXTENSIONS_FILE =
+
+#---------------------------------------------------------------------------
+# configuration options related to the man page output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_MAN tag is set to YES (the default) Doxygen will
+# generate man pages
+
+GENERATE_MAN = NO
+
+# The MAN_OUTPUT tag is used to specify where the man pages will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `man' will be used as the default path.
+
+MAN_OUTPUT = man
+
+# The MAN_EXTENSION tag determines the extension that is added to
+# the generated man pages (default is the subroutine's section .3)
+
+MAN_EXTENSION = .3
+
+# If the MAN_LINKS tag is set to YES and Doxygen generates man output,
+# then it will generate one additional man file for each entity
+# documented in the real man page(s). These additional files
+# only source the real man page, but without them the man command
+# would be unable to find the correct page. The default is NO.
+
+MAN_LINKS = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the XML output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_XML tag is set to YES Doxygen will
+# generate an XML file that captures the structure of
+# the code including all documentation.
+
+GENERATE_XML = NO
+
+# The XML_OUTPUT tag is used to specify where the XML pages will be put.
+# If a relative path is entered the value of OUTPUT_DIRECTORY will be
+# put in front of it. If left blank `xml' will be used as the default path.
+
+XML_OUTPUT = xml
+
+# The XML_SCHEMA tag can be used to specify an XML schema,
+# which can be used by a validating XML parser to check the
+# syntax of the XML files.
+
+XML_SCHEMA =
+
+# The XML_DTD tag can be used to specify an XML DTD,
+# which can be used by a validating XML parser to check the
+# syntax of the XML files.
+
+XML_DTD =
+
+# If the XML_PROGRAMLISTING tag is set to YES Doxygen will
+# dump the program listings (including syntax highlighting
+# and cross-referencing information) to the XML output. Note that
+# enabling this will significantly increase the size of the XML output.
+
+XML_PROGRAMLISTING = YES
+
+#---------------------------------------------------------------------------
+# configuration options for the AutoGen Definitions output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_AUTOGEN_DEF tag is set to YES Doxygen will
+# generate an AutoGen Definitions (see autogen.sf.net) file
+# that captures the structure of the code including all
+# documentation. Note that this feature is still experimental
+# and incomplete at the moment.
+
+GENERATE_AUTOGEN_DEF = NO
+
+#---------------------------------------------------------------------------
+# configuration options related to the Perl module output
+#---------------------------------------------------------------------------
+
+# If the GENERATE_PERLMOD tag is set to YES Doxygen will
+# generate a Perl module file that captures the structure of
+# the code including all documentation. Note that this
+# feature is still experimental and incomplete at the
+# moment.
+
+GENERATE_PERLMOD = NO
+
+# If the PERLMOD_LATEX tag is set to YES Doxygen will generate
+# the necessary Makefile rules, Perl scripts and LaTeX code to be able
+# to generate PDF and DVI output from the Perl module output.
+
+PERLMOD_LATEX = NO
+
+# If the PERLMOD_PRETTY tag is set to YES the Perl module output will be
+# nicely formatted so it can be parsed by a human reader. This is useful
+# if you want to understand what is going on. On the other hand, if this
+# tag is set to NO the size of the Perl module output will be much smaller
+# and Perl will parse it just the same.
+
+PERLMOD_PRETTY = YES
+
+# The names of the make variables in the generated doxyrules.make file
+# are prefixed with the string contained in PERLMOD_MAKEVAR_PREFIX.
+# This is useful so different doxyrules.make files included by the same
+# Makefile don't overwrite each other's variables.
+
+PERLMOD_MAKEVAR_PREFIX =
+
+#---------------------------------------------------------------------------
+# Configuration options related to the preprocessor
+#---------------------------------------------------------------------------
+
+# If the ENABLE_PREPROCESSING tag is set to YES (the default) Doxygen will
+# evaluate all C-preprocessor directives found in the sources and include
+# files.
+
+ENABLE_PREPROCESSING = YES
+
+# If the MACRO_EXPANSION tag is set to YES Doxygen will expand all macro
+# names in the source code. If set to NO (the default) only conditional
+# compilation will be performed. Macro expansion can be done in a controlled
+# way by setting EXPAND_ONLY_PREDEF to YES.
+
+MACRO_EXPANSION = NO
+
+# If the EXPAND_ONLY_PREDEF and MACRO_EXPANSION tags are both set to YES
+# then the macro expansion is limited to the macros specified with the
+# PREDEFINED and EXPAND_AS_DEFINED tags.
+
+EXPAND_ONLY_PREDEF = NO
+
+# If the SEARCH_INCLUDES tag is set to YES (the default) the includes files
+# in the INCLUDE_PATH (see below) will be search if a #include is found.
+
+SEARCH_INCLUDES = YES
+
+# The INCLUDE_PATH tag can be used to specify one or more directories that
+# contain include files that are not input files but should be processed by
+# the preprocessor.
+
+INCLUDE_PATH =
+
+# You can use the INCLUDE_FILE_PATTERNS tag to specify one or more wildcard
+# patterns (like *.h and *.hpp) to filter out the header-files in the
+# directories. If left blank, the patterns specified with FILE_PATTERNS will
+# be used.
+
+INCLUDE_FILE_PATTERNS =
+
+# The PREDEFINED tag can be used to specify one or more macro names that
+# are defined before the preprocessor is started (similar to the -D option of
+# gcc). The argument of the tag is a list of macros of the form: name
+# or name=definition (no spaces). If the definition and the = are
+# omitted =1 is assumed. To prevent a macro definition from being
+# undefined via #undef or recursively expanded use the := operator
+# instead of the = operator.
+
+PREDEFINED =
+
+# If the MACRO_EXPANSION and EXPAND_ONLY_PREDEF tags are set to YES then
+# this tag can be used to specify a list of macro names that should be expanded.
+# The macro definition that is found in the sources will be used.
+# Use the PREDEFINED tag if you want to use a different macro definition.
+
+EXPAND_AS_DEFINED =
+
+# If the SKIP_FUNCTION_MACROS tag is set to YES (the default) then
+# doxygen's preprocessor will remove all function-like macros that are alone
+# on a line, have an all uppercase name, and do not end with a semicolon. Such
+# function macros are typically used for boiler-plate code, and will confuse
+# the parser if not removed.
+
+SKIP_FUNCTION_MACROS = YES
+
+#---------------------------------------------------------------------------
+# Configuration::additions related to external references
+#---------------------------------------------------------------------------
+
+# The TAGFILES option can be used to specify one or more tagfiles.
+# Optionally an initial location of the external documentation
+# can be added for each tagfile. The format of a tag file without
+# this location is as follows:
+# TAGFILES = file1 file2 ...
+# Adding location for the tag files is done as follows:
+# TAGFILES = file1=loc1 "file2 = loc2" ...
+# where "loc1" and "loc2" can be relative or absolute paths or
+# URLs. If a location is present for each tag, the installdox tool
+# does not have to be run to correct the links.
+# Note that each tag file must have a unique name
+# (where the name does NOT include the path)
+# If a tag file is not located in the directory in which doxygen
+# is run, you must also specify the path to the tagfile here.
+
+TAGFILES =
+
+# When a file name is specified after GENERATE_TAGFILE, doxygen will create
+# a tag file that is based on the input files it reads.
+
+GENERATE_TAGFILE =
+
+# If the ALLEXTERNALS tag is set to YES all external classes will be listed
+# in the class index. If set to NO only the inherited external classes
+# will be listed.
+
+ALLEXTERNALS = NO
+
+# If the EXTERNAL_GROUPS tag is set to YES all external groups will be listed
+# in the modules index. If set to NO, only the current project's groups will
+# be listed.
+
+EXTERNAL_GROUPS = YES
+
+# The PERL_PATH should be the absolute path and name of the perl script
+# interpreter (i.e. the result of `which perl').
+
+PERL_PATH = /usr/bin/perl
+
+#---------------------------------------------------------------------------
+# Configuration options related to the dot tool
+#---------------------------------------------------------------------------
+
+# If the CLASS_DIAGRAMS tag is set to YES (the default) Doxygen will
+# generate a inheritance diagram (in HTML, RTF and LaTeX) for classes with base
+# or super classes. Setting the tag to NO turns the diagrams off. Note that
+# this option is superseded by the HAVE_DOT option below. This is only a
+# fallback. It is recommended to install and use dot, since it yields more
+# powerful graphs.
+
+CLASS_DIAGRAMS = YES
+
+# You can define message sequence charts within doxygen comments using the \msc
+# command. Doxygen will then run the mscgen tool (see
+# http://www.mcternan.me.uk/mscgen/) to produce the chart and insert it in the
+# documentation. The MSCGEN_PATH tag allows you to specify the directory where
+# the mscgen tool resides. If left empty the tool is assumed to be found in the
+# default search path.
+
+MSCGEN_PATH =
+
+# If set to YES, the inheritance and collaboration graphs will hide
+# inheritance and usage relations if the target is undocumented
+# or is not a class.
+
+HIDE_UNDOC_RELATIONS = YES
+
+# If you set the HAVE_DOT tag to YES then doxygen will assume the dot tool is
+# available from the path. This tool is part of Graphviz, a graph visualization
+# toolkit from AT&T and Lucent Bell Labs. The other options in this section
+# have no effect if this option is set to NO (the default)
+
+HAVE_DOT = YES
+
+# By default doxygen will write a font called FreeSans.ttf to the output
+# directory and reference it in all dot files that doxygen generates. This
+# font does not include all possible unicode characters however, so when you need
+# these (or just want a differently looking font) you can specify the font name
+# using DOT_FONTNAME. You need need to make sure dot is able to find the font,
+# which can be done by putting it in a standard location or by setting the
+# DOTFONTPATH environment variable or by setting DOT_FONTPATH to the directory
+# containing the font.
+
+DOT_FONTNAME = FreeSans
+
+# By default doxygen will tell dot to use the output directory to look for the
+# FreeSans.ttf font (which doxygen will put there itself). If you specify a
+# different font using DOT_FONTNAME you can set the path where dot
+# can find it using this tag.
+
+DOT_FONTPATH =
+
+# If the CLASS_GRAPH and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for each documented class showing the direct and
+# indirect inheritance relations. Setting this tag to YES will force the
+# the CLASS_DIAGRAMS tag to NO.
+
+CLASS_GRAPH = YES
+
+# If the COLLABORATION_GRAPH and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for each documented class showing the direct and
+# indirect implementation dependencies (inheritance, containment, and
+# class references variables) of the class with other documented classes.
+
+COLLABORATION_GRAPH = YES
+
+# If the GROUP_GRAPHS and HAVE_DOT tags are set to YES then doxygen
+# will generate a graph for groups, showing the direct groups dependencies
+
+GROUP_GRAPHS = YES
+
+# If the UML_LOOK tag is set to YES doxygen will generate inheritance and
+# collaboration diagrams in a style similar to the OMG's Unified Modeling
+# Language.
+
+UML_LOOK = NO
+
+# If set to YES, the inheritance and collaboration graphs will show the
+# relations between templates and their instances.
+
+TEMPLATE_RELATIONS = NO
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDE_GRAPH, and HAVE_DOT
+# tags are set to YES then doxygen will generate a graph for each documented
+# file showing the direct and indirect include dependencies of the file with
+# other documented files.
+
+INCLUDE_GRAPH = YES
+
+# If the ENABLE_PREPROCESSING, SEARCH_INCLUDES, INCLUDED_BY_GRAPH, and
+# HAVE_DOT tags are set to YES then doxygen will generate a graph for each
+# documented header file showing the documented files that directly or
+# indirectly include this file.
+
+INCLUDED_BY_GRAPH = YES
+
+# If the CALL_GRAPH and HAVE_DOT options are set to YES then
+# doxygen will generate a call dependency graph for every global function
+# or class method. Note that enabling this option will significantly increase
+# the time of a run. So in most cases it will be better to enable call graphs
+# for selected functions only using the \callgraph command.
+
+CALL_GRAPH = YES
+
+# If the CALLER_GRAPH and HAVE_DOT tags are set to YES then
+# doxygen will generate a caller dependency graph for every global function
+# or class method. Note that enabling this option will significantly increase
+# the time of a run. So in most cases it will be better to enable caller
+# graphs for selected functions only using the \callergraph command.
+
+CALLER_GRAPH = NO
+
+# If the GRAPHICAL_HIERARCHY and HAVE_DOT tags are set to YES then doxygen
+# will graphical hierarchy of all classes instead of a textual one.
+
+GRAPHICAL_HIERARCHY = YES
+
+# If the DIRECTORY_GRAPH, SHOW_DIRECTORIES and HAVE_DOT tags are set to YES
+# then doxygen will show the dependencies a directory has on other directories
+# in a graphical way. The dependency relations are determined by the #include
+# relations between the files in the directories.
+
+DIRECTORY_GRAPH = YES
+
+# The DOT_IMAGE_FORMAT tag can be used to set the image format of the images
+# generated by dot. Possible values are png, jpg, or gif
+# If left blank png will be used.
+
+DOT_IMAGE_FORMAT = png
+
+# The tag DOT_PATH can be used to specify the path where the dot tool can be
+# found. If left blank, it is assumed the dot tool can be found in the path.
+
+DOT_PATH =
+
+# The DOTFILE_DIRS tag can be used to specify one or more directories that
+# contain dot files that are included in the documentation (see the
+# \dotfile command).
+
+DOTFILE_DIRS =
+
+# The DOT_GRAPH_MAX_NODES tag can be used to set the maximum number of
+# nodes that will be shown in the graph. If the number of nodes in a graph
+# becomes larger than this value, doxygen will truncate the graph, which is
+# visualized by representing a node as a red box. Note that doxygen if the
+# number of direct children of the root node in a graph is already larger than
+# DOT_GRAPH_MAX_NODES then the graph will not be shown at all. Also note
+# that the size of a graph can be further restricted by MAX_DOT_GRAPH_DEPTH.
+
+DOT_GRAPH_MAX_NODES = 50
+
+# The MAX_DOT_GRAPH_DEPTH tag can be used to set the maximum depth of the
+# graphs generated by dot. A depth value of 3 means that only nodes reachable
+# from the root by following a path via at most 3 edges will be shown. Nodes
+# that lay further from the root node will be omitted. Note that setting this
+# option to 1 or 2 may greatly reduce the computation time needed for large
+# code bases. Also note that the size of a graph can be further restricted by
+# DOT_GRAPH_MAX_NODES. Using a depth of 0 means no depth restriction.
+
+MAX_DOT_GRAPH_DEPTH = 0
+
+# Set the DOT_TRANSPARENT tag to YES to generate images with a transparent
+# background. This is enabled by default, which results in a transparent
+# background. Warning: Depending on the platform used, enabling this option
+# may lead to badly anti-aliased labels on the edges of a graph (i.e. they
+# become hard to read).
+
+DOT_TRANSPARENT = YES
+
+# Set the DOT_MULTI_TARGETS tag to YES allow dot to generate multiple output
+# files in one run (i.e. multiple -o and -T options on the command line). This
+# makes dot run faster, but since only newer versions of dot (>1.8.10)
+# support this, this feature is disabled by default.
+
+DOT_MULTI_TARGETS = NO
+
+# If the GENERATE_LEGEND tag is set to YES (the default) Doxygen will
+# generate a legend page explaining the meaning of the various boxes and
+# arrows in the dot generated graphs.
+
+GENERATE_LEGEND = YES
+
+# If the DOT_CLEANUP tag is set to YES (the default) Doxygen will
+# remove the intermediate dot files that are used to generate
+# the various graphs.
+
+DOT_CLEANUP = YES
+
+#---------------------------------------------------------------------------
+# Configuration::additions related to the search engine
+#---------------------------------------------------------------------------
+
+# The SEARCHENGINE tag specifies whether or not a search engine should be
+# used. If set to NO the values of all tags below this one will be ignored.
