Index: head/Makefile.inc1 =================================================================== --- head/Makefile.inc1 (revision 296046) +++ head/Makefile.inc1 (revision 296047) @@ -1,2443 +1,2443 @@ # # $FreeBSD$ # # Make command line options: # -DNO_CLEANDIR run ${MAKE} clean, instead of ${MAKE} cleandir # -DNO_CLEAN do not clean at all # -DDB_FROM_SRC use the user/group databases in src/etc instead of # the system database when installing. # -DNO_SHARE do not go into share subdir # -DKERNFAST define NO_KERNEL{CONFIG,CLEAN,DEPEND,OBJ} # -DNO_KERNELCONFIG do not run config in ${MAKE} buildkernel # -DNO_KERNELCLEAN do not run ${MAKE} clean in ${MAKE} buildkernel # -DNO_KERNELDEPEND do not run ${MAKE} depend in ${MAKE} buildkernel # -DNO_KERNELOBJ do not run ${MAKE} obj in ${MAKE} buildkernel # -DNO_PORTSUPDATE do not update ports in ${MAKE} update # -DNO_ROOT install without using root privilege # -DNO_DOCUPDATE do not update doc in ${MAKE} update # -DWITHOUT_CTF do not run the DTrace CTF conversion tools on built objects # LOCAL_DIRS="list of dirs" to add additional dirs to the SUBDIR list # LOCAL_ITOOLS="list of tools" to add additional tools to the ITOOLS list # LOCAL_LIB_DIRS="list of dirs" to add additional dirs to libraries target # LOCAL_MTREE="list of mtree files" to process to allow local directories # to be created before files are installed # LOCAL_TOOL_DIRS="list of dirs" to add additional dirs to the build-tools # list # METALOG="path to metadata log" to write permission and ownership # when NO_ROOT is set. (default: ${DESTDIR}/METALOG) # TARGET="machine" to crossbuild world for a different machine type # TARGET_ARCH= may be required when a TARGET supports multiple endians # BUILDENV_SHELL= shell to launch for the buildenv target (def:${SHELL}) # WORLD_FLAGS= additional flags to pass to make(1) during buildworld # KERNEL_FLAGS= additional flags to pass to make(1) during buildkernel # SUBDIR_OVERRIDE="list of dirs" to build rather than everything. # All libraries and includes, and some build tools will still build. # # The intended user-driven targets are: # buildworld - rebuild *everything*, including glue to help do upgrades # installworld- install everything built by "buildworld" # checkworld - run test suite on installed world # doxygen - build API documentation of the kernel # update - convenient way to update your source tree (eg: svn/svnup) # # Standard targets (not defined here) are documented in the makefiles in # /usr/share/mk. These include: # obj depend all install clean cleandepend cleanobj .if !defined(TARGET) || !defined(TARGET_ARCH) .error "Both TARGET and TARGET_ARCH must be defined." .endif LOCALBASE?= /usr/local # Cross toolchain changes must be in effect before bsd.compiler.mk # so that gets the right CC, and pass CROSS_TOOLCHAIN to submakes. .if defined(CROSS_TOOLCHAIN) .include "${LOCALBASE}/share/toolchains/${CROSS_TOOLCHAIN}.mk" CROSSENV+=CROSS_TOOLCHAIN="${CROSS_TOOLCHAIN}" .endif .include # don't depend on src.opts.mk doing it .include "share/mk/src.opts.mk" # We must do lib/ and libexec/ before bin/ in case of a mid-install error to # keep the users system reasonably usable. For static->dynamic root upgrades, # we don't want to install a dynamic binary without rtld and the needed # libraries. More commonly, for dynamic root, we don't want to install a # binary that requires a newer library version that hasn't been installed yet. # This ordering is not a guarantee though. The only guarantee of a working # system here would require fine-grained ordering of all components based # on their dependencies. SRCDIR?= ${.CURDIR} .if !empty(SUBDIR_OVERRIDE) SUBDIR= ${SUBDIR_OVERRIDE} .else SUBDIR= lib libexec .if !defined(NO_ROOT) && (make(installworld) || make(install)) # Ensure libraries are installed before progressing. SUBDIR+=.WAIT .endif SUBDIR+=bin .if ${MK_CDDL} != "no" SUBDIR+=cddl .endif SUBDIR+=gnu include .if ${MK_KERBEROS} != "no" SUBDIR+=kerberos5 .endif .if ${MK_RESCUE} != "no" SUBDIR+=rescue .endif SUBDIR+=sbin .if ${MK_CRYPT} != "no" SUBDIR+=secure .endif .if !defined(NO_SHARE) SUBDIR+=share .endif SUBDIR+=sys usr.bin usr.sbin .if ${MK_TESTS} != "no" SUBDIR+= tests .endif .if ${MK_OFED} != "no" SUBDIR+=contrib/ofed .endif # Local directories are last, since it is nice to at least get the base # system rebuilt before you do them. .for _DIR in ${LOCAL_DIRS} .if exists(${.CURDIR}/${_DIR}/Makefile) SUBDIR+= ${_DIR} .endif .endfor # Add LOCAL_LIB_DIRS, but only if they will not be picked up as a SUBDIR # of a LOCAL_DIRS directory. This allows LOCAL_DIRS=foo and # LOCAL_LIB_DIRS=foo/lib to behave as expected. .for _DIR in ${LOCAL_DIRS:M*/} ${LOCAL_DIRS:N*/:S|$|/|} _REDUNDENT_LIB_DIRS+= ${LOCAL_LIB_DIRS:M${_DIR}*} .endfor .for _DIR in ${LOCAL_LIB_DIRS} .if empty(_REDUNDENT_LIB_DIRS:M${_DIR}) && exists(${.CURDIR}/${_DIR}/Makefile) SUBDIR+= ${_DIR} .else .warning ${_DIR} not added to SUBDIR list. See UPDATING 20141121. .endif .endfor # We must do etc/ last as it hooks into building the man whatis file # by calling 'makedb' in share/man. This is only relevant for # install/distribute so they build the whatis file after every manpage is # installed. .if make(installworld) || make(install) SUBDIR+=.WAIT .endif SUBDIR+=etc .endif # !empty(SUBDIR_OVERRIDE) .if defined(NOCLEAN) .warning NOCLEAN option is deprecated. Use NO_CLEAN instead. NO_CLEAN= ${NOCLEAN} .endif .if defined(NO_CLEANDIR) CLEANDIR= clean cleandepend .else CLEANDIR= cleandir .endif # FAST_DEPEND can skip depend tree-walks. .if ${MK_FAST_DEPEND} == "yes" NO_DEPEND= t NO_KERNELDEPEND=t .endif # Ensure shell checks later have a value. .if defined(NO_DEPEND) NO_DEPEND= t .endif LOCAL_TOOL_DIRS?= PACKAGEDIR?= ${DESTDIR}/${DISTDIR} .if empty(SHELL:M*csh*) BUILDENV_SHELL?=${SHELL} .else BUILDENV_SHELL?=/bin/sh .endif SVN?= /usr/local/bin/svn SVNFLAGS?= -r HEAD MAKEOBJDIRPREFIX?= /usr/obj .if !defined(OSRELDATE) .if exists(/usr/include/osreldate.h) OSRELDATE!= awk '/^\#define[[:space:]]*__FreeBSD_version/ { print $$3 }' \ /usr/include/osreldate.h .else OSRELDATE= 0 .endif .export OSRELDATE .endif # Set VERSION for CTFMERGE to use via the default CTFFLAGS=-L VERSION. .if !defined(VERSION) && !make(showconfig) REVISION!= ${MAKE} -C ${SRCDIR}/release -V REVISION BRANCH!= ${MAKE} -C ${SRCDIR}/release -V BRANCH SRCRELDATE!= awk '/^\#define[[:space:]]*__FreeBSD_version/ { print $$3 }' \ ${SRCDIR}/sys/sys/param.h VERSION= FreeBSD ${REVISION}-${BRANCH:C/-p[0-9]+$//} ${TARGET_ARCH} ${SRCRELDATE} .export VERSION .endif KNOWN_ARCHES?= aarch64/arm64 \ amd64 \ arm \ armeb/arm \ armv6/arm \ armv6hf/arm \ i386 \ i386/pc98 \ mips \ mipsel/mips \ mips64el/mips \ mips64/mips \ mipsn32el/mips \ mipsn32/mips \ powerpc \ powerpc64/powerpc \ riscv64/riscv \ sparc64 .if ${TARGET} == ${TARGET_ARCH} _t= ${TARGET} .else _t= ${TARGET_ARCH}/${TARGET} .endif .for _t in ${_t} .if empty(KNOWN_ARCHES:M${_t}) .error Unknown target ${TARGET_ARCH}:${TARGET}. .endif .endfor .if ${TARGET} == ${MACHINE} TARGET_CPUTYPE?=${CPUTYPE} .else TARGET_CPUTYPE?= .endif .if !empty(TARGET_CPUTYPE) _TARGET_CPUTYPE=${TARGET_CPUTYPE} .else _TARGET_CPUTYPE=dummy .endif # Skip for showconfig as it is just wasted time and may invoke auto.obj.mk. .if !make(showconfig) _CPUTYPE!= MAKEFLAGS= CPUTYPE=${_TARGET_CPUTYPE} ${MAKE} \ -f /dev/null -m ${.CURDIR}/share/mk -V CPUTYPE .if ${_CPUTYPE} != ${_TARGET_CPUTYPE} .error CPUTYPE global should be set with ?=. .endif .endif .if make(buildworld) BUILD_ARCH!= uname -p .if ${MACHINE_ARCH} != ${BUILD_ARCH} .error To cross-build, set TARGET_ARCH. .endif .endif .if ${MACHINE} == ${TARGET} && ${MACHINE_ARCH} == ${TARGET_ARCH} && !defined(CROSS_BUILD_TESTING) OBJTREE= ${MAKEOBJDIRPREFIX} .else OBJTREE= ${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH} .endif WORLDTMP= ${OBJTREE}${.CURDIR}/tmp BPATH= ${WORLDTMP}/legacy/usr/sbin:${WORLDTMP}/legacy/usr/bin:${WORLDTMP}/legacy/bin XPATH= ${WORLDTMP}/usr/sbin:${WORLDTMP}/usr/bin STRICTTMPPATH= ${BPATH}:${XPATH} TMPPATH= ${STRICTTMPPATH}:${PATH} # # Avoid running mktemp(1) unless actually needed. # It may not be functional, e.g., due to new ABI # when in the middle of installing over this system. # .if make(distributeworld) || make(installworld) INSTALLTMP!= /usr/bin/mktemp -d -u -t install .endif # # Building a world goes through the following stages # # 1. legacy stage [BMAKE] # This stage is responsible for creating compatibility # shims that are needed by the bootstrap-tools, # build-tools and cross-tools stages. These are generally # APIs that tools from one of those three stages need to # build that aren't present on the host. # 1. bootstrap-tools stage [BMAKE] # This stage is responsible for creating programs that # are needed for backward compatibility reasons. They # are not built as cross-tools. # 2. build-tools stage [TMAKE] # This stage is responsible for creating the object # tree and building any tools that are needed during # the build process. Some programs are listed during # this phase because they build binaries to generate # files needed to build these programs. This stage also # builds the 'build-tools' target rather than 'all'. # 3. cross-tools stage [XMAKE] # This stage is responsible for creating any tools that # are needed for building the system. A cross-compiler is one # of them. This differs from build tools in two ways: # 1. the 'all' target is built rather than 'build-tools' # 2. these tools are installed into TMPPATH for stage 4. # 4. world stage [WMAKE] # This stage actually builds the world. # 5. install stage (optional) [IMAKE] # This stage installs a previously built world. # BOOTSTRAPPING?= 0 # Common environment for world related stages CROSSENV+= MAKEOBJDIRPREFIX=${OBJTREE} \ MACHINE_ARCH=${TARGET_ARCH} \ MACHINE=${TARGET} \ CPUTYPE=${TARGET_CPUTYPE} .if ${MK_GROFF} != "no" CROSSENV+= GROFF_BIN_PATH=${WORLDTMP}/legacy/usr/bin \ GROFF_FONT_PATH=${WORLDTMP}/legacy/usr/share/groff_font \ GROFF_TMAC_PATH=${WORLDTMP}/legacy/usr/share/tmac .endif .if defined(TARGET_CFLAGS) CROSSENV+= ${TARGET_CFLAGS} .endif # bootstrap-tools stage BMAKEENV= INSTALL="sh ${.CURDIR}/tools/install.sh" \ PATH=${BPATH}:${PATH} \ WORLDTMP=${WORLDTMP} \ MAKEFLAGS="-m ${.CURDIR}/tools/build/mk ${.MAKEFLAGS}" # need to keep this in sync with targets/pseudo/bootstrap-tools/Makefile BSARGS= DESTDIR= \ BOOTSTRAPPING=${OSRELDATE} \ SSP_CFLAGS= \ MK_HTML=no NO_LINT=yes MK_MAN=no \ -DNO_PIC MK_PROFILE=no -DNO_SHARED \ -DNO_CPU_CFLAGS MK_WARNS=no MK_CTF=no \ MK_CLANG_EXTRAS=no MK_CLANG_FULL=no \ MK_LLDB=no MK_TESTS=no \ MK_INCLUDES=yes BMAKE= MAKEOBJDIRPREFIX=${WORLDTMP} \ ${BMAKEENV} ${MAKE} ${WORLD_FLAGS} -f Makefile.inc1 \ ${BSARGS} # build-tools stage TMAKE= MAKEOBJDIRPREFIX=${OBJTREE} \ ${BMAKEENV} ${MAKE} ${WORLD_FLAGS} -f Makefile.inc1 \ TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH} \ DESTDIR= \ BOOTSTRAPPING=${OSRELDATE} \ SSP_CFLAGS= \ -DNO_LINT \ -DNO_CPU_CFLAGS MK_WARNS=no MK_CTF=no \ MK_CLANG_EXTRAS=no MK_CLANG_FULL=no \ MK_LLDB=no MK_TESTS=no # cross-tools stage XMAKE= TOOLS_PREFIX=${WORLDTMP} ${BMAKE} \ TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH} \ MK_GDB=no MK_TESTS=no # kernel-tools stage KTMAKEENV= INSTALL="sh ${.CURDIR}/tools/install.sh" \ PATH=${BPATH}:${PATH} \ WORLDTMP=${WORLDTMP} KTMAKE= TOOLS_PREFIX=${WORLDTMP} MAKEOBJDIRPREFIX=${WORLDTMP} \ ${KTMAKEENV} ${MAKE} ${WORLD_FLAGS} -f Makefile.inc1 \ DESTDIR= \ BOOTSTRAPPING=${OSRELDATE} \ SSP_CFLAGS= \ MK_HTML=no -DNO_LINT MK_MAN=no \ -DNO_PIC MK_PROFILE=no -DNO_SHARED \ -DNO_CPU_CFLAGS MK_WARNS=no MK_CTF=no # world stage WMAKEENV= ${CROSSENV} \ _LDSCRIPTROOT= \ INSTALL="sh ${.CURDIR}/tools/install.sh" \ PATH=${TMPPATH} # make hierarchy HMAKE= PATH=${TMPPATH} ${MAKE} LOCAL_MTREE=${LOCAL_MTREE:Q} .if defined(NO_ROOT) HMAKE+= PATH=${TMPPATH} METALOG=${METALOG} -DNO_ROOT .endif .if defined(CROSS_TOOLCHAIN_PREFIX) CROSS_COMPILER_PREFIX?=${CROSS_TOOLCHAIN_PREFIX} CROSS_BINUTILS_PREFIX?=${CROSS_TOOLCHAIN_PREFIX} .endif # If we do not have a bootstrap binutils (because the in-tree one does not # support the target architecture), provide a default cross-binutils prefix. # This allows aarch64 builds, for example, to automatically use the # aarch64-binutils port or package. .if !make(showconfig) .if !empty(BROKEN_OPTIONS:MBINUTILS_BOOTSTRAP) && \ !defined(CROSS_BINUTILS_PREFIX) CROSS_BINUTILS_PREFIX=/usr/local/${TARGET_ARCH}-freebsd/bin/ .if !exists(${CROSS_BINUTILS_PREFIX}) .error In-tree binutils does not support the ${TARGET_ARCH} architecture. Install the ${TARGET_ARCH}-binutils port or package or set CROSS_BINUTILS_PREFIX. .endif .endif .endif XCOMPILERS= CC CXX CPP .for COMPILER in ${XCOMPILERS} .if defined(CROSS_COMPILER_PREFIX) X${COMPILER}?= ${CROSS_COMPILER_PREFIX}${${COMPILER}} .else X${COMPILER}?= ${${COMPILER}} .endif .endfor XBINUTILS= AS AR LD NM OBJCOPY OBJDUMP RANLIB SIZE STRINGS .for BINUTIL in ${XBINUTILS} .if defined(CROSS_BINUTILS_PREFIX) && \ exists(${CROSS_BINUTILS_PREFIX}${${BINUTIL}}) X${BINUTIL}?= ${CROSS_BINUTILS_PREFIX}${${BINUTIL}} .else X${BINUTIL}?= ${${BINUTIL}} .endif .endfor CROSSENV+= CC="${XCC} ${XCFLAGS}" CXX="${XCXX} ${XCFLAGS} ${XCXXFLAGS}" \ DEPFLAGS="${DEPFLAGS}" \ CPP="${XCPP} ${XCFLAGS}" \ AS="${XAS}" AR="${XAR}" LD="${XLD}" NM=${XNM} \ OBJDUMP=${XOBJDUMP} OBJCOPY="${XOBJCOPY}" \ RANLIB=${XRANLIB} STRINGS=${XSTRINGS} \ SIZE="${XSIZE}" .if ${XCC:N${CCACHE_BIN}:M/*} .if defined(CROSS_BINUTILS_PREFIX) # In the case of xdev-build tools, CROSS_BINUTILS_PREFIX won't be a # directory, but the compiler will look in the right place for it's # tools so we don't need to tell it where to look. .if exists(${CROSS_BINUTILS_PREFIX}) BFLAGS+= -B${CROSS_BINUTILS_PREFIX} .endif .else BFLAGS+= -B${WORLDTMP}/usr/bin .endif .if ${TARGET} == "arm" .if ${TARGET_ARCH:M*hf*} != "" TARGET_ABI= gnueabihf .else TARGET_ABI= gnueabi .endif .endif .if defined(X_COMPILER_TYPE) && ${X_COMPILER_TYPE} == gcc XCFLAGS+= -isystem ${WORLDTMP}/usr/include -L${WORLDTMP}/usr/lib XCXXFLAGS+= -I${WORLDTMP}/usr/include/c++/v1 -std=gnu++11 -L${WORLDTMP}/../lib/libc++ # XXX: DEPFLAGS is a workaround for not properly passing CXXFLAGS to sub-makes # due to CXX="${XCXX} ${XCXXFLAGS}". bsd.dep.mk does use CXXFLAGS when # building C++ files so this can come out if passing CXXFLAGS down is fixed. DEPFLAGS+= -I${WORLDTMP}/usr/include/c++/v1 .else TARGET_ABI?= unknown TARGET_TRIPLE?= ${TARGET_ARCH:C/amd64/x86_64/}-${TARGET_ABI}-freebsd11.0 XCFLAGS+= -target ${TARGET_TRIPLE} .endif XCFLAGS+= --sysroot=${WORLDTMP} ${BFLAGS} XCXXFLAGS+= --sysroot=${WORLDTMP} ${BFLAGS} .else .if defined(CROSS_BINUTILS_PREFIX) && exists(${CROSS_BINUTILS_PREFIX}) BFLAGS+= -B${CROSS_BINUTILS_PREFIX} XCFLAGS+= ${BFLAGS} XCXXFLAGS+= ${BFLAGS} .endif .endif # ${XCC:M/*} WMAKE= ${WMAKEENV} ${MAKE} ${WORLD_FLAGS} -f Makefile.inc1 DESTDIR=${WORLDTMP} .if ${TARGET_ARCH} == "amd64" || ${TARGET_ARCH} == "powerpc64" # 32 bit world LIB32_OBJTREE= ${OBJTREE}${.CURDIR}/world32 LIB32TMP= ${OBJTREE}${.CURDIR}/lib32 .if ${TARGET_ARCH} == "amd64" .if empty(TARGET_CPUTYPE) LIB32CPUFLAGS= -march=i686 -mmmx -msse -msse2 .else LIB32CPUFLAGS= -march=${TARGET_CPUTYPE} .endif LIB32WMAKEENV= MACHINE=i386 MACHINE_ARCH=i386 \ MACHINE_CPU="i686 mmx sse sse2" LIB32WMAKEFLAGS= \ AS="${XAS} --32" \ LD="${XLD} -m elf_i386_fbsd -Y P,${LIB32TMP}/usr/lib32" \ OBJCOPY="${XOBJCOPY}" .elif ${TARGET_ARCH} == "powerpc64" .if empty(TARGET_CPUTYPE) LIB32CPUFLAGS= -mcpu=powerpc .else LIB32CPUFLAGS= -mcpu=${TARGET_CPUTYPE} .endif LIB32WMAKEENV= MACHINE=powerpc MACHINE_ARCH=powerpc LIB32WMAKEFLAGS= \ LD="${XLD} -m elf32ppc_fbsd" \ OBJCOPY="${XOBJCOPY}" .endif LIB32FLAGS= -m32 ${LIB32CPUFLAGS} -DCOMPAT_32BIT \ -isystem ${LIB32TMP}/usr/include/ \ -L${LIB32TMP}/usr/lib32 \ -B${LIB32TMP}/usr/lib32 .if ${XCC:N${CCACHE_BIN}:M/*} LIB32FLAGS+= --sysroot=${WORLDTMP} .endif # Yes, the flags are redundant. LIB32WMAKEENV+= MAKEOBJDIRPREFIX=${LIB32_OBJTREE} \ _LDSCRIPTROOT=${LIB32TMP} \ INSTALL="sh ${.CURDIR}/tools/install.sh" \ PATH=${TMPPATH} \ LIBDIR=/usr/lib32 \ SHLIBDIR=/usr/lib32 \ DTRACE="${DTRACE} -32" LIB32WMAKEFLAGS+= CC="${XCC} ${LIB32FLAGS}" \ CXX="${XCXX} ${LIB32FLAGS}" \ DESTDIR=${LIB32TMP} \ -DCOMPAT_32BIT \ -DLIBRARIES_ONLY \ -DNO_CPU_CFLAGS \ MK_CTF=no \ -DNO_LINT \ MK_TESTS=no LIB32WMAKE= ${LIB32WMAKEENV} ${MAKE} ${LIB32WMAKEFLAGS} \ MK_MAN=no MK_HTML=no LIB32IMAKE= ${LIB32WMAKE:NINSTALL=*:NDESTDIR=*:N_LDSCRIPTROOT=*} \ MK_TOOLCHAIN=no ${IMAKE_INSTALL} .endif IMAKEENV= ${CROSSENV:N_LDSCRIPTROOT=*} IMAKE= ${IMAKEENV} ${MAKE} -f Makefile.inc1 \ ${IMAKE_INSTALL} ${IMAKE_MTREE} .if empty(.MAKEFLAGS:M-n) IMAKEENV+= PATH=${STRICTTMPPATH}:${INSTALLTMP} \ LD_LIBRARY_PATH=${INSTALLTMP} \ PATH_LOCALE=${INSTALLTMP}/locale IMAKE+= __MAKE_SHELL=${INSTALLTMP}/sh .else IMAKEENV+= PATH=${TMPPATH}:${INSTALLTMP} .endif .if defined(DB_FROM_SRC) INSTALLFLAGS+= -N ${.CURDIR}/etc MTREEFLAGS+= -N ${.CURDIR}/etc .endif _INSTALL_DDIR= ${DESTDIR}/${DISTDIR} INSTALL_DDIR= ${_INSTALL_DDIR:S://:/:g:C:/$::} .if defined(NO_ROOT) METALOG?= ${DESTDIR}/${DISTDIR}/METALOG IMAKE+= -DNO_ROOT METALOG=${METALOG} INSTALLFLAGS+= -U -M ${METALOG} -D ${INSTALL_DDIR} MTREEFLAGS+= -W .endif .if defined(DB_FROM_SRC) || defined(NO_ROOT) IMAKE_INSTALL= INSTALL="install ${INSTALLFLAGS}" IMAKE_MTREE= MTREE_CMD="mtree ${MTREEFLAGS}" .endif # kernel stage KMAKEENV= ${WMAKEENV} KMAKE= ${KMAKEENV} ${MAKE} ${.MAKEFLAGS} ${KERNEL_FLAGS} KERNEL=${INSTKERNNAME} # # buildworld # # Attempt to rebuild the entire system, with reasonable chance of # success, regardless of how old your existing system is. # _worldtmp: .PHONY .if ${.CURDIR:C/[^,]//g} != "" # The m4 build of sendmail files doesn't like it if ',' is used # anywhere in the path of it's files. @echo @echo "*** Error: path to source tree contains a comma ','" @echo false .endif @echo @echo "--------------------------------------------------------------" @echo ">>> Rebuilding the temporary build tree" @echo "--------------------------------------------------------------" .if !defined(NO_CLEAN) rm -rf ${WORLDTMP} .if defined(LIB32TMP) rm -rf ${LIB32TMP} .endif .else rm -rf ${WORLDTMP}/legacy/usr/include # XXX - These can depend on any header file. rm -f ${OBJTREE}${.CURDIR}/lib/libsysdecode/ioctl.c rm -f ${OBJTREE}${.CURDIR}/usr.bin/kdump/kdump_subr.c .endif .for _dir in \ - lib usr legacy/bin legacy/usr + lib lib/casper usr legacy/bin legacy/usr mkdir -p ${WORLDTMP}/${_dir} .endfor mtree -deU -f ${.CURDIR}/etc/mtree/BSD.usr.dist \ -p ${WORLDTMP}/legacy/usr >/dev/null .if ${MK_GROFF} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.groff.dist \ -p ${WORLDTMP}/legacy/usr >/dev/null .endif mtree -deU -f ${.CURDIR}/etc/mtree/BSD.usr.dist \ -p ${WORLDTMP}/usr >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.include.dist \ -p ${WORLDTMP}/usr/include >/dev/null ln -sf ${.CURDIR}/sys ${WORLDTMP} .if ${MK_DEBUG_FILES} != "no" # We could instead disable debug files for these build stages mtree -deU -f ${.CURDIR}/etc/mtree/BSD.debug.dist \ -p ${WORLDTMP}/legacy/usr/lib >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.debug.dist \ -p ${WORLDTMP}/usr/lib >/dev/null .endif .if ${MK_LIB32} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.lib32.dist \ -p ${WORLDTMP}/usr >/dev/null .if ${MK_DEBUG_FILES} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.lib32.dist \ -p ${WORLDTMP}/legacy/usr/lib/debug/usr >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.lib32.dist \ -p ${WORLDTMP}/usr/lib/debug/usr >/dev/null .endif .endif .if ${MK_TESTS} != "no" mkdir -p ${WORLDTMP}${TESTSBASE} mtree -deU -f ${.CURDIR}/etc/mtree/BSD.tests.dist \ -p ${WORLDTMP}${TESTSBASE} >/dev/null .if ${MK_DEBUG_FILES} != "no" mkdir -p ${WORLDTMP}/usr/lib/debug/${TESTSBASE} mtree -deU -f ${.CURDIR}/etc/mtree/BSD.tests.dist \ -p ${WORLDTMP}/usr/lib/debug/${TESTSBASE} >/dev/null .endif .endif .for _mtree in ${LOCAL_MTREE} mtree -deU -f ${.CURDIR}/${_mtree} -p ${WORLDTMP} > /dev/null .endfor _legacy: @echo @echo "--------------------------------------------------------------" @echo ">>> stage 1.1: legacy release compatibility shims" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${BMAKE} legacy _bootstrap-tools: @echo @echo "--------------------------------------------------------------" @echo ">>> stage 1.2: bootstrap tools" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${BMAKE} bootstrap-tools _cleanobj: .if !defined(NO_CLEAN) @echo @echo "--------------------------------------------------------------" @echo ">>> stage 2.1: cleaning up the object tree" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${WMAKE} ${CLEANDIR} .if defined(LIB32TMP) ${_+_}cd ${.CURDIR}; ${LIB32WMAKE} -f Makefile.inc1 ${CLEANDIR} .endif .endif _obj: @echo @echo "--------------------------------------------------------------" @echo ">>> stage 2.2: rebuilding the object tree" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${WMAKE} obj _build-tools: @echo @echo "--------------------------------------------------------------" @echo ">>> stage 2.3: build tools" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${TMAKE} build-tools _cross-tools: @echo @echo "--------------------------------------------------------------" @echo ">>> stage 3: cross tools" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${XMAKE} cross-tools ${_+_}cd ${.CURDIR}; ${XMAKE} kernel-tools _includes: @echo @echo "--------------------------------------------------------------" @echo ">>> stage 4.1: building includes" @echo "--------------------------------------------------------------" # Special handling for SUBDIR_OVERRIDE in buildworld as they most likely need # headers from default SUBDIR. Do SUBDIR_OVERRIDE includes last. ${_+_}cd ${.CURDIR}; ${WMAKE} SUBDIR_OVERRIDE= SHARED=symlinks \ includes .if !empty(SUBDIR_OVERRIDE) && make(buildworld) ${_+_}cd ${.CURDIR}; ${WMAKE} SHARED=symlinks includes .endif _libraries: @echo @echo "--------------------------------------------------------------" @echo ">>> stage 4.2: building libraries" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; \ ${WMAKE} -DNO_FSCHG MK_HTML=no -DNO_LINT MK_MAN=no \ MK_PROFILE=no MK_TESTS=no MK_TESTS_SUPPORT=${MK_TESTS} libraries _depend: @echo @echo "--------------------------------------------------------------" @echo ">>> stage 4.3: make dependencies" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${WMAKE} depend everything: @echo @echo "--------------------------------------------------------------" @echo ">>> stage 4.4: building everything" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; _PARALLEL_SUBDIR_OK=1 ${WMAKE} all .if defined(LIB32TMP) build32: .PHONY @echo @echo "--------------------------------------------------------------" @echo ">>> stage 5.1: building 32 bit shim libraries" @echo "--------------------------------------------------------------" mkdir -p ${LIB32TMP}/usr/include mtree -deU -f ${.CURDIR}/etc/mtree/BSD.usr.dist \ -p ${LIB32TMP}/usr >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.include.dist \ -p ${LIB32TMP}/usr/include >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.lib32.dist \ -p ${LIB32TMP}/usr >/dev/null .if ${MK_DEBUG_FILES} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.debug.dist \ -p ${LIB32TMP}/usr/lib >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.lib32.dist \ -p ${LIB32TMP}/usr/lib/debug/usr >/dev/null .endif mkdir -p ${WORLDTMP} ln -sf ${.CURDIR}/sys ${WORLDTMP} .for _t in obj includes ${_+_}cd ${.CURDIR}/include; ${LIB32WMAKE} DIRPRFX=include/ ${_t} ${_+_}cd ${.CURDIR}/lib; ${LIB32WMAKE} DIRPRFX=lib/ ${_t} .if ${MK_CDDL} != "no" ${_+_}cd ${.CURDIR}/cddl/lib; ${LIB32WMAKE} DIRPRFX=cddl/lib/ ${_t} .endif ${_+_}cd ${.CURDIR}/gnu/lib; ${LIB32WMAKE} DIRPRFX=gnu/lib/ ${_t} .if ${MK_CRYPT} != "no" ${_+_}cd ${.CURDIR}/secure/lib; ${LIB32WMAKE} DIRPRFX=secure/lib/ ${_t} .endif .if ${MK_KERBEROS} != "no" ${_+_}cd ${.CURDIR}/kerberos5/lib; ${LIB32WMAKE} DIRPRFX=kerberos5/lib ${_t} .endif .endfor .for _dir in usr.bin/lex/lib ${_+_}cd ${.CURDIR}/${_dir}; ${LIB32WMAKE} DIRPRFX=${_dir}/ obj .endfor .for _dir in lib/ncurses/ncurses lib/ncurses/ncursesw lib/libmagic ${_+_}cd ${.CURDIR}/${_dir}; \ WORLDTMP=${WORLDTMP} \ MAKEFLAGS="-m ${.CURDIR}/tools/build/mk ${.MAKEFLAGS}" \ MAKEOBJDIRPREFIX=${LIB32_OBJTREE} ${MAKE} SSP_CFLAGS= DESTDIR= \ DIRPRFX=${_dir}/ -DNO_LINT -DNO_CPU_CFLAGS MK_WARNS=no MK_CTF=no \ build-tools .endfor ${_+_}cd ${.CURDIR}; \ ${LIB32WMAKE} -f Makefile.inc1 -DNO_FSCHG libraries .for _t in obj depend all ${_+_}cd ${.CURDIR}/libexec/rtld-elf; PROG=ld-elf32.so.1 ${LIB32WMAKE} \ -DNO_FSCHG DIRPRFX=libexec/rtld-elf/ ${_t} ${_+_}cd ${.CURDIR}/usr.bin/ldd; PROG=ldd32 ${LIB32WMAKE} \ DIRPRFX=usr.bin/ldd ${_t} .endfor distribute32 install32: .MAKE .PHONY ${_+_}cd ${.CURDIR}/lib; ${LIB32IMAKE} ${.TARGET:S/32$//} .if ${MK_CDDL} != "no" ${_+_}cd ${.CURDIR}/cddl/lib; ${LIB32IMAKE} ${.TARGET:S/32$//} .endif ${_+_}cd ${.CURDIR}/gnu/lib; ${LIB32IMAKE} ${.TARGET:S/32$//} .if ${MK_CRYPT} != "no" ${_+_}cd ${.CURDIR}/secure/lib; ${LIB32IMAKE} ${.TARGET:S/32$//} .endif .if ${MK_KERBEROS} != "no" ${_+_}cd ${.CURDIR}/kerberos5/lib; ${LIB32IMAKE} ${.TARGET:S/32$//} .endif ${_+_}cd ${.CURDIR}/libexec/rtld-elf; \ PROG=ld-elf32.so.1 ${LIB32IMAKE} ${.TARGET:S/32$//} ${_+_}cd ${.CURDIR}/usr.bin/ldd; PROG=ldd32 ${LIB32IMAKE} \ ${.TARGET:S/32$//} .endif WMAKE_TGTS= WMAKE_TGTS+= _worldtmp _legacy .if empty(SUBDIR_OVERRIDE) WMAKE_TGTS+= _bootstrap-tools .endif WMAKE_TGTS+= _cleanobj _obj _build-tools _cross-tools WMAKE_TGTS+= _includes _libraries .if !defined(NO_DEPEND) WMAKE_TGTS+= _depend .endif WMAKE_TGTS+= everything .if defined(LIB32TMP) && ${MK_LIB32} != "no" && empty(SUBDIR_OVERRIDE) WMAKE_TGTS+= build32 .endif buildworld: buildworld_prologue ${WMAKE_TGTS} buildworld_epilogue .ORDER: buildworld_prologue ${WMAKE_TGTS} buildworld_epilogue buildworld_prologue: @echo "--------------------------------------------------------------" @echo ">>> World build started on `LC_ALL=C date`" @echo "--------------------------------------------------------------" buildworld_epilogue: @echo @echo "--------------------------------------------------------------" @echo ">>> World build completed on `LC_ALL=C date`" @echo "--------------------------------------------------------------" # # We need to have this as a target because the indirection between Makefile # and Makefile.inc1 causes the correct PATH to be used, rather than a # modification of the current environment's PATH. In addition, we need # to quote multiword values. # buildenvvars: .PHONY @echo ${WMAKEENV:Q} ${.MAKE.EXPORTED:@v@$v=\"${$v}\"@} .if ${.TARGETS:Mbuildenv} .if ${.MAKEFLAGS:M-j} .error The buildenv target is incompatible with -j .endif .endif BUILDENV_DIR?= ${.CURDIR} buildenv: .PHONY @echo Entering world for ${TARGET_ARCH}:${TARGET} .if ${BUILDENV_SHELL:M*zsh*} @echo For ZSH you must run: export CPUTYPE=${TARGET_CPUTYPE} .endif @cd ${BUILDENV_DIR} && env ${WMAKEENV} BUILDENV=1 ${BUILDENV_SHELL} \ || true TOOLCHAIN_TGTS= ${WMAKE_TGTS:N_depend:Neverything:Nbuild32} toolchain: ${TOOLCHAIN_TGTS} kernel-toolchain: ${TOOLCHAIN_TGTS:N_includes:N_libraries} # # installcheck # # Checks to be sure system is ready for installworld/installkernel. # installcheck: _installcheck_world _installcheck_kernel _installcheck_world: _installcheck_kernel: # # Require DESTDIR to be set if installing for a different architecture or # using the user/group database in the source tree. # .if ${TARGET_ARCH} != ${MACHINE_ARCH} || ${TARGET} != ${MACHINE} || \ defined(DB_FROM_SRC) .if !make(distributeworld) _installcheck_world: __installcheck_DESTDIR _installcheck_kernel: __installcheck_DESTDIR __installcheck_DESTDIR: .if !defined(DESTDIR) || empty(DESTDIR) @echo "ERROR: Please set DESTDIR!"; \ false .endif .endif .endif .if !defined(DB_FROM_SRC) # # Check for missing UIDs/GIDs. # CHECK_UIDS= auditdistd CHECK_GIDS= audit .if ${MK_SENDMAIL} != "no" CHECK_UIDS+= smmsp CHECK_GIDS+= smmsp .endif .if ${MK_PF} != "no" CHECK_UIDS+= proxy CHECK_GIDS+= proxy authpf .endif .if ${MK_UNBOUND} != "no" CHECK_UIDS+= unbound CHECK_GIDS+= unbound .endif _installcheck_world: __installcheck_UGID __installcheck_UGID: .for uid in ${CHECK_UIDS} @if ! `id -u ${uid} >/dev/null 2>&1`; then \ echo "ERROR: Required ${uid} user is missing, see /usr/src/UPDATING."; \ false; \ fi .endfor .for gid in ${CHECK_GIDS} @if ! `find / -prune -group ${gid} >/dev/null 2>&1`; then \ echo "ERROR: Required ${gid} group is missing, see /usr/src/UPDATING."; \ false; \ fi .endfor .endif # # Required install tools to be saved in a scratch dir for safety. # .if ${MK_ZONEINFO} != "no" _zoneinfo= zic tzsetup .endif ITOOLS= [ awk cap_mkdb cat chflags chmod chown cmp cp \ date echo egrep find grep id install ${_install-info} \ ln make mkdir mtree mv pwd_mkdb \ rm sed services_mkdb sh strip sysctl test true uname wc ${_zoneinfo} \ ${LOCAL_ITOOLS} # Needed for share/man .if ${MK_MAN} != "no" ITOOLS+=makewhatis .endif # # distributeworld # # Distributes everything compiled by a `buildworld'. # # installworld # # Installs everything compiled by a 'buildworld'. # # Non-base distributions produced by the base system EXTRA_DISTRIBUTIONS= doc .if defined(LIB32TMP) && ${MK_LIB32} != "no" EXTRA_DISTRIBUTIONS+= lib32 .endif .if ${MK_TESTS} != "no" EXTRA_DISTRIBUTIONS+= tests .endif DEBUG_DISTRIBUTIONS= .if ${MK_DEBUG_FILES} != "no" DEBUG_DISTRIBUTIONS+= base ${EXTRA_DISTRIBUTIONS:S,doc,,:S,tests,,} .endif MTREE_MAGIC?= mtree 2.0 distributeworld installworld: _installcheck_world mkdir -p ${INSTALLTMP} progs=$$(for prog in ${ITOOLS}; do \ if progpath=`which $$prog`; then \ echo $$progpath; \ else \ echo "Required tool $$prog not found in PATH." >&2; \ exit 1; \ fi; \ done); \ libs=$$(ldd -f "%o %p\n" -f "%o %p\n" $$progs 2>/dev/null | sort -u | \ while read line; do \ set -- $$line; \ if [ "$$2 $$3" != "not found" ]; then \ echo $$2; \ else \ echo "Required library $$1 not found." >&2; \ exit 1; \ fi; \ done); \ cp $$libs $$progs ${INSTALLTMP} cp -R $${PATH_LOCALE:-"/usr/share/locale"} ${INSTALLTMP}/locale .if defined(NO_ROOT) echo "#${MTREE_MAGIC}" > ${METALOG} .endif .if make(distributeworld) .for dist in ${EXTRA_DISTRIBUTIONS} -mkdir ${DESTDIR}/${DISTDIR}/${dist} mtree -deU -f ${.CURDIR}/etc/mtree/BSD.root.dist \ -p ${DESTDIR}/${DISTDIR}/${dist} >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.usr.dist \ -p ${DESTDIR}/${DISTDIR}/${dist}/usr >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.include.dist \ -p ${DESTDIR}/${DISTDIR}/${dist}/usr/include >/dev/null .if ${MK_DEBUG_FILES} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.debug.dist \ -p ${DESTDIR}/${DISTDIR}/${dist}/usr/lib >/dev/null .endif .if ${MK_LIB32} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.lib32.dist \ -p ${DESTDIR}/${DISTDIR}/${dist}/usr >/dev/null .if ${MK_DEBUG_FILES} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.lib32.dist \ -p ${DESTDIR}/${DISTDIR}/${dist}/usr/lib/debug/usr >/dev/null .endif .endif .if ${MK_TESTS} != "no" && ${dist} == "tests" -mkdir -p ${DESTDIR}/${DISTDIR}/${dist}${TESTSBASE} mtree -deU -f ${.CURDIR}/etc/mtree/BSD.tests.dist \ -p ${DESTDIR}/${DISTDIR}/${dist}${TESTSBASE} >/dev/null .if ${MK_DEBUG_FILES} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.tests.dist \ -p ${DESTDIR}/${DISTDIR}/${dist}/usr/lib/debug/${TESTSBASE} >/dev/null .endif .endif .if defined(NO_ROOT) ${IMAKEENV} mtree -C -f ${.CURDIR}/etc/mtree/BSD.root.dist | \ sed -e 's#^\./#./${dist}/#' >> ${METALOG} ${IMAKEENV} mtree -C -f ${.CURDIR}/etc/mtree/BSD.usr.dist | \ sed -e 's#^\./#./${dist}/usr/#' >> ${METALOG} ${IMAKEENV} mtree -C -f ${.CURDIR}/etc/mtree/BSD.include.dist | \ sed -e 's#^\./#./${dist}/usr/include/#' >> ${METALOG} .if ${MK_LIB32} != "no" ${IMAKEENV} mtree -C -f ${.CURDIR}/etc/mtree/BSD.lib32.dist | \ sed -e 's#^\./#./${dist}/usr/#' >> ${METALOG} .endif .endif .endfor -mkdir ${DESTDIR}/${DISTDIR}/base ${_+_}cd ${.CURDIR}/etc; ${CROSSENV} PATH=${TMPPATH} ${MAKE} \ METALOG=${METALOG} ${IMAKE_INSTALL} ${IMAKE_MTREE} \ DISTBASE=/base DESTDIR=${DESTDIR}/${DISTDIR}/base \ LOCAL_MTREE=${LOCAL_MTREE:Q} distrib-dirs .endif ${_+_}cd ${.CURDIR}; ${IMAKE} re${.TARGET:S/world$//}; \ ${IMAKEENV} rm -rf ${INSTALLTMP} .if make(distributeworld) .for dist in ${EXTRA_DISTRIBUTIONS} find ${DESTDIR}/${DISTDIR}/${dist} -mindepth 1 -empty -delete .endfor .if defined(NO_ROOT) .for dist in base ${EXTRA_DISTRIBUTIONS} @# For each file that exists in this dist, print the corresponding @# line from the METALOG. This relies on the fact that @# a line containing only the filename will sort immediatly before @# the relevant mtree line. cd ${DESTDIR}/${DISTDIR}; \ find ./${dist} | sort -u ${METALOG} - | \ awk 'BEGIN { print "#${MTREE_MAGIC}" } !/ type=/ { file = $$1 } / type=/ { if ($$1 == file) { sub(/^\.\/${dist}\//, "./"); print } }' > \ ${DESTDIR}/${DISTDIR}/${dist}.meta .endfor .for dist in ${DEBUG_DISTRIBUTIONS} @# For each file that exists in this dist, print the corresponding @# line from the METALOG. This relies on the fact that @# a line containing only the filename will sort immediatly before @# the relevant mtree line. cd ${DESTDIR}/${DISTDIR}; \ find ./${dist}/usr/lib/debug | sort -u ${METALOG} - | \ awk 'BEGIN { print "#${MTREE_MAGIC}" } !/ type=/ { file = $$1 } / type=/ { if ($$1 == file) { sub(/^\.\/${dist}\//, "./"); print } }' > \ ${DESTDIR}/${DISTDIR}/${dist}.debug.meta .endfor .endif .endif packageworld: .for dist in base ${EXTRA_DISTRIBUTIONS} .if defined(NO_ROOT) ${_+_}cd ${DESTDIR}/${DISTDIR}/${dist}; \ tar cvf - --exclude usr/lib/debug \ @${DESTDIR}/${DISTDIR}/${dist}.meta | \ ${XZ_CMD} > ${PACKAGEDIR}/${dist}.txz .else ${_+_}cd ${DESTDIR}/${DISTDIR}/${dist}; \ tar cvf - --exclude usr/lib/debug . | \ ${XZ_CMD} > ${PACKAGEDIR}/${dist}.txz .endif .endfor .for dist in ${DEBUG_DISTRIBUTIONS} . if defined(NO_ROOT) ${_+_}cd ${DESTDIR}/${DISTDIR}/${dist}; \ tar cvf - @${DESTDIR}/${DISTDIR}/${dist}.debug.meta | \ ${XZ_CMD} > ${PACKAGEDIR}/${dist}-dbg.txz . else ${_+_}cd ${DESTDIR}/${DISTDIR}/${dist}; \ tar cvLf - usr/lib/debug | \ ${XZ_CMD} > ${PACKAGEDIR}/${dist}-dbg.txz . endif .endfor # # reinstall # # If you have a build server, you can NFS mount the source and obj directories # and do a 'make reinstall' on the *client* to install new binaries from the # most recent server build. # reinstall: .MAKE .PHONY @echo "--------------------------------------------------------------" @echo ">>> Making hierarchy" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${MAKE} -f Makefile.inc1 \ LOCAL_MTREE=${LOCAL_MTREE:Q} hierarchy @echo @echo "--------------------------------------------------------------" @echo ">>> Installing everything" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${MAKE} -f Makefile.inc1 install .if defined(LIB32TMP) && ${MK_LIB32} != "no" ${_+_}cd ${.CURDIR}; ${MAKE} -f Makefile.inc1 install32 .endif redistribute: .MAKE .PHONY @echo "--------------------------------------------------------------" @echo ">>> Distributing everything" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${MAKE} -f Makefile.inc1 distribute .if defined(LIB32TMP) && ${MK_LIB32} != "no" ${_+_}cd ${.CURDIR}; ${MAKE} -f Makefile.inc1 distribute32 \ DISTRIBUTION=lib32 .endif distrib-dirs distribution: .MAKE .PHONY ${_+_}cd ${.CURDIR}/etc; ${CROSSENV} PATH=${TMPPATH} ${MAKE} \ ${IMAKE_INSTALL} ${IMAKE_MTREE} METALOG=${METALOG} ${.TARGET} .if make(distribution) ${_+_}cd ${.CURDIR}; ${CROSSENV} PATH=${TMPPATH} \ ${MAKE} -f Makefile.inc1 ${IMAKE_INSTALL} \ METALOG=${METALOG} MK_TESTS=no installconfig .endif # # buildkernel and installkernel # # Which kernels to build and/or install is specified by setting # KERNCONF. If not defined a GENERIC kernel is built/installed. # Only the existing (depending TARGET) config files are used # for building kernels and only the first of these is designated # as the one being installed. # # Note that we have to use TARGET instead of TARGET_ARCH when # we're in kernel-land. Since only TARGET_ARCH is (expected) to # be set to cross-build, we have to make sure TARGET is set # properly. .if defined(KERNFAST) NO_KERNELCLEAN= t NO_KERNELCONFIG= t NO_KERNELDEPEND= t NO_KERNELOBJ= t # Shortcut for KERNCONF=Blah -DKERNFAST is now KERNFAST=Blah .if !defined(KERNCONF) && ${KERNFAST} != "1" KERNCONF=${KERNFAST} .endif .endif .if ${TARGET_ARCH} == "powerpc64" KERNCONF?= GENERIC64 .else KERNCONF?= GENERIC .endif INSTKERNNAME?= kernel KERNSRCDIR?= ${.CURDIR}/sys KRNLCONFDIR= ${KERNSRCDIR}/${TARGET}/conf KRNLOBJDIR= ${OBJTREE}${KERNSRCDIR} KERNCONFDIR?= ${KRNLCONFDIR} BUILDKERNELS= INSTALLKERNEL= .if defined(NO_INSTALLKERNEL) # All of the BUILDKERNELS loops start at index 1. BUILDKERNELS+= dummy .endif .for _kernel in ${KERNCONF} .if exists(${KERNCONFDIR}/${_kernel}) BUILDKERNELS+= ${_kernel} .if empty(INSTALLKERNEL) && !defined(NO_INSTALLKERNEL) INSTALLKERNEL= ${_kernel} .endif .endif .endfor ${WMAKE_TGTS:N_worldtmp:Nbuild32} ${.ALLTARGETS:M_*:N_worldtmp}: .MAKE .PHONY # # buildkernel # # Builds all kernels defined by BUILDKERNELS. # buildkernel: .MAKE .PHONY .if empty(BUILDKERNELS:Ndummy) @echo "ERROR: Missing kernel configuration file(s) (${KERNCONF})."; \ false .endif @echo .for _kernel in ${BUILDKERNELS:Ndummy} @echo "--------------------------------------------------------------" @echo ">>> Kernel build for ${_kernel} started on `LC_ALL=C date`" @echo "--------------------------------------------------------------" @echo "===> ${_kernel}" mkdir -p ${KRNLOBJDIR} .if !defined(NO_KERNELCONFIG) @echo @echo "--------------------------------------------------------------" @echo ">>> stage 1: configuring the kernel" @echo "--------------------------------------------------------------" cd ${KRNLCONFDIR}; \ PATH=${TMPPATH} \ config ${CONFIGARGS} -d ${KRNLOBJDIR}/${_kernel} \ -I '${KERNCONFDIR}' '${KERNCONFDIR}/${_kernel}' .endif .if !defined(NO_CLEAN) && !defined(NO_KERNELCLEAN) @echo @echo "--------------------------------------------------------------" @echo ">>> stage 2.1: cleaning up the object tree" @echo "--------------------------------------------------------------" ${_+_}cd ${KRNLOBJDIR}/${_kernel}; ${KMAKE} ${CLEANDIR} .endif .if !defined(NO_KERNELOBJ) @echo @echo "--------------------------------------------------------------" @echo ">>> stage 2.2: rebuilding the object tree" @echo "--------------------------------------------------------------" ${_+_}cd ${KRNLOBJDIR}/${_kernel}; ${KMAKE} obj .endif @echo @echo "--------------------------------------------------------------" @echo ">>> stage 2.3: build tools" @echo "--------------------------------------------------------------" ${_+_}cd ${.CURDIR}; ${KTMAKE} kernel-tools .if !defined(NO_KERNELDEPEND) @echo @echo "--------------------------------------------------------------" @echo ">>> stage 3.1: making dependencies" @echo "--------------------------------------------------------------" ${_+_}cd ${KRNLOBJDIR}/${_kernel}; ${KMAKE} depend -DNO_MODULES_OBJ .endif @echo @echo "--------------------------------------------------------------" @echo ">>> stage 3.2: building everything" @echo "--------------------------------------------------------------" ${_+_}cd ${KRNLOBJDIR}/${_kernel}; ${KMAKE} all -DNO_MODULES_OBJ @echo "--------------------------------------------------------------" @echo ">>> Kernel build for ${_kernel} completed on `LC_ALL=C date`" @echo "--------------------------------------------------------------" .endfor # # installkernel, etc. # # Install the kernel defined by INSTALLKERNEL # installkernel installkernel.debug \ reinstallkernel reinstallkernel.debug: _installcheck_kernel .if !defined(NO_INSTALLKERNEL) .if empty(INSTALLKERNEL) @echo "ERROR: No kernel \"${KERNCONF}\" to install."; \ false .endif @echo "--------------------------------------------------------------" @echo ">>> Installing kernel ${INSTALLKERNEL}" @echo "--------------------------------------------------------------" cd ${KRNLOBJDIR}/${INSTALLKERNEL}; \ ${CROSSENV} PATH=${TMPPATH} \ ${MAKE} ${IMAKE_INSTALL} KERNEL=${INSTKERNNAME} ${.TARGET:S/kernel//} .endif .if ${BUILDKERNELS:[#]} > 1 && !defined(NO_INSTALLEXTRAKERNELS) .for _kernel in ${BUILDKERNELS:[2..-1]} @echo "--------------------------------------------------------------" @echo ">>> Installing kernel ${_kernel}" @echo "--------------------------------------------------------------" cd ${KRNLOBJDIR}/${_kernel}; \ ${CROSSENV} PATH=${TMPPATH} \ ${MAKE} ${IMAKE_INSTALL} KERNEL=${INSTKERNNAME}.${_kernel} ${.TARGET:S/kernel//} .endfor .endif distributekernel distributekernel.debug: .if !defined(NO_INSTALLKERNEL) .if empty(INSTALLKERNEL) @echo "ERROR: No kernel \"${KERNCONF}\" to install."; \ false .endif mkdir -p ${DESTDIR}/${DISTDIR} .if defined(NO_ROOT) echo "#${MTREE_MAGIC}" > ${DESTDIR}/${DISTDIR}/kernel.premeta .endif cd ${KRNLOBJDIR}/${INSTALLKERNEL}; \ ${IMAKEENV} ${IMAKE_INSTALL:S/METALOG/kernel.premeta/} \ ${IMAKE_MTREE} PATH=${TMPPATH} ${MAKE} KERNEL=${INSTKERNNAME} \ DESTDIR=${INSTALL_DDIR}/kernel \ ${.TARGET:S/distributekernel/install/} .if defined(NO_ROOT) sed -e 's|^./kernel|.|' ${DESTDIR}/${DISTDIR}/kernel.premeta > \ ${DESTDIR}/${DISTDIR}/kernel.meta .endif .endif .if ${BUILDKERNELS:[#]} > 1 && !defined(NO_INSTALLEXTRAKERNELS) .for _kernel in ${BUILDKERNELS:[2..-1]} .if defined(NO_ROOT) echo "#${MTREE_MAGIC}" > ${DESTDIR}/${DISTDIR}/kernel.${_kernel}.premeta .endif cd ${KRNLOBJDIR}/${_kernel}; \ ${IMAKEENV} ${IMAKE_INSTALL:S/METALOG/kernel.${_kernel}.premeta/} \ ${IMAKE_MTREE} PATH=${TMPPATH} ${MAKE} \ KERNEL=${INSTKERNNAME}.${_kernel} \ DESTDIR=${INSTALL_DDIR}/kernel.${_kernel} \ ${.TARGET:S/distributekernel/install/} .if defined(NO_ROOT) sed -e 's|^./kernel|.|' \ ${DESTDIR}/${DISTDIR}/kernel.${_kernel}.premeta > \ ${DESTDIR}/${DISTDIR}/kernel.${_kernel}.meta .endif .endfor .endif packagekernel: .if defined(NO_ROOT) .if !defined(NO_INSTALLKERNEL) cd ${DESTDIR}/${DISTDIR}/kernel; \ tar cvf - --exclude '*.debug' \ @${DESTDIR}/${DISTDIR}/kernel.meta | \ ${XZ_CMD} > ${PACKAGEDIR}/kernel.txz .endif cd ${DESTDIR}/${DISTDIR}/kernel; \ tar cvf - --include '*/*/*.debug' \ @${DESTDIR}/${DISTDIR}/kernel.meta | \ ${XZ_CMD} > ${DESTDIR}/${DISTDIR}/kernel-dbg.txz .if ${BUILDKERNELS:[#]} > 1 && !defined(NO_INSTALLEXTRAKERNELS) .for _kernel in ${BUILDKERNELS:[2..-1]} cd ${DESTDIR}/${DISTDIR}/kernel.${_kernel}; \ tar cvf - --exclude '*.debug' \ @${DESTDIR}/${DISTDIR}/kernel.${_kernel}.meta | \ ${XZ_CMD} > ${PACKAGEDIR}/kernel.${_kernel}.txz cd ${DESTDIR}/${DISTDIR}/kernel.${_kernel}; \ tar cvf - --include '*/*/*.debug' \ @${DESTDIR}/${DISTDIR}/kernel.${_kernel}.meta | \ ${XZ_CMD} > ${DESTDIR}/${DISTDIR}/kernel.${_kernel}-dbg.txz .endfor .endif .else .if !defined(NO_INSTALLKERNEL) cd ${DESTDIR}/${DISTDIR}/kernel; \ tar cvf - --exclude '*.debug' . | \ ${XZ_CMD} > ${PACKAGEDIR}/kernel.txz .endif cd ${DESTDIR}/${DISTDIR}/kernel; \ tar cvf - --include '*/*/*.debug' $$(eval find .) | \ ${XZ_CMD} > ${DESTDIR}/${DISTDIR}/kernel-dbg.txz .if ${BUILDKERNELS:[#]} > 1 && !defined(NO_INSTALLEXTRAKERNELS) .for _kernel in ${BUILDKERNELS:[2..-1]} cd ${DESTDIR}/${DISTDIR}/kernel.${_kernel}; \ tar cvf - --exclude '*.debug' . | \ ${XZ_CMD} > ${PACKAGEDIR}/kernel.${_kernel}.txz cd ${DESTDIR}/${DISTDIR}/kernel.${_kernel}; \ tar cvf - --include '*/*/*.debug' $$(eval find .) | \ ${XZ_CMD} > ${DESTDIR}/${DISTDIR}/kernel.${_kernel}-dbg.txz .endfor .endif .endif # # # checkworld # # Run test suite on installed world. # checkworld: .PHONY @if [ ! -x ${LOCALBASE}/bin/kyua ]; then \ echo "You need kyua (devel/kyua) to run the test suite." | /usr/bin/fmt; \ exit 1; \ fi ${_+_}${LOCALBASE}/bin/kyua test -k ${TESTSBASE}/Kyuafile # # # doxygen # # Build the API documentation with doxygen # doxygen: .PHONY @if [ ! -x ${LOCALBASE}/bin/doxygen ]; then \ echo "You need doxygen (devel/doxygen) to generate the API documentation of the kernel." | /usr/bin/fmt; \ exit 1; \ fi ${_+_}cd ${.CURDIR}/tools/kerneldoc/subsys; ${MAKE} obj all # # update # # Update the source tree(s), by running svn/svnup to update to the # latest copy. # update: .if (defined(CVS_UPDATE) || defined(SUP_UPDATE)) && !defined(SVN_UPDATE) @echo "--------------------------------------------------------------" @echo "CVS_UPDATE and SUP_UPDATE are no longer supported." @echo "Please see: https://wiki.freebsd.org/CvsIsDeprecated" @echo "--------------------------------------------------------------" @exit 1 .endif .if defined(SVN_UPDATE) @echo "--------------------------------------------------------------" @echo ">>> Updating ${.CURDIR} using Subversion" @echo "--------------------------------------------------------------" @(cd ${.CURDIR}; ${SVN} update ${SVNFLAGS}) .endif # # ------------------------------------------------------------------------ # # From here onwards are utility targets used by the 'make world' and # related targets. If your 'world' breaks, you may like to try to fix # the problem and manually run the following targets to attempt to # complete the build. Beware, this is *not* guaranteed to work, you # need to have a pretty good grip on the current state of the system # to attempt to manually finish it. If in doubt, 'make world' again. # # # legacy: Build compatibility shims for the next three targets. This is a # minimal set of tools and shims necessary to compensate for older systems # which don't have the APIs required by the targets built in bootstrap-tools, # build-tools or cross-tools. # # ELF Tool Chain libraries are needed for ELF tools and dtrace tools. .if ${BOOTSTRAPPING} < 1100006 _elftoolchain_libs= lib/libelf lib/libdwarf .endif legacy: .if ${BOOTSTRAPPING} < 800107 && ${BOOTSTRAPPING} != 0 @echo "ERROR: Source upgrades from versions prior to 8.0 are not supported."; \ false .endif .for _tool in tools/build ${_elftoolchain_libs} ${_+_}@${ECHODIR} "===> ${_tool} (obj,includes,depend,all,install)"; \ cd ${.CURDIR}/${_tool}; \ ${MAKE} DIRPRFX=${_tool}/ obj; \ ${MAKE} DIRPRFX=${_tool}/ DESTDIR=${MAKEOBJDIRPREFIX}/legacy includes; \ if [ -z "${NO_DEPEND}" ]; then ${MAKE} DIRPRFX=${_tool}/ depend; fi; \ ${MAKE} DIRPRFX=${_tool}/ all; \ ${MAKE} DIRPRFX=${_tool}/ DESTDIR=${MAKEOBJDIRPREFIX}/legacy install .endfor # # bootstrap-tools: Build tools needed for compatibility. These are binaries that # are built to build other binaries in the system. However, the focus of these # binaries is usually quite narrow. Bootstrap tools use the host's compiler and # libraries, augmented by -legacy. # _bt= _bootstrap-tools .if ${MK_GAMES} != "no" _strfile= usr.bin/fortune/strfile .endif .if ${MK_GCC} != "no" && ${MK_CXX} != "no" _gperf= gnu/usr.bin/gperf .endif .if ${MK_GROFF} != "no" _groff= gnu/usr.bin/groff \ usr.bin/soelim .endif .if ${MK_VT} != "no" _vtfontcvt= usr.bin/vtfontcvt .endif .if ${BOOTSTRAPPING} < 900002 _sed= usr.bin/sed .endif .if ${BOOTSTRAPPING} < 1000033 _libopenbsd= lib/libopenbsd _m4= usr.bin/m4 _lex= usr.bin/lex ${_bt}-usr.bin/m4: ${_bt}-lib/libopenbsd ${_bt}-usr.bin/lex: ${_bt}-usr.bin/m4 .endif .if ${BOOTSTRAPPING} < 1000026 _nmtree= lib/libnetbsd \ usr.sbin/nmtree ${_bt}-usr.sbin/nmtree: ${_bt}-lib/libnetbsd .endif .if ${BOOTSTRAPPING} < 1000027 _cat= bin/cat .endif # r277259 crunchide: Correct 64-bit section header offset # r281674 crunchide: always include both 32- and 64-bit ELF support # r285986 crunchen: use STRIPBIN rather than STRIP .if ${BOOTSTRAPPING} < 1100078 _crunch= usr.sbin/crunch .endif .if ${BOOTSTRAPPING} >= 900040 && ${BOOTSTRAPPING} < 900041 _awk= usr.bin/awk .endif _yacc= lib/liby \ usr.bin/yacc ${_bt}-usr.bin/yacc: ${_bt}-lib/liby .if ${MK_BSNMP} != "no" _gensnmptree= usr.sbin/bsnmpd/gensnmptree .endif # We need to build tblgen when we're building clang either as # the bootstrap compiler, or as the part of the normal build. .if ${MK_CLANG_BOOTSTRAP} != "no" || ${MK_CLANG} != "no" _clang_tblgen= \ lib/clang/libllvmsupport \ lib/clang/libllvmtablegen \ usr.bin/clang/tblgen \ usr.bin/clang/clang-tblgen ${_bt}-usr.bin/clang/clang-tblgen: ${_bt}-lib/clang/libllvmtablegen ${_bt}-lib/clang/libllvmsupport ${_bt}-usr.bin/clang/tblgen: ${_bt}-lib/clang/libllvmtablegen ${_bt}-lib/clang/libllvmsupport .endif # Default to building the GPL DTC, but build the BSDL one if users explicitly # request it. _dtc= usr.bin/dtc .if ${MK_GPL_DTC} != "no" _dtc= gnu/usr.bin/dtc .endif .if ${MK_KERBEROS} != "no" _kerberos5_bootstrap_tools= \ kerberos5/tools/make-roken \ kerberos5/lib/libroken \ kerberos5/lib/libvers \ kerberos5/tools/asn1_compile \ kerberos5/tools/slc \ usr.bin/compile_et .ORDER: ${_kerberos5_bootstrap_tools:C/^/${_bt}-/g} .endif .if ${MK_MANDOCDB} != "no" _libopenbsd?= lib/libopenbsd _makewhatis= lib/libsqlite3 \ usr.bin/mandoc ${_bt}-usr.bin/mandoc: ${_bt}-lib/libopenbsd ${_bt}-lib/libsqlite3 .else _makewhatis=usr.bin/makewhatis .endif bootstrap-tools: .PHONY # Please document (add comment) why something is in 'bootstrap-tools'. # Try to bound the building of the bootstrap-tool to just the # FreeBSD versions that need the tool built at this stage of the build. .for _tool in \ ${_clang_tblgen} \ ${_kerberos5_bootstrap_tools} \ ${_strfile} \ ${_gperf} \ ${_groff} \ ${_dtc} \ ${_awk} \ ${_cat} \ usr.bin/lorder \ ${_libopenbsd} \ ${_makewhatis} \ usr.bin/rpcgen \ ${_sed} \ ${_yacc} \ ${_m4} \ ${_lex} \ usr.bin/xinstall \ ${_gensnmptree} \ usr.sbin/config \ ${_crunch} \ ${_nmtree} \ ${_vtfontcvt} \ usr.bin/localedef ${_bt}-${_tool}: .PHONY .MAKE ${_+_}@${ECHODIR} "===> ${_tool} (obj,depend,all,install)"; \ cd ${.CURDIR}/${_tool}; \ ${MAKE} DIRPRFX=${_tool}/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${MAKE} DIRPRFX=${_tool}/ depend; fi; \ ${MAKE} DIRPRFX=${_tool}/ all; \ ${MAKE} DIRPRFX=${_tool}/ DESTDIR=${MAKEOBJDIRPREFIX}/legacy install bootstrap-tools: ${_bt}-${_tool} .endfor # # build-tools: Build special purpose build tools # .if !defined(NO_SHARE) _share= share/syscons/scrnmaps .endif .if ${MK_GCC} != "no" _gcc_tools= gnu/usr.bin/cc/cc_tools .endif .if ${MK_RESCUE} != "no" # rescue includes programs that have build-tools targets _rescue=rescue/rescue .endif .for _tool in \ bin/csh \ bin/sh \ ${LOCAL_TOOL_DIRS} \ lib/ncurses/ncurses \ lib/ncurses/ncursesw \ ${_rescue} \ ${_share} \ usr.bin/awk \ lib/libmagic \ usr.bin/mkesdb_static \ usr.bin/mkcsmapper_static \ usr.bin/vi/catalog build-tools_${_tool}: .PHONY ${_+_}@${ECHODIR} "===> ${_tool} (obj,build-tools)"; \ cd ${.CURDIR}/${_tool}; \ ${MAKE} DIRPRFX=${_tool}/ obj; \ ${MAKE} DIRPRFX=${_tool}/ build-tools build-tools: build-tools_${_tool} .endfor .for _tool in \ ${_gcc_tools} build-tools_${_tool}: .PHONY ${_+_}@${ECHODIR} "===> ${_tool} (obj,depend,all)"; \ cd ${.CURDIR}/${_tool}; \ ${MAKE} DIRPRFX=${_tool}/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${MAKE} DIRPRFX=${_tool}/ depend; fi; \ ${MAKE} DIRPRFX=${_tool}/ all build-tools: build-tools_${_tool} .endfor # # kernel-tools: Build kernel-building tools # kernel-tools: mkdir -p ${MAKEOBJDIRPREFIX}/usr mtree -deU -f ${.CURDIR}/etc/mtree/BSD.usr.dist \ -p ${MAKEOBJDIRPREFIX}/usr >/dev/null # # cross-tools: All the tools needed to build the rest of the system after # we get done with the earlier stages. It is the last set of tools needed # to begin building the target binaries. # .if ${TARGET_ARCH} != ${MACHINE_ARCH} .if ${TARGET_ARCH} == "amd64" || ${TARGET_ARCH} == "i386" _btxld= usr.sbin/btxld .endif .endif # Rebuild ctfconvert and ctfmerge to avoid difficult-to-diagnose failures # resulting from missing bug fixes or ELF Toolchain updates. .if ${MK_CDDL} != "no" _dtrace_tools= cddl/lib/libctf cddl/usr.bin/ctfconvert \ cddl/usr.bin/ctfmerge .endif # If we're given an XAS, don't build binutils. .if ${XAS:M/*} == "" .if ${MK_BINUTILS_BOOTSTRAP} != "no" _binutils= gnu/usr.bin/binutils .endif .if ${MK_ELFTOOLCHAIN_BOOTSTRAP} != "no" _elftctools= lib/libelftc \ lib/libpe \ usr.bin/elfcopy \ usr.bin/nm \ usr.bin/size \ usr.bin/strings # These are not required by the build, but can be useful for developers who # cross-build on a FreeBSD 10 host: _elftctools+= usr.bin/addr2line .endif .elif ${TARGET_ARCH} != ${MACHINE_ARCH} && ${MK_ELFTOOLCHAIN_BOOTSTRAP} != "no" # If cross-building with an external binutils we still need to build strip for # the target (for at least crunchide). _elftctools= lib/libelftc \ lib/libpe \ usr.bin/elfcopy .endif # If an full path to an external cross compiler is given, don't build # a cross compiler. .if ${XCC:N${CCACHE_BIN}:M/*} == "" && ${MK_CROSS_COMPILER} != "no" .if ${MK_CLANG_BOOTSTRAP} != "no" _clang= usr.bin/clang _clang_libs= lib/clang .endif .if ${MK_GCC_BOOTSTRAP} != "no" _cc= gnu/usr.bin/cc .endif .endif .if ${MK_USB} != "no" _usb_tools= sys/boot/usb/tools .endif cross-tools: .MAKE .PHONY .for _tool in \ ${_clang_libs} \ ${_clang} \ ${_binutils} \ ${_elftctools} \ ${_dtrace_tools} \ ${_cc} \ ${_btxld} \ ${_crunchide} \ ${_usb_tools} ${_+_}@${ECHODIR} "===> ${_tool} (obj,depend,all,install)"; \ cd ${.CURDIR}/${_tool}; \ ${MAKE} DIRPRFX=${_tool}/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${MAKE} DIRPRFX=${_tool}/ depend; fi; \ ${MAKE} DIRPRFX=${_tool}/ all; \ ${MAKE} DIRPRFX=${_tool}/ DESTDIR=${MAKEOBJDIRPREFIX} install .endfor NXBDESTDIR= ${OBJTREE}/nxb-bin NXBENV= MAKEOBJDIRPREFIX=${OBJTREE}/nxb \ INSTALL="sh ${.CURDIR}/tools/install.sh" \ PATH=${PATH}:${OBJTREE}/gperf_for_gcc/usr/bin NXBMAKE= ${NXBENV} ${MAKE} \ TBLGEN=${NXBDESTDIR}/usr/bin/tblgen \ CLANG_TBLGEN=${NXBDESTDIR}/usr/bin/clang-tblgen \ MACHINE=${TARGET} MACHINE_ARCH=${TARGET_ARCH} \ MK_GDB=no MK_TESTS=no \ SSP_CFLAGS= \ MK_HTML=no NO_LINT=yes MK_MAN=no \ -DNO_PIC MK_PROFILE=no -DNO_SHARED \ -DNO_CPU_CFLAGS MK_WARNS=no MK_CTF=no \ MK_CLANG_EXTRAS=no MK_CLANG_FULL=no \ MK_LLDB=no MK_DEBUG_FILES=no # native-xtools is the current target for qemu-user cross builds of ports # via poudriere and the imgact_binmisc kernel module. # For non-clang enabled targets that are still using the in tree gcc # we must build a gperf binary for one instance of its Makefiles. On # clang-enabled systems, the gperf binary is obsolete. native-xtools: .PHONY .if ${MK_GCC_BOOTSTRAP} != "no" mkdir -p ${OBJTREE}/gperf_for_gcc/usr/bin ${_+_}@${ECHODIR} "===> ${_gperf} (obj,depend,all,install)"; \ cd ${.CURDIR}/${_gperf}; \ ${NXBMAKE} DIRPRFX=${_gperf}/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${NXBMAKE} DIRPRFX=${_gperf}/ depend; fi; \ ${NXBMAKE} DIRPRFX=${_gperf}/ all; \ ${NXBMAKE} DIRPRFX=${_gperf}/ DESTDIR=${OBJTREE}/gperf_for_gcc install .endif mkdir -p ${NXBDESTDIR}/bin ${NXBDESTDIR}/sbin ${NXBDESTDIR}/usr mtree -deU -f ${.CURDIR}/etc/mtree/BSD.usr.dist \ -p ${NXBDESTDIR}/usr >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.include.dist \ -p ${NXBDESTDIR}/usr/include >/dev/null .if ${MK_DEBUG_FILES} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.debug.dist \ -p ${NXBDESTDIR}/usr/lib >/dev/null .endif .for _tool in \ bin/cat \ bin/chmod \ bin/cp \ bin/csh \ bin/echo \ bin/expr \ bin/hostname \ bin/ln \ bin/ls \ bin/mkdir \ bin/mv \ bin/ps \ bin/realpath \ bin/rm \ bin/rmdir \ bin/sh \ bin/sleep \ ${_clang_tblgen} \ usr.bin/ar \ ${_binutils} \ ${_elftctools} \ ${_cc} \ ${_gcc_tools} \ ${_clang_libs} \ ${_clang} \ sbin/md5 \ sbin/sysctl \ gnu/usr.bin/diff \ usr.bin/awk \ usr.bin/basename \ usr.bin/bmake \ usr.bin/bzip2 \ usr.bin/cmp \ usr.bin/dirname \ usr.bin/env \ usr.bin/fetch \ usr.bin/find \ usr.bin/grep \ usr.bin/gzip \ usr.bin/id \ usr.bin/lex \ usr.bin/lorder \ usr.bin/mktemp \ usr.bin/mt \ usr.bin/patch \ usr.bin/sed \ usr.bin/sort \ usr.bin/tar \ usr.bin/touch \ usr.bin/tr \ usr.bin/true \ usr.bin/uniq \ usr.bin/unzip \ usr.bin/xargs \ usr.bin/xinstall \ usr.bin/xz \ usr.bin/yacc \ usr.sbin/chown ${_+_}@${ECHODIR} "===> ${_tool} (obj,depend,all,install)"; \ cd ${.CURDIR}/${_tool}; \ ${NXBMAKE} DIRPRFX=${_tool}/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${NXBMAKE} DIRPRFX=${_tool}/ depend; fi; \ ${NXBMAKE} DIRPRFX=${_tool}/ all; \ ${NXBMAKE} DIRPRFX=${_tool}/ DESTDIR=${NXBDESTDIR} install .endfor # # hierarchy - ensure that all the needed directories are present # hierarchy hier: .MAKE .PHONY ${_+_}cd ${.CURDIR}/etc; ${HMAKE} distrib-dirs # # libraries - build all libraries, and install them under ${DESTDIR}. # # The list of libraries with dependents (${_prebuild_libs}) and their # interdependencies (__L) are built automatically by the # ${.CURDIR}/tools/make_libdeps.sh script. # libraries: .MAKE .PHONY ${_+_}cd ${.CURDIR}; \ ${MAKE} -f Makefile.inc1 _prereq_libs; \ ${MAKE} -f Makefile.inc1 _startup_libs; \ ${MAKE} -f Makefile.inc1 _prebuild_libs; \ ${MAKE} -f Makefile.inc1 _generic_libs # # static libgcc.a prerequisite for shared libc # _prereq_libs= gnu/lib/libssp/libssp_nonshared gnu/lib/libgcc lib/libcompiler_rt # These dependencies are not automatically generated: # # gnu/lib/csu, gnu/lib/libgcc, lib/csu and lib/libc must be built before # all shared libraries for ELF. # _startup_libs= gnu/lib/csu _startup_libs+= lib/csu _startup_libs+= gnu/lib/libgcc _startup_libs+= lib/libcompiler_rt _startup_libs+= lib/libc _startup_libs+= lib/libc_nonshared .if ${MK_LIBCPLUSPLUS} != "no" _startup_libs+= lib/libcxxrt .endif gnu/lib/libgcc__L: lib/libc__L gnu/lib/libgcc__L: lib/libc_nonshared__L .if ${MK_LIBCPLUSPLUS} != "no" lib/libcxxrt__L: gnu/lib/libgcc__L .endif _prebuild_libs= ${_kerberos5_lib_libasn1} \ ${_kerberos5_lib_libhdb} \ ${_kerberos5_lib_libheimbase} \ ${_kerberos5_lib_libheimntlm} \ ${_libsqlite3} \ ${_kerberos5_lib_libheimipcc} \ ${_kerberos5_lib_libhx509} ${_kerberos5_lib_libkrb5} \ ${_kerberos5_lib_libroken} \ ${_kerberos5_lib_libwind} \ lib/libbz2 ${_libcom_err} lib/libcrypt \ lib/libelf lib/libexpat \ lib/libfigpar \ ${_lib_libgssapi} \ lib/libkiconv lib/libkvm lib/liblzma lib/libmd lib/libnv \ - ${_lib_libcapsicum} \ + ${_lib_casper} \ lib/ncurses/ncurses lib/ncurses/ncursesw \ lib/libopie lib/libpam ${_lib_libthr} \ ${_lib_libradius} lib/libsbuf lib/libtacplus \ lib/libgeom \ ${_cddl_lib_libumem} ${_cddl_lib_libnvpair} \ ${_cddl_lib_libuutil} \ ${_cddl_lib_libavl} \ ${_cddl_lib_libzfs_core} \ ${_cddl_lib_libctf} \ lib/libutil lib/libpjdlog ${_lib_libypclnt} lib/libz lib/msun \ ${_secure_lib_libcrypto} ${_lib_libldns} \ ${_secure_lib_libssh} ${_secure_lib_libssl} \ gnu/lib/libdialog .if ${MK_GNUCXX} != "no" _prebuild_libs+= gnu/lib/libstdc++ gnu/lib/libsupc++ gnu/lib/libstdc++__L: lib/msun__L gnu/lib/libsupc++__L: gnu/lib/libstdc++__L .endif .if ${MK_LIBCPLUSPLUS} != "no" _prebuild_libs+= lib/libc++ .endif lib/libgeom__L: lib/libexpat__L lib/libkvm__L: lib/libelf__L .if ${MK_LIBTHR} != "no" _lib_libthr= lib/libthr .endif .if ${MK_RADIUS_SUPPORT} != "no" _lib_libradius= lib/libradius .endif .if ${MK_OFED} != "no" _ofed_lib= contrib/ofed/usr.lib/ .endif .if ${MK_CASPER} != "no" -_lib_libcapsicum=lib/libcapsicum +_lib_casper= lib/libcasper .endif -lib/libcapsicum__L: lib/libnv__L lib/libpjdlog__L: lib/libutil__L +lib/libcasper__L: lib/libnv__L lib/liblzma__L: lib/libthr__L _generic_libs= ${_cddl_lib} gnu/lib ${_kerberos5_lib} lib ${_secure_lib} usr.bin/lex/lib ${_ofed_lib} .for _DIR in ${LOCAL_LIB_DIRS} .if exists(${.CURDIR}/${_DIR}/Makefile) _generic_libs+= ${_DIR} .endif .endfor lib/libopie__L lib/libtacplus__L: lib/libmd__L .if ${MK_CDDL} != "no" _cddl_lib_libumem= cddl/lib/libumem _cddl_lib_libnvpair= cddl/lib/libnvpair _cddl_lib_libavl= cddl/lib/libavl _cddl_lib_libuutil= cddl/lib/libuutil _cddl_lib_libzfs_core= cddl/lib/libzfs_core _cddl_lib_libctf= cddl/lib/libctf _cddl_lib= cddl/lib cddl/lib/libzfs_core__L: cddl/lib/libnvpair__L cddl/lib/libzfs__L: lib/libgeom__L cddl/lib/libctf__L: lib/libz__L .endif # cddl/lib/libdtrace requires lib/libproc and lib/librtld_db; it's only built # on select architectures though (see cddl/lib/Makefile) .if ${MACHINE_CPUARCH} != "sparc64" _prebuild_libs+= lib/libproc lib/librtld_db .endif .if ${MK_CRYPT} != "no" .if ${MK_OPENSSL} != "no" _secure_lib_libcrypto= secure/lib/libcrypto _secure_lib_libssl= secure/lib/libssl lib/libradius__L secure/lib/libssl__L: secure/lib/libcrypto__L .if ${MK_LDNS} != "no" _lib_libldns= lib/libldns lib/libldns__L: secure/lib/libcrypto__L .endif .if ${MK_OPENSSH} != "no" _secure_lib_libssh= secure/lib/libssh secure/lib/libssh__L: lib/libz__L secure/lib/libcrypto__L lib/libcrypt__L .if ${MK_LDNS} != "no" secure/lib/libssh__L: lib/libldns__L .endif .if ${MK_KERBEROS_SUPPORT} != "no" secure/lib/libssh__L: lib/libgssapi__L kerberos5/lib/libkrb5__L \ kerberos5/lib/libhx509__L kerberos5/lib/libasn1__L lib/libcom_err__L \ lib/libmd__L kerberos5/lib/libroken__L .endif .endif .endif _secure_lib= secure/lib .endif .if ${MK_KERBEROS} != "no" kerberos5/lib/libasn1__L: lib/libcom_err__L kerberos5/lib/libroken__L kerberos5/lib/libhdb__L: kerberos5/lib/libasn1__L lib/libcom_err__L \ kerberos5/lib/libkrb5__L kerberos5/lib/libroken__L \ kerberos5/lib/libwind__L lib/libsqlite3__L kerberos5/lib/libheimntlm__L: secure/lib/libcrypto__L kerberos5/lib/libkrb5__L \ kerberos5/lib/libroken__L lib/libcom_err__L kerberos5/lib/libhx509__L: kerberos5/lib/libasn1__L lib/libcom_err__L \ secure/lib/libcrypto__L kerberos5/lib/libroken__L kerberos5/lib/libwind__L kerberos5/lib/libkrb5__L: kerberos5/lib/libasn1__L lib/libcom_err__L \ lib/libcrypt__L secure/lib/libcrypto__L kerberos5/lib/libhx509__L \ kerberos5/lib/libroken__L kerberos5/lib/libwind__L \ kerberos5/lib/libheimbase__L kerberos5/lib/libheimipcc__L kerberos5/lib/libroken__L: lib/libcrypt__L kerberos5/lib/libwind__L: kerberos5/lib/libroken__L lib/libcom_err__L kerberos5/lib/libheimbase__L: lib/libthr__L kerberos5/lib/libheimipcc__L: kerberos5/lib/libroken__L kerberos5/lib/libheimbase__L lib/libthr__L .endif lib/libsqlite3__L: lib/libthr__L .if ${MK_GSSAPI} != "no" _lib_libgssapi= lib/libgssapi .endif .if ${MK_KERBEROS} != "no" _kerberos5_lib= kerberos5/lib _kerberos5_lib_libasn1= kerberos5/lib/libasn1 _kerberos5_lib_libhdb= kerberos5/lib/libhdb _kerberos5_lib_libheimbase= kerberos5/lib/libheimbase _kerberos5_lib_libkrb5= kerberos5/lib/libkrb5 _kerberos5_lib_libhx509= kerberos5/lib/libhx509 _kerberos5_lib_libroken= kerberos5/lib/libroken _kerberos5_lib_libheimntlm= kerberos5/lib/libheimntlm _libsqlite3= lib/libsqlite3 _kerberos5_lib_libheimipcc= kerberos5/lib/libheimipcc _kerberos5_lib_libwind= kerberos5/lib/libwind _libcom_err= lib/libcom_err .endif .if ${MK_NIS} != "no" _lib_libypclnt= lib/libypclnt .endif .if ${MK_OPENSSL} == "no" lib/libradius__L: lib/libmd__L .endif lib/libproc__L: \ ${_cddl_lib_libctf:D${_cddl_lib_libctf}__L} lib/libelf__L lib/librtld_db__L lib/libutil__L .if ${MK_CXX} != "no" .if ${MK_LIBCPLUSPLUS} != "no" lib/libproc__L: lib/libcxxrt__L .else # This implies MK_GNUCXX != "no"; see lib/libproc lib/libproc__L: gnu/lib/libsupc++__L .endif .endif gnu/lib/libdialog__L: lib/msun__L lib/ncurses/ncursesw__L .for _lib in ${_prereq_libs} ${_lib}__PL: .PHONY .MAKE .if exists(${.CURDIR}/${_lib}) ${_+_}@${ECHODIR} "===> ${_lib} (obj,depend,all,install)"; \ cd ${.CURDIR}/${_lib}; \ ${MAKE} MK_TESTS=no DIRPRFX=${_lib}/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${MAKE} MK_TESTS=no DIRPRFX=${_lib}/ depend; fi; \ ${MAKE} MK_TESTS=no MK_PROFILE=no -DNO_PIC \ DIRPRFX=${_lib}/ all; \ ${MAKE} MK_TESTS=no MK_PROFILE=no -DNO_PIC \ DIRPRFX=${_lib}/ install .endif .endfor .for _lib in ${_startup_libs} ${_prebuild_libs:Nlib/libpam} ${_generic_libs} ${_lib}__L: .PHONY .MAKE .if exists(${.CURDIR}/${_lib}) ${_+_}@${ECHODIR} "===> ${_lib} (obj,depend,all,install)"; \ cd ${.CURDIR}/${_lib}; \ ${MAKE} MK_TESTS=no DIRPRFX=${_lib}/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${MAKE} MK_TESTS=no DIRPRFX=${_lib}/ depend; fi; \ ${MAKE} MK_TESTS=no DIRPRFX=${_lib}/ all; \ ${MAKE} MK_TESTS=no DIRPRFX=${_lib}/ install .endif .endfor # libpam is special: we need to build static PAM modules before # static PAM library, and dynamic PAM library before dynamic PAM # modules. lib/libpam__L: .PHONY .MAKE ${_+_}@${ECHODIR} "===> lib/libpam (obj,depend,all,install)"; \ cd ${.CURDIR}/lib/libpam; \ ${MAKE} MK_TESTS=no DIRPRFX=lib/libpam/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${MAKE} MK_TESTS=no DIRPRFX=lib/libpam/ depend; fi; \ ${MAKE} MK_TESTS=no DIRPRFX=lib/libpam/ \ -D_NO_LIBPAM_SO_YET all; \ ${MAKE} MK_TESTS=no DIRPRFX=lib/libpam/ \ -D_NO_LIBPAM_SO_YET install _prereq_libs: ${_prereq_libs:S/$/__PL/} _startup_libs: ${_startup_libs:S/$/__L/} _prebuild_libs: ${_prebuild_libs:S/$/__L/} _generic_libs: ${_generic_libs:S/$/__L/} # Enable SUBDIR_PARALLEL when not calling 'make all', unless called from # 'everything' with _PARALLEL_SUBDIR_OK set. This is because it is unlikely # that running 'make all' from the top-level, especially with a SUBDIR_OVERRIDE # or LOCAL_DIRS set, will have a reliable build if SUBDIRs are built in # parallel. This is safe for the world stage of buildworld though since it has # already built libraries in a proper order and installed includes into # WORLDTMP. Special handling is done for SUBDIR ordering for 'install*' to # avoid trashing a system if it crashes mid-install. .if !make(all) || defined(_PARALLEL_SUBDIR_OK) SUBDIR_PARALLEL= .endif .include .if make(check-old) || make(check-old-dirs) || \ make(check-old-files) || make(check-old-libs) || \ make(delete-old) || make(delete-old-dirs) || \ make(delete-old-files) || make(delete-old-libs) # # check for / delete old files section # .include "ObsoleteFiles.inc" OLD_LIBS_MESSAGE="Please be sure no application still uses those libraries, \ else you can not start such an application. Consult UPDATING for more \ information regarding how to cope with the removal/revision bump of a \ specific library." .if !defined(BATCH_DELETE_OLD_FILES) RM_I=-i .else RM_I=-v .endif delete-old-files: @echo ">>> Removing old files (only deletes safe to delete libs)" # Ask for every old file if the user really wants to remove it. # It's annoying, but better safe than sorry. # NB: We cannot pass the list of OLD_FILES as a parameter because the # argument list will get too long. Using .for/.endfor make "loops" will make # the Makefile parser segfault. @exec 3<&0; \ cd ${.CURDIR}; \ ${MAKE} -f ${.CURDIR}/Makefile.inc1 ${.MAKEFLAGS} ${.TARGET} \ -V OLD_FILES -V "OLD_FILES:Musr/share/*.gz:R" | xargs -n1 | \ while read file; do \ if [ -f "${DESTDIR}/$${file}" -o -L "${DESTDIR}/$${file}" ]; then \ chflags noschg "${DESTDIR}/$${file}" 2>/dev/null || true; \ rm ${RM_I} "${DESTDIR}/$${file}" <&3; \ fi; \ for ext in debug symbols; do \ if ! [ -e "${DESTDIR}/$${file}" ] && [ -f \ "${DESTDIR}${DEBUGDIR}/$${file}.$${ext}" ]; then \ rm ${RM_I} "${DESTDIR}${DEBUGDIR}/$${file}.$${ext}" \ <&3; \ fi; \ done; \ done # Remove catpages without corresponding manpages. @exec 3<&0; \ find ${DESTDIR}/usr/share/man/cat* ! -type d | \ sed -ep -e's:${DESTDIR}/usr/share/man/cat:${DESTDIR}/usr/share/man/man:' | \ while read catpage; do \ read manpage; \ if [ ! -e "$${manpage}" ]; then \ rm ${RM_I} $${catpage} <&3; \ fi; \ done @echo ">>> Old files removed" check-old-files: @echo ">>> Checking for old files" @cd ${.CURDIR}; \ ${MAKE} -f ${.CURDIR}/Makefile.inc1 ${.MAKEFLAGS} ${.TARGET} \ -V OLD_FILES -V "OLD_FILES:Musr/share/*.gz:R" | xargs -n1 | \ while read file; do \ if [ -f "${DESTDIR}/$${file}" -o -L "${DESTDIR}/$${file}" ]; then \ echo "${DESTDIR}/$${file}"; \ fi; \ for ext in debug symbols; do \ if [ -f "${DESTDIR}${DEBUGDIR}/$${file}.$${ext}" ]; then \ echo "${DESTDIR}${DEBUGDIR}/$${file}.$${ext}"; \ fi; \ done; \ done # Check for catpages without corresponding manpages. @find ${DESTDIR}/usr/share/man/cat* ! -type d | \ sed -ep -e's:${DESTDIR}/usr/share/man/cat:${DESTDIR}/usr/share/man/man:' | \ while read catpage; do \ read manpage; \ if [ ! -e "$${manpage}" ]; then \ echo $${catpage}; \ fi; \ done delete-old-libs: @echo ">>> Removing old libraries" @echo "${OLD_LIBS_MESSAGE}" | fmt @exec 3<&0; \ cd ${.CURDIR}; \ ${MAKE} -f ${.CURDIR}/Makefile.inc1 ${.MAKEFLAGS} ${.TARGET} \ -V OLD_LIBS | xargs -n1 | \ while read file; do \ if [ -f "${DESTDIR}/$${file}" -o -L "${DESTDIR}/$${file}" ]; then \ chflags noschg "${DESTDIR}/$${file}" 2>/dev/null || true; \ rm ${RM_I} "${DESTDIR}/$${file}" <&3; \ fi; \ for ext in debug symbols; do \ if ! [ -e "${DESTDIR}/$${file}" ] && [ -f \ "${DESTDIR}${DEBUGDIR}/$${file}.$${ext}" ]; then \ rm ${RM_I} "${DESTDIR}${DEBUGDIR}/$${file}.$${ext}" \ <&3; \ fi; \ done; \ done @echo ">>> Old libraries removed" check-old-libs: @echo ">>> Checking for old libraries" @cd ${.CURDIR}; \ ${MAKE} -f ${.CURDIR}/Makefile.inc1 ${.MAKEFLAGS} ${.TARGET} \ -V OLD_LIBS | xargs -n1 | \ while read file; do \ if [ -f "${DESTDIR}/$${file}" -o -L "${DESTDIR}/$${file}" ]; then \ echo "${DESTDIR}/$${file}"; \ fi; \ for ext in debug symbols; do \ if [ -f "${DESTDIR}${DEBUGDIR}/$${file}.$${ext}" ]; then \ echo "${DESTDIR}${DEBUGDIR}/$${file}.$${ext}"; \ fi; \ done; \ done delete-old-dirs: @echo ">>> Removing old directories" @cd ${.CURDIR}; \ ${MAKE} -f ${.CURDIR}/Makefile.inc1 ${.MAKEFLAGS} ${.TARGET} \ -V OLD_DIRS | xargs -n1 | sort -r | \ while read dir; do \ if [ -d "${DESTDIR}/$${dir}" ]; then \ rmdir -v "${DESTDIR}/$${dir}" || true; \ elif [ -L "${DESTDIR}/$${dir}" ]; then \ echo "${DESTDIR}/$${dir} is a link, please remove everything manually."; \ fi; \ done @echo ">>> Old directories removed" check-old-dirs: @echo ">>> Checking for old directories" @cd ${.CURDIR}; \ ${MAKE} -f ${.CURDIR}/Makefile.inc1 ${.MAKEFLAGS} ${.TARGET} \ -V OLD_DIRS | xargs -n1 | \ while read dir; do \ if [ -d "${DESTDIR}/$${dir}" ]; then \ echo "${DESTDIR}/$${dir}"; \ elif [ -L "${DESTDIR}/$${dir}" ]; then \ echo "${DESTDIR}/$${dir} is a link, please remove everything manually."; \ fi; \ done delete-old: delete-old-files delete-old-dirs @echo "To remove old libraries run '${MAKE} delete-old-libs'." check-old: check-old-files check-old-libs check-old-dirs @echo "To remove old files and directories run '${MAKE} delete-old'." @echo "To remove old libraries run '${MAKE} delete-old-libs'." .endif # # showconfig - show build configuration. # showconfig: @(${MAKE} -n -f ${.CURDIR}/sys/conf/kern.opts.mk -V dummy -dg1; \ ${MAKE} -n -f ${.CURDIR}/share/mk/src.opts.mk -V dummy -dg1) 2>&1 | grep ^MK_ | sort -u .if !empty(KRNLOBJDIR) && !empty(KERNCONF) DTBOUTPUTPATH= ${KRNLOBJDIR}/${KERNCONF}/ .if !defined(FDT_DTS_FILE) || empty(FDT_DTS_FILE) .if exists(${KERNCONFDIR}/${KERNCONF}) FDT_DTS_FILE!= awk 'BEGIN {FS="="} /^makeoptions[[:space:]]+FDT_DTS_FILE/ {print $$2}' \ '${KERNCONFDIR}/${KERNCONF}' ; echo .endif .endif .endif .if !defined(DTBOUTPUTPATH) || !exists(${DTBOUTPUTPATH}) DTBOUTPUTPATH= ${.CURDIR} .endif # # Build 'standalone' Device Tree Blob # builddtb: @PATH=${TMPPATH} MACHINE=${TARGET} \ ${.CURDIR}/sys/tools/fdt/make_dtb.sh ${.CURDIR}/sys \ "${FDT_DTS_FILE}" ${DTBOUTPUTPATH} ############### # cleanworld # In the following, the first 'rm' in a series will usually remove all # files and directories. If it does not, then there are probably some # files with file flags set, so this unsets them and tries the 'rm' a # second time. There are situations where this target will be cleaning # some directories via more than one method, but that duplication is # needed to correctly handle all the possible situations. Removing all # files without file flags set in the first 'rm' instance saves time, # because 'chflags' will need to operate on fewer files afterwards. # # It is expected that BW_CANONICALOBJDIR == the CANONICALOBJDIR as would be # created by bsd.obj.mk, except that we don't want to .include that file # in this makefile. # BW_CANONICALOBJDIR:=${OBJTREE}${.CURDIR} cleanworld: .PHONY .if exists(${BW_CANONICALOBJDIR}/) -rm -rf ${BW_CANONICALOBJDIR}/* -chflags -R 0 ${BW_CANONICALOBJDIR} rm -rf ${BW_CANONICALOBJDIR}/* .endif .if ${.CURDIR} == ${.OBJDIR} || ${.CURDIR}/obj == ${.OBJDIR} # To be safe in this case, fall back to a 'make cleandir' ${_+_}@cd ${.CURDIR}; ${MAKE} cleandir .endif .if defined(TARGET) && defined(TARGET_ARCH) .if ${TARGET} == ${MACHINE} && ${TARGET_ARCH} == ${MACHINE_ARCH} XDEV_CPUTYPE?=${CPUTYPE} .else XDEV_CPUTYPE?=${TARGET_CPUTYPE} .endif NOFUN=-DNO_FSCHG MK_HTML=no -DNO_LINT \ MK_MAN=no MK_NLS=no MK_PROFILE=no \ MK_KERBEROS=no MK_RESCUE=no MK_TESTS=no MK_WARNS=no \ TARGET=${TARGET} TARGET_ARCH=${TARGET_ARCH} \ CPUTYPE=${XDEV_CPUTYPE} XDDIR=${TARGET_ARCH}-freebsd XDTP?=/usr/${XDDIR} .if ${XDTP:N/*} .error XDTP variable should be an absolute path .endif CDBENV=MAKEOBJDIRPREFIX=${MAKEOBJDIRPREFIX}/${XDDIR} \ INSTALL="sh ${.CURDIR}/tools/install.sh" CDENV= ${CDBENV} \ TOOLS_PREFIX=${XDTP} CD2CFLAGS=-isystem ${XDDESTDIR}/usr/include -L${XDDESTDIR}/usr/lib \ --sysroot=${XDDESTDIR}/ -B${XDDESTDIR}/usr/libexec \ -B${XDDESTDIR}/usr/bin -B${XDDESTDIR}/usr/lib CD2ENV=${CDENV} CC="${CC} ${CD2CFLAGS}" CXX="${CXX} ${CD2CFLAGS}" \ CPP="${CPP} ${CD2CFLAGS}" \ MACHINE=${TARGET} MACHINE_ARCH=${TARGET_ARCH} CDTMP= ${MAKEOBJDIRPREFIX}/${XDDIR}/${.CURDIR}/tmp CDMAKE=${CDENV} PATH=${CDTMP}/usr/bin:${PATH} ${MAKE} ${NOFUN} CD2MAKE=${CD2ENV} PATH=${CDTMP}/usr/bin:${XDDESTDIR}/usr/bin:${PATH} ${MAKE} ${NOFUN} XDDESTDIR=${DESTDIR}/${XDTP} .if !defined(OSREL) OSREL!= uname -r | sed -e 's/[-(].*//' .endif .ORDER: xdev-build xdev-install xdev-links xdev: xdev-build xdev-install .ORDER: _xb-worldtmp _xb-bootstrap-tools _xb-build-tools _xb-cross-tools xdev-build: _xb-worldtmp _xb-bootstrap-tools _xb-build-tools _xb-cross-tools _xb-worldtmp: .PHONY mkdir -p ${CDTMP}/usr mtree -deU -f ${.CURDIR}/etc/mtree/BSD.usr.dist \ -p ${CDTMP}/usr >/dev/null _xb-bootstrap-tools: .PHONY .for _tool in \ ${_clang_tblgen} \ ${_gperf} ${_+_}@${ECHODIR} "===> ${_tool} (obj,depend,all,install)"; \ cd ${.CURDIR}/${_tool}; \ ${CDMAKE} DIRPRFX=${_tool}/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${CDMAKE} DIRPRFX=${_tool}/ depend; fi; \ ${CDMAKE} DIRPRFX=${_tool}/ all; \ ${CDMAKE} DIRPRFX=${_tool}/ DESTDIR=${CDTMP} install .endfor _xb-build-tools: .PHONY ${_+_}@cd ${.CURDIR}; \ ${CDBENV} ${MAKE} -f Makefile.inc1 ${NOFUN} build-tools _xb-cross-tools: .PHONY .for _tool in \ ${_binutils} \ ${_elftctools} \ usr.bin/ar \ ${_clang_libs} \ ${_clang} \ ${_cc} ${_+_}@${ECHODIR} "===> xdev ${_tool} (obj,depend,all)"; \ cd ${.CURDIR}/${_tool}; \ ${CDMAKE} DIRPRFX=${_tool}/ obj; \ if [ -z "${NO_DEPEND}" ]; then ${CDMAKE} DIRPRFX=${_tool}/ depend; fi; \ ${CDMAKE} DIRPRFX=${_tool}/ all .endfor _xi-mtree: .PHONY ${_+_}@${ECHODIR} "mtree populating ${XDDESTDIR}" mkdir -p ${XDDESTDIR} mtree -deU -f ${.CURDIR}/etc/mtree/BSD.root.dist \ -p ${XDDESTDIR} >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.usr.dist \ -p ${XDDESTDIR}/usr >/dev/null mtree -deU -f ${.CURDIR}/etc/mtree/BSD.include.dist \ -p ${XDDESTDIR}/usr/include >/dev/null .if ${MK_LIB32} != "no" mtree -deU -f ${.CURDIR}/etc/mtree/BSD.lib32.dist \ -p ${XDDESTDIR}/usr >/dev/null .endif .if ${MK_TESTS} != "no" mkdir -p ${XDDESTDIR}${TESTSBASE} mtree -deU -f ${.CURDIR}/etc/mtree/BSD.tests.dist \ -p ${XDDESTDIR}${TESTSBASE} >/dev/null .endif .ORDER: xdev-build _xi-mtree _xi-cross-tools _xi-includes _xi-libraries xdev-install: xdev-build _xi-mtree _xi-cross-tools _xi-includes _xi-libraries _xi-cross-tools: .PHONY @echo "_xi-cross-tools" .for _tool in \ ${_binutils} \ ${_elftctools} \ usr.bin/ar \ ${_clang_libs} \ ${_clang} \ ${_cc} ${_+_}@${ECHODIR} "===> xdev ${_tool} (install)"; \ cd ${.CURDIR}/${_tool}; \ ${CDMAKE} DIRPRFX=${_tool}/ install DESTDIR=${XDDESTDIR} .endfor _xi-includes: .PHONY ${_+_}cd ${.CURDIR}; ${CD2MAKE} -f Makefile.inc1 includes \ DESTDIR=${XDDESTDIR} _xi-libraries: .PHONY ${_+_}cd ${.CURDIR}; ${CD2MAKE} -f Makefile.inc1 libraries \ DESTDIR=${XDDESTDIR} xdev-links: .PHONY ${_+_}cd ${XDDESTDIR}/usr/bin; \ mkdir -p ../../../../usr/bin; \ for i in *; do \ ln -sf ../../${XDTP}/usr/bin/$$i \ ../../../../usr/bin/${XDDIR}-$$i; \ ln -sf ../../${XDTP}/usr/bin/$$i \ ../../../../usr/bin/${XDDIR}${OSREL}-$$i; \ done .else xdev xdev-build xdev-install xdev-links: @echo "*** Error: Both TARGET and TARGET_ARCH must be defined for \"${.TARGET}\" target" .endif Index: head/ObsoleteFiles.inc =================================================================== --- head/ObsoleteFiles.inc (revision 296046) +++ head/ObsoleteFiles.inc (revision 296047) @@ -1,8060 +1,8079 @@ # # $FreeBSD$ # # This file lists old files (OLD_FILES), libraries (OLD_LIBS) and # directories (OLD_DIRS) which should get removed at an update. Recently # removed entries first (with the date as a comment). Dynamic libraries are # special cased (OLD_LIBS). Static libraries or the generic links to # the dynamic libraries (lib*.so) should (if you don't know why to make an # exception, make this a "must") be viewed as normal files (OLD_FILES). # # In case of a complete directory hierarchy the sorting is in depth first # order. # # The file is partitioned: OLD_FILES first, then OLD_LIBS and OLD_DIRS last. # # Before you commit changes to this file please check if any entries in # tools/build/mk/OptionalObsoleteFiles.inc can be removed. The following # command tells which files are listed more than once regardless of some # architecture specific conditionals, so you can not blindly trust the # output: # ( grep '+=' /usr/src/ObsoleteFiles.inc | sort -u ; \ # grep '+=' /usr/src/tools/build/mk/OptionalObsoleteFiles.inc | sort -u) | \ # sort | uniq -d # # To find regular duplicates not dependant on optional components, you can # also use something that will not give you false positives, e.g.: # for t in `make -V TARGETS universe`; do # __MAKE_CONF=/dev/null make -f Makefile.inc1 TARGET=$t \ # -V OLD_FILES -V OLD_LIBS -V OLD_DIRS check-old | \ # xargs -n1 | sort | uniq -d; # done # # For optional components, you can use the following to see if some entries # in OptionalObsoleteFiles.inc have been obsoleted by ObsoleteFiles.inc # for o in tools/build/options/WITH*; do # __MAKE_CONF=/dev/null make -f Makefile.inc1 -D${o##*/} \ # -V OLD_FILES -V OLD_LIBS -V OLD_DIRS check-old | \ # xargs -n1 | sort | uniq -d; # done +# 20160225: Remove casperd and libcapsicum. +OLD_FILES+=sbin/casperd +OLD_FILES+=etc/rc.d/casperd +OLD_FILES+=usr/share/man/man8/casperd.8.gz +OLD_FILES+=usr/include/libcapsicum.h +OLD_FILES+=usr/include/libcapsicum_service.h +OLD_FILES+=usr/include/libcapsicum.h +OLD_FILES+=usr/share/man/man3/libcapsicum.3.gz +OLD_FILES+=usr/include/libcapsicum_dns.h +OLD_FILES+=usr/include/libcapsicum_grp.h +OLD_FILES+=usr/include/libcapsicum_impl.h +OLD_FILES+=usr/include/libcapsicum_pwd.h +OLD_FILES+=usr/include/libcapsicum_random.h +OLD_FILES+=usr/include/libcapsicum_sysctl.h +OLD_FILES+=libexec/casper/dns +OLD_FILES+=libexec/casper/grp +OLD_FILES+=libexec/casper/pwd +OLD_FILES+=libexec/casper/random +OLD_FILES+=libexec/casper/sysctl # 20160223: functionality from mkulzma(1) merged into mkuzip(1) OLD_FILES+=usr/bin/mkulzma # 20160211: Remove obsolete unbound-control-setup OLD_FILES+=usr/sbin/unbound-control-setup # 20160116: Update mandoc to cvs snapshot 20160116 OLD_FILES+=usr/share/mdocml/example.style.css OLD_FILES+=usr/share/mdocml/style.css OLD_DIRS+=usr/share/mdocml # 20151225: new clang import which bumps version from 3.7.0 to 3.7.1. OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/allocator_interface.h OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/asan_interface.h OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/common_interface_defs.h OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/coverage_interface.h OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/dfsan_interface.h OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/linux_syscall_hooks.h OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/lsan_interface.h OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/msan_interface.h OLD_FILES+=usr/lib/clang/3.7.0/include/sanitizer/tsan_interface_atomic.h OLD_DIRS+=usr/lib/clang/3.7.0/include/sanitizer OLD_FILES+=usr/lib/clang/3.7.0/include/__stddef_max_align_t.h OLD_FILES+=usr/lib/clang/3.7.0/include/__wmmintrin_aes.h OLD_FILES+=usr/lib/clang/3.7.0/include/__wmmintrin_pclmul.h OLD_FILES+=usr/lib/clang/3.7.0/include/adxintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/altivec.h OLD_FILES+=usr/lib/clang/3.7.0/include/ammintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/arm_acle.h OLD_FILES+=usr/lib/clang/3.7.0/include/arm_neon.h OLD_FILES+=usr/lib/clang/3.7.0/include/avx2intrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/avx512bwintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/avx512cdintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/avx512dqintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/avx512erintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/avx512fintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/avx512vlbwintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/avx512vldqintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/avx512vlintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/avxintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/bmi2intrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/bmiintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/cpuid.h OLD_FILES+=usr/lib/clang/3.7.0/include/cuda_builtin_vars.h OLD_FILES+=usr/lib/clang/3.7.0/include/emmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/f16cintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/fma4intrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/fmaintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/fxsrintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/htmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/htmxlintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/ia32intrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/immintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/lzcntintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/mm3dnow.h OLD_FILES+=usr/lib/clang/3.7.0/include/mm_malloc.h OLD_FILES+=usr/lib/clang/3.7.0/include/mmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/module.modulemap OLD_FILES+=usr/lib/clang/3.7.0/include/nmmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/pmmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/popcntintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/prfchwintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/rdseedintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/rtmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/s390intrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/shaintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/smmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/tbmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/tmmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/vadefs.h OLD_FILES+=usr/lib/clang/3.7.0/include/vecintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/wmmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/x86intrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/xmmintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/xopintrin.h OLD_FILES+=usr/lib/clang/3.7.0/include/xtestintrin.h OLD_DIRS+=usr/lib/clang/3.7.0/include OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.asan-i386.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.asan-preinit-i386.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.asan-preinit-x86_64.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.asan-x86_64.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.asan_cxx-i386.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.asan_cxx-x86_64.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.profile-arm.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.profile-i386.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.profile-x86_64.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.safestack-i386.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.safestack-x86_64.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.ubsan_standalone-i386.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.ubsan_standalone-x86_64.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.ubsan_standalone_cxx-i386.a OLD_FILES+=usr/lib/clang/3.7.0/lib/freebsd/libclang_rt.ubsan_standalone_cxx-x86_64.a OLD_DIRS+=usr/lib/clang/3.7.0/lib/freebsd OLD_DIRS+=usr/lib/clang/3.7.0/lib OLD_DIRS+=usr/lib/clang/3.7.0 # 20151130: libelf moved from /usr/lib to /lib (libkvm dependency in r291406) OLD_LIBS+=usr/lib/libelf.so.2 # 20151115: Fox bad upgrade scheme OLD_FILES+=usr/share/locale/zh_CN.GB18030/zh_Hans_CN.GB18030 OLD_FILES+=usr/share/locale/zh_CN.GB2312/zh_Hans_CN.GB2312 OLD_FILES+=usr/share/locale/zh_CN.GBK/zh_Hans_CN.GBK OLD_FILES+=usr/share/locale/zh_CN.UTF-8/zh_Hans_CN.UTF-8 OLD_FILES+=usr/share/locale/zh_CN.eucCN/zh_Hans_CN.eucCN OLD_FILES+=usr/share/locale/zh_TW.Big5/zh_Hant_TW.Big5 OLD_FILES+=usr/share/locale/zh_TW.UTF-8/zh_Hant_TW.UTF-8 # 20151107: String collation improvements OLD_FILES+=usr/share/locale/UTF-8/LC_CTYPE OLD_DIRS+=usr/share/locale/UTF-8 OLD_FILES+=usr/share/locale/kk_KZ.PT154/LC_COLLATE OLD_FILES+=usr/share/locale/kk_KZ.PT154/LC_CTYPE OLD_FILES+=usr/share/locale/kk_KZ.PT154/LC_MESSAGES OLD_FILES+=usr/share/locale/kk_KZ.PT154/LC_MONETARY OLD_FILES+=usr/share/locale/kk_KZ.PT154/LC_NUMERIC OLD_FILES+=usr/share/locale/kk_KZ.PT154/LC_TIME OLD_DIRS+=usr/share/locale/kk_KZ.PT154/ OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_COLLATE OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_CTYPE OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_MESSAGES OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_MONETARY OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_NUMERIC OLD_FILES+=usr/share/locale/kk_KZ.UTF-8/LC_TIME OLD_DIRS+=usr/share/locale/kk_KZ.UTF-8 OLD_FILES+=usr/share/locale/la_LN.ISO8859-1/LC_COLLATE OLD_FILES+=usr/share/locale/la_LN.ISO8859-1/LC_CTYPE OLD_FILES+=usr/share/locale/la_LN.ISO8859-1/LC_TIME OLD_DIRS+=usr/share/locale/la_LN.ISO8859-1 OLD_FILES+=usr/share/locale/la_LN.ISO8859-13/LC_COLLATE OLD_FILES+=usr/share/locale/la_LN.ISO8859-13/LC_CTYPE OLD_DIRS+=usr/share/locale/la_LN.ISO8859-13 OLD_FILES+=usr/share/locale/la_LN.ISO8859-15/LC_COLLATE OLD_FILES+=usr/share/locale/la_LN.ISO8859-15/LC_CTYPE OLD_FILES+=usr/share/locale/la_LN.ISO8859-15/LC_TIME OLD_DIRS+=usr/share/locale/la_LN.ISO8859-15 OLD_FILES+=usr/share/locale/la_LN.ISO8859-2/LC_COLLATE OLD_FILES+=usr/share/locale/la_LN.ISO8859-2/LC_CTYPE OLD_FILES+=usr/share/locale/la_LN.ISO8859-2/LC_TIME OLD_DIRS+=usr/share/locale/la_LN.ISO8859-2 OLD_FILES+=usr/share/locale/la_LN.ISO8859-4/LC_COLLATE OLD_FILES+=usr/share/locale/la_LN.ISO8859-4/LC_CTYPE OLD_FILES+=usr/share/locale/la_LN.ISO8859-4/LC_TIME OLD_DIRS+=usr/share/locale/la_LN.ISO8859-4 OLD_FILES+=usr/share/locale/la_LN.US-ASCII/LC_COLLATE OLD_FILES+=usr/share/locale/la_LN.US-ASCII/LC_CTYPE OLD_FILES+=usr/share/locale/la_LN.US-ASCII/LC_TIME OLD_DIRS+=usr/share/locale/la_LN.US-ASCII OLD_FILES+=usr/share/locale/lt_LT.ISO8859-4/LC_MESSAGES OLD_FILES+=usr/share/locale/lt_LT.ISO8859-4/LC_TIME OLD_FILES+=usr/share/locale/lt_LT.ISO8859-4/LC_COLLATE OLD_FILES+=usr/share/locale/lt_LT.ISO8859-4/LC_MONETARY OLD_FILES+=usr/share/locale/lt_LT.ISO8859-4/LC_CTYPE OLD_FILES+=usr/share/locale/lt_LT.ISO8859-4/LC_NUMERIC OLD_DIRS+=usr/share/locale/lt_LT.ISO8859-4 OLD_FILES+=usr/share/locale/mn_MN.UTF-8/LC_COLLATE OLD_FILES+=usr/share/locale/mn_MN.UTF-8/LC_CTYPE OLD_FILES+=usr/share/locale/mn_MN.UTF-8/LC_MESSAGES OLD_FILES+=usr/share/locale/mn_MN.UTF-8/LC_MONETARY OLD_FILES+=usr/share/locale/mn_MN.UTF-8/LC_NUMERIC OLD_FILES+=usr/share/locale/mn_MN.UTF-8/LC_TIME OLD_DIRS+=usr/share/locale/mn_MN.UTF-8 OLD_FILES+=usr/share/locale/no_NO.ISO8859-1/LC_COLLATE OLD_FILES+=usr/share/locale/no_NO.ISO8859-1/LC_CTYPE OLD_FILES+=usr/share/locale/no_NO.ISO8859-1/LC_MESSAGES OLD_FILES+=usr/share/locale/no_NO.ISO8859-1/LC_MONETARY OLD_FILES+=usr/share/locale/no_NO.ISO8859-1/LC_NUMERIC OLD_FILES+=usr/share/locale/no_NO.ISO8859-1/LC_TIME OLD_DIRS+=usr/share/locale/no_NO.ISO8859-1 OLD_FILES+=usr/share/locale/no_NO.ISO8859-15/LC_COLLATE OLD_FILES+=usr/share/locale/no_NO.ISO8859-15/LC_CTYPE OLD_FILES+=usr/share/locale/no_NO.ISO8859-15/LC_MESSAGES OLD_FILES+=usr/share/locale/no_NO.ISO8859-15/LC_MONETARY OLD_FILES+=usr/share/locale/no_NO.ISO8859-15/LC_NUMERIC OLD_FILES+=usr/share/locale/no_NO.ISO8859-15/LC_TIME OLD_DIRS+=usr/share/locale/no_NO.ISO8859-15 OLD_FILES+=usr/share/locale/no_NO.UTF-8/LC_COLLATE OLD_FILES+=usr/share/locale/no_NO.UTF-8/LC_CTYPE OLD_FILES+=usr/share/locale/no_NO.UTF-8/LC_MESSAGES OLD_FILES+=usr/share/locale/no_NO.UTF-8/LC_MONETARY OLD_FILES+=usr/share/locale/no_NO.UTF-8/LC_NUMERIC OLD_FILES+=usr/share/locale/no_NO.UTF-8/LC_TIME OLD_DIRS+=usr/share/locale/no_NO.UTF-8 OLD_FILES+=usr/share/locale/sr_YU.ISO8859-2/LC_COLLATE OLD_FILES+=usr/share/locale/sr_YU.ISO8859-2/LC_TIME OLD_FILES+=usr/share/locale/sr_YU.ISO8859-2/LC_CTYPE OLD_FILES+=usr/share/locale/sr_YU.ISO8859-2/LC_MESSAGES OLD_FILES+=usr/share/locale/sr_YU.ISO8859-2/LC_NUMERIC OLD_FILES+=usr/share/locale/sr_YU.ISO8859-2/LC_MONETARY OLD_DIRS+=usr/share/locale/sr_YU.ISO8859-2 OLD_FILES+=usr/share/locale/sr_YU.ISO8859-5/LC_COLLATE OLD_FILES+=usr/share/locale/sr_YU.ISO8859-5/LC_MONETARY OLD_FILES+=usr/share/locale/sr_YU.ISO8859-5/LC_NUMERIC OLD_FILES+=usr/share/locale/sr_YU.ISO8859-5/LC_CTYPE OLD_FILES+=usr/share/locale/sr_YU.ISO8859-5/LC_TIME OLD_FILES+=usr/share/locale/sr_YU.ISO8859-5/LC_MESSAGES OLD_DIRS+=usr/share/locale/sr_YU.ISO8859-5 OLD_FILES+=usr/share/locale/sr_YU.UTF-8/LC_COLLATE OLD_FILES+=usr/share/locale/sr_YU.UTF-8/LC_MONETARY OLD_FILES+=usr/share/locale/sr_YU.UTF-8/LC_CTYPE OLD_FILES+=usr/share/locale/sr_YU.UTF-8/LC_TIME OLD_FILES+=usr/share/locale/sr_YU.UTF-8/LC_NUMERIC OLD_FILES+=usr/share/locale/sr_YU.UTF-8/LC_MESSAGES OLD_DIRS+=usr/share/locale/sr_YU.UTF-8 # 20151101: added missing _test suffix on multiple tests in lib/libc OLD_FILES+=usr/tests/lib/libc/c063/faccessat OLD_FILES+=usr/tests/lib/libc/c063/fchmodat OLD_FILES+=usr/tests/lib/libc/c063/fchownat OLD_FILES+=usr/tests/lib/libc/c063/fexecve OLD_FILES+=usr/tests/lib/libc/c063/fstatat OLD_FILES+=usr/tests/lib/libc/c063/linkat OLD_FILES+=usr/tests/lib/libc/c063/mkdirat OLD_FILES+=usr/tests/lib/libc/c063/mkfifoat OLD_FILES+=usr/tests/lib/libc/c063/mknodat OLD_FILES+=usr/tests/lib/libc/c063/openat OLD_FILES+=usr/tests/lib/libc/c063/readlinkat OLD_FILES+=usr/tests/lib/libc/c063/renameat OLD_FILES+=usr/tests/lib/libc/c063/symlinkat OLD_FILES+=usr/tests/lib/libc/c063/unlinkat OLD_FILES+=usr/tests/lib/libc/c063/utimensat OLD_FILES+=usr/tests/lib/libc/string/memchr OLD_FILES+=usr/tests/lib/libc/string/memcpy OLD_FILES+=usr/tests/lib/libc/string/memmem OLD_FILES+=usr/tests/lib/libc/string/memset OLD_FILES+=usr/tests/lib/libc/string/strcat OLD_FILES+=usr/tests/lib/libc/string/strchr OLD_FILES+=usr/tests/lib/libc/string/strcmp OLD_FILES+=usr/tests/lib/libc/string/strcpy OLD_FILES+=usr/tests/lib/libc/string/strcspn OLD_FILES+=usr/tests/lib/libc/string/strerror OLD_FILES+=usr/tests/lib/libc/string/strlen OLD_FILES+=usr/tests/lib/libc/string/strpbrk OLD_FILES+=usr/tests/lib/libc/string/strrchr OLD_FILES+=usr/tests/lib/libc/string/strspn OLD_FILES+=usr/tests/lib/libc/string/swab # 20151101: 430.status-rwho was renamed to 430.status-uptime OLD_FILES+=etc/periodic/daily/430.status-rwho # 20151030: OpenSSL 1.0.2d import OLD_FILES+=usr/share/openssl/man/man3/CMS_set1_signer_certs.3.gz OLD_FILES+=usr/share/openssl/man/man3/EVP_PKEY_ctrl.3.gz OLD_FILES+=usr/share/openssl/man/man3/EVP_PKEY_ctrl_str.3.gz OLD_FILES+=usr/share/openssl/man/man3/d2i_509_CRL_fp.3.gz OLD_LIBS+=lib/libcrypto.so.7 OLD_LIBS+=usr/lib/libssl.so.7 OLD_LIBS+=usr/lib32/libcrypto.so.7 OLD_LIBS+=usr/lib32/libssl.so.7 # 20151015: test symbols moved to /usr/lib/debug OLD_DIRS+=usr/tests/lib/atf/libatf-c++/.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/.debug/atf_c++_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/.debug/build_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/.debug/check_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/.debug/config_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/.debug/macros_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/.debug/tests_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/.debug/utils_test.debug OLD_DIRS+=usr/tests/lib/atf/libatf-c++/detail/.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/detail/.debug/application_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/detail/.debug/env_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/detail/.debug/exceptions_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/detail/.debug/fs_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/detail/.debug/process_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/detail/.debug/sanity_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/detail/.debug/text_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c++/detail/.debug/version_helper.debug OLD_DIRS+=usr/tests/lib/atf/libatf-c/.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/.debug/atf_c_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/.debug/build_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/.debug/check_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/.debug/config_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/.debug/error_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/.debug/macros_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/.debug/tc_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/.debug/tp_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/.debug/utils_test.debug OLD_DIRS+=usr/tests/lib/atf/libatf-c/detail/.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/dynstr_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/env_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/fs_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/list_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/map_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/process_helpers.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/process_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/sanity_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/text_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/user_test.debug OLD_FILES+=usr/tests/lib/atf/libatf-c/detail/.debug/version_helper.debug OLD_DIRS+=usr/tests/lib/atf/test-programs/.debug OLD_FILES+=usr/tests/lib/atf/test-programs/.debug/c_helpers.debug OLD_FILES+=usr/tests/lib/atf/test-programs/.debug/cpp_helpers.debug OLD_DIRS+=usr/tests/lib/libc/c063/.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/faccessat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/fchmodat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/fchownat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/fexecve.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/fstatat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/linkat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/mkdirat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/mkfifoat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/mknodat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/openat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/readlinkat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/renameat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/symlinkat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/unlinkat.debug OLD_FILES+=usr/tests/lib/libc/c063/.debug/utimensat.debug OLD_DIRS+=usr/tests/lib/libc/db/.debug OLD_FILES+=usr/tests/lib/libc/db/.debug/h_db.debug OLD_DIRS+=usr/tests/lib/libc/gen/.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/alarm_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/arc4random_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/assert_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/basedirname_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/dir_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/floatunditf_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/fnmatch_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/fpclassify2_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/fpclassify_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/fpsetmask_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/fpsetround_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/ftok_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/getcwd_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/getgrent_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/glob_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/humanize_number_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/isnan_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/nice_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/pause_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/raise_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/realpath_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/setdomainname_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/sethostname_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/sleep_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/syslog_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/time_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/ttyname_test.debug OLD_FILES+=usr/tests/lib/libc/gen/.debug/vis_test.debug OLD_DIRS+=usr/tests/lib/libc/gen/execve/.debug OLD_FILES+=usr/tests/lib/libc/gen/execve/.debug/execve_test.debug OLD_DIRS+=usr/tests/lib/libc/gen/posix_spawn/.debug OLD_FILES+=usr/tests/lib/libc/gen/posix_spawn/.debug/fileactions_test.debug OLD_FILES+=usr/tests/lib/libc/gen/posix_spawn/.debug/h_fileactions.debug OLD_FILES+=usr/tests/lib/libc/gen/posix_spawn/.debug/h_spawn.debug OLD_FILES+=usr/tests/lib/libc/gen/posix_spawn/.debug/h_spawnattr.debug OLD_FILES+=usr/tests/lib/libc/gen/posix_spawn/.debug/spawn_test.debug OLD_FILES+=usr/tests/lib/libc/gen/posix_spawn/.debug/spawnattr_test.debug OLD_DIRS+=usr/tests/lib/libc/hash/.debug OLD_FILES+=usr/tests/lib/libc/hash/.debug/h_hash.debug OLD_FILES+=usr/tests/lib/libc/hash/.debug/sha2_test.debug OLD_DIRS+=usr/tests/lib/libc/inet/.debug OLD_FILES+=usr/tests/lib/libc/inet/.debug/inet_network_test.debug OLD_DIRS+=usr/tests/lib/libc/locale/.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/io_test.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/mbrtowc_test.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/mbsnrtowcs_test.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/mbstowcs_test.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/mbtowc_test.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/wcscspn_test.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/wcspbrk_test.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/wcsspn_test.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/wcstod_test.debug OLD_FILES+=usr/tests/lib/libc/locale/.debug/wctomb_test.debug OLD_DIRS+=usr/tests/lib/libc/net/.debug OLD_FILES+=usr/tests/lib/libc/net/.debug/ether_aton_test.debug OLD_FILES+=usr/tests/lib/libc/net/.debug/getprotoent_test.debug OLD_FILES+=usr/tests/lib/libc/net/.debug/h_dns_server.debug OLD_FILES+=usr/tests/lib/libc/net/.debug/h_nsd_recurse.debug OLD_FILES+=usr/tests/lib/libc/net/.debug/h_protoent.debug OLD_FILES+=usr/tests/lib/libc/net/.debug/h_servent.debug OLD_DIRS+=usr/tests/lib/libc/regex/.debug OLD_FILES+=usr/tests/lib/libc/regex/.debug/exhaust_test.debug OLD_FILES+=usr/tests/lib/libc/regex/.debug/h_regex.debug OLD_FILES+=usr/tests/lib/libc/regex/.debug/regex_att_test.debug OLD_DIRS+=usr/tests/lib/libc/ssp/.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_fgets.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_getcwd.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_gets.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_memcpy.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_memmove.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_memset.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_raw.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_read.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_readlink.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_snprintf.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_sprintf.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_stpcpy.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_stpncpy.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_strcat.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_strcpy.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_strncat.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_strncpy.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_vsnprintf.debug OLD_FILES+=usr/tests/lib/libc/ssp/.debug/h_vsprintf.debug OLD_DIRS+=usr/tests/lib/libc/stdio/.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/clearerr_test.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/fflush_test.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/fmemopen2_test.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/fmemopen_test.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/fopen_test.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/fputc_test.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/mktemp_test.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/popen_test.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/printf_test.debug OLD_FILES+=usr/tests/lib/libc/stdio/.debug/scanf_test.debug OLD_DIRS+=usr/tests/lib/libc/stdlib/.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/abs_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/atoi_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/div_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/exit_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/getenv_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/h_getopt.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/h_getopt_long.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/hsearch_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/posix_memalign_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/random_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/strtod_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/strtol_test.debug OLD_FILES+=usr/tests/lib/libc/stdlib/.debug/system_test.debug OLD_DIRS+=usr/tests/lib/libc/string/.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/memchr.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/memcpy.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/memmem.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/memset.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strcat.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strchr.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strcmp.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strcpy.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strcspn.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strerror.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strlen.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strpbrk.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strrchr.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/strspn.debug OLD_FILES+=usr/tests/lib/libc/string/.debug/swab.debug OLD_DIRS+=usr/tests/lib/libc/sys/.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/access_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/chroot_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/clock_gettime_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/connect_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/dup_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/fsync_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/getcontext_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/getgroups_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/getitimer_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/getlogin_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/getpid_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/getrusage_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/getsid_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/gettimeofday_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/issetugid_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/kevent_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/kill_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/link_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/listen_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/mincore_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/mkdir_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/mkfifo_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/mknod_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/mlock_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/mmap_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/mprotect_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/msgctl_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/msgget_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/msgrcv_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/msgsnd_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/msync_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/nanosleep_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/pipe2_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/pipe_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/poll_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/revoke_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/select_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/setrlimit_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/setuid_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/sigaction_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/sigqueue_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/sigtimedwait_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/socketpair_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/stat_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/timer_create_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/truncate_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/ucontext_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/umask_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/unlink_test.debug OLD_FILES+=usr/tests/lib/libc/sys/.debug/write_test.debug OLD_DIRS+=usr/tests/lib/libc/termios/.debug OLD_FILES+=usr/tests/lib/libc/termios/.debug/tcsetpgrp_test.debug OLD_DIRS+=usr/tests/lib/libc/tls/.debug OLD_FILES+=usr/tests/lib/libc/tls/.debug/h_tls_dlopen.so.debug OLD_FILES+=usr/tests/lib/libc/tls/.debug/libh_tls_dynamic.so.1.debug OLD_FILES+=usr/tests/lib/libc/tls/.debug/tls_dlopen_test.debug OLD_FILES+=usr/tests/lib/libc/tls/.debug/tls_dynamic_test.debug OLD_DIRS+=usr/tests/lib/libc/ttyio/.debug OLD_FILES+=usr/tests/lib/libc/ttyio/.debug/ttyio_test.debug OLD_DIRS+=usr/tests/lib/libcrypt/.debug OLD_FILES+=usr/tests/lib/libcrypt/.debug/crypt_tests.debug OLD_DIRS+=usr/tests/lib/libmp/.debug OLD_FILES+=usr/tests/lib/libmp/.debug/legacy_test.debug OLD_DIRS+=usr/tests/lib/libnv/.debug OLD_FILES+=usr/tests/lib/libnv/.debug/dnv_tests.debug OLD_FILES+=usr/tests/lib/libnv/.debug/nv_array_tests.debug OLD_FILES+=usr/tests/lib/libnv/.debug/nv_tests.debug OLD_FILES+=usr/tests/lib/libnv/.debug/nvlist_add_test.debug OLD_FILES+=usr/tests/lib/libnv/.debug/nvlist_exists_test.debug OLD_FILES+=usr/tests/lib/libnv/.debug/nvlist_free_test.debug OLD_FILES+=usr/tests/lib/libnv/.debug/nvlist_get_test.debug OLD_FILES+=usr/tests/lib/libnv/.debug/nvlist_move_test.debug OLD_FILES+=usr/tests/lib/libnv/.debug/nvlist_send_recv_test.debug OLD_DIRS+=usr/tests/lib/libpam/.debug OLD_FILES+=usr/tests/lib/libpam/.debug/t_openpam_ctype.debug OLD_FILES+=usr/tests/lib/libpam/.debug/t_openpam_readlinev.debug OLD_FILES+=usr/tests/lib/libpam/.debug/t_openpam_readword.debug OLD_DIRS+=usr/tests/lib/libproc/.debug OLD_FILES+=usr/tests/lib/libproc/.debug/proc_test.debug OLD_FILES+=usr/tests/lib/libproc/.debug/target_prog.debug OLD_DIRS+=usr/tests/lib/librt/.debug OLD_FILES+=usr/tests/lib/librt/.debug/sched_test.debug OLD_FILES+=usr/tests/lib/librt/.debug/sem_test.debug OLD_DIRS+=usr/tests/lib/libthr/.debug OLD_FILES+=usr/tests/lib/libthr/.debug/barrier_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/cond_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/condwait_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/detach_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/equal_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/fork_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/fpu_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/h_atexit.debug OLD_FILES+=usr/tests/lib/libthr/.debug/h_cancel.debug OLD_FILES+=usr/tests/lib/libthr/.debug/h_exit.debug OLD_FILES+=usr/tests/lib/libthr/.debug/h_resolv.debug OLD_FILES+=usr/tests/lib/libthr/.debug/join_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/kill_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/mutex_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/once_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/preempt_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/rwlock_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/sem_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/siglongjmp_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/sigmask_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/sigsuspend_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/sleep_test.debug OLD_FILES+=usr/tests/lib/libthr/.debug/swapcontext_test.debug OLD_DIRS+=usr/tests/lib/libthr/dlopen/.debug OLD_FILES+=usr/tests/lib/libthr/dlopen/.debug/dlopen_test.debug OLD_FILES+=usr/tests/lib/libthr/dlopen/.debug/h_pthread_dlopen.so.1.debug OLD_FILES+=usr/tests/lib/libthr/dlopen/.debug/main_pthread_create_test.debug OLD_DIRS+=usr/tests/lib/libutil/.debug OLD_FILES+=usr/tests/lib/libutil/.debug/flopen_test.debug OLD_FILES+=usr/tests/lib/libutil/.debug/grp_test.debug OLD_FILES+=usr/tests/lib/libutil/.debug/humanize_number_test.debug OLD_FILES+=usr/tests/lib/libutil/.debug/pidfile_test.debug OLD_FILES+=usr/tests/lib/libutil/.debug/trimdomain-nodomain_test.debug OLD_FILES+=usr/tests/lib/libutil/.debug/trimdomain_test.debug OLD_DIRS+=usr/tests/lib/libxo/.debug OLD_FILES+=usr/tests/lib/libxo/.debug/libenc_test.so.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_01.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_02.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_03.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_04.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_05.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_06.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_07.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_08.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_09.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_10.debug OLD_FILES+=usr/tests/lib/libxo/.debug/test_11.debug OLD_DIRS+=usr/tests/lib/msun/.debug OLD_FILES+=usr/tests/lib/msun/.debug/acos_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/asin_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/atan_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/cbrt_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/ceil_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/cos_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/cosh_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/erf_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/exp_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/fmod_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/infinity_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/ldexp_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/log_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/pow_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/precision_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/round_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/scalbn_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/sin_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/sinh_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/sqrt_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/tan_test.debug OLD_FILES+=usr/tests/lib/msun/.debug/tanh_test.debug OLD_DIRS+=usr/tests/libexec/rtld-elf/.debug OLD_FILES+=usr/tests/libexec/rtld-elf/.debug/ld_library_pathfds.debug OLD_FILES+=usr/tests/libexec/rtld-elf/.debug/libpythagoras.so.0.debug OLD_FILES+=usr/tests/libexec/rtld-elf/.debug/target.debug OLD_DIRS+=usr/tests/sbin/devd/.debug OLD_FILES+=usr/tests/sbin/devd/.debug/client_test.debug OLD_DIRS+=usr/tests/sbin/dhclient/.debug OLD_FILES+=usr/tests/sbin/dhclient/.debug/option-domain-search_test.debug OLD_DIRS+=usr/tests/share/examples/tests/atf/.debug OLD_FILES+=usr/tests/share/examples/tests/atf/.debug/printf_test.debug OLD_DIRS+=usr/tests/share/examples/tests/plain/.debug OLD_FILES+=usr/tests/share/examples/tests/plain/.debug/printf_test.debug OLD_DIRS+=usr/tests/sys/aio/.debug OLD_FILES+=usr/tests/sys/aio/.debug/aio_kqueue_test.debug OLD_FILES+=usr/tests/sys/aio/.debug/aio_test.debug OLD_FILES+=usr/tests/sys/aio/.debug/lio_kqueue_test.debug OLD_DIRS+=usr/tests/sys/fifo/.debug OLD_FILES+=usr/tests/sys/fifo/.debug/fifo_create.debug OLD_FILES+=usr/tests/sys/fifo/.debug/fifo_io.debug OLD_FILES+=usr/tests/sys/fifo/.debug/fifo_misc.debug OLD_FILES+=usr/tests/sys/fifo/.debug/fifo_open.debug OLD_DIRS+=usr/tests/sys/file/.debug OLD_FILES+=usr/tests/sys/file/.debug/closefrom_test.debug OLD_FILES+=usr/tests/sys/file/.debug/dup_test.debug OLD_FILES+=usr/tests/sys/file/.debug/fcntlflags_test.debug OLD_FILES+=usr/tests/sys/file/.debug/flock_helper.debug OLD_FILES+=usr/tests/sys/file/.debug/ftruncate_test.debug OLD_FILES+=usr/tests/sys/file/.debug/newfileops_on_fork_test.debug OLD_DIRS+=usr/tests/sys/kern/.debug OLD_FILES+=usr/tests/sys/kern/.debug/kern_descrip_test.debug OLD_FILES+=usr/tests/sys/kern/.debug/ptrace_test.debug OLD_FILES+=usr/tests/sys/kern/.debug/unix_seqpacket_test.debug OLD_DIRS+=usr/tests/sys/kern/execve/.debug OLD_FILES+=usr/tests/sys/kern/execve/.debug/execve_helper.debug OLD_FILES+=usr/tests/sys/kern/execve/.debug/good_aout.debug OLD_DIRS+=usr/tests/sys/kqueue/.debug OLD_FILES+=usr/tests/sys/kqueue/.debug/kqtest.debug OLD_DIRS+=usr/tests/sys/mqueue/.debug OLD_FILES+=usr/tests/sys/mqueue/.debug/mqtest1.debug OLD_FILES+=usr/tests/sys/mqueue/.debug/mqtest2.debug OLD_FILES+=usr/tests/sys/mqueue/.debug/mqtest3.debug OLD_FILES+=usr/tests/sys/mqueue/.debug/mqtest4.debug OLD_FILES+=usr/tests/sys/mqueue/.debug/mqtest5.debug OLD_DIRS+=usr/tests/sys/netinet/.debug OLD_FILES+=usr/tests/sys/netinet/.debug/udp_dontroute.debug OLD_DIRS+=usr/tests/sys/pjdfstest/.debug OLD_FILES+=usr/tests/sys/pjdfstest/.debug/pjdfstest.debug OLD_DIRS+=usr/tests/sys/vm/.debug OLD_FILES+=usr/tests/sys/vm/.debug/mmap_test.debug # 20151015: Rename files due to file-installed-as-dir bug OLD_FILES+=usr/share/doc/legal/realtek OLD_FILES+=usr/share/doc/legal/realtek/LICENSE OLD_DIRS+=usr/share/doc/legal/realtek OLD_DIRS+=usr/share/doc/legal/intel_ipw OLD_FILES+=usr/share/doc/legal/intel_ipw/LICENSE OLD_FILES+=usr/share/doc/legal/intel_iwn OLD_FILES+=usr/share/doc/legal/intel_iwn/LICENSE OLD_DIRS+=usr/share/doc/legal/intel_iwn OLD_DIRS+=usr/share/doc/legal/intel_iwi OLD_FILES+=usr/share/doc/legal/intel_iwi/LICENSE OLD_DIRS+=usr/share/doc/legal/intel_wpi OLD_FILES+=usr/share/doc/legal/intel_wpi/LICENSE # 20151006: new libc++ import OLD_FILES+=usr/include/c++/__tuple_03 OLD_FILES+=usr/include/c++/v1/__tuple_03 OLD_FILES+=usr/include/c++/v1/tr1/__tuple_03 # 20151006: new clang import which bumps version from 3.6.1 to 3.7.0. OLD_FILES+=usr/lib/clang/3.6.1/include/__stddef_max_align_t.h OLD_FILES+=usr/lib/clang/3.6.1/include/__wmmintrin_aes.h OLD_FILES+=usr/lib/clang/3.6.1/include/__wmmintrin_pclmul.h OLD_FILES+=usr/lib/clang/3.6.1/include/adxintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/altivec.h OLD_FILES+=usr/lib/clang/3.6.1/include/ammintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/arm_acle.h OLD_FILES+=usr/lib/clang/3.6.1/include/arm_neon.h OLD_FILES+=usr/lib/clang/3.6.1/include/avx2intrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/avx512bwintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/avx512erintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/avx512fintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/avx512vlbwintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/avx512vlintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/avxintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/bmi2intrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/bmiintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/cpuid.h OLD_FILES+=usr/lib/clang/3.6.1/include/emmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/f16cintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/fma4intrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/fmaintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/ia32intrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/immintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/lzcntintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/mm3dnow.h OLD_FILES+=usr/lib/clang/3.6.1/include/mm_malloc.h OLD_FILES+=usr/lib/clang/3.6.1/include/mmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/module.modulemap OLD_FILES+=usr/lib/clang/3.6.1/include/nmmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/pmmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/popcntintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/prfchwintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/rdseedintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/rtmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/shaintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/smmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/tbmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/tmmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/wmmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/x86intrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/xmmintrin.h OLD_FILES+=usr/lib/clang/3.6.1/include/xopintrin.h OLD_DIRS+=usr/lib/clang/3.6.1/include OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.asan-i386.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.asan-x86_64.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.asan_cxx-i386.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.asan_cxx-x86_64.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.profile-arm.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.profile-i386.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.profile-x86_64.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.san-i386.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.san-x86_64.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.ubsan-i386.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.ubsan-x86_64.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.ubsan_cxx-i386.a OLD_FILES+=usr/lib/clang/3.6.1/lib/freebsd/libclang_rt.ubsan_cxx-x86_64.a OLD_DIRS+=usr/lib/clang/3.6.1/lib/freebsd OLD_DIRS+=usr/lib/clang/3.6.1/lib OLD_DIRS+=usr/lib/clang/3.6.1 # 20150928: unused sgsmsg utility is removed OLD_FILES+=usr/bin/sgsmsg # 20150926: remove links to removed/unimplemented mbuf(9) macros OLD_FILES+=usr/share/man/man9/MEXT_ADD_REF.9.gz OLD_FILES+=usr/share/man/man9/MEXTFREE.9.gz OLD_FILES+=usr/share/man/man9/MEXT_IS_REF.9.gz OLD_FILES+=usr/share/man/man9/MEXT_REM_REF.9.gz OLD_FILES+=usr/share/man/man9/MFREE.9.gz # 20150818: *allocm() are gone in jemalloc 4.0.0 OLD_FILES+=usr/share/man/man3/allocm.3.gz OLD_FILES+=usr/share/man/man3/dallocm.3.gz OLD_FILES+=usr/share/man/man3/nallocm.3.gz OLD_FILES+=usr/share/man/man3/rallocm.3.gz OLD_FILES+=usr/share/man/man3/sallocm.3.gz # 20150802: Remove netbsd's test on pw(8) OLD_FILES+=usr/tests/usr.sbin/pw/pw_test # 20150719: Remove libarchive.pc OLD_FILES+=usr/libdata/pkgconfig/libarchive.pc # 20150705: Rename DTrace provider man pages. OLD_FILES+=usr/share/man/man4/dtrace-io.4.gz OLD_FILES+=usr/share/man/man4/dtrace-ip.4.gz OLD_FILES+=usr/share/man/man4/dtrace-proc.4.gz OLD_FILES+=usr/share/man/man4/dtrace-sched.4.gz OLD_FILES+=usr/share/man/man4/dtrace-tcp.4.gz OLD_FILES+=usr/share/man/man4/dtrace-udp.4.gz # 20150704: nvlist private headers no longer installed OLD_FILES+=usr/include/sys/nv_impl.h OLD_FILES+=usr/include/sys/nvlist_impl.h OLD_FILES+=usr/include/sys/nvpair_impl.h # 20150624 OLD_LIBS+=usr/lib/libugidfw.so.4 OLD_LIBS+=usr/lib32/libugidfw.so.4 # 20150604: Move nvlist man pages to section 9. OLD_FILES+=usr/share/man/man3/libnv.3.gz OLD_FILES+=usr/share/man/man3/nv.3.gz OLD_FILES+=usr/share/man/man3/nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_add_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_add_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_add_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_add_null.3.gz OLD_FILES+=usr/share/man/man3/nvlist_add_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_add_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_add_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_add_stringf.3.gz OLD_FILES+=usr/share/man/man3/nvlist_add_stringv.3.gz OLD_FILES+=usr/share/man/man3/nvlist_clone.3.gz OLD_FILES+=usr/share/man/man3/nvlist_create.3.gz OLD_FILES+=usr/share/man/man3/nvlist_destroy.3.gz OLD_FILES+=usr/share/man/man3/nvlist_dump.3.gz OLD_FILES+=usr/share/man/man3/nvlist_empty.3.gz OLD_FILES+=usr/share/man/man3/nvlist_error.3.gz OLD_FILES+=usr/share/man/man3/nvlist_exists.3.gz OLD_FILES+=usr/share/man/man3/nvlist_exists_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_exists_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_exists_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_exists_null.3.gz OLD_FILES+=usr/share/man/man3/nvlist_exists_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_exists_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_exists_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_exists_type.3.gz OLD_FILES+=usr/share/man/man3/nvlist_fdump.3.gz OLD_FILES+=usr/share/man/man3/nvlist_flags.3.gz OLD_FILES+=usr/share/man/man3/nvlist_free.3.gz OLD_FILES+=usr/share/man/man3/nvlist_free_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_free_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_free_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_free_null.3.gz OLD_FILES+=usr/share/man/man3/nvlist_free_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_free_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_free_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_free_type.3.gz OLD_FILES+=usr/share/man/man3/nvlist_get_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_get_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_get_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_get_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_get_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_get_parent.3.gz OLD_FILES+=usr/share/man/man3/nvlist_get_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_move_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_move_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_move_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_move_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_next.3.gz OLD_FILES+=usr/share/man/man3/nvlist_pack.3.gz OLD_FILES+=usr/share/man/man3/nvlist_recv.3.gz OLD_FILES+=usr/share/man/man3/nvlist_send.3.gz OLD_FILES+=usr/share/man/man3/nvlist_set_error.3.gz OLD_FILES+=usr/share/man/man3/nvlist_size.3.gz OLD_FILES+=usr/share/man/man3/nvlist_take_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_take_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_take_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_take_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_take_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_take_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_unpack.3.gz OLD_FILES+=usr/share/man/man3/nvlist_xfer.3.gz # 20150702: Remove duplicated nvlist includes. OLD_FILES+=usr/include/dnv.h OLD_FILES+=usr/include/nv.h # 20150528: PCI IOV device driver methods moved to a separate kobj interface. OLD_FILES+=usr/share/man/man9/PCI_ADD_VF.9.gz OLD_FILES+=usr/share/man/man9/PCI_INIT_IOV.9.gz OLD_FILES+=usr/share/man/man9/PCI_UNINIT_IOV.9.gz # 20150525: new clang import which bumps version from 3.6.0 to 3.6.1. OLD_FILES+=usr/lib/clang/3.6.0/include/__stddef_max_align_t.h OLD_FILES+=usr/lib/clang/3.6.0/include/__wmmintrin_aes.h OLD_FILES+=usr/lib/clang/3.6.0/include/__wmmintrin_pclmul.h OLD_FILES+=usr/lib/clang/3.6.0/include/adxintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/altivec.h OLD_FILES+=usr/lib/clang/3.6.0/include/ammintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/arm_acle.h OLD_FILES+=usr/lib/clang/3.6.0/include/arm_neon.h OLD_FILES+=usr/lib/clang/3.6.0/include/avx2intrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/avx512bwintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/avx512erintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/avx512fintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/avx512vlbwintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/avx512vlintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/avxintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/bmi2intrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/bmiintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/cpuid.h OLD_FILES+=usr/lib/clang/3.6.0/include/emmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/f16cintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/fma4intrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/fmaintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/ia32intrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/immintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/lzcntintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/mm3dnow.h OLD_FILES+=usr/lib/clang/3.6.0/include/mm_malloc.h OLD_FILES+=usr/lib/clang/3.6.0/include/mmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/module.modulemap OLD_FILES+=usr/lib/clang/3.6.0/include/nmmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/pmmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/popcntintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/prfchwintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/rdseedintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/rtmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/shaintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/smmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/tbmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/tmmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/wmmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/x86intrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/xmmintrin.h OLD_FILES+=usr/lib/clang/3.6.0/include/xopintrin.h OLD_DIRS+=usr/lib/clang/3.6.0/include OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.asan-i386.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.asan-x86_64.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.asan_cxx-i386.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.asan_cxx-x86_64.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.profile-arm.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.profile-i386.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.profile-x86_64.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.san-i386.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.san-x86_64.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.ubsan-i386.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.ubsan-x86_64.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.ubsan_cxx-i386.a OLD_FILES+=usr/lib/clang/3.6.0/lib/freebsd/libclang_rt.ubsan_cxx-x86_64.a OLD_DIRS+=usr/lib/clang/3.6.0/lib/freebsd OLD_DIRS+=usr/lib/clang/3.6.0/lib OLD_DIRS+=usr/lib/clang/3.6.0 # 20150521 OLD_FILES+=usr/bin/demandoc OLD_FILES+=usr/share/man/man1/demandoc.1.gz OLD_FILES+=usr/share/man/man3/mandoc.3.gz OLD_FILES+=usr/share/man/man3/mandoc_headers.3.gz # 20150520 OLD_FILES+=usr/lib/libheimsqlite.a OLD_FILES+=usr/lib/libheimsqlite.so OLD_LIBS+=usr/lib/libheimsqlite.so.11 OLD_FILES+=usr/lib/libheimsqlite_p.a OLD_FILES+=usr/lib32/libheimsqlite.a OLD_FILES+=usr/lib32/libheimsqlite.so OLD_LIBS+=usr/lib32/libheimsqlite.so.11 OLD_FILES+=usr/lib32/libheimsqlite_p.a # 20150518: tzdata2015c update OLD_FILES+=usr/share/zoneinfo/America/Montreal # 20150506 OLD_FILES+=usr/share/man/man9/NDHASGIANT.9.gz # 20150504 OLD_FILES+=usr/share/examples/etc/libmap32.conf OLD_FILES+=usr/include/bsdstat.h OLD_LIBS+=usr/lib32/private/libatf-c++.so.2 OLD_LIBS+=usr/lib32/private/libbsdstat.so.1 OLD_LIBS+=usr/lib32/private/libheimipcs.so.11 OLD_LIBS+=usr/lib32/private/libsqlite3.so.0 OLD_LIBS+=usr/lib32/private/libunbound.so.5 OLD_LIBS+=usr/lib32/private/libatf-c.so.1 OLD_LIBS+=usr/lib32/private/libheimipcc.so.11 OLD_LIBS+=usr/lib32/private/libldns.so.5 OLD_LIBS+=usr/lib32/private/libssh.so.5 OLD_LIBS+=usr/lib32/private/libucl.so.1 OLD_DIRS+=usr/lib32/private OLD_LIBS+=usr/lib/private/libatf-c++.so.2 OLD_LIBS+=usr/lib/private/libbsdstat.so.1 OLD_LIBS+=usr/lib/private/libheimipcs.so.11 OLD_LIBS+=usr/lib/private/libsqlite3.so.0 OLD_LIBS+=usr/lib/private/libunbound.so.5 OLD_LIBS+=usr/lib/private/libatf-c.so.1 OLD_LIBS+=usr/lib/private/libheimipcc.so.11 OLD_LIBS+=usr/lib/private/libldns.so.5 OLD_LIBS+=usr/lib/private/libssh.so.5 OLD_LIBS+=usr/lib/private/libucl.so.1 OLD_DIRS+=usr/lib/private # 20150501 OLD_FILES+=usr/bin/soeliminate OLD_FILES+=usr/share/man/man1/soeliminate.1.gz # 20150501: Remove the nvlist_.*[vf] functions manpages. OLD_FILES+=usr/share/man/man3/nvlist_addf_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addf_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addf_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addf_null.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addf_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addf_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addf_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addv_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addv_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addv_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addv_null.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addv_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addv_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_addv_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsf.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsf_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsf_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsf_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsf_null.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsf_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsf_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsf_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsf_type.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsv.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsv_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsv_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsv_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsv_null.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsv_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsv_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsv_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_existsv_type.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freef.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freef_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freef_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freef_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freef_null.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freef_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freef_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freef_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freef_type.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freev.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freev_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freev_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freev_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freev_null.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freev_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freev_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freev_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_freev_type.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getf_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getf_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getf_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getf_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getf_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getf_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getv_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getv_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getv_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getv_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getv_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_getv_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_movef_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_movef_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_movef_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_movef_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_movev_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_movev_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_movev_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_movev_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takef_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takef_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takef_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takef_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takef_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takef_string.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takev_binary.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takev_bool.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takev_descriptor.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takev_number.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takev_nvlist.3.gz OLD_FILES+=usr/share/man/man3/nvlist_takev_string.3.gz # 20150429: remove never written documentation OLD_FILES+=usr/share/doc/papers/hwpmc.ascii.gz # 20150427: test/sys/kern/mmap_test moved to test/sys/vm/mmap_test OLD_FILES+=usr/tests/sys/kern/mmap_test # 20150422: zlib.c moved from net to libkern OLD_FILES+=usr/include/net/zlib.h OLD_FILES+=usr/include/net/zutil.h # 20150418 OLD_FILES+=sbin/mount_oldnfs OLD_FILES+=usr/share/man/man8/mount_oldnfs.8.gz # 20150416: ALTQ moved to net/altq OLD_FILES+=usr/include/altq/altq_rmclass_debug.h OLD_FILES+=usr/include/altq/altq.h OLD_FILES+=usr/include/altq/altq_cdnr.h OLD_FILES+=usr/include/altq/altq_hfsc.h OLD_FILES+=usr/include/altq/altq_priq.h OLD_FILES+=usr/include/altq/altqconf.h OLD_FILES+=usr/include/altq/altq_classq.h OLD_FILES+=usr/include/altq/altq_red.h OLD_FILES+=usr/include/altq/if_altq.h OLD_FILES+=usr/include/altq/altq_var.h OLD_FILES+=usr/include/altq/altq_rmclass.h OLD_FILES+=usr/include/altq/altq_cbq.h OLD_FILES+=usr/include/altq/altq_rio.h OLD_DIRS+=usr/include/altq # 20150330: ntp 4.2.8p1 OLD_FILES+=usr/share/doc/ntp/driver1.html OLD_FILES+=usr/share/doc/ntp/driver10.html OLD_FILES+=usr/share/doc/ntp/driver11.html OLD_FILES+=usr/share/doc/ntp/driver12.html OLD_FILES+=usr/share/doc/ntp/driver16.html OLD_FILES+=usr/share/doc/ntp/driver18.html OLD_FILES+=usr/share/doc/ntp/driver19.html OLD_FILES+=usr/share/doc/ntp/driver2.html OLD_FILES+=usr/share/doc/ntp/driver20.html OLD_FILES+=usr/share/doc/ntp/driver22.html OLD_FILES+=usr/share/doc/ntp/driver26.html OLD_FILES+=usr/share/doc/ntp/driver27.html OLD_FILES+=usr/share/doc/ntp/driver28.html OLD_FILES+=usr/share/doc/ntp/driver29.html OLD_FILES+=usr/share/doc/ntp/driver3.html OLD_FILES+=usr/share/doc/ntp/driver30.html OLD_FILES+=usr/share/doc/ntp/driver32.html OLD_FILES+=usr/share/doc/ntp/driver33.html OLD_FILES+=usr/share/doc/ntp/driver34.html OLD_FILES+=usr/share/doc/ntp/driver35.html OLD_FILES+=usr/share/doc/ntp/driver36.html OLD_FILES+=usr/share/doc/ntp/driver37.html OLD_FILES+=usr/share/doc/ntp/driver4.html OLD_FILES+=usr/share/doc/ntp/driver5.html OLD_FILES+=usr/share/doc/ntp/driver6.html OLD_FILES+=usr/share/doc/ntp/driver7.html OLD_FILES+=usr/share/doc/ntp/driver8.html OLD_FILES+=usr/share/doc/ntp/driver9.html OLD_FILES+=usr/share/doc/ntp/ldisc.html OLD_FILES+=usr/share/doc/ntp/measure.html OLD_FILES+=usr/share/doc/ntp/mx4200data.html OLD_FILES+=usr/share/doc/ntp/notes.html OLD_FILES+=usr/share/doc/ntp/patches.html OLD_FILES+=usr/share/doc/ntp/porting.html OLD_FILES+=usr/share/man/man1/sntp.1.gz # 20150329 .if ${TARGET_ARCH} == "arm" OLD_FILES+=usr/include/bootconfig.h .endif # 20150326 OLD_FILES+=usr/share/man/man1/pmcstudy.1.gz # 20150315: new clang import which bumps version from 3.5.1 to 3.6.0. OLD_FILES+=usr/include/clang/3.5.1/__wmmintrin_aes.h OLD_FILES+=usr/include/clang/3.5.1/__wmmintrin_pclmul.h OLD_FILES+=usr/include/clang/3.5.1/altivec.h OLD_FILES+=usr/include/clang/3.5.1/ammintrin.h OLD_FILES+=usr/include/clang/3.5.1/arm_acle.h OLD_FILES+=usr/include/clang/3.5.1/arm_neon.h OLD_FILES+=usr/include/clang/3.5.1/avx2intrin.h OLD_FILES+=usr/include/clang/3.5.1/avxintrin.h OLD_FILES+=usr/include/clang/3.5.1/bmi2intrin.h OLD_FILES+=usr/include/clang/3.5.1/bmiintrin.h OLD_FILES+=usr/include/clang/3.5.1/cpuid.h OLD_FILES+=usr/include/clang/3.5.1/emmintrin.h OLD_FILES+=usr/include/clang/3.5.1/f16cintrin.h OLD_FILES+=usr/include/clang/3.5.1/fma4intrin.h OLD_FILES+=usr/include/clang/3.5.1/fmaintrin.h OLD_FILES+=usr/include/clang/3.5.1/ia32intrin.h OLD_FILES+=usr/include/clang/3.5.1/immintrin.h OLD_FILES+=usr/include/clang/3.5.1/lzcntintrin.h OLD_FILES+=usr/include/clang/3.5.1/mm3dnow.h OLD_FILES+=usr/include/clang/3.5.1/mm_malloc.h OLD_FILES+=usr/include/clang/3.5.1/mmintrin.h OLD_FILES+=usr/include/clang/3.5.1/module.modulemap OLD_FILES+=usr/include/clang/3.5.1/nmmintrin.h OLD_FILES+=usr/include/clang/3.5.1/pmmintrin.h OLD_FILES+=usr/include/clang/3.5.1/popcntintrin.h OLD_FILES+=usr/include/clang/3.5.1/prfchwintrin.h OLD_FILES+=usr/include/clang/3.5.1/rdseedintrin.h OLD_FILES+=usr/include/clang/3.5.1/rtmintrin.h OLD_FILES+=usr/include/clang/3.5.1/shaintrin.h OLD_FILES+=usr/include/clang/3.5.1/smmintrin.h OLD_FILES+=usr/include/clang/3.5.1/tbmintrin.h OLD_FILES+=usr/include/clang/3.5.1/tmmintrin.h OLD_FILES+=usr/include/clang/3.5.1/wmmintrin.h OLD_FILES+=usr/include/clang/3.5.1/x86intrin.h OLD_FILES+=usr/include/clang/3.5.1/xmmintrin.h OLD_FILES+=usr/include/clang/3.5.1/xopintrin.h OLD_DIRS+=usr/include/clang/3.5.1 OLD_DIRS+=usr/include/clang OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.asan-i386.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.asan-x86_64.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.asan_cxx-i386.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.asan_cxx-x86_64.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.profile-arm.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.profile-i386.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.profile-x86_64.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.san-i386.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.san-x86_64.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.ubsan-i386.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.ubsan-x86_64.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.ubsan_cxx-i386.a OLD_FILES+=usr/lib/clang/3.5.1/lib/freebsd/libclang_rt.ubsan_cxx-x86_64.a OLD_DIRS+=usr/lib/clang/3.5.1/lib/freebsd OLD_DIRS+=usr/lib/clang/3.5.1/lib OLD_DIRS+=usr/lib/clang/3.5.1 # 20150302: binutils documentation distributed as a manpage OLD_FILES+=usr/share/doc/binutils/as.txt OLD_FILES+=usr/share/doc/binutils/ld.txt OLD_DIRS+=usr/share/doc/binutils # 20150222: Removed bcd(6) and ppt(6) OLD_FILES+=usr/bin/bcd OLD_FILES+=usr/bin/ppt OLD_FILES+=usr/share/man/man6/bcd.6.gz OLD_FILES+=usr/share/man/man6/ppt.6.gz # 20150217: Removed remnants of ar(4) driver OLD_FILES+=usr/include/dev/ic/hd64570.h # 20150212: /usr/games moving into /usr/bin OLD_FILES+=usr/games/bcd OLD_FILES+=usr/games/caesar OLD_FILES+=usr/games/factor OLD_FILES+=usr/games/fortune OLD_FILES+=usr/games/grdc OLD_FILES+=usr/games/morse OLD_FILES+=usr/games/number OLD_FILES+=usr/games/pom OLD_FILES+=usr/games/ppt OLD_FILES+=usr/games/primes OLD_FILES+=usr/games/random OLD_FILES+=usr/games/rot13 OLD_FILES+=usr/games/strfile OLD_FILES+=usr/games/unstr OLD_DIRS+=usr/games # 20150209: liblzma header OLD_FILES+=usr/include/lzma/lzma.h # 20150124: spl.9 and friends OLD_FILES+=usr/share/man/man9/spl.9.gz OLD_FILES+=usr/share/man/man9/spl0.9.gz OLD_FILES+=usr/share/man/man9/splbio.9.gz OLD_FILES+=usr/share/man/man9/splclock.9.gz OLD_FILES+=usr/share/man/man9/splhigh.9.gz OLD_FILES+=usr/share/man/man9/splimp.9.gz OLD_FILES+=usr/share/man/man9/splnet.9.gz OLD_FILES+=usr/share/man/man9/splsoftclock.9.gz OLD_FILES+=usr/share/man/man9/splsofttty.9.gz OLD_FILES+=usr/share/man/man9/splstatclock.9.gz OLD_FILES+=usr/share/man/man9/spltty.9.gz OLD_FILES+=usr/share/man/man9/splvm.9.gz OLD_FILES+=usr/share/man/man9/splx.9.gz # 20150118: toeplitz.c moved from netinet to net OLD_FILES+=usr/include/netinet/toeplitz.h # 20150118: new clang import which bumps version from 3.5.0 to 3.5.1. OLD_FILES+=usr/include/clang/3.5.0/__wmmintrin_aes.h OLD_FILES+=usr/include/clang/3.5.0/__wmmintrin_pclmul.h OLD_FILES+=usr/include/clang/3.5.0/altivec.h OLD_FILES+=usr/include/clang/3.5.0/ammintrin.h OLD_FILES+=usr/include/clang/3.5.0/arm_acle.h OLD_FILES+=usr/include/clang/3.5.0/arm_neon.h OLD_FILES+=usr/include/clang/3.5.0/avx2intrin.h OLD_FILES+=usr/include/clang/3.5.0/avxintrin.h OLD_FILES+=usr/include/clang/3.5.0/bmi2intrin.h OLD_FILES+=usr/include/clang/3.5.0/bmiintrin.h OLD_FILES+=usr/include/clang/3.5.0/cpuid.h OLD_FILES+=usr/include/clang/3.5.0/emmintrin.h OLD_FILES+=usr/include/clang/3.5.0/f16cintrin.h OLD_FILES+=usr/include/clang/3.5.0/fma4intrin.h OLD_FILES+=usr/include/clang/3.5.0/fmaintrin.h OLD_FILES+=usr/include/clang/3.5.0/ia32intrin.h OLD_FILES+=usr/include/clang/3.5.0/immintrin.h OLD_FILES+=usr/include/clang/3.5.0/lzcntintrin.h OLD_FILES+=usr/include/clang/3.5.0/mm3dnow.h OLD_FILES+=usr/include/clang/3.5.0/mm_malloc.h OLD_FILES+=usr/include/clang/3.5.0/mmintrin.h OLD_FILES+=usr/include/clang/3.5.0/module.modulemap OLD_FILES+=usr/include/clang/3.5.0/nmmintrin.h OLD_FILES+=usr/include/clang/3.5.0/pmmintrin.h OLD_FILES+=usr/include/clang/3.5.0/popcntintrin.h OLD_FILES+=usr/include/clang/3.5.0/prfchwintrin.h OLD_FILES+=usr/include/clang/3.5.0/rdseedintrin.h OLD_FILES+=usr/include/clang/3.5.0/rtmintrin.h OLD_FILES+=usr/include/clang/3.5.0/shaintrin.h OLD_FILES+=usr/include/clang/3.5.0/smmintrin.h OLD_FILES+=usr/include/clang/3.5.0/tbmintrin.h OLD_FILES+=usr/include/clang/3.5.0/tmmintrin.h OLD_FILES+=usr/include/clang/3.5.0/wmmintrin.h OLD_FILES+=usr/include/clang/3.5.0/x86intrin.h OLD_FILES+=usr/include/clang/3.5.0/xmmintrin.h OLD_FILES+=usr/include/clang/3.5.0/xopintrin.h OLD_DIRS+=usr/include/clang/3.5.0 OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.asan-i386.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.asan-x86_64.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.asan_cxx-i386.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.asan_cxx-x86_64.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.profile-arm.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.profile-i386.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.profile-x86_64.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.san-i386.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.san-x86_64.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.ubsan-i386.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.ubsan-x86_64.