+
+SEARCHENGINE = NO
--- /dev/null
+#
+# GNU Makefile
+#
+.PHONY: all clean install
+
+SRCS = example_1.c example_2.c example_3.c example_4.c
+
+OBJS := ${SRCS:.c=.o}
+PROGRAMS := ${SRCS:.c=}
+
+all: ${PROGRAMS}
+
+HEADERS := ../client.h ../radius.h
+
+${OBJS}: ${HEADERS}
+
+$(info ${PROGRAMS} ${OBJS})
+
+${PROGRAMS}: ../libnetworkradius-client.a
+
+
+%.o : %.c
+ $(CC) $(CFLAGS) -I.. -I. -c $<
+
+%.o: ${HEADERS}
+
+LDFLAGS = -L.. -lnetworkradius-client -lcrypto -lssl
+CFLAGS = -I..
+
+../libnetworkradius-client.a:
+ @${MAKE} -C .. libnetworkradius-client.a
+
+radsample.o: radsample.c ${HEADERS} nr_vp_create.c nr_packet_send.c
+
+#radsample: radsample.o ../libnetworkradius-client.a
+# ${CC} ${LFDLAGS} ${LIBS} -o $@ $^
+
+sample_chap.o: sample_chap.c ${HEADERS}
+
+sample_chap: sample_chap.o ../libnetworkradius-client.a
+ ${CC} ${LFDLAGS} ${LIBS} -o $@ $^
+
+radsample2.o: radsample2.c ${HEADERS} nr_vp_create.c
+
+radsample2: radsample2.o ../libnetworkradius-client.a
+ ${CC} ${LFDLAGS} ${LIBS} -o $@ $^
+
+radsample3.o: radsample3.c ${HEADERS} nr_transmit.c nr_server_t.c nr_vp_create.c
+
+radsample3: radsample3.o ../libnetworkradius-client.a
+ ${CC} ${LFDLAGS} ${LIBS} -o $@ $^
+
+clean:
+ @rm -rf *.o *.a *~
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <networkradius-devel/client.h>
+
+/** \file example_1.c
+ * \brief Sample code to initialize a RADIUS packet.
+ *
+ * This example initializes a packet, and then adds User-Name and
+ * User-Password to it. The resulting packet is then printed to the
+ * standard output.
+ */
+
+static const char *secret = "testing123";
+static uint8_t request_buffer[RS_MAX_PACKET_LEN];
+static uint8_t response_buffer[RS_MAX_PACKET_LEN];
+static RADIUS_PACKET request, response;
+
+int main(int argc, const char *argv[])
+{
+ ssize_t rcode;
+ const char *user = "bob";
+ const char *password = "password";
+
+ rcode = nr_packet_init(&request, NULL, secret, PW_ACCESS_REQUEST,
+ request_buffer, sizeof(request_buffer));
+ if (rcode < 0) {
+ error:
+ fprintf(stderr, "Error: %s\n", nr_strerror(rcode));
+ return 1;
+ }
+
+ if (argc > 1) user = argv[1];
+ if (argc > 2) password = argv[2];
+
+ rcode = nr_packet_attr_append(&request, NULL,
+ RS_DA_USER_NAME,
+ user, 0);
+ if (rcode < 0) goto error;
+
+ rcode = nr_packet_attr_append(&request, NULL,
+ RS_DA_USER_PASSWORD,
+ password, 0);
+ if (rcode < 0) goto error;
+
+ /*
+ * ALWAYS call nr_packet_sign() before sending the packet
+ * to anyone else!
+ */
+ rcode = nr_packet_sign(&request, NULL);
+ if (rcode < 0) goto error;
+
+ nr_packet_print_hex(&request);
+
+ rcode = nr_packet_decode(&request, NULL);
+ if (rcode < 0) goto error;
+
+ nr_vp_fprintf_list(stdout, request.vps);
+ nr_vp_free(&request.vps);
+
+ return 0;
+}
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <networkradius-devel/client.h>
+
+/** \file example_2.c
+ * \brief Sample code to initialize a RADIUS packet.
+ *
+ * This example initializes a packet, and then adds User-Name and
+ * CHAP-Password to it. The resulting packet is then printed to the
+ * standard output.
+ */
+
+static const char *secret = "testing123";
+static uint8_t request_buffer[RS_MAX_PACKET_LEN];
+static uint8_t response_buffer[RS_MAX_PACKET_LEN];
+static RADIUS_PACKET request, response;
+
+int main(int argc, const char *argv[])
+{
+ int rcode;
+ const char *user = "bob";
+ const char *password = "password";
+
+ rcode = nr_packet_init(&request, NULL, secret, PW_ACCESS_REQUEST,
+ request_buffer, sizeof(request_buffer));
+ if (rcode < 0) {
+ error:
+ fprintf(stderr, "Error: %s\n", nr_strerror(rcode));
+ return 1;
+ }
+
+ if (argc > 1) user = argv[1];
+ if (argc > 2) password = argv[2];
+
+ rcode = nr_packet_attr_append(&request, NULL,
+ RS_DA_USER_NAME,
+ user, 0);
+ if (rcode < 0) goto error;
+
+ rcode = nr_packet_attr_append(&request, NULL,
+ RS_DA_CHAP_PASSWORD,
+ password, strlen(password));
+ if (rcode < 0) goto error;
+
+ /*
+ * ALWAYS call nr_packet_sign() before sending the packet
+ * to anyone else!
+ */
+ rcode = nr_packet_sign(&request, NULL);
+ if (rcode < 0) goto error;
+
+ nr_packet_print_hex(&request);
+
+ rcode = nr_packet_decode(&request, NULL);
+ if (rcode < 0) goto error;
+
+ nr_vp_fprintf_list(stdout, request.vps);
+ nr_vp_free(&request.vps);
+
+ return 0;
+}
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <networkradius-devel/client.h>
+
+/** \file example_3.c
+ * \brief Sample code to initialize a RADIUS packet and a response to it.
+ *
+ * This example initializes a packet, and then adds User-Name and
+ * User-Password to it. The resulting packet is then printed to the
+ * standard output.
+ *
+ * As a next step, it then creates the response, and prints that,
+ * too.
+ */
+
+static const char *secret = "testing123";
+static uint8_t request_buffer[RS_MAX_PACKET_LEN];
+static uint8_t response_buffer[RS_MAX_PACKET_LEN];
+static RADIUS_PACKET request, response;
+
+int main(int argc, const char *argv[])
+{
+ int rcode;
+ const char *user = "bob";
+ const char *password = "password";
+
+ rcode = nr_packet_init(&request, NULL, secret, PW_ACCESS_REQUEST,
+ request_buffer, sizeof(request_buffer));
+ if (rcode < 0) {
+ error:
+ fprintf(stderr, "Error :%s\n", nr_strerror(rcode));
+ return 1;
+ }
+
+ if (argc > 1) user = argv[1];
+ if (argc > 2) password = argv[2];
+
+ rcode = nr_packet_attr_append(&request, NULL,
+ RS_DA_USER_NAME,
+ user, 0);
+ if (rcode < 0) goto error;
+
+ rcode = nr_packet_attr_append(&request, NULL,
+ RS_DA_USER_PASSWORD,
+ password, 0);
+ if (rcode < 0) goto error;
+
+ /*
+ * ALWAYS call nr_packet_sign() before sending the packet
+ * to anyone else!
+ */
+ rcode = nr_packet_sign(&request, NULL);
+ if (rcode < 0) goto error;
+
+ nr_packet_print_hex(&request);
+
+ rcode = nr_packet_init(&response, &request, secret, PW_ACCESS_ACCEPT,
+ response_buffer, sizeof(response_buffer));
+ if (rcode < 0) goto error;
+
+ rcode = nr_packet_attr_append(&response, &request,
+ RS_DA_REPLY_MESSAGE,
+ "Success!", 0);
+ if (rcode < 0) goto error;
+
+ rcode = nr_packet_attr_append(&response, &request,
+ RS_DA_TUNNEL_PASSWORD,
+ password, 0);
+ if (rcode < 0) goto error;
+ rcode = nr_packet_sign(&response, &request);
+ if (rcode < 0) goto error;
+
+ nr_packet_print_hex(&response);
+
+ /*
+ * Check that the response is well-formed. The
+ * nr_packet_verify() function also calls nr_packet_ok().
+ * However, it is sometimes useful to separate "malformed
+ * packet" errors from "packet is not a response to a
+ * reqeust" errors.
+ */
+ rcode = nr_packet_ok(&response);
+ if (rcode < 0) goto error;
+
+ /*
+ * Double-check the signature of the response.
+ */
+ rcode = nr_packet_verify(&response, &request);
+ if (rcode < 0) goto error;
+
+ rcode = nr_packet_decode(&response, &request);
+ if (rcode < 0) goto error;
+
+ nr_vp_fprintf_list(stdout, response.vps);
+ nr_vp_free(&response.vps);
+
+ return 0;
+}
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <networkradius-devel/client.h>
+
+/** \file example_4.c
+ * \brief Allocate and manage multiple packets.
+ */
+
+static const char *secret = "testing123";
+static nr_server_t server;
+
+int main(int argc, const char *argv[])
+{
+ int rcode;
+ const char *user = "bob";
+ const char *password = "password";
+
+ rcode = nr_packet_init(&request, NULL, secret, PW_ACCESS_REQUEST,
+ request_buffer, sizeof(request_buffer));
+ if (rcode < 0) {
+ error:
+ fprintf(stderr, "Error :%s\n", nr_strerror(rcode));
+ return 1;
+ }
+
+ if (argc > 1) user = argv[1];
+ if (argc > 2) password = argv[2];
+
+ rcode = nr_packet_attr_append(&request, NULL,
+ RS_DA_USER_NAME,
+ user, 0);
+ if (rcode < 0) goto error;
+
+ rcode = nr_packet_attr_append(&request, NULL,
+ RS_DA_USER_PASSWORD,
+ password, 0);
+ if (rcode < 0) goto error;
+
+ /*
+ * ALWAYS call nr_packet_sign() before sending the packet
+ * to anyone else!
+ */
+ rcode = nr_packet_sign(&request, NULL);
+ if (rcode < 0) goto error;
+
+ nr_packet_print_hex(&request);
+
+ rcode = nr_packet_init(&response, &request, secret, PW_ACCESS_ACCEPT,
+ response_buffer, sizeof(response_buffer));
+ if (rcode < 0) goto error;
+
+ rcode = nr_packet_attr_append(&response, &request,
+ RS_DA_REPLY_MESSAGE,
+ "Success!", 0);
+ if (rcode < 0) goto error;
+
+ rcode = nr_packet_sign(&response, &request);
+ if (rcode < 0) goto error;
+
+ nr_packet_print_hex(&response);
+
+ /*
+ * Double-check the signature of the response.
+ */
+ rcode = nr_packet_verify(&response, &request);
+ if (rcode < 0) goto error;
+
+ return 0;
+}
--- /dev/null
+/*
+ * The person or persons who have associated work with this document
+ * (the "Dedicator" or "Certifier") hereby either (a) certifies that,
+ * to the best of his knowledge, the work of authorship identified is
+ * in the public domain of the country from which the work is
+ * published, or (b) hereby dedicates whatever copyright the
+ * dedicators holds in the work of authorship identified below (the
+ * "Work") to the public domain. A certifier, moreover, dedicates any
+ * copyright interest he may have in the associated work, and for
+ * these purposes, is described as a "dedicator" below.
+ *
+ * A certifier has taken reasonable steps to verify the copyright
+ * status of this work. Certifier recognizes that his good faith
+ * efforts may not shield him from liability if in fact the work
+ * certified is not in the public domain.
+ *
+ * Dedicator makes this dedication for the benefit of the public at
+ * large and to the detriment of the Dedicator's heirs and
+ * successors. Dedicator intends this dedication to be an overt act of
+ * relinquishment in perpetuity of all present and future rights under
+ * copyright law, whether vested or contingent, in the Work. Dedicator
+ * understands that such relinquishment of all rights includes the
+ * relinquishment of all rights to enforce (by lawsuit or otherwise)
+ * those copyrights in the Work.
+ *
+ * Dedicator recognizes that, once placed in the public domain, the
+ * Work may be freely reproduced, distributed, transmitted, used,
+ * modified, built upon, or otherwise exploited by anyone for any
+ * purpose, commercial or non-commercial, and in any way, including by
+ * methods that have not yet been invented or conceived.
+ */
+
+static VALUE_PAIR *example_nr_vp_create(void)
+{
+ VALUE_PAIR *vp;
+ VALUE_PAIR *head = NULL;
+
+ /*
+ * Create the request contents.
+ */
+ vp = nr_vp_create(PW_USER_NAME, 0, "bob", 4);
+ if (!vp) {
+ fprintf(stderr, "User-Name: %s\n", nr_strerror(0));
+ exit(1);
+ }
+ nr_vps_append(&head, vp);
+
+ /*
+ * The User-Password attribute is automatically encrypted
+ * when being placed in the packet. This version stays
+ * untouched, and should be "plain text".
+ */
+ vp = nr_vp_create(PW_USER_PASSWORD, 0, "hello", 6);
+ if (!vp) {
+ fprintf(stderr, "User-Password: %s\n", nr_strerror(0));
+ exit(1);
+ }
+ nr_vps_append(&head, vp);
+
+ return head;
+}
--- /dev/null
+#!/usr/bin/env perl
+######################################################################
+# Copyright (c) 2011, Network RADIUS SARL
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the <organization> nor the
+# names of its contributors may be used to endorse or promote products
+# derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+######################################################################
+#
+# Converts dictionaries to C defines. Does not yet do "VALUE"s.
+#
+# $Id$
+#
+require "common.pl";
+
+while (@ARGV) {
+ $filename = shift;
+ do_file($filename);
+}
+
+
+print "/* Automatically generated file. Do not edit */\n\n";
+
+foreach $v (sort keys %vendor) {
+ $name = $v;
+ $name =~ tr/a-z/A-Z/; # uppercase
+ $name =~ tr/A-Z0-9/_/c; # any ELSE becomes _
+
+ print "#define VENDORPEC_", $name, " ", $vendor{$v}{'pec'}, "\n";
+}
+print "\n";
+
+$begin_vendor = -1;
+foreach $attr_val (sort {$a <=> $b} keys %attributes) {
+ if ($attributes{$attr_val}{'vendor'} != $begin_vendor) {
+ print "\n/* ", $vendorpec{$attributes{$attr_val}{'vendor'}}, " */\n";
+ $begin_vendor = $attributes{$attr_val}{'vendor'};
+ }
+
+ $name = $attributes{$attr_val}{'name'};
+ $name =~ tr/a-z/A-Z/;
+ $name =~ tr/A-Z0-9/_/c;
+
+ print "#define PW_", $name, " ", $attributes{$attr_val}{'value'}, "\n";
+}
+print "\n\n";
+
+print "/* Automatically generated file. Do not edit */\n";
+
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "client.h"
+
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+/** \file id.c
+ * \brief Handling of ID allocation / freeing
+ *
+ */
+
+static int find_id(nr_server_t *s)
+{
+ int i;
+ uint32_t lvalue;
+
+ if ((s->used < 0) || (s->used > 256)) return -RSE_INTERNAL;
+
+ /*
+ * Ensure that the ID allocation is random.