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.ubsan_cxx-i386.a OLD_FILES+=usr/lib/clang/3.5.0/lib/freebsd/libclang_rt.ubsan_cxx-x86_64.a OLD_DIRS+=usr/lib/clang/3.5.0/lib/freebsd OLD_DIRS+=usr/lib/clang/3.5.0/lib OLD_DIRS+=usr/lib/clang/3.5.0 # 20150102: removal of asr(4) OLD_FILES+=usr/share/man/man4/asr.4.gz # 20150102: removal of texinfo OLD_FILES+=usr/bin/info OLD_FILES+=usr/bin/infokey OLD_FILES+=usr/bin/install-info OLD_FILES+=usr/bin/makeinfo OLD_FILES+=usr/bin/texindex OLD_FILES+=usr/share/info/am-utils.info.gz OLD_FILES+=usr/share/info/as-utils.info.gz OLD_FILES+=usr/share/info/binutils.info.gz OLD_FILES+=usr/share/info/com_err.info.gz OLD_FILES+=usr/share/info/diff.info.gz OLD_FILES+=usr/share/info/gdb.info.gz OLD_FILES+=usr/share/info/gdbint.info.gz OLD_FILES+=usr/share/info/gperf.info.gz OLD_FILES+=usr/share/info/grep.info.gz OLD_FILES+=usr/share/info/groff.info.gz OLD_FILES+=usr/share/info/heimdal.info.gz OLD_FILES+=usr/share/info/history.info.gz OLD_FILES+=usr/share/info/info-stnd.info.gz OLD_FILES+=usr/share/info/info.info.gz OLD_FILES+=usr/share/info/ld.info.gz OLD_FILES+=usr/share/info/regex.info.gz OLD_FILES+=usr/share/info/rluserman.info.gz OLD_FILES+=usr/share/info/stabs.info.gz OLD_FILES+=usr/share/info/texinfo.info.gz OLD_FILES+=usr/share/man/man1/info.1.gz OLD_FILES+=usr/share/man/man1/infokey.1.gz OLD_FILES+=usr/share/man/man1/install-info.1.gz OLD_FILES+=usr/share/man/man1/makeinfo.1.gz OLD_FILES+=usr/share/man/man1/texindex.1.gz OLD_FILES+=usr/share/man/man5/info.5.gz OLD_FILES+=usr/share/man/man5/texinfo.5.gz # 20141231: new clang import which bumps version from 3.4.1 to 3.5.0. OLD_FILES+=usr/include/clang/3.4.1/__wmmintrin_aes.h OLD_FILES+=usr/include/clang/3.4.1/__wmmintrin_pclmul.h OLD_FILES+=usr/include/clang/3.4.1/altivec.h OLD_FILES+=usr/include/clang/3.4.1/ammintrin.h OLD_FILES+=usr/include/clang/3.4.1/arm_neon.h OLD_FILES+=usr/include/clang/3.4.1/avx2intrin.h OLD_FILES+=usr/include/clang/3.4.1/avxintrin.h OLD_FILES+=usr/include/clang/3.4.1/bmi2intrin.h OLD_FILES+=usr/include/clang/3.4.1/bmiintrin.h OLD_FILES+=usr/include/clang/3.4.1/cpuid.h OLD_FILES+=usr/include/clang/3.4.1/emmintrin.h OLD_FILES+=usr/include/clang/3.4.1/f16cintrin.h OLD_FILES+=usr/include/clang/3.4.1/fma4intrin.h OLD_FILES+=usr/include/clang/3.4.1/fmaintrin.h OLD_FILES+=usr/include/clang/3.4.1/immintrin.h OLD_FILES+=usr/include/clang/3.4.1/lzcntintrin.h OLD_FILES+=usr/include/clang/3.4.1/mm3dnow.h OLD_FILES+=usr/include/clang/3.4.1/mm_malloc.h OLD_FILES+=usr/include/clang/3.4.1/mmintrin.h OLD_FILES+=usr/include/clang/3.4.1/module.map OLD_FILES+=usr/include/clang/3.4.1/nmmintrin.h OLD_FILES+=usr/include/clang/3.4.1/pmmintrin.h OLD_FILES+=usr/include/clang/3.4.1/popcntintrin.h OLD_FILES+=usr/include/clang/3.4.1/prfchwintrin.h OLD_FILES+=usr/include/clang/3.4.1/rdseedintrin.h OLD_FILES+=usr/include/clang/3.4.1/rtmintrin.h OLD_FILES+=usr/include/clang/3.4.1/shaintrin.h OLD_FILES+=usr/include/clang/3.4.1/smmintrin.h OLD_FILES+=usr/include/clang/3.4.1/tbmintrin.h OLD_FILES+=usr/include/clang/3.4.1/tmmintrin.h OLD_FILES+=usr/include/clang/3.4.1/wmmintrin.h OLD_FILES+=usr/include/clang/3.4.1/x86intrin.h OLD_FILES+=usr/include/clang/3.4.1/xmmintrin.h OLD_FILES+=usr/include/clang/3.4.1/xopintrin.h OLD_DIRS+=usr/include/clang/3.4.1 # 20141225: Remove gpib/ieee488 OLD_FILES+=usr/include/dev/ieee488/ibfoo_int.h OLD_FILES+=usr/include/dev/ieee488/tnt4882.h OLD_FILES+=usr/include/dev/ieee488/ugpib.h OLD_FILES+=usr/include/dev/ieee488/upd7210.h OLD_DIRS+=usr/include/dev/ieee488 OLD_FILES+=usr/include/gpib/gpib.h OLD_DIRS+=usr/include/gpib OLD_FILES+=usr/lib/libgpib.a OLD_FILES+=usr/lib/libgpib_p.a OLD_FILES+=usr/lib/libgpib.so OLD_LIBS+=usr/lib/libgpib.so.3 OLD_FILES+=usr/lib/libgpib_p.a OLD_FILES+=usr/lib32/libgpib.a OLD_FILES+=usr/lib32/libgpib_p.a OLD_FILES+=usr/lib32/libgpib.so OLD_LIBS+=usr/lib32/libgpib.so.3 OLD_FILES+=usr/share/man/man3/gpib.3.gz OLD_FILES+=usr/share/man/man3/ibclr.3.gz OLD_FILES+=usr/share/man/man3/ibdev.3.gz OLD_FILES+=usr/share/man/man3/ibdma.3.gz OLD_FILES+=usr/share/man/man3/ibeos.3.gz OLD_FILES+=usr/share/man/man3/ibeot.3.gz OLD_FILES+=usr/share/man/man3/ibloc.3.gz OLD_FILES+=usr/share/man/man3/ibonl.3.gz OLD_FILES+=usr/share/man/man3/ibpad.3.gz OLD_FILES+=usr/share/man/man3/ibrd.3.gz OLD_FILES+=usr/share/man/man3/ibsad.3.gz OLD_FILES+=usr/share/man/man3/ibsic.3.gz OLD_FILES+=usr/share/man/man3/ibtmo.3.gz OLD_FILES+=usr/share/man/man3/ibtrg.3.gz OLD_FILES+=usr/share/man/man3/ibwrt.3.gz OLD_FILES+=usr/share/man/man4/gpib.4.gz OLD_FILES+=usr/share/man/man4/pcii.4.gz OLD_FILES+=usr/share/man/man4/tnt4882.4.gz # 20141224: libxo moved to /lib OLD_LIBS+=usr/lib/libxo.so.0 # 20141223: remove in6_gif.h, in_gif.h and if_stf.h OLD_FILES+=usr/include/net/if_stf.h OLD_FILES+=usr/include/netinet/in_gif.h OLD_FILES+=usr/include/netinet6/in6_gif.h # 20141209: pw tests broken into a file per command OLD_FILES+=usr/tests/usr.sbin/pw/pw_delete OLD_FILES+=usr/tests/usr.sbin/pw/pw_modify # 20141202: update to mandoc CVS 20141201 OLD_FILES+=usr.bin/preconv OLD_FILES+=share/man/man1/preconv.1.gz # 20141129: mrouted rc.d scripts removed from base OLD_FILES+=etc/rc.d/mrouted # 20141126: convert sbin/mdconfig/tests to ATF format tests OLD_FILES+=usr/tests/sbin/mdconfig/legacy_test OLD_FILES+=usr/tests/sbin/mdconfig/mdconfig.test OLD_FILES+=usr/tests/sbin/mdconfig/run.pl # 20141126: remove xform_ipip decapsulation fallback OLD_FILES+=usr/include/netipsec/ipip_var.h # 20141122: mandoc updated to 1.13.1 OLD_FILES+=usr/share/mdocml/external.png # 20141111: SF_KQUEUE code removed OLD_FILES+=usr/include/sys/sf_base.h OLD_FILES+=usr/include/sys/sf_sync.h # 20141109: faith/faithd removal OLD_FILES+=etc/rc.d/faith OLD_FILES+=usr/share/man/man4/faith.4.gz OLD_FILES+=usr/share/man/man4/if_faith.4.gz OLD_FILES+=usr/sbin/faithd OLD_FILES+=usr/share/man/man8/faithd.8.gz # 20141107: overhaul if_gre(4) OLD_FILES+=usr/include/netinet/ip_gre.h # 20141102: postrandom obsoleted by new /dev/random code OLD_FILES+=etc/rc.d/postrandom # 20141031: initrandom obsoleted by new /dev/random code OLD_FILES+=etc/rc.d/initrandom # 20141030: atf 0.21 import OLD_FILES+=usr/share/man/man3/atf-c++-api.3.gz # 20141028: debug files accidentally installed as directory name OLD_FILES+=usr/lib/debug/usr/lib/i18n OLD_FILES+=usr/lib/debug/usr/lib/private OLD_FILES+=usr/lib/debug/usr/lib32/i18n OLD_FILES+=usr/lib/debug/usr/lib32/private # 20141015: OpenSSL 1.0.1j import OLD_FILES+=usr/share/openssl/man/man3/CMS_sign_add1_signer.3.gz # 20141003: libproc version bump OLD_LIBS+=usr/lib/libproc.so.2 OLD_LIBS+=usr/lib32/libproc.so.2 # 20140922: sleepq_calc_signal_retval.9 and sleepq_catch_signals.9 removed OLD_FILES+=usr/share/man/man9/sleepq_calc_signal_retval.9.gz OLD_FILES+=usr/share/man/man9/sleepq_catch_signals.9.gz # 20140917: hv_kvpd rc.d script removed in favor of devd configuration OLD_FILES+=etc/rc.d/hv_kvpd # 20140917: libnv was accidentally being installed to /usr/lib instead of /lib OLD_LIBS+=usr/lib/libnv.so.0 # 20140829: rc.d/kerberos removed OLD_FILES+=etc/rc.d/kerberos # 20140827: tzdata2014f import OLD_FILES+=usr/share/zoneinfo/Asia/Chongqing OLD_FILES+=usr/share/zoneinfo/Asia/Harbin OLD_FILES+=usr/share/zoneinfo/Asia/Kashgar # 20140814: libopie version bump OLD_LIBS+=usr/lib/libopie.so.7 OLD_LIBS+=usr/lib32/libopie.so.7 # 20140811: otp-sha renamed to otp-sha1 OLD_FILES+=usr/bin/otp-sha OLD_FILES+=usr/share/man/man1/otp-sha.1.gz # 20140807: Remove private lib files that should not be installed. OLD_FILES+=usr/lib32/private/libatf-c.a OLD_FILES+=usr/lib32/private/libatf-c.so OLD_FILES+=usr/lib32/private/libatf-c_p.a OLD_FILES+=usr/lib32/private/libatf-c++.a OLD_FILES+=usr/lib32/private/libatf-c++.so OLD_FILES+=usr/lib32/private/libatf-c++_p.a OLD_FILES+=usr/lib32/private/libbsdstat.a OLD_FILES+=usr/lib32/private/libbsdstat.so OLD_FILES+=usr/lib32/private/libbsdstat_p.a OLD_FILES+=usr/lib32/private/libheimipcc.a OLD_FILES+=usr/lib32/private/libheimipcc.so OLD_FILES+=usr/lib32/private/libheimipcc_p.a OLD_FILES+=usr/lib32/private/libheimipcs.a OLD_FILES+=usr/lib32/private/libheimipcs.so OLD_FILES+=usr/lib32/private/libheimipcs_p.a OLD_FILES+=usr/lib32/private/libldns.a OLD_FILES+=usr/lib32/private/libldns.so OLD_FILES+=usr/lib32/private/libldns_p.a OLD_FILES+=usr/lib32/private/libssh.a OLD_FILES+=usr/lib32/private/libssh.so OLD_FILES+=usr/lib32/private/libssh_p.a OLD_FILES+=usr/lib32/private/libunbound.a OLD_FILES+=usr/lib32/private/libunbound.so OLD_FILES+=usr/lib32/private/libunbound_p.a OLD_FILES+=usr/lib32/private/libucl.a OLD_FILES+=usr/lib32/private/libucl.so OLD_FILES+=usr/lib32/private/libucl_p.a OLD_FILES+=usr/lib/private/libatf-c.a OLD_FILES+=usr/lib/private/libatf-c.so OLD_FILES+=usr/lib/private/libatf-c_p.a OLD_FILES+=usr/lib/private/libatf-c++.a OLD_FILES+=usr/lib/private/libatf-c++.so OLD_FILES+=usr/lib/private/libatf-c++_p.a OLD_FILES+=usr/lib/private/libbsdstat.a OLD_FILES+=usr/lib/private/libbsdstat.so OLD_FILES+=usr/lib/private/libbsdstat_p.a OLD_FILES+=usr/lib/private/libheimipcc.a OLD_FILES+=usr/lib/private/libheimipcc.so OLD_FILES+=usr/lib/private/libheimipcc_p.a OLD_FILES+=usr/lib/private/libheimipcs.a OLD_FILES+=usr/lib/private/libheimipcs.so OLD_FILES+=usr/lib/private/libheimipcs_p.a OLD_FILES+=usr/lib/private/libldns.a OLD_FILES+=usr/lib/private/libldns.so OLD_FILES+=usr/lib/private/libldns_p.a OLD_FILES+=usr/lib/private/libssh.a OLD_FILES+=usr/lib/private/libssh.so OLD_FILES+=usr/lib/private/libssh_p.a OLD_FILES+=usr/lib/private/libunbound.a OLD_FILES+=usr/lib/private/libunbound.so OLD_FILES+=usr/lib/private/libunbound_p.a OLD_FILES+=usr/lib/private/libucl.a OLD_FILES+=usr/lib/private/libucl.so OLD_FILES+=usr/lib/private/libucl_p.a # 20140803: Remove an obsolete man page OLD_FILES+=usr/share/man/man9/pmap_change_wiring.9.gz # 20140731 OLD_FILES+=usr/share/man/man9/SYSCTL_ADD_OID.9.gz # 20140728: libsbuf restored to old version. OLD_LIBS+=lib/libsbuf.so.7 OLD_LIBS+=usr/lib32/libsbuf.so.7 # 20140728: Remove an obsolete man page OLD_FILES+=usr/share/man/man9/VOP_GETVOBJECT.9.gz OLD_FILES+=usr/share/man/man9/VOP_CREATEVOBJECT.9.gz OLD_FILES+=usr/share/man/man9/VOP_DESTROYVOBJECT.9.gz # 20140723: renamed to PCBGROUP.9 OLD_FILES+=usr/share/man/man9/PCBGROUPS.9.gz # 20140722: browse_packages_ftp.sh removed OLD_FILES+=usr/share/examples/bsdconfig/browse_packages_ftp.sh # 20140718: Remove obsolete man pages OLD_FILES+=usr/share/man/man9/zero_copy.9.gz OLD_FILES+=usr/share/man/man9/zero_copy_sockets.9.gz # 20140718: Remove an obsolete man page OLD_FILES+=usr/share/man/man9/pmap_page_protect.9.gz # 20140717: Remove an obsolete man page OLD_FILES+=usr/share/man/man9/pmap_clear_reference.9.gz # 20140716: Remove an incorrectly named man page OLD_FILES+=usr/share/man/man9/pmap_ts_modified.9.gz # 20140712: Removal of bsd.dtrace.mk OLD_FILES+=usr/share/mk/bsd.dtrace.mk # 20140705: turn libreadline into an internal lib OLD_LIBS+=lib/libreadline.so.8 OLD_FILES+=usr/lib/libreadline.a OLD_FILES+=usr/lib/libreadline_p.a OLD_FILES+=usr/lib/libreadline.so OLD_FILES+=usr/lib/libhistory.a OLD_FILES+=usr/lib/libhistory_p.a OLD_FILES+=usr/lib/libhistory.so OLD_LIBS+=usr/lib/libhistory.so.8 OLD_FILES+=usr/lib32/libhistory.a OLD_FILES+=usr/lib32/libhistory.so OLD_LIBS+=usr/lib32/libhistory.so.8 OLD_FILES+=usr/lib32/libhistory_p.a OLD_FILES+=usr/lib32/libreadline.a OLD_FILES+=usr/lib32/libreadline.so OLD_LIBS+=usr/lib32/libreadline.so.8 OLD_FILES+=usr/lib32/libreadline_p.a OLD_FILES+=usr/include/readline/chardefs.h OLD_FILES+=usr/include/readline/history.h OLD_FILES+=usr/include/readline/keymaps.h OLD_FILES+=usr/include/readline/readline.h OLD_FILES+=usr/include/readline/tilde.h OLD_FILES+=usr/include/readline/rlconf.h OLD_FILES+=usr/include/readline/rlstdc.h OLD_FILES+=usr/include/readline/rltypedefs.h OLD_FILES+=usr/include/readline/rltypedefs.h OLD_DIRS+=usr/include/readline OLD_FILES+=usr/share/info/readline.info.gz OLD_FILES+=usr/share/man/man3/readline.3.gz OLD_FILES+=usr/share/man/man3/rlhistory.3.gz # 20140625: csup removal OLD_FILES+=usr/bin/csup OLD_FILES+=usr/bin/cpasswd OLD_FILES+=usr/share/man/man1/csup.1.gz OLD_FILES+=usr/share/man/man1/cpasswd.1.gz OLD_FILES+=usr/share/examples/cvsup/README OLD_FILES+=usr/share/examples/cvsup/cvs-supfile OLD_FILES+=usr/share/examples/cvsup/stable-supfile OLD_FILES+=usr/share/examples/cvsup/standard-supfile OLD_DIRS+=usr/share/examples/cvsup # 20140614: send-pr removal OLD_FILES+=usr/bin/sendbug OLD_FILES+=usr/share/info/send-pr.info.gz OLD_FILES+=usr/share/man/man1/send-pr.1.gz OLD_FILES+=usr/share/man/man1/sendbug.1.gz OLD_FILES+=etc/gnats/freefall OLD_DIRS+=etc/gnats # 20140512: new clang import which bumps version from 3.4 to 3.4.1. OLD_FILES+=usr/include/clang/3.4/__wmmintrin_aes.h OLD_FILES+=usr/include/clang/3.4/__wmmintrin_pclmul.h OLD_FILES+=usr/include/clang/3.4/altivec.h OLD_FILES+=usr/include/clang/3.4/ammintrin.h OLD_FILES+=usr/include/clang/3.4/avx2intrin.h OLD_FILES+=usr/include/clang/3.4/avxintrin.h OLD_FILES+=usr/include/clang/3.4/bmi2intrin.h OLD_FILES+=usr/include/clang/3.4/bmiintrin.h OLD_FILES+=usr/include/clang/3.4/cpuid.h OLD_FILES+=usr/include/clang/3.4/emmintrin.h OLD_FILES+=usr/include/clang/3.4/f16cintrin.h OLD_FILES+=usr/include/clang/3.4/fma4intrin.h OLD_FILES+=usr/include/clang/3.4/fmaintrin.h OLD_FILES+=usr/include/clang/3.4/immintrin.h OLD_FILES+=usr/include/clang/3.4/lzcntintrin.h OLD_FILES+=usr/include/clang/3.4/mm3dnow.h OLD_FILES+=usr/include/clang/3.4/mm_malloc.h OLD_FILES+=usr/include/clang/3.4/mmintrin.h OLD_FILES+=usr/include/clang/3.4/module.map OLD_FILES+=usr/include/clang/3.4/nmmintrin.h OLD_FILES+=usr/include/clang/3.4/pmmintrin.h OLD_FILES+=usr/include/clang/3.4/popcntintrin.h OLD_FILES+=usr/include/clang/3.4/prfchwintrin.h OLD_FILES+=usr/include/clang/3.4/rdseedintrin.h OLD_FILES+=usr/include/clang/3.4/rtmintrin.h OLD_FILES+=usr/include/clang/3.4/shaintrin.h OLD_FILES+=usr/include/clang/3.4/smmintrin.h OLD_FILES+=usr/include/clang/3.4/tbmintrin.h OLD_FILES+=usr/include/clang/3.4/tmmintrin.h OLD_FILES+=usr/include/clang/3.4/wmmintrin.h OLD_FILES+=usr/include/clang/3.4/x86intrin.h OLD_FILES+=usr/include/clang/3.4/xmmintrin.h OLD_FILES+=usr/include/clang/3.4/xopintrin.h OLD_FILES+=usr/include/clang/3.4/arm_neon.h OLD_FILES+=usr/include/clang/3.4/module.map OLD_DIRS+=usr/include/clang/3.4 # 20140505: Bogusly installing src.opts.mk OLD_FILES+=usr/share/mk/src.opts.mk # 20140505: Reject PR kern/187551 OLD_FILES+=usr/tests/sbin/ifconfig/fibs_test # 20140502: Removal of lindev(4) OLD_FILES+=usr/share/man/man4/lindev.4.gz # 20140425 OLD_FILES+=usr/lib/libssp_p.a OLD_FILES+=usr/lib/libstand_p.a OLD_FILES+=usr/lib32/libc_pic.a OLD_FILES+=usr/lib32/libssp_p.a OLD_FILES+=usr/lib32/libstand_p.a # 20140314: AppleTalk OLD_DIRS+=usr/include/netatalk OLD_FILES+=usr/include/netatalk/aarp.h OLD_FILES+=usr/include/netatalk/at.h OLD_FILES+=usr/include/netatalk/at_extern.h OLD_FILES+=usr/include/netatalk/at_var.h OLD_FILES+=usr/include/netatalk/ddp.h OLD_FILES+=usr/include/netatalk/ddp_pcb.h OLD_FILES+=usr/include/netatalk/ddp_var.h OLD_FILES+=usr/include/netatalk/endian.h OLD_FILES+=usr/include/netatalk/phase2.h # 20140314: Remove IPX/SPX OLD_LIBS+=lib/libipx.so.5 OLD_FILES+=usr/include/netipx/ipx.h OLD_FILES+=usr/include/netipx/ipx_if.h OLD_FILES+=usr/include/netipx/ipx_pcb.h OLD_FILES+=usr/include/netipx/ipx_var.h OLD_FILES+=usr/include/netipx/spx.h OLD_FILES+=usr/include/netipx/spx_debug.h OLD_FILES+=usr/include/netipx/spx_timer.h OLD_FILES+=usr/include/netipx/spx_var.h OLD_DIRS+=usr/include/netipx OLD_FILES+=usr/lib/libipx.a OLD_FILES+=usr/lib/libipx.so OLD_FILES+=usr/lib/libipx_p.a OLD_FILES+=usr/lib32/libipx.a OLD_FILES+=usr/lib32/libipx.so OLD_LIBS+=usr/lib32/libipx.so.5 OLD_FILES+=usr/lib32/libipx_p.a OLD_FILES+=usr/sbin/IPXrouted OLD_FILES+=usr/share/man/man3/ipx.3.gz OLD_FILES+=usr/share/man/man3/ipx_addr.3.gz OLD_FILES+=usr/share/man/man3/ipx_ntoa.3.gz OLD_FILES+=usr/share/man/man4/ef.4.gz OLD_FILES+=usr/share/man/man4/if_ef.4.gz OLD_FILES+=usr/share/man/man8/IPXrouted.8.gz # 20140314: bsdconfig usermgmt rewrite OLD_FILES+=usr/libexec/bsdconfig/070.usermgmt/userinput # 20140307: bsdconfig groupmgmt rewrite OLD_FILES+=usr/libexec/bsdconfig/070.usermgmt/groupinput # 20140223: Remove libyaml OLD_FILES+=usr/lib/private/libyaml.a OLD_FILES+=usr/lib/private/libyaml.so OLD_LIBS+=usr/lib/private/libyaml.so.1 OLD_FILES+=usr/lib/private/libyaml_p.a OLD_FILES+=usr/lib32/private/libyaml.a OLD_FILES+=usr/lib32/private/libyaml.so OLD_LIBS+=usr/lib32/private/libyaml.so.1 OLD_FILES+=usr/lib32/private/libyaml_p.a # 20140216: new clang import which bumps version from 3.3 to 3.4. OLD_FILES+=usr/bin/llvm-prof OLD_FILES+=usr/bin/llvm-ranlib OLD_FILES+=usr/include/clang/3.3/__wmmintrin_aes.h OLD_FILES+=usr/include/clang/3.3/__wmmintrin_pclmul.h OLD_FILES+=usr/include/clang/3.3/altivec.h OLD_FILES+=usr/include/clang/3.3/ammintrin.h OLD_FILES+=usr/include/clang/3.3/avx2intrin.h OLD_FILES+=usr/include/clang/3.3/avxintrin.h OLD_FILES+=usr/include/clang/3.3/bmi2intrin.h OLD_FILES+=usr/include/clang/3.3/bmiintrin.h OLD_FILES+=usr/include/clang/3.3/cpuid.h OLD_FILES+=usr/include/clang/3.3/emmintrin.h OLD_FILES+=usr/include/clang/3.3/f16cintrin.h OLD_FILES+=usr/include/clang/3.3/fma4intrin.h OLD_FILES+=usr/include/clang/3.3/fmaintrin.h OLD_FILES+=usr/include/clang/3.3/immintrin.h OLD_FILES+=usr/include/clang/3.3/lzcntintrin.h OLD_FILES+=usr/include/clang/3.3/mm3dnow.h OLD_FILES+=usr/include/clang/3.3/mm_malloc.h OLD_FILES+=usr/include/clang/3.3/mmintrin.h OLD_FILES+=usr/include/clang/3.3/module.map OLD_FILES+=usr/include/clang/3.3/nmmintrin.h OLD_FILES+=usr/include/clang/3.3/pmmintrin.h OLD_FILES+=usr/include/clang/3.3/popcntintrin.h OLD_FILES+=usr/include/clang/3.3/prfchwintrin.h OLD_FILES+=usr/include/clang/3.3/rdseedintrin.h OLD_FILES+=usr/include/clang/3.3/rtmintrin.h OLD_FILES+=usr/include/clang/3.3/smmintrin.h OLD_FILES+=usr/include/clang/3.3/tmmintrin.h OLD_FILES+=usr/include/clang/3.3/wmmintrin.h OLD_FILES+=usr/include/clang/3.3/x86intrin.h OLD_FILES+=usr/include/clang/3.3/xmmintrin.h OLD_FILES+=usr/include/clang/3.3/xopintrin.h OLD_FILES+=usr/share/man/man1/llvm-prof.1.gz OLD_FILES+=usr/share/man/man1/llvm-ranlib.1.gz OLD_DIRS+=usr/include/clang/3.3 # 20140216: nve(4) removed OLD_FILES+=usr/share/man/man4/if_nve.4.gz OLD_FILES+=usr/share/man/man4/nve.4.gz # 20140205: Open Firmware device moved OLD_FILES+=usr/include/dev/ofw/ofw_nexus.h # 20140128: libelf and libdwarf import OLD_LIBS+=usr/lib/libelf.so.1 OLD_LIBS+=usr/lib32/libelf.so.1 OLD_LIBS+=usr/lib/libdwarf.so.3 OLD_LIBS+=usr/lib32/libdwarf.so.3 # 20140123: apicvar header moved to x86 OLD_FILES+=usr/include/machine/apicvar.h # 20131215: libcam version bumped OLD_LIBS+=lib/libcam.so.6 usr/lib32/libcam.so.6 # 20131202: libcapsicum and libcasper moved to /lib/ OLD_LIBS+=usr/lib/libcapsicum.so.0 OLD_LIBS+=usr/lib/libcasper.so.0 # 20131109: extattr(2) mlinks fixed OLD_FILES+=usr/share/man/man2/extattr_delete_list.2.gz OLD_FILES+=usr/share/man/man2/extattr_get_list.2.gz # 20131107: example files removed OLD_FILES+=usr/share/examples/libusb20/aux.c OLD_FILES+=usr/share/examples/libusb20/aux.h # 20131105: tzdata 2013h import OLD_FILES+=usr/share/zoneinfo/America/Shiprock OLD_FILES+=usr/share/zoneinfo/Antarctica/South_Pole # 20131103: WITH_LIBICONV_COMPAT removal OLD_FILES+=usr/include/_libiconv_compat.h OLD_FILES+=usr/lib/libiconv.a OLD_FILES+=usr/lib/libiconv.so OLD_FILES+=usr/lib/libiconv.so.3 OLD_FILES+=usr/lib/libiconv_p.a OLD_FILES+=usr/lib32/libiconv.a OLD_FILES+=usr/lib32/libiconv.so OLD_FILES+=usr/lib32/libiconv.so.3 OLD_FILES+=usr/lib32/libiconv_p.a # 20131103: removal of utxrm(8), use 'utx rm' instead. OLD_FILES+=usr/sbin/utxrm OLD_FILES+=usr/share/man/man8/utxrm.8.gz # 20131031: pkg_install has been removed OLD_FILES+=etc/periodic/daily/220.backup-pkgdb OLD_FILES+=etc/periodic/daily/490.status-pkg-changes OLD_FILES+=etc/periodic/security/460.chkportsum OLD_FILES+=etc/periodic/weekly/400.status-pkg OLD_FILES+=usr/sbin/pkg_add OLD_FILES+=usr/sbin/pkg_create OLD_FILES+=usr/sbin/pkg_delete OLD_FILES+=usr/sbin/pkg_info OLD_FILES+=usr/sbin/pkg_updating OLD_FILES+=usr/sbin/pkg_version OLD_FILES+=usr/share/man/man1/pkg_add.1.gz OLD_FILES+=usr/share/man/man1/pkg_create.1.gz OLD_FILES+=usr/share/man/man1/pkg_delete.1.gz OLD_FILES+=usr/share/man/man1/pkg_info.1.gz OLD_FILES+=usr/share/man/man1/pkg_updating.1.gz OLD_FILES+=usr/share/man/man1/pkg_version.1.gz # 20131030: /etc/keys moved to /usr/share/keys OLD_DIRS+=etc/keys OLD_DIRS+=etc/keys/pkg OLD_DIRS+=etc/keys/pkg/revoked OLD_DIRS+=etc/keys/pkg/trusted OLD_FILES+=etc/keys/pkg/trusted/pkg.freebsd.org.2013102301 # 20131028: ng_fec(4) removed OLD_FILES+=usr/include/netgraph/ng_fec.h OLD_FILES+=usr/share/man/man4/ng_fec.4.gz # 20131027: header moved OLD_FILES+=usr/include/net/pf_mtag.h # 20131023: remove never used iscsi directory OLD_DIRS+=usr/share/examples/iscsi # 20131021: isf(4) removed OLD_FILES+=usr/sbin/isfctl OLD_FILES+=usr/share/man/man4/isf.4.gz OLD_FILES+=usr/share/man/man8/isfctl.8.gz # 20131014: libbsdyml becomes private OLD_FILES+=usr/lib/libbsdyml.a OLD_FILES+=usr/lib/libbsdyml.so OLD_LIBS+=usr/lib/libbsdyml.so.0 OLD_FILES+=usr/lib/libbsdyml_p.a OLD_FILES+=usr/lib32/libbsdyml.a OLD_FILES+=usr/lib32/libbsdyml.so OLD_LIBS+=usr/lib32/libbsdyml.so.0 OLD_FILES+=usr/lib32/libbsdyml_p.a OLD_FILES+=usr/share/man/man3/libbsdyml.3.gz OLD_FILES+=usr/include/bsdyml.h # 20131013: Removal of the ATF tools OLD_FILES+=etc/atf/FreeBSD.conf OLD_FILES+=etc/atf/atf-run.hooks OLD_FILES+=etc/atf/common.conf OLD_FILES+=usr/bin/atf-config OLD_FILES+=usr/bin/atf-report OLD_FILES+=usr/bin/atf-run OLD_FILES+=usr/bin/atf-version OLD_FILES+=usr/share/atf/atf-run.hooks OLD_FILES+=usr/share/examples/atf/atf-run.hooks OLD_FILES+=usr/share/examples/atf/tests-results.css OLD_FILES+=usr/share/man/man1/atf-config.1.gz OLD_FILES+=usr/share/man/man1/atf-report.1.gz OLD_FILES+=usr/share/man/man1/atf-run.1.gz OLD_FILES+=usr/share/man/man1/atf-version.1.gz OLD_FILES+=usr/share/man/man5/atf-formats.5.gz OLD_FILES+=usr/share/xml/atf/tests-results.dtd OLD_FILES+=usr/share/xsl/atf/tests-results.xsl # 20131009: freebsd-version moved from /libexec to /bin OLD_FILES+=libexec/freebsd-version # 20131001: ar and ranlib from binutils not used OLD_FILES+=usr/bin/gnu-ar OLD_FILES+=usr/bin/gnu-ranlib OLD_FILES+=usr/share/man/man1/gnu-ar.1.gz OLD_FILES+=usr/share/man/man1/gnu-ranlib.1.gz # 20130930: BIND removed from base OLD_FILES+=etc/mtree/BIND.chroot.dist OLD_FILES+=etc/namedb OLD_FILES+=etc/periodic/daily/470.status-named OLD_FILES+=usr/bin/dig OLD_FILES+=usr/bin/nslookup OLD_FILES+=usr/bin/nsupdate OLD_DIRS+=usr/include/lwres OLD_FILES+=usr/include/lwres/context.h OLD_FILES+=usr/include/lwres/int.h OLD_FILES+=usr/include/lwres/ipv6.h OLD_FILES+=usr/include/lwres/lang.h OLD_FILES+=usr/include/lwres/list.h OLD_FILES+=usr/include/lwres/lwbuffer.h OLD_FILES+=usr/include/lwres/lwpacket.h OLD_FILES+=usr/include/lwres/lwres.h OLD_FILES+=usr/include/lwres/net.h OLD_FILES+=usr/include/lwres/netdb.h OLD_FILES+=usr/include/lwres/platform.h OLD_FILES+=usr/include/lwres/result.h OLD_FILES+=usr/include/lwres/string.h OLD_FILES+=usr/include/lwres/version.h OLD_FILES+=usr/lib/liblwres.a OLD_FILES+=usr/lib/liblwres.so OLD_LIBS+=usr/lib/liblwres.so.90 OLD_FILES+=usr/lib/liblwres_p.a OLD_FILES+=usr/sbin/arpaname OLD_FILES+=usr/sbin/ddns-confgen OLD_FILES+=usr/sbin/dnssec-dsfromkey OLD_FILES+=usr/sbin/dnssec-keyfromlabel OLD_FILES+=usr/sbin/dnssec-keygen OLD_FILES+=usr/sbin/dnssec-revoke OLD_FILES+=usr/sbin/dnssec-settime OLD_FILES+=usr/sbin/dnssec-signzone OLD_FILES+=usr/sbin/dnssec-verify OLD_FILES+=usr/sbin/genrandom OLD_FILES+=usr/sbin/isc-hmac-fixup OLD_FILES+=usr/sbin/lwresd OLD_FILES+=usr/sbin/named OLD_FILES+=usr/sbin/named-checkconf OLD_FILES+=usr/sbin/named-checkzone OLD_FILES+=usr/sbin/named-compilezone OLD_FILES+=usr/sbin/named-journalprint OLD_FILES+=usr/sbin/named.reconfig OLD_FILES+=usr/sbin/named.reload OLD_FILES+=usr/sbin/nsec3hash OLD_FILES+=usr/sbin/rndc OLD_FILES+=usr/sbin/rndc-confgen OLD_DIRS+=usr/share/doc/bind9 OLD_FILES+=usr/share/doc/bind9/CHANGES OLD_FILES+=usr/share/doc/bind9/COPYRIGHT OLD_FILES+=usr/share/doc/bind9/FAQ OLD_FILES+=usr/share/doc/bind9/HISTORY OLD_FILES+=usr/share/doc/bind9/README OLD_DIRS+=usr/share/doc/bind9/arm OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch01.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch02.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch03.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch04.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch05.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch06.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch07.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch08.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch09.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.ch10.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.html OLD_FILES+=usr/share/doc/bind9/arm/Bv9ARM.pdf OLD_FILES+=usr/share/doc/bind9/arm/man.arpaname.html OLD_FILES+=usr/share/doc/bind9/arm/man.ddns-confgen.html OLD_FILES+=usr/share/doc/bind9/arm/man.dig.html OLD_FILES+=usr/share/doc/bind9/arm/man.dnssec-dsfromkey.html OLD_FILES+=usr/share/doc/bind9/arm/man.dnssec-keyfromlabel.html OLD_FILES+=usr/share/doc/bind9/arm/man.dnssec-keygen.html OLD_FILES+=usr/share/doc/bind9/arm/man.dnssec-revoke.html OLD_FILES+=usr/share/doc/bind9/arm/man.dnssec-settime.html OLD_FILES+=usr/share/doc/bind9/arm/man.dnssec-signzone.html OLD_FILES+=usr/share/doc/bind9/arm/man.dnssec-verify.html OLD_FILES+=usr/share/doc/bind9/arm/man.genrandom.html OLD_FILES+=usr/share/doc/bind9/arm/man.host.html OLD_FILES+=usr/share/doc/bind9/arm/man.isc-hmac-fixup.html OLD_FILES+=usr/share/doc/bind9/arm/man.named-checkconf.html OLD_FILES+=usr/share/doc/bind9/arm/man.named-checkzone.html OLD_FILES+=usr/share/doc/bind9/arm/man.named-journalprint.html OLD_FILES+=usr/share/doc/bind9/arm/man.named.html OLD_FILES+=usr/share/doc/bind9/arm/man.nsec3hash.html OLD_FILES+=usr/share/doc/bind9/arm/man.nsupdate.html OLD_FILES+=usr/share/doc/bind9/arm/man.rndc-confgen.html OLD_FILES+=usr/share/doc/bind9/arm/man.rndc.conf.html OLD_FILES+=usr/share/doc/bind9/arm/man.rndc.html OLD_DIRS+=usr/share/doc/bind9/misc OLD_FILES+=usr/share/doc/bind9/misc/dnssec OLD_FILES+=usr/share/doc/bind9/misc/format-options.pl OLD_FILES+=usr/share/doc/bind9/misc/ipv6 OLD_FILES+=usr/share/doc/bind9/misc/migration OLD_FILES+=usr/share/doc/bind9/misc/migration-4to9 OLD_FILES+=usr/share/doc/bind9/misc/options OLD_FILES+=usr/share/doc/bind9/misc/rfc-compliance OLD_FILES+=usr/share/doc/bind9/misc/roadmap OLD_FILES+=usr/share/doc/bind9/misc/sdb OLD_FILES+=usr/share/doc/bind9/misc/sort-options.pl OLD_FILES+=usr/share/man/man1/arpaname.1.gz OLD_FILES+=usr/share/man/man1/dig.1.gz OLD_FILES+=usr/share/man/man1/nslookup.1.gz OLD_FILES+=usr/share/man/man1/nsupdate.1.gz OLD_FILES+=usr/share/man/man3/lwres.3.gz OLD_FILES+=usr/share/man/man3/lwres_addr_parse.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_add.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_back.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_clear.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_first.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_forward.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_getmem.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_getuint16.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_getuint32.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_getuint8.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_init.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_invalidate.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_putmem.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_putuint16.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_putuint32.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_putuint8.3.gz OLD_FILES+=usr/share/man/man3/lwres_buffer_subtract.3.gz OLD_FILES+=usr/share/man/man3/lwres_conf_clear.3.gz OLD_FILES+=usr/share/man/man3/lwres_conf_get.3.gz OLD_FILES+=usr/share/man/man3/lwres_conf_init.3.gz OLD_FILES+=usr/share/man/man3/lwres_conf_parse.3.gz OLD_FILES+=usr/share/man/man3/lwres_conf_print.3.gz OLD_FILES+=usr/share/man/man3/lwres_config.3.gz OLD_FILES+=usr/share/man/man3/lwres_context.3.gz OLD_FILES+=usr/share/man/man3/lwres_context_allocmem.3.gz OLD_FILES+=usr/share/man/man3/lwres_context_create.3.gz OLD_FILES+=usr/share/man/man3/lwres_context_destroy.3.gz OLD_FILES+=usr/share/man/man3/lwres_context_freemem.3.gz OLD_FILES+=usr/share/man/man3/lwres_context_initserial.3.gz OLD_FILES+=usr/share/man/man3/lwres_context_nextserial.3.gz OLD_FILES+=usr/share/man/man3/lwres_context_sendrecv.3.gz OLD_FILES+=usr/share/man/man3/lwres_endhostent.3.gz OLD_FILES+=usr/share/man/man3/lwres_endhostent_r.3.gz OLD_FILES+=usr/share/man/man3/lwres_freeaddrinfo.3.gz OLD_FILES+=usr/share/man/man3/lwres_freehostent.3.gz OLD_FILES+=usr/share/man/man3/lwres_gabn.3.gz OLD_FILES+=usr/share/man/man3/lwres_gabnrequest_free.3.gz OLD_FILES+=usr/share/man/man3/lwres_gabnrequest_parse.3.gz OLD_FILES+=usr/share/man/man3/lwres_gabnrequest_render.3.gz OLD_FILES+=usr/share/man/man3/lwres_gabnresponse_free.3.gz OLD_FILES+=usr/share/man/man3/lwres_gabnresponse_parse.3.gz OLD_FILES+=usr/share/man/man3/lwres_gabnresponse_render.3.gz OLD_FILES+=usr/share/man/man3/lwres_gai_strerror.3.gz OLD_FILES+=usr/share/man/man3/lwres_getaddrinfo.3.gz OLD_FILES+=usr/share/man/man3/lwres_getaddrsbyname.3.gz OLD_FILES+=usr/share/man/man3/lwres_gethostbyaddr.3.gz OLD_FILES+=usr/share/man/man3/lwres_gethostbyaddr_r.3.gz OLD_FILES+=usr/share/man/man3/lwres_gethostbyname.3.gz OLD_FILES+=usr/share/man/man3/lwres_gethostbyname2.3.gz OLD_FILES+=usr/share/man/man3/lwres_gethostbyname_r.3.gz OLD_FILES+=usr/share/man/man3/lwres_gethostent.3.gz OLD_FILES+=usr/share/man/man3/lwres_gethostent_r.3.gz OLD_FILES+=usr/share/man/man3/lwres_getipnode.3.gz OLD_FILES+=usr/share/man/man3/lwres_getipnodebyaddr.3.gz OLD_FILES+=usr/share/man/man3/lwres_getipnodebyname.3.gz OLD_FILES+=usr/share/man/man3/lwres_getnamebyaddr.3.gz OLD_FILES+=usr/share/man/man3/lwres_getnameinfo.3.gz OLD_FILES+=usr/share/man/man3/lwres_getrrsetbyname.3.gz OLD_FILES+=usr/share/man/man3/lwres_gnba.3.gz OLD_FILES+=usr/share/man/man3/lwres_gnbarequest_free.3.gz OLD_FILES+=usr/share/man/man3/lwres_gnbarequest_parse.3.gz OLD_FILES+=usr/share/man/man3/lwres_gnbarequest_render.3.gz OLD_FILES+=usr/share/man/man3/lwres_gnbaresponse_free.3.gz OLD_FILES+=usr/share/man/man3/lwres_gnbaresponse_parse.3.gz OLD_FILES+=usr/share/man/man3/lwres_gnbaresponse_render.3.gz OLD_FILES+=usr/share/man/man3/lwres_herror.3.gz OLD_FILES+=usr/share/man/man3/lwres_hstrerror.3.gz OLD_FILES+=usr/share/man/man3/lwres_inetntop.3.gz OLD_FILES+=usr/share/man/man3/lwres_lwpacket_parseheader.3.gz OLD_FILES+=usr/share/man/man3/lwres_lwpacket_renderheader.3.gz OLD_FILES+=usr/share/man/man3/lwres_net_ntop.3.gz OLD_FILES+=usr/share/man/man3/lwres_noop.3.gz OLD_FILES+=usr/share/man/man3/lwres_nooprequest_free.3.gz OLD_FILES+=usr/share/man/man3/lwres_nooprequest_parse.3.gz OLD_FILES+=usr/share/man/man3/lwres_nooprequest_render.3.gz OLD_FILES+=usr/share/man/man3/lwres_noopresponse_free.3.gz OLD_FILES+=usr/share/man/man3/lwres_noopresponse_parse.3.gz OLD_FILES+=usr/share/man/man3/lwres_noopresponse_render.3.gz OLD_FILES+=usr/share/man/man3/lwres_packet.3.gz OLD_FILES+=usr/share/man/man3/lwres_resutil.3.gz OLD_FILES+=usr/share/man/man3/lwres_sethostent.3.gz OLD_FILES+=usr/share/man/man3/lwres_sethostent_r.3.gz OLD_FILES+=usr/share/man/man3/lwres_string_parse.3.gz OLD_FILES+=usr/share/man/man5/named.conf.5.gz OLD_FILES+=usr/share/man/man5/rndc.conf.5.gz OLD_FILES+=usr/share/man/man8/ddns-confgen.8.gz OLD_FILES+=usr/share/man/man8/dnssec-dsfromkey.8.gz OLD_FILES+=usr/share/man/man8/dnssec-keyfromlabel.8.gz OLD_FILES+=usr/share/man/man8/dnssec-keygen.8.gz OLD_FILES+=usr/share/man/man8/dnssec-revoke.8.gz OLD_FILES+=usr/share/man/man8/dnssec-settime.8.gz OLD_FILES+=usr/share/man/man8/dnssec-signzone.8.gz OLD_FILES+=usr/share/man/man8/dnssec-verify.8.gz OLD_FILES+=usr/share/man/man8/genrandom.8.gz OLD_FILES+=usr/share/man/man8/isc-hmac-fixup.8.gz OLD_FILES+=usr/share/man/man8/lwresd.8.gz OLD_FILES+=usr/share/man/man8/named-checkconf.8.gz OLD_FILES+=usr/share/man/man8/named-checkzone.8.gz OLD_FILES+=usr/share/man/man8/named-compilezone.8.gz OLD_FILES+=usr/share/man/man8/named-journalprint.8.gz OLD_FILES+=usr/share/man/man8/named.8.gz OLD_FILES+=usr/share/man/man8/named.reconfig.8.gz OLD_FILES+=usr/share/man/man8/named.reload.8.gz OLD_FILES+=usr/share/man/man8/nsec3hash.8.gz OLD_FILES+=usr/share/man/man8/rndc-confgen.8.gz OLD_FILES+=usr/share/man/man8/rndc.8.gz OLD_DIRS+=var/named/dev OLD_DIRS+=var/named/etc OLD_DIRS+=var/named/etc/namedb OLD_FILES+=var/named/etc/namedb/PROTO.localhost-v6.rev OLD_FILES+=var/named/etc/namedb/PROTO.localhost.rev OLD_DIRS+=var/named/etc/namedb/dynamic OLD_FILES+=var/named/etc/namedb/make-localhost OLD_DIRS+=var/named/etc/namedb/master OLD_FILES+=var/named/etc/namedb/master/empty.db OLD_FILES+=var/named/etc/namedb/master/localhost-forward.db OLD_FILES+=var/named/etc/namedb/master/localhost-reverse.db #OLD_FILES+=var/named/etc/namedb/named.conf # intentionally left out OLD_FILES+=var/named/etc/namedb/named.root OLD_DIRS+=var/named/etc/namedb/working OLD_DIRS+=var/named/etc/namedb/slave OLD_DIRS+=var/named/var OLD_DIRS+=var/named/var/dump OLD_DIRS+=var/named/var/log OLD_DIRS+=var/named/var/run OLD_DIRS+=var/named/var/run/named OLD_DIRS+=var/named/var/stats OLD_DIRS+=var/run/named # 20130923: example moved OLD_FILES+=usr/share/examples/bsdconfig/browse_packages.sh # 20130908: libssh becomes private OLD_FILES+=usr/lib/libssh.a OLD_FILES+=usr/lib/libssh.so OLD_LIBS+=usr/lib/libssh.so.5 OLD_FILES+=usr/lib/libssh_p.a OLD_FILES+=usr/lib32/libssh.a OLD_FILES+=usr/lib32/libssh.so OLD_LIBS+=usr/lib32/libssh.so.5 OLD_FILES+=usr/lib32/libssh_p.a # 20130903: gnupatch is no more OLD_FILES+=usr/bin/gnupatch OLD_FILES+=usr/share/man/man1/gnupatch.1.gz # 20130829: bsdpatch is patch unconditionally OLD_FILES+=usr/bin/bsdpatch OLD_FILES+=usr/share/man/man1/bsdpatch.1.gz # 20130822: bind 9.9.3-P2 import OLD_LIBS+=usr/lib/liblwres.so.80 # 20130814: vm_page_busy(9) OLD_FILES+=usr/share/man/man9/vm_page_flash.9.gz OLD_FILES+=usr/share/man/man9/vm_page_io.9.gz OLD_FILES+=usr/share/man/man9/vm_page_io_finish.9.gz OLD_FILES+=usr/share/man/man9/vm_page_io_start.9.gz OLD_FILES+=usr/share/man/man9/vm_page_wakeup.9.gz # 20130710: libkvm version bump OLD_LIBS+=lib/libkvm.so.5 OLD_LIBS+=usr/lib32/libkvm.so.5 # 20130623: dialog update from 1.1 to 1.2 OLD_LIBS+=usr/lib/libdialog.so.7 OLD_LIBS+=usr/lib32/libdialog.so.7 # 20130616: vfs_mount.9 removed OLD_FILES+=usr/share/man/man9/vfs_mount.9.gz # 20130614: remove CVS from base OLD_FILES+=usr/bin/cvs OLD_FILES+=usr/bin/cvsbug OLD_FILES+=usr/share/doc/psd/28.cvs/paper.ascii.gz OLD_FILES+=usr/share/doc/psd/28.cvs/paper.ps.gz OLD_DIRS+=usr/share/doc/psd/28.cvs OLD_FILES+=usr/share/examples/cvs/contrib/README OLD_FILES+=usr/share/examples/cvs/contrib/clmerge OLD_FILES+=usr/share/examples/cvs/contrib/cln_hist OLD_FILES+=usr/share/examples/cvs/contrib/commit_prep OLD_FILES+=usr/share/examples/cvs/contrib/cvs2vendor OLD_FILES+=usr/share/examples/cvs/contrib/cvs_acls OLD_FILES+=usr/share/examples/cvs/contrib/cvscheck OLD_FILES+=usr/share/examples/cvs/contrib/cvscheck.man OLD_FILES+=usr/share/examples/cvs/contrib/cvshelp.man OLD_FILES+=usr/share/examples/cvs/contrib/descend.man OLD_FILES+=usr/share/examples/cvs/contrib/easy-import OLD_FILES+=usr/share/examples/cvs/contrib/intro.doc OLD_FILES+=usr/share/examples/cvs/contrib/log OLD_FILES+=usr/share/examples/cvs/contrib/log_accum OLD_FILES+=usr/share/examples/cvs/contrib/mfpipe OLD_FILES+=usr/share/examples/cvs/contrib/rcs-to-cvs OLD_FILES+=usr/share/examples/cvs/contrib/rcs2log OLD_FILES+=usr/share/examples/cvs/contrib/rcslock OLD_FILES+=usr/share/examples/cvs/contrib/sccs2rcs OLD_DIRS+=usr/share/examples/cvs/contrib OLD_DIRS+=usr/share/examples/cvs OLD_FILES+=usr/share/info/cvs.info.gz OLD_FILES+=usr/share/info/cvsclient.info.gz OLD_FILES+=usr/share/man/man1/cvs.1.gz OLD_FILES+=usr/share/man/man5/cvs.5.gz OLD_FILES+=usr/share/man/man8/cvsbug.8.gz # 20130607: WITH_DEBUG_FILES added OLD_FILES+=lib/libufs.so.6.symbols OLD_FILES+=usr/lib32/libufs.so.6.symbols # 20130417: nfs fha moved from nfsserver to nfs OLD_FILES+=usr/include/nfsserver/nfs_fha.h # 20130411: new clang import which bumps version from 3.2 to 3.3. OLD_FILES+=usr/include/clang/3.2/__wmmintrin_aes.h OLD_FILES+=usr/include/clang/3.2/__wmmintrin_pclmul.h OLD_FILES+=usr/include/clang/3.2/altivec.h OLD_FILES+=usr/include/clang/3.2/ammintrin.h OLD_FILES+=usr/include/clang/3.2/avx2intrin.h OLD_FILES+=usr/include/clang/3.2/avxintrin.h OLD_FILES+=usr/include/clang/3.2/bmi2intrin.h OLD_FILES+=usr/include/clang/3.2/bmiintrin.h OLD_FILES+=usr/include/clang/3.2/cpuid.h OLD_FILES+=usr/include/clang/3.2/emmintrin.h OLD_FILES+=usr/include/clang/3.2/f16cintrin.h OLD_FILES+=usr/include/clang/3.2/fma4intrin.h OLD_FILES+=usr/include/clang/3.2/fmaintrin.h OLD_FILES+=usr/include/clang/3.2/immintrin.h OLD_FILES+=usr/include/clang/3.2/lzcntintrin.h OLD_FILES+=usr/include/clang/3.2/mm3dnow.h OLD_FILES+=usr/include/clang/3.2/mm_malloc.h OLD_FILES+=usr/include/clang/3.2/mmintrin.h OLD_FILES+=usr/include/clang/3.2/module.map OLD_FILES+=usr/include/clang/3.2/nmmintrin.h OLD_FILES+=usr/include/clang/3.2/pmmintrin.h OLD_FILES+=usr/include/clang/3.2/popcntintrin.h OLD_FILES+=usr/include/clang/3.2/rtmintrin.h OLD_FILES+=usr/include/clang/3.2/smmintrin.h OLD_FILES+=usr/include/clang/3.2/tmmintrin.h OLD_FILES+=usr/include/clang/3.2/wmmintrin.h OLD_FILES+=usr/include/clang/3.2/x86intrin.h OLD_FILES+=usr/include/clang/3.2/xmmintrin.h OLD_FILES+=usr/include/clang/3.2/xopintrin.h OLD_DIRS+=usr/include/clang/3.2 # 20130404: legacy ATA stack removed OLD_FILES+=etc/periodic/daily/405.status-ata-raid OLD_FILES+=rescue/atacontrol OLD_FILES+=sbin/atacontrol OLD_FILES+=usr/share/man/man8/atacontrol.8.gz OLD_FILES+=usr/share/man/man4/atapicam.4.gz OLD_FILES+=usr/share/man/man4/ataraid.4.gz OLD_FILES+=usr/sbin/burncd OLD_FILES+=usr/share/man/man8/burncd.8.gz # 20130316: vinum.4 removed OLD_FILES+=usr/share/man/man4/vinum.4.gz # 20130312: fortunes-o removed OLD_FILES+=usr/share/games/fortune/fortunes-o OLD_FILES+=usr/share/games/fortune/fortunes-o.dat # 20130311: Ports are no more available via cvsup OLD_FILES+=usr/share/examples/cvsup/ports-supfile OLD_FILES+=usr/share/examples/cvsup/refuse OLD_FILES+=usr/share/examples/cvsup/refuse.README # 20130309: NWFS and NCP supports removed OLD_FILES+=usr/bin/ncplist OLD_FILES+=usr/bin/ncplogin OLD_FILES+=usr/bin/ncplogout OLD_FILES+=usr/include/fs/nwfs/nwfs.h OLD_FILES+=usr/include/fs/nwfs/nwfs_mount.h OLD_FILES+=usr/include/fs/nwfs/nwfs_node.h OLD_FILES+=usr/include/fs/nwfs/nwfs_subr.h OLD_DIRS+=usr/include/fs/nwfs OLD_FILES+=usr/include/netncp/ncp.h OLD_FILES+=usr/include/netncp/ncp_cfg.h OLD_FILES+=usr/include/netncp/ncp_conn.h OLD_FILES+=usr/include/netncp/ncp_file.h OLD_FILES+=usr/include/netncp/ncp_lib.h OLD_FILES+=usr/include/netncp/ncp_ncp.h OLD_FILES+=usr/include/netncp/ncp_nls.h OLD_FILES+=usr/include/netncp/ncp_rcfile.h OLD_FILES+=usr/include/netncp/ncp_rq.h OLD_FILES+=usr/include/netncp/ncp_sock.h OLD_FILES+=usr/include/netncp/ncp_subr.h OLD_FILES+=usr/include/netncp/ncp_user.h OLD_FILES+=usr/include/netncp/ncpio.h OLD_FILES+=usr/include/netncp/nwerror.h OLD_DIRS+=usr/include/netncp OLD_FILES+=usr/lib/libncp.a OLD_FILES+=usr/lib/libncp.so OLD_LIBS+=usr/lib/libncp.so.4 OLD_FILES+=usr/lib/libncp_p.a OLD_FILES+=usr/lib32/libncp.a OLD_FILES+=usr/lib32/libncp.so OLD_LIBS+=usr/lib32/libncp.so.4 OLD_FILES+=usr/lib32/libncp_p.a OLD_FILES+=usr/sbin/mount_nwfs OLD_FILES+=usr/share/examples/nwclient/dot.nwfsrc OLD_FILES+=usr/share/examples/nwclient/nwfs.sh.sample OLD_DIRS+=usr/share/examples/nwclient OLD_FILES+=usr/share/man/man1/ncplist.1.gz OLD_FILES+=usr/share/man/man1/ncplogin.1.gz OLD_FILES+=usr/share/man/man1/ncplogout.1.gz OLD_FILES+=usr/share/man/man8/mount_nwfs.8.gz # 20130302: NTFS support removed OLD_FILES+=rescue/mount_ntfs OLD_FILES+=sbin/mount_ntfs OLD_FILES+=usr/include/fs/ntfs/ntfs.h OLD_FILES+=usr/include/fs/ntfs/ntfs_compr.h OLD_FILES+=usr/include/fs/ntfs/ntfs_ihash.h OLD_FILES+=usr/include/fs/ntfs/ntfs_inode.h OLD_FILES+=usr/include/fs/ntfs/ntfs_subr.h OLD_FILES+=usr/include/fs/ntfs/ntfs_vfsops.h OLD_FILES+=usr/include/fs/ntfs/ntfsmount.h OLD_DIRS+=usr/include/fs/ntfs OLD_FILES+=usr/share/man/man8/mount_ntfs.8.gz # 20130302: PORTALFS support removed OLD_FILES+=usr/include/fs/portalfs/portal.h OLD_DIRS+=usr/include/fs/portalfs OLD_FILES+=usr/sbin/mount_portalfs OLD_FILES+=usr/share/examples/portal/README OLD_FILES+=usr/share/examples/portal/portal.conf OLD_DIRS+=usr/share/examples/portal OLD_FILES+=usr/share/man/man8/mount_portalfs.8.gz # 20130302: CODAFS support removed OLD_FILES+=usr/share/man/man4/coda.4.gz # 20130302: XFS support removed OLD_FILES+=usr/share/man/man5/xfs.5.gz # 20130302: Capsicum overhaul OLD_FILES+=usr/share/man/man2/cap_getrights.2.gz OLD_FILES+=usr/share/man/man2/cap_new.2.gz # 20130213: OpenSSL 1.0.1e import OLD_FILES+=usr/share/openssl/man/man3/EVP_PKEY_verifyrecover.3.gz OLD_FILES+=usr/share/openssl/man/man3/EVP_PKEY_verifyrecover_init.3.gz # 20130116: removed long unused directories for .1aout section manpages OLD_FILES+=usr/share/man/en.ISO8859-1/man1aout OLD_FILES+=usr/share/man/en.UTF-8/man1aout OLD_DIRS+=usr/share/man/man1aout OLD_DIRS+=usr/share/man/cat1aout OLD_DIRS+=usr/share/man/en.ISO8859-1/cat1aout OLD_DIRS+=usr/share/man/en.UTF-8/cat1aout # 20130110: bsd.compat.mk removed OLD_FILES+=usr/share/mk/bsd.compat.mk # 20130103: gnats-supfile removed OLD_FILES+=usr/share/examples/cvsup/gnats-supfile # 20121230: libdisk removed OLD_FILES+=usr/share/man/man3/libdisk.3.gz usr/include/libdisk.h OLD_FILES+=usr/lib/libdisk.a usr/lib32/libdisk.a # 20121230: remove wrongly created directories for auditdistd OLD_DIRS+=var/dist OLD_DIRS+=var/remote # 20121114: zpool-features manual page moved from section 5 to 7 OLD_FILES+=usr/share/man/man5/zpool-features.5.gz # 20121022: remove harp, hfa and idt man page OLD_FILES+=usr/share/man/man4/harp.4.gz OLD_FILES+=usr/share/man/man4/hfa.4.gz OLD_FILES+=usr/share/man/man4/idt.4.gz OLD_FILES+=usr/share/man/man4/if_idt.4.gz # 20121022: VFS_LOCK_GIANT elimination OLD_FILES+=usr/share/man/man9/VFS_LOCK_GIANT.9.gz OLD_FILES+=usr/share/man/man9/VFS_UNLOCK_GIANT.9.gz # 20121004: remove incomplete unwind.h OLD_FILES+=usr/include/clang/3.2/unwind.h # 20120910: NetBSD compat shims removed OLD_FILES+=usr/include/cam/scsi/scsi_low_pisa.h OLD_FILES+=usr/include/sys/device_port.h # 20120909: doc and www supfiles removed OLD_FILES+=usr/share/examples/cvsup/doc-supfile OLD_FILES+=usr/share/examples/cvsup/www-supfile # 20120908: pf cleanup OLD_FILES+=usr/include/net/if_pflow.h # 20120816: new clang import which bumps version from 3.1 to 3.2 OLD_FILES+=usr/bin/llvm-ld OLD_FILES+=usr/bin/llvm-stub OLD_FILES+=usr/include/clang/3.1/altivec.h OLD_FILES+=usr/include/clang/3.1/avx2intrin.h OLD_FILES+=usr/include/clang/3.1/avxintrin.h OLD_FILES+=usr/include/clang/3.1/bmi2intrin.h OLD_FILES+=usr/include/clang/3.1/bmiintrin.h OLD_FILES+=usr/include/clang/3.1/cpuid.h OLD_FILES+=usr/include/clang/3.1/emmintrin.h OLD_FILES+=usr/include/clang/3.1/fma4intrin.h OLD_FILES+=usr/include/clang/3.1/immintrin.h OLD_FILES+=usr/include/clang/3.1/lzcntintrin.h OLD_FILES+=usr/include/clang/3.1/mm3dnow.h OLD_FILES+=usr/include/clang/3.1/mm_malloc.h OLD_FILES+=usr/include/clang/3.1/mmintrin.h OLD_FILES+=usr/include/clang/3.1/module.map OLD_FILES+=usr/include/clang/3.1/nmmintrin.h OLD_FILES+=usr/include/clang/3.1/pmmintrin.h OLD_FILES+=usr/include/clang/3.1/popcntintrin.h OLD_FILES+=usr/include/clang/3.1/smmintrin.h OLD_FILES+=usr/include/clang/3.1/tmmintrin.h OLD_FILES+=usr/include/clang/3.1/unwind.h OLD_FILES+=usr/include/clang/3.1/wmmintrin.h OLD_FILES+=usr/include/clang/3.1/x86intrin.h OLD_FILES+=usr/include/clang/3.1/xmmintrin.h OLD_DIRS+=usr/include/clang/3.1 OLD_FILES+=usr/share/man/man1/llvm-ld.1.gz # 20120712: OpenSSL 1.0.1c import OLD_LIBS+=lib/libcrypto.so.6 OLD_LIBS+=usr/lib/libssl.so.6 OLD_LIBS+=usr/lib32/libcrypto.so.6 OLD_LIBS+=usr/lib32/libssl.so.6 OLD_FILES+=usr/include/openssl/aes_locl.h OLD_FILES+=usr/include/openssl/bio_lcl.h OLD_FILES+=usr/include/openssl/e_os.h OLD_FILES+=usr/include/openssl/fips.h OLD_FILES+=usr/include/openssl/fips_rand.h OLD_FILES+=usr/include/openssl/md2.h OLD_FILES+=usr/include/openssl/pq_compat.h OLD_FILES+=usr/include/openssl/store.h OLD_FILES+=usr/include/openssl/tmdiff.h OLD_FILES+=usr/include/openssl/ui_locl.h OLD_FILES+=usr/share/openssl/man/man3/CRYPTO_set_id_callback.3.gz # 20120621: remove old man page OLD_FILES+=usr/share/man/man8/vnconfig.8.gz # 20120619: TOE support updated OLD_FILES+=usr/include/netinet/toedev.h # 20120613: auth.conf removed OLD_FILES+=etc/auth.conf OLD_FILES+=usr/share/examples/etc/auth.conf OLD_FILES+=usr/share/man/man3/auth.3.gz OLD_FILES+=usr/share/man/man3/auth_getval.3.gz OLD_FILES+=usr/share/man/man5/auth.conf.5.gz # 20120530: kde pam lives now in ports OLD_FILES+=etc/pam.d/kde # 20120521: byacc import OLD_FILES+=usr/bin/yyfix OLD_FILES+=usr/share/man/man1/yyfix.1.gz # 20120505: new clang import installed a redundant internal header OLD_FILES+=usr/include/clang/3.1/stdalign.h # 20120428: MD2 removed from libmd OLD_LIBS+=lib/libmd.so.5 OLD_FILES+=usr/include/md2.h OLD_LIBS+=usr/lib32/libmd.so.5 OLD_FILES+=usr/share/man/man3/MD2Data.3.gz OLD_FILES+=usr/share/man/man3/MD2End.3.gz OLD_FILES+=usr/share/man/man3/MD2File.3.gz OLD_FILES+=usr/share/man/man3/MD2FileChunk.3.gz OLD_FILES+=usr/share/man/man3/MD2Final.3.gz OLD_FILES+=usr/share/man/man3/MD2Init.3.gz OLD_FILES+=usr/share/man/man3/MD2Update.3.gz OLD_FILES+=usr/share/man/man3/md2.3.gz # 20120425: libusb version bump (r234684) OLD_LIBS+=usr/lib/libusb.so.2 OLD_LIBS+=usr/lib32/libusb.so.2 OLD_FILES+=usr/share/man/man3/libsub_get_active_config_descriptor.3.gz # 20120415: new clang import which bumps version from 3.0 to 3.1 OLD_FILES+=usr/include/clang/3.0/altivec.h OLD_FILES+=usr/include/clang/3.0/avxintrin.h OLD_FILES+=usr/include/clang/3.0/emmintrin.h OLD_FILES+=usr/include/clang/3.0/immintrin.h OLD_FILES+=usr/include/clang/3.0/mm3dnow.h OLD_FILES+=usr/include/clang/3.0/mm_malloc.h OLD_FILES+=usr/include/clang/3.0/mmintrin.h OLD_FILES+=usr/include/clang/3.0/nmmintrin.h OLD_FILES+=usr/include/clang/3.0/pmmintrin.h OLD_FILES+=usr/include/clang/3.0/smmintrin.h OLD_FILES+=usr/include/clang/3.0/tmmintrin.h OLD_FILES+=usr/include/clang/3.0/wmmintrin.h OLD_FILES+=usr/include/clang/3.0/x86intrin.h OLD_FILES+=usr/include/clang/3.0/xmmintrin.h OLD_DIRS+=usr/include/clang/3.0 # 20120412: BIND 9.8.1 release notes removed OLD_FILES+=usr/share/doc/bind9/RELEASE-NOTES-BIND-9.8.1.pdf OLD_FILES+=usr/share/doc/bind9/RELEASE-NOTES-BIND-9.8.1.txt OLD_FILES+=usr/share/doc/bind9/RELEASE-NOTES-BIND-9.8.1.html OLD_FILES+=usr/share/doc/bind9/release-notes.css # 20120330: legacy(4) moved to x86 OLD_FILES+=usr/include/machine/legacyvar.h # 20120324: MPI headers updated OLD_FILES+=usr/include/dev/mpt/mpilib/mpi_inb.h # 20120322: hwpmc_mips24k.h removed OLD_FILES+=usr/include/dev/hwpmc/hwpmc_mips24k.h # 20120322: Update heimdal to 1.5.1. OLD_FILES+=usr/include/krb5-v4compat.h \ usr/include/krb_err.h \ usr/include/hdb-private.h \ usr/share/man/man3/krb5_addresses.3.gz \ usr/share/man/man3/krb5_cc_cursor.3.gz \ usr/share/man/man3/krb5_cc_ops.3.gz \ usr/share/man/man3/krb5_config.3.gz \ usr/share/man/man3/krb5_config_get_int_default.3.gz \ usr/share/man/man3/krb5_context.3.gz \ usr/share/man/man3/krb5_data.3.gz \ usr/share/man/man3/krb5_err.3.gz \ usr/share/man/man3/krb5_errx.3.gz \ usr/share/man/man3/krb5_keyblock.3.gz \ usr/share/man/man3/krb5_keytab_entry.3.gz \ usr/share/man/man3/krb5_kt_cursor.3.gz \ usr/share/man/man3/krb5_kt_ops.3.gz \ usr/share/man/man3/krb5_set_warn_dest.3.gz \ usr/share/man/man3/krb5_verr.3.gz \ usr/share/man/man3/krb5_verrx.3.gz \ usr/share/man/man3/krb5_vwarnx.3.gz \ usr/share/man/man3/krb5_warn.3.gz \ usr/share/man/man3/krb5_warnx.3.gz OLD_LIBS+=usr/lib/libasn1.so.10 \ usr/lib/libhdb.so.10 \ usr/lib/libheimntlm.so.10 \ usr/lib/libhx509.so.10 \ usr/lib/libkadm5clnt.so.10 \ usr/lib/libkadm5srv.so.10 \ usr/lib/libkafs5.so.10 \ usr/lib/libkrb5.so.10 \ usr/lib/libroken.so.10 \ usr/lib32/libasn1.so.10 \ usr/lib32/libhdb.so.10 \ usr/lib32/libheimntlm.so.10 \ usr/lib32/libhx509.so.10 \ usr/lib32/libkadm5clnt.so.10 \ usr/lib32/libkadm5srv.so.10 \ usr/lib32/libkafs5.so.10 \ usr/lib32/libkrb5.so.10 \ usr/lib32/libroken.so.10 # 20120309: Remove fifofs header files. OLD_FILES+=usr/include/fs/fifofs/fifo.h OLD_DIRS+=usr/include/fs/fifofs # 20120304: xlocale cleanup OLD_FILES+=usr/include/_xlocale_ctype.h # 20120225: libarchive 3.0.3 OLD_FILES+=usr/share/man/man3/archive_read_data_into_buffer.3.gz \ usr/share/man/man3/archive_read_support_compression_all.3.gz \ usr/share/man/man3/archive_read_support_compression_bzip2.3.gz \ usr/share/man/man3/archive_read_support_compression_compress.3.gz \ usr/share/man/man3/archive_read_support_compression_gzip.3.gz \ usr/share/man/man3/archive_read_support_compression_lzma.3.gz \ usr/share/man/man3/archive_read_support_compression_none.3.gz \ usr/share/man/man3/archive_read_support_compression_program.3.gz \ usr/share/man/man3/archive_read_support_compression_program_signature.3.gz \ usr/share/man/man3/archive_read_support_compression_xz.3.gz \ usr/share/man/man3/archive_write_set_callbacks.3.gz \ usr/share/man/man3/archive_write_set_compression_bzip2.3.gz \ usr/share/man/man3/archive_write_set_compression_compress.3.gz \ usr/share/man/man3/archive_write_set_compression_gzip.3.gz \ usr/share/man/man3/archive_write_set_compression_none.3.gz \ usr/share/man/man3/archive_write_set_compression_program.3.gz OLD_LIBS+=usr/lib/libarchive.so.5 OLD_LIBS+=usr/lib32/libarchive.so.5 # 20120113: removal of wtmpcvt(1) OLD_FILES+=usr/bin/wtmpcvt OLD_FILES+=usr/share/man/man1/wtmpcvt.1.gz # 20111214: eventtimers(7) moved to eventtimers(4) OLD_FILES+=usr/share/man/man7/eventtimers.7.gz # 20111125: amd(4) removed OLD_FILES+=usr/share/man/man4/amd.4.gz # 20111125: libodialog removed OLD_FILES+=usr/lib/libodialog.a OLD_FILES+=usr/lib/libodialog.so OLD_LIBS+=usr/lib/libodialog.so.7 OLD_FILES+=usr/lib/libodialog_p.a OLD_FILES+=usr/lib32/libodialog.a OLD_FILES+=usr/lib32/libodialog.so OLD_LIBS+=usr/lib32/libodialog.so.7 OLD_FILES+=usr/lib32/libodialog_p.a # 20110930: sysinstall removed OLD_FILES+=usr/sbin/sysinstall OLD_FILES+=usr/share/man/man8/sysinstall.8.gz OLD_FILES+=usr/lib/libftpio.a OLD_FILES+=usr/lib/libftpio.so OLD_LIBS+=usr/lib/libftpio.so.8 OLD_FILES+=usr/lib/libftpio_p.a OLD_FILES+=usr/lib32/libftpio.a OLD_FILES+=usr/lib32/libftpio.so OLD_LIBS+=usr/lib32/libftpio.so.8 OLD_FILES+=usr/lib32/libftpio_p.a OLD_FILES+=usr/include/ftpio.h OLD_FILES+=usr/share/man/man3/ftpio.3.gz # 20110915: rename congestion control manpages OLD_FILES+=usr/share/man/man4/cc.4.gz OLD_FILES+=usr/share/man/man9/cc.9.gz # 20110831: atomic page flags operations OLD_FILES+=usr/share/man/man9/vm_page_flag.9.gz OLD_FILES+=usr/share/man/man9/vm_page_flag_clear.9.gz OLD_FILES+=usr/share/man/man9/vm_page_flag_set.9.gz # 20110828: library version bump for 9.0 OLD_LIBS+=lib/libcam.so.5 OLD_LIBS+=lib/libpcap.so.7 OLD_LIBS+=lib/libufs.so.5 OLD_LIBS+=usr/lib/libbsnmp.so.5 OLD_LIBS+=usr/lib/libdwarf.so.2 OLD_LIBS+=usr/lib/libopie.so.6 OLD_LIBS+=usr/lib/librtld_db.so.1 OLD_LIBS+=usr/lib/libtacplus.so.4 OLD_LIBS+=usr/lib32/libcam.so.5 OLD_LIBS+=usr/lib32/libpcap.so.7 OLD_LIBS+=usr/lib32/libufs.so.5 OLD_LIBS+=usr/lib32/libbsnmp.so.5 OLD_LIBS+=usr/lib32/libdwarf.so.2 OLD_LIBS+=usr/lib32/libopie.so.6 OLD_LIBS+=usr/lib32/librtld_db.so.1 OLD_LIBS+=usr/lib32/libtacplus.so.4 # 20110817: no more acd.4, ad.4, afd.4 and ast.4 OLD_FILES+=usr/share/man/man4/acd.4.gz OLD_FILES+=usr/share/man/man4/ad.4.gz OLD_FILES+=usr/share/man/man4/afd.4.gz OLD_FILES+=usr/share/man/man4/ast.4.gz # 20110718: no longer useful in the age of rc.d OLD_FILES+=usr/sbin/named.reconfig OLD_FILES+=usr/sbin/named.reload OLD_FILES+=usr/share/man/man8/named.reconfig.8.gz OLD_FILES+=usr/share/man/man8/named.reload.8.gz # 20110716: bind 9.8.0 import OLD_LIBS+=usr/lib/liblwres.so.50 OLD_FILES+=usr/share/doc/bind9/KNOWN-DEFECTS OLD_FILES+=usr/share/doc/bind9/NSEC3-NOTES OLD_FILES+=usr/share/doc/bind9/README.idnkit OLD_FILES+=usr/share/doc/bind9/README.pkcs11 # 20110709: vm_map_clean.9 -> vm_map_sync.9 OLD_FILES+=usr/share/man/man9/vm_map_clean.9.gz # 20110709: Catch up with removal of these functions. OLD_FILES+=usr/share/man/man9/vm_page_copy.9.gz OLD_FILES+=usr/share/man/man9/vm_page_protect.9.gz OLD_FILES+=usr/share/man/man9/vm_page_zero_fill.9.gz # 20110707: script no longer needed by /etc/rc.d/nfsd OLD_FILES+=etc/rc.d/nfsserver # 20110705: files moved so both NFS clients can share them OLD_FILES+=usr/include/nfsclient/krpc.h OLD_FILES+=usr/include/nfsclient/nfsdiskless.h # 20110705: the switch of default NFS client to the new one OLD_FILES+=sbin/mount_newnfs OLD_FILES+=usr/share/man/man8/mount_newnfs.8.gz OLD_FILES+=usr/include/nfsclient/nfs_kdtrace.h # 20110628: calendar.msk removed OLD_FILES+=usr/share/calendar/ru_RU.KOI8-R/calendar.msk # 20110517: libpkg removed OLD_FILES+=usr/include/pkg.h OLD_FILES+=usr/lib/libpkg.a OLD_FILES+=usr/lib/libpkg.so OLD_LIBS+=usr/lib/libpkg.so.0 OLD_FILES+=usr/lib/libpkg_p.a OLD_FILES+=usr/lib32/libpkg.a OLD_FILES+=usr/lib32/libpkg.so OLD_LIBS+=usr/lib32/libpkg.so.0 OLD_FILES+=usr/lib32/libpkg_p.a # 20110517: libsbuf version bump OLD_LIBS+=lib/libsbuf.so.5 OLD_LIBS+=usr/lib32/libsbuf.so.5 # 20110502: new clang import which bumps version from 2.9 to 3.0 OLD_FILES+=usr/include/clang/2.9/emmintrin.h OLD_FILES+=usr/include/clang/2.9/mm_malloc.h OLD_FILES+=usr/include/clang/2.9/mmintrin.h OLD_FILES+=usr/include/clang/2.9/pmmintrin.h OLD_FILES+=usr/include/clang/2.9/tmmintrin.h OLD_FILES+=usr/include/clang/2.9/xmmintrin.h OLD_DIRS+=usr/include/clang/2.9 # 20110417: removal of Objective-C support OLD_FILES+=usr/include/objc/encoding.h OLD_FILES+=usr/include/objc/hash.h OLD_FILES+=usr/include/objc/NXConstStr.h OLD_FILES+=usr/include/objc/objc-api.h OLD_FILES+=usr/include/objc/objc-decls.h OLD_FILES+=usr/include/objc/objc-list.h OLD_FILES+=usr/include/objc/objc.h OLD_FILES+=usr/include/objc/Object.h OLD_FILES+=usr/include/objc/Protocol.h OLD_FILES+=usr/include/objc/runtime.h OLD_FILES+=usr/include/objc/sarray.h OLD_FILES+=usr/include/objc/thr.h OLD_FILES+=usr/include/objc/typedstream.h OLD_FILES+=usr/lib/libobjc.a OLD_FILES+=usr/lib/libobjc.so OLD_FILES+=usr/lib/libobjc_p.a OLD_FILES+=usr/libexec/cc1obj OLD_LIBS+=usr/lib/libobjc.so.4 OLD_DIRS+=usr/include/objc OLD_FILES+=usr/lib32/libobjc.a OLD_FILES+=usr/lib32/libobjc.so OLD_FILES+=usr/lib32/libobjc_p.a OLD_LIBS+=usr/lib32/libobjc.so.4 # 20110331: firmware.img created at build time OLD_FILES+=usr/share/examples/kld/firmware/fwimage/firmware.img # 20110224: sticky.8 -> sticky.7 OLD_FILES+=usr/share/man/man8/sticky.8.gz # 20110220: new clang import which bumps version from 2.8 to 2.9 OLD_FILES+=usr/include/clang/2.8/emmintrin.h OLD_FILES+=usr/include/clang/2.8/mm_malloc.h OLD_FILES+=usr/include/clang/2.8/mmintrin.h OLD_FILES+=usr/include/clang/2.8/pmmintrin.h OLD_FILES+=usr/include/clang/2.8/tmmintrin.h OLD_FILES+=usr/include/clang/2.8/xmmintrin.h OLD_DIRS+=usr/include/clang/2.8 # 20110119: netinet/sctp_cc_functions.h removed OLD_FILES+=usr/include/netinet/sctp_cc_functions.h # 20110119: Remove SYSCTL_*X* sysctl additions. OLD_FILES+=usr/share/man/man9/SYSCTL_XINT.9.gz \ usr/share/man/man9/SYSCTL_XLONG.9.gz # 20110112: Update dialog to new version, rename old libdialog to libodialog, # removing associated man pages and header files. OLD_FILES+=usr/share/man/man3/draw_shadow.3.gz \ usr/share/man/man3/draw_box.3.gz usr/share/man/man3/line_edit.3.gz \ usr/share/man/man3/strheight.3.gz usr/share/man/man3/strwidth.3.gz \ usr/share/man/man3/dialog_create_rc.3.gz \ usr/share/man/man3/dialog_yesno.3.gz usr/share/man/man3/dialog_noyes.3.gz \ usr/share/man/man3/dialog_prgbox.3.gz \ usr/share/man/man3/dialog_textbox.3.gz usr/share/man/man3/dialog_menu.3.gz \ usr/share/man/man3/dialog_checklist.3.gz \ usr/share/man/man3/dialog_radiolist.3.gz \ usr/share/man/man3/dialog_inputbox.3.gz \ usr/share/man/man3/dialog_clear_norefresh.3.gz \ usr/share/man/man3/dialog_clear.3.gz usr/share/man/man3/dialog_update.3.gz \ usr/share/man/man3/dialog_fselect.3.gz \ usr/share/man/man3/dialog_notify.3.gz \ usr/share/man/man3/dialog_mesgbox.3.gz \ usr/share/man/man3/dialog_gauge.3.gz usr/share/man/man3/init_dialog.3.gz \ usr/share/man/man3/end_dialog.3.gz usr/share/man/man3/use_helpfile.3.gz \ usr/share/man/man3/use_helpline.3.gz usr/share/man/man3/get_helpline.3.gz \ usr/share/man/man3/restore_helpline.3.gz \ usr/share/man/man3/dialog_msgbox.3.gz \ usr/share/man/man3/dialog_ftree.3.gz usr/share/man/man3/dialog_tree.3.gz \ usr/share/examples/dialog/README usr/share/examples/dialog/checklist \ usr/share/examples/dialog/ftreebox usr/share/examples/dialog/infobox \ usr/share/examples/dialog/inputbox usr/share/examples/dialog/menubox \ usr/share/examples/dialog/msgbox usr/share/examples/dialog/prgbox \ usr/share/examples/dialog/radiolist usr/share/examples/dialog/textbox \ usr/share/examples/dialog/treebox usr/share/examples/dialog/yesno \ usr/share/examples/libdialog/Makefile usr/share/examples/libdialog/check1.c\ usr/share/examples/libdialog/check2.c usr/share/examples/libdialog/check3.c\ usr/share/examples/libdialog/dselect.c \ usr/share/examples/libdialog/fselect.c \ usr/share/examples/libdialog/ftree1.c \ usr/share/examples/libdialog/ftree1.test \ usr/share/examples/libdialog/ftree2.c \ usr/share/examples/libdialog/ftree2.test \ usr/share/examples/libdialog/gauge.c usr/share/examples/libdialog/input1.c \ usr/share/examples/libdialog/input2.c usr/share/examples/libdialog/menu1.c \ usr/share/examples/libdialog/menu2.c usr/share/examples/libdialog/menu3.c \ usr/share/examples/libdialog/msg.c usr/share/examples/libdialog/prgbox.c \ usr/share/examples/libdialog/radio1.c usr/share/examples/libdialog/radio2.c\ usr/share/examples/libdialog/radio3.c usr/share/examples/libdialog/text.c \ usr/share/examples/libdialog/tree.c usr/share/examples/libdialog/yesno.c OLD_DIRS+=usr/share/examples/libdialog usr/share/examples/dialog # 20101114: Remove long-obsolete MAKEDEV.8 OLD_FILES+=usr/share/man/man8/MAKEDEV.8.gz # 20101112: vgonel(9) has gone to private API a while ago OLD_FILES+=usr/share/man/man9/vgonel.9.gz # 20101112: removed gasp.info OLD_FILES+=usr/share/info/gasp.info.gz # 20101109: machine/mutex.h removed OLD_FILES+=usr/include/machine/mutex.h # 20101109: headers moved from machine/ to x86/ .if ${TARGET_ARCH} == "amd64" || ${TARGET_ARCH} == "i386" OLD_FILES+=usr/include/machine/mptable.h .endif # 20101101: headers moved from machine/ to x86/ .if ${TARGET_ARCH} == "amd64" || ${TARGET_ARCH} == "i386" OLD_FILES+=usr/include/machine/apicreg.h OLD_FILES+=usr/include/machine/mca.h .endif # 20101020: catch up with vm_page_sleep_if_busy rename OLD_FILES+=usr/share/man/man9/vm_page_sleep_busy.9.gz # 20101018: taskqueue(9) updates OLD_FILES+=usr/share/man/man9/taskqueue_find.9.gz # 20101011: removed subblock.h from liblzma OLD_FILES+=usr/include/lzma/subblock.h # 20101002: removed manpath.config OLD_FILES+=etc/manpath.config OLD_FILES+=usr/share/examples/etc/manpath.config # 20100910: renamed sbuf_overflowed to sbuf_error OLD_FILES+=usr/share/man/man9/sbuf_overflowed.9.gz # 20100815: retired last traces of chooseproc(9) OLD_FILES+=usr/share/man/man9/chooseproc.9.gz # 20100806: removal of unused libcompat routines OLD_FILES+=usr/share/man/man3/ascftime.3.gz OLD_FILES+=usr/share/man/man3/cfree.3.gz OLD_FILES+=usr/share/man/man3/cftime.3.gz OLD_FILES+=usr/share/man/man3/getpw.3.gz # 20100801: tzdata2010k import OLD_FILES+=usr/share/zoneinfo/Pacific/Ponape OLD_FILES+=usr/share/zoneinfo/Pacific/Truk # 20100725: acpi_aiboost(4) removal. OLD_FILES+=usr/share/man/man4/acpi_aiboost.4.gz # 20100724: nfsclient/nfs_lock.h moved to nfs/nfs_lock.h OLD_FILES+=usr/include/nfsclient/nfs_lock.h # 20100720: new clang import which bumps version from 2.0 to 2.8 OLD_FILES+=usr/include/clang/2.0/emmintrin.h OLD_FILES+=usr/include/clang/2.0/mm_malloc.h OLD_FILES+=usr/include/clang/2.0/mmintrin.h OLD_FILES+=usr/include/clang/2.0/pmmintrin.h OLD_FILES+=usr/include/clang/2.0/tmmintrin.h OLD_FILES+=usr/include/clang/2.0/xmmintrin.h OLD_DIRS+=usr/include/clang/2.0 # 20100706: removed pc-sysinstall's detect-vmware.sh OLD_FILES+=usr/share/pc-sysinstall/backend-query/detect-vmware.sh # 20100701: [powerpc] removed .if ${TARGET_ARCH} == "powerpc" OLD_FILES+=usr/include/machine/intr.h .endif # 20100514: library version bump for versioned symbols for liblzma OLD_LIBS+=usr/lib/liblzma.so.0 OLD_LIBS+=usr/lib32/liblzma.so.0 # 20100511: move GCC-specific headers to /usr/include/gcc .if ${TARGET_ARCH} == "amd64" || ${TARGET_ARCH} == "i386" OLD_FILES+=usr/include/emmintrin.h OLD_FILES+=usr/include/mm_malloc.h OLD_FILES+=usr/include/pmmintrin.h OLD_FILES+=usr/include/xmmintrin.h .endif .if ${TARGET_ARCH} == "amd64" || ${TARGET_ARCH} == "i386" || ${TARGET_ARCH} == "arm" OLD_FILES+=usr/include/mmintrin.h .endif .if ${TARGET_ARCH} == "powerpc" OLD_FILES+=usr/include/altivec.h OLD_FILES+=usr/include/ppc-asm.h OLD_FILES+=usr/include/spe.h .endif # 20100416: [mips] removed .if ${TARGET_ARCH} == "mips" OLD_FILES+=usr/include/machine/psl.h .endif # 20100415: [mips] removed unused headers .if ${TARGET_ARCH} == "mips" OLD_FILES+=usr/include/machine/archtype.h OLD_FILES+=usr/include/machine/segments.h OLD_FILES+=usr/include/machine/rm7000.h OLD_FILES+=usr/include/machine/defs.h OLD_FILES+=usr/include/machine/queue.h .endif # 20100326: gcpio removal OLD_FILES+=usr/bin/gcpio OLD_FILES+=usr/share/info/cpio.info.gz OLD_FILES+=usr/share/man/man1/gcpio.1.gz # 20100322: libz update OLD_LIBS+=lib/libz.so.5 OLD_LIBS+=usr/lib32/libz.so.5 # 20100314: removal of regexp.h OLD_FILES+=usr/include/regexp.h OLD_FILES+=usr/share/man/man3/regexp.3.gz OLD_FILES+=usr/share/man/man3/regsub.3.gz # 20100303: actual removal of utmp.h OLD_FILES+=usr/include/utmp.h # 20100208: man pages moved .if ${TARGET_ARCH} == "i386" OLD_FILES+=usr/share/man/man4/i386/alpm.4.gz OLD_FILES+=usr/share/man/man4/i386/amdpm.4.gz OLD_FILES+=usr/share/man/man4/i386/mcd.4.gz OLD_FILES+=usr/share/man/man4/i386/padlock.4.gz OLD_FILES+=usr/share/man/man4/i386/pcf.4.gz OLD_FILES+=usr/share/man/man4/i386/scd.4.gz OLD_FILES+=usr/share/man/man4/i386/viapm.4.gz .endif # 20100122: move BSDL bc/dc USD documents to /usr/share/doc/usd OLD_FILES+=usr/share/doc/papers/bc.ascii.gz OLD_FILES+=usr/share/doc/papers/dc.ascii.gz # 20100120: replacing GNU bc/dc with BSDL versions OLD_FILES+=usr/share/examples/bc/ckbook.b OLD_FILES+=usr/share/examples/bc/pi.b OLD_FILES+=usr/share/examples/bc/primes.b OLD_FILES+=usr/share/examples/bc/twins.b OLD_FILES+=usr/share/info/dc.info.gz OLD_DIRS+=usr/share/examples/bc # 20100114: removal of ttyslot(3) OLD_FILES+=usr/share/man/man3/ttyslot.3.gz # 20100113: remove utmp.h, replace it by utmpx.h OLD_FILES+=usr/share/man/man3/login.3.gz OLD_FILES+=usr/share/man/man3/logout.3.gz OLD_FILES+=usr/share/man/man3/logwtmp.3.gz OLD_FILES+=usr/share/man/man3/ulog_endutxent.3.gz OLD_FILES+=usr/share/man/man3/ulog_getutxent.3.gz OLD_FILES+=usr/share/man/man3/ulog_getutxline.3.gz OLD_FILES+=usr/share/man/man3/ulog_getutxuser.3.gz OLD_FILES+=usr/share/man/man3/ulog_pututxline.3.gz OLD_FILES+=usr/share/man/man3/ulog_setutxent.3.gz OLD_FILES+=usr/share/man/man3/ulog_setutxfile.3.gz OLD_FILES+=usr/share/man/man5/lastlog.5.gz OLD_FILES+=usr/share/man/man5/utmp.5.gz OLD_FILES+=usr/share/man/man5/wtmp.5.gz OLD_LIBS+=lib/libutil.so.8 OLD_LIBS+=usr/lib32/libutil.so.8 # 20100105: new userland semaphore implementation OLD_FILES+=usr/include/sys/semaphore.h # 20100103: ntptrace(8) removed OLD_FILES+=usr/sbin/ntptrace OLD_FILES+=usr/share/man/man8/ntptrace.8.gz # 20091229: remove no longer relevant examples OLD_FILES+=usr/share/examples/pppd/auth-down.sample OLD_FILES+=usr/share/examples/pppd/auth-up.sample OLD_FILES+=usr/share/examples/pppd/chap-secrets.sample OLD_FILES+=usr/share/examples/pppd/chat.sh.sample OLD_FILES+=usr/share/examples/pppd/ip-down.sample OLD_FILES+=usr/share/examples/pppd/ip-up.sample OLD_FILES+=usr/share/examples/pppd/options.sample OLD_FILES+=usr/share/examples/pppd/pap-secrets.sample OLD_FILES+=usr/share/examples/pppd/ppp.deny.sample OLD_FILES+=usr/share/examples/pppd/ppp.shells.sample OLD_DIRS+=usr/share/examples/pppd OLD_FILES+=usr/share/examples/slattach/unit-command.sh OLD_DIRS+=usr/share/examples/slattach OLD_FILES+=usr/share/examples/sliplogin/slip.hosts OLD_FILES+=usr/share/examples/sliplogin/slip.login OLD_FILES+=usr/share/examples/sliplogin/slip.logout OLD_FILES+=usr/share/examples/sliplogin/slip.slparms OLD_DIRS+=usr/share/examples/sliplogin OLD_FILES+=usr/share/examples/startslip/sldown.sh OLD_FILES+=usr/share/examples/startslip/slip.sh OLD_FILES+=usr/share/examples/startslip/slup.sh OLD_DIRS+=usr/share/examples/startslip # 20091202: unify rc.firewall and rc.firewall6. OLD_FILES+=etc/rc.d/ip6fw OLD_FILES+=etc/rc.firewall6 OLD_FILES+=usr/share/examples/etc/rc.firewall6 # 20091117: removal of rc.early(8) link OLD_FILES+=usr/share/man/man8/rc.early.8.gz # 20091117: usr/share/zoneinfo/GMT link removed OLD_FILES+=usr/share/zoneinfo/GMT # 20091027: pselect.3 implemented as syscall OLD_FILES+=usr/share/man/man3/pselect.3.gz # 20091005: fusword.9 and susword.9 removed OLD_FILES+=usr/share/man/man9/fusword.9.gz OLD_FILES+=usr/share/man/man9/susword.9.gz # 20090909: vesa and dpms promoted to be i386/amd64 common OLD_FILES+=usr/include/machine/pc/vesa.h OLD_FILES+=usr/share/man/man4/i386/dpms.4.gz # 20090904: remove lukemftpd OLD_FILES+=usr/libexec/lukemftpd OLD_FILES+=usr/share/man/man5/ftpd.conf.5.gz OLD_FILES+=usr/share/man/man5/ftpusers.5.gz OLD_FILES+=usr/share/man/man8/lukemftpd.8.gz # 20090902: BSD.{x11,x11-4}.dist are dead and BSD.local.dist lives in ports/ OLD_FILES+=etc/mtree/BSD.local.dist OLD_FILES+=etc/mtree/BSD.x11.dist OLD_FILES+=etc/mtree/BSD.x11-4.dist # 20090812: net80211 documentation overhaul OLD_FILES+=usr/share/man/man9/ieee80211_add_rates.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_add_xrates.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_alloc_node.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_attach.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_begin_scan.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_cfgget.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_cfgset.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_chan2ieee.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_chan2mode.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_create_ibss.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_crypto_attach.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_crypto_detach.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_decap.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_dump_pkt.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_dup_bss.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_encap.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_end_scan.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_find_node.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_fix_rate.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_free_allnodes.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_ieee2mhz.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_ioctl.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_lookup_node.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_media2rate.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_media_change.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_media_init.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_media_status.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_mhz2ieee.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_next_scan.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_node_attach.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_node_detach.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_node_lateattach.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_print_essid.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_proto_attach.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_proto_detach.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_rate2media.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_recv_mgmt.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_send_mgmt.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_setmode.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_timeout_nodes.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_watchdog.9.gz OLD_FILES+=usr/share/man/man9/ieee80211_wep_crypt.9.gz # 20090801: vimage.h removed in favour of vnet.h OLD_FILES+=usr/include/sys/vimage.h # 20101208: libbsnmp was moved to usr/lib OLD_LIBS+=lib/libbsnmp.so.5 # 20090719: library version bump for 8.0 OLD_LIBS+=lib/libalias.so.6 OLD_LIBS+=lib/libavl.so.1 OLD_LIBS+=lib/libbegemot.so.3 OLD_LIBS+=lib/libbsdxml.so.3 OLD_LIBS+=lib/libbsnmp.so.4 OLD_LIBS+=lib/libcam.so.4 OLD_LIBS+=lib/libcrypt.so.4 OLD_LIBS+=lib/libcrypto.so.5 OLD_LIBS+=lib/libctf.so.1 OLD_LIBS+=lib/libdevstat.so.6 OLD_LIBS+=lib/libdtrace.so.1 OLD_LIBS+=lib/libedit.so.6 OLD_LIBS+=lib/libgeom.so.4 OLD_LIBS+=lib/libipsec.so.3 OLD_LIBS+=lib/libipx.so.4 OLD_LIBS+=lib/libkiconv.so.3 OLD_LIBS+=lib/libkvm.so.4 OLD_LIBS+=lib/libmd.so.4 OLD_LIBS+=lib/libncurses.so.7 OLD_LIBS+=lib/libncursesw.so.7 OLD_LIBS+=lib/libnvpair.so.1 OLD_LIBS+=lib/libpcap.so.6 OLD_LIBS+=lib/libreadline.so.7 OLD_LIBS+=lib/libsbuf.so.4 OLD_LIBS+=lib/libufs.so.4 OLD_LIBS+=lib/libumem.so.1 OLD_LIBS+=lib/libutil.so.7 OLD_LIBS+=lib/libuutil.so.1 OLD_LIBS+=lib/libz.so.4 OLD_LIBS+=lib/libzfs.so.1 OLD_LIBS+=lib/libzpool.so.1 OLD_LIBS+=usr/lib/libarchive.so.4 OLD_LIBS+=usr/lib/libauditd.so.4 OLD_LIBS+=usr/lib/libbluetooth.so.3 OLD_LIBS+=usr/lib/libbsm.so.2 OLD_LIBS+=usr/lib/libbz2.so.3 OLD_LIBS+=usr/lib/libcalendar.so.4 OLD_LIBS+=usr/lib/libcom_err.so.4 OLD_LIBS+=usr/lib/libdevinfo.so.4 OLD_LIBS+=usr/lib/libdialog.so.6 OLD_LIBS+=usr/lib/libdwarf.so.1 OLD_LIBS+=usr/lib/libfetch.so.5 OLD_LIBS+=usr/lib/libform.so.4 OLD_LIBS+=usr/lib/libformw.so.4 OLD_LIBS+=usr/lib/libftpio.so.7 OLD_LIBS+=usr/lib/libgnuregex.so.4 OLD_LIBS+=usr/lib/libgpib.so.2 OLD_LIBS+=usr/lib/libhistory.so.7 OLD_LIBS+=usr/lib/libmagic.so.3 OLD_LIBS+=usr/lib/libmemstat.so.2 OLD_LIBS+=usr/lib/libmenu.so.4 OLD_LIBS+=usr/lib/libmenuw.so.4 OLD_LIBS+=usr/lib/libmilter.so.4 OLD_LIBS+=usr/lib/libncp.so.3 OLD_LIBS+=usr/lib/libnetgraph.so.3 OLD_LIBS+=usr/lib/libngatm.so.3 OLD_LIBS+=usr/lib/libobjc.so.3 OLD_LIBS+=usr/lib/libopie.so.5 OLD_LIBS+=usr/lib/libpam.so.4 OLD_LIBS+=usr/lib/libpanel.so.4 OLD_LIBS+=usr/lib/libpanelw.so.4 OLD_LIBS+=usr/lib/libpmc.so.4 OLD_LIBS+=usr/lib/libproc.so.1 OLD_LIBS+=usr/lib/libradius.so.3 OLD_LIBS+=usr/lib/librpcsvc.so.4 OLD_LIBS+=usr/lib/libsdp.so.3 OLD_LIBS+=usr/lib/libsmb.so.3 OLD_LIBS+=usr/lib/libssh.so.4 OLD_LIBS+=usr/lib/libssl.so.5 OLD_LIBS+=usr/lib/libtacplus.so.3 OLD_LIBS+=usr/lib/libugidfw.so.3 OLD_LIBS+=usr/lib/libusb.so.1 OLD_LIBS+=usr/lib/libusbhid.so.3 OLD_LIBS+=usr/lib/libvgl.so.5 OLD_LIBS+=usr/lib/libwrap.so.5 OLD_LIBS+=usr/lib/libypclnt.so.3 OLD_LIBS+=usr/lib/pam_chroot.so.4 OLD_LIBS+=usr/lib/pam_deny.so.4 OLD_LIBS+=usr/lib/pam_echo.so.4 OLD_LIBS+=usr/lib/pam_exec.so.4 OLD_LIBS+=usr/lib/pam_ftpusers.so.4 OLD_LIBS+=usr/lib/pam_group.so.4 OLD_LIBS+=usr/lib/pam_guest.so.4 OLD_LIBS+=usr/lib/pam_krb5.so.4 OLD_LIBS+=usr/lib/pam_ksu.so.4 OLD_LIBS+=usr/lib/pam_lastlog.so.4 OLD_LIBS+=usr/lib/pam_login_access.so.4 OLD_LIBS+=usr/lib/pam_nologin.so.4 OLD_LIBS+=usr/lib/pam_opie.so.4 OLD_LIBS+=usr/lib/pam_opieaccess.so.4 OLD_LIBS+=usr/lib/pam_passwdqc.so.4 OLD_LIBS+=usr/lib/pam_permit.so.4 OLD_LIBS+=usr/lib/pam_radius.so.4 OLD_LIBS+=usr/lib/pam_rhosts.so.4 OLD_LIBS+=usr/lib/pam_rootok.so.4 OLD_LIBS+=usr/lib/pam_securetty.so.4 OLD_LIBS+=usr/lib/pam_self.so.4 OLD_LIBS+=usr/lib/pam_ssh.so.4 OLD_LIBS+=usr/lib/pam_tacplus.so.4 OLD_LIBS+=usr/lib/pam_unix.so.4 OLD_LIBS+=usr/lib/snmp_atm.so.5 OLD_LIBS+=usr/lib/snmp_bridge.so.5 OLD_LIBS+=usr/lib/snmp_hostres.so.5 OLD_LIBS+=usr/lib/snmp_mibII.so.5 OLD_LIBS+=usr/lib/snmp_netgraph.so.5 OLD_LIBS+=usr/lib/snmp_pf.so.5 OLD_LIBS+=usr/lib32/libalias.so.6 OLD_LIBS+=usr/lib32/libarchive.so.4 OLD_LIBS+=usr/lib32/libauditd.so.4 OLD_LIBS+=usr/lib32/libavl.so.1 OLD_LIBS+=usr/lib32/libbegemot.so.3 OLD_LIBS+=usr/lib32/libbluetooth.so.3 OLD_LIBS+=usr/lib32/libbsdxml.so.3 OLD_LIBS+=usr/lib32/libbsm.so.2 OLD_LIBS+=usr/lib32/libbsnmp.so.4 OLD_LIBS+=usr/lib32/libbz2.so.3 OLD_LIBS+=usr/lib32/libcalendar.so.4 OLD_LIBS+=usr/lib32/libcam.so.4 OLD_LIBS+=usr/lib32/libcom_err.so.4 OLD_LIBS+=usr/lib32/libcrypt.so.4 OLD_LIBS+=usr/lib32/libcrypto.so.5 OLD_LIBS+=usr/lib32/libctf.so.1 OLD_LIBS+=usr/lib32/libdevinfo.so.4 OLD_LIBS+=usr/lib32/libdevstat.so.6 OLD_LIBS+=usr/lib32/libdialog.so.6 OLD_LIBS+=usr/lib32/libdtrace.so.1 OLD_LIBS+=usr/lib32/libdwarf.so.1 OLD_LIBS+=usr/lib32/libedit.so.6 OLD_LIBS+=usr/lib32/libfetch.so.5 OLD_LIBS+=usr/lib32/libform.so.4 OLD_LIBS+=usr/lib32/libformw.so.4 OLD_LIBS+=usr/lib32/libftpio.so.7 OLD_LIBS+=usr/lib32/libgeom.so.4 OLD_LIBS+=usr/lib32/libgnuregex.so.4 OLD_LIBS+=usr/lib32/libgpib.so.2 OLD_LIBS+=usr/lib32/libhistory.so.7 OLD_LIBS+=usr/lib32/libipsec.so.3 OLD_LIBS+=usr/lib32/libipx.so.4 OLD_LIBS+=usr/lib32/libkiconv.so.3 OLD_LIBS+=usr/lib32/libkvm.so.4 OLD_LIBS+=usr/lib32/libmagic.so.3 OLD_LIBS+=usr/lib32/libmd.so.4 OLD_LIBS+=usr/lib32/libmemstat.so.2 OLD_LIBS+=usr/lib32/libmenu.so.4 OLD_LIBS+=usr/lib32/libmenuw.so.4 OLD_LIBS+=usr/lib32/libmilter.so.4 OLD_LIBS+=usr/lib32/libncp.so.3 OLD_LIBS+=usr/lib32/libncurses.so.7 OLD_LIBS+=usr/lib32/libncursesw.so.7 OLD_LIBS+=usr/lib32/libnetgraph.so.3 OLD_LIBS+=usr/lib32/libngatm.so.3 OLD_LIBS+=usr/lib32/libnvpair.so.1 OLD_LIBS+=usr/lib32/libobjc.so.3 OLD_LIBS+=usr/lib32/libopie.so.5 OLD_LIBS+=usr/lib32/libpam.so.4 OLD_LIBS+=usr/lib32/libpanel.so.4 OLD_LIBS+=usr/lib32/libpanelw.so.4 OLD_LIBS+=usr/lib32/libpcap.so.6 OLD_LIBS+=usr/lib32/libpmc.so.4 OLD_LIBS+=usr/lib32/libproc.so.1 OLD_LIBS+=usr/lib32/libradius.so.3 OLD_LIBS+=usr/lib32/libreadline.so.7 OLD_LIBS+=usr/lib32/librpcsvc.so.4 OLD_LIBS+=usr/lib32/libsbuf.so.4 OLD_LIBS+=usr/lib32/libsdp.so.3 OLD_LIBS+=usr/lib32/libsmb.so.3 OLD_LIBS+=usr/lib32/libssh.so.4 OLD_LIBS+=usr/lib32/libssl.so.5 OLD_LIBS+=usr/lib32/libtacplus.so.3 OLD_LIBS+=usr/lib32/libufs.so.4 OLD_LIBS+=usr/lib32/libugidfw.so.3 OLD_LIBS+=usr/lib32/libumem.so.1 OLD_LIBS+=usr/lib32/libusb.so.1 OLD_LIBS+=usr/lib32/libusbhid.so.3 OLD_LIBS+=usr/lib32/libutil.so.7 OLD_LIBS+=usr/lib32/libuutil.so.1 OLD_LIBS+=usr/lib32/libvgl.so.5 OLD_LIBS+=usr/lib32/libwrap.so.5 OLD_LIBS+=usr/lib32/libypclnt.so.3 OLD_LIBS+=usr/lib32/libz.so.4 OLD_LIBS+=usr/lib32/libzfs.so.1 OLD_LIBS+=usr/lib32/libzpool.so.1 OLD_LIBS+=usr/lib32/pam_chroot.so.4 OLD_LIBS+=usr/lib32/pam_deny.so.4 OLD_LIBS+=usr/lib32/pam_echo.so.4 OLD_LIBS+=usr/lib32/pam_exec.so.4 OLD_LIBS+=usr/lib32/pam_ftpusers.so.4 OLD_LIBS+=usr/lib32/pam_group.so.4 OLD_LIBS+=usr/lib32/pam_guest.so.4 OLD_LIBS+=usr/lib32/pam_krb5.so.4 OLD_LIBS+=usr/lib32/pam_ksu.so.4 OLD_LIBS+=usr/lib32/pam_lastlog.so.4 OLD_LIBS+=usr/lib32/pam_login_access.so.4 OLD_LIBS+=usr/lib32/pam_nologin.so.4 OLD_LIBS+=usr/lib32/pam_opie.so.4 OLD_LIBS+=usr/lib32/pam_opieaccess.so.4 OLD_LIBS+=usr/lib32/pam_passwdqc.so.4 OLD_LIBS+=usr/lib32/pam_permit.so.4 OLD_LIBS+=usr/lib32/pam_radius.so.4 OLD_LIBS+=usr/lib32/pam_rhosts.so.4 OLD_LIBS+=usr/lib32/pam_rootok.so.4 OLD_LIBS+=usr/lib32/pam_securetty.so.4 OLD_LIBS+=usr/lib32/pam_self.so.4 OLD_LIBS+=usr/lib32/pam_ssh.so.4 OLD_LIBS+=usr/lib32/pam_tacplus.so.4 OLD_LIBS+=usr/lib32/pam_unix.so.4 # 20090718: the gdm pam.d file is no longer required. OLD_FILES+=etc/pam.d/gdm # 20090714: net_add_domain(9) renamed to domain_add(9) OLD_FILES+=usr/share/man/man9/net_add_domain.9.gz # 20090713: vimage container structs removed. OLD_FILES+=usr/include/netinet/vinet.h OLD_FILES+=usr/include/netinet6/vinet6.h OLD_FILES+=usr/include/netipsec/vipsec.h # 20090712: ieee80211.4 -> net80211.4 OLD_FILES+=usr/share/man/man4/ieee80211.4.gz # 20090711: typo fixed, kproc_resume,.9 -> kproc_resume.9 OLD_FILES+=usr/share/man/man9/kproc_resume,.9.gz # 20090709: msgctl.3 msgget.3 msgrcv.3 msgsnd.3 manual pages moved OLD_FILES+=usr/share/man/man3/msgctl.3.gz OLD_FILES+=usr/share/man/man3/msgget.3.gz OLD_FILES+=usr/share/man/man3/msgrcv.3.gz OLD_FILES+=usr/share/man/man3/msgsnd.3.gz # 20090630: old kernel RPC implementation removal OLD_FILES+=usr/include/nfs/rpcv2.h # 20090624: update usbdi(9) OLD_FILES+=usr/share/man/man9/usbd_abort_default_pipe.9.gz OLD_FILES+=usr/share/man/man9/usbd_abort_pipe.9.gz OLD_FILES+=usr/share/man/man9/usbd_alloc_buffer.9.gz OLD_FILES+=usr/share/man/man9/usbd_alloc_xfer.9.gz OLD_FILES+=usr/share/man/man9/usbd_clear_endpoint_stall.9.gz OLD_FILES+=usr/share/man/man9/usbd_clear_endpoint_stall_async.9.gz OLD_FILES+=usr/share/man/man9/usbd_clear_endpoint_toggle.9.gz OLD_FILES+=usr/share/man/man9/usbd_close_pipe.9.gz OLD_FILES+=usr/share/man/man9/usbd_device2interface_handle.9.gz OLD_FILES+=usr/share/man/man9/usbd_do_request_async.9.gz OLD_FILES+=usr/share/man/man9/usbd_do_request_flags_pipe.9.gz OLD_FILES+=usr/share/man/man9/usbd_endpoint_count.9.gz OLD_FILES+=usr/share/man/man9/usbd_find_edesc.9.gz OLD_FILES+=usr/share/man/man9/usbd_find_idesc.9.gz OLD_FILES+=usr/share/man/man9/usbd_free_buffer.9.gz OLD_FILES+=usr/share/man/man9/usbd_free_xfer.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_buffer.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_config.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_config_desc.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_config_desc_full.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_config_descriptor.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_device_descriptor.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_endpoint_descriptor.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_interface_altindex.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_interface_descriptor.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_no_alts.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_quirks.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_speed.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_string.