+ */
+ lvalue = nr_rand();
+
+ for (i = 0; i < 256; i++) {
+ int offset = (i + lvalue) & 0xff;
+
+ if (!s->ids[offset]) return offset;
+ }
+
+ nr_strerror_printf("Out of IDs for server");
+ return -1;
+}
+
+int nr_server_id_alloc(nr_server_t *s, RADIUS_PACKET *packet)
+{
+ int new_id;
+
+ if (!s || !packet) return -RSE_INVAL;
+
+ new_id = find_id(s);
+ if (new_id < 0) return -new_id;
+
+ s->ids[new_id] = packet;
+ s->used++;
+ packet->sockfd = s->sockfd;
+ packet->code = s->code;
+ packet->src = s->src;
+ packet->dst = s->dst;
+ packet->id = new_id;
+
+ return 0;
+}
+
+int nr_server_id_free(nr_server_t *s, RADIUS_PACKET *packet)
+{
+ if (!s || !packet) return -RSE_INVAL;
+
+ if ((packet->id < 0) || (packet->id > 255) || !s->ids[packet->id]) {
+ return -RSE_INVAL;
+ }
+
+ if (s->ids[packet->id] != packet) return -RSE_INTERNAL;
+
+ s->ids[packet->id] = NULL;
+ s->used--;
+ packet->sockfd = -1;
+
+ return 0;
+}
+
+int nr_server_id_realloc(nr_server_t *s, RADIUS_PACKET *packet)
+{
+ int new_id;
+
+ if (!s || !packet) return -RSE_INVAL;
+
+ if ((packet->id < 0) || (packet->id > 255) || !s->ids[packet->id]) {
+ return -RSE_INVAL;
+ }
+
+ if (s->ids[packet->id] != packet) return -RSE_INTERNAL;
+
+ new_id = find_id(s);
+ if (new_id < 0) return new_id;
+
+ s->ids[packet->id] = NULL;
+ packet->id = new_id;
+ s->ids[packet->id] = packet;
+
+ return 0;
+}
+
+
+int nr_server_init(nr_server_t *s, int code, const char *secret)
+{
+ if (!s || !secret || !*secret ||
+ (code == 0) || (code > RS_MAX_PACKET_CODE)) {
+ return -RSE_INVAL;
+ }
+
+ memset(s, 0, sizeof(*s));
+
+ s->sockfd = -1;
+ s->code = code;
+ s->secret = secret;
+ s->sizeof_secret = strlen(secret);
+ s->src.ss_family = AF_UNSPEC;
+ s->dst.ss_family = AF_UNSPEC;
+
+ return 0;
+}
+
+
+int nr_server_close(const nr_server_t *s)
+{
+ if (!s) return -RSE_INVAL;
+
+ if (s->used > 0) return -RSE_INUSE;
+
+ if (s->sockfd >= 0) evutil_closesocket(s->sockfd);
+
+ return 0;
+}
+
+int nr_server_packet_alloc(const nr_server_t *s, RADIUS_PACKET **packet_p)
+{
+ int rcode;
+ RADIUS_PACKET *packet;
+
+ if (!packet_p) return -RSE_INVAL;
+
+ packet = malloc(sizeof(*packet) + RS_MAX_PACKET_LEN);
+ if (!packet) return -RSE_NOMEM;
+
+ memset(packet, 0, sizeof(*packet));
+
+ if (!s) {
+ packet->data = (uint8_t *)(packet + 1);
+ packet->sizeof_data = RS_MAX_PACKET_LEN;
+
+ *packet_p = packet;
+ return 0;
+ }
+
+ rcode = nr_packet_init(packet, NULL, s->secret, s->code,
+ (uint8_t *)(packet + 1), RS_MAX_PACKET_LEN);
+ if (rcode < 0) {
+ free(packet);
+ return rcode;
+ }
+
+ *packet_p = packet;
+ return 0;
+}
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/** \file parse.c
+ * \brief Routines to parse strings into internal data structures
+ */
+
+#include "client.h"
+
+#ifdef HAVE_ARPA_INET_H
+#include <arpa/inet.h>
+#endif
+
+ssize_t nr_vp_sscanf_value(VALUE_PAIR *vp, const char *value)
+{
+ char *end;
+
+ switch (vp->da->type) {
+ case RS_TYPE_STRING: {
+ size_t len = strlen(value);
+
+ if (len >= RS_MAX_STRING_LEN)
+ return -RSE_ATTR_TOO_LARGE;
+
+ memcpy(vp->vp_strvalue, value, len + 1);
+ return (vp->length = len);
+ }
+ case RS_TYPE_DATE:
+ case RS_TYPE_INTEGER:
+ vp->vp_integer = strtoul(value, &end, 10);
+ if ((value == end) || (*end != '\0')) {
+ nr_debug_error("Invalid value");
+ return -RSE_ATTR_VALUE_MALFORMED;
+ }
+ return (end - value);
+
+ case RS_TYPE_IPADDR:
+ if (inet_pton(AF_INET, value, &vp->vp_ipaddr) < 0) {
+ return -RSE_NOSYS;
+ }
+ return strlen(value);
+
+#ifdef RS_TYPE_IPV6ADDR
+ case RS_TYPE_IPV6ADDR:
+ if (inet_pton(AF_INET6, value, &vp-vp>ipv6addr) < 0) {
+ return -RSE_NOSYS;
+ }
+ return strlen(value);
+#endif
+
+#ifdef RS_TYPE_IFID
+ case RS_TYPE_IFID:
+ {
+ int i, array[8];
+
+ if (sscanf(value, "%02x%02x%02x%02x%02x%02x%02x%02x",
+ &array[0], &array[1], &array[2], &array[3],
+ &array[4], &array[5], &array[6], &array[7]) != 8) {
+ return -RSE_SYSTEM;
+ }
+
+ for (i = 0; i < 8; i++) vp->vp_ifid[i] = array[i] & 0xff;
+
+ }
+ break;
+#endif
+
+ default:
+ nr_debug_error("Invalid type");
+ return -RSE_ATTR_TYPE_UNKNOWN;
+ }
+
+ return 0;
+}
+
+int nr_vp_sscanf(const char *string, VALUE_PAIR **pvp)
+{
+ int rcode;
+ const char *p;
+ char *q;
+ const DICT_ATTR *da;
+ VALUE_PAIR *vp;
+ char buffer[256];
+
+ if (!string || !pvp) return -RSE_INVAL;
+
+ p = string;
+ q = buffer;
+ while (*p && (*p != ' ') && (*p != '=')) {
+ *(q++) = *(p++);
+ }
+ *q = '\0';
+
+ if (q == buffer) {
+ nr_debug_error("No Attribute name");
+ return -RSE_ATTR_BAD_NAME;
+ }
+
+ da = nr_dict_attr_byname(buffer);
+ if (!da) {
+ nr_debug_error("Unknown attribute \"%s\"", buffer);
+ return -RSE_ATTR_UNKNOWN;
+ }
+
+ while (*p == ' ') p++;
+ if (*p != '=') {
+ nr_debug_error("Unexpected text after attribute name");
+ return -RSE_ATTR_BAD_NAME;
+ }
+
+ p++;
+ while (*p == ' ') p++;
+
+ vp = nr_vp_alloc(da);
+ if (!vp) return -RSE_NOMEM;
+
+ rcode = nr_vp_sscanf_value(vp, p);
+ if (rcode < 0) {
+ nr_vp_free(&vp);
+ return rcode;
+ }
+
+ *pvp = vp;
+ return 0;
+}
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/** \file print.c
+ * \brief Functions to print things.
+ */
+
+#include "client.h"
+#include <string.h>
+#ifdef RS_TYPE_IPV6ADDR
+#include <arpa/inet.h>
+#endif
+
+#ifndef NDEBUG
+void nr_packet_print_hex(RADIUS_PACKET *packet)
+{
+ int i;
+
+ if (!packet->data) return;
+
+ printf(" Code:\t\t%u\n", packet->data[0]);
+ printf(" Id:\t\t%u\n", packet->data[1]);
+ printf(" Length:\t%u\n", ((packet->data[2] << 8) |
+ (packet->data[3])));
+ printf(" Vector:\t");
+ for (i = 4; i < 20; i++) {
+ printf("%02x", packet->data[i]);
+ }
+ printf("\n");
+ if ((packet->flags & RS_PACKET_SIGNED) == 0) printf("\t\tWARNING: nr_packet_sign() was not called!\n");
+
+ if (packet->length > 20) {
+ int total;
+ const uint8_t *ptr;
+ printf(" Data:");
+
+ total = packet->length - 20;
+ ptr = packet->data + 20;
+
+ while (total > 0) {
+ int attrlen;
+
+ printf("\t\t");
+ if (total < 2) { /* too short */
+ printf("%02x\n", *ptr);
+ break;
+ }
+
+ if (ptr[1] > total) { /* too long */
+ for (i = 0; i < total; i++) {
+ printf("%02x ", ptr[i]);
+ }
+ break;
+ }
+
+ printf("%02x %02x ", ptr[0], ptr[1]);
+ attrlen = ptr[1] - 2;
+ ptr += 2;
+ total -= 2;
+
+ for (i = 0; i < attrlen; i++) {
+ if ((i > 0) && ((i & 0x0f) == 0x00))
+ printf("\t\t\t");
+ printf("%02x ", ptr[i]);
+ if ((i & 0x0f) == 0x0f) printf("\n");
+ }
+
+ if (!attrlen || ((attrlen & 0x0f) != 0x00)) printf("\n");
+
+ ptr += attrlen;
+ total -= attrlen;
+ }
+ }
+ printf("\n");
+ fflush(stdout);
+}
+#endif
+
+size_t nr_vp_snprintf_value(char *buffer, size_t buflen, const VALUE_PAIR *vp)
+{
+ size_t i, len;
+ char *p = buffer;
+
+ switch (vp->da->type) {
+ case RS_TYPE_STRING:
+ /*
+ * FIXME: escape backslash && quotes!
+ */
+ len = snprintf(p, buflen, "%s", vp->vp_strvalue);
+ break;
+
+ case RS_TYPE_DATE:
+ case RS_TYPE_INTEGER:
+ case RS_TYPE_SHORT:
+ case RS_TYPE_BYTE:
+ len = snprintf(p, buflen, "%u", vp->vp_integer);
+ break;
+
+ case RS_TYPE_IPADDR:
+ len = snprintf(p, buflen, "%u.%u.%u.%u",
+ (vp->vp_ipaddr >> 24) & 0xff,
+ (vp->vp_ipaddr >> 16) & 0xff,
+ (vp->vp_ipaddr >> 8) & 0xff,
+ vp->vp_ipaddr & 0xff);
+ break;
+
+#ifdef RS_TYPE_IPV6ADDR
+ case RS_TYPE_IPV6ADDR:
+ if (!inet_ntop(AF_INET6, &vp->vp_ipv6addr, buffer, buflen)) {
+ return -RSE_SYSTEM;
+ }
+ break;
+#endif
+
+#ifdef RS_TYPE_IFID
+ case RS_TYPE_IFID:
+ len = snprintf(p, buflen, "%02x%02x%02x%02x%02x%02x%02x%02x",
+ vp->vp_ifid[0], vp->vp_ifid[1],
+ vp->vp_ifid[2], vp->vp_ifid[3],
+ vp->vp_ifid[4], vp->vp_ifid[5],
+ vp->vp_ifid[6], vp->vp_ifid[7]);
+ break;
+#endif
+
+ case RS_TYPE_OCTETS:
+ len = snprintf(p, buflen, "0x");
+ if (len >= buflen) return 0;
+
+ p += len;
+ buflen -= len;
+
+ for (i = 0; i < vp->length; i++) {
+ len = snprintf(p, buflen, "%02x", vp->vp_octets[i]);
+ if (len >= buflen) return 0;
+
+ p += len;
+ buflen -= len;
+ }
+ len = 0;
+ break;
+
+ default:
+ len = 0;
+ break;
+ }
+
+ if (len >= buflen) return 0;
+
+ p += len;
+ buflen -= len;
+
+ return p - buffer;
+}
+
+size_t nr_vp_snprintf(char *buffer, size_t buflen, const VALUE_PAIR *vp)
+{
+ size_t len;
+ char *p = buffer;
+
+ len = snprintf(p, buflen, "%s = ", vp->da->name);
+ if (len >= buflen) return 0;
+
+ p += len;
+ buflen -= len;
+
+ len = nr_vp_snprintf_value(p, buflen, vp);
+ if (len == 0) return 0;
+
+ if (len >= buflen) return 0;
+
+ p += len;
+
+ return p - buffer;
+}
+
+#ifndef NDEBUG
+void nr_vp_fprintf_list(FILE *fp, const VALUE_PAIR *vps)
+{
+ const VALUE_PAIR *vp;
+ char buffer[1024];
+
+ for (vp = vps; vp != NULL; vp = vp->next) {
+ nr_vp_snprintf(buffer, sizeof(buffer), vp);
+ fprintf(fp, "\t%s\n", buffer);
+ }
+}
+#endif
+
+/** \cond PRIVATE */
+#define NR_STRERROR_BUFSIZE (1024)
+static char nr_strerror_buffer[NR_STRERROR_BUFSIZE];
+
+void nr_strerror_printf(const char *fmt, ...)
+{
+ va_list ap;
+ va_start(ap, fmt);
+ vsnprintf(nr_strerror_buffer, sizeof(nr_strerror_buffer), fmt, ap);
+ va_end(ap);
+
+ fprintf(stderr, "ERROR: %s\n", nr_strerror_buffer);
+}
+/** \endcond */
+
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/** \file packet.c
+ * \brief Encoding and decoding packets
+ */
+
+#include "client.h"
+
+#if RS_MAX_PACKET_LEN < 64
+#error RS_MAX_PACKET_LEN is too small. It should be at least 64.
+#endif
+
+#if RS_MAX_PACKET_LEN > 16384
+#error RS_MAX_PACKET_LEN is too large. It should be smaller than 16K.
+#endif
+
+const char *nr_packet_codes[RS_MAX_PACKET_CODE + 1] = {
+ NULL,
+ "Access-Request",
+ "Access-Accept",
+ "Access-Reject",
+ "Accounting-Request",
+ "Accounting-Response",
+ NULL, NULL, NULL, NULL, NULL,
+ "Access-Challenge",
+ "Status-Server", /* 12 */
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL, /* 19 */
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, /* 20..29 */
+ NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, /* 30..39 */
+ "Disconnect-Request",
+ "Disconnect-ACK",
+ "Disconnect-NAK",
+ "CoA-Request",
+ "CoA-ACK",
+ "CoA-NAK"
+};
+
+
+static uint64_t allowed_responses[RS_MAX_PACKET_CODE + 1] = {
+ 0,
+ (1 << PW_ACCESS_ACCEPT) | (1 << PW_ACCESS_REJECT) | (1 << PW_ACCESS_CHALLENGE),
+ 0, 0,
+ 1 << PW_ACCOUNTING_RESPONSE,
+ 0,
+ 0, 0, 0, 0, 0,
+ 0,
+ (1 << PW_ACCESS_ACCEPT) | (1 << PW_ACCESS_REJECT) | (1 << PW_ACCESS_CHALLENGE) | (1 << PW_ACCOUNTING_RESPONSE),
+ 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 20..29 */
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 30..39 */
+ (((uint64_t) 1) << PW_DISCONNECT_ACK) | (((uint64_t) 1) << PW_DISCONNECT_NAK),
+ 0,
+ 0,
+ (((uint64_t) 1) << PW_COA_ACK) | (((uint64_t) 1) << PW_COA_NAK),
+ 0,
+ 0
+};
+
+
+int nr_packet_ok_raw(const uint8_t *data, size_t sizeof_data)
+{
+ size_t packet_len;
+ const uint8_t *attr, *end;
+
+ if (!data || (sizeof_data < 20)) {
+ nr_debug_error("Invalid argument");
+ return -RSE_INVAL;
+ }
+
+ packet_len = (data[2] << 8) | data[3];
+ if (packet_len < 20) {
+ nr_debug_error("Packet length is too small");
+ return -RSE_PACKET_TOO_SMALL;
+ }
+
+ if (packet_len > sizeof_data) {
+ nr_debug_error("Packet length overflows received data");
+ return -RSE_PACKET_TOO_LARGE;
+ }
+
+ /*
+ * If we receive 100 bytes, and the header says it's 20 bytes,
+ * then it's 20 bytes.
+ */
+ end = data + packet_len;
+
+ for (attr = data + 20; attr < end; attr += attr[1]) {
+ if ((attr + 2) > end) {
+ nr_debug_error("Attribute overflows packet");
+ return -RSE_ATTR_OVERFLOW;
+ }
+
+ if (attr[1] < 2) {
+ nr_debug_error("Attribute length is too small");
+ return -RSE_ATTR_TOO_SMALL;
+ }
+
+ if ((attr + attr[1]) > end) {
+ nr_debug_error("Attribute length is too large");
+ return -RSE_ATTR_TOO_LARGE;
+ }
+ }
+
+ return 0;
+}
+
+int nr_packet_ok(RADIUS_PACKET *packet)
+{
+ int rcode;
+
+ if (!packet) return -RSE_INVAL;
+
+ if ((packet->flags & RS_PACKET_OK) != 0) return 0;
+
+ rcode = nr_packet_ok_raw(packet->data, packet->length);
+ if (rcode < 0) return rcode;
+
+ packet->flags |= RS_PACKET_OK;
+ return 0;
+}
+
+
+/*
+ * Comparison function that is time-independent. Using "memcmp"
+ * would satisfy the "comparison" part. However, it would also
+ * leak information about *which* bytes are wrong. Attackers
+ * could use that leak to create a "correct" RADIUS packet which
+ * will be accepted by the client and/or server.
+ */
+static int digest_cmp(const uint8_t *a, const uint8_t *b, size_t length)
+{
+ int result = 0;
+ size_t i;
+
+ for (i = 0; i < length; i++) {
+ result |= (a[i] ^ b[i]);
+ }
+
+ return result;
+}
+
+
+#ifdef PW_MESSAGE_AUTHENTICATOR
+static int msg_auth_ok(const RADIUS_PACKET *original,
+ uint8_t *ma,
+ uint8_t *data, size_t length)
+{
+ uint8_t packet_vector[sizeof(original->vector)];
+ uint8_t msg_auth_vector[sizeof(original->vector)];
+ uint8_t calc_auth_vector[sizeof(original->vector)];
+
+ if (ma[1] != 18) {
+ nr_debug_error("Message-Authenticator has invalid length");
+ return -RSE_MSG_AUTH_LEN;
+ }
+
+ memcpy(packet_vector, data + 4, sizeof(packet_vector));
+ memcpy(msg_auth_vector, ma + 2, sizeof(msg_auth_vector));
+ memset(ma + 2, 0, sizeof(msg_auth_vector));
+
+ switch (data[0]) {
+ default:
+ break;
+
+ case PW_ACCOUNTING_REQUEST:
+ case PW_ACCOUNTING_RESPONSE:
+ case PW_DISCONNECT_REQUEST:
+ case PW_DISCONNECT_ACK:
+ case PW_DISCONNECT_NAK:
+ case PW_COA_REQUEST:
+ case PW_COA_ACK:
+ case PW_COA_NAK:
+ memset(data + 4, 0, sizeof(packet_vector));
+ break;
+
+ case PW_ACCESS_ACCEPT:
+ case PW_ACCESS_REJECT:
+ case PW_ACCESS_CHALLENGE:
+ if (!original) {
+ nr_debug_error("Cannot validate response without request");
+ return -RSE_REQUEST_REQUIRED;
+ }
+ memcpy(data + 4, original->vector, sizeof(original->vector));
+ break;
+ }
+
+ nr_hmac_md5(data, length,
+ (const uint8_t *) original->secret, original->sizeof_secret,
+ calc_auth_vector);
+
+ memcpy(ma + 2, msg_auth_vector, sizeof(msg_auth_vector));
+ memcpy(data + 4, packet_vector, sizeof(packet_vector));
+
+ if (digest_cmp(calc_auth_vector, msg_auth_vector,
+ sizeof(calc_auth_vector)) != 0) {
+ nr_debug_error("Invalid Message-Authenticator");
+ return -RSE_MSG_AUTH_WRONG;
+ }
+
+ return 1;
+}
+#endif
+
+/*
+ * The caller ensures that the packet codes are as expected.
+ */
+static int packet_auth_ok(const RADIUS_PACKET *original,
+ uint8_t *data, size_t length)
+{
+ uint8_t packet_vector[sizeof(original->vector)];
+ uint8_t calc_digest[sizeof(original->vector)];
+ RS_MD5_CTX ctx;
+
+ if ((data[0] == PW_ACCESS_REQUEST) ||
+ (data[0] == PW_STATUS_SERVER)) return 1;
+
+ memcpy(packet_vector, data + 4, sizeof(packet_vector));
+
+ if (!original) {
+ memset(data + 4, 0, sizeof(packet_vector));
+ } else {
+ memcpy(data + 4, original->vector, sizeof(original->vector));
+ }
+
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, data, length);
+ RS_MD5Update(&ctx, (const unsigned char *)original->secret, original->sizeof_secret);
+ RS_MD5Final(calc_digest, &ctx);
+
+ memcpy(data + 4, packet_vector, sizeof(packet_vector));
+
+ if (digest_cmp(calc_digest, packet_vector,
+ sizeof(packet_vector)) != 0) {
+ nr_debug_error("Invalid authentication vector");
+ return -RSE_AUTH_VECTOR_WRONG;
+ }
+
+ return 0;
+}
+
+
+int nr_packet_verify(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
+{
+ int rcode;
+ uint8_t *attr;
+#ifdef PW_MESSAGE_AUTHENTICATOR
+ const uint8_t *end;
+#endif
+
+ if (!packet || !packet->data || !packet->secret) {
+ nr_debug_error("Invalid argument");
+ return -RSE_INVAL;
+ }
+
+ if ((packet->flags & RS_PACKET_VERIFIED) != 0) return 0;
+
+ /*
+ * Packet isn't well formed. Ignore it.
+ */
+ rcode = nr_packet_ok(packet);
+ if (rcode < 0) return rcode;
+
+ /*
+ * Get rid of improper packets as early as possible.
+ */
+ if (original) {
+ uint64_t mask;
+
+ if (original->code > RS_MAX_PACKET_CODE) {
+ nr_debug_error("Invalid original code %u",
+ original->code);
+ return -RSE_INVALID_REQUEST_CODE;
+ }
+
+ if (packet->data[1] != original->id) {
+ nr_debug_error("Ignoring response with wrong ID %u",
+ packet->data[1]);
+ return -RSE_INVALID_RESPONSE_CODE;
+ }
+
+ mask = 1;
+ mask <<= packet->data[0];
+
+ if ((allowed_responses[original->code] & mask) == 0) {
+ nr_debug_error("Ignoring response with wrong code %u",
+ packet->data[0]);
+ return -RSE_INVALID_RESPONSE_CODE;
+ }
+
+ if ((memcmp(&packet->src, &original->dst, sizeof(packet->src)) != 0) &&
+ (evutil_sockaddr_cmp((struct sockaddr *)&packet->src, (struct sockaddr *)&original->dst, 1) != 0)) {
+ nr_debug_error("Ignoring response from wrong IP/port");
+ return -RSE_INVALID_RESPONSE_SRC;
+ }
+
+ } else if (allowed_responses[packet->data[0]] != 0) {
+ nr_debug_error("Ignoring response without original");
+ return -RSE_INVALID_RESPONSE_CODE;
+ }
+
+#ifdef PW_MESSAGE_AUTHENTICATOR
+ end = packet->data + packet->length;
+
+ /*
+ * Note that the packet MUST be well-formed here.
+ */
+ for (attr = packet->data + 20; attr < end; attr += attr[1]) {
+ if (attr[0] == PW_MESSAGE_AUTHENTICATOR) {
+ rcode = msg_auth_ok(original, attr,
+ packet->data, packet->length);
+ if (rcode < 0) return rcode;
+ }
+ }
+#endif
+
+ /*
+ * Verify the packet authenticator.
+ */
+ rcode = packet_auth_ok(original, packet->data, packet->length);
+ if (rcode < 0) return rcode;
+
+ packet->flags |= RS_PACKET_VERIFIED;
+
+ return 0;
+}
+
+
+int nr_packet_decode(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
+{
+ int rcode, num_attributes;
+ uint8_t *data, *attr;
+ const uint8_t *end;
+ VALUE_PAIR **tail, *vp;
+
+ if (!packet) return -RSE_INVAL;
+
+ if ((packet->flags & RS_PACKET_DECODED) != 0) return 0;
+
+ rcode = nr_packet_ok(packet);
+ if (rcode < 0) return rcode;
+
+ data = packet->data;
+ end = data + packet->length;
+ tail = &packet->vps;
+ num_attributes = 0;
+
+ /*
+ * Loop over the packet, converting attrs to VPs.
+ */
+ for (attr = data + 20; attr < end; attr += attr[1]) {
+ rcode = nr_attr2vp(packet, original,
+ attr, end - attr, &vp);
+ if (rcode < 0) {
+ nr_vp_free(&packet->vps);
+ return -rcode;
+ }
+
+ *tail = vp;
+ while (vp) {
+ num_attributes++;
+ tail = &(vp->next);
+ vp = vp->next;
+ }
+
+ if (num_attributes > RS_MAX_ATTRIBUTES) {
+ nr_debug_error("Too many attributes");
+ nr_vp_free(&packet->vps);
+ return -RSE_TOO_MANY_ATTRS;
+ }
+ }
+
+ packet->code = data[0];
+ packet->id = data[1];
+ memcpy(packet->vector, data + 4, sizeof(packet->vector));
+
+ packet->flags |= RS_PACKET_DECODED;
+
+ return 0;
+}
+
+
+int nr_packet_sign(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
+{
+#ifdef PW_MESSAGE_AUTHENTICATOR
+ size_t ma = 0;
+ const uint8_t *attr, *end;
+#endif
+
+ if ((packet->flags & RS_PACKET_SIGNED) != 0) return 0;
+
+ if ((packet->flags & RS_PACKET_ENCODED) == 0) {
+ int rcode;
+
+ rcode = nr_packet_encode(packet, original);
+ if (rcode < 0) return rcode;
+ }
+
+ if ((packet->code == PW_ACCESS_ACCEPT) ||
+ (packet->code == PW_ACCESS_CHALLENGE) ||
+ (packet->code == PW_ACCESS_REJECT)) {
+#ifdef PW_MESSAGE_AUTHENTICATOR
+ if (!original) {
+ nr_debug_error("Original packet is required to create the Message-Authenticator");
+ return -RSE_REQUEST_REQUIRED;
+ }
+#endif
+
+ memcpy(packet->data + 4, original->vector,
+ sizeof(original->vector));
+ } else {
+ memcpy(packet->data + 4, packet->vector,
+ sizeof(packet->vector));
+ }
+
+#ifdef PW_MESSAGE_AUTHENTICATOR
+ end = packet->data + packet->length;
+
+ for (attr = packet->data + 20; attr < end; attr += attr[1]) {
+ if (attr[0] == PW_MESSAGE_AUTHENTICATOR) {
+ ma = (attr - packet->data);
+ break;
+ }
+ }
+
+ /*
+ * Force all Access-Request packets to have a
+ * Message-Authenticator.
+ */
+ if (!ma && ((packet->length + 18) <= packet->sizeof_data) &&
+ ((packet->code == PW_ACCESS_REQUEST) ||
+ (packet->code == PW_STATUS_SERVER))) {
+ ma = packet->length;
+
+ packet->data[ma]= PW_MESSAGE_AUTHENTICATOR;
+ packet->data[ma + 1] = 18;
+ memset(&packet->data[ma + 2], 0, 16);
+ packet->length += 18;
+ }
+
+ /*
+ * Reset the length.
+ */
+ packet->data[2] = (packet->length >> 8) & 0xff;
+ packet->data[3] = packet->length & 0xff;
+
+ /*
+ * Sign the Message-Authenticator && packet.
+ */
+ if (ma) {
+ nr_hmac_md5(packet->data, packet->length,
+ (const uint8_t *) packet->secret, packet->sizeof_secret,
+ packet->data + ma + 2);
+ }
+#endif
+
+ /*
+ * Calculate the signature.
+ */
+ if (!((packet->code == PW_ACCESS_REQUEST) ||
+ (packet->code == PW_STATUS_SERVER))) {
+ RS_MD5_CTX ctx;
+
+ RS_MD5Init(&ctx);
+ RS_MD5Update(&ctx, packet->data, packet->length);
+ RS_MD5Update(&ctx, (const unsigned char *)packet->secret, packet->sizeof_secret);
+ RS_MD5Final(packet->vector, &ctx);
+ }
+
+ memcpy(packet->data + 4, packet->vector, sizeof(packet->vector));
+
+ packet->attempts = 0;
+ packet->flags |= RS_PACKET_SIGNED;
+
+ return 0;
+}
+
+
+static int can_encode_packet(RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original)
+{
+ if ((packet->code == 0) ||
+ (packet->code > RS_MAX_PACKET_CODE) ||
+ (original && (original->code > RS_MAX_PACKET_CODE))) {
+ nr_debug_error("Cannot send unknown packet code");
+ return -RSE_INVALID_REQUEST_CODE;
+ }
+
+ if (!nr_packet_codes[packet->code]) {
+ nr_debug_error("Cannot handle packet code %u",
+ packet->code);
+ return -RSE_INVALID_REQUEST_CODE;
+ }
+
+#ifdef NR_NO_MALLOC
+ if (!packet->data) {
+ nr_debug_error("No place to put packet");
+ return -RSE_NO_PACKET_DATA;
+ }
+#endif
+
+ if (packet->sizeof_data < 20) {
+ nr_debug_error("The buffer is too small to encode the packet");
+ return -RSE_PACKET_TOO_SMALL;
+ }
+
+ /*
+ * Enforce request / response correlation.
+ */
+ if (original) {
+ uint64_t mask;
+
+ mask = 1;
+ mask <<= packet->code;
+
+ if ((allowed_responses[original->code] & mask) == 0) {
+ nr_debug_error("Cannot encode response %u to packet %u",
+ packet->code, original->code);
+ return -RSE_INVALID_RESPONSE_CODE;
+ }
+ packet->id = original->id;
+
+ } else if (allowed_responses[packet->code] == 0) {
+ nr_debug_error("Cannot encode response %u without original",
+ packet->code);
+ return -RSE_REQUEST_REQUIRED;
+ }
+
+ return 0;
+}
+
+static void encode_header(RADIUS_PACKET *packet)
+{
+ if ((packet->flags & RS_PACKET_HEADER) != 0) return;
+
+ memset(packet->data, 0, 20);
+ packet->data[0] = packet->code;
+ packet->data[1] = packet->id;
+ packet->data[2] = 0;
+ packet->data[3] = 20;
+ packet->length = 20;
+
+ /*
+ * Calculate a random authentication vector.
+ */
+ if ((packet->code == PW_ACCESS_REQUEST) ||
+ (packet->code == PW_STATUS_SERVER)) {
+ nr_rand_bytes(packet->vector, sizeof(packet->vector));
+ } else {
+ memset(packet->vector, 0, sizeof(packet->vector));
+ }
+
+ memcpy(packet->data + 4, packet->vector, sizeof(packet->vector));
+
+ packet->flags |= RS_PACKET_HEADER;
+}
+
+int nr_packet_encode(RADIUS_PACKET *packet, const RADIUS_PACKET *original)
+{
+#ifdef PW_MESSAGE_AUTHENTICATOR
+ size_t ma = 0;
+#endif
+ int rcode;
+ ssize_t len;
+ const VALUE_PAIR *vp;
+ uint8_t *data, *end;
+
+ if ((packet->flags & RS_PACKET_ENCODED) != 0) return 0;
+
+ rcode = can_encode_packet(packet, original);
+ if (rcode < 0) return rcode;
+
+ data = packet->data;
+ end = data + packet->sizeof_data;
+
+ encode_header(packet);
+ data += 20;
+
+ /*
+ * Encode each VALUE_PAIR
+ */
+ vp = packet->vps;
+ while (vp) {
+#ifdef PW_MESSAGE_AUTHENTICATOR
+ if (vp->da->attr == PW_MESSAGE_AUTHENTICATOR) {
+ ma = (data - packet->data);
+ }
+#endif
+ len = nr_vp2attr(packet, original, &vp,
+ data, end - data);
+ if (len < 0) return len;
+
+ if (len == 0) break; /* insufficient room to encode it */
+
+ data += data[1];
+ }
+
+#ifdef PW_MESSAGE_AUTHENTICATOR
+ /*
+ * Always send a Message-Authenticator.