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_string_desc.9.gz OLD_FILES+=usr/share/man/man9/usbd_get_xfer_status.9.gz OLD_FILES+=usr/share/man/man9/usbd_interface2device_handle.9.gz OLD_FILES+=usr/share/man/man9/usbd_interface2endpoint_descriptor.9.gz OLD_FILES+=usr/share/man/man9/usbd_interface_count.9.gz OLD_FILES+=usr/share/man/man9/usbd_open_pipe.9.gz OLD_FILES+=usr/share/man/man9/usbd_open_pipe_intr.9.gz OLD_FILES+=usr/share/man/man9/usbd_pipe2device_handle.9.gz OLD_FILES+=usr/share/man/man9/usbd_set_config_index.9.gz OLD_FILES+=usr/share/man/man9/usbd_set_config_no.9.gz OLD_FILES+=usr/share/man/man9/usbd_set_interface.9.gz OLD_FILES+=usr/share/man/man9/usbd_setup_default_xfer.9.gz OLD_FILES+=usr/share/man/man9/usbd_setup_isoc_xfer.9.gz OLD_FILES+=usr/share/man/man9/usbd_setup_xfer.9.gz OLD_FILES+=usr/share/man/man9/usbd_sync_transfer.9.gz OLD_FILES+=usr/share/man/man9/usbd_transfer.9.gz OLD_FILES+=usr/share/man/man9/usb_find_desc.9.gz # 20090623: number of headers needed for a usb driver reduced OLD_FILES+=usr/include/dev/usb/usb_defs.h OLD_FILES+=usr/include/dev/usb/usb_error.h OLD_FILES+=usr/include/dev/usb/usb_handle_request.h OLD_FILES+=usr/include/dev/usb/usb_hid.h OLD_FILES+=usr/include/dev/usb/usb_lookup.h OLD_FILES+=usr/include/dev/usb/usb_mfunc.h OLD_FILES+=usr/include/dev/usb/usb_parse.h OLD_FILES+=usr/include/dev/usb/usb_revision.h # 20090609: devclass_add_driver is no longer public OLD_FILES+=usr/share/man/man9/devclass_add_driver.9.gz OLD_FILES+=usr/share/man/man9/devclass_delete_driver.9.gz OLD_FILES+=usr/share/man/man9/devclass_find_driver.9.gz # 20090605: removal of clists OLD_FILES+=usr/include/sys/clist.h # 20090602: removal of window(1) OLD_FILES+=usr/bin/window OLD_FILES+=usr/share/man/man1/window.1.gz # 20090531: bind 9.6.1rc1 import OLD_LIBS+=usr/lib/liblwres.so.30 # 20090530: removal of early.sh OLD_FILES+=etc/rc.d/early.sh # 20090527: renaming of S{LIST,TAILQ}_REMOVE_NEXT() to _REMOVE_AFTER() OLD_FILES+=usr/share/man/man3/SLIST_REMOVE_NEXT.3.gz OLD_FILES+=usr/share/man/man3/STAILQ_REMOVE_NEXT.3.gz # 20090527: removal of legacy USB stack OLD_FILES+=usr/include/legacy/dev/usb/dsbr100io.h OLD_FILES+=usr/include/legacy/dev/usb/ehcireg.h OLD_FILES+=usr/include/legacy/dev/usb/ehcivar.h OLD_FILES+=usr/include/legacy/dev/usb/hid.h OLD_FILES+=usr/include/legacy/dev/usb/if_urtwreg.h OLD_FILES+=usr/include/legacy/dev/usb/if_urtwvar.h OLD_FILES+=usr/include/legacy/dev/usb/ohcireg.h OLD_FILES+=usr/include/legacy/dev/usb/ohcivar.h OLD_FILES+=usr/include/legacy/dev/usb/rio500_usb.h OLD_FILES+=usr/include/legacy/dev/usb/rt2573_ucode.h OLD_FILES+=usr/include/legacy/dev/usb/sl811hsreg.h OLD_FILES+=usr/include/legacy/dev/usb/sl811hsvar.h OLD_FILES+=usr/include/legacy/dev/usb/ubser.h OLD_FILES+=usr/include/legacy/dev/usb/ucomvar.h OLD_FILES+=usr/include/legacy/dev/usb/udbp.h OLD_FILES+=usr/include/legacy/dev/usb/uftdireg.h OLD_FILES+=usr/include/legacy/dev/usb/ugraphire_rdesc.h OLD_FILES+=usr/include/legacy/dev/usb/uhcireg.h OLD_FILES+=usr/include/legacy/dev/usb/uhcivar.h OLD_FILES+=usr/include/legacy/dev/usb/usb.h OLD_FILES+=usr/include/legacy/dev/usb/usb_mem.h OLD_FILES+=usr/include/legacy/dev/usb/usb_port.h OLD_FILES+=usr/include/legacy/dev/usb/usb_quirks.h OLD_FILES+=usr/include/legacy/dev/usb/usbcdc.h OLD_FILES+=usr/include/legacy/dev/usb/usbdi.h OLD_FILES+=usr/include/legacy/dev/usb/usbdi_util.h OLD_FILES+=usr/include/legacy/dev/usb/usbdivar.h OLD_FILES+=usr/include/legacy/dev/usb/usbhid.h OLD_FILES+=usr/include/legacy/dev/usb/uxb360gp_rdesc.h OLD_DIRS+=usr/include/legacy/dev/usb OLD_DIRS+=usr/include/legacy/dev OLD_DIRS+=usr/include/legacy # 20090526: removal of makekey(8) OLD_FILES+=usr/libexec/makekey OLD_FILES+=usr/share/man/man8/makekey.8.gz # 20090522: removal of University of Michigan NFSv4 client OLD_FILES+=etc/rc.d/idmapd OLD_FILES+=sbin/idmapd OLD_FILES+=sbin/mount_nfs4 OLD_FILES+=usr/share/man/man8/idmapd.8.gz OLD_FILES+=usr/share/man/man8/mount_nfs4.8.gz # 20090513: removal of legacy versions of USB network interface drivers OLD_FILES+=usr/include/legacy/dev/usb/if_upgtvar.h OLD_FILES+=usr/include/legacy/dev/usb/usb_ethersubr.h # 20090417: removal of legacy versions of USB network interface drivers OLD_FILES+=usr/include/legacy/dev/usb/if_auereg.h OLD_FILES+=usr/include/legacy/dev/usb/if_axereg.h OLD_FILES+=usr/include/legacy/dev/usb/if_cdcereg.h OLD_FILES+=usr/include/legacy/dev/usb/if_cuereg.h OLD_FILES+=usr/include/legacy/dev/usb/if_kuereg.h OLD_FILES+=usr/include/legacy/dev/usb/if_ruereg.h OLD_FILES+=usr/include/legacy/dev/usb/if_rumreg.h OLD_FILES+=usr/include/legacy/dev/usb/if_rumvar.h OLD_FILES+=usr/include/legacy/dev/usb/if_udavreg.h OLD_FILES+=usr/include/legacy/dev/usb/if_uralreg.h OLD_FILES+=usr/include/legacy/dev/usb/if_uralvar.h OLD_FILES+=usr/include/legacy/dev/usb/if_zydfw.h OLD_FILES+=usr/include/legacy/dev/usb/if_zydreg.h OLD_FILES+=usr/include/legacy/dev/usb/kue_fw.h # 20090416: removal of ar(4), ray(4), sr(4), raycontrol(8) OLD_FILES+=usr/sbin/raycontrol OLD_FILES+=usr/share/man/man4/i386/ar.4.gz OLD_FILES+=usr/share/man/man4/i386/ray.4.gz OLD_FILES+=usr/share/man/man4/i386/sr.4.gz OLD_FILES+=usr/share/man/man8/raycontrol.8.gz # 20090410: VOP_LEASE.9 removed OLD_FILES+=usr/share/man/man9/VOP_LEASE.9.gz # 20090406: usb_sw_transfer.h removed OLD_FILES+=usr/include/dev/usb/usb_sw_transfer.h # 20090405: removal of if_ppp(4) and if_sl(4) OLD_FILES+=sbin/slattach rescue/slattach OLD_FILES+=sbin/startslip rescue/startslip OLD_FILES+=usr/include/net/if_ppp.h OLD_FILES+=usr/include/net/if_pppvar.h OLD_FILES+=usr/include/net/if_slvar.h OLD_FILES+=usr/include/net/ppp_comp.h OLD_FILES+=usr/include/net/slip.h OLD_FILES+=usr/sbin/sliplogin OLD_FILES+=usr/sbin/slstat OLD_FILES+=usr/sbin/pppd OLD_FILES+=usr/sbin/pppstats OLD_FILES+=usr/share/man/man1/startslip.1.gz OLD_FILES+=usr/share/man/man4/if_ppp.4.gz OLD_FILES+=usr/share/man/man4/if_sl.4.gz OLD_FILES+=usr/share/man/man4/ppp.4.gz OLD_FILES+=usr/share/man/man4/sl.4.gz OLD_FILES+=usr/share/man/man8/pppd.8.gz OLD_FILES+=usr/share/man/man8/pppstats.8.gz OLD_FILES+=usr/share/man/man8/slattach.8.gz OLD_FILES+=usr/share/man/man8/slip.8.gz OLD_FILES+=usr/share/man/man8/sliplogin.8.gz OLD_FILES+=usr/share/man/man8/slstat.8.gz # 20090321: libpcap upgraded to 1.0.0 OLD_LIBS+=lib/libpcap.so.5 OLD_LIBS+=usr/lib32/libpcap.so.5 # 20090319: uscanner(4) has been removed OLD_FILES+=usr/share/man/man4/uscanner.4.gz # 20090313: k8temp(4) renamed to amdtemp(4) OLD_FILES+=usr/share/man/man4/k8temp.4.gz # 20090308: libusb.so.1 renamed OLD_LIBS+=usr/lib/libusb20.so.1 OLD_FILES+=usr/lib/libusb20.a OLD_FILES+=usr/lib/libusb20.so OLD_FILES+=usr/lib/libusb20_p.a OLD_FILES+=usr/include/libusb20_compat01.h OLD_FILES+=usr/include/libusb20_compat10.h OLD_LIBS+=usr/lib32/libusb20.so.1 OLD_FILES+=usr/lib32/libusb20.a OLD_FILES+=usr/lib32/libusb20.so OLD_FILES+=usr/lib32/libusb20_p.a # 20090226: libmp(3) functions renamed OLD_LIBS+=usr/lib/libmp.so.6 OLD_LIBS+=usr/lib32/libmp.so.6 # 20090223: changeover of USB stacks OLD_FILES+=usr/include/dev/usb2/include/ufm2_ioctl.h OLD_FILES+=usr/include/dev/usb2/include/urio2_ioctl.h OLD_FILES+=usr/include/dev/usb2/include/usb2_cdc.h OLD_FILES+=usr/include/dev/usb2/include/usb2_defs.h OLD_FILES+=usr/include/dev/usb2/include/usb2_devid.h OLD_FILES+=usr/include/dev/usb2/include/usb2_devtable.h OLD_FILES+=usr/include/dev/usb2/include/usb2_endian.h OLD_FILES+=usr/include/dev/usb2/include/usb2_error.h OLD_FILES+=usr/include/dev/usb2/include/usb2_hid.h OLD_FILES+=usr/include/dev/usb2/include/usb2_ioctl.h OLD_FILES+=usr/include/dev/usb2/include/usb2_mfunc.h OLD_FILES+=usr/include/dev/usb2/include/usb2_revision.h OLD_FILES+=usr/include/dev/usb2/include/usb2_standard.h OLD_DIRS+=usr/include/dev/usb2/include OLD_DIRS+=usr/include/dev/usb2 OLD_FILES+=usr/include/dev/usb/dsbr100io.h OLD_FILES+=usr/include/dev/usb/ehcireg.h OLD_FILES+=usr/include/dev/usb/ehcivar.h OLD_FILES+=usr/include/dev/usb/hid.h OLD_FILES+=usr/include/dev/usb/if_auereg.h OLD_FILES+=usr/include/dev/usb/if_axereg.h OLD_FILES+=usr/include/dev/usb/if_cdcereg.h OLD_FILES+=usr/include/dev/usb/if_cuereg.h OLD_FILES+=usr/include/dev/usb/if_kuereg.h OLD_FILES+=usr/include/dev/usb/if_ruereg.h OLD_FILES+=usr/include/dev/usb/if_rumreg.h OLD_FILES+=usr/include/dev/usb/if_rumvar.h OLD_FILES+=usr/include/dev/usb/if_udavreg.h OLD_FILES+=usr/include/dev/usb/if_upgtvar.h OLD_FILES+=usr/include/dev/usb/if_uralreg.h OLD_FILES+=usr/include/dev/usb/if_uralvar.h OLD_FILES+=usr/include/dev/usb/if_urtwreg.h OLD_FILES+=usr/include/dev/usb/if_urtwvar.h OLD_FILES+=usr/include/dev/usb/if_zydfw.h OLD_FILES+=usr/include/dev/usb/if_zydreg.h OLD_FILES+=usr/include/dev/usb/kue_fw.h OLD_FILES+=usr/include/dev/usb/ohcireg.h OLD_FILES+=usr/include/dev/usb/ohcivar.h OLD_FILES+=usr/include/dev/usb/rio500_usb.h OLD_FILES+=usr/include/dev/usb/rt2573_ucode.h OLD_FILES+=usr/include/dev/usb/sl811hsreg.h OLD_FILES+=usr/include/dev/usb/sl811hsvar.h OLD_FILES+=usr/include/dev/usb/ubser.h OLD_FILES+=usr/include/dev/usb/ucomvar.h OLD_FILES+=usr/include/dev/usb/udbp.h OLD_FILES+=usr/include/dev/usb/uftdireg.h OLD_FILES+=usr/include/dev/usb/ugraphire_rdesc.h OLD_FILES+=usr/include/dev/usb/uhcireg.h OLD_FILES+=usr/include/dev/usb/uhcivar.h OLD_FILES+=usr/include/dev/usb/usb_ethersubr.h OLD_FILES+=usr/include/dev/usb/usb_mem.h OLD_FILES+=usr/include/dev/usb/usb_port.h OLD_FILES+=usr/include/dev/usb/usb_quirks.h OLD_FILES+=usr/include/dev/usb/usbcdc.h OLD_FILES+=usr/include/dev/usb/usbdivar.h OLD_FILES+=usr/include/dev/usb/uxb360gp_rdesc.h OLD_FILES+=usr/sbin/usbdevs OLD_FILES+=usr/share/man/man8/usbdevs.8.gz # 20090203: removal of pccard header files OLD_FILES+=usr/include/pccard/cardinfo.h OLD_FILES+=usr/include/pccard/cis.h OLD_DIRS+=usr/include/pccard # 20090203: adding_user.8 moved to adding_user.7 OLD_FILES+=usr/share/man/man8/adding_user.8.gz # 20090122: tzdata2009a import OLD_FILES+=usr/share/zoneinfo/Asia/Katmandu # 20090102: file 4.26 import OLD_FILES+=usr/share/misc/magic.mime OLD_FILES+=usr/share/misc/magic.mime.mgc # 20081223: bind 9.4.3 import, nsupdate.8 moved to nsupdate.1 OLD_FILES+=usr/share/man/man8/nsupdate.8.gz # 20081223: ipprotosw.h removed OLD_FILES+=usr/include/netinet/ipprotosw.h # 20081123: vfs_mountedon.9 removed OLD_FILES+=usr/share/man/man9/vfs_mountedon.9.gz # 20081023: FREE.9 and MALLOC.9 removed OLD_FILES+=usr/share/man/man9/FREE.9.gz OLD_FILES+=usr/share/man/man9/MALLOC.9.gz # 20080928: removal of inaccurate device_ids(9) manual page OLD_FILES+=usr/share/man/man9/device_ids.9.gz OLD_FILES+=usr/share/man/man9/major.9.gz OLD_FILES+=usr/share/man/man9/minor.9.gz OLD_FILES+=usr/share/man/man9/umajor.9.gz OLD_FILES+=usr/share/man/man9/uminor.9.gz # 20080917: removal of manpage for axed kernel primitive suser(9) OLD_FILES+=usr/share/man/man9/suser.9.gz OLD_FILES+=usr/share/man/man9/suser_cred.9.gz # 20080913: pax removed from rescue OLD_FILES+=rescue/pax # 20080823: removal of unneeded pt_chown, to implement grantpt(3) OLD_FILES+=usr/libexec/pt_chown # 20080822: ntp 4.2.4p5 import OLD_FILES+=usr/share/doc/ntp/driver23.html OLD_FILES+=usr/share/doc/ntp/driver24.html # 20080821: several man pages moved from man4.i386 to man4 .if ${TARGET_ARCH} == "i386" OLD_FILES+=usr/share/man/man4/i386/acpi_aiboost.4.gz OLD_FILES+=usr/share/man/man4/i386/acpi_asus.4.gz OLD_FILES+=usr/share/man/man4/i386/acpi_fujitsu.4.gz OLD_FILES+=usr/share/man/man4/i386/acpi_ibm.4.gz OLD_FILES+=usr/share/man/man4/i386/acpi_panasonic.4.gz OLD_FILES+=usr/share/man/man4/i386/acpi_sony.4.gz OLD_FILES+=usr/share/man/man4/i386/acpi_toshiba.4.gz OLD_FILES+=usr/share/man/man4/i386/ichwd.4.gz OLD_FILES+=usr/share/man/man4/i386/if_ndis.4.gz OLD_FILES+=usr/share/man/man4/i386/io.4.gz OLD_FILES+=usr/share/man/man4/i386/linux.4.gz OLD_FILES+=usr/share/man/man4/i386/ndis.4.gz .endif # 20080820: MPSAFE TTY layer integrated OLD_FILES+=usr/include/sys/linedisc.h OLD_FILES+=usr/share/man/man3/posix_openpt.3.gz # 20080725: sgtty.h removed OLD_FILES+=usr/include/sgtty.h # 20080706: bsdlabel(8) removed on powerpc .if ${TARGET_ARCH} == "powerpc" OLD_FILES+=sbin/bsdlabel OLD_FILES+=usr/share/man/man8/bsdlabel.8.gz .endif # 20080704: sbsh(4) removed OLD_FILES+=usr/share/man/man4/if_sbsh.4.gz OLD_FILES+=usr/share/man/man4/sbsh.4.gz # 20080704: cnw(4) removed OLD_FILES+=usr/share/man/man4/if_cnw.4.gz OLD_FILES+=usr/share/man/man4/cnw.4.gz # 20080704: oltr(4) removed .if ${TARGET_ARCH} == "i386" OLD_FILES+=usr/share/man/man4/i386/if_oltr.4.gz OLD_FILES+=usr/share/man/man4/i386/oltr.4.gz .endif # 20080704: arl(4) removed .if ${TARGET_ARCH} == "i386" OLD_FILES+=usr/sbin/arlcontrol OLD_FILES+=usr/share/man/man4/i386/arl.4.gz OLD_FILES+=usr/share/man/man8/arlcontrol.8.gz .endif # 20080703: sunlabel only for sparc64 .if ${TARGET_ARCH} != "sparc64" OLD_FILES+=sbin/sunlabel OLD_FILES+=usr/share/man/man8/sunlabel.8.gz .endif # 20080701: wpa_supplicant.conf moved to share/examples/etc/ OLD_FILES+=usr/share/examples/wpa_supplicant/wpa_supplicant.conf OLD_DIRS+=usr/share/examples/wpa_supplicant # 20080614: pecoff image activator removed .if ${TARGET_ARCH} == "i386" OLD_FILES+=usr/include/machine/pecoff_machdep.h .endif # 20080614: sgtty removed OLD_FILES+=usr/include/sys/ttychars.h OLD_FILES+=usr/include/sys/ttydev.h OLD_FILES+=usr/share/man/man3/gtty.3.gz OLD_FILES+=usr/share/man/man3/stty.3.gz # 20080609: gpt(8) removed OLD_FILES+=sbin/gpt OLD_FILES+=usr/share/man/man8/gpt.8.gz # 20080525: I4B removed OLD_FILES+=etc/isdn/answer OLD_FILES+=etc/isdn/isdntel OLD_FILES+=etc/isdn/record OLD_FILES+=etc/isdn/tell OLD_FILES+=etc/isdn/tell-record OLD_FILES+=etc/isdn/unknown_incoming OLD_FILES+=etc/isdn/holidays.D OLD_FILES+=etc/isdn/isdnd.rates.A OLD_FILES+=etc/isdn/isdnd.rates.D OLD_FILES+=etc/isdn/isdnd.rates.F OLD_FILES+=etc/isdn/isdnd.rates.L OLD_FILES+=etc/isdn/isdnd.rates.UK.BT OLD_FILES+=etc/isdn/isdnd.rc.sample OLD_FILES+=etc/isdn/isdntel.alias.sample OLD_DIRS+=etc/isdn OLD_FILES+=etc/rc.d/isdnd OLD_FILES+=usr/include/i4b/i4b_cause.h OLD_FILES+=usr/include/i4b/i4b_debug.h OLD_FILES+=usr/include/i4b/i4b_ioctl.h OLD_FILES+=usr/include/i4b/i4b_rbch_ioctl.h OLD_FILES+=usr/include/i4b/i4b_tel_ioctl.h OLD_FILES+=usr/include/i4b/i4b_trace.h OLD_DIRS+=usr/include/i4b OLD_FILES+=usr/sbin/dtmfdecode OLD_FILES+=usr/sbin/g711conv OLD_FILES+=usr/sbin/isdnd OLD_FILES+=usr/sbin/isdndebug OLD_FILES+=usr/sbin/isdndecode OLD_FILES+=usr/sbin/isdnmonitor OLD_FILES+=usr/sbin/isdnphone OLD_FILES+=usr/sbin/isdntel OLD_FILES+=usr/sbin/isdntelctl OLD_FILES+=usr/sbin/isdntrace OLD_FILES+=usr/share/isdn/0.al OLD_FILES+=usr/share/isdn/1.al OLD_FILES+=usr/share/isdn/2.al OLD_FILES+=usr/share/isdn/3.al OLD_FILES+=usr/share/isdn/4.al OLD_FILES+=usr/share/isdn/5.al OLD_FILES+=usr/share/isdn/6.al OLD_FILES+=usr/share/isdn/7.al OLD_FILES+=usr/share/isdn/8.al OLD_FILES+=usr/share/isdn/9.al OLD_FILES+=usr/share/isdn/beep.al OLD_FILES+=usr/share/isdn/msg.al OLD_DIRS+=usr/share/isdn OLD_FILES+=usr/share/man/man1/dtmfdecode.1.gz OLD_FILES+=usr/share/man/man1/g711conv.1.gz OLD_FILES+=usr/share/man/man4/i4b.4.gz OLD_FILES+=usr/share/man/man4/i4bcapi.4.gz OLD_FILES+=usr/share/man/man4/i4bctl.4.gz OLD_FILES+=usr/share/man/man4/i4bing.4.gz OLD_FILES+=usr/share/man/man4/i4bipr.4.gz OLD_FILES+=usr/share/man/man4/i4bisppp.4.gz OLD_FILES+=usr/share/man/man4/i4bq921.4.gz OLD_FILES+=usr/share/man/man4/i4bq931.4.gz OLD_FILES+=usr/share/man/man4/i4brbch.4.gz OLD_FILES+=usr/share/man/man4/i4btel.4.gz OLD_FILES+=usr/share/man/man4/i4btrc.4.gz OLD_FILES+=usr/share/man/man4/iavc.4.gz OLD_FILES+=usr/share/man/man4/isic.4.gz OLD_FILES+=usr/share/man/man4/ifpi.4.gz OLD_FILES+=usr/share/man/man4/ifpi2.4.gz OLD_FILES+=usr/share/man/man4/ifpnp.4.gz OLD_FILES+=usr/share/man/man4/ihfc.4.gz OLD_FILES+=usr/share/man/man4/itjc.4.gz OLD_FILES+=usr/share/man/man4/iwic.4.gz OLD_FILES+=usr/share/man/man5/isdnd.rc.5.gz OLD_FILES+=usr/share/man/man5/isdnd.rates.5.gz OLD_FILES+=usr/share/man/man5/isdnd.acct.5.gz OLD_FILES+=usr/share/man/man8/isdnd.8.gz OLD_FILES+=usr/share/man/man8/isdndebug.8.gz OLD_FILES+=usr/share/man/man8/isdndecode.8.gz OLD_FILES+=usr/share/man/man8/isdnmonitor.8.gz OLD_FILES+=usr/share/man/man8/isdnphone.8.gz OLD_FILES+=usr/share/man/man8/isdntel.8.gz OLD_FILES+=usr/share/man/man8/isdntelctl.8.gz OLD_FILES+=usr/share/man/man8/isdntrace.8.gz OLD_FILES+=usr/share/examples/isdn/contrib/README OLD_FILES+=usr/share/examples/isdn/contrib/anleitung.ppp OLD_FILES+=usr/share/examples/isdn/contrib/answer.c OLD_FILES+=usr/share/examples/isdn/contrib/answer.sh OLD_FILES+=usr/share/examples/isdn/contrib/convert.sh OLD_FILES+=usr/share/examples/isdn/contrib/hplay.c OLD_FILES+=usr/share/examples/isdn/contrib/i4b-ppp-newbie.txt OLD_FILES+=usr/share/examples/isdn/contrib/isdnctl OLD_FILES+=usr/share/examples/isdn/contrib/isdnd_acct OLD_FILES+=usr/share/examples/isdn/contrib/isdnd_acct.pl OLD_FILES+=usr/share/examples/isdn/contrib/isdntelmux.c OLD_FILES+=usr/share/examples/isdn/contrib/mrtg-isp0.sh OLD_FILES+=usr/share/examples/isdn/i4brunppp/Makefile OLD_FILES+=usr/share/examples/isdn/i4brunppp/README OLD_FILES+=usr/share/examples/isdn/i4brunppp/i4brunppp-isdnd.rc OLD_FILES+=usr/share/examples/isdn/i4brunppp/i4brunppp.8 OLD_FILES+=usr/share/examples/isdn/i4brunppp/i4brunppp.c OLD_FILES+=usr/share/examples/isdn/v21/Makefile OLD_FILES+=usr/share/examples/isdn/v21/README OLD_FILES+=usr/share/examples/isdn/v21/v21modem.c OLD_FILES+=usr/share/examples/isdn/FAQ OLD_FILES+=usr/share/examples/isdn/KERNEL OLD_FILES+=usr/share/examples/isdn/Overview OLD_FILES+=usr/share/examples/isdn/README OLD_FILES+=usr/share/examples/isdn/ROADMAP OLD_FILES+=usr/share/examples/isdn/ReleaseNotes OLD_FILES+=usr/share/examples/isdn/Resources OLD_FILES+=usr/share/examples/isdn/SupportedCards OLD_FILES+=usr/share/examples/isdn/ThankYou OLD_DIRS+=usr/share/examples/isdn/contrib OLD_DIRS+=usr/share/examples/isdn/i4brunppp OLD_DIRS+=usr/share/examples/isdn/v21 OLD_DIRS+=usr/share/examples/isdn OLD_FILES+=usr/share/examples/ppp/isdnd.rc OLD_FILES+=usr/share/examples/ppp/ppp.conf.isdn # 20080525: ng_atmpif removed OLD_FILES+=usr/include/netgraph/atm/ng_atmpif.h OLD_FILES+=usr/share/man/man4/ng_atmpif.4.gz # 20080522: pmap_addr_hint removed OLD_FILES+=usr/share/man/man9/pmap_addr_hint.9.gz # 20080517: ipsec_osdep.h removed OLD_FILES+=usr/include/netipsec/ipsec_osdep.h # 20080507: heimdal 1.1 import OLD_LIBS+=usr/lib/libasn1.so.9 OLD_LIBS+=usr/lib/libgssapi.so.9 OLD_LIBS+=usr/lib/libgssapi_krb5.so.9 OLD_LIBS+=usr/lib/libhdb.so.9 OLD_LIBS+=usr/lib/libkadm5clnt.so.9 OLD_LIBS+=usr/lib/libkadm5srv.so.9 OLD_LIBS+=usr/lib/libkafs5.so.9 OLD_LIBS+=usr/lib/libkrb5.so.9 OLD_LIBS+=usr/lib/libroken.so.9 OLD_LIBS+=usr/lib32/libgssapi.so.9 # 20080420: Symbol card support dropped OLD_FILES+=usr/include/dev/wi/spectrum24t_cf.h # 20080420: awi removal OLD_FILES+=usr/share/man/man4/awi.4.gz OLD_FILES+=usr/share/man/man4/if_awi.4.gz # 20080331: pkg_sign has been removed OLD_FILES+=usr/sbin/pkg_check OLD_FILES+=usr/sbin/pkg_sign OLD_FILES+=usr/share/man/man1/pkg_check.1.gz OLD_FILES+=usr/share/man/man1/pkg_sign.1.gz # 20080325: tzdata2008b import OLD_FILES+=usr/share/zoneinfo/Asia/Calcutta OLD_FILES+=usr/share/zoneinfo/Asia/Saigon # 20080314: stack_print(9) mlink fixed OLD_FILES+=usr/share/man/man9/stack_printf.9.gz # 20080312: libkse removal OLD_FILES+=usr/include/sys/kse.h OLD_FILES+=usr/lib/libkse.so OLD_LIBS+=usr/lib/libkse.so.3 OLD_FILES+=usr/share/man/man2/kse.2.gz OLD_FILES+=usr/share/man/man2/kse_create.2.gz OLD_FILES+=usr/share/man/man2/kse_exit.2.gz OLD_FILES+=usr/share/man/man2/kse_release.2.gz OLD_FILES+=usr/share/man/man2/kse_switchin.2.gz OLD_FILES+=usr/share/man/man2/kse_thr_interrupt.2.gz OLD_FILES+=usr/share/man/man2/kse_wakeup.2.gz OLD_FILES+=usr/lib32/libkse.so OLD_LIBS+=usr/lib32/libkse.so.3 # 20080225: bsdar/bsdranlib rename to ar/ranlib OLD_FILES+=usr/bin/bsdar OLD_FILES+=usr/bin/bsdranlib OLD_FILES+=usr/share/man/man1/bsdar.1.gz OLD_FILES+=usr/share/man/man1/bsdranlib.1.gz # 20080220: geom_lvm rename to geom_linux_lvm OLD_FILES+=usr/share/man/man4/geom_lvm.4.gz # 20080126: oldcard.4 removal OLD_FILES+=usr/share/man/man4/card.4.gz OLD_FILES+=usr/share/man/man4/oldcard.4.gz # 20080122: Removed from the tree OLD_FILES+=usr/share/man/man9/BUF_REFCNT.9.gz # 20080108: Moved to section 2 OLD_FILES+=usr/share/man/man3/shm_open.3.gz OLD_FILES+=usr/share/man/man3/shm_unlink.3.gz # 20071207: Merged with fortunes-o.real OLD_FILES+=usr/share/games/fortune/fortunes2-o OLD_FILES+=usr/share/games/fortune/fortunes2-o.dat # 20071201: Removal of XRPU driver OLD_FILES+=usr/include/sys/xrpuio.h # 20071129: Disabled static versions of libkse by default OLD_FILES+=usr/lib/libkse.a OLD_FILES+=usr/lib/libkse_p.a OLD_FILES+=usr/lib/libkse_pic.a OLD_FILES+=usr/lib32/libkse.a OLD_FILES+=usr/lib32/libkse_p.a OLD_FILES+=usr/lib32/libkse_pic.a # 20071129: Removed a Solaris compatibility header OLD_FILES+=usr/include/sys/_elf_solaris.h # 20071125: Renamed to pmc_get_msr() OLD_FILES+=usr/share/man/man3/pmc_x86_get_msr.3.gz # 20071108: Removed very crunch OLDCARD support file OLD_FILES+=etc/defaults/pccard.conf # 20071025: rc.d/nfslocking superceeded by rc.d/lockd and rc.d/statd OLD_FILES+=etc/rc.d/nfslocking # 20070930: rename of cached to nscd OLD_FILES+=etc/cached.conf OLD_FILES+=etc/rc.d/cached OLD_FILES+=usr/sbin/cached OLD_FILES+=usr/share/man/man5/cached.conf.5.gz OLD_FILES+=usr/share/man/man8/cached.8.gz # 20070807: removal of PowerPC specific header file. .if ${TARGET_ARCH} == "powerpc" OLD_FILES+=usr/include/machine/interruptvar.h .endif # 20070801: fast_ipsec.4 gone OLD_FILES+=usr/share/man/man4/fast_ipsec.4.gz # 20070715: netatm temporarily disconnected (removed 20080525) OLD_FILES+=rescue/atm OLD_FILES+=rescue/fore_dnld OLD_FILES+=rescue/ilmid OLD_FILES+=sbin/atm OLD_FILES+=sbin/fore_dnld OLD_FILES+=sbin/ilmid OLD_FILES+=usr/include/libatm.h OLD_FILES+=usr/include/netatm/atm.h OLD_FILES+=usr/include/netatm/atm_cm.h OLD_FILES+=usr/include/netatm/atm_if.h OLD_FILES+=usr/include/netatm/atm_ioctl.h OLD_FILES+=usr/include/netatm/atm_pcb.h OLD_FILES+=usr/include/netatm/atm_sap.h OLD_FILES+=usr/include/netatm/atm_sigmgr.h OLD_FILES+=usr/include/netatm/atm_stack.h OLD_FILES+=usr/include/netatm/atm_sys.h OLD_FILES+=usr/include/netatm/atm_var.h OLD_FILES+=usr/include/netatm/atm_vc.h OLD_FILES+=usr/include/netatm/ipatm/ipatm.h OLD_FILES+=usr/include/netatm/ipatm/ipatm_serv.h OLD_FILES+=usr/include/netatm/ipatm/ipatm_var.h OLD_FILES+=usr/include/netatm/port.h OLD_FILES+=usr/include/netatm/queue.h OLD_FILES+=usr/include/netatm/sigpvc/sigpvc_var.h OLD_FILES+=usr/include/netatm/spans/spans_cls.h OLD_FILES+=usr/include/netatm/spans/spans_kxdr.h OLD_FILES+=usr/include/netatm/spans/spans_var.h OLD_FILES+=usr/include/netatm/uni/sscf_uni.h OLD_FILES+=usr/include/netatm/uni/sscf_uni_var.h OLD_FILES+=usr/include/netatm/uni/sscop.h OLD_FILES+=usr/include/netatm/uni/sscop_misc.h OLD_FILES+=usr/include/netatm/uni/sscop_pdu.h OLD_FILES+=usr/include/netatm/uni/sscop_var.h OLD_FILES+=usr/include/netatm/uni/uni.h OLD_FILES+=usr/include/netatm/uni/uniip_var.h OLD_FILES+=usr/include/netatm/uni/unisig.h OLD_FILES+=usr/include/netatm/uni/unisig_decode.h OLD_FILES+=usr/include/netatm/uni/unisig_mbuf.h OLD_FILES+=usr/include/netatm/uni/unisig_msg.h OLD_FILES+=usr/include/netatm/uni/unisig_print.h OLD_FILES+=usr/include/netatm/uni/unisig_var.h OLD_FILES+=usr/lib/libatm.a OLD_FILES+=usr/lib/libatm_p.a OLD_FILES+=usr/sbin/atmarpd OLD_FILES+=usr/sbin/scspd OLD_FILES+=usr/share/man/en.ISO8859-1/man8/atm.8.gz OLD_FILES+=usr/share/man/en.ISO8859-1/man8/atmarpd.8.gz OLD_FILES+=usr/share/man/en.ISO8859-1/man8/fore_dnld.8.gz OLD_FILES+=usr/share/man/en.ISO8859-1/man8/ilmid.8.gz OLD_FILES+=usr/share/man/en.ISO8859-1/man8/scspd.8.gz OLD_FILES+=usr/share/man/man8/atm.8.gz OLD_FILES+=usr/share/man/man8/atmarpd.8.gz OLD_FILES+=usr/share/man/man8/fore_dnld.8.gz OLD_FILES+=usr/share/man/man8/ilmid.8.gz OLD_FILES+=usr/share/man/man8/scspd.8.gz OLD_FILES+=usr/share/examples/atm/NOTES OLD_FILES+=usr/share/examples/atm/README OLD_FILES+=usr/share/examples/atm/Startup OLD_FILES+=usr/share/examples/atm/atm-config.sh OLD_FILES+=usr/share/examples/atm/atm-sockets.txt OLD_FILES+=usr/share/examples/atm/cpcs-design.txt OLD_FILES+=usr/share/examples/atm/fore-microcode.txt OLD_FILES+=usr/share/examples/atm/sscf-design.txt OLD_FILES+=usr/share/examples/atm/sscop-design.txt OLD_LIBS+=lib/libatm.so.5 OLD_LIBS+=usr/lib/libatm.so OLD_DIRS+=usr/include/netatm/sigpvc OLD_DIRS+=usr/include/netatm/spans OLD_DIRS+=usr/include/netatm/ipatm OLD_DIRS+=usr/include/netatm/uni OLD_DIRS+=usr/include/netatm OLD_DIRS+=usr/share/examples/atm OLD_FILES+=usr/lib32/libatm.a OLD_FILES+=usr/lib32/libatm.so OLD_LIBS+=usr/lib32/libatm.so.5 OLD_FILES+=usr/lib32/libatm_p.a # 20070705: I4B headers repo-copied to include/i4b/ .if ${TARGET_ARCH} == "i386" OLD_FILES+=usr/include/machine/i4b_cause.h OLD_FILES+=usr/include/machine/i4b_debug.h OLD_FILES+=usr/include/machine/i4b_ioctl.h OLD_FILES+=usr/include/machine/i4b_rbch_ioctl.h OLD_FILES+=usr/include/machine/i4b_tel_ioctl.h OLD_FILES+=usr/include/machine/i4b_trace.h .endif # 20070703: pf 4.1 import OLD_FILES+=usr/libexec/ftp-proxy # 20070701: KAME IPSec removal OLD_FILES+=usr/include/netinet6/ah.h OLD_FILES+=usr/include/netinet6/ah6.h OLD_FILES+=usr/include/netinet6/ah_aesxcbcmac.h OLD_FILES+=usr/include/netinet6/esp.h OLD_FILES+=usr/include/netinet6/esp6.h OLD_FILES+=usr/include/netinet6/esp_aesctr.h OLD_FILES+=usr/include/netinet6/esp_camellia.h OLD_FILES+=usr/include/netinet6/esp_rijndael.h OLD_FILES+=usr/include/netinet6/ipsec.h OLD_FILES+=usr/include/netinet6/ipsec6.h OLD_FILES+=usr/include/netinet6/ipcomp.h OLD_FILES+=usr/include/netinet6/ipcomp6.h OLD_FILES+=usr/include/netkey/key.h OLD_FILES+=usr/include/netkey/key_debug.h OLD_FILES+=usr/include/netkey/key_var.h OLD_FILES+=usr/include/netkey/keydb.h OLD_FILES+=usr/include/netkey/keysock.h OLD_DIRS+=usr/include/netkey # 20070701: remove wicontrol OLD_FILES+=usr/sbin/wicontrol OLD_FILES+=usr/share/man/man8/wicontrol.8.gz # 20070625: umapfs removal OLD_FILES+=rescue/mount_umapfs OLD_FILES+=sbin/mount_umapfs OLD_FILES+=usr/include/fs/umapfs/umap.h OLD_FILES+=usr/share/man/man8/mount_umapfs.8.gz OLD_DIRS+=usr/include/fs/umapfs # 20070618: Removal of the PROTO.localhost* files OLD_FILES+=etc/namedb/PROTO.localhost-v6.rev OLD_FILES+=etc/namedb/PROTO.localhost.rev OLD_FILES+=etc/namedb/make-localhost # 20070618: shared library version bump OLD_LIBS+=lib/libalias.so.5 OLD_LIBS+=lib/libbsnmp.so.3 OLD_LIBS+=lib/libncurses.so.6 OLD_LIBS+=lib/libncursesw.so.6 OLD_LIBS+=lib/libreadline.so.6 OLD_LIBS+=usr/lib/libdialog.so.5 OLD_LIBS+=usr/lib/libgnuregex.so.3 OLD_LIBS+=usr/lib/libhistory.so.6 OLD_LIBS+=usr/lib/libpam.so.3 OLD_LIBS+=usr/lib/libssh.so.3 OLD_LIBS+=usr/lib/pam_chroot.so.3 OLD_LIBS+=usr/lib/pam_deny.so.3 OLD_LIBS+=usr/lib/pam_echo.so.3 OLD_LIBS+=usr/lib/pam_exec.so.3 OLD_LIBS+=usr/lib/pam_ftpusers.so.3 OLD_LIBS+=usr/lib/pam_group.so.3 OLD_LIBS+=usr/lib/pam_guest.so.3 OLD_LIBS+=usr/lib/pam_krb5.so.3 OLD_LIBS+=usr/lib/pam_ksu.so.3 OLD_LIBS+=usr/lib/pam_lastlog.so.3 OLD_LIBS+=usr/lib/pam_login_access.so.3 OLD_LIBS+=usr/lib/pam_nologin.so.3 OLD_LIBS+=usr/lib/pam_opie.so.3 OLD_LIBS+=usr/lib/pam_opieaccess.so.3 OLD_LIBS+=usr/lib/pam_passwdqc.so.3 OLD_LIBS+=usr/lib/pam_permit.so.3 OLD_LIBS+=usr/lib/pam_radius.so.3 OLD_LIBS+=usr/lib/pam_rhosts.so.3 OLD_LIBS+=usr/lib/pam_rootok.so.3 OLD_LIBS+=usr/lib/pam_securetty.so.3 OLD_LIBS+=usr/lib/pam_self.so.3 OLD_LIBS+=usr/lib/pam_ssh.so.3 OLD_LIBS+=usr/lib/pam_tacplus.so.3 OLD_LIBS+=usr/lib/pam_unix.so.3 OLD_LIBS+=usr/lib/snmp_atm.so.4 OLD_LIBS+=usr/lib/snmp_bridge.so.4 OLD_LIBS+=usr/lib/snmp_hostres.so.4 OLD_LIBS+=usr/lib/snmp_mibII.so.4 OLD_LIBS+=usr/lib/snmp_netgraph.so.4 OLD_LIBS+=usr/lib/snmp_pf.so.4 OLD_LIBS+=usr/lib32/libalias.so.5 OLD_LIBS+=usr/lib32/libbsnmp.so.3 OLD_LIBS+=usr/lib32/libdialog.so.5 OLD_LIBS+=usr/lib32/libgnuregex.so.3 OLD_LIBS+=usr/lib32/libhistory.so.6 OLD_LIBS+=usr/lib32/libncurses.so.6 OLD_LIBS+=usr/lib32/libncursesw.so.6 OLD_LIBS+=usr/lib32/libpam.so.3 OLD_LIBS+=usr/lib32/libreadline.so.6 OLD_LIBS+=usr/lib32/libssh.so.3 OLD_LIBS+=usr/lib32/pam_chroot.so.3 OLD_LIBS+=usr/lib32/pam_deny.so.3 OLD_LIBS+=usr/lib32/pam_echo.so.3 OLD_LIBS+=usr/lib32/pam_exec.so.3 OLD_LIBS+=usr/lib32/pam_ftpusers.so.3 OLD_LIBS+=usr/lib32/pam_group.so.3 OLD_LIBS+=usr/lib32/pam_guest.so.3 OLD_LIBS+=usr/lib32/pam_krb5.so.3 OLD_LIBS+=usr/lib32/pam_ksu.so.3 OLD_LIBS+=usr/lib32/pam_lastlog.so.3 OLD_LIBS+=usr/lib32/pam_login_access.so.3 OLD_LIBS+=usr/lib32/pam_nologin.so.3 OLD_LIBS+=usr/lib32/pam_opie.so.3 OLD_LIBS+=usr/lib32/pam_opieaccess.so.3 OLD_LIBS+=usr/lib32/pam_passwdqc.so.3 OLD_LIBS+=usr/lib32/pam_permit.so.3 OLD_LIBS+=usr/lib32/pam_radius.so.3 OLD_LIBS+=usr/lib32/pam_rhosts.so.3 OLD_LIBS+=usr/lib32/pam_rootok.so.3 OLD_LIBS+=usr/lib32/pam_securetty.so.3 OLD_LIBS+=usr/lib32/pam_self.so.3 OLD_LIBS+=usr/lib32/pam_ssh.so.3 OLD_LIBS+=usr/lib32/pam_tacplus.so.3 OLD_LIBS+=usr/lib32/pam_unix.so.3 # 20070613: IPX over IP tunnel removal OLD_FILES+=usr/include/netipx/ipx_ip.h # 20070605: sched_core removal OLD_FILES+=usr/share/man/man4/sched_core.4.gz # 20070603: BIND 9.4.1 import OLD_LIBS+=usr/lib/liblwres.so.10 # 20070521: shared library version bump OLD_LIBS+=lib/libatm.so.4 OLD_LIBS+=lib/libbegemot.so.2 OLD_LIBS+=lib/libbsdxml.so.2 OLD_LIBS+=lib/libcam.so.3 OLD_LIBS+=lib/libcrypt.so.3 OLD_LIBS+=lib/libdevstat.so.5 OLD_LIBS+=lib/libedit.so.5 OLD_LIBS+=lib/libgeom.so.3 OLD_LIBS+=lib/libipsec.so.2 OLD_LIBS+=lib/libipx.so.3 OLD_LIBS+=lib/libkiconv.so.2 OLD_LIBS+=lib/libkse.so.2 OLD_LIBS+=lib/libkvm.so.3 OLD_LIBS+=lib/libm.so.4 OLD_LIBS+=lib/libmd.so.3 OLD_LIBS+=lib/libpcap.so.4 OLD_LIBS+=lib/libpthread.so.2 OLD_LIBS+=lib/libsbuf.so.3 OLD_LIBS+=lib/libthr.so.2 OLD_LIBS+=lib/libufs.so.3 OLD_LIBS+=lib/libutil.so.6 OLD_LIBS+=lib/libz.so.3 OLD_LIBS+=usr/lib/libbluetooth.so.2 OLD_LIBS+=usr/lib/libbsm.so.1 OLD_LIBS+=usr/lib/libbz2.so.2 OLD_LIBS+=usr/lib/libcalendar.so.3 OLD_LIBS+=usr/lib/libcom_err.so.3 OLD_LIBS+=usr/lib/libdevinfo.so.3 OLD_LIBS+=usr/lib/libfetch.so.4 OLD_LIBS+=usr/lib/libform.so.3 OLD_LIBS+=usr/lib/libformw.so.3 OLD_LIBS+=usr/lib/libftpio.so.6 OLD_LIBS+=usr/lib/libgpib.so.1 OLD_LIBS+=usr/lib/libkse.so.2 OLD_LIBS+=usr/lib/libmagic.so.2 OLD_LIBS+=usr/lib/libmemstat.so.1 OLD_LIBS+=usr/lib/libmenu.so.3 OLD_LIBS+=usr/lib/libmenuw.so.3 OLD_LIBS+=usr/lib/libmilter.so.3 OLD_LIBS+=usr/lib/libmp.so.5 OLD_LIBS+=usr/lib/libncp.so.2 OLD_LIBS+=usr/lib/libnetgraph.so.2 OLD_LIBS+=usr/lib/libngatm.so.2 OLD_LIBS+=usr/lib/libopie.so.4 OLD_LIBS+=usr/lib/libpanel.so.3 OLD_LIBS+=usr/lib/libpanelw.so.3 OLD_LIBS+=usr/lib/libpmc.so.3 OLD_LIBS+=usr/lib/libradius.so.2 OLD_LIBS+=usr/lib/librpcsvc.so.3 OLD_LIBS+=usr/lib/libsdp.so.2 OLD_LIBS+=usr/lib/libsmb.so.2 OLD_LIBS+=usr/lib/libstdc++.so.5 OLD_LIBS+=usr/lib/libtacplus.so.2 OLD_LIBS+=usr/lib/libthr.so.2 OLD_LIBS+=usr/lib/libthread_db.so.2 OLD_LIBS+=usr/lib/libugidfw.so.2 OLD_LIBS+=usr/lib/libusbhid.so.2 OLD_LIBS+=usr/lib/libvgl.so.4 OLD_LIBS+=usr/lib/libwrap.so.4 OLD_LIBS+=usr/lib/libypclnt.so.2 OLD_LIBS+=usr/lib/snmp_bridge.so.3 OLD_LIBS+=usr/lib/snmp_hostres.so.3 OLD_LIBS+=usr/lib32/libatm.so.4 OLD_LIBS+=usr/lib32/libbegemot.so.2 OLD_LIBS+=usr/lib32/libbluetooth.so.2 OLD_LIBS+=usr/lib32/libbsdxml.so.2 OLD_LIBS+=usr/lib32/libbsm.so.1 OLD_LIBS+=usr/lib32/libbz2.so.2 OLD_LIBS+=usr/lib32/libcalendar.so.3 OLD_LIBS+=usr/lib32/libcam.so.3 OLD_LIBS+=usr/lib32/libcom_err.so.3 OLD_LIBS+=usr/lib32/libcrypt.so.3 OLD_LIBS+=usr/lib32/libdevinfo.so.3 OLD_LIBS+=usr/lib32/libdevstat.so.5 OLD_LIBS+=usr/lib32/libedit.so.5 OLD_LIBS+=usr/lib32/libfetch.so.4 OLD_LIBS+=usr/lib32/libform.so.3 OLD_LIBS+=usr/lib32/libformw.so.3 OLD_LIBS+=usr/lib32/libftpio.so.6 OLD_LIBS+=usr/lib32/libgeom.so.3 OLD_LIBS+=usr/lib32/libgpib.so.1 OLD_LIBS+=usr/lib32/libipsec.so.2 OLD_LIBS+=usr/lib32/libipx.so.3 OLD_LIBS+=usr/lib32/libkiconv.so.2 OLD_LIBS+=usr/lib32/libkse.so.2 OLD_LIBS+=usr/lib32/libkvm.so.3 OLD_LIBS+=usr/lib32/libm.so.4 OLD_LIBS+=usr/lib32/libmagic.so.2 OLD_LIBS+=usr/lib32/libmd.so.3 OLD_LIBS+=usr/lib32/libmemstat.so.1 OLD_LIBS+=usr/lib32/libmenu.so.3 OLD_LIBS+=usr/lib32/libmenuw.so.3 OLD_LIBS+=usr/lib32/libmilter.so.3 OLD_LIBS+=usr/lib32/libmp.so.5 OLD_LIBS+=usr/lib32/libncp.so.2 OLD_LIBS+=usr/lib32/libnetgraph.so.2 OLD_LIBS+=usr/lib32/libngatm.so.2 OLD_LIBS+=usr/lib32/libopie.so.4 OLD_LIBS+=usr/lib32/libpanel.so.3 OLD_LIBS+=usr/lib32/libpanelw.so.3 OLD_LIBS+=usr/lib32/libpcap.so.4 OLD_LIBS+=usr/lib32/libpmc.so.3 OLD_LIBS+=usr/lib32/libpthread.so.2 OLD_LIBS+=usr/lib32/libradius.so.2 OLD_LIBS+=usr/lib32/librpcsvc.so.3 OLD_LIBS+=usr/lib32/libsbuf.so.3 OLD_LIBS+=usr/lib32/libsdp.so.2 OLD_LIBS+=usr/lib32/libsmb.so.2 OLD_LIBS+=usr/lib32/libstdc++.so.5 OLD_LIBS+=usr/lib32/libtacplus.so.2 OLD_LIBS+=usr/lib32/libthr.so.2 OLD_LIBS+=usr/lib32/libthread_db.so.2 OLD_LIBS+=usr/lib32/libufs.so.3 OLD_LIBS+=usr/lib32/libugidfw.so.2 OLD_LIBS+=usr/lib32/libusbhid.so.2 OLD_LIBS+=usr/lib32/libutil.so.6 OLD_LIBS+=usr/lib32/libvgl.so.4 OLD_LIBS+=usr/lib32/libwrap.so.4 OLD_LIBS+=usr/lib32/libypclnt.so.2 OLD_LIBS+=usr/lib32/libz.so.3 # 20070519: GCC 4.2 OLD_FILES+=usr/bin/f77 OLD_FILES+=usr/bin/protoize OLD_FILES+=usr/include/g2c.h OLD_FILES+=usr/libexec/f771 OLD_FILES+=usr/share/info/g77.info.gz OLD_FILES+=usr/share/man/man1/f77.1.gz OLD_FILES+=usr/include/c++/3.4/algorithm OLD_FILES+=usr/include/c++/3.4/backward/algo.h OLD_FILES+=usr/include/c++/3.4/backward/algobase.h OLD_FILES+=usr/include/c++/3.4/backward/alloc.h OLD_FILES+=usr/include/c++/3.4/backward/backward_warning.h OLD_FILES+=usr/include/c++/3.4/backward/bvector.h OLD_FILES+=usr/include/c++/3.4/backward/complex.h OLD_FILES+=usr/include/c++/3.4/backward/defalloc.h OLD_FILES+=usr/include/c++/3.4/backward/deque.h OLD_FILES+=usr/include/c++/3.4/backward/fstream.h OLD_FILES+=usr/include/c++/3.4/backward/function.h OLD_FILES+=usr/include/c++/3.4/backward/hash_map.h OLD_FILES+=usr/include/c++/3.4/backward/hash_set.h OLD_FILES+=usr/include/c++/3.4/backward/hashtable.h OLD_FILES+=usr/include/c++/3.4/backward/heap.h OLD_FILES+=usr/include/c++/3.4/backward/iomanip.h OLD_FILES+=usr/include/c++/3.4/backward/iostream.h OLD_FILES+=usr/include/c++/3.4/backward/istream.h OLD_FILES+=usr/include/c++/3.4/backward/iterator.h OLD_FILES+=usr/include/c++/3.4/backward/list.h OLD_FILES+=usr/include/c++/3.4/backward/map.h OLD_FILES+=usr/include/c++/3.4/backward/multimap.h OLD_FILES+=usr/include/c++/3.4/backward/multiset.h OLD_FILES+=usr/include/c++/3.4/backward/new.h OLD_FILES+=usr/include/c++/3.4/backward/ostream.h OLD_FILES+=usr/include/c++/3.4/backward/pair.h OLD_FILES+=usr/include/c++/3.4/backward/queue.h OLD_FILES+=usr/include/c++/3.4/backward/rope.h OLD_FILES+=usr/include/c++/3.4/backward/set.h OLD_FILES+=usr/include/c++/3.4/backward/slist.h OLD_FILES+=usr/include/c++/3.4/backward/stack.h OLD_FILES+=usr/include/c++/3.4/backward/stream.h OLD_FILES+=usr/include/c++/3.4/backward/streambuf.h OLD_FILES+=usr/include/c++/3.4/backward/strstream OLD_FILES+=usr/include/c++/3.4/backward/tempbuf.h OLD_FILES+=usr/include/c++/3.4/backward/tree.h OLD_FILES+=usr/include/c++/3.4/backward/vector.h OLD_FILES+=usr/include/c++/3.4/bits/allocator.h OLD_FILES+=usr/include/c++/3.4/bits/atomic_word.h OLD_FILES+=usr/include/c++/3.4/bits/atomicity.h OLD_FILES+=usr/include/c++/3.4/bits/basic_file.h OLD_FILES+=usr/include/c++/3.4/bits/basic_ios.h OLD_FILES+=usr/include/c++/3.4/bits/basic_ios.tcc OLD_FILES+=usr/include/c++/3.4/bits/basic_string.h OLD_FILES+=usr/include/c++/3.4/bits/basic_string.tcc OLD_FILES+=usr/include/c++/3.4/bits/boost_concept_check.h OLD_FILES+=usr/include/c++/3.4/bits/c++allocator.h OLD_FILES+=usr/include/c++/3.4/bits/c++config.h OLD_FILES+=usr/include/c++/3.4/bits/c++io.h OLD_FILES+=usr/include/c++/3.4/bits/c++locale.h OLD_FILES+=usr/include/c++/3.4/bits/c++locale_internal.h OLD_FILES+=usr/include/c++/3.4/bits/char_traits.h OLD_FILES+=usr/include/c++/3.4/bits/cmath.tcc OLD_FILES+=usr/include/c++/3.4/bits/codecvt.h OLD_FILES+=usr/include/c++/3.4/bits/codecvt_specializations.h OLD_FILES+=usr/include/c++/3.4/bits/concept_check.h OLD_FILES+=usr/include/c++/3.4/bits/concurrence.h OLD_FILES+=usr/include/c++/3.4/bits/cpp_type_traits.h OLD_FILES+=usr/include/c++/3.4/bits/ctype_base.h OLD_FILES+=usr/include/c++/3.4/bits/ctype_inline.h OLD_FILES+=usr/include/c++/3.4/bits/ctype_noninline.h OLD_FILES+=usr/include/c++/3.4/bits/deque.tcc OLD_FILES+=usr/include/c++/3.4/bits/fstream.tcc OLD_FILES+=usr/include/c++/3.4/bits/functexcept.h OLD_FILES+=usr/include/c++/3.4/bits/gslice.h OLD_FILES+=usr/include/c++/3.4/bits/gslice_array.h OLD_FILES+=usr/include/c++/3.4/bits/gthr-default.h OLD_FILES+=usr/include/c++/3.4/bits/gthr-posix.h OLD_FILES+=usr/include/c++/3.4/bits/gthr-single.h OLD_FILES+=usr/include/c++/3.4/bits/gthr.h OLD_FILES+=usr/include/c++/3.4/bits/indirect_array.h OLD_FILES+=usr/include/c++/3.4/bits/ios_base.h OLD_FILES+=usr/include/c++/3.4/bits/istream.tcc OLD_FILES+=usr/include/c++/3.4/bits/list.tcc OLD_FILES+=usr/include/c++/3.4/bits/locale_classes.h OLD_FILES+=usr/include/c++/3.4/bits/locale_facets.h OLD_FILES+=usr/include/c++/3.4/bits/locale_facets.tcc OLD_FILES+=usr/include/c++/3.4/bits/localefwd.h OLD_FILES+=usr/include/c++/3.4/bits/mask_array.h OLD_FILES+=usr/include/c++/3.4/bits/messages_members.h OLD_FILES+=usr/include/c++/3.4/bits/os_defines.h OLD_FILES+=usr/include/c++/3.4/bits/ostream.tcc OLD_FILES+=usr/include/c++/3.4/bits/postypes.h OLD_FILES+=usr/include/c++/3.4/bits/slice_array.h OLD_FILES+=usr/include/c++/3.4/bits/sstream.tcc OLD_FILES+=usr/include/c++/3.4/bits/stl_algo.h OLD_FILES+=usr/include/c++/3.4/bits/stl_algobase.h OLD_FILES+=usr/include/c++/3.4/bits/stl_bvector.h OLD_FILES+=usr/include/c++/3.4/bits/stl_construct.h OLD_FILES+=usr/include/c++/3.4/bits/stl_deque.h OLD_FILES+=usr/include/c++/3.4/bits/stl_function.h OLD_FILES+=usr/include/c++/3.4/bits/stl_heap.h OLD_FILES+=usr/include/c++/3.4/bits/stl_iterator.h OLD_FILES+=usr/include/c++/3.4/bits/stl_iterator_base_funcs.h OLD_FILES+=usr/include/c++/3.4/bits/stl_iterator_base_types.h OLD_FILES+=usr/include/c++/3.4/bits/stl_list.h OLD_FILES+=usr/include/c++/3.4/bits/stl_map.h OLD_FILES+=usr/include/c++/3.4/bits/stl_multimap.h OLD_FILES+=usr/include/c++/3.4/bits/stl_multiset.h OLD_FILES+=usr/include/c++/3.4/bits/stl_numeric.h OLD_FILES+=usr/include/c++/3.4/bits/stl_pair.h OLD_FILES+=usr/include/c++/3.4/bits/stl_queue.h OLD_FILES+=usr/include/c++/3.4/bits/stl_raw_storage_iter.h OLD_FILES+=usr/include/c++/3.4/bits/stl_relops.h OLD_FILES+=usr/include/c++/3.4/bits/stl_set.h OLD_FILES+=usr/include/c++/3.4/bits/stl_stack.h OLD_FILES+=usr/include/c++/3.4/bits/stl_tempbuf.h OLD_FILES+=usr/include/c++/3.4/bits/stl_threads.h OLD_FILES+=usr/include/c++/3.4/bits/stl_tree.h OLD_FILES+=usr/include/c++/3.4/bits/stl_uninitialized.h OLD_FILES+=usr/include/c++/3.4/bits/stl_vector.h OLD_FILES+=usr/include/c++/3.4/bits/stream_iterator.h OLD_FILES+=usr/include/c++/3.4/bits/streambuf.tcc OLD_FILES+=usr/include/c++/3.4/bits/streambuf_iterator.h OLD_FILES+=usr/include/c++/3.4/bits/stringfwd.h OLD_FILES+=usr/include/c++/3.4/bits/time_members.h OLD_FILES+=usr/include/c++/3.4/bits/type_traits.h OLD_FILES+=usr/include/c++/3.4/bits/valarray_after.h OLD_FILES+=usr/include/c++/3.4/bits/valarray_array.h OLD_FILES+=usr/include/c++/3.4/bits/valarray_array.tcc OLD_FILES+=usr/include/c++/3.4/bits/valarray_before.h OLD_FILES+=usr/include/c++/3.4/bits/vector.tcc OLD_FILES+=usr/include/c++/3.4/bitset OLD_FILES+=usr/include/c++/3.4/cassert OLD_FILES+=usr/include/c++/3.4/cctype OLD_FILES+=usr/include/c++/3.4/cerrno OLD_FILES+=usr/include/c++/3.4/cfloat OLD_FILES+=usr/include/c++/3.4/ciso646 OLD_FILES+=usr/include/c++/3.4/climits OLD_FILES+=usr/include/c++/3.4/clocale OLD_FILES+=usr/include/c++/3.4/cmath OLD_FILES+=usr/include/c++/3.4/complex OLD_FILES+=usr/include/c++/3.4/csetjmp OLD_FILES+=usr/include/c++/3.4/csignal OLD_FILES+=usr/include/c++/3.4/cstdarg OLD_FILES+=usr/include/c++/3.4/cstddef OLD_FILES+=usr/include/c++/3.4/cstdio OLD_FILES+=usr/include/c++/3.4/cstdlib OLD_FILES+=usr/include/c++/3.4/cstring OLD_FILES+=usr/include/c++/3.4/ctime OLD_FILES+=usr/include/c++/3.4/cwchar OLD_FILES+=usr/include/c++/3.4/cwctype OLD_FILES+=usr/include/c++/3.4/cxxabi.h OLD_FILES+=usr/include/c++/3.4/debug/bitset OLD_FILES+=usr/include/c++/3.4/debug/debug.h OLD_FILES+=usr/include/c++/3.4/debug/deque OLD_FILES+=usr/include/c++/3.4/debug/formatter.h OLD_FILES+=usr/include/c++/3.4/debug/hash_map OLD_FILES+=usr/include/c++/3.4/debug/hash_map.h OLD_FILES+=usr/include/c++/3.4/debug/hash_multimap.h OLD_FILES+=usr/include/c++/3.4/debug/hash_multiset.h OLD_FILES+=usr/include/c++/3.4/debug/hash_set OLD_FILES+=usr/include/c++/3.4/debug/hash_set.h OLD_FILES+=usr/include/c++/3.4/debug/list OLD_FILES+=usr/include/c++/3.4/debug/map OLD_FILES+=usr/include/c++/3.4/debug/map.h OLD_FILES+=usr/include/c++/3.4/debug/multimap.h OLD_FILES+=usr/include/c++/3.4/debug/multiset.h OLD_FILES+=usr/include/c++/3.4/debug/safe_base.h OLD_FILES+=usr/include/c++/3.4/debug/safe_iterator.h OLD_FILES+=usr/include/c++/3.4/debug/safe_iterator.tcc OLD_FILES+=usr/include/c++/3.4/debug/safe_sequence.h OLD_FILES+=usr/include/c++/3.4/debug/set OLD_FILES+=usr/include/c++/3.4/debug/set.h OLD_FILES+=usr/include/c++/3.4/debug/string OLD_FILES+=usr/include/c++/3.4/debug/vector OLD_FILES+=usr/include/c++/3.4/deque OLD_FILES+=usr/include/c++/3.4/exception OLD_FILES+=usr/include/c++/3.4/exception_defines.h OLD_FILES+=usr/include/c++/3.4/ext/algorithm OLD_FILES+=usr/include/c++/3.4/ext/bitmap_allocator.h OLD_FILES+=usr/include/c++/3.4/ext/debug_allocator.h OLD_FILES+=usr/include/c++/3.4/ext/enc_filebuf.h OLD_FILES+=usr/include/c++/3.4/ext/functional OLD_FILES+=usr/include/c++/3.4/ext/hash_fun.h OLD_FILES+=usr/include/c++/3.4/ext/hash_map OLD_FILES+=usr/include/c++/3.4/ext/hash_set OLD_FILES+=usr/include/c++/3.4/ext/hashtable.h OLD_FILES+=usr/include/c++/3.4/ext/iterator OLD_FILES+=usr/include/c++/3.4/ext/malloc_allocator.h OLD_FILES+=usr/include/c++/3.4/ext/memory OLD_FILES+=usr/include/c++/3.4/ext/mt_allocator.h OLD_FILES+=usr/include/c++/3.4/ext/new_allocator.h OLD_FILES+=usr/include/c++/3.4/ext/numeric OLD_FILES+=usr/include/c++/3.4/ext/pod_char_traits.h OLD_FILES+=usr/include/c++/3.4/ext/pool_allocator.h OLD_FILES+=usr/include/c++/3.4/ext/rb_tree OLD_FILES+=usr/include/c++/3.4/ext/rope OLD_FILES+=usr/include/c++/3.4/ext/ropeimpl.h OLD_FILES+=usr/include/c++/3.4/ext/slist OLD_FILES+=usr/include/c++/3.4/ext/stdio_filebuf.h OLD_FILES+=usr/include/c++/3.4/ext/stdio_sync_filebuf.h OLD_FILES+=usr/include/c++/3.4/fstream OLD_FILES+=usr/include/c++/3.4/functional OLD_FILES+=usr/include/c++/3.4/iomanip OLD_FILES+=usr/include/c++/3.4/ios OLD_FILES+=usr/include/c++/3.4/iosfwd OLD_FILES+=usr/include/c++/3.4/iostream OLD_FILES+=usr/include/c++/3.4/istream OLD_FILES+=usr/include/c++/3.4/iterator OLD_FILES+=usr/include/c++/3.4/limits OLD_FILES+=usr/include/c++/3.4/list OLD_FILES+=usr/include/c++/3.4/locale OLD_FILES+=usr/include/c++/3.4/map OLD_FILES+=usr/include/c++/3.4/memory OLD_FILES+=usr/include/c++/3.4/new OLD_FILES+=usr/include/c++/3.4/numeric OLD_FILES+=usr/include/c++/3.4/ostream OLD_FILES+=usr/include/c++/3.4/queue OLD_FILES+=usr/include/c++/3.4/set OLD_FILES+=usr/include/c++/3.4/sstream OLD_FILES+=usr/include/c++/3.4/stack OLD_FILES+=usr/include/c++/3.4/stdexcept OLD_FILES+=usr/include/c++/3.4/streambuf OLD_FILES+=usr/include/c++/3.4/string OLD_FILES+=usr/include/c++/3.4/typeinfo OLD_FILES+=usr/include/c++/3.4/utility OLD_FILES+=usr/include/c++/3.4/valarray OLD_FILES+=usr/include/c++/3.4/vector OLD_DIRS+=usr/include/c++/3.4/backward OLD_DIRS+=usr/include/c++/3.4/bits OLD_DIRS+=usr/include/c++/3.4/debug OLD_DIRS+=usr/include/c++/3.4/ext OLD_DIRS+=usr/include/c++/3.4 # 20070510: zpool/zfs moved to /sbin OLD_FILES+=usr/sbin/zfs OLD_FILES+=usr/sbin/zpool # 20070423: rc.bluetooth (examples) removed OLD_FILES+=usr/share/examples/netgraph/bluetooth/rc.bluetooth OLD_DIRS+=usr/share/examples/netgraph/bluetooth # 20070421: worm.4 removed OLD_FILES+=usr/share/man/man4/worm.4.gz # 20070417: trunk(4) renamed to lagg(4) OLD_FILES+=usr/include/net/if_trunk.h # 20070409: uuidgen moved to /bin/ OLD_FILES+=usr/bin/uuidgen # 20070328: bzip2 1.0.4 OLD_FILES+=usr/share/info/bzip2.info.gz # 20070303: libarchive 2.0 OLD_LIBS+=usr/lib/libarchive.so.3 OLD_LIBS+=usr/lib32/libarchive.so.3 # 20070301: remove addr2ascii and ascii2addr OLD_FILES+=usr/share/man/man3/addr2ascii.3.gz OLD_FILES+=usr/share/man/man3/ascii2addr.3.gz # 20070225: vm_page_unmanage() removed OLD_FILES+=usr/share/man/man9/vm_page_unmanage.9.gz # 20070216: VFS_VPTOFH(9) -> VOP_VPTOFH(9) OLD_FILES+=usr/share/man/man9/VFS_VPTOFH.9.gz # 20070212: kame.4 removed OLD_FILES+=usr/share/man/man4/kame.4.gz # 20070201: remove libmytinfo link OLD_FILES+=usr/lib/libmytinfo.a OLD_FILES+=usr/lib/libmytinfo.so OLD_FILES+=usr/lib/libmytinfo_p.a OLD_FILES+=usr/lib/libmytinfow.a OLD_FILES+=usr/lib/libmytinfow.so OLD_FILES+=usr/lib/libmytinfow_p.a OLD_FILES+=usr/lib32/libmytinfo.a OLD_FILES+=usr/lib32/libmytinfo.so OLD_FILES+=usr/lib32/libmytinfo_p.a OLD_FILES+=usr/lib32/libmytinfow.a OLD_FILES+=usr/lib32/libmytinfow.so OLD_FILES+=usr/lib32/libmytinfow_p.a # 20070128: remove vnconfig OLD_FILES+=usr/sbin/vnconfig # 20070127: remove bpf_compat.h OLD_FILES+=usr/include/net/bpf_compat.h # 20070125: objformat bites the dust OLD_FILES+=usr/bin/objformat OLD_FILES+=usr/share/man/man1/objformat.1.gz OLD_FILES+=usr/include/objformat.h OLD_FILES+=usr/share/man/man3/getobjformat.3.gz # 20061201: remove symlink to *.so.4 libalias modules OLD_FILES+=usr/lib/libalias_cuseeme.so OLD_FILES+=usr/lib/libalias_dummy.so OLD_FILES+=usr/lib/libalias_ftp.so OLD_FILES+=usr/lib/libalias_irc.so OLD_FILES+=usr/lib/libalias_nbt.so OLD_FILES+=usr/lib/libalias_pptp.so OLD_FILES+=usr/lib/libalias_skinny.so OLD_FILES+=usr/lib/libalias_smedia.so # 20061201: remove old *.so.4 libalias modules OLD_FILES+=lib/libalias_cuseeme.so.4 OLD_FILES+=lib/libalias_dummy.so.4 OLD_FILES+=lib/libalias_ftp.so.4 OLD_FILES+=lib/libalias_irc.so.4 OLD_FILES+=lib/libalias_nbt.so.4 OLD_FILES+=lib/libalias_pptp.so.4 OLD_FILES+=lib/libalias_skinny.so.4 OLD_FILES+=lib/libalias_smedia.so.4 # 20061126: remove old man page OLD_FILES+=usr/share/man/man3/archive_read_set_bytes_per_block.3.gz # 20061125: remove old man page OLD_FILES+=usr/share/man/man9/devsw.9.gz # 20061122: remove obsolete mount programs OLD_FILES+=sbin/mount_devfs OLD_FILES+=sbin/mount_ext2fs OLD_FILES+=sbin/mount_fdescfs OLD_FILES+=sbin/mount_linprocfs OLD_FILES+=sbin/mount_procfs OLD_FILES+=sbin/mount_std OLD_FILES+=rescue/mount_devfs OLD_FILES+=rescue/mount_ext2fs OLD_FILES+=rescue/mount_fdescfs OLD_FILES+=rescue/mount_linprocfs OLD_FILES+=rescue/mount_procfs OLD_FILES+=rescue/mount_std OLD_FILES+=usr/share/man/man8/mount_devfs.8.gz OLD_FILES+=usr/share/man/man8/mount_ext2fs.8.gz OLD_FILES+=usr/share/man/man8/mount_fdescfs.8.gz OLD_FILES+=usr/share/man/man8/mount_linprocfs.8.gz OLD_FILES+=usr/share/man/man8/mount_procfs.8.gz OLD_FILES+=usr/share/man/man8/mount_std.8.gz # 20061116: uhidev.4 removed OLD_FILES+=usr/share/man/man4/uhidev.4.gz # 20061106: archive_write_prepare.3 removed OLD_FILES+=usr/share/man/man3/archive_write_prepare.3.gz # 20061018: pccardc removed OLD_FILES+=usr/sbin/pccardc usr/share/man/man8/pccardc.8.gz # 20060930: demangle.h from contrib/libstdc++/include/ext/ OLD_FILES+=usr/include/c++/3.4/ext/demangle.h # 20060929: mrouted removed OLD_FILES+=usr/sbin/map-mbone OLD_FILES+=usr/sbin/mrinfo OLD_FILES+=usr/sbin/mrouted OLD_FILES+=usr/sbin/mtrace OLD_FILES+=usr/share/man/man8/map-mbone.8.gz OLD_FILES+=usr/share/man/man8/mrinfo.8.gz OLD_FILES+=usr/share/man/man8/mrouted.8.gz OLD_FILES+=usr/share/man/man8/mtrace.8.gz # 20060924: tcpslice removed OLD_FILES+=usr/sbin/tcpslice OLD_FILES+=usr/share/man/man1/tcpslice.1.gz # 20060829: kvmdb cleanup script removed OLD_FILES+=etc/periodic/weekly/120.clean-kvmdb # 20060822: ramdisk{,-own} have been replaced by mdconfig{,2} OLD_FILES+=etc/rc.d/ramdisk OLD_FILES+=etc/rc.d/ramdisk-own # 20060729: OpenSSL 0.9.7e -> 0.9.8b upgrade OLD_FILES+=usr/include/openssl/eng_int.h OLD_FILES+=usr/include/openssl/hw_4758_cca_err.h OLD_FILES+=usr/include/openssl/hw_aep_err.h OLD_FILES+=usr/include/openssl/hw_atalla_err.h OLD_FILES+=usr/include/openssl/hw_cswift_err.h OLD_FILES+=usr/include/openssl/hw_ncipher_err.h OLD_FILES+=usr/include/openssl/hw_nuron_err.h OLD_FILES+=usr/include/openssl/hw_sureware_err.h OLD_FILES+=usr/include/openssl/hw_ubsec_err.h # 20060713: mount_linsysfs(8) never existed in 7.x OLD_FILES+=sbin/mount_linsysfs OLD_FILES+=usr/share/man/man8/mount_linsysfs.8.gz # 20060704: KAME compat file net_osdep.h removed OLD_FILES+=usr/include/net/net_osdep.h # 20060605: man page links removed by OpenBSM 1.0 alpha 6 import OLD_FILES+=usr/share/man/man3/au_to_socket.3.gz OLD_FILES+=usr/share/man/man3/au_to_socket_ex_128.3.gz OLD_FILES+=usr/share/man/man3/au_to_socket_ex_32.3.gz # 20060517: pcvt removed OLD_FILES+=usr/share/pcvt/README.FIRST OLD_FILES+=usr/share/pcvt/Etc/xmodmap-german OLD_FILES+=usr/share/pcvt/Etc/pcvt.sh OLD_FILES+=usr/share/pcvt/Etc/pcvt.el OLD_FILES+=usr/share/pcvt/Etc/Terminfo OLD_FILES+=usr/share/pcvt/Etc/Termcap OLD_DIRS+=usr/share/pcvt/Etc OLD_FILES+=usr/share/pcvt/Doc/NotesAndHints OLD_FILES+=usr/share/pcvt/Doc/Keyboard.VT OLD_FILES+=usr/share/pcvt/Doc/Keyboard.HP OLD_FILES+=usr/share/pcvt/Doc/EscapeSequences OLD_FILES+=usr/share/pcvt/Doc/Charsets OLD_FILES+=usr/share/pcvt/Doc/CharGen OLD_FILES+=usr/share/pcvt/Doc/Bibliography OLD_FILES+=usr/share/pcvt/Doc/Acknowledgements OLD_DIRS+=usr/share/pcvt/Doc OLD_DIRS+=usr/share/pcvt OLD_FILES+=usr/share/misc/pcvtfonts/vt220l.816 OLD_FILES+=usr/share/misc/pcvtfonts/vt220l.814 OLD_FILES+=usr/share/misc/pcvtfonts/vt220l.810 OLD_FILES+=usr/share/misc/pcvtfonts/vt220l.808 OLD_FILES+=usr/share/misc/pcvtfonts/vt220h.816 OLD_FILES+=usr/share/misc/pcvtfonts/vt220h.814 OLD_FILES+=usr/share/misc/pcvtfonts/vt220h.810 OLD_FILES+=usr/share/misc/pcvtfonts/vt220h.808 OLD_DIRS+=usr/share/misc/pcvtfonts OLD_FILES+=usr/share/misc/keycap.pcvt OLD_FILES+=usr/share/man/man8/ispcvt.8.gz OLD_FILES+=usr/share/man/man5/keycap.5.gz OLD_FILES+=usr/share/man/man4/pcvt.4.gz OLD_FILES+=usr/share/man/man3/kgetstr.3.gz OLD_FILES+=usr/share/man/man3/kgetnum.3.gz OLD_FILES+=usr/share/man/man3/kgetflag.3.gz OLD_FILES+=usr/share/man/man3/kgetent.3.gz OLD_FILES+=usr/share/man/man3/keycap.3.gz OLD_FILES+=usr/share/man/man1/vt220keys.1.gz OLD_FILES+=usr/share/man/man1/scon.1.gz OLD_FILES+=usr/share/man/man1/loadfont.1.gz OLD_FILES+=usr/share/man/man1/kcon.1.gz OLD_FILES+=usr/share/man/man1/fontedit.1.gz OLD_FILES+=usr/share/man/man1/cursor.1.gz OLD_FILES+=usr/sbin/vt220keys OLD_FILES+=usr/sbin/scon OLD_FILES+=usr/sbin/loadfont OLD_FILES+=usr/sbin/kcon OLD_FILES+=usr/sbin/ispcvt OLD_FILES+=usr/sbin/fontedit OLD_FILES+=usr/sbin/cursor OLD_FILES+=usr/lib/libkeycap_p.a OLD_FILES+=usr/lib/libkeycap.a OLD_FILES+=usr/include/machine/pcvt_ioctl.h # 20060514: lnc(4) replaced by le(4) OLD_FILES+=usr/share/man/man4/i386/lnc.4.gz # 20060512: remove ip6fw OLD_FILES+=etc/periodic/security/600.ip6fwdenied OLD_FILES+=etc/periodic/security/650.ip6fwlimit OLD_FILES+=sbin/ip6fw OLD_FILES+=usr/include/netinet6/ip6_fw.h OLD_FILES+=usr/share/man/man8/ip6fw.8.gz # 20060424: sab(4) removed OLD_FILES+=usr/share/man/man4/sab.4.gz # 20060328: remove redundant rc.d script OLD_FILES+=etc/rc.d/ike # 20060127: revert libdisk to static-only OLD_FILES+=usr/lib/libdisk.so # 20060115: sys/pccard includes cleanup OLD_FILES+=usr/include/pccard/driver.h OLD_FILES+=usr/include/pccard/i82365.h OLD_FILES+=usr/include/pccard/meciareg.h OLD_FILES+=usr/include/pccard/pccard_nbk.h OLD_FILES+=usr/include/pccard/pcic_pci.h OLD_FILES+=usr/include/pccard/pcicvar.h OLD_FILES+=usr/include/pccard/slot.h # 20051215: rescue/nextboot.sh renamed to rescue/nextboot OLD_FILES+=rescue/nextboot.sh # 20051214: usbd(8) removed OLD_FILES+=etc/rc.d/usbd OLD_FILES+=etc/usbd.conf OLD_FILES+=usr/sbin/usbd OLD_FILES+=usr/share/man/man8/usbd.8.gz # 20051029: rc.d/ppp-user renamed to rc.d/ppp for convenience OLD_FILES+=etc/rc.d/ppp-user # 20051012: setkey(8) moved to /sbin/ OLD_FILES+=usr/sbin/setkey # 20050930: pccardd(8) removed OLD_FILES+=usr/sbin/pccardd OLD_FILES+=usr/share/man/man5/pccard.conf.5.gz OLD_FILES+=usr/share/man/man8/pccardd.8.gz # 20050927: bridge(4) replaced by if_bridge(4) OLD_FILES+=usr/include/net/bridge.h # 20050831: not implemented OLD_FILES+=usr/share/man/man3/getino.3.gz OLD_FILES+=usr/share/man/man3/putino.3.gz # 20050825: T/TCP retired several months ago OLD_FILES+=usr/share/man/man4/ttcp.4.gz # 20050805 tn3270 retired long ago OLD_FILES+=usr/share/misc/map3270 # 20050801: too old to be interesting here OLD_FILES+=usr/share/doc/papers/px.ps.gz # 20050721: moved to ports OLD_FILES+=usr/sbin/vttest OLD_FILES+=usr/share/man/man1/vttest.1.gz # 20050617: wpa man pages moved to section 8 OLD_FILES+=usr/share/man/man1/hostapd.1.gz OLD_FILES+=usr/share/man/man1/hostapd_cli.1.gz OLD_FILES+=usr/share/man/man1/wpa_cli.1.gz OLD_FILES+=usr/share/man/man1/wpa_supplicant.1.gz # 20050610: rexecd (insecure by design) OLD_FILES+=etc/pam.d/rexecd OLD_FILES+=usr/share/man/man8/rexecd.8.gz OLD_FILES+=usr/libexec/rexecd # 20050606: OpenBSD dhclient replaces ISC one OLD_FILES+=bin/omshell OLD_FILES+=sbin/omshell OLD_FILES+=usr/share/man/man1/omshell.1.gz OLD_FILES+=usr/share/man/man5/dhcp-eval.5.gz # 200504XX: ipf tools moved from /usr to / OLD_FILES+=rescue/ipfs OLD_FILES+=rescue/ipfstat OLD_FILES+=rescue/ipmon OLD_FILES+=rescue/ipnat OLD_FILES+=usr/sbin/ipftest OLD_FILES+=usr/sbin/ipresend OLD_FILES+=usr/sbin/ipsend OLD_FILES+=usr/sbin/iptest OLD_FILES+=usr/share/man/man1/ipnat.1.gz OLD_FILES+=usr/share/man/man1/ipsend.1.gz OLD_FILES+=usr/share/man/man1/iptest.1.gz OLD_FILES+=usr/share/man/man5/ipsend.5.gz # 200503XX: bsdtar takes over gtar OLD_FILES+=usr/bin/gtar OLD_FILES+=usr/share/man/man1/gtar.1.gz # 200503XX OLD_FILES+=usr/share/man/man3/exp10.3.gz OLD_FILES+=usr/share/man/man3/exp10f.3.gz OLD_FILES+=usr/share/man/man3/fpsetsticky.3.gz # 20050324: updated release infrastructure OLD_FILES+=usr/share/man/man5/drivers.conf.5.gz # 20050317: removed from BIND 9 distribution OLD_FILES+=usr/share/doc/bind9/KNOWN_DEFECTS # 2005XXXX: OLD_FILES+=sbin/mount_autofs OLD_FILES+=usr/lib/libautofs.a OLD_FILES+=usr/lib/libautofs.so OLD_FILES+=usr/share/man/man8/mount_autofs.8.gz # 20050203: Merged with fortunes OLD_FILES+=usr/share/games/fortune/fortunes2 OLD_FILES+=usr/share/games/fortune/fortunes2.dat # 200501XX: OLD_FILES+=usr/libexec/getNAME # 200411XX: gvinum replaces vinum OLD_FILES+=bin/vinum OLD_FILES+=rescue/vinum OLD_FILES+=sbin/vinum OLD_FILES+=usr/share/man/man8/vinum.8.gz # 200411XX: libxpg4 removal OLD_FILES+=usr/lib/libxpg4.a OLD_FILES+=usr/lib/libxpg4.so OLD_FILES+=usr/lib/libxpg4_p.a # 20041109: replaced by em(4) OLD_FILES+=usr/share/man/man4/gx.4.gz OLD_FILES+=usr/share/man/man4/if_gx.4.gz # 20041017: rune interface removed OLD_FILES+=usr/include/rune.h OLD_FILES+=usr/share/man/man3/fgetrune.3.gz OLD_FILES+=usr/share/man/man3/fputrune.3.gz OLD_FILES+=usr/share/man/man3/fungetrune.3.gz OLD_FILES+=usr/share/man/man3/mbrrune.3.gz OLD_FILES+=usr/share/man/man3/mbrune.3.gz OLD_FILES+=usr/share/man/man3/rune.3.gz OLD_FILES+=usr/share/man/man3/setinvalidrune.3.gz OLD_FILES+=usr/share/man/man3/sgetrune.3.gz OLD_FILES+=usr/share/man/man3/sputrune.3.gz # 20040925: bind9 import OLD_FILES+=usr/bin/dnskeygen OLD_FILES+=usr/bin/dnsquery OLD_FILES+=usr/lib/libisc.a OLD_FILES+=usr/lib/libisc.so OLD_FILES+=usr/lib/libisc_p.a OLD_FILES+=usr/libexec/named-xfer OLD_FILES+=usr/sbin/named.restart OLD_FILES+=usr/sbin/ndc OLD_FILES+=usr/sbin/nslookup OLD_FILES+=usr/sbin/nsupdate OLD_FILES+=usr/share/doc/bind/html/acl.html OLD_FILES+=usr/share/doc/bind/html/address_list.html OLD_FILES+=usr/share/doc/bind/html/comments.html OLD_FILES+=usr/share/doc/bind/html/config.html OLD_FILES+=usr/share/doc/bind/html/controls.html OLD_FILES+=usr/share/doc/bind/html/docdef.html OLD_FILES+=usr/share/doc/bind/html/example.html OLD_FILES+=usr/share/doc/bind/html/include.html OLD_FILES+=usr/share/doc/bind/html/index.html OLD_FILES+=usr/share/doc/bind/html/key.html OLD_FILES+=usr/share/doc/bind/html/logging.html OLD_FILES+=usr/share/doc/bind/html/master.html OLD_FILES+=usr/share/doc/bind/html/options.html OLD_FILES+=usr/share/doc/bind/html/server.html OLD_FILES+=usr/share/doc/bind/html/trusted-keys.html OLD_FILES+=usr/share/doc/bind/html/zone.html OLD_FILES+=usr/share/doc/bind/misc/DynamicUpdate OLD_FILES+=usr/share/doc/bind/misc/FAQ.1of2 OLD_FILES+=usr/share/doc/bind/misc/FAQ.2of2 OLD_FILES+=usr/share/doc/bind/misc/rfc2317-notes.txt OLD_FILES+=usr/share/doc/bind/misc/style.txt OLD_FILES+=usr/share/man/man1/dnskeygen.1.gz OLD_FILES+=usr/share/man/man1/dnsquery.1.gz OLD_FILES+=usr/share/man/man8/named-bootconf.8.gz OLD_FILES+=usr/share/man/man8/named-xfer.8.gz OLD_FILES+=usr/share/man/man8/named.restart.8.gz OLD_FILES+=usr/share/man/man8/ndc.8.gz OLD_FILES+=usr/share/man/man8/nslookup.8.gz # 200409XX OLD_FILES+=usr/share/man/man3/ENSURE.3.gz OLD_FILES+=usr/share/man/man3/ENSURE_ERR.3.gz OLD_FILES+=usr/share/man/man3/INSIST.3.gz OLD_FILES+=usr/share/man/man3/INSIST_ERR.3.gz OLD_FILES+=usr/share/man/man3/INVARIANT.3.gz OLD_FILES+=usr/share/man/man3/INVARIANT_ERR.3.gz OLD_FILES+=usr/share/man/man3/REQUIRE.3.gz OLD_FILES+=usr/share/man/man3/REQUIRE_ERR.3.gz OLD_FILES+=usr/share/man/man3/assertion_type_to_text.3.gz OLD_FILES+=usr/share/man/man3/assertions.3.gz OLD_FILES+=usr/share/man/man3/bitncmp.3.gz OLD_FILES+=usr/share/man/man3/evAddTime.3.gz OLD_FILES+=usr/share/man/man3/evCancelConn.3.gz OLD_FILES+=usr/share/man/man3/evCancelRW.3.gz OLD_FILES+=usr/share/man/man3/evClearIdleTimer.3.gz OLD_FILES+=usr/share/man/man3/evClearTimer.3.gz OLD_FILES+=usr/share/man/man3/evCmpTime.3.gz OLD_FILES+=usr/share/man/man3/evConnFunc.3.gz OLD_FILES+=usr/share/man/man3/evConnect.3.gz OLD_FILES+=usr/share/man/man3/evConsIovec.3.gz OLD_FILES+=usr/share/man/man3/evConsTime.3.gz OLD_FILES+=usr/share/man/man3/evCreate.3.gz OLD_FILES+=usr/share/man/man3/evDefer.3.gz OLD_FILES+=usr/share/man/man3/evDeselectFD.3.gz OLD_FILES+=usr/share/man/man3/evDestroy.3.gz OLD_FILES+=usr/share/man/man3/evDispatch.3.gz OLD_FILES+=usr/share/man/man3/evDo.3.gz OLD_FILES+=usr/share/man/man3/evDrop.3.gz OLD_FILES+=usr/share/man/man3/evFileFunc.3.gz OLD_FILES+=usr/share/man/man3/evGetNext.3.gz OLD_FILES+=usr/share/man/man3/evHold.3.gz OLD_FILES+=usr/share/man/man3/evInitID.3.gz OLD_FILES+=usr/share/man/man3/evLastEventTime.3.gz OLD_FILES+=usr/share/man/man3/evListen.3.gz OLD_FILES+=usr/share/man/man3/evMainLoop.3.gz OLD_FILES+=usr/share/man/man3/evNowTime.3.gz OLD_FILES+=usr/share/man/man3/evPrintf.3.gz OLD_FILES+=usr/share/man/man3/evRead.3.gz OLD_FILES+=usr/share/man/man3/evResetTimer.3.gz OLD_FILES+=usr/share/man/man3/evSelectFD.3.gz OLD_FILES+=usr/share/man/man3/evSetDebug.3.gz OLD_FILES+=usr/share/man/man3/evSetIdleTimer.3.gz OLD_FILES+=usr/share/man/man3/evSetTimer.3.gz OLD_FILES+=usr/share/man/man3/evStreamFunc.3.gz OLD_FILES+=usr/share/man/man3/evSubTime.3.gz OLD_FILES+=usr/share/man/man3/evTestID.3.gz OLD_FILES+=usr/share/man/man3/evTimeRW.3.gz OLD_FILES+=usr/share/man/man3/evTimeSpec.3.gz OLD_FILES+=usr/share/man/man3/evTimeVal.3.gz OLD_FILES+=usr/share/man/man3/evTimerFunc.3.gz OLD_FILES+=usr/share/man/man3/evTouchIdleTimer.3.gz OLD_FILES+=usr/share/man/man3/evTryAccept.3.gz OLD_FILES+=usr/share/man/man3/evUnhold.3.gz OLD_FILES+=usr/share/man/man3/evUntimeRW.3.gz OLD_FILES+=usr/share/man/man3/evUnwait.3.gz OLD_FILES+=usr/share/man/man3/evWaitFor.3.gz OLD_FILES+=usr/share/man/man3/evWaitFunc.3.gz OLD_FILES+=usr/share/man/man3/evWrite.3.gz OLD_FILES+=usr/share/man/man3/eventlib.3.gz OLD_FILES+=usr/share/man/man3/heap.3.gz OLD_FILES+=usr/share/man/man3/heap_decreased.3.gz OLD_FILES+=usr/share/man/man3/heap_delete.3.gz OLD_FILES+=usr/share/man/man3/heap_element.3.gz OLD_FILES+=usr/share/man/man3/heap_for_each.3.gz OLD_FILES+=usr/share/man/man3/heap_free.3.gz OLD_FILES+=usr/share/man/man3/heap_increased.3.gz OLD_FILES+=usr/share/man/man3/heap_insert.3.gz OLD_FILES+=usr/share/man/man3/heap_new.3.gz OLD_FILES+=usr/share/man/man3/log_add_channel.3.gz OLD_FILES+=usr/share/man/man3/log_category_is_active.3.gz OLD_FILES+=usr/share/man/man3/log_close_stream.3.gz OLD_FILES+=usr/share/man/man3/log_dec_references.3.gz OLD_FILES+=usr/share/man/man3/log_free_channel.3.gz OLD_FILES+=usr/share/man/man3/log_free_context.3.gz OLD_FILES+=usr/share/man/man3/log_get_filename.3.gz OLD_FILES+=usr/share/man/man3/log_get_stream.3.gz OLD_FILES+=usr/share/man/man3/log_inc_references.3.gz OLD_FILES+=usr/share/man/man3/log_new_context.3.gz OLD_FILES+=usr/share/man/man3/log_new_file_channel.3.gz OLD_FILES+=usr/share/man/man3/log_new_null_channel.3.gz OLD_FILES+=usr/share/man/man3/log_new_syslog_channel.3.gz OLD_FILES+=usr/share/man/man3/log_open_stream.3.gz OLD_FILES+=usr/share/man/man3/log_option.3.gz OLD_FILES+=usr/share/man/man3/log_remove_channel.3.gz OLD_FILES+=usr/share/man/man3/log_set_file_owner.3.gz OLD_FILES+=usr/share/man/man3/log_vwrite.3.gz OLD_FILES+=usr/share/man/man3/log_write.3.gz OLD_FILES+=usr/share/man/man3/logging.3.gz OLD_FILES+=usr/share/man/man3/memcluster.3.gz OLD_FILES+=usr/share/man/man3/memget.3.gz OLD_FILES+=usr/share/man/man3/memput.3.gz OLD_FILES+=usr/share/man/man3/memstats.3.gz OLD_FILES+=usr/share/man/man3/set_assertion_failure_callback.3. OLD_FILES+=usr/share/man/man3/sigwait.3.gz OLD_FILES+=usr/share/man/man3/tree_add.3.gz OLD_FILES+=usr/share/man/man3/tree_delete.3.gz OLD_FILES+=usr/share/man/man3/tree_init.3.gz OLD_FILES+=usr/share/man/man3/tree_mung.3.gz OLD_FILES+=usr/share/man/man3/tree_srch.3.gz OLD_FILES+=usr/share/man/man3/tree_trav.3.gz # 2004XXYY: OS internal libs, no ports use them, no need to use OLD_LIBS OLD_FILES+=lib/geom/geom_concat.so.1 OLD_FILES+=lib/geom/geom_label.so.1 OLD_FILES+=lib/geom/geom_nop.so.1 OLD_FILES+=lib/geom/geom_stripe.so.1 # 20040728: GCC 3.4.2 OLD_DIRS+=usr/include/c++/3.3 OLD_FILES+=usr/include/c++/3.3/FlexLexer.h OLD_FILES+=usr/include/c++/3.3/algorithm OLD_FILES+=usr/include/c++/3.3/backward/algo.h OLD_FILES+=usr/include/c++/3.3/backward/algobase.h OLD_FILES+=usr/include/c++/3.3/backward/alloc.h OLD_FILES+=usr/include/c++/3.3/backward/backward_warning.h OLD_FILES+=usr/include/c++/3.3/backward/bvector.h OLD_FILES+=usr/include/c++/3.3/backward/complex.h OLD_FILES+=usr/include/c++/3.3/backward/defalloc.h OLD_FILES+=usr/include/c++/3.3/backward/deque.h OLD_FILES+=usr/include/c++/3.3/backward/fstream.h OLD_FILES+=usr/include/c++/3.3/backward/function.h OLD_FILES+=usr/include/c++/3.3/backward/hash_map.h OLD_FILES+=usr/include/c++/3.3/backward/hash_set.h OLD_FILES+=usr/include/c++/3.3/backward/hashtable.h OLD_FILES+=usr/include/c++/3.3/backward/heap.h OLD_FILES+=usr/include/c++/3.3/backward/iomanip.h OLD_FILES+=usr/include/c++/3.3/backward/iostream.h OLD_FILES+=usr/include/c++/3.3/backward/istream.h OLD_FILES+=usr/include/c++/3.3/backward/iterator.h OLD_FILES+=usr/include/c++/3.3/backward/list.h OLD_FILES+=usr/include/c++/3.3/backward/map.h OLD_FILES+=usr/include/c++/3.3/backward/multimap.h OLD_FILES+=usr/include/c++/3.3/backward/multiset.h OLD_FILES+=usr/include/c++/3.3/backward/new.h OLD_FILES+=usr/include/c++/3.3/backward/ostream.h OLD_FILES+=usr/include/c++/3.3/backward/pair.h OLD_FILES+=usr/include/c++/3.3/backward/queue.h OLD_FILES+=usr/include/c++/3.3/backward/rope.h OLD_FILES+=usr/include/c++/3.3/backward/set.h OLD_FILES+=usr/include/c++/3.3/backward/slist.h OLD_FILES+=usr/include/c++/3.3/backward/stack.h OLD_FILES+=usr/include/c++/3.3/backward/stream.h OLD_FILES+=usr/include/c++/3.3/backward/streambuf.h OLD_FILES+=usr/include/c++/3.3/backward/strstream OLD_FILES+=usr/include/c++/3.3/backward/strstream.h OLD_FILES+=usr/include/c++/3.3/backward/tempbuf.h OLD_FILES+=usr/include/c++/3.3/backward/tree.h OLD_FILES+=usr/include/c++/3.3/backward/vector.h OLD_DIRS+=usr/include/c++/3.3/backward OLD_FILES+=usr/include/c++/3.3/bits/atomicity.h OLD_FILES+=usr/include/c++/3.3/bits/basic_file.h OLD_FILES+=usr/include/c++/3.3/bits/basic_ios.h OLD_FILES+=usr/include/c++/3.3/bits/basic_ios.tcc OLD_FILES+=usr/include/c++/3.3/bits/basic_string.h OLD_FILES+=usr/include/c++/3.3/bits/basic_string.tcc OLD_FILES+=usr/include/c++/3.3/bits/boost_concept_check.h OLD_FILES+=usr/include/c++/3.3/bits/c++config.h OLD_FILES+=usr/include/c++/3.3/bits/c++io.h OLD_FILES+=usr/include/c++/3.3/bits/c++locale.h OLD_FILES+=usr/include/c++/3.3/bits/c++locale_internal.h OLD_FILES+=usr/include/c++/3.3/bits/char_traits.h OLD_FILES+=usr/include/c++/3.3/bits/cmath.tcc OLD_FILES+=usr/include/c++/3.3/bits/codecvt.h OLD_FILES+=usr/include/c++/3.3/bits/codecvt_specializations.h OLD_FILES+=usr/include/c++/3.3/bits/concept_check.h OLD_FILES+=usr/include/c++/3.3/bits/cpp_type_traits.h OLD_FILES+=usr/include/c++/3.3/bits/ctype_base.h OLD_FILES+=usr/include/c++/3.3/bits/ctype_inline.h OLD_FILES+=usr/include/c++/3.3/bits/ctype_noninline.h OLD_FILES+=usr/include/c++/3.3/bits/deque.tcc OLD_FILES+=usr/include/c++/3.3/bits/fpos.h OLD_FILES+=usr/include/c++/3.3/bits/fstream.tcc OLD_FILES+=usr/include/c++/3.3/bits/functexcept.h OLD_FILES+=usr/include/c++/3.3/bits/generic_shadow.h OLD_FILES+=usr/include/c++/3.3/bits/gslice.h OLD_FILES+=usr/include/c++/3.3/bits/gslice_array.h OLD_FILES+=usr/include/c++/3.3/bits/gthr-default.h OLD_FILES+=usr/include/c++/3.3/bits/gthr-posix.h OLD_FILES+=usr/include/c++/3.3/bits/gthr-single.h OLD_FILES+=usr/include/c++/3.3/bits/gthr.h OLD_FILES+=usr/include/c++/3.3/bits/indirect_array.h OLD_FILES+=usr/include/c++/3.3/bits/ios_base.h OLD_FILES+=usr/include/c++/3.3/bits/istream.tcc OLD_FILES+=usr/include/c++/3.3/bits/list.tcc OLD_FILES+=usr/include/c++/3.3/bits/locale_classes.h OLD_FILES+=usr/include/c++/3.3/bits/locale_facets.h OLD_FILES+=usr/include/c++/3.3/bits/locale_facets.tcc OLD_FILES+=usr/include/c++/3.3/bits/localefwd.h OLD_FILES+=usr/include/c++/3.3/bits/mask_array.h OLD_FILES+=usr/include/c++/3.3/bits/messages_members.h OLD_FILES+=usr/include/c++/3.3/bits/os_defines.h OLD_FILES+=usr/include/c++/3.3/bits/ostream.tcc OLD_FILES+=usr/include/c++/3.3/bits/pthread_allocimpl.h OLD_FILES+=usr/include/c++/3.3/bits/slice.h OLD_FILES+=usr/include/c++/3.3/bits/slice_array.h OLD_FILES+=usr/include/c++/3.3/bits/sstream.tcc OLD_FILES+=usr/include/c++/3.3/bits/stl_algo.h OLD_FILES+=usr/include/c++/3.3/bits/stl_algobase.h OLD_FILES+=usr/include/c++/3.3/bits/stl_alloc.h OLD_FILES+=usr/include/c++/3.3/bits/stl_bvector.h OLD_FILES+=usr/include/c++/3.3/bits/stl_construct.h OLD_FILES+=usr/include/c++/3.3/bits/stl_deque.h OLD_FILES+=usr/include/c++/3.3/bits/stl_function.h OLD_FILES+=usr/include/c++/3.3/bits/stl_heap.h OLD_FILES+=usr/include/c++/3.3/bits/stl_iterator.h OLD_FILES+=usr/include/c++/3.3/bits/stl_iterator_base_funcs.h OLD_FILES+=usr/include/c++/3.3/bits/stl_iterator_base_types.h OLD_FILES+=usr/include/c++/3.3/bits/stl_list.h OLD_FILES+=usr/include/c++/3.3/bits/stl_map.h OLD_FILES+=usr/include/c++/3.3/bits/stl_multimap.h OLD_FILES+=usr/include/c++/3.3/bits/stl_multiset.h OLD_FILES+=usr/include/c++/3.3/bits/stl_numeric.h OLD_FILES+=usr/include/c++/3.3/bits/stl_pair.h OLD_FILES+=usr/include/c++/3.3/bits/stl_pthread_alloc.h OLD_FILES+=usr/include/c++/3.3/bits/stl_queue.h OLD_FILES+=usr/include/c++/3.3/bits/stl_raw_storage_iter.h OLD_FILES+=usr/include/c++/3.3/bits/stl_relops.h OLD_FILES+=usr/include/c++/3.3/bits/stl_set.h OLD_FILES+=usr/include/c++/3.3/bits/stl_stack.h OLD_FILES+=usr/include/c++/3.3/bits/stl_tempbuf.h OLD_FILES+=usr/include/c++/3.3/bits/stl_threads.h OLD_FILES+=usr/include/c++/3.3/bits/stl_tree.h OLD_FILES+=usr/include/c++/3.3/bits/stl_uninitialized.h OLD_FILES+=usr/include/c++/3.3/bits/stl_vector.h OLD_FILES+=usr/include/c++/3.3/bits/stream_iterator.h OLD_FILES+=usr/include/c++/3.3/bits/streambuf.tcc OLD_FILES+=usr/include/c++/3.3/bits/streambuf_iterator.h OLD_FILES+=usr/include/c++/3.3/bits/stringfwd.h OLD_FILES+=usr/include/c++/3.3/bits/time_members.h OLD_FILES+=usr/include/c++/3.3/bits/type_traits.h OLD_FILES+=usr/include/c++/3.3/bits/valarray_array.h OLD_FILES+=usr/include/c++/3.3/bits/valarray_array.tcc OLD_FILES+=usr/include/c++/3.3/bits/valarray_meta.h OLD_FILES+=usr/include/c++/3.3/bits/vector.tcc OLD_DIRS+=usr/include/c++/3.3/bits OLD_FILES+=usr/include/c++/3.3/bitset OLD_FILES+=usr/include/c++/3.3/cassert OLD_FILES+=usr/include/c++/3.3/cctype OLD_FILES+=usr/include/c++/3.3/cerrno OLD_FILES+=usr/include/c++/3.3/cfloat OLD_FILES+=usr/include/c++/3.3/ciso646 OLD_FILES+=usr/include/c++/3.3/climits OLD_FILES+=usr/include/c++/3.3/clocale OLD_FILES+=usr/include/c++/3.3/cmath OLD_FILES+=usr/include/c++/3.3/complex OLD_FILES+=usr/include/c++/3.3/csetjmp OLD_FILES+=usr/include/c++/3.3/csignal OLD_FILES+=usr/include/c++/3.3/cstdarg OLD_FILES+=usr/include/c++/3.3/cstddef OLD_FILES+=usr/include/c++/3.3/cstdio OLD_FILES+=usr/include/c++/3.3/cstdlib OLD_FILES+=usr/include/c++/3.3/cstring OLD_FILES+=usr/include/c++/3.3/ctime OLD_FILES+=usr/include/c++/3.3/cwchar OLD_FILES+=usr/include/c++/3.3/cwctype OLD_FILES+=usr/include/c++/3.3/cxxabi.h OLD_FILES+=usr/include/c++/3.3/deque OLD_FILES+=usr/include/c++/3.3/exception OLD_FILES+=usr/include/c++/3.3/exception_defines.h OLD_FILES+=usr/include/c++/3.3/ext/algorithm OLD_FILES+=usr/include/c++/3.3/ext/enc_filebuf.h OLD_FILES+=usr/include/c++/3.3/ext/functional OLD_FILES+=usr/include/c++/3.3/ext/hash_map OLD_FILES+=usr/include/c++/3.3/ext/hash_set OLD_FILES+=usr/include/c++/3.3/ext/iterator OLD_FILES+=usr/include/c++/3.3/ext/memory OLD_FILES+=usr/include/c++/3.3/ext/numeric OLD_FILES+=usr/include/c++/3.3/ext/rb_tree OLD_FILES+=usr/include/c++/3.3/ext/rope OLD_FILES+=usr/include/c++/3.3/ext/ropeimpl.h OLD_FILES+=usr/include/c++/3.3/ext/slist OLD_FILES+=usr/include/c++/3.3/ext/stdio_filebuf.h OLD_FILES+=usr/include/c++/3.3/ext/stl_hash_fun.h OLD_FILES+=usr/include/c++/3.3/ext/stl_hashtable.h OLD_FILES+=usr/include/c++/3.3/ext/stl_rope.h OLD_DIRS+=usr/include/c++/3.3/ext OLD_FILES+=usr/include/c++/3.3/fstream OLD_FILES+=usr/include/c++/3.3/functional OLD_FILES+=usr/include/c++/3.3/iomanip OLD_FILES+=usr/include/c++/3.3/ios OLD_FILES+=usr/include/c++/3.3/iosfwd OLD_FILES+=usr/include/c++/3.3/iostream OLD_FILES+=usr/include/c++/3.3/istream OLD_FILES+=usr/include/c++/3.3/iterator OLD_FILES+=usr/include/c++/3.3/limits OLD_FILES+=usr/include/c++/3.3/list OLD_FILES+=usr/include/c++/3.3/locale OLD_FILES+=usr/include/c++/3.3/map OLD_FILES+=usr/include/c++/3.3/memory OLD_FILES+=usr/include/c++/3.3/new OLD_FILES+=usr/include/c++/3.3/numeric OLD_FILES+=usr/include/c++/3.3/ostream OLD_FILES+=usr/include/c++/3.3/queue OLD_FILES+=usr/include/c++/3.3/set OLD_FILES+=usr/include/c++/3.3/sstream OLD_FILES+=usr/include/c++/3.3/stack OLD_FILES+=usr/include/c++/3.3/stdexcept OLD_FILES+=usr/include/c++/3.3/streambuf OLD_FILES+=usr/include/c++/3.3/string OLD_FILES+=usr/include/c++/3.3/typeinfo OLD_FILES+=usr/include/c++/3.3/utility OLD_FILES+=usr/include/c++/3.3/valarray OLD_FILES+=usr/include/c++/3.3/vector # 20040713: fla(4) removed. OLD_FILES+=usr/share/man/man4/fla.4.gz # 200407XX OLD_FILES+=usr/sbin/kernbb OLD_FILES+=usr/sbin/ntp-genkeys OLD_FILES+=usr/sbin/ntptimeset OLD_FILES+=usr/share/man/man8/kernbb.8.gz OLD_FILES+=usr/share/man/man8/ntp-genkeys.8.gz # 20040627: usbdevs.h and usbdevs_data.h removal OLD_FILES+=usr/include/dev/usb/usbdevs.h OLD_FILES+=usr/include/dev/usb/usbdevs_data.h # 200406XX OLD_FILES+=usr/bin/gasp OLD_FILES+=usr/bin/gdbreplay OLD_FILES+=usr/share/man/man1/gasp.1.gz OLD_FILES+=sbin/mountd OLD_FILES+=sbin/mount_fdesc OLD_FILES+=sbin/mount_umap OLD_FILES+=sbin/mount_union OLD_FILES+=sbin/mount_msdos OLD_FILES+=sbin/mount_null OLD_FILES+=sbin/mount_kernfs # 200405XX: arl OLD_FILES+=usr/sbin/arlconfig OLD_FILES+=usr/share/man/man8/arlconfig.8.gz # 200403XX OLD_FILES+=bin/raidctl OLD_FILES+=sbin/raidctl OLD_FILES+=usr/bin/sasc OLD_FILES+=usr/sbin/sgsc OLD_FILES+=usr/sbin/stlload OLD_FILES+=usr/sbin/stlstats OLD_FILES+=usr/share/man/man1/sasc.1.gz OLD_FILES+=usr/share/man/man1/sgsc.1.gz OLD_FILES+=usr/share/man/man4/i386/stl.4.gz OLD_FILES+=usr/share/man/man8/raidctl.8.gz # 20040229: clean_environment() was removed after 3 days OLD_FILES+=usr/share/man/man3/clean_environment.3.gz # 20040119: installed as `isdntel' in newer systems OLD_FILES+=etc/isdn/isdntel.sh # 200XYYZZ: /lib transition clitches OLD_FILES+=lib/libalias.so OLD_FILES+=lib/libatm.so OLD_FILES+=lib/libbsdxml.so OLD_FILES+=lib/libc.so OLD_FILES+=lib/libcam.so OLD_FILES+=lib/libcrypt.so OLD_FILES+=lib/libcrypto.so OLD_FILES+=lib/libdevstat.so OLD_FILES+=lib/libedit.so OLD_FILES+=lib/libgeom.so OLD_FILES+=lib/libipsec.so OLD_FILES+=lib/libipx.so OLD_FILES+=lib/libkvm.so OLD_FILES+=lib/libm.so OLD_FILES+=lib/libmd.so OLD_FILES+=lib/libncurses.so OLD_FILES+=lib/libreadline.so OLD_FILES+=lib/libsbuf.so OLD_FILES+=lib/libufs.so OLD_FILES+=lib/libz.so # 200312XX OLD_FILES+=bin/cxconfig OLD_FILES+=sbin/cxconfig OLD_FILES+=usr/share/man/man8/cxconfig.8.gz # 20031016: MULTI_DRIVER_MODULE macro removed OLD_FILES+=usr/share/man/man9/MULTI_DRIVER_MODULE.9.gz # 200309XX OLD_FILES+=usr/bin/symorder OLD_FILES+=usr/share/man/man1/symorder.1.gz # 200308XX OLD_FILES+=usr/sbin/amldb OLD_FILES+=usr/share/man/man8/amldb.8.gz # 200307XX OLD_FILES+=sbin/mount_nwfs OLD_FILES+=sbin/mount_portalfs OLD_FILES+=sbin/mount_smbfs # 200306XX OLD_FILES+=usr/sbin/dev_mkdb OLD_FILES+=usr/share/man/man8/dev_mkdb.8.gz # 200304XX OLD_FILES+=usr/lib/libcipher.a OLD_FILES+=usr/lib/libcipher.so OLD_FILES+=usr/lib/libcipher_p.a OLD_FILES+=usr/lib/libgmp.a OLD_FILES+=usr/lib/libgmp.so OLD_FILES+=usr/lib/libgmp_p.a OLD_FILES+=usr/lib/libperl.a OLD_FILES+=usr/lib/libperl.so OLD_FILES+=usr/lib/libperl_p.a OLD_FILES+=usr/lib/libposix1e.a OLD_FILES+=usr/lib/libposix1e.so OLD_FILES+=usr/lib/libposix1e_p.a OLD_FILES+=usr/lib/libskey.a OLD_FILES+=usr/lib/libskey.so OLD_FILES+=usr/lib/libskey_p.a OLD_FILES+=usr/libexec/tradcpp0 OLD_FILES+=usr/libexec/cpp0 # 200304XX: removal of xten OLD_FILES+=usr/libexec/xtend OLD_FILES+=usr/sbin/xten OLD_FILES+=usr/share/man/man1/xten.1.gz OLD_FILES+=usr/share/man/man8/xtend.8.gz # 200303XX OLD_FILES+=usr/lib/libacl.so OLD_FILES+=usr/lib/libdescrypt.so OLD_FILES+=usr/lib/libf2c.so OLD_FILES+=usr/lib/libg++.so OLD_FILES+=usr/lib/libkdb.so OLD_FILES+=usr/lib/librsaINTL.so OLD_FILES+=usr/lib/libscrypt.so OLD_FILES+=usr/lib/libss.so # 200302XX OLD_FILES+=usr/lib/libacl.a OLD_FILES+=usr/lib/libacl_p.a OLD_FILES+=usr/lib/libkadm.a OLD_FILES+=usr/lib/libkadm.so OLD_FILES+=usr/lib/libkadm_p.a OLD_FILES+=usr/lib/libkafs.a OLD_FILES+=usr/lib/libkafs.so OLD_FILES+=usr/lib/libkafs_p.a OLD_FILES+=usr/lib/libkdb.a OLD_FILES+=usr/lib/libkdb_p.a OLD_FILES+=usr/lib/libkrb.a OLD_FILES+=usr/lib/libkrb.so OLD_FILES+=usr/lib/libkrb_p.a OLD_FILES+=usr/share/man/man3/SSL_CIPHER_get_name.3.gz OLD_FILES+=usr/share/man/man3/SSL_COMP_add_compression_method.3 OLD_FILES+=usr/share/man/man3/SSL_CTX_add_extra_chain_cert.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_add_session.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_ctrl.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_flush_sessions.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_free.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_get_verify_mode.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_load_verify_locations.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_new.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_sess_number.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_sess_set_cache_size.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_sess_set_get_cb.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_sessions.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_cert_store.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_cert_verify_callback.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_cipher_list.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_client_CA_list.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_client_cert_cb.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_default_passwd_cb.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_generate_session_id.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_info_callback.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_max_cert_list.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_mode.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_msg_callback.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_options.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_quiet_shutdown.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_session_cache_mode.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_session_id_context.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_ssl_version.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_timeout.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_tmp_dh_callback.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_tmp_rsa_callback.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_set_verify.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_use_certificate.3.gz OLD_FILES+=usr/share/man/man3/SSL_SESSION_free.3.gz OLD_FILES+=usr/share/man/man3/SSL_SESSION_get_ex_new_index.3.gz OLD_FILES+=usr/share/man/man3/SSL_SESSION_get_time.3.gz OLD_FILES+=usr/share/man/man3/SSL_accept.3.gz OLD_FILES+=usr/share/man/man3/SSL_alert_type_string.3.gz OLD_FILES+=usr/share/man/man3/SSL_clear.3.gz OLD_FILES+=usr/share/man/man3/SSL_connect.3.gz OLD_FILES+=usr/share/man/man3/SSL_do_handshake.3.gz OLD_FILES+=usr/share/man/man3/SSL_free.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_SSL_CTX.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_ciphers.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_client_CA_list.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_current_cipher.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_default_timeout.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_error.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_ex_data_X509_STORE_CTX_idx.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_ex_new_index.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_fd.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_peer_cert_chain.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_peer_certificate.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_rbio.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_session.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_verify_result.3.gz OLD_FILES+=usr/share/man/man3/SSL_get_version.3.gz OLD_FILES+=usr/share/man/man3/SSL_library_init.3.gz OLD_FILES+=usr/share/man/man3/SSL_load_client_CA_file.3.gz OLD_FILES+=usr/share/man/man3/SSL_new.3.gz OLD_FILES+=usr/share/man/man3/SSL_pending.3.gz OLD_FILES+=usr/share/man/man3/SSL_read.3.gz OLD_FILES+=usr/share/man/man3/SSL_rstate_string.3.gz OLD_FILES+=usr/share/man/man3/SSL_session_reused.3.gz OLD_FILES+=usr/share/man/man3/SSL_set_bio.3.gz OLD_FILES+=usr/share/man/man3/SSL_set_connect_state.3.gz OLD_FILES+=usr/share/man/man3/SSL_set_fd.3.gz OLD_FILES+=usr/share/man/man3/SSL_set_session.3.gz OLD_FILES+=usr/share/man/man3/SSL_set_shutdown.3.gz OLD_FILES+=usr/share/man/man3/SSL_set_verify_result.3.gz OLD_FILES+=usr/share/man/man3/SSL_shutdown.3.gz OLD_FILES+=usr/share/man/man3/SSL_state_string.3.gz OLD_FILES+=usr/share/man/man3/SSL_want.3.gz OLD_FILES+=usr/share/man/man3/SSL_write.3.gz OLD_FILES+=usr/share/man/man3/d2i_SSL_SESSION.3.gz # 200301XX OLD_FILES+=usr/share/man/man3/des_3cbc_encrypt.3.gz OLD_FILES+=usr/share/man/man3/des_3ecb_encrypt.3.gz OLD_FILES+=usr/share/man/man3/des_cbc_cksum.3.gz OLD_FILES+=usr/share/man/man3/des_cbc_encrypt.3.gz OLD_FILES+=usr/share/man/man3/des_cfb_encrypt.3.gz OLD_FILES+=usr/share/man/man3/des_ecb_encrypt.3.gz OLD_FILES+=usr/share/man/man3/des_enc_read.3.gz OLD_FILES+=usr/share/man/man3/des_enc_write.3.gz OLD_FILES+=usr/share/man/man3/des_is_weak_key.3.gz OLD_FILES+=usr/share/man/man3/des_key_sched.3.gz OLD_FILES+=usr/share/man/man3/des_ofb_encrypt.3.gz OLD_FILES+=usr/share/man/man3/des_pcbc_encrypt.3.gz OLD_FILES+=usr/share/man/man3/des_quad_cksum.3.gz OLD_FILES+=usr/share/man/man3/des_random_key.3.gz OLD_FILES+=usr/share/man/man3/des_read_2password.3.gz OLD_FILES+=usr/share/man/man3/des_read_password.3.gz OLD_FILES+=usr/share/man/man3/des_read_pw_string.3.gz OLD_FILES+=usr/share/man/man3/des_set_key.3.gz OLD_FILES+=usr/share/man/man3/des_set_odd_parity.3.gz OLD_FILES+=usr/share/man/man3/des_string_to_2key.3.gz OLD_FILES+=usr/share/man/man3/des_string_to_key.3.gz # 200212XX OLD_FILES+=usr/sbin/kenv OLD_FILES+=usr/bin/kenv OLD_FILES+=usr/sbin/elf2aout # 200210XX OLD_FILES+=usr/include/libusbhid.h OLD_FILES+=usr/share/man/man3/All_FreeBSD.3.gz OLD_FILES+=usr/share/man/man3/CheckRules.3.gz OLD_FILES+=usr/share/man/man3/ChunkCanBeRoot.3.gz OLD_FILES+=usr/share/man/man3/Clone_Disk.3.gz OLD_FILES+=usr/share/man/man3/Collapse_Chunk.3.gz OLD_FILES+=usr/share/man/man3/Collapse_Disk.3.gz OLD_FILES+=usr/share/man/man3/Create_Chunk.3.gz OLD_FILES+=usr/share/man/man3/Create_Chunk_DWIM.3.gz OLD_FILES+=usr/share/man/man3/Cyl_Aligned.3.gz OLD_FILES+=usr/share/man/man3/Debug_Disk.3.gz OLD_FILES+=usr/share/man/man3/Delete_Chunk.3.gz OLD_FILES+=usr/share/man/man3/Disk_Names.3.gz OLD_FILES+=usr/share/man/man3/Free_Disk.3.gz OLD_FILES+=usr/share/man/man3/MakeDev.3.gz OLD_FILES+=usr/share/man/man3/MakeDevDisk.3.gz OLD_FILES+=usr/share/man/man3/Next_Cyl_Aligned.3.gz OLD_FILES+=usr/share/man/man3/Next_Track_Aligned.3.gz OLD_FILES+=usr/share/man/man3/Open_Disk.3.gz OLD_FILES+=usr/share/man/man3/Prev_Cyl_Aligned.3.gz OLD_FILES+=usr/share/man/man3/Prev_Track_Aligned.3.gz OLD_FILES+=usr/share/man/man3/Set_Bios_Geom.3.gz OLD_FILES+=usr/share/man/man3/Set_Boot_Blocks.3.gz OLD_FILES+=usr/share/man/man3/Set_Boot_Mgr.3.gz OLD_FILES+=usr/share/man/man3/ShowChunkFlags.3.gz OLD_FILES+=usr/share/man/man3/Track_Aligned.3.gz OLD_FILES+=usr/share/man/man3/Write_Disk.3.gz OLD_FILES+=usr/share/man/man3/slice_type_name.3.gz # 200210XX: most games moved to ports OLD_FILES+=usr/share/man/man6/adventure.6.gz OLD_FILES+=usr/share/man/man6/arithmetic.6.gz OLD_FILES+=usr/share/man/man6/atc.6.gz OLD_FILES+=usr/share/man/man6/backgammon.6.gz OLD_FILES+=usr/share/man/man6/battlestar.6.gz OLD_FILES+=usr/share/man/man6/bs.6.gz OLD_FILES+=usr/share/man/man6/canfield.6.gz OLD_FILES+=usr/share/man/man6/cfscores.6.gz OLD_FILES+=usr/share/man/man6/cribbage.6.gz OLD_FILES+=usr/share/man/man6/fish.6.gz OLD_FILES+=usr/share/man/man6/hack.6.gz OLD_FILES+=usr/share/man/man6/hangman.6.gz OLD_FILES+=usr/share/man/man6/larn.6.gz OLD_FILES+=usr/share/man/man6/mille.6.gz OLD_FILES+=usr/share/man/man6/phantasia.6.gz OLD_FILES+=usr/share/man/man6/piano.6.gz OLD_FILES+=usr/share/man/man6/pig.6.gz OLD_FILES+=usr/share/man/man6/quiz.6.gz OLD_FILES+=usr/share/man/man6/rain.6.gz OLD_FILES+=usr/share/man/man6/robots.6.gz OLD_FILES+=usr/share/man/man6/rogue.6.gz OLD_FILES+=usr/share/man/man6/sail.6.gz OLD_FILES+=usr/share/man/man6/snake.6.gz OLD_FILES+=usr/share/man/man6/snscore.6.gz OLD_FILES+=usr/share/man/man6/trek.6.gz OLD_FILES+=usr/share/man/man6/wargames.6.gz OLD_FILES+=usr/share/man/man6/worm.6.gz OLD_FILES+=usr/share/man/man6/worms.6.gz OLD_FILES+=usr/share/man/man6/wump.6.gz # 200207XX OLD_FILES+=usr/share/man/man1aout/ar.1aout.gz OLD_FILES+=usr/share/man/man1aout/as.1aout.gz OLD_FILES+=usr/share/man/man1aout/ld.1aout.gz OLD_FILES+=usr/share/man/man1aout/nm.1aout.gz OLD_FILES+=usr/share/man/man1aout/ranlib.1aout.gz OLD_FILES+=usr/share/man/man1aout/size.1aout.gz OLD_FILES+=usr/share/man/man1aout/strings.1aout.gz OLD_FILES+=usr/share/man/man1aout/strip.1aout.gz OLD_FILES+=bin/mountd OLD_FILES+=bin/nfsd # 20020707 sbin/nfsd -> usr.sbin/nfsd OLD_FILES+=sbin/nfsd # 200206XX OLD_FILES+=usr/lib/libpam_ssh.a OLD_FILES+=usr/lib/libpam_ssh_p.a OLD_FILES+=usr/bin/help OLD_FILES+=usr/bin/sccs .if ${TARGET_ARCH} != "amd64" && ${TARGET} != "arm" && ${TARGET_ARCH} != "i386" && ${TARGET} != "powerpc" OLD_FILES+=usr/bin/gdbserver .endif OLD_FILES+=usr/bin/ssh-keysign OLD_FILES+=usr/sbin/gifconfig OLD_FILES+=usr/sbin/prefix # 200205XX OLD_FILES+=usr/bin/doscmd # 200204XX OLD_FILES+=usr/bin/a2p OLD_FILES+=usr/bin/ptx OLD_FILES+=usr/bin/pod2text OLD_FILES+=usr/bin/pod2man OLD_FILES+=usr/bin/pod2latex OLD_FILES+=usr/bin/pod2html OLD_FILES+=usr/bin/h2ph OLD_FILES+=usr/bin/dprofpp OLD_FILES+=usr/bin/c2ph OLD_FILES+=usr/bin/h2xs OLD_FILES+=usr/bin/pl2pm OLD_FILES+=usr/bin/splain OLD_FILES+=usr/bin/s2p OLD_FILES+=usr/bin/find2perl OLD_FILES+=usr/sbin/pkg_update OLD_FILES+=usr/sbin/scriptdump # 20020409 GC kget(1), userconfig is long dead. OLD_FILES+=sbin/kget OLD_FILES+=usr/share/man/man8/kget.8.gz # 200203XX OLD_FILES+=usr/lib/libss.a OLD_FILES+=usr/lib/libss_p.a OLD_FILES+=usr/lib/libtelnet.a OLD_FILES+=usr/lib/libtelnet_p.a OLD_FILES+=usr/sbin/diskpart # 200202XX OLD_FILES+=usr/bin/gprof4 # 200201XX OLD_FILES+=usr/sbin/linux # 2001XXXX OLD_FILES+=usr/bin/joy OLD_FILES+=usr/sbin/ibcs2 OLD_FILES+=usr/sbin/svr4 OLD_FILES+=usr/bin/chflags OLD_FILES+=usr/sbin/uuconv OLD_FILES+=usr/sbin/uuchk OLD_FILES+=usr/sbin/portmap OLD_FILES+=usr/sbin/pmap_set OLD_FILES+=usr/sbin/pmap_dump OLD_FILES+=usr/sbin/mcon OLD_FILES+=usr/sbin/stlstty OLD_FILES+=usr/sbin/ispppcontrol OLD_FILES+=usr/sbin/rndcontrol # 20011001: UUCP migration to ports OLD_FILES+=usr/bin/uucp OLD_FILES+=usr/bin/uulog OLD_FILES+=usr/bin/uuname OLD_FILES+=usr/bin/uupick OLD_FILES+=usr/bin/uusched OLD_FILES+=usr/bin/uustat OLD_FILES+=usr/bin/uuto OLD_FILES+=usr/bin/uux OLD_FILES+=usr/libexec/uucp/uucico OLD_FILES+=usr/libexec/uucp/uuxqt OLD_FILES+=usr/libexec/uucpd OLD_FILES+=usr/share/man/man1/uuconv.1.gz OLD_FILES+=usr/share/man/man1/uucp.1.gz OLD_FILES+=usr/share/man/man1/uulog.1.gz OLD_FILES+=usr/share/man/man1/uuname.1.gz OLD_FILES+=usr/share/man/man1/uupick.1.gz OLD_FILES+=usr/share/man/man1/uustat.1.gz OLD_FILES+=usr/share/man/man1/uuto.1.gz OLD_FILES+=usr/share/man/man1/uux.1.gz OLD_FILES+=usr/share/man/man8/uuchk.8.gz OLD_FILES+=usr/share/man/man8/uucico.8.gz OLD_FILES+=usr/share/man/man8/uucpd.8.gz OLD_FILES+=usr/share/man/man8/uusched.8.gz OLD_FILES+=usr/share/man/man8/uuxqt.8.gz # 20010523 mount_portal -> mount_portalfs OLD_FILES+=sbin/mount_portal OLD_FILES+=usr/share/man/man8/mount_portal.8.gz # 200104XX OLD_FILES+=usr/lib/libdescrypt.a OLD_FILES+=usr/lib/libscrypt.a OLD_FILES+=usr/lib/libscrypt_p.a OLD_FILES+=usr/sbin/pim6stat OLD_FILES+=usr/sbin/pim6sd OLD_FILES+=usr/sbin/pim6dd # 20010217 OLD_FILES+=usr/share/doc/bind/misc/dns-setup # 20001200 OLD_FILES+=usr/lib/libgcc_r_pic.a # 200009XX OLD_FILES+=usr/lib/libRSAglue.a OLD_FILES+=usr/lib/libRSAglue.so OLD_FILES+=usr/lib/librsaINTL.a OLD_FILES+=usr/lib/librsaUSA.a OLD_FILES+=usr/lib/librsaUSA.so # 200002XX ? OLD_FILES+=usr/lib/libf2c.a OLD_FILES+=usr/lib/libf2c_p.a OLD_FILES+=usr/lib/libg++.a OLD_FILES+=usr/lib/libg++_p.a # 20001006 OLD_FILES+=usr/bin/miniperl # 20000810 OLD_FILES+=usr/bin/sperl # 200001XX OLD_FILES+=usr/sbin/apmconf # 199911XX OLD_FILES+=usr/sbin/ipfstat OLD_FILES+=usr/sbin/ipmon OLD_FILES+=usr/sbin/ipnat OLD_FILES+=usr/sbin/bad144 OLD_FILES+=usr/sbin/wormcontrol OLD_FILES+=usr/sbin/named-bootconf OLD_FILES+=usr/sbin/kvm_mkdb OLD_FILES+=usr/sbin/keyadmin # 199909XX OLD_FILES+=usr/lib/libdesrypt_p.a OLD_FILES+=sbin/ft # 199903XX OLD_FILES+=sbin/modload OLD_FILES+=sbin/modunload OLD_FILES+=usr/sbin/natd # 199812XX OLD_FILES+=sbin/dset # 199809XX OLD_FILES+=sbin/scsi OLD_FILES+=sbin/scsiformat OLD_FILES+=usr/sbin/ncrcontrol OLD_FILES+=usr/sbin/tickadj # 199806XX OLD_FILES+=usr/sbin/mkdosfs # 199801XX OLD_FILES+=sbin/mount_lfs OLD_FILES+=sbin/newlfs OLD_FILES+=sbin/dumplfs OLD_FILES+=usr/sbin/qcamcontrol OLD_FILES+=usr/sbin/supscan # 1997XXXX OLD_FILES+=usr/sbin/sysctl OLD_FILES+=usr/sbin/ctm_scan OLD_FILES+=usr/sbin/addgroup OLD_FILES+=usr/sbin/rmgroup # 1996XXXX OLD_FILES+=sbin/rdisc OLD_FILES+=usr/sbin/cdplay OLD_FILES+=usr/sbin/supfilesrv OLD_FILES+=usr/sbin/routed OLD_FILES+=usr/sbin/lsdev OLD_FILES+=usr/sbin/yppasswdd ## unsorted # do we still support aout builds? #OLD_FILES+=usr/lib/aout/c++rt0.o #OLD_FILES+=usr/lib/aout/crt0.o #OLD_FILES+=usr/lib/aout/gcrt0.o #OLD_FILES+=usr/lib/aout/scrt0.o #OLD_FILES+=usr/lib/aout/sgcrt0.o OLD_FILES+=usr/bin/sperl5 OLD_FILES+=usr/bin/perl5.6.0 OLD_FILES+=usr/bin/sperl5.6.0 OLD_FILES+=usr/bin/perlbc OLD_FILES+=usr/bin/perl5.00503 OLD_FILES+=usr/bin/sperl5.00503 OLD_FILES+=usr/bin/perlbug OLD_FILES+=usr/bin/perlcc OLD_FILES+=usr/bin/perldoc OLD_FILES+=usr/bin/suidperl OLD_FILES+=usr/lib/pam_ftp.so OLD_FILES+=usr/libdata/perl/5.00503/CGI/Apache.pm OLD_FILES+=usr/libdata/perl/5.00503/CGI/Carp.pm OLD_FILES+=usr/libdata/perl/5.00503/CGI/Cookie.pm OLD_FILES+=usr/libdata/perl/5.00503/CGI/Fast.pm OLD_FILES+=usr/libdata/perl/5.00503/CGI/Push.pm OLD_FILES+=usr/libdata/perl/5.00503/CGI/Switch.pm OLD_FILES+=usr/libdata/perl/5.00503/CPAN/FirstTime.pm OLD_FILES+=usr/libdata/perl/5.00503/CPAN/Nox.pm OLD_FILES+=usr/libdata/perl/5.00503/Class/Struct.pm OLD_FILES+=usr/libdata/perl/5.00503/Devel/SelfStubber.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/Command.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/Embed.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/Install.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/Installed.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/Liblist.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/MM_OS2.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/MM_Unix.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/MM_VMS.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/MM_Win32.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/MakeMaker.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/Manifest.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/Mkbootstrap.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/Mksymlists.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/Packlist.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/inst OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/testlib.pm OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/typemap OLD_FILES+=usr/libdata/perl/5.00503/ExtUtils/xsubpp OLD_FILES+=usr/libdata/perl/5.00503/File/Spec/Mac.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Spec/OS2.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Spec/Unix.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Spec/VMS.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Spec/Win32.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Basename.pm OLD_FILES+=usr/libdata/perl/5.00503/File/CheckTree.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Compare.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Copy.pm OLD_FILES+=usr/libdata/perl/5.00503/File/DosGlob.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Find.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Path.pm OLD_FILES+=usr/libdata/perl/5.00503/File/Spec.pm OLD_FILES+=usr/libdata/perl/5.00503/File/stat.pm OLD_FILES+=usr/libdata/perl/5.00503/Getopt/Long.pm OLD_FILES+=usr/libdata/perl/5.00503/Getopt/Std.pm OLD_FILES+=usr/libdata/perl/5.00503/I18N/Collate.pm OLD_FILES+=usr/libdata/perl/5.00503/IPC/Open2.pm OLD_FILES+=usr/libdata/perl/5.00503/IPC/Open3.pm OLD_FILES+=usr/libdata/perl/5.00503/Math/BigFloat.pm OLD_FILES+=usr/libdata/perl/5.00503/Math/BigInt.pm OLD_FILES+=usr/libdata/perl/5.00503/Math/Complex.pm OLD_FILES+=usr/libdata/perl/5.00503/Math/Trig.pm OLD_FILES+=usr/libdata/perl/5.00503/Net/Ping.pm OLD_FILES+=usr/libdata/perl/5.00503/Net/hostent.pm OLD_FILES+=usr/libdata/perl/5.00503/Net/netent.pm OLD_FILES+=usr/libdata/perl/5.00503/Net/protoent.pm OLD_FILES+=usr/libdata/perl/5.00503/Net/servent.pm OLD_FILES+=usr/libdata/perl/5.00503/Pod/Functions.pm OLD_FILES+=usr/libdata/perl/5.00503/Pod/Html.pm OLD_FILES+=usr/libdata/perl/5.00503/Pod/Text.pm OLD_FILES+=usr/libdata/perl/5.00503/Search/Dict.pm OLD_FILES+=usr/libdata/perl/5.00503/Sys/Hostname.pm OLD_FILES+=usr/libdata/perl/5.00503/Sys/Syslog.pm OLD_FILES+=usr/libdata/perl/5.00503/Term/Cap.pm OLD_FILES+=usr/libdata/perl/5.00503/Term/Complete.pm OLD_FILES+=usr/libdata/perl/5.00503/Term/ReadLine.pm OLD_FILES+=usr/libdata/perl/5.00503/Test/Harness.pm OLD_FILES+=usr/libdata/perl/5.00503/Text/Abbrev.pm OLD_FILES+=usr/libdata/perl/5.00503/Text/ParseWords.pm OLD_FILES+=usr/libdata/perl/5.00503/Text/Soundex.pm OLD_FILES+=usr/libdata/perl/5.00503/Text/Tabs.pm OLD_FILES+=usr/libdata/perl/5.00503/Text/Wrap.pm OLD_FILES+=usr/libdata/perl/5.00503/Tie/Array.pm OLD_FILES+=usr/libdata/perl/5.00503/Tie/Handle.pm OLD_FILES+=usr/libdata/perl/5.00503/Tie/Hash.pm OLD_FILES+=usr/libdata/perl/5.00503/Tie/RefHash.pm OLD_FILES+=usr/libdata/perl/5.00503/Tie/Scalar.pm OLD_FILES+=usr/libdata/perl/5.00503/Tie/SubstrHash.pm OLD_FILES+=usr/libdata/perl/5.00503/Time/Local.pm OLD_FILES+=usr/libdata/perl/5.00503/Time/gmtime.pm OLD_FILES+=usr/libdata/perl/5.00503/Time/localtime.pm OLD_FILES+=usr/libdata/perl/5.00503/Time/tm.pm OLD_FILES+=usr/libdata/perl/5.00503/User/grent.pm OLD_FILES+=usr/libdata/perl/5.00503/User/pwent.pm OLD_FILES+=usr/libdata/perl/5.00503/auto/Getopt/Long/GetOptions.al OLD_FILES+=usr/libdata/perl/5.00503/auto/Getopt/Long/FindOption.al OLD_FILES+=usr/libdata/perl/5.00503/auto/Getopt/Long/Configure.al OLD_FILES+=usr/libdata/perl/5.00503/auto/Getopt/Long/config.al OLD_FILES+=usr/libdata/perl/5.00503/auto/Getopt/Long/Croak.al OLD_FILES+=usr/libdata/perl/5.00503/auto/Getopt/Long/autosplit.ix OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Deparse.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/CC.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Debug.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Showlex.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/makeliblinks OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Bblock.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/cc_harness OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Bytecode.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Stackobj.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Xref.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Lint.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Asmdata.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Assembler.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Disassembler.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/disassemble OLD_FILES+=usr/libdata/perl/5.00503/mach/B/assemble OLD_FILES+=usr/libdata/perl/5.00503/mach/B/Terse.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B/C.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/EXTERN.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/INTERN.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/XSUB.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/XSlock.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/av.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/bytecode.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/byterun.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/cc_runtime.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/config.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/cop.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/cv.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/dosish.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/embed.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/embedvar.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/fakethr.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/form.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/gv.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/handy.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/hv.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/intrpvar.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/iperlsys.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/keywords.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/mg.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/nostdio.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/objXSUB.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/objpp.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/op.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/opcode.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/patchlevel.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/perl.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/perlio.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/perlsdio.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/perlsfio.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/perlvars.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/perly.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/pp.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/pp_proto.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/proto.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/regcomp.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/regexp.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/regnodes.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/scope.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/sv.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/thrdvar.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/thread.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/unixish.h OLD_FILES+=usr/libdata/perl/5.00503/mach/CORE/util.h OLD_FILES+=usr/libdata/perl/5.00503/mach/Data/Dumper.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IO/File.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IO/Select.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IO/Socket.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IO/Handle.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IO/Seekable.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IO/Pipe.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IPC/SysV.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IPC/Msg.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IPC/Semaphore.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/B/B.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/B/B.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/B/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DB_File/autosplit.ix OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DB_File/DB_File.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DB_File/DB_File.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DB_File/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Data/Dumper/Dumper.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Data/Dumper/Dumper.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Data/Dumper/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DynaLoader/.exists OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DynaLoader/dl_findfile.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DynaLoader/dl_expandspec.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DynaLoader/dl_find_symbol_anywhere.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DynaLoader/autosplit.ix OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DynaLoader/DynaLoader.a OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/DynaLoader/extralibs.ld OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Fcntl/Fcntl.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Fcntl/Fcntl.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Fcntl/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/IO/IO.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/IO/IO.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/IO/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/IPC/SysV/SysV.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/IPC/SysV/SysV.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/IPC/SysV/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/NDBM_File/NDBM_File.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/NDBM_File/NDBM_File.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/NDBM_File/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Opcode/Opcode.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Opcode/Opcode.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Opcode/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/assert.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/tolower.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/toupper.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/closedir.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/opendir.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/readdir.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/rewinddir.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/errno.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/creat.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fcntl.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getgrgid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getgrnam.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/atan2.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/cos.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/exp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fabs.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/log.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/pow.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/sin.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/sqrt.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getpwnam.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getpwuid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/longjmp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/setjmp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/kill.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/feof.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/siglongjmp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/sigsetjmp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/raise.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/offsetof.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/clearerr.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fclose.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fdopen.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fgetc.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fgets.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fileno.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fopen.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fprintf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fputc.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fputs.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fread.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/freopen.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fscanf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fseek.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/ferror.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fflush.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fgetpos.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fsetpos.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/ftell.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fwrite.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getc.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getchar.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/gets.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/perror.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/printf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/putc.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/putchar.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/puts.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/remove.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/rename.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/rewind.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/scanf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/sprintf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/sscanf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/tmpfile.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/ungetc.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/vfprintf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/vprintf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/vsprintf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/abs.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/atexit.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/atof.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/atoi.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/atol.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/bsearch.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/calloc.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/div.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/exit.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/free.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getenv.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/labs.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/ldiv.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/malloc.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/qsort.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/rand.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/realloc.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/srand.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/system.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/memchr.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/memcmp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/memcpy.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/memmove.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/memset.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strcat.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strchr.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strcmp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strcpy.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strcspn.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strerror.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strlen.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strncat.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strncmp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strncpy.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strpbrk.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strrchr.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strspn.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strstr.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/strtok.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/chmod.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fstat.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/mkdir.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/stat.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/umask.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/wait.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/waitpid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/gmtime.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/localtime.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/time.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/alarm.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/chdir.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/chown.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/execl.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/execle.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/execlp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/execv.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/execve.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/execvp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/fork.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getcwd.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getegid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/geteuid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getgid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getgroups.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getlogin.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getpgrp.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getpid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getppid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/getuid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/isatty.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/link.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/rmdir.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/setbuf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/setgid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/setuid.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/setvbuf.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/sleep.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/unlink.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/utime.al OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/autosplit.ix OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/POSIX.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/POSIX.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/POSIX/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/SDBM_File/SDBM_File.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/SDBM_File/SDBM_File.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/SDBM_File/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Socket/Socket.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Socket/Socket.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Socket/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/attrs/attrs.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/attrs/attrs.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/attrs/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/re/re.so OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/re/re.bs OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/re/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/sdbm/extralibs.ld OLD_FILES+=usr/libdata/perl/5.00503/mach/auto/Errno/.packlist OLD_FILES+=usr/libdata/perl/5.00503/mach/Config.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/B.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/O.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/perllocal.pod OLD_FILES+=usr/libdata/perl/5.00503/mach/DB_File.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/Errno.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/Fcntl.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/IO.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/NDBM_File.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/Safe.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/Opcode.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/ops.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/POSIX.pod OLD_FILES+=usr/libdata/perl/5.00503/mach/POSIX.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/SDBM_File.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/Socket.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/attrs.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/re.pm OLD_FILES+=usr/libdata/perl/5.00503/mach/_h2ph_pre.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/a.out.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam_ccb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam_debug.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam_extend.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam_periph.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam_queue.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam_sim.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam_xpt.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam_xpt_periph.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/cam/cam_xpt_sim.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/aio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/alias.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/assert.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/bitstring.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/calendar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/camlib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/com_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/com_right.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ctype.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/curses.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/db.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/des.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/devstat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/dialog.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/dirent.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/disktab.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/dlfcn.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/elf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/errno.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/eti.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/fcntl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/fetch.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/float.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/floatingpoint.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/fnmatch.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/form.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/fstab.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ftpio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/fts.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/glob.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/gmp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/gnuregex.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/grp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/histedit.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ieeefp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ifaddrs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/inttypes.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/iso646.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/kvm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/libatm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/libdisk.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/libgen.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/libusb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/libutil.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/limits.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/link.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/linker_set.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/locale.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/login_cap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/malloc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/FlexLexer.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/PlotFile.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/SFile.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/_G_config.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/algo.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/algobase.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/alloc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/builtinbuf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/bvector.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/complex.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/defalloc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/deque.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/editbuf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/floatio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/fstream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/function.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/hash_map.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/hash_set.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/hashtable.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/heap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/indstream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/iolibio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/iomanip.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/list.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/iostdio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/iostream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/iostreamP.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/istream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/iterator.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/libio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/libioP.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/map.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/multimap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/multiset.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/new.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/ostream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/pair.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/parsestream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/pfstream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/procbuf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/pthread_alloc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/rope.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/ropeimpl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/set.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/slist.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stack.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stdiostream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_algo.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/tree.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_algobase.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_alloc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_bvector.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_config.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_construct.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_deque.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_function.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_hash_fun.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_hash_map.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_hash_set.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_hashtable.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_heap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_iterator.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_list.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_map.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_multimap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_multiset.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_numeric.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_pair.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_queue.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_raw_storage_iter.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_relops.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_rope.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_set.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_slist.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_stack.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_tempbuf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_tree.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_uninitialized.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stl_vector.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/stream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/streambuf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/strfile.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/strstream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/tempbuf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/type_traits.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g++/vector.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/math.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/md2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/md4.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/md5.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/memory.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/menu.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/mp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/mpool.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/mqueue.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ncurses.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ndbm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netdb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nl_types.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nlist.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objformat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/opie.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/osreldate.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/panel.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/paths.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pcap-int.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pcap-namedb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pcap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/poll.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pthread.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pthread_np.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pwd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/radlib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ranlib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/regex.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/regexp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/resolv.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ripemd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rune.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/runetype.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sched.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/search.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/semaphore.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/setjmp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sgtty.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sha.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/signal.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/skey.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/stab.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/stand.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/stdarg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/stddef.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/stdio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/stdlib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/strhash.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/string.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/stringlist.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/strings.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/struct.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sysexits.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/syslog.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/taclib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/tar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/tcpd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/term.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/termcap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/termios.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/time.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/timers.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ttyent.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ucontext.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/unctrl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/unistd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/utime.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/utmp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/values.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/varargs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vgl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vis.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/zconf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/zlib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/arpa/ftp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/arpa/inet.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/arpa/nameser.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/arpa/nameser_compat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/arpa/telnet.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/arpa/tftp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/assertions.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/ctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/dst.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/eventlib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/heap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/irpmarshall.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/logging.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/memcluster.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/misc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/tree.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/isc/list.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ansi.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/apic.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/apm_bios.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/apm_segments.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/asc_ioctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/asm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/asmacros.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/asnames.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/atomic.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/bootinfo.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/bus.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/bus_at386.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/bus_memio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/bus_pc98.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/bus_pio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/bus_pio_ind.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/cdk.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/clock.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/comstats.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/console.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/cpu.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/cpufunc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/cputypes.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/cronyx.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/db_machdep.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/dvcfg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/elf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/endian.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/exec.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/float.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/floatingpoint.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/frame.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/globaldata.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/globals.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/gsc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/i4b_cause.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/i4b_debug.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/i4b_ioctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/i4b_rbch_ioctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/i4b_tel_ioctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/i4b_trace.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ieeefp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/if_wavelan_ieee.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/if_wl_wavelan.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/iic.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/in_cksum.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ioctl_bt848.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ioctl_ctx.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ioctl_fd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ioctl_meteor.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ipl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/joystick.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/limits.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/lock.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/md_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/mouse.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/mpapic.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/mtpr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/bus_dma.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/npx.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/param.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/pcaudioio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/pcb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/pcb_ext.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/pcvt_ioctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/perfmon.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/physio_proc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/pmap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/proc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/profile.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/psl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ptrace.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/reg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/reloc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/resource.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/segments.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/setjmp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/sigframe.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/signal.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/smb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/smp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/smptests.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/soundcard.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/speaker.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/specialreg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/spigot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/stdarg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/sysarch.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/trap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/tss.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/types.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/uc_device.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ucontext.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/ultrasound.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/varargs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/vm86.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/vmparam.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/wtio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/i4b_isppp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/machine/pci_cfgreg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/msdosfs/bootsect.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/msdosfs/bpb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/msdosfs/denode.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/msdosfs/direntry.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/msdosfs/fat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/msdosfs/msdosfsmount.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/bpf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/bpf_compat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/bpfdesc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/bridge.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/ethernet.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/hostcache.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_arp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_atm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_dl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_gif.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_ieee80211.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_llc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_media.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_mib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_ppp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_pppvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_slvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_sppp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_stf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_tap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_tapvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_tun.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/slip.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_tunvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_types.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_vlan_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/intrq.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/iso88025.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/net_osdep.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/netisr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/pfkeyv2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/ppp_comp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/ppp_defs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/radix.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/raw_cb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/route.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/slcompress.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/zlib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_faith.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_arc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/net/if_gre.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/krpc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nfs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nfsdiskless.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nfsm_subs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nfsmount.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nfsnode.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nfsproto.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nfsrtt.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nfsrvcache.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nfsv2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/nqnfs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/rpcv2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nfs/xdr_subs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatalk/aarp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatalk/at.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatalk/at_extern.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatalk/at_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatalk/ddp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatalk/ddp_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatalk/endian.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatalk/phase2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_cm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_if.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_ioctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_pcb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_sap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_sigmgr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_stack.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_sys.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/atm_vc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/kern_include.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/port.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netatm/queue.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/netgraph.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_UI.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_async.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_bpf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_bridge.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_cisco.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_echo.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_ether.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_frame_relay.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_hole.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_iface.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_ksocket.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_lmi.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_message.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_mppc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_one2many.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_parse.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_ppp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_pppoe.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_pptpgre.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_rfc1490.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_sample.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_socket.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_socketvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_tee.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_tty.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_vjc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_eiface.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_etf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_device.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_l2tp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netgraph/ng_fec.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/icmp6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/icmp_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/if_atm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/if_ether.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/if_fddi.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/igmp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/igmp_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/in.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/in_gif.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/in_hostcache.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/in_pcb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/in_systm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/in_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_auth.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_compat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_dummynet.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_ecn.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_encap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_fil.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_flow.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_frag.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_fw.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_icmp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_mroute.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_nat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_proxy.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_state.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ipl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ipprotosw.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/tcp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/tcp_debug.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/tcp_fsm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/tcp_seq.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/tcp_timer.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/tcp_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/tcpip.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/udp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/udp_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_fw2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet/ip_gre.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ah.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ah6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/esp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/esp6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/icmp6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/in6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/in6_gif.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/in6_ifattach.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/in6_pcb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/in6_prefix.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/in6_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ip6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ip6_ecn.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ip6_fw.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ip6_mroute.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ip6_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ip6protosw.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ipcomp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ipcomp6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ipsec.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/ipsec6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/mld6_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/nd6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/pim6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/pim6_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/scope6_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/tcp6_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/udp6_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/esp_rijndael.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netinet6/raw_ip6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipx/ipx.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipx/ipx_if.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipx/ipx_ip.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipx/ipx_pcb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipx/ipx_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipx/spx.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipx/spx_debug.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipx/spx_timer.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipx/spx_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netkey/key.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netkey/key_debug.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netkey/key_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netkey/keydb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netkey/keysock.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netnatm/natm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_cfg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_conn.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_file.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_lib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_ncp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_nls.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_rcfile.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_rq.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_sock.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_subr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/ncp_user.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netncp/nwerror.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/idp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/idp_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/ns.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/ns_error.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/ns_if.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/ns_pcb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/sp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/spidp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/spp_debug.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/spp_timer.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netns/spp_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ntfs/ntfs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ntfs/ntfs_compr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ntfs/ntfs_ihash.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ntfs/ntfs_inode.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ntfs/ntfs_subr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ntfs/ntfs_vfsops.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ntfs/ntfsmount.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nwfs/nwfs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nwfs/nwfs_mount.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nwfs/nwfs_node.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/nwfs/nwfs_subr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/NXConstStr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/Object.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/Protocol.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/encoding.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/hash.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/objc-api.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/objc-list.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/objc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/runtime.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/sarray.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/thr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/objc/typedstream.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/asn1.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/asn1_mac.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/bio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/blowfish.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/bn.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/buffer.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/cast.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/comp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/conf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/conf_api.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/crypto.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/des.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/dh.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/dsa.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/dso.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/e_os.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/e_os2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ebcdic.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/evp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/hmac.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/lhash.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/md2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/md4.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/md5.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/mdc2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/obj_mac.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/objects.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/opensslconf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/opensslv.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/pem.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/pem2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/pkcs12.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/pkcs7.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/rand.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/rc2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/rc4.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/rc5.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ripemd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/rsa.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/safestack.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/sha.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ssl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ssl2.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ssl23.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ssl3.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ssl_locl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/stack.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/symhacks.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/tls1.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/tmdiff.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/txt_db.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/x509.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/x509_vfy.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/x509v3.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/idea.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/aes.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/asn1t.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/cryptlib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/des_old.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ec.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/engine.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/krb5_asn.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/kssl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ocsp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ossl_typ.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ui.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ui_compat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/aes_locl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/eng_int.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/hw_4758_cca_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/hw_aep_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/hw_atalla_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/hw_cswift_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/hw_ncipher_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/hw_nuron_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/hw_sureware_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/hw_ubsec_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/openssl/ui_locl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pccard/cardinfo.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pccard/cis.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pccard/driver.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pccard/i82365.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pccard/pccard_nbk.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pccard/slot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pccard/meciareg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pccard/pcic_pci.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/pccard/pcicvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/posix4/aio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/posix4/mqueue.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/posix4/posix4.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/posix4/sched.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/posix4/semaphore.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/protocols/dumprestore.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/protocols/routed.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/protocols/rwhod.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/protocols/talkd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/protocols/timed.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/readline/chardefs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/readline/history.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/readline/keymaps.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/readline/readline.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/readline/rlconf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/readline/rlstdc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/readline/tilde.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/auth.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/auth_des.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/auth_unix.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/clnt.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/des.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/des_crypt.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/key_prot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/pmap_clnt.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/pmap_prot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/pmap_rmt.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/rpc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/rpc_com.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/rpc_msg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/svc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/svc_auth.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/types.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpc/xdr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/bootparam_prot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/crypt.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/key_prot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/klm_prot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/mount.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/nfs_prot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/nis.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/nis_cache.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/nis_callback.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/nis_db.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/nis_tags.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/nislib.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/nlm_prot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/rex.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/rnusers.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/rquota.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/rstat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/rwall.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/sm_inter.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/spray.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/yp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/yp_prot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/ypclnt.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/yppasswd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/ypupdate_prot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/rpcsvc/ypxfrd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/security/_pam_compat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/security/_pam_macros.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/security/_pam_types.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/security/pam_appl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/security/pam_malloc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/security/pam_misc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/security/pam_mod_misc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/security/pam_modules.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ss/mit-sipb-copyright.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ss/ss.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/ss/ss_err.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/_posix.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ata.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/acct.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/acl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/agpio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/aio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/assym.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/blist.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/buf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/bus.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/bus_private.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/callout.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ccdvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/cdefs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/cdio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/cdrio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/chio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/clist.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/endian.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/conf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/cons.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/consio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/copyright.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ctype.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/dir.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/dataacq.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/link_elf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/device_port.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/devicestat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/dirent.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/disk.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/disklabel.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/diskslice.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/dkstat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/dmap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/domain.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/dvdio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/elf32.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/elf64.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/elf_common.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/elf_generic.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/errno.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/event.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/eventhandler.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/eventvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/exec.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/extattr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/fbio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/fcntl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/file.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/filedesc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/filio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/gmon.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/imgact.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/imgact_aout.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/imgact_elf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/inflate.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/interrupt.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/inttypes.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ioccom.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ioctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ioctl_compat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ipc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/jail.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/joystick.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/kbio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/kernel.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/kthread.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ktrace.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/libkern.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/linker.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/linker_set.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/lock.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/lockf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/malloc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/mbuf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/md5.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/memrange.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/mman.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/module.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/mount.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/msg.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/msgbuf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/mtio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/namei.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/param.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/pciio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/pioctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/pipe.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/poll.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/proc.