+ *
+ * We do *not* recommend removing this code.
+ */
+ if (((packet->code == PW_ACCESS_REQUEST) ||
+ (packet->code == PW_STATUS_SERVER)) &&
+ !ma &&
+ ((data + 18) <= end)) {
+ ma = (data - packet->data);
+ data[0] = PW_MESSAGE_AUTHENTICATOR;
+ data[1] = 18;
+ memset(data + 2, 0, 16);
+ data += data[1];
+ }
+#endif
+
+ packet->length = data - packet->data;
+
+ packet->data[2] = (packet->length >> 8) & 0xff;
+ packet->data[3] = packet->length & 0xff;
+
+ packet->flags |= RS_PACKET_ENCODED;
+
+ return packet->length;
+}
+
+
+/*
+ * Ensure that the nr_data2attr_t structure is filled in
+ * appropriately. This includes filling in a fake DICT_ATTR
+ * structure, if necessary.
+ */
+static int do_callback(void *ctx, nr_packet_walk_func_t callback,
+ int attr, int vendor,
+ const uint8_t *data, size_t sizeof_data)
+
+{
+ int rcode;
+ const DICT_ATTR *da;
+ DICT_ATTR myda;
+ char buffer[64];
+
+ da = nr_dict_attr_byvalue(attr, vendor);
+
+ /*
+ * The attribute is supposed to have a particular length,
+ * but does not. It is therefore malformed.
+ */
+ if (da && (da->flags.length != 0) &&
+ da->flags.length != sizeof_data) {
+ da = NULL;
+ }
+
+ if (!da) {
+ rcode = nr_dict_attr_2struct(&myda, attr, vendor,
+ buffer, sizeof(buffer));
+
+ if (rcode < 0) return rcode;
+ da = &myda;
+ }
+
+ rcode = callback(ctx, da, data, sizeof_data);
+ if (rcode < 0) return rcode;
+
+ return 0;
+}
+
+
+int nr_packet_walk(RADIUS_PACKET *packet, void *ctx,
+ nr_packet_walk_func_t callback)
+{
+ int rcode;
+ uint8_t *attr;
+ const uint8_t *end;
+
+ if (!packet || !callback) return -RSE_INVAL;
+
+ rcode = nr_packet_ok(packet);
+ if (rcode < 0) return rcode;
+
+ end = packet->data + packet->length;
+
+ for (attr = packet->data + 20; attr < end; attr += attr[1]) {
+ int length, value;
+ int dv_type, dv_length;
+ uint32_t vendorpec;
+ const uint8_t *vsa;
+ const DICT_VENDOR *dv = NULL;
+
+ vendorpec = 0;
+ value = attr[0];
+
+ if (value != PW_VENDOR_SPECIFIC) {
+ raw:
+ rcode = do_callback(ctx, callback,
+ attr[0], 0,
+ attr + 2, attr[1] - 2);
+ if (rcode < 0) return rcode;
+ continue;
+ }
+
+ if (attr[1] < 6) goto raw;
+ memcpy(&vendorpec, attr + 2, 4);
+ vendorpec = ntohl(vendorpec);
+
+ if (dv && (dv->vendor != vendorpec)) dv = NULL;
+
+ if (!dv) dv = nr_dict_vendor_byvalue(vendorpec);
+
+ if (dv) {
+ dv_type = dv->type;
+ dv_length = dv->length;
+ } else {
+ dv_type = 1;
+ dv_length = 1;
+ }
+
+ /*
+ * Malformed: it's a raw attribute.
+ */
+ if (nr_tlv_ok(attr + 6, attr[1] - 6, dv_type, dv_length) < 0) {
+ goto raw;
+ }
+
+ for (vsa = attr + 6; vsa < attr + attr[1]; vsa += length) {
+ switch (dv_type) {
+ case 4:
+ value = (vsa[2] << 8) | vsa[3];
+ break;
+
+ case 2:
+ value = (vsa[0] << 8) | vsa[1];
+ break;
+
+ case 1:
+ value = vsa[0];
+ break;
+
+ default:
+ return -RSE_INTERNAL;
+ }
+
+ switch (dv_length) {
+ case 0:
+ length = attr[1] - 6 - dv_type;
+ break;
+
+ case 2:
+ case 1:
+ length = vsa[dv_type + dv_length - 1];
+ break;
+
+ default:
+ return -RSE_INTERNAL;
+ }
+
+ rcode = do_callback(ctx, callback,
+ value, vendorpec,
+ vsa + dv_type + dv_length,
+ length - dv_type - dv_length);
+ if (rcode < 0) return rcode;
+ }
+ }
+
+ return 0;
+}
+
+int nr_packet_init(RADIUS_PACKET *packet, const RADIUS_PACKET *original,
+ const char *secret, int code,
+ void *data, size_t sizeof_data)
+{
+ int rcode;
+
+ if ((code < 0) || (code > RS_MAX_PACKET_CODE)) {
+ return -RSE_INVALID_REQUEST_CODE;
+ }
+
+ if (!data || (sizeof_data < 20)) return -RSE_INVAL;
+
+ memset(packet, 0, sizeof(*packet));
+ packet->secret = secret;
+ packet->sizeof_secret = secret ? strlen(secret) : 0;
+ packet->code = code;
+ packet->id = 0;
+ packet->data = data;
+ packet->sizeof_data = sizeof_data;
+
+ rcode = can_encode_packet(packet, original);
+ if (rcode < 0) return rcode;
+
+ encode_header(packet);
+
+ return 0;
+}
+
+
+static int pack_eap(RADIUS_PACKET *packet,
+ const void *data, size_t data_len)
+{
+ uint8_t *attr, *end;
+ const uint8_t *eap;
+ size_t left;
+
+ eap = data;
+ left = data_len;
+ attr = packet->data + packet->length;
+ end = attr + packet->sizeof_data;
+
+ while (left > 253) {
+ if ((attr + 255) > end) return -RSE_ATTR_OVERFLOW;
+
+ attr[0] = PW_EAP_MESSAGE;
+ attr[1] = 255;
+ memcpy(attr + 2, eap, 253);
+ attr += attr[1];
+ eap += 253;
+ left -= 253;
+ }
+
+ if ((attr + (2 + left)) > end) return -RSE_ATTR_OVERFLOW;
+
+ attr[0] = PW_EAP_MESSAGE;
+ attr[1] = 2 + left;
+ memcpy(attr + 2, eap, left);
+ attr += attr[1];
+ packet->length = attr - packet->data;
+
+ return 0;
+}
+
+ssize_t nr_packet_attr_append(RADIUS_PACKET *packet,
+ const RADIUS_PACKET *original,
+ const DICT_ATTR *da,
+ const void *data, size_t data_len)
+{
+ ssize_t rcode;
+ uint8_t *attr, *end;
+ VALUE_PAIR my_vp;
+ const VALUE_PAIR *vp;
+
+ if (!packet || !da || !data) {
+ return -RSE_INVAL;
+ }
+
+ if (data_len == 0) {
+ if (da->type != RS_TYPE_STRING) return -RSE_ATTR_TOO_SMALL;
+
+ data_len = strlen(data);
+ }
+
+ packet->flags |= RS_PACKET_ENCODED; /* ignore any VPs */
+
+ attr = packet->data + packet->length;
+ end = attr + packet->sizeof_data;
+
+ if ((attr + 2 + data_len) > end) {
+ return -RSE_ATTR_OVERFLOW;
+ }
+
+ if ((da->flags.length != 0) &&
+ (data_len != da->flags.length)) {
+ return -RSE_ATTR_VALUE_MALFORMED;
+ }
+
+#ifdef PW_EAP_MESSAGE
+ /*
+ * automatically split EAP-Message into multiple
+ * attributes.
+ */
+ if (!da->vendor && (da->attr == PW_EAP_MESSAGE) && (data_len > 253)) {
+ return pack_eap(packet, data, data_len);
+ }
+#endif
+
+ if (data_len > 253) return -RSE_ATTR_TOO_LARGE;
+
+ vp = nr_vp_init(&my_vp, da);
+ rcode = nr_vp_set_data(&my_vp, data, data_len);
+ if (rcode < 0) return rcode;
+
+ /*
+ * Note that this function packs VSAs each into their own
+ * Vendor-Specific attribute. If this isn't what you
+ * want, use the version of the library with full support
+ * for TLVs, WiMAX, and extended attributes.
+ */
+ rcode = nr_vp2attr(packet, original, &vp, attr, end - attr);
+ if (rcode <= 0) return rcode;
+
+ packet->length += rcode;
+
+ return rcode;
+}
--- /dev/null
+# -*- text -*-
+#
+# dictionary.juniper
+#
+# As posted to the list by Eric Kilfoil <ekilfoil@uslec.net>
+#
+# Version: $Id$
+#
+
+VENDOR Juniper 2636
+
+BEGIN-VENDOR Juniper
+
+ATTRIBUTE Juniper-Local-User-Name 1 string
+ATTRIBUTE Juniper-Allow-Commands 2 string
+ATTRIBUTE Juniper-Deny-Commands 3 string
+ATTRIBUTE Juniper-Allow-Configuration 4 string
+ATTRIBUTE Juniper-Deny-Configuration 5 string
+ATTRIBUTE Juniper-Interactive-Command 8 string
+ATTRIBUTE Juniper-Configuration-Change 9 string
+ATTRIBUTE Juniper-User-Permissions 10 string
+
+END-VENDOR Juniper
--- /dev/null
+# A minimal dictionary for Microsoft VSAs
+#
+VENDOR Microsoft 311
+
+BEGIN-VENDOR Microsoft
+ATTRIBUTE MS-CHAP-Response 1 octets
+ATTRIBUTE MS-CHAP-Error 2 string
+ATTRIBUTE MS-MPPE-Encryption-Policy 7 octets
+ATTRIBUTE MS-MPPE-Encryption-Types 8 octets
+ATTRIBUTE MS-CHAP-Domain 10 string
+ATTRIBUTE MS-CHAP-Challenge 11 octets
+ATTRIBUTE MS-CHAP-MPPE-Keys 12 octets encrypt=1
+ATTRIBUTE MS-MPPE-Send-Key 16 octets encrypt=2
+ATTRIBUTE MS-MPPE-Recv-Key 17 octets encrypt=2
+ATTRIBUTE MS-CHAP2-Response 25 octets
+ATTRIBUTE MS-CHAP2-Success 26 octets
+END-VENDOR Microsoft
--- /dev/null
+ATTRIBUTE User-Name 1 string
+ATTRIBUTE User-Password 2 string encrypt=1
+ATTRIBUTE CHAP-Password 3 octets
+ATTRIBUTE NAS-IP-Address 4 ipaddr
+ATTRIBUTE NAS-Port 5 integer
+ATTRIBUTE Service-Type 6 integer
+ATTRIBUTE Framed-Protocol 7 integer
+ATTRIBUTE Framed-IP-Address 8 ipaddr
+ATTRIBUTE Framed-IP-Netmask 9 ipaddr
+ATTRIBUTE Framed-Routing 10 integer
+ATTRIBUTE Filter-Id 11 string
+ATTRIBUTE Framed-MTU 12 integer
+ATTRIBUTE Framed-Compression 13 integer
+ATTRIBUTE Login-IP-Host 14 ipaddr
+ATTRIBUTE Login-Service 15 integer
+ATTRIBUTE Login-TCP-Port 16 integer
+ATTRIBUTE Reply-Message 18 string
+ATTRIBUTE Callback-Number 19 string
+ATTRIBUTE Callback-Id 20 string
+ATTRIBUTE Framed-Route 22 string
+ATTRIBUTE Framed-IPX-Network 23 ipaddr
+ATTRIBUTE State 24 octets
+ATTRIBUTE Class 25 octets
+ATTRIBUTE Vendor-Specific 26 octets
+ATTRIBUTE Session-Timeout 27 integer
+ATTRIBUTE Idle-Timeout 28 integer
+ATTRIBUTE Termination-Action 29 integer
+ATTRIBUTE Called-Station-Id 30 string
+ATTRIBUTE Calling-Station-Id 31 string
+ATTRIBUTE NAS-Identifier 32 string
+ATTRIBUTE Proxy-State 33 octets
+ATTRIBUTE Login-LAT-Service 34 string
+ATTRIBUTE Login-LAT-Node 35 string
+ATTRIBUTE Login-LAT-Group 36 octets
+ATTRIBUTE Framed-AppleTalk-Link 37 integer
+ATTRIBUTE Framed-AppleTalk-Network 38 integer
+ATTRIBUTE Framed-AppleTalk-Zone 39 string
+ATTRIBUTE CHAP-Challenge 60 octets
+ATTRIBUTE NAS-Port-Type 61 integer
+ATTRIBUTE Port-Limit 62 integer
+ATTRIBUTE Login-LAT-Port 63 string
+ATTRIBUTE Acct-Status-Type 40 integer
+ATTRIBUTE Acct-Delay-Time 41 integer
+ATTRIBUTE Acct-Input-Octets 42 integer
+ATTRIBUTE Acct-Output-Octets 43 integer
+ATTRIBUTE Acct-Session-Id 44 string
+ATTRIBUTE Acct-Authentic 45 integer
+ATTRIBUTE Acct-Session-Time 46 integer
+ATTRIBUTE Acct-Input-Packets 47 integer
+ATTRIBUTE Acct-Output-Packets 48 integer
+ATTRIBUTE Acct-Terminate-Cause 49 integer
+ATTRIBUTE Acct-Multi-Session-Id 50 string
+ATTRIBUTE Acct-Link-Count 51 integer
+ATTRIBUTE Acct-Tunnel-Connection 68 string
+ATTRIBUTE Acct-Tunnel-Packets-Lost 86 integer
+ATTRIBUTE Tunnel-Type 64 integer has_tag
+ATTRIBUTE Tunnel-Medium-Type 65 integer has_tag
+ATTRIBUTE Tunnel-Client-Endpoint 66 string has_tag
+ATTRIBUTE Tunnel-Server-Endpoint 67 string has_tag
+ATTRIBUTE Tunnel-Password 69 string has_tag,encrypt=2
+ATTRIBUTE Tunnel-Private-Group-Id 81 string has_tag
+ATTRIBUTE Tunnel-Assignment-Id 82 string has_tag
+ATTRIBUTE Tunnel-Preference 83 integer has_tag
+ATTRIBUTE Tunnel-Client-Auth-Id 90 string has_tag
+ATTRIBUTE Tunnel-Server-Auth-Id 91 string has_tag
+ATTRIBUTE Acct-Input-Gigawords 52 integer
+ATTRIBUTE Acct-Output-Gigawords 53 integer
+ATTRIBUTE Event-Timestamp 55 date
+ATTRIBUTE ARAP-Password 70 octets[16]
+ATTRIBUTE ARAP-Features 71 octets[14]
+ATTRIBUTE ARAP-Zone-Access 72 integer
+ATTRIBUTE ARAP-Security 73 integer
+ATTRIBUTE ARAP-Security-Data 74 string
+ATTRIBUTE Password-Retry 75 integer
+ATTRIBUTE Prompt 76 integer
+ATTRIBUTE Connect-Info 77 string
+ATTRIBUTE Configuration-Token 78 string
+ATTRIBUTE EAP-Message 79 octets
+ATTRIBUTE Message-Authenticator 80 octets
+ATTRIBUTE ARAP-Challenge-Response 84 octets[8]
+ATTRIBUTE Acct-Interim-Interval 85 integer
+ATTRIBUTE NAS-Port-Id 87 string
+ATTRIBUTE Framed-Pool 88 string
+ATTRIBUTE NAS-IPv6-Address 95 ipv6addr
+ATTRIBUTE Framed-Interface-Id 96 ifid
+ATTRIBUTE Framed-IPv6-Prefix 97 ipv6prefix
+ATTRIBUTE Login-IPv6-Host 98 ipv6addr
+ATTRIBUTE Framed-IPv6-Route 99 string
+ATTRIBUTE Framed-IPv6-Pool 100 string
+ATTRIBUTE Error-Cause 101 integer
+ATTRIBUTE EAP-Key-Name 102 string
+ATTRIBUTE Chargeable-User-Identity 89 string
+ATTRIBUTE Egress-VLANID 56 integer
+ATTRIBUTE Ingress-Filters 57 integer
+ATTRIBUTE Egress-VLAN-Name 58 string
+ATTRIBUTE User-Priority-Table 59 octets
+ATTRIBUTE Delegated-IPv6-Prefix 123 ipv6prefix
+ATTRIBUTE NAS-Filter-Rule 92 string
+ATTRIBUTE Digest-Response 103 string
+ATTRIBUTE Digest-Realm 104 string
+ATTRIBUTE Digest-Nonce 105 string
+ATTRIBUTE Digest-Response-Auth 106 string
+ATTRIBUTE Digest-Nextnonce 107 string
+ATTRIBUTE Digest-Method 108 string
+ATTRIBUTE Digest-URI 109 string
+ATTRIBUTE Digest-Qop 110 string
+ATTRIBUTE Digest-Algorithm 111 string
+ATTRIBUTE Digest-Entity-Body-Hash 112 string
+ATTRIBUTE Digest-CNonce 113 string
+ATTRIBUTE Digest-Nonce-Count 114 string
+ATTRIBUTE Digest-Username 115 string
+ATTRIBUTE Digest-Opaque 116 string
+ATTRIBUTE Digest-Auth-Param 117 string
+ATTRIBUTE Digest-AKA-Auts 118 string
+ATTRIBUTE Digest-Domain 119 string
+ATTRIBUTE Digest-Stale 120 string
+ATTRIBUTE Digest-HA1 121 string
+ATTRIBUTE SIP-AOR 122 string
+ATTRIBUTE Operator-Name 126 string
+ATTRIBUTE Location-Information 127 octets
+ATTRIBUTE Location-Data 128 octets
+ATTRIBUTE Basic-Location-Policy-Rules 129 octets
+ATTRIBUTE Extended-Location-Policy-Rules 130 octets
+ATTRIBUTE Location-Capable 131 integer
+ATTRIBUTE Requested-Location-Info 132 integer
+ATTRIBUTE Framed-Management 133 integer
+ATTRIBUTE Management-Transport-Protection 134 integer
+ATTRIBUTE Management-Policy-Id 135 string
+ATTRIBUTE Management-Privilege-Level 136 integer
+ATTRIBUTE PKM-SS-Cert 137 octets
+ATTRIBUTE PKM-CA-Cert 138 octets
+ATTRIBUTE PKM-Config-Settings 139 octets
+ATTRIBUTE PKM-Cryptosuite-List 140 octets
+ATTRIBUTE PKM-SAID 141 short
+ATTRIBUTE PKM-SA-Descriptor 142 octets
+ATTRIBUTE PKM-Auth-Key 143 octets
--- /dev/null
+# -*- text -*-
+#
+# GSS-EAP VSAs
+#
+# $Id$
+#
+
+VENDOR UKERNA 25622
+
+BEGIN-VENDOR UKERNA
+
+ATTRIBUTE GSS-Acceptor-Service-Name 128 string
+ATTRIBUTE GSS-Acceptor-Host-Name 129 string
+ATTRIBUTE GSS-Acceptor-Service-Specific 130 string
+ATTRIBUTE GSS-Acceptor-Realm-Name 131 string
+ATTRIBUTE SAML-AAA-Assertion 132 string
+ATTRIBUTE MS-Windows-Auth-Data 133 octets
+ATTRIBUTE MS-Windows-Group-Sid 134 string
+
+END-VENDOR UKERNA
--- /dev/null
+# a sample vendor-specific dictionary
+
+VENDOR example 65535
+
+BEGIN-VENDOR example
+ATTRIBUTE Example-Integer 1 integer
+ATTRIBUTE Example-String 2 string
+ATTRIBUTE Example-IP-Address 3 ipaddr
+
+END-VENDOR example
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/** \file static.c
+ * \brief Dummy file to include auto-generating static dictionary mappings.
+ */
+
+#include "client.h"
+
+/*
+ * Include the dynamically generated dictionaries.
+ */
+#include "dictionaries.c"
--- /dev/null
+#
+# GNU Makefile
+#
+.PHONY: all clean
+all: radattr
+
+HEADERS := ../client.h ../radius.h
+CFLAGS := -g
+
+%.o : %.c
+ $(CC) $(CFLAGS) -I.. -I. -c $<
+
+%.o: ${HEADERS}
+
+LIBS := -lcrypto -lssl
+LDFLAGS = -L.. -lnetworkradius-client
+
+../libnetworkradius-client.a:
+ @${MAKE} -C .. libnetworkradius-client.a
+
+radattr: radattr.o ../libnetworkradius-client.a
+ ${CC} ${LFDLAGS} ${LIBS} -o $@ $^
+
+clean:
+ @rm -rf *.o *.a *~
--- /dev/null
+/*
+ * Copyright (C) 2011 Network RADIUS SARL <info@networkradius.com>
+ *
+ * This software may not be redistributed in any form without the prior
+ * written consent of Network RADIUS.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <networkradius-devel/client.h>
+
+#include <ctype.h>
+
+#include <assert.h>
+
+static int packet_code = PW_ACCESS_REQUEST;
+static int packet_id = 1;
+static uint8_t packet_vector[16] = { 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0 };
+static char secret[256] = "testing123";
+
+static int encode_tlv(char *buffer, uint8_t *output, size_t outlen);
+
+static const char *hextab = "0123456789abcdef";
+
+static int encode_data_string(char *buffer,
+ uint8_t *output, size_t outlen)
+{
+ int length = 0;
+ char *p;
+
+ p = buffer + 1;
+
+ while (*p && (outlen > 0)) {
+ if (*p == '"') {
+ return length;
+ }
+
+ if (*p != '\\') {
+ *(output++) = *(p++);
+ outlen--;
+ length++;
+ continue;
+ }
+
+ switch (p[1]) {
+ default:
+ *(output++) = p[1];
+ break;
+
+ case 'n':
+ *(output++) = '\n';
+ break;
+
+ case 'r':
+ *(output++) = '\r';
+ break;
+
+ case 't':
+ *(output++) = '\t';
+ break;
+ }
+
+ outlen--;
+ length++;
+ }
+
+ fprintf(stderr, "String is not terminated\n");
+ return 0;
+}
+
+static int encode_data_tlv(char *buffer, char **endptr,
+ uint8_t *output, size_t outlen)
+{
+ int depth = 0;
+ int length;
+ char *p;
+
+ for (p = buffer; *p != '\0'; p++) {
+ if (*p == '{') depth++;
+ if (*p == '}') {
+ depth--;
+ if (depth == 0) break;
+ }
+ }
+
+ if (*p != '}') {
+ fprintf(stderr, "No trailing '}' in string starting "
+ "with \"%s\"\n",
+ buffer);
+ return 0;
+ }
+
+ *endptr = p + 1;
+ *p = '\0';
+
+ p = buffer + 1;
+ while (isspace((int) *p)) p++;
+
+ length = encode_tlv(p, output, outlen);
+ if (length == 0) return 0;
+
+ return length;
+}
+
+static int encode_hex(char *p, uint8_t *output, size_t outlen)
+{
+ int length = 0;
+ while (*p) {
+ char *c1, *c2;
+
+ while (isspace((int) *p)) p++;
+
+ if (!*p) break;
+
+ if(!(c1 = memchr(hextab, tolower((int) p[0]), 16)) ||
+ !(c2 = memchr(hextab, tolower((int) p[1]), 16))) {
+ fprintf(stderr, "Invalid data starting at "
+ "\"%s\"\n", p);
+ return 0;
+ }
+
+ *output = ((c1 - hextab) << 4) + (c2 - hextab);
+ output++;
+ length++;
+ p += 2;
+
+ outlen--;
+ if (outlen == 0) {
+ fprintf(stderr, "Too much data\n");
+ return 0;
+ }
+ }
+
+ return length;
+}
+
+
+static int encode_data(char *p, uint8_t *output, size_t outlen)
+{
+ int length;
+
+ if (!isspace((int) *p)) {
+ fprintf(stderr, "Invalid character following attribute "
+ "definition\n");
+ return 0;
+ }
+
+ while (isspace((int) *p)) p++;
+
+ if (*p == '{') {
+ int sublen;
+ char *q;
+
+ length = 0;
+
+ do {
+ while (isspace((int) *p)) p++;
+ if (!*p) {
+ if (length == 0) {
+ fprintf(stderr, "No data\n");
+ return 0;
+ }
+
+ break;
+ }
+
+ sublen = encode_data_tlv(p, &q, output, outlen);
+ if (sublen == 0) return 0;
+
+ length += sublen;
+ output += sublen;
+ outlen -= sublen;
+ p = q;
+ } while (*q);
+
+ return length;
+ }
+
+ if (*p == '"') {
+ length = encode_data_string(p, output, outlen);
+ return length;
+ }
+
+ length = encode_hex(p, output, outlen);
+
+ if (length == 0) {
+ fprintf(stderr, "Empty string\n");
+ return 0;
+ }
+
+ return length;
+}
+
+static int decode_attr(char *buffer, char **endptr)
+{
+ long attr;
+
+ attr = strtol(buffer, endptr, 10);
+ if (*endptr == buffer) {
+ fprintf(stderr, "No valid number found in string "
+ "starting with \"%s\"\n", buffer);
+ return 0;
+ }
+
+ if (!**endptr) {
+ fprintf(stderr, "Nothing follows attribute number\n");
+ return 0;
+ }
+
+ if ((attr <= 0) || (attr > 256)) {
+ fprintf(stderr, "Attribute number is out of valid "
+ "range\n");
+ return 0;
+ }
+
+ return (int) attr;
+}
+
+static int decode_vendor(char *buffer, char **endptr)
+{
+ long vendor;
+
+ if (*buffer != '.') {
+ fprintf(stderr, "Invalid separator before vendor id\n");
+ return 0;
+ }
+
+ vendor = strtol(buffer + 1, endptr, 10);
+ if (*endptr == (buffer + 1)) {
+ fprintf(stderr, "No valid vendor number found\n");
+ return 0;
+ }
+
+ if (!**endptr) {
+ fprintf(stderr, "Nothing follows vendor number\n");
+ return 0;
+ }
+
+ if ((vendor <= 0) || (vendor > (1 << 24))) {
+ fprintf(stderr, "Vendor number is out of valid range\n");
+ return 0;
+ }
+
+ if (**endptr != '.') {
+ fprintf(stderr, "Invalid data following vendor number\n");
+ return 0;
+ }
+ (*endptr)++;
+
+ return (int) vendor;
+}
+
+static int encode_tlv(char *buffer, uint8_t *output, size_t outlen)
+{
+ int attr;
+ int length;
+ char *p;
+
+ attr = decode_attr(buffer, &p);
+ if (attr == 0) return 0;
+
+ output[0] = attr;
+ output[1] = 2;
+
+ if (*p == '.') {
+ p++;
+ length = encode_tlv(p, output + 2, outlen - 2);
+
+ } else {
+ length = encode_data(p, output + 2, outlen - 2);
+ }
+
+ if (length == 0) return 0;
+ if (length > (255 - 2)) {
+ fprintf(stderr, "TLV data is too long\n");
+ return 0;
+ }
+
+ output[1] += length;
+
+ return length + 2;
+}
+
+static int encode_vsa(char *buffer, uint8_t *output, size_t outlen)
+{
+ int vendor;
+ int length;
+ char *p;
+
+ vendor = decode_vendor(buffer, &p);
+ if (vendor == 0) return 0;
+
+ output[0] = 0;
+ output[1] = (vendor >> 16) & 0xff;
+ output[2] = (vendor >> 8) & 0xff;
+ output[3] = vendor & 0xff;
+
+ length = encode_tlv(p, output + 4, outlen - 4);
+ if (length == 0) return 0;
+ if (length > (255 - 6)) {
+ fprintf(stderr, "VSA data is too long\n");
+ return 0;
+ }
+
+
+ return length + 4;
+}
+
+static int encode_evs(char *buffer, uint8_t *output, size_t outlen)
+{
+ int vendor;
+ int attr;
+ int length;
+ char *p;
+
+ vendor = decode_vendor(buffer, &p);
+ if (vendor == 0) return 0;
+
+ attr = decode_attr(p, &p);
+ if (attr == 0) return 0;
+
+ output[0] = 0;
+ output[1] = (vendor >> 16) & 0xff;
+ output[2] = (vendor >> 8) & 0xff;
+ output[3] = vendor & 0xff;
+ output[4] = attr;
+
+ length = encode_data(p, output + 5, outlen - 5);
+ if (length == 0) return 0;
+
+ return length + 5;
+}
+
+static int encode_extended(char *buffer,
+ uint8_t *output, size_t outlen)
+{
+ int attr;
+ int length;
+ char *p;
+
+ attr = decode_attr(buffer, &p);
+ if (attr == 0) return 0;
+
+ output[0] = attr;
+
+ if (attr == 26) {
+ length = encode_evs(p, output + 1, outlen - 1);
+ } else {
+ length = encode_data(p, output + 1, outlen - 1);
+ }
+ if (length == 0) return 0;
+ if (length > (255 - 3)) {
+ fprintf(stderr, "Extended Attr data is too long\n");
+ return 0;
+ }
+
+ return length + 1;
+}
+
+static int encode_extended_flags(char *buffer,
+ uint8_t *output, size_t outlen)
+{
+ int attr;
+ int length, total;
+ char *p;
+
+ attr = decode_attr(buffer, &p);
+ if (attr == 0) return 0;
+
+ /* output[0] is the extended attribute */
+ output[1] = 4;
+ output[2] = attr;
+ output[3] = 0;
+
+ if (attr == 26) {
+ length = encode_evs(p, output + 4, outlen - 4);
+ if (length == 0) return 0;
+
+ output[1] += 5;
+ length -= 5;
+ } else {
+ length = encode_data(p, output + 4, outlen - 4);
+ }
+ if (length == 0) return 0;
+
+ total = 0;
+ while (1) {
+ int sublen = 255 - output[1];
+
+ if (length <= sublen) {
+ output[1] += length;
+ total += output[1];
+ break;
+ }
+
+ length -= sublen;
+
+ memmove(output + 255 + 4, output + 255, length);
+ memcpy(output + 255, output, 4);
+
+ output[1] = 255;
+ output[3] |= 0x80;
+
+ output += 255;
+ output[1] = 4;
+ total += 255;
+ }
+
+ return total;
+}
+
+static int encode_rfc(char *buffer, uint8_t *output, size_t outlen)
+{
+ int attr;
+ int length, sublen;
+ char *p;
+
+ attr = decode_attr(buffer, &p);
+ if (attr == 0) return 0;
+
+ length = 2;
+ output[0] = attr;
+ output[1] = 2;
+
+ if (attr == 26) {
+ sublen = encode_vsa(p, output + 2, outlen - 2);
+
+ } else if ((attr < 241) || (attr > 246)) {
+ sublen = encode_data(p, output + 2, outlen - 2);
+
+ } else {
+ if (*p != '.') {
+ fprintf(stderr, "Invalid data following "
+ "attribute number\n");
+ return 0;
+ }
+
+ if (attr < 245) {
+ sublen = encode_extended(p + 1,
+ output + 2, outlen - 2);
+ } else {
+
+ /*
+ * Not like the others!