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/procfs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/protosw.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ptio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ptrace.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/queue.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/random.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/reboot.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/resource.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/resourcevar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/rman.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/rtprio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/sbuf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/select.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/sem.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/shm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/signal.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/signalvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/snoop.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/socket.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/socketvar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/sockio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/soundcard.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/stat.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/syscall-hide.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/syscall.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/sysctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/sysent.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/syslimits.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/syslog.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/sysproto.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/systm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/taskqueue.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/termios.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/time.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/timeb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/timepps.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/timers.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/times.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/timex.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/tprintf.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/tty.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ttychars.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ttycom.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ttydefaults.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ttydev.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/types.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ucontext.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/ucred.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/uio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/un.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/unistd.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/unpcb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/user.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/utsname.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/vmmeter.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/vnioctl.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/vnode.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/wait.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/wormio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/xrpuio.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/kobj.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/link_aout.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/nlist_aout.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/mchain.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/fnv_hash.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/iconv.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/sys/md4.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/pmap.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/swap_pager.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm_extern.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm_kern.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm_map.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm_object.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm_page.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm_pageout.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm_pager.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm_param.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vm_zone.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/vm/vnode_pager.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/complex.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/stdbool.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/langinfo.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netsmb/netbios.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netsmb/smb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netsmb/smb_conn.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netsmb/smb_dev.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netsmb/smb_rq.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netsmb/smb_subr.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netsmb/smb_tran.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netsmb/smb_trantcp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/g2c.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/telnet.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/elf-hints.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/libusbhid.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/radlib_vs.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/readpassphrase.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/wchar.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/wctype.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/crypto/cast.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/crypto/castsb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/crypto/cryptodev.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/crypto/cryptosoft.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/crypto/deflate.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/crypto/rijndael.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/crypto/rmd160.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/crypto/skipjack.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/crypto/xform.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/ah.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/ah_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/esp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/esp_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/ipcomp.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/ipcomp_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/ipip_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/ipsec.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/ipsec6.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/key.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/key_debug.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/key_var.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/keydb.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/keysock.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/netipsec/xform.ph OLD_FILES+=usr/libdata/perl/5.00503/mach/bzlib.ph OLD_FILES+=usr/libdata/perl/5.00503/pod/perl.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perl5004delta.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlapio.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlbook.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlbot.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlcall.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perldata.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perldebug.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perldelta.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perldiag.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perldsc.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlembed.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq1.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq2.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq3.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq4.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq5.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq6.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq7.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlipc.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq8.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfaq9.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlform.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlfunc.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlguts.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlhist.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perllocale.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perllol.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlmod.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlmodinstall.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlmodlib.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlobj.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlop.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlopentut.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlpod.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlport.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlre.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlref.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlreftut.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlrun.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlsec.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlstyle.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlsub.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlsyn.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlthrtut.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perltie.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perltoc.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perltoot.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perltrap.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlvar.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlxs.pod OLD_FILES+=usr/libdata/perl/5.00503/pod/perlxstut.pod OLD_FILES+=usr/libdata/perl/5.00503/AnyDBM_File.pm OLD_FILES+=usr/libdata/perl/5.00503/AutoLoader.pm OLD_FILES+=usr/libdata/perl/5.00503/AutoSplit.pm OLD_FILES+=usr/libdata/perl/5.00503/Benchmark.pm OLD_FILES+=usr/libdata/perl/5.00503/CGI.pm OLD_FILES+=usr/libdata/perl/5.00503/CPAN.pm OLD_FILES+=usr/libdata/perl/5.00503/Carp.pm OLD_FILES+=usr/libdata/perl/5.00503/Cwd.pm OLD_FILES+=usr/libdata/perl/5.00503/DirHandle.pm OLD_FILES+=usr/libdata/perl/5.00503/Dumpvalue.pm OLD_FILES+=usr/libdata/perl/5.00503/English.pm OLD_FILES+=usr/libdata/perl/5.00503/Env.pm OLD_FILES+=usr/libdata/perl/5.00503/Exporter.pm OLD_FILES+=usr/libdata/perl/5.00503/Fatal.pm OLD_FILES+=usr/libdata/perl/5.00503/FileCache.pm OLD_FILES+=usr/libdata/perl/5.00503/FileHandle.pm OLD_FILES+=usr/libdata/perl/5.00503/FindBin.pm OLD_FILES+=usr/libdata/perl/5.00503/SelectSaver.pm OLD_FILES+=usr/libdata/perl/5.00503/SelfLoader.pm OLD_FILES+=usr/libdata/perl/5.00503/Shell.pm OLD_FILES+=usr/libdata/perl/5.00503/Symbol.pm OLD_FILES+=usr/libdata/perl/5.00503/Test.pm OLD_FILES+=usr/libdata/perl/5.00503/abbrev.pl OLD_FILES+=usr/libdata/perl/5.00503/UNIVERSAL.pm OLD_FILES+=usr/libdata/perl/5.00503/assert.pl OLD_FILES+=usr/libdata/perl/5.00503/autouse.pm OLD_FILES+=usr/libdata/perl/5.00503/base.pm OLD_FILES+=usr/libdata/perl/5.00503/bigfloat.pl OLD_FILES+=usr/libdata/perl/5.00503/bigint.pl OLD_FILES+=usr/libdata/perl/5.00503/bigrat.pl OLD_FILES+=usr/libdata/perl/5.00503/blib.pm OLD_FILES+=usr/libdata/perl/5.00503/cacheout.pl OLD_FILES+=usr/libdata/perl/5.00503/chat2.pl OLD_FILES+=usr/libdata/perl/5.00503/complete.pl OLD_FILES+=usr/libdata/perl/5.00503/constant.pm OLD_FILES+=usr/libdata/perl/5.00503/ctime.pl OLD_FILES+=usr/libdata/perl/5.00503/diagnostics.pm OLD_FILES+=usr/libdata/perl/5.00503/dotsh.pl OLD_FILES+=usr/libdata/perl/5.00503/dumpvar.pl OLD_FILES+=usr/libdata/perl/5.00503/exceptions.pl OLD_FILES+=usr/libdata/perl/5.00503/fastcwd.pl OLD_FILES+=usr/libdata/perl/5.00503/fields.pm OLD_FILES+=usr/libdata/perl/5.00503/find.pl OLD_FILES+=usr/libdata/perl/5.00503/finddepth.pl OLD_FILES+=usr/libdata/perl/5.00503/flush.pl OLD_FILES+=usr/libdata/perl/5.00503/ftp.pl OLD_FILES+=usr/libdata/perl/5.00503/getcwd.pl OLD_FILES+=usr/libdata/perl/5.00503/getopt.pl OLD_FILES+=usr/libdata/perl/5.00503/getopts.pl OLD_FILES+=usr/libdata/perl/5.00503/hostname.pl OLD_FILES+=usr/libdata/perl/5.00503/importenv.pl OLD_FILES+=usr/libdata/perl/5.00503/integer.pm OLD_FILES+=usr/libdata/perl/5.00503/less.pm OLD_FILES+=usr/libdata/perl/5.00503/lib.pm OLD_FILES+=usr/libdata/perl/5.00503/locale.pm OLD_FILES+=usr/libdata/perl/5.00503/look.pl OLD_FILES+=usr/libdata/perl/5.00503/newgetopt.pl OLD_FILES+=usr/libdata/perl/5.00503/open2.pl OLD_FILES+=usr/libdata/perl/5.00503/open3.pl OLD_FILES+=usr/libdata/perl/5.00503/overload.pm OLD_FILES+=usr/libdata/perl/5.00503/perl5db.pl OLD_FILES+=usr/libdata/perl/5.00503/pwd.pl OLD_FILES+=usr/libdata/perl/5.00503/shellwords.pl OLD_FILES+=usr/libdata/perl/5.00503/sigtrap.pm OLD_FILES+=usr/libdata/perl/5.00503/stat.pl OLD_FILES+=usr/libdata/perl/5.00503/strict.pm OLD_FILES+=usr/libdata/perl/5.00503/subs.pm OLD_FILES+=usr/libdata/perl/5.00503/syslog.pl OLD_FILES+=usr/libdata/perl/5.00503/tainted.pl OLD_FILES+=usr/libdata/perl/5.00503/termcap.pl OLD_FILES+=usr/libdata/perl/5.00503/timelocal.pl OLD_FILES+=usr/libdata/perl/5.00503/validate.pl OLD_FILES+=usr/libdata/perl/5.00503/vars.pm OLD_FILES+=usr/libdata/perl/5.00503/re.pm OLD_FILES+=usr/libdata/perl/5.00503/Config.pm OLD_FILES+=usr/libdata/perl/5.00503/.exists OLD_FILES+=usr/libdata/perl/5.00503/DynaLoader.pm OLD_FILES+=usr/share/perl/man/man3/AnyDBM_File.3.gz OLD_FILES+=usr/share/perl/man/man3/AutoLoader.3.gz OLD_FILES+=usr/share/perl/man/man3/AutoSplit.3.gz OLD_FILES+=usr/share/perl/man/man3/B.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Asmdata.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Assembler.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Bblock.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Bytecode.3.gz OLD_FILES+=usr/share/perl/man/man3/B::C.3.gz OLD_FILES+=usr/share/perl/man/man3/B::CC.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Debug.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Deparse.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Disassembler.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Lint.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Showlex.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Stackobj.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Terse.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Xref.3.gz OLD_FILES+=usr/share/perl/man/man3/Benchmark.3.gz OLD_FILES+=usr/share/perl/man/man3/CGI.3.gz OLD_FILES+=usr/share/perl/man/man3/CGI::Apache.3.gz OLD_FILES+=usr/share/perl/man/man3/CGI::Carp.3.gz OLD_FILES+=usr/share/perl/man/man3/CGI::Cookie.3.gz OLD_FILES+=usr/share/perl/man/man3/CGI::Fast.3.gz OLD_FILES+=usr/share/perl/man/man3/CGI::Push.3.gz OLD_FILES+=usr/share/perl/man/man3/CGI::Switch.3.gz OLD_FILES+=usr/share/perl/man/man3/CPAN.3.gz OLD_FILES+=usr/share/perl/man/man3/CPAN::FirstTime.3.gz OLD_FILES+=usr/share/perl/man/man3/CPAN::Nox.3.gz OLD_FILES+=usr/share/perl/man/man3/Carp.3.gz OLD_FILES+=usr/share/perl/man/man3/Class::Struct.3.gz OLD_FILES+=usr/share/perl/man/man3/Config.3.gz OLD_FILES+=usr/share/perl/man/man3/Cwd.3.gz OLD_FILES+=usr/share/perl/man/man3/DB_File.3.gz OLD_FILES+=usr/share/perl/man/man3/Data::Dumper.3.gz OLD_FILES+=usr/share/perl/man/man3/Devel::SelfStubber.3.gz OLD_FILES+=usr/share/perl/man/man3/DirHandle.3.gz OLD_FILES+=usr/share/perl/man/man3/Dumpvalue.3.gz OLD_FILES+=usr/share/perl/man/man3/DynaLoader.3.gz OLD_FILES+=usr/share/perl/man/man3/English.3.gz OLD_FILES+=usr/share/perl/man/man3/Env.3.gz OLD_FILES+=usr/share/perl/man/man3/Exporter.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::Command.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::Embed.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::Install.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::Installed.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::Liblist.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::MM_OS2.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::MM_Unix.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::MM_VMS.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::MM_Win32.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::MakeMaker.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::Manifest.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::Mkbootstrap.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::Mksymlists.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::Packlist.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::testlib.3.gz OLD_FILES+=usr/share/perl/man/man3/Fatal.3.gz OLD_FILES+=usr/share/perl/man/man3/Fcntl.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Basename.3.gz OLD_FILES+=usr/share/perl/man/man3/File::CheckTree.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Compare.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Copy.3.gz OLD_FILES+=usr/share/perl/man/man3/File::DosGlob.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Find.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Path.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Spec.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Spec::Mac.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Spec::OS2.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Spec::Unix.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Spec::VMS.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Spec::Win32.3.gz OLD_FILES+=usr/share/perl/man/man3/File::stat.3.gz OLD_FILES+=usr/share/perl/man/man3/FileCache.3.gz OLD_FILES+=usr/share/perl/man/man3/IO.3.gz OLD_FILES+=usr/share/perl/man/man3/FileHandle.3.gz OLD_FILES+=usr/share/perl/man/man3/FindBin.3.gz OLD_FILES+=usr/share/perl/man/man3/GDBM_File.3.gz OLD_FILES+=usr/share/perl/man/man3/Getopt::Long.3.gz OLD_FILES+=usr/share/perl/man/man3/Getopt::Std.3.gz OLD_FILES+=usr/share/perl/man/man3/I18N::Collate.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::File.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::Handle.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::Pipe.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::Seekable.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::Select.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::Socket.3.gz OLD_FILES+=usr/share/perl/man/man3/IPC::Msg.3.gz OLD_FILES+=usr/share/perl/man/man3/IPC::Open2.3.gz OLD_FILES+=usr/share/perl/man/man3/IPC::Open3.3.gz OLD_FILES+=usr/share/perl/man/man3/IPC::Semaphore.3.gz OLD_FILES+=usr/share/perl/man/man3/IPC::SysV.3.gz OLD_FILES+=usr/share/perl/man/man3/Math::BigFloat.3.gz OLD_FILES+=usr/share/perl/man/man3/Math::BigInt.3.gz OLD_FILES+=usr/share/perl/man/man3/Math::Complex.3.gz OLD_FILES+=usr/share/perl/man/man3/Math::Trig.3.gz OLD_FILES+=usr/share/perl/man/man3/NDBM_File.3.gz OLD_FILES+=usr/share/perl/man/man3/Net::Ping.3.gz OLD_FILES+=usr/share/perl/man/man3/Net::hostent.3.gz OLD_FILES+=usr/share/perl/man/man3/Net::netent.3.gz OLD_FILES+=usr/share/perl/man/man3/Net::protoent.3.gz OLD_FILES+=usr/share/perl/man/man3/Net::servent.3.gz OLD_FILES+=usr/share/perl/man/man3/O.3.gz OLD_FILES+=usr/share/perl/man/man3/ODBM_File.3.gz OLD_FILES+=usr/share/perl/man/man3/Opcode.3.gz OLD_FILES+=usr/share/perl/man/man3/POSIX.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Html.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Text.3.gz OLD_FILES+=usr/share/perl/man/man3/SDBM_File.3.gz OLD_FILES+=usr/share/perl/man/man3/Safe.3.gz OLD_FILES+=usr/share/perl/man/man3/Search::Dict.3.gz OLD_FILES+=usr/share/perl/man/man3/SelectSaver.3.gz OLD_FILES+=usr/share/perl/man/man3/SelfLoader.3.gz OLD_FILES+=usr/share/perl/man/man3/Shell.3.gz OLD_FILES+=usr/share/perl/man/man3/Socket.3.gz OLD_FILES+=usr/share/perl/man/man3/Symbol.3.gz OLD_FILES+=usr/share/perl/man/man3/re.3.gz OLD_FILES+=usr/share/perl/man/man3/Sys::Hostname.3.gz OLD_FILES+=usr/share/perl/man/man3/Sys::Syslog.3.gz OLD_FILES+=usr/share/perl/man/man3/Term::Cap.3.gz OLD_FILES+=usr/share/perl/man/man3/Term::Complete.3.gz OLD_FILES+=usr/share/perl/man/man3/Term::ReadLine.3.gz OLD_FILES+=usr/share/perl/man/man3/Test.3.gz OLD_FILES+=usr/share/perl/man/man3/Test::Harness.3.gz OLD_FILES+=usr/share/perl/man/man3/Text::Abbrev.3.gz OLD_FILES+=usr/share/perl/man/man3/Text::ParseWords.3.gz OLD_FILES+=usr/share/perl/man/man3/Text::Soundex.3.gz OLD_FILES+=usr/share/perl/man/man3/Text::Tabs.3.gz OLD_FILES+=usr/share/perl/man/man3/Text::Wrap.3.gz OLD_FILES+=usr/share/perl/man/man3/Thread.3.gz OLD_FILES+=usr/share/perl/man/man3/Thread::Queue.3.gz OLD_FILES+=usr/share/perl/man/man3/Thread::Semaphore.3.gz OLD_FILES+=usr/share/perl/man/man3/Thread::Signal.3.gz OLD_FILES+=usr/share/perl/man/man3/Thread::Specific.3.gz OLD_FILES+=usr/share/perl/man/man3/Tie::Array.3.gz OLD_FILES+=usr/share/perl/man/man3/Tie::Handle.3.gz OLD_FILES+=usr/share/perl/man/man3/Tie::Hash.3.gz OLD_FILES+=usr/share/perl/man/man3/Tie::RefHash.3.gz OLD_FILES+=usr/share/perl/man/man3/Tie::Scalar.3.gz OLD_FILES+=usr/share/perl/man/man3/Tie::SubstrHash.3.gz OLD_FILES+=usr/share/perl/man/man3/Time::Local.3.gz OLD_FILES+=usr/share/perl/man/man3/Time::gmtime.3.gz OLD_FILES+=usr/share/perl/man/man3/Time::localtime.3.gz OLD_FILES+=usr/share/perl/man/man3/Time::tm.3.gz OLD_FILES+=usr/share/perl/man/man3/UNIVERSAL.3.gz OLD_FILES+=usr/share/perl/man/man3/User::grent.3.gz OLD_FILES+=usr/share/perl/man/man3/User::pwent.3.gz OLD_FILES+=usr/share/perl/man/man3/attrs.3.gz OLD_FILES+=usr/share/perl/man/man3/autouse.3.gz OLD_FILES+=usr/share/perl/man/man3/base.3.gz OLD_FILES+=usr/share/perl/man/man3/blib.3.gz OLD_FILES+=usr/share/perl/man/man3/constant.3.gz OLD_FILES+=usr/share/perl/man/man3/diagnostics.3.gz OLD_FILES+=usr/share/perl/man/man3/fields.3.gz OLD_FILES+=usr/share/perl/man/man3/integer.3.gz OLD_FILES+=usr/share/perl/man/man3/less.3.gz OLD_FILES+=usr/share/perl/man/man3/lib.3.gz OLD_FILES+=usr/share/perl/man/man3/locale.3.gz OLD_FILES+=usr/share/perl/man/man3/ops.3.gz OLD_FILES+=usr/share/perl/man/man3/overload.3.gz OLD_FILES+=usr/share/perl/man/man3/sigtrap.3.gz OLD_FILES+=usr/share/perl/man/man3/strict.3.gz OLD_FILES+=usr/share/perl/man/man3/subs.3.gz OLD_FILES+=usr/share/perl/man/man3/vars.3.gz OLD_FILES+=usr/share/perl/man/man3/B::Stash.3.gz OLD_FILES+=usr/share/perl/man/man3/ByteLoader.3.gz OLD_FILES+=usr/share/perl/man/man3/CGI::Pretty.3.gz OLD_FILES+=usr/share/perl/man/man3/Carp::Heavy.3.gz OLD_FILES+=usr/share/perl/man/man3/DB.3.gz OLD_FILES+=usr/share/perl/man/man3/DProf::DProf.3.gz OLD_FILES+=usr/share/perl/man/man3/Exporter::Heavy.3.gz OLD_FILES+=usr/share/perl/man/man3/ExtUtils::MM_Cygwin.3.gz OLD_FILES+=usr/share/perl/man/man3/File::Glob.3.gz OLD_FILES+=usr/share/perl/man/man3/Glob::Glob.3.gz OLD_FILES+=usr/share/perl/man/man3/Hostname::Hostname.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::Dir.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::Poll.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::Socket::INET.3.gz OLD_FILES+=usr/share/perl/man/man3/IO::Socket::UNIX.3.gz OLD_FILES+=usr/share/perl/man/man3/Peek::Peek.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Checker.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Find.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::InputObjects.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Man.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::ParseUtils.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Parser.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Plainer.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Select.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Text::Color.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Text::Termcap.3.gz OLD_FILES+=usr/share/perl/man/man3/Pod::Usage.3.gz OLD_FILES+=usr/share/perl/man/man3/Syslog::Syslog.3.gz OLD_FILES+=usr/share/perl/man/man3/Term::ANSIColor.3.gz OLD_FILES+=usr/share/perl/man/man3/XSLoader.3.gz OLD_FILES+=usr/share/perl/man/man3/attributes.3.gz OLD_FILES+=usr/share/perl/man/man3/bytes.3.gz OLD_FILES+=usr/share/perl/man/man3/charnames.3.gz OLD_FILES+=usr/share/perl/man/man3/filetest.3.gz OLD_FILES+=usr/share/perl/man/man3/open.3.gz OLD_FILES+=usr/share/perl/man/man3/utf8.3.gz OLD_FILES+=usr/share/perl/man/man3/warnings.3.gz OLD_FILES+=usr/share/perl/man/man3/warnings::register.3.gz OLD_FILES+=usr/share/perl/man/whatis OLD_FILES+=usr/share/man/man1/CA.pl.1.gz OLD_FILES+=usr/share/man/man1/asn1parse.1.gz OLD_FILES+=usr/share/man/man1/ca.1.gz OLD_FILES+=usr/share/man/man1/ciphers.1.gz OLD_FILES+=usr/share/man/man1/config.1.gz OLD_FILES+=usr/share/man/man1/crl.1.gz OLD_FILES+=usr/share/man/man1/crl2pkcs7.1.gz OLD_FILES+=usr/share/man/man1/dgst.1.gz OLD_FILES+=usr/share/man/man1/dhparam.1.gz OLD_FILES+=usr/share/man/man1/doscmd.1.gz OLD_FILES+=usr/share/man/man1/dsa.1.gz OLD_FILES+=usr/share/man/man1/dsaparam.1.gz OLD_FILES+=usr/share/man/man1/enc.1.gz OLD_FILES+=usr/share/man/man1/gendsa.1.gz OLD_FILES+=usr/share/man/man1/genrsa.1.gz OLD_FILES+=usr/share/man/man1/getNAME.1.gz OLD_FILES+=usr/share/man/man1/nseq.1.gz OLD_FILES+=usr/share/man/man1/ocsp.1.gz OLD_FILES+=usr/share/man/man1/openssl.1.gz OLD_FILES+=usr/share/man/man1/perl.1.gz OLD_FILES+=usr/share/man/man1/perl5004delta.1.gz OLD_FILES+=usr/share/man/man1/perlapio.1.gz OLD_FILES+=usr/share/man/man1/perlbook.1.gz OLD_FILES+=usr/share/man/man1/perlbot.1.gz OLD_FILES+=usr/share/man/man1/perlcall.1.gz OLD_FILES+=usr/share/man/man1/perldata.1.gz OLD_FILES+=usr/share/man/man1/perldebug.1.gz OLD_FILES+=usr/share/man/man1/perldelta.1.gz OLD_FILES+=usr/share/man/man1/perldiag.1.gz OLD_FILES+=usr/share/man/man1/perldsc.1.gz OLD_FILES+=usr/share/man/man1/perlembed.1.gz OLD_FILES+=usr/share/man/man1/perlfaq.1.gz OLD_FILES+=usr/share/man/man1/perlfaq1.1.gz OLD_FILES+=usr/share/man/man1/perlfaq2.1.gz OLD_FILES+=usr/share/man/man1/perlfaq3.1.gz OLD_FILES+=usr/share/man/man1/perlfaq4.1.gz OLD_FILES+=usr/share/man/man1/perlfaq5.1.gz OLD_FILES+=usr/share/man/man1/perlfaq6.1.gz OLD_FILES+=usr/share/man/man1/perlfaq7.1.gz OLD_FILES+=usr/share/man/man1/perlfaq8.1.gz OLD_FILES+=usr/share/man/man1/perlfaq9.1.gz OLD_FILES+=usr/share/man/man1/perlform.1.gz OLD_FILES+=usr/share/man/man1/perlfunc.1.gz OLD_FILES+=usr/share/man/man1/perlguts.1.gz OLD_FILES+=usr/share/man/man1/perlhist.1.gz OLD_FILES+=usr/share/man/man1/perlipc.1.gz OLD_FILES+=usr/share/man/man1/perllocale.1.gz OLD_FILES+=usr/share/man/man1/perllol.1.gz OLD_FILES+=usr/share/man/man1/perlmod.1.gz OLD_FILES+=usr/share/man/man1/perlmodinstall.1.gz OLD_FILES+=usr/share/man/man1/perlmodlib.1.gz OLD_FILES+=usr/share/man/man1/perlobj.1.gz OLD_FILES+=usr/share/man/man1/perlop.1.gz OLD_FILES+=usr/share/man/man1/perlopentut.1.gz OLD_FILES+=usr/share/man/man1/perlpod.1.gz OLD_FILES+=usr/share/man/man1/perlport.1.gz OLD_FILES+=usr/share/man/man1/perlre.1.gz OLD_FILES+=usr/share/man/man1/perlref.1.gz OLD_FILES+=usr/share/man/man1/perlreftut.1.gz OLD_FILES+=usr/share/man/man1/perlrun.1.gz OLD_FILES+=usr/share/man/man1/perlsec.1.gz OLD_FILES+=usr/share/man/man1/perlstyle.1.gz OLD_FILES+=usr/share/man/man1/perlsub.1.gz OLD_FILES+=usr/share/man/man1/perlsyn.1.gz OLD_FILES+=usr/share/man/man1/perlthrtut.1.gz OLD_FILES+=usr/share/man/man1/perltie.1.gz OLD_FILES+=usr/share/man/man1/perltoc.1.gz OLD_FILES+=usr/share/man/man1/perltoot.1.gz OLD_FILES+=usr/share/man/man1/perltrap.1.gz OLD_FILES+=usr/share/man/man1/perlvar.1.gz OLD_FILES+=usr/share/man/man1/perlxs.1.gz OLD_FILES+=usr/share/man/man1/perlxstut.1.gz OLD_FILES+=usr/share/man/man1/perlbug.1.gz OLD_FILES+=usr/share/man/man1/perlcc.1.gz OLD_FILES+=usr/share/man/man1/perldoc.1.gz OLD_FILES+=usr/share/man/man1/perl5005delta.1.gz OLD_FILES+=usr/share/man/man1/perlfork.1.gz OLD_FILES+=usr/share/man/man1/perlboot.1.gz OLD_FILES+=usr/share/man/man1/perltootc.1.gz OLD_FILES+=usr/share/man/man1/perldbmfilter.1.gz OLD_FILES+=usr/share/man/man1/perldebguts.1.gz OLD_FILES+=usr/share/man/man1/perlnumber.1.gz OLD_FILES+=usr/share/man/man1/perlcompile.1.gz OLD_FILES+=usr/share/man/man1/perltodo.1.gz OLD_FILES+=usr/share/man/man1/perlapi.1.gz OLD_FILES+=usr/share/man/man1/perlintern.1.gz OLD_FILES+=usr/share/man/man1/perlhack.1.gz OLD_FILES+=usr/share/man/man1/perlbc.1.gz OLD_FILES+=usr/share/man/man1/pkcs12.1.gz OLD_FILES+=usr/share/man/man1/pkcs7.1.gz OLD_FILES+=usr/share/man/man1/pkcs8.1.gz OLD_FILES+=usr/share/man/man1/rand.1.gz OLD_FILES+=usr/share/man/man1/req.1.gz OLD_FILES+=usr/share/man/man1/rsa.1.gz OLD_FILES+=usr/share/man/man1/rsautl.1.gz OLD_FILES+=usr/share/man/man1/s_client.1.gz OLD_FILES+=usr/share/man/man1/s_server.1.gz OLD_FILES+=usr/share/man/man1/sess_id.1.gz OLD_FILES+=usr/share/man/man1/smime.1.gz OLD_FILES+=usr/share/man/man1/speed.1.gz OLD_FILES+=usr/share/man/man1/spkac.1.gz OLD_FILES+=usr/share/man/man1/verify.1.gz OLD_FILES+=usr/share/man/man1/version.1.gz OLD_FILES+=usr/share/man/man1/x509.1.gz OLD_FILES+=usr/share/man/man3/SSL_COMP_add_compression_method.3.gz OLD_FILES+=usr/share/man/man3/SSL_CTX_get_ex_new_index.3.gz OLD_FILES+=usr/share/man/man3/archive_entry_dup.3.gz OLD_FILES+=usr/share/man/man3/archive_entry_set_tartype.3.gz OLD_FILES+=usr/share/man/man3/archive_entry_tartype.3.gz OLD_FILES+=usr/share/man/man3/archive_read_data_into_file.3.gz OLD_FILES+=usr/share/man/man3/archive_read_open_tar.3.gz OLD_FILES+=usr/share/man/man3/archive_read_support_format_gnutar.3.gz OLD_FILES+=usr/share/man/man3/cipher.3.gz OLD_FILES+=usr/share/man/man3/des_cipher.3.gz OLD_FILES+=usr/share/man/man3/des_setkey.3.gz OLD_FILES+=usr/share/man/man3/encrypt.3.gz OLD_FILES+=usr/share/man/man3/endvfsent.3.gz OLD_FILES+=usr/share/man/man3/getvfsbytype.3.gz OLD_FILES+=usr/share/man/man3/getvfsent.3.gz OLD_FILES+=usr/share/man/man3/isnanf.3.gz OLD_FILES+=usr/share/man/man3/libautofs.3.gz OLD_FILES+=usr/share/man/man3/pthread_attr_setsstack.3.gz OLD_FILES+=usr/share/man/man3/pthread_getcancelstate.3.gz OLD_FILES+=usr/share/man/man3/pthread_mutexattr_getpshared.3.gz OLD_FILES+=usr/share/man/man3/pthread_mutexattr_setpshared.3.gz OLD_FILES+=usr/share/man/man3/set_assertion_failure_callback.3.gz OLD_FILES+=usr/share/man/man3/setkey.3.gz OLD_FILES+=usr/share/man/man3/setvfsent.3.gz OLD_FILES+=usr/share/man/man3/ssl.3.gz OLD_FILES+=usr/share/man/man3/vfsisloadable.3.gz OLD_FILES+=usr/share/man/man3/vfsload.3.gz OLD_FILES+=usr/share/man/man4/als4000.4.gz OLD_FILES+=usr/share/man/man4/csa.4.gz OLD_FILES+=usr/share/man/man4/emu10k1.4.gz OLD_FILES+=usr/share/man/man4/euc.4.gz OLD_FILES+=usr/share/man/man4/gusc.4.gz OLD_FILES+=usr/share/man/man4/if_fwp.4.gz OLD_FILES+=usr/share/man/man4/lomac.4.gz OLD_FILES+=usr/share/man/man4/maestro3.4.gz OLD_FILES+=usr/share/man/man4/raid.4.gz OLD_FILES+=usr/share/man/man4/sbc.4.gz OLD_FILES+=usr/share/man/man4/sd.4.gz OLD_FILES+=usr/share/man/man4/snc.4.gz OLD_FILES+=usr/share/man/man4/st.4.gz OLD_FILES+=usr/share/man/man4/uaudio.4.gz OLD_FILES+=usr/share/man/man4/utf2.4.gz OLD_FILES+=usr/share/man/man4/vinumdebug.4.gz OLD_FILES+=usr/share/man/man5/disklabel.5.gz OLD_FILES+=usr/share/man/man5/dm.conf.5.gz OLD_FILES+=usr/share/man/man5/ranlib.5.gz OLD_FILES+=usr/share/man/man5/utf2.5.gz OLD_FILES+=usr/share/man/man7/groff_mwww.7.gz OLD_FILES+=usr/share/man/man7/mmroff.7.gz OLD_FILES+=usr/share/man/man7/mwww.7.gz OLD_FILES+=usr/share/man/man7/style.perl.7.gz OLD_FILES+=usr/share/man/man8/apm.8.gz OLD_FILES+=usr/share/man/man8/apmconf.8.gz OLD_FILES+=usr/share/man/man8/apmd.8.gz OLD_FILES+=usr/share/man/man8/dm.8.gz OLD_FILES+=usr/share/man/man8/pam_ftp.8.gz OLD_FILES+=usr/share/man/man8/pam_wheel.8.gz OLD_FILES+=usr/share/man/man8/sconfig.8.gz OLD_FILES+=usr/share/man/man8/ssl.8.gz OLD_FILES+=usr/share/man/man8/wlconfig.8.gz OLD_FILES+=usr/share/man/man9/CURSIG.9.gz OLD_FILES+=usr/share/man/man9/VFS_INIT.9.gz OLD_FILES+=usr/share/man/man9/at_exit.9.gz OLD_FILES+=usr/share/man/man9/at_fork.9.gz OLD_FILES+=usr/share/man/man9/cdevsw_add.9.gz OLD_FILES+=usr/share/man/man9/cdevsw_remove.9.gz OLD_FILES+=usr/share/man/man9/cv_waitq_empty.9.gz OLD_FILES+=usr/share/man/man9/cv_waitq_remove.9.gz OLD_FILES+=usr/share/man/man9/endtsleep.9.gz OLD_FILES+=usr/share/man/man9/jumbo.9.gz OLD_FILES+=usr/share/man/man9/jumbo_freem.9.gz OLD_FILES+=usr/share/man/man9/jumbo_pg_alloc.9.gz OLD_FILES+=usr/share/man/man9/jumbo_pg_free.9.gz OLD_FILES+=usr/share/man/man9/jumbo_pg_steal.9.gz OLD_FILES+=usr/share/man/man9/jumbo_phys_to_kva.9.gz OLD_FILES+=usr/share/man/man9/jumbo_vm_init.9.gz OLD_FILES+=usr/share/man/man9/mac_biba.9.gz OLD_FILES+=usr/share/man/man9/mac_bsdextended.9.gz OLD_FILES+=usr/share/man/man9/mono_time.9.gz OLD_FILES+=usr/share/man/man9/p1003_1b.9.gz OLD_FILES+=usr/share/man/man9/pmap_prefault.9.gz OLD_FILES+=usr/share/man/man9/posix4.9.gz OLD_FILES+=usr/share/man/man9/resource_query_name.9.gz OLD_FILES+=usr/share/man/man9/resource_query_string.9.gz OLD_FILES+=usr/share/man/man9/resource_query_unit.9.gz OLD_FILES+=usr/share/man/man9/rm_at_exit.9.gz OLD_FILES+=usr/share/man/man9/rm_at_fork.9.gz OLD_FILES+=usr/share/man/man9/runtime.9.gz OLD_FILES+=usr/share/man/man9/sleepinit.9.gz OLD_FILES+=usr/share/man/man9/unsleep.9.gz OLD_FILES+=usr/share/man/ja/man1/perl.1.gz OLD_FILES+=usr/share/games/atc/Game_List OLD_FILES+=usr/share/games/atc/Killer OLD_FILES+=usr/share/games/atc/crossover OLD_FILES+=usr/share/games/atc/default OLD_FILES+=usr/share/games/atc/easy OLD_FILES+=usr/share/games/atc/game_2 OLD_FILES+=usr/share/games/larn/larnmaze OLD_FILES+=usr/share/games/larn/larnopts OLD_FILES+=usr/share/games/larn/larn.help OLD_FILES+=usr/share/games/quiz.db/africa OLD_FILES+=usr/share/games/quiz.db/america OLD_FILES+=usr/share/games/quiz.db/areas OLD_FILES+=usr/share/games/quiz.db/arith OLD_FILES+=usr/share/games/quiz.db/asia OLD_FILES+=usr/share/games/quiz.db/babies OLD_FILES+=usr/share/games/quiz.db/bard OLD_FILES+=usr/share/games/quiz.db/chinese OLD_FILES+=usr/share/games/quiz.db/collectives OLD_FILES+=usr/share/games/quiz.db/ed OLD_FILES+=usr/share/games/quiz.db/elements OLD_FILES+=usr/share/games/quiz.db/europe OLD_FILES+=usr/share/games/quiz.db/flowers OLD_FILES+=usr/share/games/quiz.db/greek OLD_FILES+=usr/share/games/quiz.db/inca OLD_FILES+=usr/share/games/quiz.db/index OLD_FILES+=usr/share/games/quiz.db/latin OLD_FILES+=usr/share/games/quiz.db/locomotive OLD_FILES+=usr/share/games/quiz.db/midearth OLD_FILES+=usr/share/games/quiz.db/morse OLD_FILES+=usr/share/games/quiz.db/murders OLD_FILES+=usr/share/games/quiz.db/poetry OLD_FILES+=usr/share/games/quiz.db/posneg OLD_FILES+=usr/share/games/quiz.db/pres OLD_FILES+=usr/share/games/quiz.db/province OLD_FILES+=usr/share/games/quiz.db/seq-easy OLD_FILES+=usr/share/games/quiz.db/seq-hard OLD_FILES+=usr/share/games/quiz.db/sexes OLD_FILES+=usr/share/games/quiz.db/sov OLD_FILES+=usr/share/games/quiz.db/spell OLD_FILES+=usr/share/games/quiz.db/state OLD_FILES+=usr/share/games/quiz.db/trek OLD_FILES+=usr/share/games/quiz.db/ucc OLD_FILES+=usr/share/games/cribbage.instr OLD_FILES+=usr/share/games/fish.instr OLD_FILES+=usr/share/games/wump.info OLD_FILES+=usr/games/hide/adventure OLD_FILES+=usr/games/hide/arithmetic OLD_FILES+=usr/games/hide/atc OLD_FILES+=usr/games/hide/backgammon OLD_FILES+=usr/games/hide/teachgammon OLD_FILES+=usr/games/hide/battlestar OLD_FILES+=usr/games/hide/bs OLD_FILES+=usr/games/hide/canfield OLD_FILES+=usr/games/hide/cribbage OLD_FILES+=usr/games/hide/fish OLD_FILES+=usr/games/hide/hack OLD_FILES+=usr/games/hide/hangman OLD_FILES+=usr/games/hide/larn OLD_FILES+=usr/games/hide/mille OLD_FILES+=usr/games/hide/phantasia OLD_FILES+=usr/games/hide/quiz OLD_FILES+=usr/games/hide/robots OLD_FILES+=usr/games/hide/rogue OLD_FILES+=usr/games/hide/sail OLD_FILES+=usr/games/hide/snake OLD_FILES+=usr/games/hide/trek OLD_FILES+=usr/games/hide/worm OLD_FILES+=usr/games/hide/wump OLD_FILES+=usr/games/adventure OLD_FILES+=usr/games/arithmetic OLD_FILES+=usr/games/atc OLD_FILES+=usr/games/backgammon OLD_FILES+=usr/games/teachgammon OLD_FILES+=usr/games/battlestar OLD_FILES+=usr/games/bs OLD_FILES+=usr/games/canfield OLD_FILES+=usr/games/cfscores OLD_FILES+=usr/games/cribbage OLD_FILES+=usr/games/dm OLD_FILES+=usr/games/fish OLD_FILES+=usr/games/hack OLD_FILES+=usr/games/hangman OLD_FILES+=usr/games/larn OLD_FILES+=usr/games/mille OLD_FILES+=usr/games/phantasia OLD_FILES+=usr/games/piano OLD_FILES+=usr/games/pig OLD_FILES+=usr/games/quiz OLD_FILES+=usr/games/rain OLD_FILES+=usr/games/robots OLD_FILES+=usr/games/rogue OLD_FILES+=usr/games/sail OLD_FILES+=usr/games/snake OLD_FILES+=usr/games/snscore OLD_FILES+=usr/games/trek OLD_FILES+=usr/games/wargames OLD_FILES+=usr/games/worm OLD_FILES+=usr/games/worms OLD_FILES+=usr/games/wump OLD_FILES+=sbin/mount_reiserfs OLD_FILES+=usr/include/cam/cam_extend.h OLD_FILES+=usr/include/dev/wi/wi_hostap.h OLD_FILES+=usr/include/disktab.h OLD_FILES+=usr/include/g++/FlexLexer.h OLD_FILES+=usr/include/g++/PlotFile.h OLD_FILES+=usr/include/g++/SFile.h OLD_FILES+=usr/include/g++/_G_config.h OLD_FILES+=usr/include/g++/algo.h OLD_FILES+=usr/include/g++/algobase.h OLD_FILES+=usr/include/g++/algorithm OLD_FILES+=usr/include/g++/alloc.h OLD_FILES+=usr/include/g++/bitset OLD_FILES+=usr/include/g++/builtinbuf.h OLD_FILES+=usr/include/g++/bvector.h OLD_FILES+=usr/include/g++/cassert OLD_FILES+=usr/include/g++/cctype OLD_FILES+=usr/include/g++/cerrno OLD_FILES+=usr/include/g++/cfloat OLD_FILES+=usr/include/g++/ciso646 OLD_FILES+=usr/include/g++/climits OLD_FILES+=usr/include/g++/clocale OLD_FILES+=usr/include/g++/cmath OLD_FILES+=usr/include/g++/complex OLD_FILES+=usr/include/g++/complex.h OLD_FILES+=usr/include/g++/csetjmp OLD_FILES+=usr/include/g++/csignal OLD_FILES+=usr/include/g++/cstdarg OLD_FILES+=usr/include/g++/cstddef OLD_FILES+=usr/include/g++/cstdio OLD_FILES+=usr/include/g++/cstdlib OLD_FILES+=usr/include/g++/cstring OLD_FILES+=usr/include/g++/ctime OLD_FILES+=usr/include/g++/cwchar OLD_FILES+=usr/include/g++/cwctype OLD_FILES+=usr/include/g++/defalloc.h OLD_FILES+=usr/include/g++/deque OLD_FILES+=usr/include/g++/deque.h OLD_FILES+=usr/include/g++/editbuf.h OLD_FILES+=usr/include/g++/exception OLD_FILES+=usr/include/g++/floatio.h OLD_FILES+=usr/include/g++/fstream OLD_FILES+=usr/include/g++/fstream.h OLD_FILES+=usr/include/g++/function.h OLD_FILES+=usr/include/g++/functional OLD_FILES+=usr/include/g++/hash_map OLD_FILES+=usr/include/g++/hash_map.h OLD_FILES+=usr/include/g++/hash_set OLD_FILES+=usr/include/g++/hash_set.h OLD_FILES+=usr/include/g++/hashtable.h OLD_FILES+=usr/include/g++/heap.h OLD_FILES+=usr/include/g++/indstream.h OLD_FILES+=usr/include/g++/iolibio.h OLD_FILES+=usr/include/g++/iomanip OLD_FILES+=usr/include/g++/iomanip.h OLD_FILES+=usr/include/g++/iosfwd OLD_FILES+=usr/include/g++/iostdio.h OLD_FILES+=usr/include/g++/iostream OLD_FILES+=usr/include/g++/iostream.h OLD_FILES+=usr/include/g++/iostreamP.h OLD_FILES+=usr/include/g++/istream.h OLD_FILES+=usr/include/g++/iterator OLD_FILES+=usr/include/g++/iterator.h OLD_FILES+=usr/include/g++/libio.h OLD_FILES+=usr/include/g++/libioP.h OLD_FILES+=usr/include/g++/list OLD_FILES+=usr/include/g++/list.h OLD_FILES+=usr/include/g++/map OLD_FILES+=usr/include/g++/map.h OLD_FILES+=usr/include/g++/memory OLD_FILES+=usr/include/g++/multimap.h OLD_FILES+=usr/include/g++/multiset.h OLD_FILES+=usr/include/g++/new OLD_FILES+=usr/include/g++/new.h OLD_FILES+=usr/include/g++/numeric OLD_FILES+=usr/include/g++/ostream.h OLD_FILES+=usr/include/g++/pair.h OLD_FILES+=usr/include/g++/parsestream.h OLD_FILES+=usr/include/g++/pfstream.h OLD_FILES+=usr/include/g++/procbuf.h OLD_FILES+=usr/include/g++/pthread_alloc OLD_FILES+=usr/include/g++/pthread_alloc.h OLD_FILES+=usr/include/g++/queue OLD_FILES+=usr/include/g++/rope OLD_FILES+=usr/include/g++/rope.h OLD_FILES+=usr/include/g++/ropeimpl.h OLD_FILES+=usr/include/g++/set OLD_FILES+=usr/include/g++/set.h OLD_FILES+=usr/include/g++/slist OLD_FILES+=usr/include/g++/slist.h OLD_FILES+=usr/include/g++/sstream OLD_FILES+=usr/include/g++/stack OLD_FILES+=usr/include/g++/stack.h OLD_FILES+=usr/include/g++/std/bastring.cc OLD_FILES+=usr/include/g++/std/bastring.h OLD_FILES+=usr/include/g++/std/complext.cc OLD_FILES+=usr/include/g++/std/complext.h OLD_FILES+=usr/include/g++/std/dcomplex.h OLD_FILES+=usr/include/g++/std/fcomplex.h OLD_FILES+=usr/include/g++/std/gslice.h OLD_FILES+=usr/include/g++/std/gslice_array.h OLD_FILES+=usr/include/g++/std/indirect_array.h OLD_FILES+=usr/include/g++/std/ldcomplex.h OLD_FILES+=usr/include/g++/std/mask_array.h OLD_FILES+=usr/include/g++/std/slice.h OLD_FILES+=usr/include/g++/std/slice_array.h OLD_FILES+=usr/include/g++/std/std_valarray.h OLD_FILES+=usr/include/g++/std/straits.h OLD_FILES+=usr/include/g++/std/valarray_array.h OLD_FILES+=usr/include/g++/std/valarray_array.tcc OLD_FILES+=usr/include/g++/std/valarray_meta.h OLD_FILES+=usr/include/g++/stdexcept OLD_FILES+=usr/include/g++/stdiostream.h OLD_FILES+=usr/include/g++/stl.h OLD_FILES+=usr/include/g++/stl_algo.h OLD_FILES+=usr/include/g++/stl_algobase.h OLD_FILES+=usr/include/g++/stl_alloc.h OLD_FILES+=usr/include/g++/stl_bvector.h OLD_FILES+=usr/include/g++/stl_config.h OLD_FILES+=usr/include/g++/stl_construct.h OLD_FILES+=usr/include/g++/stl_deque.h OLD_FILES+=usr/include/g++/stl_function.h OLD_FILES+=usr/include/g++/stl_hash_fun.h OLD_FILES+=usr/include/g++/stl_hash_map.h OLD_FILES+=usr/include/g++/stl_hash_set.h OLD_FILES+=usr/include/g++/stl_hashtable.h OLD_FILES+=usr/include/g++/stl_heap.h OLD_FILES+=usr/include/g++/stl_iterator.h OLD_FILES+=usr/include/g++/stl_list.h OLD_FILES+=usr/include/g++/stl_map.h OLD_FILES+=usr/include/g++/stl_multimap.h OLD_FILES+=usr/include/g++/stl_multiset.h OLD_FILES+=usr/include/g++/stl_numeric.h OLD_FILES+=usr/include/g++/stl_pair.h OLD_FILES+=usr/include/g++/stl_queue.h OLD_FILES+=usr/include/g++/stl_raw_storage_iter.h OLD_FILES+=usr/include/g++/stl_relops.h OLD_FILES+=usr/include/g++/stl_rope.h OLD_FILES+=usr/include/g++/stl_set.h OLD_FILES+=usr/include/g++/stl_slist.h OLD_FILES+=usr/include/g++/stl_stack.h OLD_FILES+=usr/include/g++/stl_tempbuf.h OLD_FILES+=usr/include/g++/stl_tree.h OLD_FILES+=usr/include/g++/stl_uninitialized.h OLD_FILES+=usr/include/g++/stl_vector.h OLD_FILES+=usr/include/g++/stream.h OLD_FILES+=usr/include/g++/streambuf.h OLD_FILES+=usr/include/g++/strfile.h OLD_FILES+=usr/include/g++/string OLD_FILES+=usr/include/g++/strstream OLD_FILES+=usr/include/g++/strstream.h OLD_FILES+=usr/include/g++/tempbuf.h OLD_FILES+=usr/include/g++/tree.h OLD_FILES+=usr/include/g++/type_traits.h OLD_FILES+=usr/include/g++/typeinfo OLD_FILES+=usr/include/g++/utility OLD_FILES+=usr/include/g++/valarray OLD_FILES+=usr/include/g++/vector OLD_FILES+=usr/include/g++/vector.h OLD_FILES+=usr/include/gmp.h OLD_FILES+=usr/include/isc/assertions.h OLD_FILES+=usr/include/isc/ctl.h OLD_FILES+=usr/include/isc/dst.h OLD_FILES+=usr/include/isc/eventlib.h OLD_FILES+=usr/include/isc/heap.h OLD_FILES+=usr/include/isc/irpmarshall.h OLD_FILES+=usr/include/isc/list.h OLD_FILES+=usr/include/isc/logging.h OLD_FILES+=usr/include/isc/memcluster.h OLD_FILES+=usr/include/isc/misc.h OLD_FILES+=usr/include/isc/tree.h OLD_FILES+=usr/include/machine/ansi.h OLD_FILES+=usr/include/machine/apic.h OLD_FILES+=usr/include/machine/asc_ioctl.h OLD_FILES+=usr/include/machine/asnames.h OLD_FILES+=usr/include/machine/bus_at386.h OLD_FILES+=usr/include/machine/bus_memio.h OLD_FILES+=usr/include/machine/bus_pc98.h OLD_FILES+=usr/include/machine/bus_pio.h OLD_FILES+=usr/include/machine/cdk.h OLD_FILES+=usr/include/machine/comstats.h OLD_FILES+=usr/include/machine/console.h OLD_FILES+=usr/include/machine/critical.h OLD_FILES+=usr/include/machine/cronyx.h OLD_FILES+=usr/include/machine/dvcfg.h OLD_FILES+=usr/include/machine/globaldata.h OLD_FILES+=usr/include/machine/globals.h OLD_FILES+=usr/include/machine/gsc.h OLD_FILES+=usr/include/machine/i4b_isppp.h OLD_FILES+=usr/include/machine/if_wavelan_ieee.h OLD_FILES+=usr/include/machine/iic.h OLD_FILES+=usr/include/machine/ioctl_ctx.h OLD_FILES+=usr/include/machine/ioctl_fd.h OLD_FILES+=usr/include/machine/ipl.h OLD_FILES+=usr/include/machine/lock.h OLD_FILES+=usr/include/machine/mouse.h OLD_FILES+=usr/include/machine/mpapic.h OLD_FILES+=usr/include/machine/mtpr.h OLD_FILES+=usr/include/machine/pc/msdos.h OLD_FILES+=usr/include/machine/physio_proc.h OLD_FILES+=usr/include/machine/smb.h OLD_FILES+=usr/include/machine/spigot.h OLD_FILES+=usr/include/machine/types.h OLD_FILES+=usr/include/machine/uc_device.h OLD_FILES+=usr/include/machine/ultrasound.h OLD_FILES+=usr/include/machine/wtio.h OLD_FILES+=usr/include/msdosfs/bootsect.h OLD_FILES+=usr/include/msdosfs/bpb.h OLD_FILES+=usr/include/msdosfs/denode.h OLD_FILES+=usr/include/msdosfs/direntry.h OLD_FILES+=usr/include/msdosfs/fat.h OLD_FILES+=usr/include/msdosfs/msdosfsmount.h OLD_FILES+=usr/include/net/hostcache.h OLD_FILES+=usr/include/net/if_faith.h OLD_FILES+=usr/include/net/if_ieee80211.h OLD_FILES+=usr/include/net/if_tunvar.h OLD_FILES+=usr/include/net/intrq.h OLD_FILES+=usr/include/netatm/kern_include.h OLD_FILES+=usr/include/netinet/if_fddi.h OLD_FILES+=usr/include/netinet/in_hostcache.h OLD_FILES+=usr/include/netinet/ip_flow.h OLD_FILES+=usr/include/netinet/ip_fw2.h OLD_FILES+=usr/include/netinet6/in6_prefix.h OLD_FILES+=usr/include/netns/idp.h OLD_FILES+=usr/include/netns/idp_var.h OLD_FILES+=usr/include/netns/ns.h OLD_FILES+=usr/include/netns/ns_error.h OLD_FILES+=usr/include/netns/ns_if.h OLD_FILES+=usr/include/netns/ns_pcb.h OLD_FILES+=usr/include/netns/sp.h OLD_FILES+=usr/include/netns/spidp.h OLD_FILES+=usr/include/netns/spp_debug.h OLD_FILES+=usr/include/netns/spp_timer.h OLD_FILES+=usr/include/netns/spp_var.h OLD_FILES+=usr/include/nfs/nfs.h OLD_FILES+=usr/include/nfs/nfsm_subs.h OLD_FILES+=usr/include/nfs/nfsmount.h OLD_FILES+=usr/include/nfs/nfsnode.h OLD_FILES+=usr/include/nfs/nfsrtt.h OLD_FILES+=usr/include/nfs/nfsrvcache.h OLD_FILES+=usr/include/nfs/nfsv2.h OLD_FILES+=usr/include/nfs/nqnfs.h OLD_FILES+=usr/include/ntfs/ntfs.h OLD_FILES+=usr/include/ntfs/ntfs_compr.h OLD_FILES+=usr/include/ntfs/ntfs_ihash.h OLD_FILES+=usr/include/ntfs/ntfs_inode.h OLD_FILES+=usr/include/ntfs/ntfs_subr.h OLD_FILES+=usr/include/ntfs/ntfs_vfsops.h OLD_FILES+=usr/include/ntfs/ntfsmount.h OLD_FILES+=usr/include/nwfs/nwfs.h OLD_FILES+=usr/include/nwfs/nwfs_mount.h OLD_FILES+=usr/include/nwfs/nwfs_node.h OLD_FILES+=usr/include/nwfs/nwfs_subr.h OLD_FILES+=usr/include/posix4/_semaphore.h OLD_FILES+=usr/include/posix4/aio.h OLD_FILES+=usr/include/posix4/ksem.h OLD_FILES+=usr/include/posix4/mqueue.h OLD_FILES+=usr/include/posix4/posix4.h OLD_FILES+=usr/include/posix4/sched.h OLD_FILES+=usr/include/posix4/semaphore.h OLD_DIRS+=usr/include/posix4 OLD_FILES+=usr/include/security/_pam_compat.h OLD_FILES+=usr/include/security/_pam_macros.h OLD_FILES+=usr/include/security/_pam_types.h OLD_FILES+=usr/include/security/pam_malloc.h OLD_FILES+=usr/include/security/pam_misc.h OLD_FILES+=usr/include/skey.h OLD_FILES+=usr/include/strhash.h OLD_FILES+=usr/include/struct.h OLD_FILES+=usr/include/sys/_label.h OLD_FILES+=usr/include/sys/_posix.h OLD_FILES+=usr/include/sys/bus_private.h OLD_FILES+=usr/include/sys/ccdvar.h OLD_FILES+=usr/include/sys/diskslice.h OLD_FILES+=usr/include/sys/dmap.h OLD_FILES+=usr/include/sys/inttypes.h OLD_FILES+=usr/include/sys/jumbo.h OLD_FILES+=usr/include/sys/mac_policy.h OLD_FILES+=usr/include/sys/pbioio.h OLD_FILES+=usr/include/sys/syscall-hide.h OLD_FILES+=usr/include/sys/tprintf.h OLD_FILES+=usr/include/sys/vnioctl.h OLD_FILES+=usr/include/sys/wormio.h OLD_FILES+=usr/include/telnet.h OLD_FILES+=usr/include/ufs/mfs/mfs_extern.h OLD_FILES+=usr/include/ufs/mfs/mfsnode.h OLD_FILES+=usr/include/values.h OLD_FILES+=usr/include/vm/vm_zone.h OLD_FILES+=usr/share/examples/etc/usbd.conf OLD_FILES+=usr/share/examples/meteor/README OLD_FILES+=usr/share/examples/meteor/rgb16.c OLD_FILES+=usr/share/examples/meteor/rgb24.c OLD_FILES+=usr/share/examples/meteor/test-n.c OLD_FILES+=usr/share/examples/meteor/yuvpk.c OLD_FILES+=usr/share/examples/meteor/yuvpl.c OLD_FILES+=usr/share/examples/worm/README OLD_FILES+=usr/share/examples/worm/makecdfs.sh OLD_FILES+=usr/share/groff_font/devlj4/Makefile OLD_FILES+=usr/share/groff_font/devlj4/text.map OLD_FILES+=usr/share/groff_font/devlj4/special.map OLD_FILES+=usr/share/misc/nslookup.help OLD_FILES+=usr/share/sendmail/cf/feature/nodns.m4 OLD_FILES+=usr/share/syscons/keymaps/lat-amer.kbd OLD_FILES+=usr/share/vi/catalog/ru_SU.KOI8-R OLD_FILES+=usr/share/zoneinfo/Africa/Timbuktu OLD_FILES+=usr/share/zoneinfo/Africa/Asmera OLD_FILES+=usr/share/zoneinfo/America/Buenos_Aires OLD_FILES+=usr/share/zoneinfo/America/Cordoba OLD_FILES+=usr/share/zoneinfo/America/Jujuy OLD_FILES+=usr/share/zoneinfo/America/Catamarca OLD_FILES+=usr/share/zoneinfo/America/Mendoza OLD_FILES+=usr/share/zoneinfo/America/Indianapolis OLD_FILES+=usr/share/zoneinfo/America/Louisville OLD_FILES+=usr/share/zoneinfo/America/Argentina/ComodRivadavia OLD_FILES+=usr/share/zoneinfo/Atlantic/Faeroe OLD_FILES+=usr/share/zoneinfo/Europe/Belfast OLD_FILES+=usr/share/zoneinfo/Pacific/Yap OLD_FILES+=usr/share/zoneinfo/SystemV/YST9 OLD_FILES+=usr/share/zoneinfo/SystemV/PST8 OLD_FILES+=usr/share/zoneinfo/SystemV/EST5EDT OLD_FILES+=usr/share/zoneinfo/SystemV/CST6CDT OLD_FILES+=usr/share/zoneinfo/SystemV/MST7MDT OLD_FILES+=usr/share/zoneinfo/SystemV/PST8PDT OLD_FILES+=usr/share/zoneinfo/SystemV/YST9YDT OLD_FILES+=usr/share/zoneinfo/SystemV/HST10 OLD_FILES+=usr/share/zoneinfo/SystemV/MST7 OLD_FILES+=usr/share/zoneinfo/SystemV/EST5 OLD_FILES+=usr/share/zoneinfo/SystemV/AST4ADT OLD_FILES+=usr/share/zoneinfo/SystemV/CST6 OLD_FILES+=usr/share/zoneinfo/SystemV/AST4 OLD_FILES+=usr/share/doc/ntp/accopt.htm OLD_FILES+=usr/share/doc/ntp/assoc.htm OLD_FILES+=usr/share/doc/ntp/audio.htm OLD_FILES+=usr/share/doc/ntp/authopt.htm OLD_FILES+=usr/share/doc/ntp/biblio.htm OLD_FILES+=usr/share/doc/ntp/build.htm OLD_FILES+=usr/share/doc/ntp/clockopt.htm OLD_FILES+=usr/share/doc/ntp/config.htm OLD_FILES+=usr/share/doc/ntp/confopt.htm OLD_FILES+=usr/share/doc/ntp/copyright.htm OLD_FILES+=usr/share/doc/ntp/debug.htm OLD_FILES+=usr/share/doc/ntp/driver1.htm OLD_FILES+=usr/share/doc/ntp/driver10.htm OLD_FILES+=usr/share/doc/ntp/driver11.htm OLD_FILES+=usr/share/doc/ntp/driver12.htm OLD_FILES+=usr/share/doc/ntp/driver16.htm OLD_FILES+=usr/share/doc/ntp/driver18.htm OLD_FILES+=usr/share/doc/ntp/driver19.htm OLD_FILES+=usr/share/doc/ntp/driver2.htm OLD_FILES+=usr/share/doc/ntp/driver20.htm OLD_FILES+=usr/share/doc/ntp/driver22.htm OLD_FILES+=usr/share/doc/ntp/driver23.htm OLD_FILES+=usr/share/doc/ntp/driver24.htm OLD_FILES+=usr/share/doc/ntp/driver26.htm OLD_FILES+=usr/share/doc/ntp/driver27.htm OLD_FILES+=usr/share/doc/ntp/driver28.htm OLD_FILES+=usr/share/doc/ntp/driver29.htm OLD_FILES+=usr/share/doc/ntp/driver3.htm OLD_FILES+=usr/share/doc/ntp/driver30.htm OLD_FILES+=usr/share/doc/ntp/driver32.htm OLD_FILES+=usr/share/doc/ntp/driver33.htm OLD_FILES+=usr/share/doc/ntp/driver34.htm OLD_FILES+=usr/share/doc/ntp/driver35.htm OLD_FILES+=usr/share/doc/ntp/driver36.htm OLD_FILES+=usr/share/doc/ntp/driver37.htm OLD_FILES+=usr/share/doc/ntp/driver4.htm OLD_FILES+=usr/share/doc/ntp/driver5.htm OLD_FILES+=usr/share/doc/ntp/driver6.htm OLD_FILES+=usr/share/doc/ntp/driver7.htm OLD_FILES+=usr/share/doc/ntp/driver8.htm OLD_FILES+=usr/share/doc/ntp/driver9.htm OLD_FILES+=usr/share/doc/ntp/exec.htm OLD_FILES+=usr/share/doc/ntp/extern.htm OLD_FILES+=usr/share/doc/ntp/gadget.htm OLD_FILES+=usr/share/doc/ntp/hints.htm OLD_FILES+=usr/share/doc/ntp/howto.htm OLD_FILES+=usr/share/doc/ntp/htmlprimer.htm OLD_FILES+=usr/share/doc/ntp/index.htm OLD_FILES+=usr/share/doc/ntp/kern.htm OLD_FILES+=usr/share/doc/ntp/kernpps.htm OLD_FILES+=usr/share/doc/ntp/ldisc.htm OLD_FILES+=usr/share/doc/ntp/measure.htm OLD_FILES+=usr/share/doc/ntp/miscopt.htm OLD_FILES+=usr/share/doc/ntp/monopt.htm OLD_FILES+=usr/share/doc/ntp/mx4200data.htm OLD_FILES+=usr/share/doc/ntp/notes.htm OLD_FILES+=usr/share/doc/ntp/ntpd.htm OLD_FILES+=usr/share/doc/ntp/ntpdate.htm OLD_FILES+=usr/share/doc/ntp/ntpdc.htm OLD_FILES+=usr/share/doc/ntp/ntpq.htm OLD_FILES+=usr/share/doc/ntp/ntptime.htm OLD_FILES+=usr/share/doc/ntp/ntptrace.htm OLD_FILES+=usr/share/doc/ntp/parsedata.htm OLD_FILES+=usr/share/doc/ntp/parsenew.htm OLD_FILES+=usr/share/doc/ntp/patches.htm OLD_FILES+=usr/share/doc/ntp/porting.htm OLD_FILES+=usr/share/doc/ntp/pps.htm OLD_FILES+=usr/share/doc/ntp/prefer.htm OLD_FILES+=usr/share/doc/ntp/qth.htm OLD_FILES+=usr/share/doc/ntp/quick.htm OLD_FILES+=usr/share/doc/ntp/rdebug.htm OLD_FILES+=usr/share/doc/ntp/refclock.htm OLD_FILES+=usr/share/doc/ntp/release.htm OLD_FILES+=usr/share/doc/ntp/tickadj.htm OLD_FILES+=usr/share/doc/papers/nqnfs.ascii.gz OLD_FILES+=usr/share/doc/papers/px.ascii.gz OLD_FILES+=usr/share/man/man3/exp10.3.gz OLD_FILES+=usr/share/man/man3/exp10f.3.gz OLD_FILES+=usr/share/man/man3/fpsetsticky.3.gz OLD_FILES+=usr/share/man/man3/gss_krb5_compat_des3_mic.3.gz OLD_FILES+=usr/share/man/man3/gss_krb5_copy_ccache.3.gz OLD_FILES+=usr/share/man/man3/mac_is_present_np.3.gz OLD_FILES+=usr/share/man/man3/mbmb.3.gz OLD_FILES+=usr/share/man/man3/setrunelocale.3.gz OLD_FILES+=usr/share/man/man5/usbd.conf.5.gz .if ${TARGET_ARCH} != "i386" && ${TARGET_ARCH} != "amd64" OLD_FILES+=usr/share/man/man8/boot_i386.8.gz .endif .if ${TARGET_ARCH} != "powerpc" && ${TARGET_ARCH} != "powerpc64" && ${TARGET_ARCH} != "sparc64" OLD_FILES+=usr/share/man/man8/ofwdump.8.gz .endif OLD_FILES+=usr/share/man/man8/mount_reiserfs.8.gz OLD_FILES+=usr/share/man/man9/VFS_START.9.gz OLD_FILES+=usr/share/man/man9/cpu_critical_exit.9.gz OLD_FILES+=usr/share/man/man9/cpu_critical_enter.9.gz OLD_FILES+=usr/share/info/annotate.info.gz OLD_FILES+=usr/share/info/tar.info.gz OLD_FILES+=usr/share/bsnmp/defs/tree.def OLD_FILES+=usr/share/bsnmp/defs/mibII_tree.def OLD_FILES+=usr/share/bsnmp/defs/netgraph_tree.def OLD_FILES+=usr/share/bsnmp/mibs/FOKUS-MIB.txt OLD_FILES+=usr/share/bsnmp/mibs/BEGEMOT-MIB.txt OLD_FILES+=usr/share/bsnmp/mibs/BEGEMOT-SNMPD.txt OLD_FILES+=usr/share/bsnmp/mibs/BEGEMOT-NETGRAPH.txt OLD_FILES+=usr/libdata/ldscripts/elf64_sparc.x OLD_FILES+=usr/libdata/ldscripts/elf64_sparc.xbn OLD_FILES+=usr/libdata/ldscripts/elf64_sparc.xn OLD_FILES+=usr/libdata/ldscripts/elf64_sparc.xr OLD_FILES+=usr/libdata/ldscripts/elf64_sparc.xs OLD_FILES+=usr/libdata/ldscripts/elf64_sparc.xu OLD_FILES+=usr/libdata/ldscripts/elf64_sparc.xc OLD_FILES+=usr/libdata/ldscripts/elf64_sparc.xsc OLD_FILES+=usr/libdata/ldscripts/elf32_sparc.x OLD_FILES+=usr/libdata/ldscripts/elf32_sparc.xbn OLD_FILES+=usr/libdata/ldscripts/elf32_sparc.xn OLD_FILES+=usr/libdata/ldscripts/elf32_sparc.xr OLD_FILES+=usr/libdata/ldscripts/elf32_sparc.xs OLD_FILES+=usr/libdata/ldscripts/elf32_sparc.xu OLD_FILES+=usr/libdata/ldscripts/elf32_sparc.xc OLD_FILES+=usr/libdata/ldscripts/elf32_sparc.xsc OLD_FILES+=usr/libdata/msdosfs/iso22dos OLD_FILES+=usr/libdata/msdosfs/iso72dos OLD_FILES+=usr/libdata/msdosfs/koi2dos OLD_FILES+=usr/libdata/msdosfs/koi8u2dos # The following files are *not* obsolete, they just don't get touched at # install, so don't add them: # - boot/loader.rc # - usr/share/tmac/man.local # - usr/share/tmac/mm/locale # - usr/share/tmac/mm/se_locale # - var/yp/Makefile # 20071120: shared library version bump OLD_LIBS+=usr/lib/libasn1.so.8 OLD_LIBS+=usr/lib/libgssapi.so.8 OLD_LIBS+=usr/lib/libgssapi_krb5.so.8 OLD_LIBS+=usr/lib/libhdb.so.8 OLD_LIBS+=usr/lib/libkadm5clnt.so.8 OLD_LIBS+=usr/lib/libkadm5srv.so.8 OLD_LIBS+=usr/lib/libkafs5.so.8 OLD_LIBS+=usr/lib/libkrb5.so.8 OLD_LIBS+=usr/lib/libobjc.so.2 OLD_LIBS+=usr/lib32/libgssapi.so.8 OLD_LIBS+=usr/lib32/libobjc.so.2 # 20070519: GCC 4.2 OLD_LIBS+=usr/lib/libg2c.a OLD_LIBS+=usr/lib/libg2c.so OLD_LIBS+=usr/lib/libg2c.so.2 OLD_LIBS+=usr/lib/libg2c_p.a OLD_LIBS+=usr/lib/libgcc_pic.a OLD_LIBS+=usr/lib32/libg2c.a OLD_LIBS+=usr/lib32/libg2c.so OLD_LIBS+=usr/lib32/libg2c.so.2 OLD_LIBS+=usr/lib32/libg2c_p.a OLD_LIBS+=usr/lib32/libgcc_pic.a # 20060729: OpenSSL 0.9.7e -> 0.9.8b upgrade OLD_LIBS+=lib/libcrypto.so.4 OLD_LIBS+=usr/lib/libssl.so.4 OLD_LIBS+=usr/lib32/libcrypto.so.4 OLD_LIBS+=usr/lib32/libssl.so.4 # 20060521: gethostbyaddr(3) ABI change OLD_LIBS+=usr/lib/libroken.so.8 OLD_LIBS+=lib/libatm.so.3 OLD_LIBS+=lib/libc.so.6 OLD_LIBS+=lib/libutil.so.5 OLD_LIBS+=usr/lib32/libatm.so.3 OLD_LIBS+=usr/lib32/libc.so.6 OLD_LIBS+=usr/lib32/libutil.so.5 # 20060413: shared library moved to /usr/lib OLD_LIBS+=lib/libgpib.so.1 # 20060413: libpcap.so.4 moved to /lib/ OLD_LIBS+=usr/lib/libpcap.so.4 # 20060412: libpthread.so.2 moved to /lib/ OLD_LIBS+=usr/lib/libpthread.so.2 # 20060127: revert libdisk to static-only OLD_LIBS+=usr/lib/libdisk.so.3 # 20051027: libc_r discontinued (removed 20101113) OLD_LIBS+=usr/lib/libc_r.a OLD_LIBS+=usr/lib/libc_r.so OLD_LIBS+=usr/lib/libc_r.so.7 OLD_LIBS+=usr/lib/libc_r_p.a OLD_LIBS+=usr/lib32/libc_r.a OLD_LIBS+=usr/lib32/libc_r.so OLD_LIBS+=usr/lib32/libc_r.so.7 OLD_LIBS+=usr/lib32/libc_r_p.a # 20050722: bump for 6.0-RELEASE OLD_LIBS+=lib/libalias.so.4 OLD_LIBS+=lib/libatm.so.2 OLD_LIBS+=lib/libbegemot.so.1 OLD_LIBS+=lib/libbsdxml.so.1 OLD_LIBS+=lib/libbsnmp.so.2 OLD_LIBS+=lib/libc.so.5 OLD_LIBS+=lib/libcam.so.2 OLD_LIBS+=lib/libcrypt.so.2 OLD_LIBS+=lib/libcrypto.so.3 OLD_LIBS+=lib/libdevstat.so.4 OLD_LIBS+=lib/libedit.so.4 OLD_LIBS+=lib/libgeom.so.2 OLD_LIBS+=lib/libgpib.so.0 OLD_LIBS+=lib/libipsec.so.1 OLD_LIBS+=lib/libipx.so.2 OLD_LIBS+=lib/libkiconv.so.1 OLD_LIBS+=lib/libkvm.so.2 OLD_LIBS+=lib/libm.so.3 OLD_LIBS+=lib/libmd.so.2 OLD_LIBS+=lib/libncurses.so.5 OLD_LIBS+=lib/libreadline.so.5 OLD_LIBS+=lib/libsbuf.so.2 OLD_LIBS+=lib/libufs.so.2 OLD_LIBS+=lib/libutil.so.4 OLD_LIBS+=lib/libz.so.2 OLD_LIBS+=usr/lib/libarchive.so.1 OLD_LIBS+=usr/lib/libasn1.so.7 OLD_LIBS+=usr/lib/libbluetooth.so.1 OLD_LIBS+=usr/lib/libbz2.so.1 OLD_LIBS+=usr/lib/libc_r.so.5 OLD_LIBS+=usr/lib/libcalendar.so.2 OLD_LIBS+=usr/lib/libcom_err.so.2 OLD_LIBS+=usr/lib/libdevinfo.so.2 OLD_LIBS+=usr/lib/libdialog.so.4 OLD_LIBS+=usr/lib/libfetch.so.3 OLD_LIBS+=usr/lib/libform.so.2 OLD_LIBS+=usr/lib/libftpio.so.5 OLD_LIBS+=usr/lib/libg2c.so.1 OLD_LIBS+=usr/lib/libgnuregex.so.2 OLD_LIBS+=usr/lib/libgssapi.so.7 OLD_LIBS+=usr/lib/libhdb.so.7 OLD_LIBS+=usr/lib/libhistory.so.5 OLD_LIBS+=usr/lib/libkadm5clnt.so.7 OLD_LIBS+=usr/lib/libkadm5srv.so.7 OLD_LIBS+=usr/lib/libkafs5.so.7 OLD_LIBS+=usr/lib/libkrb5.so.7 OLD_LIBS+=usr/lib/libmagic.so.1 OLD_LIBS+=usr/lib/libmenu.so.2 OLD_LIBS+=usr/lib/libmilter.so.2 OLD_LIBS+=usr/lib/libmp.so.4 OLD_LIBS+=usr/lib/libncp.so.1 OLD_LIBS+=usr/lib/libnetgraph.so.1 OLD_LIBS+=usr/lib/libngatm.so.1 OLD_LIBS+=usr/lib/libobjc.so.1 OLD_LIBS+=usr/lib/libopie.so.3 OLD_LIBS+=usr/lib/libpam.so.2 OLD_LIBS+=usr/lib/libpanel.so.2 OLD_LIBS+=usr/lib/libpcap.so.3 OLD_LIBS+=usr/lib/libpmc.so.2 OLD_LIBS+=usr/lib/libpthread.so.1 OLD_LIBS+=usr/lib/libradius.so.1 OLD_LIBS+=usr/lib/libroken.so.7 OLD_LIBS+=usr/lib/librpcsvc.so.2 OLD_LIBS+=usr/lib/libsdp.so.1 OLD_LIBS+=usr/lib/libsmb.so.1 OLD_LIBS+=usr/lib/libssh.so.2 OLD_LIBS+=usr/lib/libssl.so.3 OLD_LIBS+=usr/lib/libstdc++.so.4 OLD_LIBS+=usr/lib/libtacplus.so.1 OLD_LIBS+=usr/lib/libthr.so.1 OLD_LIBS+=usr/lib/libthread_db.so.1 OLD_LIBS+=usr/lib/libugidfw.so.1 OLD_LIBS+=usr/lib/libusbhid.so.1 OLD_LIBS+=usr/lib/libvgl.so.3 OLD_LIBS+=usr/lib/libwrap.so.3 OLD_LIBS+=usr/lib/libypclnt.so.1 OLD_LIBS+=usr/lib/pam_chroot.so.2 OLD_LIBS+=usr/lib/pam_deny.so.2 OLD_LIBS+=usr/lib/pam_echo.so.2 OLD_LIBS+=usr/lib/pam_exec.so.2 OLD_LIBS+=usr/lib/pam_ftpusers.so.2 OLD_LIBS+=usr/lib/pam_group.so.2 OLD_LIBS+=usr/lib/pam_guest.so.2 OLD_LIBS+=usr/lib/pam_krb5.so.2 OLD_LIBS+=usr/lib/pam_ksu.so.2 OLD_LIBS+=usr/lib/pam_lastlog.so.2 OLD_LIBS+=usr/lib/pam_login_access.so.2 OLD_LIBS+=usr/lib/pam_nologin.so.2 OLD_LIBS+=usr/lib/pam_opie.so.2 OLD_LIBS+=usr/lib/pam_opieaccess.so.2 OLD_LIBS+=usr/lib/pam_passwdqc.so.2 OLD_LIBS+=usr/lib/pam_permit.so.2 OLD_LIBS+=usr/lib/pam_radius.so.2 OLD_LIBS+=usr/lib/pam_rhosts.so.2 OLD_LIBS+=usr/lib/pam_rootok.so.2 OLD_LIBS+=usr/lib/pam_securetty.so.2 OLD_LIBS+=usr/lib/pam_self.so.2 OLD_LIBS+=usr/lib/pam_ssh.so.2 OLD_LIBS+=usr/lib/pam_tacplus.so.2 OLD_LIBS+=usr/lib/pam_unix.so.2 OLD_LIBS+=usr/lib/snmp_atm.so.3 OLD_LIBS+=usr/lib/snmp_mibII.so.3 OLD_LIBS+=usr/lib/snmp_netgraph.so.3 OLD_LIBS+=usr/lib/snmp_pf.so.3 # 200505XX: ? OLD_LIBS+=usr/lib/snmp_atm.so.2 OLD_LIBS+=usr/lib/snmp_mibII.so.2 OLD_LIBS+=usr/lib/snmp_netgraph.so.2 OLD_LIBS+=usr/lib/snmp_pf.so.2 # 2005XXXX: not ready for primetime yet OLD_LIBS+=usr/lib/libautofs.so.1 # 200411XX: libxpg4 removal OLD_LIBS+=usr/lib/libxpg4.so.3 # 200410XX: libm compatibility fix OLD_LIBS+=lib/libm.so.2 # 20041001: version bump OLD_LIBS+=lib/libreadline.so.4 OLD_LIBS+=usr/lib/libhistory.so.4 OLD_LIBS+=usr/lib/libopie.so.2 OLD_LIBS+=usr/lib/libpcap.so.2 # 20040925: bind9 import OLD_LIBS+=usr/lib/libisc.so.1 # 200408XX OLD_LIBS+=usr/lib/snmp_netgraph.so.1 # 200404XX OLD_LIBS+=usr/lib/libsnmp.so.1 OLD_LIBS+=usr/lib/snmp_mibII.so.1 # 200309XX OLD_LIBS+=usr/lib/libasn1.so.6 OLD_LIBS+=usr/lib/libhdb.so.6 OLD_LIBS+=usr/lib/libkadm5clnt.so.6 OLD_LIBS+=usr/lib/libkadm5srv.so.6 OLD_LIBS+=usr/lib/libkrb5.so.6 OLD_LIBS+=usr/lib/libroken.so.6 # 200304XX OLD_LIBS+=usr/lib/libc.so.4 OLD_LIBS+=usr/lib/libc_r.so.4 OLD_LIBS+=usr/lib/libdevstat.so.2 OLD_LIBS+=usr/lib/libedit.so.3 OLD_LIBS+=usr/lib/libgmp.so.3 OLD_LIBS+=usr/lib/libmp.so.3 OLD_LIBS+=usr/lib/libpam.so.1 OLD_LIBS+=usr/lib/libposix1e.so.2 OLD_LIBS+=usr/lib/libskey.so.2 OLD_LIBS+=usr/lib/libusbhid.so.0 OLD_LIBS+=usr/lib/libvgl.so.2 # 20030218: OpenSSL 0.9.7 import OLD_FILES+=usr/include/des.h OLD_FILES+=usr/lib/libdes.a OLD_FILES+=usr/lib/libdes.so OLD_LIBS+=usr/lib/libdes.so.3 OLD_FILES+=usr/lib/libdes_p.a # 200302XX OLD_LIBS+=usr/lib/libacl.so.3 OLD_LIBS+=usr/lib/libasn1.so.5 OLD_LIBS+=usr/lib/libcrypto.so.2 OLD_LIBS+=usr/lib/libgssapi.so.5 OLD_LIBS+=usr/lib/libhdb.so.5 OLD_LIBS+=usr/lib/libkadm.so.3 OLD_LIBS+=usr/lib/libkadm5clnt.so.5 OLD_LIBS+=usr/lib/libkadm5srv.so.5 OLD_LIBS+=usr/lib/libkafs.so.3 OLD_LIBS+=usr/lib/libkafs5.so.5 OLD_LIBS+=usr/lib/libkdb.so.3 OLD_LIBS+=usr/lib/libkrb.so.3 OLD_LIBS+=usr/lib/libroken.so. OLD_LIBS+=usr/lib/libssl.so.2 OLD_LIBS+=usr/lib/pam_kerberosIV.so # 200208XX OLD_LIBS+=usr/lib/libgssapi.so.4 # 200203XX OLD_LIBS+=usr/lib/libss.so.3 OLD_LIBS+=usr/lib/libusb.so.0 # 200112XX OLD_LIBS+=usr/lib/libfetch.so.2 # 200110XX OLD_LIBS+=usr/lib/libgssapi.so.3 # 200104XX OLD_LIBS+=usr/lib/libdescrypt.so.2 OLD_LIBS+=usr/lib/libscrypt.so.2 # 200102XX OLD_LIBS+=usr/lib/libcrypto.so.1 OLD_LIBS+=usr/lib/libssl.so.1 # 200009XX OLD_LIBS+=usr/lib/libRSAglue.so.1 OLD_LIBS+=usr/lib/librsaINTL.so.1 OLD_LIBS+=usr/lib/librsaUSA.so.1 # 200006XX OLD_LIBS+=usr/lib/libalias.so.3 OLD_LIBS+=usr/lib/libfetch.so.1 OLD_LIBS+=usr/lib/libipsec.so.0 # 200005XX OLD_LIBS+=usr/lib/libxpg4.so.2 # 200002XX OLD_LIBS+=usr/lib/libc.so.3 OLD_LIBS+=usr/lib/libcurses.so.2 OLD_LIBS+=usr/lib/libdialog.so.3 OLD_LIBS+=usr/lib/libedit.so.2 OLD_LIBS+=usr/lib/libf2c.so.2 OLD_LIBS+=usr/lib/libftpio.so.4 OLD_LIBS+=usr/lib/libg++.so.4 OLD_LIBS+=usr/lib/libhistory.so.3 OLD_LIBS+=usr/lib/libmytinfo.so.2 OLD_LIBS+=usr/lib/libncurses.so.3 OLD_LIBS+=usr/lib/libreadline.so.3 OLD_LIBS+=usr/lib/libss.so.2 OLD_LIBS+=usr/lib/libtermcap.so.2 OLD_LIBS+=usr/lib/libutil.so.2 OLD_LIBS+=usr/lib/libvgl.so.1 OLD_LIBS+=usr/lib/libwrap.so.2 # 19991216 OLD_FILES+=usr/sbin/xntpdc # 199909XX OLD_LIBS+=usr/lib/libc_r.so.3 # ??? OLD_LIBS+=usr/lib/libarchive.so.2 OLD_LIBS+=usr/lib/libbsnmp.so.1 OLD_LIBS+=usr/lib/libc_r.so.6 OLD_LIBS+=usr/lib32/libarchive.so.2 OLD_LIBS+=usr/lib32/libc_r.so.6 OLD_LIBS+=usr/lib/libcipher.so.2 OLD_LIBS+=usr/lib/libgssapi.so.6 OLD_LIBS+=usr/lib/libkse.so.1 OLD_LIBS+=usr/lib/liblwres.so.3 OLD_LIBS+=usr/lib/pam_ftp.so.2 # 20131013: Removal of the ATF tools OLD_DIRS+=etc/atf OLD_DIRS+=usr/share/examples/atf OLD_DIRS+=usr/share/xml/atf OLD_DIRS+=usr/share/xml OLD_DIRS+=usr/share/xsl/atf OLD_DIRS+=usr/share/xsl # 20040925: bind9 import OLD_DIRS+=usr/share/doc/bind/html OLD_DIRS+=usr/share/doc/bind/misc OLD_DIRS+=usr/share/doc/bind/ # ??? OLD_DIRS+=usr/include/g++/std OLD_DIRS+=usr/include/msdosfs OLD_DIRS+=usr/include/ntfs OLD_DIRS+=usr/include/nwfs OLD_DIRS+=usr/include/ufs/mfs # 20011001: UUCP migration to ports OLD_DIRS+=usr/libexec/uucp .include "tools/build/mk/OptionalObsoleteFiles.inc" Index: head/contrib/mdocml/lib.in =================================================================== --- head/contrib/mdocml/lib.in (revision 296046) +++ head/contrib/mdocml/lib.in (revision 296047) @@ -1,128 +1,128 @@ /* $Id: lib.in,v 1.18 2014/01/06 00:53:33 schwarze Exp $ */ /* * Copyright (c) 2009 Kristaps Dzonsons * Copyright (c) 2009, 2012 Joerg Sonnenberger * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ /* * These are all possible .Lb strings. When a new library is added, add * its short-string to the left-hand side and formatted string to the * right-hand side. * * Be sure to escape strings. */ LINE("lib80211", "802.11 Wireless Network Management Library (lib80211, \\-l80211)") LINE("libarchive", "Streaming Archive Library (libarchive, \\-larchive)") LINE("libarm", "ARM Architecture Library (libarm, \\-larm)") LINE("libarm32", "ARM32 Architecture Library (libarm32, \\-larm32)") LINE("libbluetooth", "Bluetooth Library (libbluetooth, \\-lbluetooth)") LINE("libbsm", "Basic Security Module Library (libbsm, \\-lbsm)") LINE("libc", "Standard C\\~Library (libc, \\-lc)") LINE("libc_r", "Reentrant C\\~Library (libc_r, \\-lc_r)") LINE("libcalendar", "Calendar Arithmetic Library (libcalendar, \\-lcalendar)") LINE("libcam", "Common Access Method User Library (libcam, \\-lcam)") -LINE("libcapsicum", "Capsicum Library (libcapsicum, \\-lcapsicum)") +LINE("libcasper", "Casper Library (libcasper, \\-lcapser)") LINE("libcdk", "Curses Development Kit Library (libcdk, \\-lcdk)") LINE("libcipher", "FreeSec Crypt Library (libcipher, \\-lcipher)") LINE("libcompat", "Compatibility Library (libcompat, \\-lcompat)") LINE("libcrypt", "Crypt Library (libcrypt, \\-lcrypt)") LINE("libcurses", "Curses Library (libcurses, \\-lcurses)") LINE("libcuse", "Userland Character Device Library (libcuse, \\-lcuse)") LINE("libdevattr", "Device attribute and event library (libdevattr, \\-ldevattr)") LINE("libdevctl", "Device Control Library (libdevctl, \\-ldevctl)") LINE("libdevinfo", "Device and Resource Information Utility Library (libdevinfo, \\-ldevinfo)") LINE("libdevstat", "Device Statistics Library (libdevstat, \\-ldevstat)") LINE("libdisk", "Interface to Slice and Partition Labels Library (libdisk, \\-ldisk)") LINE("libdm", "Device Mapper Library (libdm, \\-ldm)") LINE("libdwarf", "DWARF Access Library (libdwarf, \\-ldwarf)") LINE("libedit", "Command Line Editor Library (libedit, \\-ledit)") LINE("libefi", "EFI Runtime Services Library (libefi, \\-lefi)") LINE("libelf", "ELF Access Library (libelf, \\-lelf)") LINE("libevent", "Event Notification Library (libevent, \\-levent)") LINE("libexecinfo", "Backtrace Information Library (libexecinfo, \\-lexecinfo)") LINE("libfetch", "File Transfer Library (libfetch, \\-lfetch)") LINE("libfsid", "Filesystem Identification Library (libfsid, \\-lfsid)") LINE("libftpio", "FTP Connection Management Library (libftpio, \\-lftpio)") LINE("libform", "Curses Form Library (libform, \\-lform)") LINE("libgeom", "Userland API Library for Kernel GEOM subsystem (libgeom, \\-lgeom)") LINE("libgpio", "General-Purpose Input Output (GPIO) library (libgpio, \\-lgpio)") LINE("libhammer", "HAMMER Filesystem Userland Library (libhammer, \\-lhammer)") LINE("libi386", "i386 Architecture Library (libi386, \\-li386)") LINE("libintl", "Internationalized Message Handling Library (libintl, \\-lintl)") LINE("libipsec", "IPsec Policy Control Library (libipsec, \\-lipsec)") LINE("libiscsi", "iSCSI protocol library (libiscsi, \\-liscsi)") LINE("libisns", "Internet Storage Name Service Library (libisns, \\-lisns)") LINE("libjail", "Jail Library (libjail, \\-ljail)") LINE("libkcore", "Kernel Memory Core Access Library (libkcore, \\-lkcore)") LINE("libkiconv", "Kernel-side iconv Library (libkiconv, \\-lkiconv)") LINE("libkse", "N:M Threading Library (libkse, \\-lkse)") LINE("libkvm", "Kernel Data Access Library (libkvm, \\-lkvm)") LINE("libm", "Math Library (libm, \\-lm)") LINE("libm68k", "m68k Architecture Library (libm68k, \\-lm68k)") LINE("libmagic", "Magic Number Recognition Library (libmagic, \\-lmagic)") LINE("libmandoc", "Mandoc Macro Compiler Library (libmandoc, \\-lmandoc)") LINE("libmd", "Message Digest (MD4, MD5, etc.) Support Library (libmd, \\-lmd)") LINE("libmemstat", "Kernel Memory Allocator Statistics Library (libmemstat, \\-lmemstat)") LINE("libmenu", "Curses Menu Library (libmenu, \\-lmenu)") LINE("libmj", "Minimalist JSON library (libmj, \\-lmj)") LINE("libnetgraph", "Netgraph User Library (libnetgraph, \\-lnetgraph)") LINE("libnetpgp", "Netpgp Signing, Verification, Encryption and Decryption (libnetpgp, \\-lnetpgp)") LINE("libnetpgpverify", "Netpgp Verification (libnetpgpverify, \\-lnetpgpverify)") LINE("libnpf", "NPF Packet Filter Library (libnpf, \\-lnpf)") LINE("libnv", "Name/value pairs library (libnv, \\-lnv)") LINE("libossaudio", "OSS Audio Emulation Library (libossaudio, \\-lossaudio)") LINE("libpam", "Pluggable Authentication Module Library (libpam, \\-lpam)") LINE("libpcap", "Packet Capture Library (libpcap, \\-lpcap)") LINE("libpci", "PCI Bus Access Library (libpci, \\-lpci)") LINE("libpmc", "Performance Counters Library (libpmc, \\-lpmc)") LINE("libppath", "Property-List Paths Library (libppath, \\-lppath)") LINE("libposix", "POSIX Compatibility Library (libposix, \\-lposix)") LINE("libposix1e", "POSIX.1e Security API Library (libposix1e, \\-lposix1e)") LINE("libppath", "Property-List Paths Library (libppath, \\-lppath)") LINE("libproc", "Processor Monitoring and Analysis Library (libproc, \\-lproc)") LINE("libprocstat", "Process and Files Information Retrieval (libprocstat, \\-lprocstat)") LINE("libprop", "Property Container Object Library (libprop, \\-lprop)") LINE("libpthread", "POSIX Threads Library (libpthread, \\-lpthread)") LINE("libpuffs", "puffs Convenience Library (libpuffs, \\-lpuffs)") LINE("libquota", "Disk Quota Access and Control Library (libquota, \\-lquota)") LINE("libradius", "RADIUS Client Library (libradius, \\-lradius)") LINE("librefuse", "File System in Userspace Convenience Library (librefuse, \\-lrefuse)") LINE("libresolv", "DNS Resolver Library (libresolv, \\-lresolv)") LINE("librpcsec_gss", "RPC GSS-API Authentication Library (librpcsec_gss, \\-lrpcsec_gss)") LINE("librpcsvc", "RPC Service Library (librpcsvc, \\-lrpcsvc)") LINE("librt", "POSIX Real\\-time Library (librt, \\-lrt)") LINE("librtld_db", "Run-time Linker Debugging Library (librtld_db, \\-lrtld_db)") LINE("libsaslc", "Simple Authentication and Security Layer client library (libsaslc, \\-lsaslc)") LINE("libsbuf", "Safe String Composition Library (libsbuf, \\-lsbuf)") LINE("libsdp", "Bluetooth Service Discovery Protocol User Library (libsdp, \\-lsdp)") LINE("libssp", "Buffer Overflow Protection Library (libssp, \\-lssp)") LINE("libstdthreads", "C11 Threads Library (libstdthreads, \\-lstdthreads)") LINE("libSystem", "System Library (libSystem, \\-lSystem)") LINE("libsysdecode", "System Argument Decoding Library (libsysdecode, \\-lsysdecode)") LINE("libtacplus", "TACACS+ Client Library (libtacplus, \\-ltacplus)") LINE("libtcplay", "TrueCrypt-compatible API library (libtcplay, \\-ltcplay)") LINE("libtermcap", "Termcap Access Library (libtermcap, \\-ltermcap)") LINE("libterminfo", "Terminal Information Library (libterminfo, \\-lterminfo)") LINE("libthr", "1:1 Threading Library (libthr, \\-lthr)") LINE("libufs", "UFS File System Access Library (libufs, \\-lufs)") LINE("libugidfw", "File System Firewall Interface Library (libugidfw, \\-lugidfw)") LINE("libulog", "User Login Record Library (libulog, \\-lulog)") LINE("libusbhid", "USB Human Interface Devices Library (libusbhid, \\-lusbhid)") LINE("libutil", "System Utilities Library (libutil, \\-lutil)") LINE("libvgl", "Video Graphics Library (libvgl, \\-lvgl)") LINE("libx86_64", "x86_64 Architecture Library (libx86_64, \\-lx86_64)") LINE("libxo", "Text, XML, JSON, and HTML Output Emission Library (libxo, \\-lxo)") LINE("libz", "Compression Library (libz, \\-lz)") Index: head/contrib/tcpdump/addrtoname.c =================================================================== --- head/contrib/tcpdump/addrtoname.c (revision 296046) +++ head/contrib/tcpdump/addrtoname.c (revision 296047) @@ -1,1250 +1,1250 @@ /* * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that: (1) source code distributions * retain the above copyright notice and this paragraph in its entirety, (2) * distributions including binary code include the above copyright notice and * this paragraph in its entirety in the documentation or other materials * provided with the distribution, and (3) all advertising materials mentioning * features or use of this software display the following acknowledgement: * ``This product includes software developed by the University of California, * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of * the University nor the names of its contributors may be used to endorse * or promote products derived from this software without specific prior * written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * * Internet, ethernet, port, and protocol string to address * and address to string conversion routines * * $FreeBSD$ */ #define NETDISSECT_REWORKED #ifdef HAVE_CONFIG_H #include "config.h" #endif -#ifdef HAVE_CAPSICUM -#include -#include -#endif /* HAVE_CAPSICUM */ +#ifdef HAVE_CAPSPER +#include +#include +#endif /* HAVE_CAPSPER */ #include #ifdef USE_ETHER_NTOHOST #ifdef HAVE_NETINET_IF_ETHER_H struct mbuf; /* Squelch compiler warnings on some platforms for */ struct rtentry; /* declarations in */ #include /* for "struct ifnet" in "struct arpcom" on Solaris */ #include #endif /* HAVE_NETINET_IF_ETHER_H */ #ifdef NETINET_ETHER_H_DECLARES_ETHER_NTOHOST #include #endif /* NETINET_ETHER_H_DECLARES_ETHER_NTOHOST */ #if !defined(HAVE_DECL_ETHER_NTOHOST) || !HAVE_DECL_ETHER_NTOHOST #ifndef HAVE_STRUCT_ETHER_ADDR struct ether_addr { unsigned char ether_addr_octet[6]; }; #endif extern int ether_ntohost(char *, const struct ether_addr *); #endif #endif /* USE_ETHER_NTOHOST */ #include #include #include #include #include #include #include "interface.h" #include "addrtoname.h" #include "llc.h" #include "setsignal.h" #include "extract.h" #include "oui.h" #ifndef ETHER_ADDR_LEN #define ETHER_ADDR_LEN 6 #endif /* * hash tables for whatever-to-name translations * * XXX there has to be error checks against strdup(3) failure */ #define HASHNAMESIZE 4096 struct hnamemem { uint32_t addr; const char *name; struct hnamemem *nxt; }; static struct hnamemem hnametable[HASHNAMESIZE]; static struct hnamemem tporttable[HASHNAMESIZE]; static struct hnamemem uporttable[HASHNAMESIZE]; static struct hnamemem eprototable[HASHNAMESIZE]; static struct hnamemem dnaddrtable[HASHNAMESIZE]; static struct hnamemem ipxsaptable[HASHNAMESIZE]; #if defined(INET6) && defined(WIN32) /* * fake gethostbyaddr for Win2k/XP * gethostbyaddr() returns incorrect value when AF_INET6 is passed * to 3rd argument. * * h_name in struct hostent is only valid. */ static struct hostent * win32_gethostbyaddr(const char *addr, int len, int type) { static struct hostent host; static char hostbuf[NI_MAXHOST]; char hname[NI_MAXHOST]; struct sockaddr_in6 addr6; host.h_name = hostbuf; switch (type) { case AF_INET: return gethostbyaddr(addr, len, type); break; case AF_INET6: memset(&addr6, 0, sizeof(addr6)); addr6.sin6_family = AF_INET6; memcpy(&addr6.sin6_addr, addr, len); if (getnameinfo((struct sockaddr *)&addr6, sizeof(addr6), hname, sizeof(hname), NULL, 0, 0)) { return NULL; } else { strcpy(host.h_name, hname); return &host; } break; default: return NULL; } } #define gethostbyaddr win32_gethostbyaddr #endif /* INET6 & WIN32 */ #ifdef INET6 struct h6namemem { struct in6_addr addr; char *name; struct h6namemem *nxt; }; static struct h6namemem h6nametable[HASHNAMESIZE]; #endif /* INET6 */ struct enamemem { u_short e_addr0; u_short e_addr1; u_short e_addr2; const char *e_name; u_char *e_nsap; /* used only for