+ */
+ return encode_extended_flags(p + 1, output, outlen);
+ }
+ }
+ if (sublen == 0) return 0;
+ if (sublen > (255 -2)) {
+ fprintf(stderr, "RFC Data is too long\n");
+ return 0;
+ }
+
+ output[1] += sublen;
+ return length + sublen;
+}
+
+static int walk_callback(void *ctx, const DICT_ATTR *da,
+ const uint8_t *data, size_t sizeof_data)
+{
+ char **p = ctx;
+
+ sprintf(*p, "v%u a%u l%ld,",
+ da->vendor, da->attr, sizeof_data);
+
+ *p += strlen(*p);
+}
+
+static void process_file(const char *filename)
+{
+ int lineno, rcode;
+ size_t i, outlen;
+ ssize_t len, data_len;
+ FILE *fp;
+ RADIUS_PACKET packet;
+ char input[8192], buffer[8192];
+ char output[8192];
+ uint8_t *attr, data[2048];
+
+ if (strcmp(filename, "-") == 0) {
+ fp = stdin;
+ filename = "<stdin>";
+
+ } else {
+ fp = fopen(filename, "r");
+ if (!fp) {
+ fprintf(stderr, "Error opening %s: %s\n",
+ filename, strerror(errno));
+ exit(1);
+ }
+ }
+
+ lineno = 0;
+ *output = '\0';
+ data_len = 0;
+
+ while (fgets(buffer, sizeof(buffer), fp) != NULL) {
+ char *p = strchr(buffer, '\n');
+ VALUE_PAIR *vp, *head = NULL;
+ VALUE_PAIR **tail = &head;
+
+ lineno++;
+
+ if (!p) {
+ if (!feof(fp)) {
+ fprintf(stderr, "Line %d too long in %s\n",
+ lineno, filename);
+ exit(1);
+ }
+ } else {
+ *p = '\0';
+ }
+
+ p = strchr(buffer, '#');
+ if (p) *p = '\0';
+
+ p = buffer;
+ while (isspace((int) *p)) p++;
+ if (!*p) continue;
+
+ strcpy(input, p);
+
+ if (strncmp(p, "raw ", 4) == 0) {
+ outlen = encode_rfc(p + 4, data, sizeof(data));
+ if (outlen == 0) {
+ fprintf(stderr, "Parse error in line %d of %s\n",
+ lineno, filename);
+ exit(1);
+ }
+
+ print_hex:
+ if (outlen == 0) {
+ output[0] = 0;
+ continue;
+ }
+
+ data_len = outlen;
+ for (i = 0; i < outlen; i++) {
+ snprintf(output + 3*i, sizeof(output),
+ "%02x ", data[i]);
+ }
+ outlen = strlen(output);
+ output[outlen - 1] = '\0';
+ continue;
+ }
+
+ if (strncmp(p, "data ", 5) == 0) {
+ if (strcmp(p + 5, output) != 0) {
+ fprintf(stderr, "Mismatch in line %d of %s, expected: %s\n",
+ lineno, filename, output);
+ exit(1);
+ }
+ continue;
+ }
+
+ head = NULL;
+ if (strncmp(p, "encode ", 7) == 0) {
+ if (strcmp(p + 7, "-") == 0) {
+ p = output;
+ } else {
+ p += 7;
+ }
+
+ rcode = nr_vp_sscanf(p, &head);
+ if (rcode < 0) {
+ strcpy(output, nr_strerror(rcode));
+ continue;
+ }
+
+ attr = data;
+ vp = head;
+ while (vp != NULL) {
+ len = nr_vp2attr(NULL, NULL, &vp,
+ attr, sizeof(data) - (attr - data));
+ if (len < 0) {
+ fprintf(stderr, "Failed encoding %s: %s\n",
+ vp->da->name, nr_strerror(len));
+ exit(1);
+ }
+
+ attr += len;
+ if (len == 0) break;
+ }
+
+ nr_vp_free(&head);
+ outlen = len;
+ goto print_hex;
+ }
+
+ if (strncmp(p, "decode ", 7) == 0) {
+ ssize_t my_len;
+
+ if (strcmp(p + 7, "-") == 0) {
+ attr = data;
+ len = data_len;
+ } else {
+ attr = data;
+ len = encode_hex(p + 7, data, sizeof(data));
+ if (len == 0) {
+ fprintf(stderr, "Failed decoding hex string at line %d of %s\n", lineno, filename);
+ exit(1);
+ }
+ }
+
+ while (len > 0) {
+ vp = NULL;
+ my_len = nr_attr2vp(NULL, NULL,
+ attr, len, &vp);
+ if (my_len < 0) {
+ nr_vp_free(&head);
+ break;
+ }
+
+ if (my_len > len) {
+ fprintf(stderr, "Internal sanity check failed at %d\n", __LINE__);
+ exit(1);
+ }
+
+ *tail = vp;
+ while (vp) {
+ tail = &(vp->next);
+ vp = vp->next;
+ }
+
+ attr += my_len;
+ len -= my_len;
+ }
+
+ /*
+ * Output may be an error, and we ignore
+ * it if so.
+ */
+ if (head) {
+ p = output;
+ for (vp = head; vp != NULL; vp = vp->next) {
+ nr_vp_snprintf(p, sizeof(output) - (p - output), vp);
+ p += strlen(p);
+
+ if (vp->next) {strcpy(p, ", ");
+ p += 2;
+ }
+ }
+
+ nr_vp_free(&head);
+ } else if (my_len < 0) {
+ strcpy(output, nr_strerror(my_len));
+
+ } else { /* zero-length attribute */
+ *output = '\0';
+ }
+ continue;
+ }
+
+ if (strncmp(p, "walk ", 5) == 0) {
+ len = encode_hex(p + 5, data + 20, sizeof(data) - 20);
+
+ if (len == 0) {
+ fprintf(stderr, "Failed decoding hex string at line %d of %s\n", lineno, filename);
+ exit(1);
+ }
+
+ memset(data, 0, 20);
+ packet.data = data;
+ packet.length = len + 20;
+ packet.data[2] = ((len + 20) >> 8) & 0xff;
+ packet.data[3] = (len + 20) & 0xff;
+
+ *output = '\0';
+ p = output;
+
+ rcode = nr_packet_walk(&packet, &p, walk_callback);
+ if (rcode < 0) {
+ snprintf(output, sizeof(output), "%d", rcode);
+ continue;
+ }
+
+ if (*output) output[strlen(output) - 1] = '\0';
+ continue;
+ }
+
+ if (strncmp(p, "$INCLUDE ", 9) == 0) {
+ p += 9;
+ while (isspace((int) *p)) p++;
+
+ process_file(p);
+ continue;
+ }
+
+ if (strncmp(p, "secret ", 7) == 0) {
+ strlcpy(secret, p + 7, sizeof(secret));
+ strlcpy(output, secret, sizeof(output));
+ continue;
+ }
+
+ if (strncmp(p, "code ", 5) == 0) {
+ packet_code = atoi(p + 5);
+ snprintf(output, sizeof(output), "%u", packet_code);
+ continue;
+ }
+
+ if (strncmp(p, "sign ", 5) == 0) {
+ len = encode_hex(p + 5, data + 20, sizeof(data) - 20);
+ if (len == 0) {
+ fprintf(stderr, "Failed decoding hex string at line %d of %s\n", lineno, filename);
+ exit(1);
+ }
+
+ memset(&packet, 0, sizeof(packet));
+ packet.secret = secret;
+ packet.sizeof_secret = strlen(secret);
+ packet.code = packet_code;
+ packet.id = packet_id;
+ memcpy(packet.vector, packet_vector, 16);
+ packet.data = data;
+ packet.length = len + 20;
+
+ /*
+ * Hack encode the packet.
+ */
+ packet.data[0] = packet_code;
+ packet.data[1] = packet_id;
+ packet.data[2] = ((len + 20) >> 8) & 0xff;
+ packet.data[3] = (len + 20) & 0xff;
+ memcpy(packet.data + 4, packet_vector, 16);
+
+ rcode = nr_packet_sign(&packet, NULL);
+ if (rcode < 0) {
+ snprintf(output, sizeof(output), "%d", rcode);
+ continue;
+ }
+
+ memcpy(data, packet.vector, sizeof(packet.vector));
+ outlen = sizeof(packet.vector);
+ goto print_hex;
+ }
+
+ fprintf(stderr, "Unknown input at line %d of %s\n",
+ lineno, filename);
+ exit(1);
+ }
+
+ if (fp != stdin) fclose(fp);
+}
+
+int main(int argc, char *argv[])
+{
+ int c;
+
+ if (argc < 2) {
+ process_file("-");
+
+ } else {
+ process_file(argv[1]);
+ }
+
+ return 0;
+}
--- /dev/null
+# All attribute lengths are implicit, and are calculated automatically
+#
+# Input is of the form:
+#
+# WORD ...
+#
+# The WORD is a keyword which indicates the format of the following text.
+# WORD is one of:
+#
+# raw - read the grammar defined below, and encode an attribute.
+# The grammer supports a trivial way of describing RADIUS
+# attributes, without reference to dictionaries or fancy
+# parsers
+#
+# encode - reads "Attribute-Name = value", encodes it, and prints
+# the result as text.
+# use "-" to encode the output of the last command
+#
+# decode - reads hex, and decodes it "Attribute-Name = value"
+# use "-" to decode the output of the last command
+#
+# data - the expected output of the previous command, in ASCII form.
+# if the actual command output is different, an error message
+# is produced, and the program terminates.
+#
+#
+# The "raw" input satisfies the following grammar:
+#
+# Identifier = 1*DIGIT *( "." 1*DIGIT )
+#
+# HEXCHAR = HEXDIG HEXDIG
+#
+# STRING = DQUOTE *CHAR DQUOTE
+#
+# TLV = "{" 1*DIGIT DATA "}"
+#
+# DATA = 1*HEXCHAR / 1*TLV / STRING
+#
+# LINE = Identifier DATA
+#
+# The "Identifier" is a RADIUS attribute identifier, as given in the draft.
+#
+# e.g. 1 for User-Name
+# 26.9.1 Vendor-Specific, Cisco, Cisco-AVPAir
+# 241.1 Extended Attribute, number 1
+# 241.2.3 Extended Attribute 2, data type TLV, TLV type 3
+# etc.
+#
+# The "DATA" portion is the contents of the RADIUS Attribute.
+#
+# 123456789abcdef hex string
+# 12 34 56 ab with spaces for clarity
+# "hello" Text string
+# { 1 abcdef } TLV, TLV-Type 1, data "abcdef"
+#
+# TLVs can be nested:
+#
+# { tlv-type { tlv-type data } } { 3 { 4 01020304 } }
+#
+# TLVs can be concatencated
+#
+# {tlv-type data } { tlv-type data} { 3 040506 } { 8 aabbcc }
+#
+# The "raw" data is encoded without reference to dictionaries. Any
+# valid string is parsed to a RADIUS attribute. The resulting RADIUS
+# attribute *may not* be correctly formatted to the relevant RADIUS
+# specifications. i.e. you can use this tool to create attribute 1
+# (User-Name), which is encoded as a series of TLVs. That's up to you.
+#
+# The purpose of the "raw" command is to have a simple way of encoding
+# attributes which is independent of any dictionaries or packet processing
+# routines.
+#
+# The output data is the hex version of the encoded attribute.
+#
+
+encode User-Name = bob
+data 01 05 62 6f 62
+
+decode -
+data User-Name = "bob"
+
+decode 01 05 62 6f 62
+data User-Name = "bob"
+
+#
+# The Type/Length is OK, but the attribute data is of the wrong size.
+#
+decode 04 04 ab cd
+data Attr-4 = 0xabcd
+
+# Zero-length attributes
+decode 01 02
+data
+
+# don't encode zero-length attributes
+#encode User-Name = ""
+#data
+
+# except for CUI. Thank you, WiMAX!
+decode 59 02
+data Chargeable-User-Identity = ""
+
+# Hah! Thought you had it figured out, didn't you?
+#encode -
+#data 59 02
+
+encode NAS-Port = 10
+data 05 06 00 00 00 0a
+
+decode -
+data NAS-Port = 10
+
+walk 05 06 00 00 00 0a
+data v0 a5 l4
+
+walk 05 06 00 00 00 0a 02 06 00 00 00 0a
+data v0 a5 l4,v0 a2 l4
+
+walk 1a 0c 00 00 00 01 05 06 00 00 00 0a
+data v1 a5 l4
+
+walk 1a 12 00 00 00 01 05 06 00 00 00 0a 03 06 00 00 00 0a
+data v1 a5 l4,v1 a3 l4
+
+# Access-Request, code 1, authentication vector of zero
+sign 05 06 00 00 00 0a
+data 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
+
+code 4
+
+sign 05 06 00 00 00 0a
+data 62 63 f1 db 80 70 a6 64 37 31 63 e4 aa 95 5a 68
+
+sign 05 06 00 00 00 0a
+data 62 63 f1 db 80 70 a6 64 37 31 63 e4 aa 95 5a 68
+
+secret hello
+sign 05 06 00 00 00 0a
+data 69 20 c0 b9 e1 2f 12 54 9f 92 16 5e f4 64 9b fd
+
+secret testing123
+sign 05 06 00 00 00 0a
+data 62 63 f1 db 80 70 a6 64 37 31 63 e4 aa 95 5a 68
--- /dev/null
+/*
+Copyright (c) 2011, Network RADIUS SARL
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+ * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+ * Neither the name of the <organization> nor the
+ names of its contributors may be used to endorse or promote products
+ derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
+DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/** \file valuepair.c
+ * \brief Functions to manipulate C structure versions of RADIUS attributes.
+ */
+
+#include "client.h"
+
+void nr_vp_free(VALUE_PAIR **head)
+{
+ VALUE_PAIR *next, *vp;
+
+ for (vp = *head; vp != NULL; vp = next) {
+ next = vp->next;
+ if (vp->da->flags.encrypt) {
+ memset(vp, 0, sizeof(vp));
+ }
+ free(vp);
+ }
+
+ *head = NULL;
+}
+
+
+VALUE_PAIR *nr_vp_init(VALUE_PAIR *vp, const DICT_ATTR *da)
+{
+ memset(vp, 0, sizeof(*vp));
+
+ vp->da = da;
+ vp->length = da->flags.length;
+
+ return vp;
+}
+
+
+VALUE_PAIR *nr_vp_alloc(const DICT_ATTR *da)
+{
+ VALUE_PAIR *vp = NULL;
+
+ if (!da) {
+ nr_strerror_printf("Unknown attribute");
+ return NULL;
+ }
+
+ vp = malloc(sizeof(*vp));
+ if (!vp) {
+ nr_strerror_printf("Out of memory");
+ return NULL;
+ }
+
+ return nr_vp_init(vp, da);
+}
+
+VALUE_PAIR *nr_vp_alloc_raw(unsigned int attr, unsigned int vendor)
+{
+ VALUE_PAIR *vp = NULL;
+ DICT_ATTR *da;
+
+ vp = malloc(sizeof(*vp) + sizeof(*da) + 64);
+ if (!vp) {
+ nr_strerror_printf("Out of memory");
+ return NULL;
+ }
+ memset(vp, 0, sizeof(*vp));
+
+ da = (DICT_ATTR *) (vp + 1);
+
+ if (nr_dict_attr_2struct(da, attr, vendor, (char *) (da + 1), 64) < 0) {
+ free(vp);
+ return NULL;
+ }
+
+ vp->da = da;
+
+ return vp;
+}
+
+int nr_vp_set_data(VALUE_PAIR *vp, const void *data, size_t sizeof_data)
+{
+ int rcode = 1; /* OK */
+
+ if (!vp || !data || (sizeof_data == 0)) return -RSE_INVAL;
+
+ switch (vp->da->type) {
+ case RS_TYPE_BYTE:
+ vp->vp_integer = *(const uint8_t *) data;
+ break;
+
+ case RS_TYPE_SHORT:
+ vp->vp_integer = *(const uint16_t *) data;
+ break;
+
+ case RS_TYPE_INTEGER:
+ case RS_TYPE_DATE:
+ case RS_TYPE_IPADDR:
+ vp->vp_integer = *(const uint32_t *) data;
+ break;
+
+ case RS_TYPE_STRING:
+ if (sizeof_data >= sizeof(vp->vp_strvalue)) {
+ sizeof_data = sizeof(vp->vp_strvalue) - 1;
+ rcode = 0; /* truncated */
+ }
+
+ memcpy(vp->vp_strvalue, (const char *) data, sizeof_data);
+ vp->vp_strvalue[sizeof_data + 1] = '\0';
+ vp->length = sizeof_data;
+ break;
+
+ case RS_TYPE_OCTETS:
+ if (sizeof_data > sizeof(vp->vp_octets)) {
+ sizeof_data = sizeof(vp->vp_octets);
+ rcode = 0; /* truncated */
+ }
+ memcpy(vp->vp_octets, data, sizeof_data);
+ vp->length = sizeof_data;
+ break;
+
+ default:
+ return -RSE_ATTR_TYPE_UNKNOWN;
+ }
+
+ return rcode;
+}
+
+VALUE_PAIR *nr_vp_create(int attr, int vendor, const void *data, size_t data_len)
+{
+ const DICT_ATTR *da;
+ VALUE_PAIR *vp;
+
+ da = nr_dict_attr_byvalue(attr, vendor);
+ if (!da) return NULL;
+
+ vp = nr_vp_alloc(da);
+ if (!vp) return NULL;
+
+ if (nr_vp_set_data(vp, data, data_len) < 0) {
+ nr_vp_free(&vp);
+ return NULL;
+ }
+
+ return vp;
+}
+
+void nr_vps_append(VALUE_PAIR **head, VALUE_PAIR *tail)
+{
+ if (!tail) return;
+
+ while (*head) {
+ head = &((*head)->next);
+ }
+
+ *head = tail;
+}
+
+VALUE_PAIR *nr_vps_find(VALUE_PAIR *head,
+ unsigned int attr, unsigned int vendor)
+{
+ while (head) {
+ if ((head->da->attr == attr) &&
+ (head->da->vendor == vendor)) return head;
+ head = head->next;
+ }
+
+ return NULL;
+}
#include <libgen.h>
#include <assert.h>
-#include <freeradius/libradius.h>
+#include <radius/client.h>
#include <event2/event.h>
#include <event2/util.h>
#include <radsec/radsec.h>
#if defined (RS_ENABLE_TLS)
ssl_init ();
#endif
-#if defined (DEBUG)
- fr_log_fp = stderr;
- fr_debug_flag = 1;
-#endif
- debug_init ("libradsec"); /* radsecproxy compat, FIXME: remove */
- fr_randinit (&h->fr_randctx, 0);
- fr_rand_seed (NULL, 0);
+ debug_init ("libradsec"); /* radsecproxy compat, FIXME: remove */
if (ctx != NULL)
*ctx = h;
return RSE_OK;
}
-/** Initialize freeradius dictionary. */
-int
-rs_context_init_freeradius_dict (struct rs_context *ctx, const char *dict)
-{
- int r = RSE_OK;
- size_t dictlen;
- char *dir = NULL;
- char *fn = NULL;
-
- if (dict == NULL)
- if (ctx->config != NULL && ctx->config->dictionary)
- dict = ctx->config->dictionary;
-
- if (dict == NULL)
- dict = RS_FREERADIUS_DICT;
-
- dictlen = strlen (dict);
- dir = rs_calloc (ctx, 1, dictlen + 1);
- fn = rs_calloc (ctx, 1, dictlen + 1);
- if (dir == NULL || fn == NULL)
- {
- r = rs_err_ctx_push_fl (ctx, RSE_NOMEM, __FILE__, __LINE__, NULL);
- goto out;
- }
- strncpy (dir, dict, dictlen);
- strncpy (fn, dict, dictlen);
-
- if (dict_init (dirname (dir), basename (fn)) < 0)
- {
- r = rs_err_ctx_push_fl (ctx, RSE_FR, __FILE__, __LINE__,
- "failing dict_init(\"%s\")", dict);
- goto out;
- }
-
- out:
- if (dir)
- rs_free (ctx, dir);
- if (fn)
- rs_free (ctx, fn);
- return r;
-}
-
struct rs_error *
rs_resolve (struct evutil_addrinfo **addr,
rs_conn_type_t type,
+rs_attr_display_name
+rs_attr_find
+rs_attr_parse_name
+rs_avp_alloc
+rs_avp_append
+rs_avp_attrid
+rs_avp_byte_set
+rs_avp_byte_value
+rs_avp_date_set
+rs_avp_date_value
+rs_avp_delete
+rs_avp_display_value
+rs_avp_dup
+rs_avp_find
+rs_avp_find_const
+rs_avp_fragmented_value
+rs_avp_free
+rs_avp_ifid_set
+rs_avp_ifid_value
+rs_avp_integer_set
+rs_avp_integer_value
+rs_avp_ipaddr_set
+rs_avp_ipaddr_value
+rs_avp_length
+rs_avp_name
+rs_avp_next
+rs_avp_next_const
+rs_avp_octets_set
+rs_avp_octets_value
+rs_avp_octets_value_byref
+rs_avp_octets_value_const_ptr
+rs_avp_octets_value_ptr
+rs_avp_short_set
+rs_avp_short_value
+rs_avp_string_set
+rs_avp_string_value
+rs_avp_typeof
rs_conf_find_realm
rs_conn_add_listener
rs_conn_create
rs_conn_set_type
rs_context_create
rs_context_destroy
-rs_context_init_freeradius_dict
rs_context_read_config
rs_context_set_alloc_scheme
rs_dump_packet
rs_err_ctx_push_fl
rs_err_free
rs_err_msg
+rs_packet_append_avp
+rs_packet_avps
+rs_packet_code
rs_packet_create
rs_packet_create_authn_request
rs_packet_destroy
-rs_packet_frpkt
rs_packet_send
rs_peer_create
rs_peer_set_address
#include <radsec/radsec-impl.h>
#include <radsec/request.h>
#include <radsec/request-impl.h>
-#include <freeradius/libradius.h>
+#include <radius/client.h>
#include "debug.h"
#include "conn.h"
#include "tcp.h"
static void
_rand_rt (struct timeval *res, uint32_t rtprev, uint32_t factor)
{
- uint32_t ms = rtprev * (fr_rand () % factor);
+ uint32_t ms = rtprev * (nr_rand () % factor);
res->tv_sec = rtprev + ms / 1000;
res->tv_usec = (ms % 1000) * 1000;
}
* copyright notice and this permission notice appear in all copies.
*/
+#include <netinet/in.h>
#include <openssl/ssl.h>
#if defined (__cplusplus)
#include <event2/bufferevent_ssl.h>
#include <openssl/err.h>
#endif
+#include <radius/client.h>
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
#include "tcp.h"
if (n == RS_HEADER_LEN)
{
pkt->flags |= rs_packet_hdr_read_flag;
- pkt->rpkt->data_len = (pkt->hdr[2] << 8) + pkt->hdr[3];
- if (pkt->rpkt->data_len < 20 || pkt->rpkt->data_len > 4096)
+ pkt->rpkt->length = (pkt->hdr[2] << 8) + pkt->hdr[3];
+ if (pkt->rpkt->length < 20 || pkt->rpkt->length > RS_MAX_PACKET_LEN)
{
conn_close (&pkt->conn);
return rs_err_conn_push (pkt->conn, RSE_INVALID_PKT,
"invalid packet length: %d",
- pkt->rpkt->data_len);
- }
- pkt->rpkt->data = rs_malloc (pkt->conn->ctx, pkt->rpkt->data_len);
- if (!pkt->rpkt->data)
- {
- conn_close (&pkt->conn);
- return rs_err_conn_push_fl (pkt->conn, RSE_NOMEM, __FILE__, __LINE__,
- NULL);
+ pkt->rpkt->length);
}
memcpy (pkt->rpkt->data, pkt->hdr, RS_HEADER_LEN);
bufferevent_setwatermark (pkt->conn->bev, EV_READ,
- pkt->rpkt->data_len - RS_HEADER_LEN, 0);
+ pkt->rpkt->length - RS_HEADER_LEN, 0);
rs_debug (("%s: packet header read, total pkt len=%d\n",
- __func__, pkt->rpkt->data_len));
+ __func__, pkt->rpkt->length));
}
else if (n < 0)
{
_read_packet (struct rs_packet *pkt)
{
size_t n = 0;
+ int err;
rs_debug (("%s: trying to read %d octets of packet data\n", __func__,
- pkt->rpkt->data_len - RS_HEADER_LEN));
+ pkt->rpkt->length - RS_HEADER_LEN));
n = bufferevent_read (pkt->conn->bev,
pkt->rpkt->data + RS_HEADER_LEN,
- pkt->rpkt->data_len - RS_HEADER_LEN);
+ pkt->rpkt->length - RS_HEADER_LEN);
rs_debug (("%s: read %ld octets of packet data\n", __func__, n));
- if (n == pkt->rpkt->data_len - RS_HEADER_LEN)
+ if (n == pkt->rpkt->length - RS_HEADER_LEN)
{
bufferevent_disable (pkt->conn->bev, EV_READ);
rs_debug (("%s: complete packet read\n", __func__));
- invalid code field
- attribute lengths >= 2
- attribute sizes adding up correctly */
- if (!rad_packet_ok (pkt->rpkt, 0))
+ err = nr_packet_ok (pkt->rpkt);
+ if (err != RSE_OK)
{
conn_close (&pkt->conn);
- return rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
- "invalid packet: %s", fr_strerror ());
+ return rs_err_conn_push_fl (pkt->conn, err, __FILE__, __LINE__,
+ "invalid packet");
}
#if defined (DEBUG)
rs_debug (("%s: buffer frozen when reading packet\n", __func__));
else /* Short packet. */
rs_debug (("%s: waiting for another %d octets\n", __func__,
- pkt->rpkt->data_len - RS_HEADER_LEN - n));
+ pkt->rpkt->length - RS_HEADER_LEN - n));
return 0;
}
#include <stdlib.h>
#include <cgreen/cgreen.h>
-#include <freeradius/libradius.h>
#include "radsec/radsec.h"
#include "radsec/request.h"
#include "udp.h"
rs_request_add_reqpkt (req, msg);
assert_true (rs_request_send (req, &resp) == 0);
//printf ("%s\n", rs_err_msg (rs_err_conn_pop (conn), 1));
- assert_true (rs_packet_frpkt (resp)->code == PW_AUTHENTICATION_ACK);
+ assert_true (rs_packet_code(resp) == PW_ACCESS_ACCEPT);
rs_request_destroy (req);
}
assert_true (rs_packet_send (msg1, NULL) == 0);
}
+#if 0
static void
send_large_packet (struct rs_connection *conn)
{
char *buf;
int f;
- buf = malloc (4096);
+ buf = malloc (RS_MAX_PACKET_LEN);
assert_true (buf != NULL);
- memset (buf, 0, 4096);
+ memset (buf, 0, RS_MAX_PACKET_LEN);
assert_true (rs_packet_create (conn, &msg0) == 0);
- frpkt = rs_packet_frpkt (msg0);
- assert_true (frpkt != NULL);
/* 16 chunks --> heap corruption in evbuffer_drain detected by free() */
for (f = 0; f < 15; f++)
{
- VALUE_PAIR *vp = NULL;
memset (buf, 'a' + f, 252);
- vp = pairmake ("EAP-Message", buf, T_OP_EQ);
- assert_true (vp != NULL);
- pairadd (&frpkt->vps, vp);
+ //vp = pairmake ("EAP-Message", buf, T_OP_EQ);
+ assert_true (rs_packet_append_avp (msg0, fixme...) == RSE_OK);
}
assert_true (rs_packet_send (msg0, NULL) == 0);
}
+#endif /* 0 */
/* ************************************************************ */
static struct setup {
hd (buf, len);
#endif
assert_true (len >= 20);
- assert_true (len <= 4096);
+ assert_true (len <= RS_MAX_PACKET_LEN);
assert_true ((buf[2] << 8) + buf[3] == len);
return len;
}
assert_true (rs_context_create (&ctx) == 0);
assert_true (rs_context_read_config (ctx, "test.conf") == 0);
- assert_true (rs_context_init_freeradius_dict (ctx, NULL) == 0);
assert_true (rs_conn_create (ctx, &conn, "test-udp-buffering") == 0);
timeout.tv_sec = 0;
long timeout;
fd_set rfds;
ssize_t len;
- uint8_t buf[4096];
+ uint8_t buf[RS_MAX_PACKET_LEN];
FD_ZERO (&rfds);
FD_SET (data->s, &rfds);
#include <sys/types.h>
#include <sys/socket.h>
#include <event2/event.h>
+#include <radius/client.h>
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
#include "debug.h"
assert (pkt->rpkt->data);
/* Send. */
- r = compat_send (fd, pkt->rpkt->data, pkt->rpkt->data_len, 0);
+ r = compat_send (fd, pkt->rpkt->data, pkt->rpkt->length, 0);
if (r == -1)
{
int sockerr = evutil_socket_geterror (pkt->conn->fd);
evutil_socket_error_to_string (sockerr));
}
- assert (r == pkt->rpkt->data_len);
+ assert (r == pkt->rpkt->length);
/* Unlink the packet. */
conn->out_queue = pkt->next;
static void
_evcb (evutil_socket_t fd, short what, void *user_data)
{
+ int err;
+
rs_debug (("%s: fd=%d what =", __func__, fd));
if (what & EV_TIMEOUT) rs_debug ((" TIMEOUT"));
if (what & EV_READ) rs_debug ((" READ"));
assert (pkt);
assert (pkt->conn);
+ assert (pkt->rpkt->data);
- pkt->rpkt->data = rs_malloc (pkt->conn->ctx, 4096);
- if (pkt->rpkt->data == NULL)
- {
- rs_err_conn_push_fl (pkt->conn, RSE_NOMEM, __FILE__, __LINE__, NULL);
- return;
- }
- r = compat_recv (fd, pkt->rpkt->data, 4096, MSG_TRUNC);
+ r = compat_recv (fd, pkt->rpkt->data, RS_MAX_PACKET_LEN, MSG_TRUNC);
if (r == -1)
{
int sockerr = evutil_socket_geterror (pkt->conn->fd);
return;
}
event_del (pkt->conn->tev);
- if (r < 20 || r > 4096) /* Short or long packet. */
+ if (r < 20 || r > RS_MAX_PACKET_LEN) /* Short or long packet. */
{
rs_err_conn_push (pkt->conn, RSE_INVALID_PKT,
"invalid packet length: %d",
- pkt->rpkt->data_len);
+ pkt->rpkt->length);
return;
}
- pkt->rpkt->data_len = (pkt->rpkt->data[2] << 8) + pkt->rpkt->data[3];
- if (!rad_packet_ok (pkt->rpkt, 0))
+ pkt->rpkt->length = (pkt->rpkt->data[2] << 8) + pkt->rpkt->data[3];
+ err = nr_packet_ok (pkt->rpkt);
+ if (err)
{
- rs_err_conn_push_fl (pkt->conn, RSE_FR, __FILE__, __LINE__,
- "invalid packet: %s", fr_strerror ());
+ rs_err_conn_push_fl (pkt->conn, err, __FILE__, __LINE__,
+ "invalid packet");
return;
}
/* Hand over message to user. This changes ownership of pkt.
projects / libradsec.git / commitdiff