nsaptable[] */ #define e_bs e_nsap /* for bytestringtable */ struct enamemem *e_nxt; }; static struct enamemem enametable[HASHNAMESIZE]; static struct enamemem nsaptable[HASHNAMESIZE]; static struct enamemem bytestringtable[HASHNAMESIZE]; struct protoidmem { uint32_t p_oui; u_short p_proto; const char *p_name; struct protoidmem *p_nxt; }; static struct protoidmem protoidtable[HASHNAMESIZE]; /* * A faster replacement for inet_ntoa(). */ const char * intoa(uint32_t addr) { register char *cp; register u_int byte; register int n; static char buf[sizeof(".xxx.xxx.xxx.xxx")]; NTOHL(addr); cp = buf + sizeof(buf); *--cp = '\0'; n = 4; do { byte = addr & 0xff; *--cp = byte % 10 + '0'; byte /= 10; if (byte > 0) { *--cp = byte % 10 + '0'; byte /= 10; if (byte > 0) *--cp = byte + '0'; } *--cp = '.'; addr >>= 8; } while (--n > 0); return cp + 1; } static uint32_t f_netmask; static uint32_t f_localnet; -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER extern cap_channel_t *capdns; #endif /* * Return a name for the IP address pointed to by ap. This address * is assumed to be in network byte order. * * NOTE: ap is *NOT* necessarily part of the packet data (not even if * this is being called with the "ipaddr_string()" macro), so you * *CANNOT* use the TCHECK{2}/TTEST{2} macros on it. Furthermore, * even in cases where it *is* part of the packet data, the caller * would still have to check for a null return value, even if it's * just printing the return value with "%s" - not all versions of * printf print "(null)" with "%s" and a null pointer, some of them * don't check for a null pointer and crash in that case. * * The callers of this routine should, before handing this routine * a pointer to packet data, be sure that the data is present in * the packet buffer. They should probably do those checks anyway, * as other data at that layer might not be IP addresses, and it * also needs to check whether they're present in the packet buffer. */ const char * getname(netdissect_options *ndo, const u_char *ap) { register struct hostent *hp; uint32_t addr; static struct hnamemem *p; /* static for longjmp() */ memcpy(&addr, ap, sizeof(addr)); p = &hnametable[addr & (HASHNAMESIZE-1)]; for (; p->nxt; p = p->nxt) { if (p->addr == addr) return (p->name); } p->addr = addr; p->nxt = newhnamemem(); /* * Print names unless: * (1) -n was given. * (2) Address is foreign and -f was given. (If -f was not * given, f_netmask and f_localnet are 0 and the test * evaluates to true) */ if (!ndo->ndo_nflag && (addr & f_netmask) == f_localnet) { -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER if (capdns != NULL) { hp = cap_gethostbyaddr(capdns, (char *)&addr, 4, AF_INET); } else #endif hp = gethostbyaddr((char *)&addr, 4, AF_INET); if (hp) { char *dotp; p->name = strdup(hp->h_name); if (ndo->ndo_Nflag) { /* Remove domain qualifications */ dotp = strchr(p->name, '.'); if (dotp) *dotp = '\0'; } return (p->name); } } p->name = strdup(intoa(addr)); return (p->name); } #ifdef INET6 /* * Return a name for the IP6 address pointed to by ap. This address * is assumed to be in network byte order. */ const char * getname6(netdissect_options *ndo, const u_char *ap) { register struct hostent *hp; union { struct in6_addr addr; struct for_hash_addr { char fill[14]; uint16_t d; } addra; } addr; static struct h6namemem *p; /* static for longjmp() */ register const char *cp; char ntop_buf[INET6_ADDRSTRLEN]; memcpy(&addr, ap, sizeof(addr)); p = &h6nametable[addr.addra.d & (HASHNAMESIZE-1)]; for (; p->nxt; p = p->nxt) { if (memcmp(&p->addr, &addr, sizeof(addr)) == 0) return (p->name); } p->addr = addr.addr; p->nxt = newh6namemem(); /* * Do not print names if -n was given. */ if (!ndo->ndo_nflag) { -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER if (capdns != NULL) { hp = cap_gethostbyaddr(capdns, (char *)&addr, sizeof(addr), AF_INET6); } else #endif hp = gethostbyaddr((char *)&addr, sizeof(addr), AF_INET6); if (hp) { char *dotp; p->name = strdup(hp->h_name); if (ndo->ndo_Nflag) { /* Remove domain qualifications */ dotp = strchr(p->name, '.'); if (dotp) *dotp = '\0'; } return (p->name); } } cp = inet_ntop(AF_INET6, &addr, ntop_buf, sizeof(ntop_buf)); p->name = strdup(cp); return (p->name); } #endif /* INET6 */ static const char hex[] = "0123456789abcdef"; /* Find the hash node that corresponds the ether address 'ep' */ static inline struct enamemem * lookup_emem(const u_char *ep) { register u_int i, j, k; struct enamemem *tp; k = (ep[0] << 8) | ep[1]; j = (ep[2] << 8) | ep[3]; i = (ep[4] << 8) | ep[5]; tp = &enametable[(i ^ j) & (HASHNAMESIZE-1)]; while (tp->e_nxt) if (tp->e_addr0 == i && tp->e_addr1 == j && tp->e_addr2 == k) return tp; else tp = tp->e_nxt; tp->e_addr0 = i; tp->e_addr1 = j; tp->e_addr2 = k; tp->e_nxt = (struct enamemem *)calloc(1, sizeof(*tp)); if (tp->e_nxt == NULL) error("lookup_emem: calloc"); return tp; } /* * Find the hash node that corresponds to the bytestring 'bs' * with length 'nlen' */ static inline struct enamemem * lookup_bytestring(register const u_char *bs, const unsigned int nlen) { struct enamemem *tp; register u_int i, j, k; if (nlen >= 6) { k = (bs[0] << 8) | bs[1]; j = (bs[2] << 8) | bs[3]; i = (bs[4] << 8) | bs[5]; } else if (nlen >= 4) { k = (bs[0] << 8) | bs[1]; j = (bs[2] << 8) | bs[3]; i = 0; } else i = j = k = 0; tp = &bytestringtable[(i ^ j) & (HASHNAMESIZE-1)]; while (tp->e_nxt) if (tp->e_addr0 == i && tp->e_addr1 == j && tp->e_addr2 == k && memcmp((const char *)bs, (const char *)(tp->e_bs), nlen) == 0) return tp; else tp = tp->e_nxt; tp->e_addr0 = i; tp->e_addr1 = j; tp->e_addr2 = k; tp->e_bs = (u_char *) calloc(1, nlen + 1); if (tp->e_bs == NULL) error("lookup_bytestring: calloc"); memcpy(tp->e_bs, bs, nlen); tp->e_nxt = (struct enamemem *)calloc(1, sizeof(*tp)); if (tp->e_nxt == NULL) error("lookup_bytestring: calloc"); return tp; } /* Find the hash node that corresponds the NSAP 'nsap' */ static inline struct enamemem * lookup_nsap(register const u_char *nsap) { register u_int i, j, k; unsigned int nlen = *nsap; struct enamemem *tp; const u_char *ensap = nsap + nlen - 6; if (nlen > 6) { k = (ensap[0] << 8) | ensap[1]; j = (ensap[2] << 8) | ensap[3]; i = (ensap[4] << 8) | ensap[5]; } else i = j = k = 0; tp = &nsaptable[(i ^ j) & (HASHNAMESIZE-1)]; while (tp->e_nxt) if (tp->e_addr0 == i && tp->e_addr1 == j && tp->e_addr2 == k && tp->e_nsap[0] == nlen && memcmp((const char *)&(nsap[1]), (char *)&(tp->e_nsap[1]), nlen) == 0) return tp; else tp = tp->e_nxt; tp->e_addr0 = i; tp->e_addr1 = j; tp->e_addr2 = k; tp->e_nsap = (u_char *)malloc(nlen + 1); if (tp->e_nsap == NULL) error("lookup_nsap: malloc"); memcpy((char *)tp->e_nsap, (const char *)nsap, nlen + 1); tp->e_nxt = (struct enamemem *)calloc(1, sizeof(*tp)); if (tp->e_nxt == NULL) error("lookup_nsap: calloc"); return tp; } /* Find the hash node that corresponds the protoid 'pi'. */ static inline struct protoidmem * lookup_protoid(const u_char *pi) { register u_int i, j; struct protoidmem *tp; /* 5 octets won't be aligned */ i = (((pi[0] << 8) + pi[1]) << 8) + pi[2]; j = (pi[3] << 8) + pi[4]; /* XXX should be endian-insensitive, but do big-endian testing XXX */ tp = &protoidtable[(i ^ j) & (HASHNAMESIZE-1)]; while (tp->p_nxt) if (tp->p_oui == i && tp->p_proto == j) return tp; else tp = tp->p_nxt; tp->p_oui = i; tp->p_proto = j; tp->p_nxt = (struct protoidmem *)calloc(1, sizeof(*tp)); if (tp->p_nxt == NULL) error("lookup_protoid: calloc"); return tp; } const char * etheraddr_string(netdissect_options *ndo, register const u_char *ep) { register int i; register char *cp; register struct enamemem *tp; int oui; char buf[BUFSIZE]; tp = lookup_emem(ep); if (tp->e_name) return (tp->e_name); #ifdef USE_ETHER_NTOHOST if (!ndo->ndo_nflag) { char buf2[BUFSIZE]; /* * We don't cast it to "const struct ether_addr *" * because some systems fail to declare the second * argument as a "const" pointer, even though they * don't modify what it points to. */ if (ether_ntohost(buf2, (struct ether_addr *)ep) == 0) { tp->e_name = strdup(buf2); return (tp->e_name); } } #endif cp = buf; oui = EXTRACT_24BITS(ep); *cp++ = hex[*ep >> 4 ]; *cp++ = hex[*ep++ & 0xf]; for (i = 5; --i >= 0;) { *cp++ = ':'; *cp++ = hex[*ep >> 4 ]; *cp++ = hex[*ep++ & 0xf]; } if (!ndo->ndo_nflag) { snprintf(cp, BUFSIZE - (2 + 5*3), " (oui %s)", tok2str(oui_values, "Unknown", oui)); } else *cp = '\0'; tp->e_name = strdup(buf); return (tp->e_name); } const char * le64addr_string(const u_char *ep) { const unsigned int len = 8; register u_int i; register char *cp; register struct enamemem *tp; char buf[BUFSIZE]; tp = lookup_bytestring(ep, len); if (tp->e_name) return (tp->e_name); cp = buf; for (i = len; i > 0 ; --i) { *cp++ = hex[*(ep + i - 1) >> 4]; *cp++ = hex[*(ep + i - 1) & 0xf]; *cp++ = ':'; } cp --; *cp = '\0'; tp->e_name = strdup(buf); return (tp->e_name); } const char * linkaddr_string(netdissect_options *ndo, const u_char *ep, const unsigned int type, const unsigned int len) { register u_int i; register char *cp; register struct enamemem *tp; if (len == 0) return (""); if (type == LINKADDR_ETHER && len == ETHER_ADDR_LEN) return (etheraddr_string(ndo, ep)); if (type == LINKADDR_FRELAY) return (q922_string(ndo, ep, len)); tp = lookup_bytestring(ep, len); if (tp->e_name) return (tp->e_name); tp->e_name = cp = (char *)malloc(len*3); if (tp->e_name == NULL) error("linkaddr_string: malloc"); *cp++ = hex[*ep >> 4]; *cp++ = hex[*ep++ & 0xf]; for (i = len-1; i > 0 ; --i) { *cp++ = ':'; *cp++ = hex[*ep >> 4]; *cp++ = hex[*ep++ & 0xf]; } *cp = '\0'; return (tp->e_name); } const char * etherproto_string(u_short port) { register char *cp; register struct hnamemem *tp; register uint32_t i = port; char buf[sizeof("0000")]; for (tp = &eprototable[i & (HASHNAMESIZE-1)]; tp->nxt; tp = tp->nxt) if (tp->addr == i) return (tp->name); tp->addr = i; tp->nxt = newhnamemem(); cp = buf; NTOHS(port); *cp++ = hex[port >> 12 & 0xf]; *cp++ = hex[port >> 8 & 0xf]; *cp++ = hex[port >> 4 & 0xf]; *cp++ = hex[port & 0xf]; *cp++ = '\0'; tp->name = strdup(buf); return (tp->name); } const char * protoid_string(register const u_char *pi) { register u_int i, j; register char *cp; register struct protoidmem *tp; char buf[sizeof("00:00:00:00:00")]; tp = lookup_protoid(pi); if (tp->p_name) return tp->p_name; cp = buf; if ((j = *pi >> 4) != 0) *cp++ = hex[j]; *cp++ = hex[*pi++ & 0xf]; for (i = 4; (int)--i >= 0;) { *cp++ = ':'; if ((j = *pi >> 4) != 0) *cp++ = hex[j]; *cp++ = hex[*pi++ & 0xf]; } *cp = '\0'; tp->p_name = strdup(buf); return (tp->p_name); } #define ISONSAP_MAX_LENGTH 20 const char * isonsap_string(const u_char *nsap, register u_int nsap_length) { register u_int nsap_idx; register char *cp; register struct enamemem *tp; if (nsap_length < 1 || nsap_length > ISONSAP_MAX_LENGTH) return ("isonsap_string: illegal length"); tp = lookup_nsap(nsap); if (tp->e_name) return tp->e_name; tp->e_name = cp = (char *)malloc(sizeof("xx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.xx")); if (cp == NULL) error("isonsap_string: malloc"); for (nsap_idx = 0; nsap_idx < nsap_length; nsap_idx++) { *cp++ = hex[*nsap >> 4]; *cp++ = hex[*nsap++ & 0xf]; if (((nsap_idx & 1) == 0) && (nsap_idx + 1 < nsap_length)) { *cp++ = '.'; } } *cp = '\0'; return (tp->e_name); } const char * tcpport_string(u_short port) { register struct hnamemem *tp; register uint32_t i = port; char buf[sizeof("00000")]; for (tp = &tporttable[i & (HASHNAMESIZE-1)]; tp->nxt; tp = tp->nxt) if (tp->addr == i) return (tp->name); tp->addr = i; tp->nxt = newhnamemem(); (void)snprintf(buf, sizeof(buf), "%u", i); tp->name = strdup(buf); return (tp->name); } const char * udpport_string(register u_short port) { register struct hnamemem *tp; register uint32_t i = port; char buf[sizeof("00000")]; for (tp = &uporttable[i & (HASHNAMESIZE-1)]; tp->nxt; tp = tp->nxt) if (tp->addr == i) return (tp->name); tp->addr = i; tp->nxt = newhnamemem(); (void)snprintf(buf, sizeof(buf), "%u", i); tp->name = strdup(buf); return (tp->name); } const char * ipxsap_string(u_short port) { register char *cp; register struct hnamemem *tp; register uint32_t i = port; char buf[sizeof("0000")]; for (tp = &ipxsaptable[i & (HASHNAMESIZE-1)]; tp->nxt; tp = tp->nxt) if (tp->addr == i) return (tp->name); tp->addr = i; tp->nxt = newhnamemem(); cp = buf; NTOHS(port); *cp++ = hex[port >> 12 & 0xf]; *cp++ = hex[port >> 8 & 0xf]; *cp++ = hex[port >> 4 & 0xf]; *cp++ = hex[port & 0xf]; *cp++ = '\0'; tp->name = strdup(buf); return (tp->name); } static void init_servarray(netdissect_options *ndo) { struct servent *sv; register struct hnamemem *table; register int i; char buf[sizeof("0000000000")]; while ((sv = getservent()) != NULL) { int port = ntohs(sv->s_port); i = port & (HASHNAMESIZE-1); if (strcmp(sv->s_proto, "tcp") == 0) table = &tporttable[i]; else if (strcmp(sv->s_proto, "udp") == 0) table = &uporttable[i]; else continue; while (table->name) table = table->nxt; if (ndo->ndo_nflag) { (void)snprintf(buf, sizeof(buf), "%d", port); table->name = strdup(buf); } else table->name = strdup(sv->s_name); table->addr = port; table->nxt = newhnamemem(); } endservent(); } /* in libpcap.a (nametoaddr.c) */ #if defined(WIN32) && !defined(USE_STATIC_LIBPCAP) extern __declspec(dllimport) #else extern #endif const struct eproto { const char *s; u_short p; } eproto_db[]; static void init_eprotoarray(void) { register int i; register struct hnamemem *table; for (i = 0; eproto_db[i].s; i++) { int j = htons(eproto_db[i].p) & (HASHNAMESIZE-1); table = &eprototable[j]; while (table->name) table = table->nxt; table->name = eproto_db[i].s; table->addr = htons(eproto_db[i].p); table->nxt = newhnamemem(); } } static const struct protoidlist { const u_char protoid[5]; const char *name; } protoidlist[] = { {{ 0x00, 0x00, 0x0c, 0x01, 0x07 }, "CiscoMLS" }, {{ 0x00, 0x00, 0x0c, 0x20, 0x00 }, "CiscoCDP" }, {{ 0x00, 0x00, 0x0c, 0x20, 0x01 }, "CiscoCGMP" }, {{ 0x00, 0x00, 0x0c, 0x20, 0x03 }, "CiscoVTP" }, {{ 0x00, 0xe0, 0x2b, 0x00, 0xbb }, "ExtremeEDP" }, {{ 0x00, 0x00, 0x00, 0x00, 0x00 }, NULL } }; /* * SNAP proto IDs with org code 0:0:0 are actually encapsulated Ethernet * types. */ static void init_protoidarray(void) { register int i; register struct protoidmem *tp; const struct protoidlist *pl; u_char protoid[5]; protoid[0] = 0; protoid[1] = 0; protoid[2] = 0; for (i = 0; eproto_db[i].s; i++) { u_short etype = htons(eproto_db[i].p); memcpy((char *)&protoid[3], (char *)&etype, 2); tp = lookup_protoid(protoid); tp->p_name = strdup(eproto_db[i].s); } /* Hardwire some SNAP proto ID names */ for (pl = protoidlist; pl->name != NULL; ++pl) { tp = lookup_protoid(pl->protoid); /* Don't override existing name */ if (tp->p_name != NULL) continue; tp->p_name = pl->name; } } static const struct etherlist { const u_char addr[6]; const char *name; } etherlist[] = { {{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }, "Broadcast" }, {{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, NULL } }; /* * Initialize the ethers hash table. We take two different approaches * depending on whether or not the system provides the ethers name * service. If it does, we just wire in a few names at startup, * and etheraddr_string() fills in the table on demand. If it doesn't, * then we suck in the entire /etc/ethers file at startup. The idea * is that parsing the local file will be fast, but spinning through * all the ethers entries via NIS & next_etherent might be very slow. * * XXX pcap_next_etherent doesn't belong in the pcap interface, but * since the pcap module already does name-to-address translation, * it's already does most of the work for the ethernet address-to-name * translation, so we just pcap_next_etherent as a convenience. */ static void init_etherarray(void) { register const struct etherlist *el; register struct enamemem *tp; #ifdef USE_ETHER_NTOHOST char name[256]; #else register struct pcap_etherent *ep; register FILE *fp; /* Suck in entire ethers file */ fp = fopen(PCAP_ETHERS_FILE, "r"); if (fp != NULL) { while ((ep = pcap_next_etherent(fp)) != NULL) { tp = lookup_emem(ep->addr); tp->e_name = strdup(ep->name); } (void)fclose(fp); } #endif /* Hardwire some ethernet names */ for (el = etherlist; el->name != NULL; ++el) { tp = lookup_emem(el->addr); /* Don't override existing name */ if (tp->e_name != NULL) continue; #ifdef USE_ETHER_NTOHOST /* * Use YP/NIS version of name if available. * * We don't cast it to "const struct ether_addr *" * because some systems don't modify the Ethernet * address but fail to declare the second argument * as a "const" pointer. */ if (ether_ntohost(name, (struct ether_addr *)el->addr) == 0) { tp->e_name = strdup(name); continue; } #endif tp->e_name = el->name; } } static const struct tok ipxsap_db[] = { { 0x0000, "Unknown" }, { 0x0001, "User" }, { 0x0002, "User Group" }, { 0x0003, "PrintQueue" }, { 0x0004, "FileServer" }, { 0x0005, "JobServer" }, { 0x0006, "Gateway" }, { 0x0007, "PrintServer" }, { 0x0008, "ArchiveQueue" }, { 0x0009, "ArchiveServer" }, { 0x000a, "JobQueue" }, { 0x000b, "Administration" }, { 0x000F, "Novell TI-RPC" }, { 0x0017, "Diagnostics" }, { 0x0020, "NetBIOS" }, { 0x0021, "NAS SNA Gateway" }, { 0x0023, "NACS AsyncGateway" }, { 0x0024, "RemoteBridge/RoutingService" }, { 0x0026, "BridgeServer" }, { 0x0027, "TCP/IP Gateway" }, { 0x0028, "Point-to-point X.25 BridgeServer" }, { 0x0029, "3270 Gateway" }, { 0x002a, "CHI Corp" }, { 0x002c, "PC Chalkboard" }, { 0x002d, "TimeSynchServer" }, { 0x002e, "ARCserve5.0/PalindromeBackup" }, { 0x0045, "DI3270 Gateway" }, { 0x0047, "AdvertisingPrintServer" }, { 0x004a, "NetBlazerModems" }, { 0x004b, "BtrieveVAP" }, { 0x004c, "NetwareSQL" }, { 0x004d, "XtreeNetwork" }, { 0x0050, "BtrieveVAP4.11" }, { 0x0052, "QuickLink" }, { 0x0053, "PrintQueueUser" }, { 0x0058, "Multipoint X.25 Router" }, { 0x0060, "STLB/NLM" }, { 0x0064, "ARCserve" }, { 0x0066, "ARCserve3.0" }, { 0x0072, "WAN CopyUtility" }, { 0x007a, "TES-NetwareVMS" }, { 0x0092, "WATCOM Debugger/EmeraldTapeBackupServer" }, { 0x0095, "DDA OBGYN" }, { 0x0098, "NetwareAccessServer" }, { 0x009a, "Netware for VMS II/NamedPipeServer" }, { 0x009b, "NetwareAccessServer" }, { 0x009e, "PortableNetwareServer/SunLinkNVT" }, { 0x00a1, "PowerchuteAPC UPS" }, { 0x00aa, "LAWserve" }, { 0x00ac, "CompaqIDA StatusMonitor" }, { 0x0100, "PIPE STAIL" }, { 0x0102, "LAN ProtectBindery" }, { 0x0103, "OracleDataBaseServer" }, { 0x0107, "Netware386/RSPX RemoteConsole" }, { 0x010f, "NovellSNA Gateway" }, { 0x0111, "TestServer" }, { 0x0112, "HP PrintServer" }, { 0x0114, "CSA MUX" }, { 0x0115, "CSA LCA" }, { 0x0116, "CSA CM" }, { 0x0117, "CSA SMA" }, { 0x0118, "CSA DBA" }, { 0x0119, "CSA NMA" }, { 0x011a, "CSA SSA" }, { 0x011b, "CSA STATUS" }, { 0x011e, "CSA APPC" }, { 0x0126, "SNA TEST SSA Profile" }, { 0x012a, "CSA TRACE" }, { 0x012b, "NetwareSAA" }, { 0x012e, "IKARUS VirusScan" }, { 0x0130, "CommunicationsExecutive" }, { 0x0133, "NNS DomainServer/NetwareNamingServicesDomain" }, { 0x0135, "NetwareNamingServicesProfile" }, { 0x0137, "Netware386 PrintQueue/NNS PrintQueue" }, { 0x0141, "LAN SpoolServer" }, { 0x0152, "IRMALAN Gateway" }, { 0x0154, "NamedPipeServer" }, { 0x0166, "NetWareManagement" }, { 0x0168, "Intel PICKIT CommServer/Intel CAS TalkServer" }, { 0x0173, "Compaq" }, { 0x0174, "Compaq SNMP Agent" }, { 0x0175, "Compaq" }, { 0x0180, "XTreeServer/XTreeTools" }, { 0x018A, "NASI ServicesBroadcastServer" }, { 0x01b0, "GARP Gateway" }, { 0x01b1, "Binfview" }, { 0x01bf, "IntelLanDeskManager" }, { 0x01ca, "AXTEC" }, { 0x01cb, "ShivaNetModem/E" }, { 0x01cc, "ShivaLanRover/E" }, { 0x01cd, "ShivaLanRover/T" }, { 0x01ce, "ShivaUniversal" }, { 0x01d8, "CastelleFAXPressServer" }, { 0x01da, "CastelleLANPressPrintServer" }, { 0x01dc, "CastelleFAX/Xerox7033 FaxServer/ExcelLanFax" }, { 0x01f0, "LEGATO" }, { 0x01f5, "LEGATO" }, { 0x0233, "NMS Agent/NetwareManagementAgent" }, { 0x0237, "NMS IPX Discovery/LANternReadWriteChannel" }, { 0x0238, "NMS IP Discovery/LANternTrapAlarmChannel" }, { 0x023a, "LANtern" }, { 0x023c, "MAVERICK" }, { 0x023f, "NovellSMDR" }, { 0x024e, "NetwareConnect" }, { 0x024f, "NASI ServerBroadcast Cisco" }, { 0x026a, "NMS ServiceConsole" }, { 0x026b, "TimeSynchronizationServer Netware 4.x" }, { 0x0278, "DirectoryServer Netware 4.x" }, { 0x027b, "NetwareManagementAgent" }, { 0x0280, "Novell File and Printer Sharing Service for PC" }, { 0x0304, "NovellSAA Gateway" }, { 0x0308, "COM/VERMED" }, { 0x030a, "GalacticommWorldgroupServer" }, { 0x030c, "IntelNetport2/HP JetDirect/HP Quicksilver" }, { 0x0320, "AttachmateGateway" }, { 0x0327, "MicrosoftDiagnostiocs" }, { 0x0328, "WATCOM SQL Server" }, { 0x0335, "MultiTechSystems MultisynchCommServer" }, { 0x0343, "Xylogics RemoteAccessServer/LANModem" }, { 0x0355, "ArcadaBackupExec" }, { 0x0358, "MSLCD1" }, { 0x0361, "NETINELO" }, { 0x037e, "Powerchute UPS Monitoring" }, { 0x037f, "ViruSafeNotify" }, { 0x0386, "HP Bridge" }, { 0x0387, "HP Hub" }, { 0x0394, "NetWare SAA Gateway" }, { 0x039b, "LotusNotes" }, { 0x03b7, "CertusAntiVirus" }, { 0x03c4, "ARCserve4.0" }, { 0x03c7, "LANspool3.5" }, { 0x03d7, "LexmarkPrinterServer" }, { 0x03d8, "LexmarkXLE PrinterServer" }, { 0x03dd, "BanyanENS NetwareClient" }, { 0x03de, "GuptaSequelBaseServer/NetWareSQL" }, { 0x03e1, "UnivelUnixware" }, { 0x03e4, "UnivelUnixware" }, { 0x03fc, "IntelNetport" }, { 0x03fd, "PrintServerQueue" }, { 0x040A, "ipnServer" }, { 0x040D, "LVERRMAN" }, { 0x040E, "LVLIC" }, { 0x0414, "NET Silicon (DPI)/Kyocera" }, { 0x0429, "SiteLockVirus" }, { 0x0432, "UFHELPR???" }, { 0x0433, "Synoptics281xAdvancedSNMPAgent" }, { 0x0444, "MicrosoftNT SNA Server" }, { 0x0448, "Oracle" }, { 0x044c, "ARCserve5.01" }, { 0x0457, "CanonGP55" }, { 0x045a, "QMS Printers" }, { 0x045b, "DellSCSI Array" }, { 0x0491, "NetBlazerModems" }, { 0x04ac, "OnTimeScheduler" }, { 0x04b0, "CD-Net" }, { 0x0513, "EmulexNQA" }, { 0x0520, "SiteLockChecks" }, { 0x0529, "SiteLockChecks" }, { 0x052d, "CitrixOS2 AppServer" }, { 0x0535, "Tektronix" }, { 0x0536, "Milan" }, { 0x055d, "Attachmate SNA gateway" }, { 0x056b, "IBM8235 ModemServer" }, { 0x056c, "ShivaLanRover/E PLUS" }, { 0x056d, "ShivaLanRover/T PLUS" }, { 0x0580, "McAfeeNetShield" }, { 0x05B8, "NLM to workstation communication (Revelation Software)" }, { 0x05BA, "CompatibleSystemsRouters" }, { 0x05BE, "CheyenneHierarchicalStorageManager" }, { 0x0606, "JCWatermarkImaging" }, { 0x060c, "AXISNetworkPrinter" }, { 0x0610, "AdaptecSCSIManagement" }, { 0x0621, "IBM AntiVirus" }, { 0x0640, "Windows95 RemoteRegistryService" }, { 0x064e, "MicrosoftIIS" }, { 0x067b, "Microsoft Win95/98 File and Print Sharing for NetWare" }, { 0x067c, "Microsoft Win95/98 File and Print Sharing for NetWare" }, { 0x076C, "Xerox" }, { 0x079b, "ShivaLanRover/E 115" }, { 0x079c, "ShivaLanRover/T 115" }, { 0x07B4, "CubixWorldDesk" }, { 0x07c2, "Quarterdeck IWare Connect V2.x NLM" }, { 0x07c1, "Quarterdeck IWare Connect V3.x NLM" }, { 0x0810, "ELAN License Server Demo" }, { 0x0824, "ShivaLanRoverAccessSwitch/E" }, { 0x086a, "ISSC Collector" }, { 0x087f, "ISSC DAS AgentAIX" }, { 0x0880, "Intel Netport PRO" }, { 0x0881, "Intel Netport PRO" }, { 0x0b29, "SiteLock" }, { 0x0c29, "SiteLockApplications" }, { 0x0c2c, "LicensingServer" }, { 0x2101, "PerformanceTechnologyInstantInternet" }, { 0x2380, "LAI SiteLock" }, { 0x238c, "MeetingMaker" }, { 0x4808, "SiteLockServer/SiteLockMetering" }, { 0x5555, "SiteLockUser" }, { 0x6312, "Tapeware" }, { 0x6f00, "RabbitGateway" }, { 0x7703, "MODEM" }, { 0x8002, "NetPortPrinters" }, { 0x8008, "WordPerfectNetworkVersion" }, { 0x85BE, "Cisco EIGRP" }, { 0x8888, "WordPerfectNetworkVersion/QuickNetworkManagement" }, { 0x9000, "McAfeeNetShield" }, { 0x9604, "CSA-NT_MON" }, { 0xb6a8, "OceanIsleReachoutRemoteControl" }, { 0xf11f, "SiteLockMetering" }, { 0xf1ff, "SiteLock" }, { 0xf503, "Microsoft SQL Server" }, { 0xF905, "IBM TimeAndPlace" }, { 0xfbfb, "TopCallIII FaxServer" }, { 0xffff, "AnyService/Wildcard" }, { 0, (char *)0 } }; static void init_ipxsaparray(void) { register int i; register struct hnamemem *table; for (i = 0; ipxsap_db[i].s != NULL; i++) { int j = htons(ipxsap_db[i].v) & (HASHNAMESIZE-1); table = &ipxsaptable[j]; while (table->name) table = table->nxt; table->name = ipxsap_db[i].s; table->addr = htons(ipxsap_db[i].v); table->nxt = newhnamemem(); } } /* * Initialize the address to name translation machinery. We map all * non-local IP addresses to numeric addresses if ndo->ndo_fflag is true * (i.e., to prevent blocking on the nameserver). localnet is the IP address * of the local network. mask is its subnet mask. */ void init_addrtoname(netdissect_options *ndo, uint32_t localnet, uint32_t mask) { if (ndo->ndo_fflag) { f_localnet = localnet; f_netmask = mask; } if (ndo->ndo_nflag) /* * Simplest way to suppress names. */ return; init_etherarray(); init_servarray(ndo); init_eprotoarray(); init_protoidarray(); init_ipxsaparray(); } const char * dnaddr_string(netdissect_options *ndo, u_short dnaddr) { register struct hnamemem *tp; for (tp = &dnaddrtable[dnaddr & (HASHNAMESIZE-1)]; tp->nxt != 0; tp = tp->nxt) if (tp->addr == dnaddr) return (tp->name); tp->addr = dnaddr; tp->nxt = newhnamemem(); if (ndo->ndo_nflag) tp->name = dnnum_string(dnaddr); else tp->name = dnname_string(dnaddr); return(tp->name); } /* Return a zero'ed hnamemem struct and cuts down on calloc() overhead */ struct hnamemem * newhnamemem(void) { register struct hnamemem *p; static struct hnamemem *ptr = NULL; static u_int num = 0; if (num <= 0) { num = 64; ptr = (struct hnamemem *)calloc(num, sizeof (*ptr)); if (ptr == NULL) error("newhnamemem: calloc"); } --num; p = ptr++; return (p); } #ifdef INET6 /* Return a zero'ed h6namemem struct and cuts down on calloc() overhead */ struct h6namemem * newh6namemem(void) { register struct h6namemem *p; static struct h6namemem *ptr = NULL; static u_int num = 0; if (num <= 0) { num = 64; ptr = (struct h6namemem *)calloc(num, sizeof (*ptr)); if (ptr == NULL) error("newh6namemem: calloc"); } --num; p = ptr++; return (p); } #endif /* INET6 */ /* Represent TCI part of the 802.1Q 4-octet tag as text. */ const char * ieee8021q_tci_string(const uint16_t tci) { static char buf[128]; snprintf(buf, sizeof(buf), "vlan %u, p %u%s", tci & 0xfff, tci >> 13, (tci & 0x1000) ? ", DEI" : ""); return buf; } Index: head/contrib/tcpdump/config.h.in =================================================================== --- head/contrib/tcpdump/config.h.in (revision 296046) +++ head/contrib/tcpdump/config.h.in (revision 296047) @@ -1,397 +1,397 @@ /* config.h.in. Generated from configure.in by autoheader. */ /* define if you have the addrinfo function */ #undef HAVE_ADDRINFO /* Define to 1 if you have the `alarm' function. */ #undef HAVE_ALARM /* Define to 1 if you have the `bpf_dump' function. */ #undef HAVE_BPF_DUMP /* capsicum support available */ -#undef HAVE_CAPSICUM +#undef HAVE_CAPSPER /* Define to 1 if you have the `cap_enter' function. */ #undef HAVE_CAP_ENTER /* Define to 1 if you have the `cap_ioctls_limit' function. */ #undef HAVE_CAP_IOCTLS_LIMIT /* Define to 1 if you have the header file. */ #undef HAVE_CAP_NG_H /* Define to 1 if you have the `cap_rights_limit' function. */ #undef HAVE_CAP_RIGHTS_LIMIT /* Define to 1 if you have the declaration of `ether_ntohost', and to 0 if you don't. */ #undef HAVE_DECL_ETHER_NTOHOST /* define if you have the dnet_htoa function */ #undef HAVE_DNET_HTOA /* Define to 1 if you have the `ether_ntohost' function. */ #undef HAVE_ETHER_NTOHOST /* Define to 1 if you have the header file. */ #undef HAVE_FCNTL_H /* Define to 1 if you have the `fork' function. */ #undef HAVE_FORK /* Define to 1 if you have the `getnameinfo' function. */ #undef HAVE_GETNAMEINFO /* Define to 1 if you have the `getopt_long' function. */ #undef HAVE_GETOPT_LONG /* define if you have getrpcbynumber() */ #undef HAVE_GETRPCBYNUMBER /* define if you have the h_errno variable */ #undef HAVE_H_ERRNO /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H /* Define to 1 if you have the `cap-ng' library (-lcap-ng). */ #undef HAVE_LIBCAP_NG /* Define to 1 if you have the `crypto' library (-lcrypto). */ #undef HAVE_LIBCRYPTO /* Define to 1 if you have the `rpc' library (-lrpc). */ #undef HAVE_LIBRPC /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H /* Define to 1 if you have the header file. */ #undef HAVE_NETDNET_DNETDB_H /* define if you have a dnet_htoa declaration in */ #undef HAVE_NETDNET_DNETDB_H_DNET_HTOA /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_ETHER_H /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IF_ETHER_H /* Define to 1 if you have the header file. */ #undef HAVE_NET_PFVAR_H /* Define to 1 if you have the `openat' function. */ #undef HAVE_OPENAT /* Define to 1 if you have the header file. */ #undef HAVE_OPENSSL_EVP_H /* if there's an os_proto.h for this platform, to use additional prototypes */ #undef HAVE_OS_PROTO_H /* Define to 1 if you have the header file. */ #undef HAVE_PCAP_BLUETOOTH_H /* Define to 1 if you have the `pcap_breakloop' function. */ #undef HAVE_PCAP_BREAKLOOP /* Define to 1 if you have the `pcap_create' function. */ #undef HAVE_PCAP_CREATE /* define if libpcap has pcap_datalink_name_to_val() */ #undef HAVE_PCAP_DATALINK_NAME_TO_VAL /* define if libpcap has pcap_datalink_val_to_description() */ #undef HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION /* define if libpcap has pcap_debug */ #undef HAVE_PCAP_DEBUG /* Define to 1 if you have the `pcap_dump_flush' function. */ #undef HAVE_PCAP_DUMP_FLUSH /* define if libpcap has pcap_dump_ftell() */ #undef HAVE_PCAP_DUMP_FTELL /* Define to 1 if you have the `pcap_findalldevs' function. */ #undef HAVE_PCAP_FINDALLDEVS /* Define to 1 if you have the `pcap_free_datalinks' function. */ #undef HAVE_PCAP_FREE_DATALINKS /* Define to 1 if the system has the type `pcap_if_t'. */ #undef HAVE_PCAP_IF_T /* Define to 1 if you have the `pcap_lib_version' function. */ #undef HAVE_PCAP_LIB_VERSION /* define if libpcap has pcap_list_datalinks() */ #undef HAVE_PCAP_LIST_DATALINKS /* Define to 1 if you have the header file. */ #undef HAVE_PCAP_NFLOG_H /* Define to 1 if you have the `pcap_setdirection' function. */ #undef HAVE_PCAP_SETDIRECTION /* Define to 1 if you have the `pcap_set_datalink' function. */ #undef HAVE_PCAP_SET_DATALINK /* Define to 1 if you have the `pcap_set_immediate_mode' function. */ #undef HAVE_PCAP_SET_IMMEDIATE_MODE /* Define to 1 if you have the `pcap_set_tstamp_precision' function. */ #undef HAVE_PCAP_SET_TSTAMP_PRECISION /* Define to 1 if you have the `pcap_set_tstamp_type' function. */ #undef HAVE_PCAP_SET_TSTAMP_TYPE /* Define to 1 if you have the header file. */ #undef HAVE_PCAP_USB_H /* define if libpcap has pcap_version */ #undef HAVE_PCAP_VERSION /* Define to 1 if you have the `pfopen' function. */ #undef HAVE_PFOPEN /* Define to 1 if you have the header file. */ #undef HAVE_RPC_RPCENT_H /* Define to 1 if you have the header file. */ #undef HAVE_RPC_RPC_H /* Define to 1 if you have the `setlinebuf' function. */ #undef HAVE_SETLINEBUF /* Define to 1 if you have the `sigaction' function. */ #undef HAVE_SIGACTION /* Define to 1 if you have the `sigset' function. */ #undef HAVE_SIGSET /* Define to 1 if you have the `snprintf' function. */ #undef HAVE_SNPRINTF /* if struct sockaddr has the sa_len member */ #undef HAVE_SOCKADDR_SA_LEN /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H /* Define to 1 if you have the `strcasecmp' function. */ #undef HAVE_STRCASECMP /* Define to 1 if you have the `strdup' function. */ #undef HAVE_STRDUP /* Define to 1 if you have the `strftime' function. */ #undef HAVE_STRFTIME /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H /* Define to 1 if you have the header file. */ #undef HAVE_STRING_H /* Define to 1 if you have the `strlcat' function. */ #undef HAVE_STRLCAT /* Define to 1 if you have the `strlcpy' function. */ #undef HAVE_STRLCPY /* Define to 1 if you have the `strsep' function. */ #undef HAVE_STRSEP /* Define to 1 if the system has the type `struct ether_addr'. */ #undef HAVE_STRUCT_ETHER_ADDR /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H /* Define to 1 if the system has the type `uintptr_t'. */ #undef HAVE_UINTPTR_T /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H /* Define to 1 if you have the `vfork' function. */ #undef HAVE_VFORK /* Define to 1 if you have the `vfprintf' function. */ #undef HAVE_VFPRINTF /* Define to 1 if you have the `vsnprintf' function. */ #undef HAVE_VSNPRINTF /* define if libpcap has yydebug */ #undef HAVE_YYDEBUG /* define if your compiler has __attribute__ */ #undef HAVE___ATTRIBUTE__ /* Define if you enable IPv6 support */ #undef INET6 /* if unaligned access fails */ #undef LBL_ALIGN /* define if you need to include missing/addrinfo.h */ #undef NEED_ADDRINFO_H /* Define to 1 if netinet/ether.h declares `ether_ntohost' */ #undef NETINET_ETHER_H_DECLARES_ETHER_NTOHOST /* Define to 1 if netinet/if_ether.h declares `ether_ntohost' */ #undef NETINET_IF_ETHER_H_DECLARES_ETHER_NTOHOST /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT /* Define to the full name of this package. */ #undef PACKAGE_NAME /* Define to the full name and version of this package. */ #undef PACKAGE_STRING /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME /* Define to the home page for this package. */ #undef PACKAGE_URL /* Define to the version of this package. */ #undef PACKAGE_VERSION /* define if the platform doesn't define PRId64 */ #undef PRId64 /* define if the platform doesn't define PRIo64 */ #undef PRIo64 /* define if the platform doesn't define PRIx64 */ #undef PRIu64 /* define if the platform doesn't define PRIu64 */ #undef PRIx64 /* Define as the return type of signal handlers (`int' or `void'). */ #undef RETSIGTYPE /* return value of signal handlers */ #undef RETSIGVAL /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS /* define if you want to build the possibly-buggy SMB printer */ #undef TCPDUMP_DO_SMB /* Define to 1 if you can safely include both and . */ #undef TIME_WITH_SYS_TIME /* define if you have ether_ntohost() and it works */ #undef USE_ETHER_NTOHOST /* Define if you enable support for libsmi */ #undef USE_LIBSMI /* define if should chroot when dropping privileges */ #undef WITH_CHROOT /* define if should drop privileges by default */ #undef WITH_USER /* get BSD semantics on Irix */ #undef _BSD_SIGNALS /* define on AIX to get certain functions */ #undef _SUN /* Define for Solaris 2.5.1 so the uint32_t typedef from , , or is not used. If the typedef were allowed, the #define below would cause a syntax error. */ #undef _UINT32_T /* Define for Solaris 2.5.1 so the uint64_t typedef from , , or is not used. If the typedef were allowed, the #define below would cause a syntax error. */ #undef _UINT64_T /* Define for Solaris 2.5.1 so the uint8_t typedef from , , or is not used. If the typedef were allowed, the #define below would cause a syntax error. */ #undef _UINT8_T /* define if your compiler allows __attribute__((format)) without a warning */ #undef __ATTRIBUTE___FORMAT_OK /* define if your compiler allows __attribute__((format)) to be applied to function pointers */ #undef __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS /* define if your compiler allows __attribute__((noreturn)) to be applied to function pointers */ #undef __ATTRIBUTE___NORETURN_OK_FOR_FUNCTION_POINTERS /* to handle Ultrix compilers that don't support const in prototypes */ #undef const /* Define as token for inline if inlining supported */ #undef inline /* Define to the type of a signed integer type of width exactly 16 bits if such a type exists and the standard includes do not define it. */ #undef int16_t /* Define to the type of a signed integer type of width exactly 32 bits if such a type exists and the standard includes do not define it. */ #undef int32_t /* Define to the type of a signed integer type of width exactly 64 bits if such a type exists and the standard includes do not define it. */ #undef int64_t /* Define to the type of a signed integer type of width exactly 8 bits if such a type exists and the standard includes do not define it. */ #undef int8_t /* Define to `uint16_t' if u_int16_t not defined. */ #undef u_int16_t /* Define to `uint32_t' if u_int32_t not defined. */ #undef u_int32_t /* Define to `uint64_t' if u_int64_t not defined. */ #undef u_int64_t /* Define to `uint8_t' if u_int8_t not defined. */ #undef u_int8_t /* Define to the type of an unsigned integer type of width exactly 16 bits if such a type exists and the standard includes do not define it. */ #undef uint16_t /* Define to the type of an unsigned integer type of width exactly 32 bits if such a type exists and the standard includes do not define it. */ #undef uint32_t /* Define to the type of an unsigned integer type of width exactly 64 bits if such a type exists and the standard includes do not define it. */ #undef uint64_t /* Define to the type of an unsigned integer type of width exactly 8 bits if such a type exists and the standard includes do not define it. */ #undef uint8_t /* Define to the type of an unsigned integer type wide enough to hold a pointer, if such a type exists, and if the system does not define it. */ #undef uintptr_t Index: head/contrib/tcpdump/configure =================================================================== --- head/contrib/tcpdump/configure (revision 296046) +++ head/contrib/tcpdump/configure (revision 296047) @@ -1,9731 +1,9731 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # Use a proper internal environment variable to ensure we don't fall # into an infinite loop, continuously re-executing ourselves. if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then _as_can_reexec=no; export _as_can_reexec; # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 as_fn_exit 255 fi # We don't want this to propagate to other subprocesses. { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST else case \`(set -o) 2>/dev/null\` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi " as_required="as_fn_return () { (exit \$1); } as_fn_success () { as_fn_return 0; } as_fn_failure () { as_fn_return 1; } as_fn_ret_success () { return 0; } as_fn_ret_failure () { return 1; } exitcode=0 as_fn_success || { exitcode=1; echo as_fn_success failed.; } as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : else exitcode=1; echo positional parameters were not saved. fi test x\$exitcode = x0 || exit 1 test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 test \$(( 1 + 1 )) = 2 || exit 1" if (eval "$as_required") 2>/dev/null; then : as_have_required=yes else as_have_required=no fi if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. as_found=: case $as_dir in #( /*) for as_base in sh bash ksh sh5; do # Try only shells that exist, to save several forks. as_shell=$as_dir/$as_base if { test -f "$as_shell" || test -f "$as_shell.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : CONFIG_SHELL=$as_shell as_have_required=yes if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : break 2 fi fi done;; esac as_found=false done $as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : CONFIG_SHELL=$SHELL as_have_required=yes fi; } IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : export CONFIG_SHELL # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi if test x$as_have_required = xno; then : $as_echo "$0: This script requires a shell more modern than all" $as_echo "$0: the shells that I found on your system." if test x${ZSH_VERSION+set} = xset ; then $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" $as_echo "$0: be upgraded to zsh 4.3.4 or later." else $as_echo "$0: Please tell bug-autoconf@gnu.org about your system, $0: including any error possibly output before this $0: message. Then install a modern shell, or manually run $0: the script under such a shell if you do have one." fi exit 1 fi fi fi SHELL=${CONFIG_SHELL-/bin/sh} export SHELL # Unset more variables known to interfere with behavior of common tools. CLICOLOR_FORCE= GREP_OPTIONS= unset CLICOLOR_FORCE GREP_OPTIONS ## --------------------- ## ## M4sh Shell Functions. ## ## --------------------- ## # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits as_lineno_1=$LINENO as_lineno_1a=$LINENO as_lineno_2=$LINENO as_lineno_2a=$LINENO eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) sed -n ' p /[$]LINENO/= ' <$as_myself | sed ' s/[$]LINENO.*/&-/ t lineno b :lineno N :loop s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ t loop s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # If we had to re-execute with $CONFIG_SHELL, we're ensured to have # already done that, so ensure we don't try to do so again and fall # in an infinite loop. This has already happened in practice. _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). . "./$as_me.lineno" # Exit status is that of the last command. exit } ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. # hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` # # Initializations. # ac_default_prefix=/usr/local ac_clean_files= ac_config_libobj_dir=. LIBOBJS= cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME= PACKAGE_TARNAME= PACKAGE_VERSION= PACKAGE_STRING= PACKAGE_BUGREPORT= PACKAGE_URL= ac_unique_file="tcpdump.c" # Factoring default headers for most tests. ac_includes_default="\ #include #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_SYS_STAT_H # include #endif #ifdef STDC_HEADERS # include # include #else # ifdef HAVE_STDLIB_H # include # endif #endif #ifdef HAVE_STRING_H # if !defined STDC_HEADERS && defined HAVE_MEMORY_H # include # endif # include #endif #ifdef HAVE_STRINGS_H # include #endif #ifdef HAVE_INTTYPES_H # include #endif #ifdef HAVE_STDINT_H # include #endif #ifdef HAVE_UNISTD_H # include #endif" ac_subst_vars='LTLIBOBJS INSTALL_DATA INSTALL_SCRIPT INSTALL_PROGRAM MAN_MISC_INFO MAN_FILE_FORMATS LOCALSRC V_PCAPDEP V_INCLS V_GROUP V_DEFS V_CCOPT MKDEP DEPENDENCY_CFLAG AR RANLIB PCAP_CONFIG LIBOBJS EGREP GREP CPP OBJEXT EXEEXT ac_ct_CC CPPFLAGS LDFLAGS CFLAGS CC SHLICC2 host_os host_vendor host_cpu host build_os build_vendor build_cpu build target_alias host_alias build_alias LIBS ECHO_T ECHO_N ECHO_C DEFS mandir localedir libdir psdir pdfdir dvidir htmldir infodir docdir oldincludedir includedir localstatedir sharedstatedir sysconfdir datadir datarootdir libexecdir sbindir bindir program_transform_name prefix exec_prefix PACKAGE_URL PACKAGE_BUGREPORT PACKAGE_STRING PACKAGE_VERSION PACKAGE_TARNAME PACKAGE_NAME PATH_SEPARATOR SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking with_gcc enable_universal with_smi enable_smb with_user with_chroot with_sandbox_capsicum enable_ipv6 with_system_libpcap with_crypto with_cap_ng ' ac_precious_vars='build_alias host_alias target_alias CC CFLAGS LDFLAGS LIBS CPPFLAGS CPP' # Initialize some variables set by options. ac_init_help= ac_init_version=false ac_unrecognized_opts= ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null exec_prefix=NONE no_create= no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= verbose= x_includes=NONE x_libraries=NONE # Installation directory options. # These are left unexpanded so users can "make install exec_prefix=/foo" # and all the variables that are supposed to be based on exec_prefix # by default will actually change. # Use braces instead of parens because sh, perl, etc. also accept them. # (The list follows the same order as the GNU Coding Standards.) bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datarootdir='${prefix}/share' datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE}' infodir='${datarootdir}/info' htmldir='${docdir}' dvidir='${docdir}' pdfdir='${docdir}' psdir='${docdir}' libdir='${exec_prefix}/lib' localedir='${datarootdir}/locale' mandir='${datarootdir}/man' ac_prev= ac_dashdash= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval $ac_prev=\$ac_option ac_prev= continue fi case $ac_option in *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; *=) ac_optarg= ;; *) ac_optarg=yes ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. case $ac_dashdash$ac_option in --) ac_dashdash=yes ;; -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir=$ac_optarg ;; -build | --build | --buil | --bui | --bu) ac_prev=build_alias ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build_alias=$ac_optarg ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file=$ac_optarg ;; --config-cache | -C) cache_file=config.cache ;; -datadir | --datadir | --datadi | --datad) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=*) datadir=$ac_optarg ;; -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ | --dataroo | --dataro | --datar) ac_prev=datarootdir ;; -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) datarootdir=$ac_optarg ;; -disable-* | --disable-*) ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) docdir=$ac_optarg ;; -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) ac_prev=dvidir ;; -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) dvidir=$ac_optarg ;; -enable-* | --enable-*) ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix=$ac_optarg ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he | -h) ac_init_help=long ;; -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) ac_init_help=recursive ;; -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) ac_init_help=short ;; -host | --host | --hos | --ho) ac_prev=host_alias ;; -host=* | --host=* | --hos=* | --ho=*) host_alias=$ac_optarg ;; -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) ac_prev=htmldir ;; -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ | --ht=*) htmldir=$ac_optarg ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir=$ac_optarg ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir=$ac_optarg ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir=$ac_optarg ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir=$ac_optarg ;; -localedir | --localedir | --localedi | --localed | --locale) ac_prev=localedir ;; -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) localedir=$ac_optarg ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst | --locals) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) localstatedir=$ac_optarg ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir=$ac_optarg ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir=$ac_optarg ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix=$ac_optarg ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix=$ac_optarg ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix=$ac_optarg ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name=$ac_optarg ;; -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) ac_prev=pdfdir ;; -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) pdfdir=$ac_optarg ;; -psdir | --psdir | --psdi | --psd | --ps) ac_prev=psdir ;; -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) psdir=$ac_optarg ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir=$ac_optarg ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir=$ac_optarg ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site=$ac_optarg ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir=$ac_optarg ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir=$ac_optarg ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target_alias ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target_alias=$ac_optarg ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers | -V) ac_init_version=: ;; -with-* | --with-*) ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes=$ac_optarg ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; -*) as_fn_error $? "unrecognized option: \`$ac_option' Try \`$0 --help' for more information" ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. case $ac_envvar in #( '' | [0-9]* | *[!_$as_cr_alnum]* ) as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; esac done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` as_fn_error $? "missing argument to $ac_option" fi if test -n "$ac_unrecognized_opts"; then case $enable_option_checking in no) ;; fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; esac fi # Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir do eval ac_val=\$$ac_var # Remove trailing slashes. case $ac_val in */ ) ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` eval $ac_var=\$ac_val;; esac # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias # FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi fi ac_tool_prefix= test -n "$host_alias" && ac_tool_prefix=$host_alias- test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. ac_confdir=`$as_dirname -- "$as_myself" || $as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_myself" : 'X\(//\)[^/]' \| \ X"$as_myself" : 'X\(//\)$' \| \ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` srcdir=$ac_confdir if test ! -r "$srcdir/$ac_unique_file"; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then srcdir=. fi # Remove unnecessary trailing slashes from srcdir. # Double slashes in file names in object file debugging info # mess up M-x gdb in Emacs. case $srcdir in */) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; esac for ac_var in $ac_precious_vars; do eval ac_env_${ac_var}_set=\${${ac_var}+set} eval ac_env_${ac_var}_value=\$${ac_var} eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} eval ac_cv_env_${ac_var}_value=\$${ac_var} done # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures this package to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this help and exit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit -q, --quiet, --silent do not print \`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or \`..'] Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify an installation prefix other than \`$ac_default_prefix' using \`--prefix', for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] --datadir=DIR read-only architecture-independent data [DATAROOTDIR] --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] --docdir=DIR documentation root [DATAROOTDIR/doc/PACKAGE] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF System types: --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] _ACEOF fi if test -n "$ac_init_help"; then cat <<\_ACEOF Optional Features: --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] --disable-universal don't build universal on OS X --enable-smb enable possibly-buggy SMB printer default=yes --disable-smb disable possibly-buggy SMB printer --enable-ipv6 enable ipv6 (with ipv4) support --disable-ipv6 disable ipv6 support Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) --without-gcc don't use gcc --with-smi link with libsmi (allows to load MIBs on the fly to decode SNMP packets. default=yes --without-smi don't link with libsmi --with-user=USERNAME drop privileges by default to USERNAME --with-chroot=DIRECTORY when dropping privileges, chroot to DIRECTORY --with-sandbox-capsicum use Capsicum security functions [default=yes, if available] --with-system-libpcap don't use local pcap library --with-crypto use OpenSSL libcrypto [default=yes, if available] --with-cap-ng use libcap-ng [default=yes, if available] Some influential environment variables: CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. Report bugs to the package provider. _ACEOF ac_status=$? fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue test -d "$ac_dir" || { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix cd "$ac_dir" || { ac_status=$?; continue; } # Check for guested configure. if test -f "$ac_srcdir/configure.gnu"; then echo && $SHELL "$ac_srcdir/configure.gnu" --help=recursive elif test -f "$ac_srcdir/configure"; then echo && $SHELL "$ac_srcdir/configure" --help=recursive else $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF configure generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi ## ------------------------ ## ## Autoconf initialization. ## ## ------------------------ ## # ac_fn_c_try_compile LINENO # -------------------------- # Try to compile conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest.$ac_objext; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_compile # ac_fn_c_try_cpp LINENO # ---------------------- # Try to preprocess conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_cpp () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_cpp conftest.$ac_ext" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } > conftest.i && { test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || test ! -s conftest.err }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_cpp # ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists, giving a warning if it cannot be compiled using # the include files in INCLUDES and setting the cache variable VAR # accordingly. ac_fn_c_check_header_mongrel () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if eval \${$3+:} false; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } else # Is the header compilable? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 $as_echo_n "checking $2 usability... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_header_compiler=yes else ac_header_compiler=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 $as_echo "$ac_header_compiler" >&6; } # Is the header present? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 $as_echo_n "checking $2 presence... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include <$2> _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : ac_header_preproc=yes else ac_header_preproc=no fi rm -f conftest.err conftest.i conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 $as_echo "$ac_header_preproc" >&6; } # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( yes:no: ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 $as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; no:yes:* ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 $as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 $as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 $as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 $as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=\$ac_header_compiler" fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_mongrel # ac_fn_c_try_run LINENO # ---------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. Assumes # that executables *can* be run. ac_fn_c_try_run () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then : ac_retval=0 else $as_echo "$as_me: program exited with status $ac_status" >&5 $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=$ac_status fi rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_run # ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists and can be compiled using the include files in # INCLUDES, setting the cache variable VAR accordingly. ac_fn_c_check_header_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_compile # ac_fn_c_try_link LINENO # ----------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_link () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext conftest$ac_exeext if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || test -x conftest$ac_exeext }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would # interfere with the next link command; also delete a directory that is # left behind by Apple's compiler. We do this before executing the actions. rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_link # ac_fn_c_check_func LINENO FUNC VAR # ---------------------------------- # Tests whether FUNC exists, setting the cache variable VAR accordingly ac_fn_c_check_func () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Define $2 to an innocuous variant, in case declares $2. For example, HP-UX 11i declares gettimeofday. */ #define $2 innocuous_$2 /* System header to define __stub macros and hopefully few prototypes, which can conflict with char $2 (); below. Prefer to if __STDC__ is defined, since exists even on freestanding compilers. */ #ifdef __STDC__ # include #else # include #endif #undef $2 /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char $2 (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ #if defined __stub_$2 || defined __stub___$2 choke me #endif int main () { return $2 (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_func # ac_fn_c_check_decl LINENO SYMBOL VAR INCLUDES # --------------------------------------------- # Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR # accordingly. ac_fn_c_check_decl () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack as_decl_name=`echo $2|sed 's/ *(.*//'` as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'` { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5 $as_echo_n "checking whether $as_decl_name is declared... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { #ifndef $as_decl_name #ifdef __cplusplus (void) $as_decl_use; #else (void) $as_decl_name; #endif #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_decl # ac_fn_c_check_type LINENO TYPE VAR INCLUDES # ------------------------------------------- # Tests whether TYPE exists after having included INCLUDES, setting cache # variable VAR accordingly. ac_fn_c_check_type () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=no" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { if (sizeof ($2)) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 int main () { if (sizeof (($2))) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else eval "$3=yes" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_type # ac_fn_c_find_intX_t LINENO BITS VAR # ----------------------------------- # Finds a signed integer type with width BITS, setting cache variable VAR # accordingly. ac_fn_c_find_intX_t () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for int$2_t" >&5 $as_echo_n "checking for int$2_t... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=no" # Order is important - never check a type that is potentially smaller # than half of the expected target width. for ac_type in int$2_t 'int' 'long int' \ 'long long int' 'short int' 'signed char'; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default enum { N = $2 / 2 - 1 }; int main () { static int test_array [1 - 2 * !(0 < ($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 1))]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default enum { N = $2 / 2 - 1 }; int main () { static int test_array [1 - 2 * !(($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 1) < ($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 2))]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else case $ac_type in #( int$2_t) : eval "$3=yes" ;; #( *) : eval "$3=\$ac_type" ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if eval test \"x\$"$3"\" = x"no"; then : else break fi done fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_find_intX_t # ac_fn_c_find_uintX_t LINENO BITS VAR # ------------------------------------ # Finds an unsigned integer type with width BITS, setting cache variable VAR # accordingly. ac_fn_c_find_uintX_t () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uint$2_t" >&5 $as_echo_n "checking for uint$2_t... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=no" # Order is important - never check a type that is potentially smaller # than half of the expected target width. for ac_type in uint$2_t 'unsigned int' 'unsigned long int' \ 'unsigned long long int' 'unsigned short int' 'unsigned char'; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int main () { static int test_array [1 - 2 * !((($ac_type) -1 >> ($2 / 2 - 1)) >> ($2 / 2 - 1) == 3)]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : case $ac_type in #( uint$2_t) : eval "$3=yes" ;; #( *) : eval "$3=\$ac_type" ;; esac fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if eval test \"x\$"$3"\" = x"no"; then : else break fi done fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_find_uintX_t cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by $as_me, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { cat <<_ASUNAME ## --------- ## ## Platform. ## ## --------- ## hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` /bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` /bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` /usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` /bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` _ASUNAME as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. $as_echo "PATH: $as_dir" done IFS=$as_save_IFS } >&5 cat >&5 <<_ACEOF ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. # Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= ac_configure_args0= ac_configure_args1= ac_must_keep_next=false for ac_pass in 1 2 do for ac_arg do case $ac_arg in -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) continue ;; *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; 2) as_fn_append ac_configure_args1 " '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else case $ac_arg in *=* | --config-cache | -C | -disable-* | --disable-* \ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ | -with-* | --with-* | -without-* | --without-* | --x) case "$ac_configure_args0 " in "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; esac ;; -* ) ac_must_keep_next=true ;; esac fi as_fn_append ac_configure_args " '$ac_arg'" ;; esac done done { ac_configure_args0=; unset ac_configure_args0;} { ac_configure_args1=; unset ac_configure_args1;} # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there # would cause problems or look ugly. # WARNING: Use '\'' to represent an apostrophe within the trap. # WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. trap 'exit_status=$? # Save into config.log some information that might help in debugging. { echo $as_echo "## ---------------- ## ## Cache variables. ## ## ---------------- ##" echo # The following way of writing the cache mishandles newlines in values, ( for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( *${as_nl}ac_space=\ *) sed -n \ "s/'\''/'\''\\\\'\'''\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" ;; #( *) sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) echo $as_echo "## ----------------- ## ## Output variables. ## ## ----------------- ##" echo for ac_var in $ac_subst_vars do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo if test -n "$ac_subst_files"; then $as_echo "## ------------------- ## ## File substitutions. ## ## ------------------- ##" echo for ac_var in $ac_subst_files do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo fi if test -s confdefs.h; then $as_echo "## ----------- ## ## confdefs.h. ## ## ----------- ##" echo cat confdefs.h echo fi test "$ac_signal" != 0 && $as_echo "$as_me: caught signal $ac_signal" $as_echo "$as_me: exit $exit_status" } >&5 rm -f core *.core core.conftest.* && rm -f -r conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -f -r conftest* confdefs.h $as_echo "/* confdefs.h */" > confdefs.h # Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF #define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_VERSION "$PACKAGE_VERSION" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_STRING "$PACKAGE_STRING" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_URL "$PACKAGE_URL" _ACEOF # Let the site file select an alternate cache file if it wants to. # Prefer an explicitly selected file to automatically selected ones. ac_site_file1=NONE ac_site_file2=NONE if test -n "$CONFIG_SITE"; then # We do not want a PATH search for config.site. case $CONFIG_SITE in #(( -*) ac_site_file1=./$CONFIG_SITE;; */*) ac_site_file1=$CONFIG_SITE;; *) ac_site_file1=./$CONFIG_SITE;; esac elif test "x$prefix" != xNONE; then ac_site_file1=$prefix/share/config.site ac_site_file2=$prefix/etc/config.site else ac_site_file1=$ac_default_prefix/share/config.site ac_site_file2=$ac_default_prefix/etc/config.site fi for ac_site_file in "$ac_site_file1" "$ac_site_file2" do test "x$ac_site_file" = xNONE && continue if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 $as_echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" \ || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file See \`config.log' for more details" "$LINENO" 5; } fi done if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special files # actually), so we avoid doing that. DJGPP emulates it as a regular file. if test /dev/null != "$cache_file" && test -f "$cache_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 $as_echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . "$cache_file";; *) . "./$cache_file";; esac fi else { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 $as_echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false for ac_var in $ac_precious_vars; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val=\$ac_cv_env_${ac_var}_value eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then # differences in whitespace do not lead to failure. ac_old_val_w=`echo x $ac_old_val` ac_new_val_w=`echo x $ac_new_val` if test "$ac_old_val_w" != "$ac_new_val_w"; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 $as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} ac_cache_corrupted=: else { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 $as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} eval $ac_var=\$ac_old_val fi { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 $as_echo "$as_me: former value: \`$ac_old_val'" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 $as_echo "$as_me: current value: \`$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. *) as_fn_append ac_configure_args " '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 $as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 fi ## -------------------- ## ## Main body of script. ## ## -------------------- ## ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do if test -f "$ac_dir/install-sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" break elif test -f "$ac_dir/install.sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install.sh -c" break elif test -f "$ac_dir/shtool"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/shtool install -c" break fi done if test -z "$ac_aux_dir"; then as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 fi # These three variables are undocumented and unsupported, # and are intended to be withdrawn in a future Autoconf release. # They can cause serious problems if a builder's source tree is in a directory # whose full name contains unusual characters. ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. # Make sure we can run config.sub. $SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 { $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 $as_echo_n "checking build system type... " >&6; } if ${ac_cv_build+:} false; then : $as_echo_n "(cached) " >&6 else ac_build_alias=$build_alias test "x$ac_build_alias" = x && ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` test "x$ac_build_alias" = x && as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 $as_echo "$ac_cv_build" >&6; } case $ac_cv_build in *-*-*) ;; *) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; esac build=$ac_cv_build ac_save_IFS=$IFS; IFS='-' set x $ac_cv_build shift build_cpu=$1 build_vendor=$2 shift; shift # Remember, the first character of IFS is used to create $*, # except with old shells: build_os=$* IFS=$ac_save_IFS case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 $as_echo_n "checking host system type... " >&6; } if ${ac_cv_host+:} false; then : $as_echo_n "(cached) " >&6 else if test "x$host_alias" = x; then ac_cv_host=$ac_cv_build else ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 $as_echo "$ac_cv_host" >&6; } case $ac_cv_host in *-*-*) ;; *) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; esac host=$ac_cv_host ac_save_IFS=$IFS; IFS='-' set x $ac_cv_host shift host_cpu=$1 host_vendor=$2 shift; shift # Remember, the first character of IFS is used to create $*, # except with old shells: host_os=$* IFS=$ac_save_IFS case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac # Check whether --with-gcc was given. if test "${with_gcc+set}" = set; then : withval=$with_gcc; fi V_INCLS="" if test "${srcdir}" != "." ; then V_INCLS="-I$srcdir" fi if test "${CFLAGS+set}" = set; then LBL_CFLAGS="$CFLAGS" fi if test -z "$CC" ; then case "$host_os" in bsdi*) # Extract the first word of "shlicc2", so it can be a program name with args. set dummy shlicc2; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_SHLICC2+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$SHLICC2"; then ac_cv_prog_SHLICC2="$SHLICC2" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_SHLICC2="yes" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS test -z "$ac_cv_prog_SHLICC2" && ac_cv_prog_SHLICC2="no" fi fi SHLICC2=$ac_cv_prog_SHLICC2 if test -n "$SHLICC2"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $SHLICC2" >&5 $as_echo "$SHLICC2" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test $SHLICC2 = yes ; then CC=shlicc2 export CC fi ;; esac fi if test -z "$CC" -a "$with_gcc" = no ; then CC=cc export CC fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl.exe do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl.exe do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$ac_ct_CC" && break done if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi fi fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 for ac_option in --version -v -V -qversion; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then sed '10a\ ... rest of stderr output deleted ... 10q' conftest.err >conftest.er1 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 $as_echo_n "checking whether the C compiler works... " >&6; } ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` # The possible output files: ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" ac_rmfiles= for ac_file in $ac_files do case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; * ) ac_rmfiles="$ac_rmfiles $ac_file";; esac done rm -f $ac_rmfiles if { { ac_try="$ac_link_default" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link_default") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. # So ignore a value of `no', otherwise this would lead to `EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, # so that the user can short-circuit this test for compilers unknown to # Autoconf. for ac_file in $ac_files '' do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; then :; else ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi # We set ac_cv_exeext here because the later test for it is not # safe: cross compilers may not add the suffix if given an `-o' # argument, so we may need to know it at that point already. # Even if this section looks crufty: it has the advantage of # actually working. break;; * ) break;; esac done test "$ac_cv_exeext" = no && ac_cv_exeext= else ac_file='' fi if test -z "$ac_file"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables See \`config.log' for more details" "$LINENO" 5; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 $as_echo_n "checking for C compiler default output file name... " >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 $as_echo "$ac_file" >&6; } ac_exeext=$ac_cv_exeext rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 $as_echo_n "checking for suffix of executables... " >&6; } if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with # `rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` break;; * ) break;; esac done else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest conftest$ac_cv_exeext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 $as_echo "$ac_cv_exeext" >&6; } rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main () { FILE *f = fopen ("conftest.out", "w"); return ferror (f) || fclose (f) != 0; ; return 0; } _ACEOF ac_clean_files="$ac_clean_files conftest.out" # Check that the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 $as_echo_n "checking whether we are cross compiling... " >&6; } if test "$cross_compiling" != yes; then { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if { ac_try='./conftest$ac_cv_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details" "$LINENO" 5; } fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 $as_echo "$cross_compiling" >&6; } rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 $as_echo_n "checking for suffix of object files... " >&6; } if ${ac_cv_objext+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.o conftest.obj if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : for ac_file in conftest.o conftest.obj conftest.*; do test -f "$ac_file" || continue; case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 $as_echo "$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } if ${ac_cv_c_compiler_gnu+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_compiler_gnu=yes else ac_compiler_gnu=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 $as_echo "$ac_cv_c_compiler_gnu" >&6; } if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } if ${ac_cv_prog_cc_g+:} false; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes else CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 $as_echo "$ac_cv_prog_cc_g" >&6; } if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } if ${ac_cv_prog_cc_c89+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); static char *e (p, i) char **p; int i; { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not '\xHH' hex character constants. These don't provoke an error unfortunately, instead are silently treated as 'x'. The following induces an error, until -std is added to get proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an array size at least. It's necessary to write '\x00'==0 to get something that's true only with -std. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; /* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters inside strings and character constants. */ #define FOO(x) 'x' int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); int argc; char **argv; int main () { return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_c89=$ac_arg fi rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC fi # AC_CACHE_VAL case "x$ac_cv_prog_cc_c89" in x) { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 $as_echo "none needed" >&6; } ;; xno) { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 $as_echo "unsupported" >&6; } ;; *) CC="$CC $ac_cv_prog_cc_c89" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 $as_echo "$ac_cv_prog_cc_c89" >&6; } ;; esac if test "x$ac_cv_prog_cc_c89" != xno; then : fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test "$GCC" = yes ; then # # -Werror forces warnings to be errors. # ac_lbl_cc_force_warning_errors=-Werror # # Use -ffloat-store so that, on 32-bit x86, we don't # do 80-bit arithmetic with the FPU; that way we should # get the same results for floating-point calculations # on x86-32 and x86-64. # { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports the -ffloat-store option" >&5 $as_echo_n "checking whether the compiler supports the -ffloat-store option... " >&6; } save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors -ffloat-store" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { return 0 ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } CFLAGS="$save_CFLAGS" V_CCOPT="$V_CCOPT -ffloat-store" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } CFLAGS="$save_CFLAGS" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext else V_INCLS="$V_INCLS -I/usr/local/include" LDFLAGS="$LDFLAGS -L/usr/local/lib" case "$host_os" in darwin*) # # This is assumed either to be GCC or clang, both # of which use -Werror to force warnings to be errors. # ac_lbl_cc_force_warning_errors=-Werror ;; hpux*) # # HP C, which is what we presume we're using, doesn't # exit with a non-zero exit status if we hand it an # invalid -W flag, can't be forced to do so even with # +We, and doesn't handle GCC-style -W flags, so we # don't want to try using GCC-style -W flags. # ac_lbl_cc_dont_try_gcc_dashW=yes ;; irix*) # # MIPS C, which is what we presume we're using, doesn't # necessarily exit with a non-zero exit status if we # hand it an invalid -W flag, can't be forced to do # so, and doesn't handle GCC-style -W flags, so we # don't want to try using GCC-style -W flags. # ac_lbl_cc_dont_try_gcc_dashW=yes # # It also, apparently, defaults to "char" being # unsigned, unlike most other C implementations; # I suppose we could say "signed char" whenever # we want to guarantee a signed "char", but let's # just force signed chars. # # -xansi is normally the default, but the # configure script was setting it; perhaps -cckr # was the default in the Old Days. (Then again, # that would probably be for backwards compatibility # in the days when ANSI C was Shiny and New, i.e. # 1989 and the early '90's, so maybe we can just # drop support for those compilers.) # # -g is equivalent to -g2, which turns off # optimization; we choose -g3, which generates # debugging information but doesn't turn off # optimization (even if the optimization would # cause inaccuracies in debugging). # V_CCOPT="$V_CCOPT -xansi -signed -g3" ;; osf*) # # Presumed to be DEC OSF/1, Digital UNIX, or # Tru64 UNIX. # # The DEC C compiler, which is what we presume we're # using, doesn't exit with a non-zero exit status if we # hand it an invalid -W flag, can't be forced to do # so, and doesn't handle GCC-style -W flags, so we # don't want to try using GCC-style -W flags. # ac_lbl_cc_dont_try_gcc_dashW=yes # # -g is equivalent to -g2, which turns off # optimization; we choose -g3, which generates # debugging information but doesn't turn off # optimization (even if the optimization would # cause inaccuracies in debugging). # V_CCOPT="$V_CCOPT -g3" ;; solaris*) # # Assumed to be Sun C, which requires -errwarn to force # warnings to be treated as errors. # ac_lbl_cc_force_warning_errors=-errwarn ;; ultrix*) { $as_echo "$as_me:${as_lineno-$LINENO}: checking that Ultrix $CC hacks const in prototypes" >&5 $as_echo_n "checking that Ultrix $CC hacks const in prototypes... " >&6; } if ${ac_cv_lbl_cc_const_proto+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main () { struct a { int b; }; void c(const struct a *) ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_lbl_cc_const_proto=yes else ac_cv_lbl_cc_const_proto=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lbl_cc_const_proto" >&5 $as_echo "$ac_cv_lbl_cc_const_proto" >&6; } if test $ac_cv_lbl_cc_const_proto = no ; then $as_echo "#define const /**/" >>confdefs.h fi ;; esac V_CCOPT="$V_CCOPT -O" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inline" >&5 $as_echo_n "checking for inline... " >&6; } save_CFLAGS="$CFLAGS" CFLAGS="$V_CCOPT" if ${ac_cv_lbl_inline+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_lbl_inline="" ac_lbl_cc_inline=no for ac_lbl_inline in inline __inline__ __inline do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #define inline $ac_lbl_inline static inline struct iltest *foo(void); struct iltest { int iltest1; int iltest2; }; static inline struct iltest * foo() { static struct iltest xxx; return &xxx; } int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_lbl_cc_inline=yes fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test "$ac_lbl_cc_inline" = yes ; then break; fi done if test "$ac_lbl_cc_inline" = yes ; then ac_cv_lbl_inline=$ac_lbl_inline fi fi CFLAGS="$save_CFLAGS" if test ! -z "$ac_cv_lbl_inline" ; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lbl_inline" >&5 $as_echo "$ac_cv_lbl_inline" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi cat >>confdefs.h <<_ACEOF #define inline $ac_cv_lbl_inline _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for __attribute__" >&5 $as_echo_n "checking for __attribute__... " >&6; } if ${ac_cv___attribute__+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include static void foo(void) __attribute__ ((noreturn)); static void foo(void) { exit(1); } int main(int argc, char **argv) { foo(); } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv___attribute__=yes else ac_cv___attribute__=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi if test "$ac_cv___attribute__" = "yes"; then $as_echo "#define HAVE___ATTRIBUTE__ 1" >>confdefs.h else # # We can't use __attribute__, so we can't use __attribute__((unused)), # so we define _U_ to an empty string. # V_DEFS="$V_DEFS -D_U_=\"\"" fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv___attribute__" >&5 $as_echo "$ac_cv___attribute__" >&6; } if test "$ac_cv___attribute__" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether __attribute__((unused)) can be used without warnings" >&5 $as_echo_n "checking whether __attribute__((unused)) can be used without warnings... " >&6; } if ${ac_cv___attribute___unused+:} false; then : $as_echo_n "(cached) " >&6 else save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include int main(int argc __attribute((unused)), char **argv __attribute((unused))) { printf("Hello, world!\n"); return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv___attribute___unused=yes else ac_cv___attribute___unused=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi CFLAGS="$save_CFLAGS" if test "$ac_cv___attribute___unused" = "yes"; then V_DEFS="$V_DEFS -D_U_=\"__attribute__((unused))\"" else V_DEFS="$V_DEFS -D_U_=\"\"" fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv___attribute___unused" >&5 $as_echo "$ac_cv___attribute___unused" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether __attribute__((noreturn)) can be applied to function pointers without warnings" >&5 $as_echo_n "checking whether __attribute__((noreturn)) can be applied to function pointers without warnings... " >&6; } if ${ac_cv___attribute___noreturn_function_pointer+:} false; then : $as_echo_n "(cached) " >&6 else save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include extern int (*foo)(int i) __attribute__ ((noreturn)); int main(int argc, char **argv) { (*foo)(1); } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv___attribute___noreturn_function_pointer=yes else ac_cv___attribute___noreturn_function_pointer=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi CFLAGS="$save_CFLAGS" if test "$ac_cv___attribute___noreturn_function_pointer" = "yes"; then $as_echo "#define __ATTRIBUTE___NORETURN_OK_FOR_FUNCTION_POINTERS 1" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv___attribute___noreturn_function_pointer" >&5 $as_echo "$ac_cv___attribute___noreturn_function_pointer" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether __attribute__((format)) can be used without warnings" >&5 $as_echo_n "checking whether __attribute__((format)) can be used without warnings... " >&6; } if ${ac_cv___attribute___format+:} false; then : $as_echo_n "(cached) " >&6 else save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include extern int foo(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); int main(int argc, char **argv) { foo("%s", "test"); } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv___attribute___format=yes else ac_cv___attribute___format=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi CFLAGS="$save_CFLAGS" if test "$ac_cv___attribute___format" = "yes"; then $as_echo "#define __ATTRIBUTE___FORMAT_OK 1" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv___attribute___format" >&5 $as_echo "$ac_cv___attribute___format" >&6; } if test "$ac_cv___attribute___format" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether __attribute__((format)) can be applied to function pointers" >&5 $as_echo_n "checking whether __attribute__((format)) can be applied to function pointers... " >&6; } if ${ac_cv___attribute___format_function_pointer+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include extern int (*foo)(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); int main(int argc, char **argv) { (*foo)("%s", "test"); } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv___attribute___format_function_pointer=yes else ac_cv___attribute___format_function_pointer=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi if test "$ac_cv___attribute___format_function_pointer" = "yes"; then $as_echo "#define __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS 1" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv___attribute___format_function_pointer" >&5 $as_echo "$ac_cv___attribute___format_function_pointer" >&6; } fi fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 $as_echo_n "checking how to run the C preprocessor... " >&6; } # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if ${ac_cv_prog_CPP+:} false; then : $as_echo_n "(cached) " >&6 else # Double quotes because CPP needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" do ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : break fi done ac_cv_prog_CPP=$CPP fi CPP=$ac_cv_prog_CPP else ac_cv_prog_CPP=$CPP fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 $as_echo "$CPP" >&6; } ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details" "$LINENO" 5; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 $as_echo_n "checking for grep that handles long lines and -e... " >&6; } if ${ac_cv_path_GREP+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$GREP"; then ac_path_GREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in *GNU*) ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'GREP' >> "conftest.nl" "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_GREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_GREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_GREP"; then as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_GREP=$GREP fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 $as_echo "$ac_cv_path_GREP" >&6; } GREP="$ac_cv_path_GREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 $as_echo_n "checking for egrep... " >&6; } if ${ac_cv_path_EGREP+:} false; then : $as_echo_n "(cached) " >&6 else if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 then ac_cv_path_EGREP="$GREP -E" else if test -z "$EGREP"; then ac_path_EGREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in *GNU*) ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'EGREP' >> "conftest.nl" "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_EGREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_EGREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_EGREP"; then as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_EGREP=$EGREP fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 $as_echo "$ac_cv_path_EGREP" >&6; } EGREP="$ac_cv_path_EGREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } if ${ac_cv_header_stdc+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_stdc=yes else ac_cv_header_stdc=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) \ (('a' <= (c) && (c) <= 'i') \ || ('j' <= (c) && (c) <= 'r') \ || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) return 2; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : else ac_cv_header_stdc=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 $as_echo "$ac_cv_header_stdc" >&6; } if test $ac_cv_header_stdc = yes; then $as_echo "#define STDC_HEADERS 1" >>confdefs.h fi # On IRIX 5.3, sys/types and inttypes.h are conflicting. for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in fcntl.h rpc/rpc.h rpc/rpcent.h netdnet/dnetdb.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done for ac_header in net/pfvar.h do : ac_fn_c_check_header_compile "$LINENO" "net/pfvar.h" "ac_cv_header_net_pfvar_h" "#include #include #include " if test "x$ac_cv_header_net_pfvar_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_NET_PFVAR_H 1 _ACEOF fi done if test "$ac_cv_header_net_pfvar_h" = yes; then LOCALSRC="print-pflog.c $LOCALSRC" fi for ac_header in netinet/if_ether.h do : ac_fn_c_check_header_compile "$LINENO" "netinet/if_ether.h" "ac_cv_header_netinet_if_ether_h" "#include #include " if test "x$ac_cv_header_netinet_if_ether_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_NETINET_IF_ETHER_H 1 _ACEOF fi done if test "$ac_cv_header_netinet_if_ether_h" != yes; then # # The simple test didn't work. # Do we need to include first? # Unset ac_cv_header_netinet_if_ether_h so we don't # treat the previous failure as a cached value and # suppress the next test. # { $as_echo "$as_me:${as_lineno-$LINENO}: Rechecking with some additional includes" >&5 $as_echo "$as_me: Rechecking with some additional includes" >&6;} unset ac_cv_header_netinet_if_ether_h for ac_header in netinet/if_ether.h do : ac_fn_c_check_header_compile "$LINENO" "netinet/if_ether.h" "ac_cv_header_netinet_if_ether_h" "#include #include #include struct mbuf; struct rtentry; #include " if test "x$ac_cv_header_netinet_if_ether_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_NETINET_IF_ETHER_H 1 _ACEOF fi done fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5 $as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; } if ${ac_cv_header_time+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include int main () { if ((struct tm *) 0) return 0; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_time=yes else ac_cv_header_time=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_time" >&5 $as_echo "$ac_cv_header_time" >&6; } if test $ac_cv_header_time = yes; then $as_echo "#define TIME_WITH_SYS_TIME 1" >>confdefs.h fi case "$host_os" in darwin*) # Check whether --enable-universal was given. if test "${enable_universal+set}" = set; then : enableval=$enable_universal; fi if test "$enable_universal" != "no"; then case "$host_os" in darwin9.*) # # Leopard. Build for x86 and 32-bit PowerPC, with # x86 first. (That's what Apple does.) # V_CCOPT="$V_CCOPT -arch i386 -arch ppc" LDFLAGS="$LDFLAGS -arch i386 -arch ppc" ;; darwin10.*) # # Snow Leopard. Build for x86-64 and x86, with # x86-64 first. (That's what Apple does.) # V_CCOPT="$V_CCOPT -arch x86_64 -arch i386" LDFLAGS="$LDFLAGS -arch x86_64 -arch i386" ;; esac fi ;; esac # Check whether --with-smi was given. if test "${with_smi+set}" = set; then : withval=$with_smi; else with_smi=yes fi if test "x$with_smi" != "xno" ; then ac_fn_c_check_header_mongrel "$LINENO" "smi.h" "ac_cv_header_smi_h" "$ac_includes_default" if test "x$ac_cv_header_smi_h" = xyes; then : # # OK, we found smi.h. Do we have libsmi with smiInit? # { $as_echo "$as_me:${as_lineno-$LINENO}: checking for smiInit in -lsmi" >&5 $as_echo_n "checking for smiInit in -lsmi... " >&6; } if ${ac_cv_lib_smi_smiInit+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lsmi $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char smiInit (); int main () { return smiInit (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_smi_smiInit=yes else ac_cv_lib_smi_smiInit=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_smi_smiInit" >&5 $as_echo "$ac_cv_lib_smi_smiInit" >&6; } if test "x$ac_cv_lib_smi_smiInit" = xyes; then : # # OK, we have libsmi with smiInit. Can we use it? # { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable libsmi" >&5 $as_echo_n "checking whether to enable libsmi... " >&6; } savedlibs="$LIBS" LIBS="-lsmi $LIBS" if test "$cross_compiling" = yes; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: not when cross-compiling" >&5 $as_echo "not when cross-compiling" >&6; } LIBS="$savedlibs" else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* libsmi available check */ #include main() { int current, revision, age, n; const int required = 2; if (smiInit("")) exit(1); if (strcmp(SMI_LIBRARY_VERSION, smi_library_version)) exit(2); n = sscanf(smi_library_version, "%d:%d:%d", ¤t, &revision, &age); if (n != 3) exit(3); if (required < current - age || required > current) exit(4); exit(0); } _ACEOF if ac_fn_c_try_run "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } $as_echo "#define USE_LIBSMI 1" >>confdefs.h else case $? in 1) { $as_echo "$as_me:${as_lineno-$LINENO}: result: no - smiInit failed" >&5 $as_echo "no - smiInit failed" >&6; } ;; 2) { $as_echo "$as_me:${as_lineno-$LINENO}: result: no - header/library version mismatch" >&5 $as_echo "no - header/library version mismatch" >&6; } ;; 3) { $as_echo "$as_me:${as_lineno-$LINENO}: result: no - can't determine library version" >&5 $as_echo "no - can't determine library version" >&6; } ;; 4) { $as_echo "$as_me:${as_lineno-$LINENO}: result: no - too old" >&5 $as_echo "no - too old" >&6; } ;; *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } ;; esac LIBS="$savedlibs" fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable the possibly-buggy SMB printer" >&5 $as_echo_n "checking whether to enable the possibly-buggy SMB printer... " >&6; } # Check whether --enable-smb was given. if test "${enable_smb+set}" = set; then : enableval=$enable_smb; else enableval=yes fi case "$enableval" in yes) { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: The SMB printer may have exploitable buffer overflows!!!" >&5 $as_echo "$as_me: WARNING: The SMB printer may have exploitable buffer overflows!!!" >&2;} $as_echo "#define TCPDUMP_DO_SMB 1" >>confdefs.h LOCALSRC="print-smb.c smbutil.c $LOCALSRC" ;; *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } ;; esac # Check whether --with-user was given. if test "${with_user+set}" = set; then : withval=$with_user; fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to drop root privileges by default" >&5 $as_echo_n "checking whether to drop root privileges by default... " >&6; } if test ! -z "$with_user" ; then cat >>confdefs.h <<_ACEOF #define WITH_USER "$withval" _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: result: to \"$withval\"" >&5 $as_echo "to \"$withval\"" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi # Check whether --with-chroot was given. if test "${with_chroot+set}" = set; then : withval=$with_chroot; fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to chroot" >&5 $as_echo_n "checking whether to chroot... " >&6; } if test ! -z "$with_chroot" && test "$with_chroot" != "no" ; then cat >>confdefs.h <<_ACEOF #define WITH_CHROOT "$withval" _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: result: to \"$withval\"" >&5 $as_echo "to \"$withval\"" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi # Check whether --with-sandbox-capsicum was given. if test "${with_sandbox_capsicum+set}" = set; then : withval=$with_sandbox_capsicum; fi # # Check whether various functions are available. If any are, set # ac_lbl_capsicum_function_seen to yes; if any are not, set # ac_lbl_capsicum_function_not_seen to yes. # # We don't check cap_rights_init(), as it's a macro, wrapping another # function, in at least some versions of FreeBSD, and AC_CHECK_FUNCS() # doesn't handle that. # # All of the ones we check for must be available in order to enable # capsicum sandboxing. # # XXX - do we need to check for all of them, or are there some that, if # present, imply others are present? # if test ! -z "$with_sandbox-capsicum" && test "$with_sandbox-capsicum" != "no" ; then for ac_func in cap_enter cap_rights_limit cap_ioctls_limit openat do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF ac_lbl_capsicum_function_seen=yes else ac_lbl_capsicum_function_not_seen=yes fi done fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to sandbox using capsicum" >&5 $as_echo_n "checking whether to sandbox using capsicum... " >&6; } if test "x$ac_lbl_capsicum_function_seen" = "xyes" -a "x$ac_lbl_capsicum_function_not_seen" != "xyes"; then -$as_echo "#define HAVE_CAPSICUM 1" >>confdefs.h +$as_echo "#define HAVE_CAPSPER 1" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi # # We must check this before checking whether to enable IPv6, because, # on some platforms (such as SunOS 5.x), the test program requires # the extra networking libraries. # # Most operating systems have gethostbyname() in the default searched # libraries (i.e. libc): # Some OSes (eg. Solaris) place it in libnsl # Some strange OSes (SINIX) have it in libsocket: { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing gethostbyname" >&5 $as_echo_n "checking for library containing gethostbyname... " >&6; } if ${ac_cv_search_gethostbyname+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char gethostbyname (); int main () { return gethostbyname (); ; return 0; } _ACEOF for ac_lib in '' nsl socket resolv; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_gethostbyname=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_gethostbyname+:} false; then : break fi done if ${ac_cv_search_gethostbyname+:} false; then : else ac_cv_search_gethostbyname=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_gethostbyname" >&5 $as_echo "$ac_cv_search_gethostbyname" >&6; } ac_res=$ac_cv_search_gethostbyname if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" fi # Unfortunately libsocket sometimes depends on libnsl and # AC_SEARCH_LIBS isn't up to the task of handling dependencies like this. if test "$ac_cv_search_gethostbyname" = "no" then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lsocket" >&5 $as_echo_n "checking for gethostbyname in -lsocket... " >&6; } if ${ac_cv_lib_socket_gethostbyname+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket -lnsl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char gethostbyname (); int main () { return gethostbyname (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_socket_gethostbyname=yes else ac_cv_lib_socket_gethostbyname=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_gethostbyname" >&5 $as_echo "$ac_cv_lib_socket_gethostbyname" >&6; } if test "x$ac_cv_lib_socket_gethostbyname" = xyes; then : LIBS="-lsocket -lnsl $LIBS" fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing socket" >&5 $as_echo_n "checking for library containing socket... " >&6; } if ${ac_cv_search_socket+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char socket (); int main () { return socket (); ; return 0; } _ACEOF for ac_lib in '' socket; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_socket=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_socket+:} false; then : break fi done if ${ac_cv_search_socket+:} false; then : else ac_cv_search_socket=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5 $as_echo "$ac_cv_search_socket" >&6; } ac_res=$ac_cv_search_socket if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" else { $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket in -lsocket" >&5 $as_echo_n "checking for socket in -lsocket... " >&6; } if ${ac_cv_lib_socket_socket+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lsocket -lnsl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char socket (); int main () { return socket (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_socket_socket=yes else ac_cv_lib_socket_socket=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_socket" >&5 $as_echo "$ac_cv_lib_socket_socket" >&6; } if test "x$ac_cv_lib_socket_socket" = xyes; then : LIBS="-lsocket -lnsl $LIBS" fi fi # DLPI needs putmsg under HPUX so test for -lstr while we're at it { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing putmsg" >&5 $as_echo_n "checking for library containing putmsg... " >&6; } if ${ac_cv_search_putmsg+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char putmsg (); int main () { return putmsg (); ; return 0; } _ACEOF for ac_lib in '' str; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_putmsg=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_putmsg+:} false; then : break fi done if ${ac_cv_search_putmsg+:} false; then : else ac_cv_search_putmsg=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_putmsg" >&5 $as_echo "$ac_cv_search_putmsg" >&6; } ac_res=$ac_cv_search_putmsg if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable ipv6" >&5 $as_echo_n "checking whether to enable ipv6... " >&6; } # Check whether --enable-ipv6 was given. if test "${enable_ipv6+set}" = set; then : enableval=$enable_ipv6; case "$enableval" in yes) { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } LOCALSRC="print-ip6opts.c print-mobility.c print-ripng.c print-icmp6.c print-frag6.c print-rt6.c print-ospf6.c print-dhcp6.c print-babel.c $LOCALSRC" $as_echo "#define INET6 1" >>confdefs.h ipv6=yes ;; *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } ipv6=no ;; esac else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* AF_INET6 available check */ #include #include #include #ifdef AF_INET6 void foo(struct in6_addr *addr) { memset(addr, 0, sizeof (struct in6_addr)); } #else #error "AF_INET6 not defined" #endif _ACEOF if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } LOCALSRC="print-ip6opts.c print-mobility.c print-ripng.c print-icmp6.c print-frag6.c print-rt6.c print-ospf6.c print-dhcp6.c print-babel.c $LOCALSRC" $as_echo "#define INET6 1" >>confdefs.h ipv6=yes else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } ipv6=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi ipv6type=unknown ipv6lib=none ipv6trylibc=no if test "$ipv6" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking ipv6 stack type" >&5 $as_echo_n "checking ipv6 stack type... " >&6; } for i in inria kame linux-glibc linux-libinet6 toshiba v6d zeta; do case $i in inria) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #ifdef IPV6_INRIA_VERSION yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "yes" >/dev/null 2>&1; then : ipv6type=$i; CFLAGS="-DINET6 $CFLAGS" fi rm -f conftest* ;; kame) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #ifdef __KAME__ yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "yes" >/dev/null 2>&1; then : ipv6type=$i; ipv6lib=inet6; ipv6libdir=/usr/local/v6/lib; ipv6trylibc=yes; CFLAGS="-DINET6 $CFLAGS" fi rm -f conftest* ;; linux-glibc) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #if defined(__GLIBC__) && __GLIBC__ >= 2 && __GLIBC_MINOR__ >= 1 yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "yes" >/dev/null 2>&1; then : ipv6type=$i; CFLAGS="-DINET6 $CFLAGS" fi rm -f conftest* ;; linux-libinet6) if test -d /usr/inet6 -o -f /usr/include/netinet/ip6.h; then ipv6type=$i ipv6lib=inet6 ipv6libdir=/usr/inet6/lib ipv6trylibc=yes; CFLAGS="-DINET6 -I/usr/inet6/include $CFLAGS" fi ;; toshiba) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #ifdef _TOSHIBA_INET6 yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "yes" >/dev/null 2>&1; then : ipv6type=$i; ipv6lib=inet6; ipv6libdir=/usr/local/v6/lib; CFLAGS="-DINET6 $CFLAGS" fi rm -f conftest* ;; v6d) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #ifdef __V6D__ yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "yes" >/dev/null 2>&1; then : ipv6type=$i; ipv6lib=v6; ipv6libdir=/usr/local/v6/lib; CFLAGS="-I/usr/local/v6/include $CFLAGS" fi rm -f conftest* ;; zeta) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #ifdef _ZETA_MINAMI_INET6 yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "yes" >/dev/null 2>&1; then : ipv6type=$i; ipv6lib=inet6; ipv6libdir=/usr/local/v6/lib; CFLAGS="-DINET6 $CFLAGS" fi rm -f conftest* ;; esac if test "$ipv6type" != "unknown"; then break fi done { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ipv6type" >&5 $as_echo "$ipv6type" >&6; } fi if test "$ipv6" = "yes" -a "$ipv6lib" != "none"; then if test -d $ipv6libdir -a -f $ipv6libdir/lib$ipv6lib.a; then LIBS="-L$ipv6libdir -l$ipv6lib $LIBS" echo "You have $ipv6lib library, using it" else if test "$ipv6trylibc" = "yes"; then echo "You do not have $ipv6lib library, using libc" else echo 'Fatal: no $ipv6lib library found. cannot continue.' echo "You need to fetch lib$ipv6lib.a from appropriate" echo 'ipv6 kit and compile beforehand.' exit 1 fi fi fi if test "$ipv6" = "yes"; then # # XXX - on Tru64 UNIX 5.1, there is no "getaddrinfo()" # function in libc; there are "ngetaddrinfo()" and # "ogetaddrinfo()" functions, and #defines # "getaddrinfo" to be either "ngetaddrinfo" or # "ogetaddrinfo", depending on whether _SOCKADDR_LEN # or _XOPEN_SOURCE_EXTENDED are defined or not. # # So this test doesn't work on Tru64 5.1, and possibly # on other 5.x releases. This causes the configure # script to become confused, and results in libpcap # being unbuildable. # { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing getaddrinfo" >&5 $as_echo_n "checking for library containing getaddrinfo... " >&6; } if ${ac_cv_search_getaddrinfo+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char getaddrinfo (); int main () { return getaddrinfo (); ; return 0; } _ACEOF for ac_lib in '' socket; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_getaddrinfo=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_getaddrinfo+:} false; then : break fi done if ${ac_cv_search_getaddrinfo+:} false; then : else ac_cv_search_getaddrinfo=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_getaddrinfo" >&5 $as_echo "$ac_cv_search_getaddrinfo" >&6; } ac_res=$ac_cv_search_getaddrinfo if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" { $as_echo "$as_me:${as_lineno-$LINENO}: checking getaddrinfo bug" >&5 $as_echo_n "checking getaddrinfo bug... " >&6; } if ${td_cv_buggygetaddrinfo+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : td_cv_buggygetaddrinfo=unknown else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include #include main() { int passive, gaierr, inet4 = 0, inet6 = 0; struct addrinfo hints, *ai, *aitop; char straddr[INET6_ADDRSTRLEN], strport[16]; for (passive = 0; passive <= 1; passive++) { memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_flags = passive ? AI_PASSIVE : 0; hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP; if ((gaierr = getaddrinfo(NULL, "54321", &hints, &aitop)) != 0) { (void)gai_strerror(gaierr); goto bad; } for (ai = aitop; ai; ai = ai->ai_next) { if (ai->ai_addr == NULL || ai->ai_addrlen == 0 || getnameinfo(ai->ai_addr, ai->ai_addrlen, straddr, sizeof(straddr), strport, sizeof(strport), NI_NUMERICHOST|NI_NUMERICSERV) != 0) { goto bad; } switch (ai->ai_family) { case AF_INET: if (strcmp(strport, "54321") != 0) { goto bad; } if (passive) { if (strcmp(straddr, "0.0.0.0") != 0) { goto bad; } } else { if (strcmp(straddr, "127.0.0.1") != 0) { goto bad; } } inet4++; break; case AF_INET6: if (strcmp(strport, "54321") != 0) { goto bad; } if (passive) { if (strcmp(straddr, "::") != 0) { goto bad; } } else { if (strcmp(straddr, "::1") != 0) { goto bad; } } inet6++; break; case AF_UNSPEC: goto bad; break; #ifdef AF_UNIX case AF_UNIX: #else #ifdef AF_LOCAL case AF_LOCAL: #endif #endif default: /* another family support? */ break; } } } /* supported family should be 2, unsupported family should be 0 */ if (!(inet4 == 0 || inet4 == 2)) goto bad; if (!(inet6 == 0 || inet6 == 2)) goto bad; if (aitop) freeaddrinfo(aitop); exit(0); bad: if (aitop) freeaddrinfo(aitop); exit(1); } _ACEOF if ac_fn_c_try_run "$LINENO"; then : td_cv_buggygetaddrinfo=no else td_cv_buggygetaddrinfo=yes fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi if test "$td_cv_buggygetaddrinfo" = no; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: good" >&5 $as_echo "good" >&6; } elif test "$td_cv_buggygetaddrinfo" = unknown; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: unknown (cross-compiling)" >&5 $as_echo "unknown (cross-compiling)" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: buggy" >&5 $as_echo "buggy" >&6; } fi if test "$td_cv_buggygetaddrinfo" = "yes"; then # # XXX - it doesn't appear that "ipv6type" can ever be # set to "linux". Should this be testing for # "linux-glibc", or for that *or* "linux-libinet6"? # If the latter, note that "linux-libinet6" is also # the type given to some non-Linux OSes. # if test "$ipv6type" != "linux"; then echo 'Fatal: You must get working getaddrinfo() function.' echo ' or you can specify "--disable-ipv6"'. exit 1 else echo 'Warning: getaddrinfo() implementation on your system seems be buggy.' echo ' Better upgrade your system library to newest version' echo ' of GNU C library (aka glibc).' fi fi fi ac_fn_c_check_func "$LINENO" "getnameinfo" "ac_cv_func_getnameinfo" if test "x$ac_cv_func_getnameinfo" = xyes; then : $as_echo "#define HAVE_GETNAMEINFO 1" >>confdefs.h else case " $LIBOBJS " in *" getnameinfo.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS getnameinfo.$ac_objext" ;; esac fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dnet_htoa declaration in netdnet/dnetdb.h" >&5 $as_echo_n "checking for dnet_htoa declaration in netdnet/dnetdb.h... " >&6; } if ${td_cv_decl_netdnet_dnetdb_h_dnet_htoa+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "dnet_htoa" >/dev/null 2>&1; then : td_cv_decl_netdnet_dnetdb_h_dnet_htoa=yes else td_cv_decl_netdnet_dnetdb_h_dnet_htoa=no fi rm -f conftest* fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $td_cv_decl_netdnet_dnetdb_h_dnet_htoa" >&5 $as_echo "$td_cv_decl_netdnet_dnetdb_h_dnet_htoa" >&6; } if test "$td_cv_decl_netdnet_dnetdb_h_dnet_htoa" = yes; then $as_echo "#define HAVE_NETDNET_DNETDB_H_DNET_HTOA 1" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for addrinfo" >&5 $as_echo_n "checking for addrinfo... " >&6; } if ${ac_cv_addrinfo+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ # include int main () { struct addrinfo a ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_addrinfo=yes else ac_cv_addrinfo=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_addrinfo" >&5 $as_echo "$ac_cv_addrinfo" >&6; } if test $ac_cv_addrinfo = yes; then $as_echo "#define HAVE_ADDRINFO 1" >>confdefs.h else $as_echo "#define NEED_ADDRINFO_H 1" >>confdefs.h fi if test "$ac_cv_addrinfo" = no; then missing_includes=yes fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for NI_MAXSERV" >&5 $as_echo_n "checking for NI_MAXSERV... " >&6; } if ${ac_cv_maxserv+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #ifdef NI_MAXSERV yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "yes" >/dev/null 2>&1; then : ac_cv_maxserv=yes else ac_cv_maxserv=no fi rm -f conftest* fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_maxserv" >&5 $as_echo "$ac_cv_maxserv" >&6; } if test $ac_cv_maxserv != yes; then $as_echo "#define NEED_ADDRINFO_H 1" >>confdefs.h fi if test "$ac_cv_maxserv" = no; then missing_includes=yes fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for NI_NAMEREQD" >&5 $as_echo_n "checking for NI_NAMEREQD... " >&6; } if ${ac_cv_namereqd+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #ifdef NI_NOFQDN yes #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "yes" >/dev/null 2>&1; then : ac_cv_namereqd=yes else ac_cv_namereqd=no fi rm -f conftest* fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_namereqd" >&5 $as_echo "$ac_cv_namereqd" >&6; } if test $ac_cv_namereqd != yes; then $as_echo "#define NEED_ADDRINFO_H 1" >>confdefs.h fi if test "$ac_cv_namereqd" = no; then missing_includes=yes fi ac_fn_c_check_func "$LINENO" "vfprintf" "ac_cv_func_vfprintf" if test "x$ac_cv_func_vfprintf" = xyes; then : $as_echo "#define HAVE_VFPRINTF 1" >>confdefs.h else case " $LIBOBJS " in *" vfprintf.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS vfprintf.$ac_objext" ;; esac fi ac_fn_c_check_func "$LINENO" "strcasecmp" "ac_cv_func_strcasecmp" if test "x$ac_cv_func_strcasecmp" = xyes; then : $as_echo "#define HAVE_STRCASECMP 1" >>confdefs.h else case " $LIBOBJS " in *" strcasecmp.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS strcasecmp.$ac_objext" ;; esac fi ac_fn_c_check_func "$LINENO" "strlcat" "ac_cv_func_strlcat" if test "x$ac_cv_func_strlcat" = xyes; then : $as_echo "#define HAVE_STRLCAT 1" >>confdefs.h else case " $LIBOBJS " in *" strlcat.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS strlcat.$ac_objext" ;; esac fi ac_fn_c_check_func "$LINENO" "strlcpy" "ac_cv_func_strlcpy" if test "x$ac_cv_func_strlcpy" = xyes; then : $as_echo "#define HAVE_STRLCPY 1" >>confdefs.h else case " $LIBOBJS " in *" strlcpy.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS strlcpy.$ac_objext" ;; esac fi ac_fn_c_check_func "$LINENO" "strdup" "ac_cv_func_strdup" if test "x$ac_cv_func_strdup" = xyes; then : $as_echo "#define HAVE_STRDUP 1" >>confdefs.h else case " $LIBOBJS " in *" strdup.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS strdup.$ac_objext" ;; esac fi ac_fn_c_check_func "$LINENO" "strsep" "ac_cv_func_strsep" if test "x$ac_cv_func_strsep" = xyes; then : $as_echo "#define HAVE_STRSEP 1" >>confdefs.h else case " $LIBOBJS " in *" strsep.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS strsep.$ac_objext" ;; esac fi ac_fn_c_check_func "$LINENO" "getopt_long" "ac_cv_func_getopt_long" if test "x$ac_cv_func_getopt_long" = xyes; then : $as_echo "#define HAVE_GETOPT_LONG 1" >>confdefs.h else case " $LIBOBJS " in *" getopt_long.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS getopt_long.$ac_objext" ;; esac fi for ac_func in fork vfork strftime do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done for ac_func in setlinebuf alarm do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done needsnprintf=no for ac_func in vsnprintf snprintf do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF else needsnprintf=yes fi done if test $needsnprintf = yes; then case " $LIBOBJS " in *" snprintf.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS snprintf.$ac_objext" ;; esac fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5 $as_echo_n "checking return type of signal handlers... " >&6; } if ${ac_cv_type_signal+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include int main () { return *(signal (0, 0)) (0) == 1; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_type_signal=int else ac_cv_type_signal=void fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_signal" >&5 $as_echo "$ac_cv_type_signal" >&6; } cat >>confdefs.h <<_ACEOF #define RETSIGTYPE $ac_cv_type_signal _ACEOF if test "$ac_cv_type_signal" = void ; then $as_echo "#define RETSIGVAL /**/" >>confdefs.h else $as_echo "#define RETSIGVAL (0)" >>confdefs.h fi case "$host_os" in irix*) $as_echo "#define _BSD_SIGNALS 1" >>confdefs.h ;; *) for ac_func in sigaction do : ac_fn_c_check_func "$LINENO" "sigaction" "ac_cv_func_sigaction" if test "x$ac_cv_func_sigaction" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SIGACTION 1 _ACEOF fi done if test $ac_cv_func_sigaction = no ; then for ac_func in sigset do : ac_fn_c_check_func "$LINENO" "sigset" "ac_cv_func_sigset" if test "x$ac_cv_func_sigset" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_SIGSET 1 _ACEOF fi done fi ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dnet_htoa" >&5 $as_echo_n "checking for library containing dnet_htoa... " >&6; } if ${ac_cv_search_dnet_htoa+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char dnet_htoa (); int main () { return dnet_htoa (); ; return 0; } _ACEOF for ac_lib in '' dnet; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_dnet_htoa=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_dnet_htoa+:} false; then : break fi done if ${ac_cv_search_dnet_htoa+:} false; then : else ac_cv_search_dnet_htoa=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_dnet_htoa" >&5 $as_echo "$ac_cv_search_dnet_htoa" >&6; } ac_res=$ac_cv_search_dnet_htoa if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" $as_echo "#define HAVE_DNET_HTOA 1" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lrpc" >&5 $as_echo_n "checking for main in -lrpc... " >&6; } if ${ac_cv_lib_rpc_main+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lrpc $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { return main (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_rpc_main=yes else ac_cv_lib_rpc_main=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_rpc_main" >&5 $as_echo "$ac_cv_lib_rpc_main" >&6; } if test "x$ac_cv_lib_rpc_main" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBRPC 1 _ACEOF LIBS="-lrpc $LIBS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing getrpcbynumber" >&5 $as_echo_n "checking for library containing getrpcbynumber... " >&6; } if ${ac_cv_search_getrpcbynumber+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char getrpcbynumber (); int main () { return getrpcbynumber (); ; return 0; } _ACEOF for ac_lib in '' nsl; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_getrpcbynumber=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_getrpcbynumber+:} false; then : break fi done if ${ac_cv_search_getrpcbynumber+:} false; then : else ac_cv_search_getrpcbynumber=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_getrpcbynumber" >&5 $as_echo "$ac_cv_search_getrpcbynumber" >&6; } ac_res=$ac_cv_search_getrpcbynumber if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" $as_echo "#define HAVE_GETRPCBYNUMBER 1" >>confdefs.h fi LBL_LIBS="$LIBS" pfopen=/usr/examples/packetfilter/pfopen.c if test -f $pfopen ; then for ac_func in pfopen do : ac_fn_c_check_func "$LINENO" "pfopen" "ac_cv_func_pfopen" if test "x$ac_cv_func_pfopen" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PFOPEN 1 _ACEOF fi done if test $ac_cv_func_pfopen = "no" ; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: Using $pfopen" >&5 $as_echo "Using $pfopen" >&6; } LIBS="$LIBS $pfopen" fi fi libpcap=FAIL { $as_echo "$as_me:${as_lineno-$LINENO}: checking for local pcap library" >&5 $as_echo_n "checking for local pcap library... " >&6; } # Check whether --with-system-libpcap was given. if test "${with_system_libpcap+set}" = set; then : withval=$with_system_libpcap; fi if test "x$with_system_libpcap" != xyes ; then lastdir=FAIL places=`ls $srcdir/.. | sed -e 's,/$,,' -e "s,^,$srcdir/../," | \ egrep '/libpcap-[0-9]+\.[0-9]+(\.[0-9]*)?([ab][0-9]*|-PRE-GIT)?$'` places2=`ls .. | sed -e 's,/$,,' -e "s,^,../," | \ egrep '/libpcap-[0-9]+\.[0-9]+(\.[0-9]*)?([ab][0-9]*|-PRE-GIT)?$'` for dir in $places $srcdir/../libpcap ../libpcap $srcdir/libpcap $places2 ; do basedir=`echo $dir | sed -e 's/[ab][0-9]*$//' | \ sed -e 's/-PRE-GIT$//' ` if test $lastdir = $basedir ; then continue; fi lastdir=$dir if test -r $dir/libpcap.a ; then libpcap=$dir/libpcap.a d=$dir fi done fi if test $libpcap = FAIL ; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 $as_echo "not found" >&6; } # # Look for pcap-config. # if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}pcap-config", so it can be a program name with args. set dummy ${ac_tool_prefix}pcap-config; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_path_PCAP_CONFIG+:} false; then : $as_echo_n "(cached) " >&6 else case $PCAP_CONFIG in [\\/]* | ?:[\\/]*) ac_cv_path_PCAP_CONFIG="$PCAP_CONFIG" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PCAP_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS ;; esac fi PCAP_CONFIG=$ac_cv_path_PCAP_CONFIG if test -n "$PCAP_CONFIG"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PCAP_CONFIG" >&5 $as_echo "$PCAP_CONFIG" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_path_PCAP_CONFIG"; then ac_pt_PCAP_CONFIG=$PCAP_CONFIG # Extract the first word of "pcap-config", so it can be a program name with args. set dummy pcap-config; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_path_ac_pt_PCAP_CONFIG+:} false; then : $as_echo_n "(cached) " >&6 else case $ac_pt_PCAP_CONFIG in [\\/]* | ?:[\\/]*) ac_cv_path_ac_pt_PCAP_CONFIG="$ac_pt_PCAP_CONFIG" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_ac_pt_PCAP_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS ;; esac fi ac_pt_PCAP_CONFIG=$ac_cv_path_ac_pt_PCAP_CONFIG if test -n "$ac_pt_PCAP_CONFIG"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PCAP_CONFIG" >&5 $as_echo "$ac_pt_PCAP_CONFIG" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_pt_PCAP_CONFIG" = x; then PCAP_CONFIG="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac PCAP_CONFIG=$ac_pt_PCAP_CONFIG fi else PCAP_CONFIG="$ac_cv_path_PCAP_CONFIG" fi if test -n "$PCAP_CONFIG" ; then # # Found - use it to get the include flags for # libpcap and the flags to link with libpcap. # # Please read section 11.6 "Shell Substitutions" # in the autoconf manual before doing anything # to this that involves quoting. Especially note # the statement "There is just no portable way to use # double-quoted strings inside double-quoted back-quoted # expressions (pfew!)." # cflags=`"$PCAP_CONFIG" --cflags` V_INCLS="$cflags $V_INCLS" libpcap=`"$PCAP_CONFIG" --libs` else # # Not found; look for pcap. # { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lpcap" >&5 $as_echo_n "checking for main in -lpcap... " >&6; } if ${ac_cv_lib_pcap_main+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lpcap $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { return main (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_pcap_main=yes else ac_cv_lib_pcap_main=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pcap_main" >&5 $as_echo "$ac_cv_lib_pcap_main" >&6; } if test "x$ac_cv_lib_pcap_main" = xyes; then : libpcap="-lpcap" fi if test $libpcap = FAIL ; then as_fn_error $? "see the INSTALL doc for more info" "$LINENO" 5 fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for extraneous pcap header directories" >&5 $as_echo_n "checking for extraneous pcap header directories... " >&6; } if test \( ! -r /usr/local/include/pcap.h \) -a \ \( ! -r /usr/include/pcap.h \); then if test -r /usr/local/include/pcap/pcap.h; then d="/usr/local/include/pcap" elif test -r /usr/include/pcap/pcap.h; then d="/usr/include/pcap" fi fi if test -z "$d" ; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: not found" >&5 $as_echo "not found" >&6; } else V_INCLS="-I$d $V_INCLS" { $as_echo "$as_me:${as_lineno-$LINENO}: result: found -- -I$d added" >&5 $as_echo "found -- -I$d added" >&6; } fi fi else V_PCAPDEP=$libpcap places=`ls $srcdir/.. | sed -e 's,/$,,' -e "s,^,$srcdir/../," | \ egrep '/libpcap-[0-9]*.[0-9]*(.[0-9]*)?([ab][0-9]*)?$'` places2=`ls .. | sed -e 's,/$,,' -e "s,^,../," | \ egrep '/libpcap-[0-9]*.[0-9]*(.[0-9]*)?([ab][0-9]*)?$'` pcapH=FAIL if test -r $d/pcap.h; then pcapH=$d else for dir in $places $srcdir/../libpcap ../libpcap $srcdir/libpcap $places2 ; do if test -r $dir/pcap.h ; then pcapH=$dir fi done fi if test $pcapH = FAIL ; then as_fn_error $? "cannot find pcap.h: see INSTALL" "$LINENO" 5 fi V_INCLS="-I$pcapH $V_INCLS" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $libpcap" >&5 $as_echo "$libpcap" >&6; } # Extract the first word of "pcap-config", so it can be a program name with args. set dummy pcap-config; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_path_PCAP_CONFIG+:} false; then : $as_echo_n "(cached) " >&6 else case $PCAP_CONFIG in [\\/]* | ?:[\\/]*) ac_cv_path_PCAP_CONFIG="$PCAP_CONFIG" # Let the user override the test with a path. ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $d do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PCAP_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS ;; esac fi PCAP_CONFIG=$ac_cv_path_PCAP_CONFIG if test -n "$PCAP_CONFIG"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PCAP_CONFIG" >&5 $as_echo "$PCAP_CONFIG" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test -n "$PCAP_CONFIG"; then # # The libpcap directory has a pcap-config script. # Use it to get any additioal libraries needed # to link with the libpcap archive library in # that directory. # # Please read section 11.6 "Shell Substitutions" # in the autoconf manual before doing anything # to this that involves quoting. Especially note # the statement "There is just no portable way to use # double-quoted strings inside double-quoted back-quoted # expressions (pfew!)." # additional_libs=`"$PCAP_CONFIG" --additional-libs --static` libpcap="$libpcap $additional_libs" fi fi LIBS="$libpcap $LIBS" if ! test -n "$PCAP_CONFIG" ; then # # We don't have pcap-config; find out any additional link flags # we need. (If we have pcap-config, we assume it tells us what # we need.) # case "$host_os" in aix*) # # If libpcap is DLPI-based, we have to use /lib/pse.exp if # present, as we use the STREAMS routines. # # (XXX - true only if we're linking with a static libpcap?) # pseexe="/lib/pse.exp" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $pseexe" >&5 $as_echo_n "checking for $pseexe... " >&6; } if test -f $pseexe ; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } LIBS="$LIBS -I:$pseexe" fi # # If libpcap is BPF-based, we need "-lodm" and "-lcfg", as # we use them to load the BPF module. # # (XXX - true only if we're linking with a static libpcap?) # LIBS="$LIBS -lodm -lcfg" ;; esac fi ac_fn_c_check_func "$LINENO" "pcap_loop" "ac_cv_func_pcap_loop" if test "x$ac_cv_func_pcap_loop" = xyes; then : else as_fn_error $? "Report this to tcpdump-workers@lists.tcpdump.org, and include the config.log file in your report. If you have downloaded libpcap from tcpdump.org, and built it yourself, please also include the config.log file from the libpcap source directory, the Makefile from the libpcap source directory, and the output of the make process for libpcap, as this could be a problem with the libpcap that was built, and we will not be able to determine why this is happening, and thus will not be able to fix it, without that information, as we have not been able to reproduce this problem ourselves." "$LINENO" 5 fi # # Check for these after AC_LBL_LIBPCAP, so we link with the appropriate # libraries (e.g., "-lsocket -lnsl" on Solaris). # # We don't use AC_REPLACE_FUNCS because that uses AC_CHECK_FUNCS which # use AC_CHECK_FUNC which doesn't let us specify the right #includes # to make this work on BSD/OS 4.x. BSD/OS 4.x ships with the BIND8 # resolver, and the way it defines inet_{ntop,pton} is rather strange; # it does not ship with a libc symbol "inet_ntop()", it ships with # "_inet_ntop()", and has a #define macro in one of the system headers # to rename it. # { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inet_ntop" >&5 $as_echo_n "checking for inet_ntop... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main () { char src[4], dst[128]; inet_ntop(AF_INET, src, dst, sizeof(dst)); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } case " $LIBOBJS " in *" inet_ntop.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS inet_ntop.$ac_objext" ;; esac fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inet_pton" >&5 $as_echo_n "checking for inet_pton... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main () { char src[128], dst[4]; inet_pton(AF_INET, src, dst); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } case " $LIBOBJS " in *" inet_pton.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS inet_pton.$ac_objext" ;; esac fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inet_aton" >&5 $as_echo_n "checking for inet_aton... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include int main () { char src[128]; struct in_addr dst; inet_aton(src, &dst); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } case " $LIBOBJS " in *" inet_aton.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS inet_aton.$ac_objext" ;; esac fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext # # Check for these after AC_LBL_LIBPCAP, for the same reason. # # You are in a twisty little maze of UN*Xes, all different. # Some might not have ether_ntohost(). # Some might have it, but not declare it in any header file. # Some might have it, but declare it in . # Some might have it, but declare it in # (And some might have it but document it as something declared in # , although appears to work.) # # Before you is a C compiler. # for ac_func in ether_ntohost do : ac_fn_c_check_func "$LINENO" "ether_ntohost" "ac_cv_func_ether_ntohost" if test "x$ac_cv_func_ether_ntohost" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_ETHER_NTOHOST 1 _ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking for buggy ether_ntohost" >&5 $as_echo_n "checking for buggy ether_ntohost... " >&6; } if ${ac_cv_buggy_ether_ntohost+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : ac_cv_buggy_ether_ntohost="not while cross-compiling" else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main(int argc, char **argv) { u_char ea[6] = { 0xff, 0xff, 0xff, 0xff, 0xff }; char name[MAXHOSTNAMELEN]; ether_ntohost(name, (struct ether_addr *)ea); exit(0); } _ACEOF if ac_fn_c_try_run "$LINENO"; then : ac_cv_buggy_ether_ntohost=no else ac_cv_buggy_ether_ntohost=yes fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_buggy_ether_ntohost" >&5 $as_echo "$ac_cv_buggy_ether_ntohost" >&6; } if test "$ac_cv_buggy_ether_ntohost" = "no"; then $as_echo "#define USE_ETHER_NTOHOST 1" >>confdefs.h fi fi done if test "$ac_cv_func_ether_ntohost" = yes -a \ "$ac_cv_buggy_ether_ntohost" = "no"; then # # OK, we have ether_ntohost(). Do we have ? # if test "$ac_cv_header_netinet_if_ether_h" = yes; then # # Yes. Does it declare ether_ntohost()? # ac_fn_c_check_decl "$LINENO" "ether_ntohost" "ac_cv_have_decl_ether_ntohost" " #include #include #include #include struct mbuf; struct rtentry; #include #include " if test "x$ac_cv_have_decl_ether_ntohost" = xyes; then : $as_echo "#define NETINET_IF_ETHER_H_DECLARES_ETHER_NTOHOST /**/" >>confdefs.h fi fi # # Did that succeed? # if test "$ac_cv_have_decl_ether_ntohost" != yes; then # # No, how about , as on Linux? # for ac_header in netinet/ether.h do : ac_fn_c_check_header_mongrel "$LINENO" "netinet/ether.h" "ac_cv_header_netinet_ether_h" "$ac_includes_default" if test "x$ac_cv_header_netinet_ether_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_NETINET_ETHER_H 1 _ACEOF fi done if test "$ac_cv_header_netinet_ether_h" = yes; then # # We have it - does it declare ether_ntohost()? # Unset ac_cv_have_decl_ether_ntohost so we don't # treat the previous failure as a cached value and # suppress the next test. # unset ac_cv_have_decl_ether_ntohost ac_fn_c_check_decl "$LINENO" "ether_ntohost" "ac_cv_have_decl_ether_ntohost" " #include " if test "x$ac_cv_have_decl_ether_ntohost" = xyes; then : $as_echo "#define NETINET_ETHER_H_DECLARES_ETHER_NTOHOST /**/" >>confdefs.h fi fi fi # # Is ether_ntohost() declared? # if test "$ac_cv_have_decl_ether_ntohost" != yes; then # # No, we'll have to declare it ourselves. # Do we have "struct ether_addr"? # ac_fn_c_check_type "$LINENO" "struct ether_addr" "ac_cv_type_struct_ether_addr" " #include #include #include #include struct mbuf; struct rtentry; #include #include " if test "x$ac_cv_type_struct_ether_addr" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_STRUCT_ETHER_ADDR 1 _ACEOF fi $as_echo "#define HAVE_DECL_ETHER_NTOHOST 0" >>confdefs.h else $as_echo "#define HAVE_DECL_ETHER_NTOHOST 1" >>confdefs.h fi fi # libdlpi is needed for Solaris 11 and later. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlpi_walk in -ldlpi" >&5 $as_echo_n "checking for dlpi_walk in -ldlpi... " >&6; } if ${ac_cv_lib_dlpi_dlpi_walk+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-ldlpi -L/lib $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char dlpi_walk (); int main () { return dlpi_walk (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_dlpi_dlpi_walk=yes else ac_cv_lib_dlpi_dlpi_walk=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dlpi_dlpi_walk" >&5 $as_echo "$ac_cv_lib_dlpi_dlpi_walk" >&6; } if test "x$ac_cv_lib_dlpi_dlpi_walk" = xyes; then : LIBS="$LIBS -ldlpi" LDFLAGS="-L/lib $LDFLAGS" fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking if sockaddr struct has sa_len member" >&5 $as_echo_n "checking if sockaddr struct has sa_len member... " >&6; } if ${ac_cv_sockaddr_has_sa_len+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ # include # include int main () { u_int i = sizeof(((struct sockaddr *)0)->sa_len) ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_sockaddr_has_sa_len=yes else ac_cv_sockaddr_has_sa_len=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sockaddr_has_sa_len" >&5 $as_echo "$ac_cv_sockaddr_has_sa_len" >&6; } if test $ac_cv_sockaddr_has_sa_len = yes ; then $as_echo "#define HAVE_SOCKADDR_SA_LEN 1" >>confdefs.h fi if test "$ac_cv_sockaddr_has_sa_len" = no; then missing_includes=yes fi ac_fn_c_check_func "$LINENO" "pcap_list_datalinks" "ac_cv_func_pcap_list_datalinks" if test "x$ac_cv_func_pcap_list_datalinks" = xyes; then : $as_echo "#define HAVE_PCAP_LIST_DATALINKS 1" >>confdefs.h for ac_func in pcap_free_datalinks do : ac_fn_c_check_func "$LINENO" "pcap_free_datalinks" "ac_cv_func_pcap_free_datalinks" if test "x$ac_cv_func_pcap_free_datalinks" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_FREE_DATALINKS 1 _ACEOF fi done else case " $LIBOBJS " in *" datalinks.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS datalinks.$ac_objext" ;; esac fi for ac_func in pcap_set_datalink do : ac_fn_c_check_func "$LINENO" "pcap_set_datalink" "ac_cv_func_pcap_set_datalink" if test "x$ac_cv_func_pcap_set_datalink" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_SET_DATALINK 1 _ACEOF fi done ac_fn_c_check_func "$LINENO" "pcap_datalink_name_to_val" "ac_cv_func_pcap_datalink_name_to_val" if test "x$ac_cv_func_pcap_datalink_name_to_val" = xyes; then : $as_echo "#define HAVE_PCAP_DATALINK_NAME_TO_VAL 1" >>confdefs.h ac_fn_c_check_func "$LINENO" "pcap_datalink_val_to_description" "ac_cv_func_pcap_datalink_val_to_description" if test "x$ac_cv_func_pcap_datalink_val_to_description" = xyes; then : $as_echo "#define HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION 1" >>confdefs.h else case " $LIBOBJS " in *" dlnames.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS dlnames.$ac_objext" ;; esac fi else case " $LIBOBJS " in *" dlnames.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS dlnames.$ac_objext" ;; esac fi for ac_func in pcap_breakloop do : ac_fn_c_check_func "$LINENO" "pcap_breakloop" "ac_cv_func_pcap_breakloop" if test "x$ac_cv_func_pcap_breakloop" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_BREAKLOOP 1 _ACEOF fi done ac_fn_c_check_func "$LINENO" "pcap_dump_ftell" "ac_cv_func_pcap_dump_ftell" if test "x$ac_cv_func_pcap_dump_ftell" = xyes; then : $as_echo "#define HAVE_PCAP_DUMP_FTELL 1" >>confdefs.h else case " $LIBOBJS " in *" pcap_dump_ftell.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS pcap_dump_ftell.$ac_objext" ;; esac fi # # Do we have the new open API? Check for pcap_create, and assume that, # if we do, we also have pcap_activate() and the other new routines # introduced in libpcap 1.0.0. # for ac_func in pcap_create do : ac_fn_c_check_func "$LINENO" "pcap_create" "ac_cv_func_pcap_create" if test "x$ac_cv_func_pcap_create" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_CREATE 1 _ACEOF fi done if test $ac_cv_func_pcap_create = "yes" ; then # # OK, do we have pcap_set_tstamp_type? If so, assume we have # pcap_list_tstamp_types and pcap_free_tstamp_types as well. # for ac_func in pcap_set_tstamp_type do : ac_fn_c_check_func "$LINENO" "pcap_set_tstamp_type" "ac_cv_func_pcap_set_tstamp_type" if test "x$ac_cv_func_pcap_set_tstamp_type" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_SET_TSTAMP_TYPE 1 _ACEOF fi done # # And do we have pcap_set_tstamp_precision? If so, we assume # we also have pcap_open_offline_with_tstamp_precision. # for ac_func in pcap_set_tstamp_precision do : ac_fn_c_check_func "$LINENO" "pcap_set_tstamp_precision" "ac_cv_func_pcap_set_tstamp_precision" if test "x$ac_cv_func_pcap_set_tstamp_precision" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_SET_TSTAMP_PRECISION 1 _ACEOF fi done fi # # Check for a miscellaneous collection of functions which we use # if we have them. # for ac_func in pcap_findalldevs pcap_dump_flush pcap_lib_version pcap_setdirection pcap_set_immediate_mode do : as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" if eval test \"x\$"$as_ac_var"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 _ACEOF fi done if test $ac_cv_func_pcap_findalldevs = "yes" ; then savedcppflags="$CPPFLAGS" CPPFLAGS="$CPPFLAGS $V_INCLS" ac_fn_c_check_type "$LINENO" "pcap_if_t" "ac_cv_type_pcap_if_t" "#include " if test "x$ac_cv_type_pcap_if_t" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_IF_T 1 _ACEOF fi CPPFLAGS="$savedcppflags" fi if test $ac_cv_func_pcap_lib_version = "no" ; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pcap_version is defined by libpcap" >&5 $as_echo_n "checking whether pcap_version is defined by libpcap... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { extern char pcap_version[]; return (int)pcap_version; ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_lbl_cv_pcap_version_defined=yes else ac_lbl_cv_pcap_version_defined=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext if test "$ac_lbl_cv_pcap_version_defined" = yes ; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } $as_echo "#define HAVE_PCAP_VERSION 1" >>confdefs.h else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pcap_debug is defined by libpcap" >&5 $as_echo_n "checking whether pcap_debug is defined by libpcap... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { extern int pcap_debug; return pcap_debug; ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_lbl_cv_pcap_debug_defined=yes else ac_lbl_cv_pcap_debug_defined=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext if test "$ac_lbl_cv_pcap_debug_defined" = yes ; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } $as_echo "#define HAVE_PCAP_DEBUG 1" >>confdefs.h else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } # # OK, what about "yydebug"? # { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether yydebug is defined by libpcap" >&5 $as_echo_n "checking whether yydebug is defined by libpcap... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { extern int yydebug; return yydebug; ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_lbl_cv_yydebug_defined=yes else ac_lbl_cv_yydebug_defined=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext if test "$ac_lbl_cv_yydebug_defined" = yes ; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } $as_echo "#define HAVE_YYDEBUG 1" >>confdefs.h else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi ac_fn_c_check_func "$LINENO" "bpf_dump" "ac_cv_func_bpf_dump" if test "x$ac_cv_func_bpf_dump" = xyes; then : $as_echo "#define HAVE_BPF_DUMP 1" >>confdefs.h else case " $LIBOBJS " in *" bpf_dump.$ac_objext "* ) ;; *) LIBOBJS="$LIBOBJS bpf_dump.$ac_objext" ;; esac fi V_GROUP=0 if test -f /etc/group -a ! -z "`grep '^wheel:' /etc/group`" ; then V_GROUP=wheel fi # # Assume V7/BSD convention for man pages (file formats in section 5, # miscellaneous info in section 7). # MAN_FILE_FORMATS=5 MAN_MISC_INFO=7 case "$host_os" in aix*) $as_echo "#define _SUN 1" >>confdefs.h ;; hpux*) # # Use System V conventions for man pages. # MAN_FILE_FORMATS=4 MAN_MISC_INFO=5 ;; irix*) V_GROUP=sys # # Use System V conventions for man pages. # MAN_FILE_FORMATS=4 MAN_MISC_INFO=5 ;; osf*) V_GROUP=system # # Use System V conventions for man pages. # MAN_FILE_FORMATS=4 MAN_MISC_INFO=5 ;; solaris*) V_GROUP=sys # # Use System V conventions for man pages. # MAN_FILE_FORMATS=4 MAN_MISC_INFO=5 ;; esac if test -f /dev/bpf0 ; then V_GROUP=bpf fi # # Make sure we have definitions for all the C99 specified-width types # (regardless of whether the environment is a C99 environment or not). # ac_fn_c_find_intX_t "$LINENO" "8" "ac_cv_c_int8_t" case $ac_cv_c_int8_t in #( no|yes) ;; #( *) cat >>confdefs.h <<_ACEOF #define int8_t $ac_cv_c_int8_t _ACEOF ;; esac ac_fn_c_find_intX_t "$LINENO" "16" "ac_cv_c_int16_t" case $ac_cv_c_int16_t in #( no|yes) ;; #( *) cat >>confdefs.h <<_ACEOF #define int16_t $ac_cv_c_int16_t _ACEOF ;; esac ac_fn_c_find_intX_t "$LINENO" "32" "ac_cv_c_int32_t" case $ac_cv_c_int32_t in #( no|yes) ;; #( *) cat >>confdefs.h <<_ACEOF #define int32_t $ac_cv_c_int32_t _ACEOF ;; esac ac_fn_c_find_intX_t "$LINENO" "64" "ac_cv_c_int64_t" case $ac_cv_c_int64_t in #( no|yes) ;; #( *) cat >>confdefs.h <<_ACEOF #define int64_t $ac_cv_c_int64_t _ACEOF ;; esac ac_fn_c_find_uintX_t "$LINENO" "8" "ac_cv_c_uint8_t" case $ac_cv_c_uint8_t in #( no|yes) ;; #( *) $as_echo "#define _UINT8_T 1" >>confdefs.h cat >>confdefs.h <<_ACEOF #define uint8_t $ac_cv_c_uint8_t _ACEOF ;; esac ac_fn_c_find_uintX_t "$LINENO" "16" "ac_cv_c_uint16_t" case $ac_cv_c_uint16_t in #( no|yes) ;; #( *) cat >>confdefs.h <<_ACEOF #define uint16_t $ac_cv_c_uint16_t _ACEOF ;; esac ac_fn_c_find_uintX_t "$LINENO" "32" "ac_cv_c_uint32_t" case $ac_cv_c_uint32_t in #( no|yes) ;; #( *) $as_echo "#define _UINT32_T 1" >>confdefs.h cat >>confdefs.h <<_ACEOF #define uint32_t $ac_cv_c_uint32_t _ACEOF ;; esac ac_fn_c_find_uintX_t "$LINENO" "64" "ac_cv_c_uint64_t" case $ac_cv_c_uint64_t in #( no|yes) ;; #( *) $as_echo "#define _UINT64_T 1" >>confdefs.h cat >>confdefs.h <<_ACEOF #define uint64_t $ac_cv_c_uint64_t _ACEOF ;; esac # # Make sure we have a definition for C99's uintptr_t (regardless of # whether the environment is a C99 environment or not). # ac_fn_c_check_type "$LINENO" "uintptr_t" "ac_cv_type_uintptr_t" "$ac_includes_default" if test "x$ac_cv_type_uintptr_t" = xyes; then : $as_echo "#define HAVE_UINTPTR_T 1" >>confdefs.h else for ac_type in 'unsigned int' 'unsigned long int' \ 'unsigned long long int'; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int main () { static int test_array [1 - 2 * !(sizeof (void *) <= sizeof ($ac_type))]; test_array [0] = 0; return test_array [0]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : cat >>confdefs.h <<_ACEOF #define uintptr_t $ac_type _ACEOF ac_type= fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext test -z "$ac_type" && break done fi # # Define the old BSD specified-width types in terms of the C99 types; # we may need them with libpcap include files. # ac_fn_c_check_type "$LINENO" "u_int8_t" "ac_cv_type_u_int8_t" "$ac_includes_default #include " if test "x$ac_cv_type_u_int8_t" = xyes; then : else $as_echo "#define u_int8_t uint8_t" >>confdefs.h fi ac_fn_c_check_type "$LINENO" "u_int16_t" "ac_cv_type_u_int16_t" "$ac_includes_default #include " if test "x$ac_cv_type_u_int16_t" = xyes; then : else $as_echo "#define u_int16_t uint16_t" >>confdefs.h fi ac_fn_c_check_type "$LINENO" "u_int32_t" "ac_cv_type_u_int32_t" "$ac_includes_default #include " if test "x$ac_cv_type_u_int32_t" = xyes; then : else $as_echo "#define u_int32_t uint32_t" >>confdefs.h fi ac_fn_c_check_type "$LINENO" "u_int64_t" "ac_cv_type_u_int64_t" "$ac_includes_default #include " if test "x$ac_cv_type_u_int64_t" = xyes; then : else $as_echo "#define u_int64_t uint64_t" >>confdefs.h fi # # Check for # for ac_header in inttypes.h do : ac_fn_c_check_header_mongrel "$LINENO" "inttypes.h" "ac_cv_header_inttypes_h" "$ac_includes_default" if test "x$ac_cv_header_inttypes_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_INTTYPES_H 1 _ACEOF # # OK, we have inttypes.h, but does it define all the PRI[doxu]64 macros? # Some systems have an inttypes.h that doesn't define all of them. # { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether inttypes.h defines the PRI[doxu]64 macros" >&5 $as_echo_n "checking whether inttypes.h defines the PRI[doxu]64 macros... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include main() { printf("%" PRId64 "\n", (uint64_t)1); printf("%" PRIo64 "\n", (uint64_t)1); printf("%" PRIx64 "\n", (uint64_t)1); printf("%" PRIu64 "\n", (uint64_t)1); } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } ac_lbl_inttypes_h_defines_formats=yes else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } ac_lbl_inttypes_h_defines_formats=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext else # # We don't have inttypes.h, so it obviously can't define those # macros. # ac_lbl_inttypes_h_defines_formats=no fi done if test "$ac_lbl_inttypes_h_defines_formats" = no; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether %lx can be used to format 64-bit integers" >&5 $as_echo_n "checking whether %lx can be used to format 64-bit integers... " >&6; } if test "$cross_compiling" = yes; then : { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run test program while cross compiling See \`config.log' for more details" "$LINENO" 5; } else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ # ifdef HAVE_INTTYPES_H #include # endif #include #include main() { uint64_t t = 1; char strbuf[16+1]; sprintf(strbuf, "%016lx", t << 32); if (strcmp(strbuf, "0000000100000000") == 0) exit(0); else exit(1); } _ACEOF if ac_fn_c_try_run "$LINENO"; then : $as_echo "#define PRId64 \"ld\"" >>confdefs.h $as_echo "#define PRIo64 \"lo\"" >>confdefs.h $as_echo "#define PRIx64 \"lx\"" >>confdefs.h $as_echo "#define PRIu64 \"lu\"" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether %llx can be used to format 64-bit integers" >&5 $as_echo_n "checking whether %llx can be used to format 64-bit integers... " >&6; } if test "$cross_compiling" = yes; then : { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run test program while cross compiling See \`config.log' for more details" "$LINENO" 5; } else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ # ifdef HAVE_INTTYPES_H #include # endif #include #include main() { uint64_t t = 1; char strbuf[16+1]; sprintf(strbuf, "%016llx", t << 32); if (strcmp(strbuf, "0000000100000000") == 0) exit(0); else exit(1); } _ACEOF if ac_fn_c_try_run "$LINENO"; then : $as_echo "#define PRId64 \"lld\"" >>confdefs.h $as_echo "#define PRIo64 \"llo\"" >>confdefs.h $as_echo "#define PRIx64 \"llx\"" >>confdefs.h $as_echo "#define PRIu64 \"llu\"" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether %Lx can be used to format 64-bit integers" >&5 $as_echo_n "checking whether %Lx can be used to format 64-bit integers... " >&6; } if test "$cross_compiling" = yes; then : { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run test program while cross compiling See \`config.log' for more details" "$LINENO" 5; } else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ # ifdef HAVE_INTTYPES_H #include # endif #include #include main() { uint64_t t = 1; char strbuf[16+1]; sprintf(strbuf, "%016Lx", t << 32); if (strcmp(strbuf, "0000000100000000") == 0) exit(0); else exit(1); } _ACEOF if ac_fn_c_try_run "$LINENO"; then : $as_echo "#define PRId64 \"Ld\"" >>confdefs.h $as_echo "#define PRIo64 \"Lo\"" >>confdefs.h $as_echo "#define PRIx64 \"Lx\"" >>confdefs.h $as_echo "#define PRIu64 \"Lu\"" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether %qx can be used to format 64-bit integers" >&5 $as_echo_n "checking whether %qx can be used to format 64-bit integers... " >&6; } if test "$cross_compiling" = yes; then : { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run test program while cross compiling See \`config.log' for more details" "$LINENO" 5; } else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ # ifdef HAVE_INTTYPES_H #include # endif #include #include main() { uint64_t t = 1; char strbuf[16+1]; sprintf(strbuf, "%016qx", t << 32); if (strcmp(strbuf, "0000000100000000") == 0) exit(0); else exit(1); } _ACEOF if ac_fn_c_try_run "$LINENO"; then : $as_echo "#define PRId64 \"qd\"" >>confdefs.h $as_echo "#define PRIo64 \"qo\"" >>confdefs.h $as_echo "#define PRIx64 \"qx\"" >>confdefs.h $as_echo "#define PRIu64 \"qu\"" >>confdefs.h { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } as_fn_error $? "neither %llx nor %Lx nor %qx worked on a 64-bit integer" "$LINENO" 5 fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi # # Check for some headers introduced in later versions of libpcap # and used by some printers. # # Those headers use the {u_}intN_t types, so we must do this after # we check for what's needed to get them defined. # savedcppflags="$CPPFLAGS" CPPFLAGS="$CPPFLAGS $V_INCLS" for ac_header in pcap/bluetooth.h do : ac_fn_c_check_header_compile "$LINENO" "pcap/bluetooth.h" "ac_cv_header_pcap_bluetooth_h" "#include \"tcpdump-stdinc.h\" " if test "x$ac_cv_header_pcap_bluetooth_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_BLUETOOTH_H 1 _ACEOF fi done for ac_header in pcap/nflog.h do : ac_fn_c_check_header_compile "$LINENO" "pcap/nflog.h" "ac_cv_header_pcap_nflog_h" "#include \"tcpdump-stdinc.h\" " if test "x$ac_cv_header_pcap_nflog_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_NFLOG_H 1 _ACEOF fi done for ac_header in pcap/usb.h do : ac_fn_c_check_header_compile "$LINENO" "pcap/usb.h" "ac_cv_header_pcap_usb_h" "#include \"tcpdump-stdinc.h\" " if test "x$ac_cv_header_pcap_usb_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_PCAP_USB_H 1 _ACEOF fi done CPPFLAGS="$savedcppflags" if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. set dummy ${ac_tool_prefix}ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 $as_echo "$RANLIB" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_RANLIB"; then ac_ct_RANLIB=$RANLIB # Extract the first word of "ranlib", so it can be a program name with args. set dummy ranlib; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 $as_echo "$ac_ct_RANLIB" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_RANLIB" = x; then RANLIB=":" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac RANLIB=$ac_ct_RANLIB fi else RANLIB="$ac_cv_prog_RANLIB" fi if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}ar", so it can be a program name with args. set dummy ${ac_tool_prefix}ar; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_AR+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$AR"; then ac_cv_prog_AR="$AR" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AR="${ac_tool_prefix}ar" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi AR=$ac_cv_prog_AR if test -n "$AR"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 $as_echo "$AR" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_AR"; then ac_ct_AR=$AR # Extract the first word of "ar", so it can be a program name with args. set dummy ar; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_AR+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_AR"; then ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_AR="ar" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_AR=$ac_cv_prog_ac_ct_AR if test -n "$ac_ct_AR"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 $as_echo "$ac_ct_AR" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_AR" = x; then AR="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac AR=$ac_ct_AR fi else AR="$ac_cv_prog_AR" fi rm -f os-proto.h if test "${LBL_CFLAGS+set}" = set; then V_CCOPT="$V_CCOPT ${LBL_CFLAGS}" fi if test -f .devel ; then # # Skip all the warning option stuff on some compilers. # if test "$ac_lbl_cc_dont_try_gcc_dashW" != yes; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports the -Wall option" >&5 $as_echo_n "checking whether the compiler supports the -Wall option... " >&6; } save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors -Wall" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { return 0 ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } CFLAGS="$save_CFLAGS" V_CCOPT="$V_CCOPT -Wall" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } CFLAGS="$save_CFLAGS" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports the -Wmissing-prototypes option" >&5 $as_echo_n "checking whether the compiler supports the -Wmissing-prototypes option... " >&6; } save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors -Wmissing-prototypes" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { return 0 ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } CFLAGS="$save_CFLAGS" V_CCOPT="$V_CCOPT -Wmissing-prototypes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } CFLAGS="$save_CFLAGS" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports the -Wstrict-prototypes option" >&5 $as_echo_n "checking whether the compiler supports the -Wstrict-prototypes option... " >&6; } save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors -Wstrict-prototypes" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { return 0 ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } CFLAGS="$save_CFLAGS" V_CCOPT="$V_CCOPT -Wstrict-prototypes" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } CFLAGS="$save_CFLAGS" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports the -Wwrite-strings option" >&5 $as_echo_n "checking whether the compiler supports the -Wwrite-strings option... " >&6; } save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors -Wwrite-strings" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { return 0 ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } CFLAGS="$save_CFLAGS" V_CCOPT="$V_CCOPT -Wwrite-strings" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } CFLAGS="$save_CFLAGS" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports the -Wpointer-arith option" >&5 $as_echo_n "checking whether the compiler supports the -Wpointer-arith option... " >&6; } save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors -Wpointer-arith" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { return 0 ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } CFLAGS="$save_CFLAGS" V_CCOPT="$V_CCOPT -Wpointer-arith" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } CFLAGS="$save_CFLAGS" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports the -W option" >&5 $as_echo_n "checking whether the compiler supports the -W option... " >&6; } save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS $ac_lbl_cc_force_warning_errors -W" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { return 0 ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } CFLAGS="$save_CFLAGS" V_CCOPT="$V_CCOPT -W" else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } CFLAGS="$save_CFLAGS" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports generating dependencies" >&5 $as_echo_n "checking whether the compiler supports generating dependencies... " >&6; } if test "$GCC" = yes ; then # # GCC, or a compiler deemed to be GCC by AC_PROG_CC (even # though it's not); we assume that, in this case, the flag # would be -M. # ac_lbl_dependency_flag="-M" else # # Not GCC or a compiler deemed to be GCC; what platform is # this? (We're assuming that if the compiler isn't GCC # it's the compiler from the vendor of the OS; that won't # necessarily be true for x86 platforms, where it might be # the Intel C compiler.) # case "$host_os" in irix*|osf*|darwin*) # # MIPS C for IRIX, DEC C, and clang all use -M. # ac_lbl_dependency_flag="-M" ;; solaris*) # # Sun C uses -xM. # ac_lbl_dependency_flag="-xM" ;; hpux*) # # HP's older C compilers don't support this. # HP's newer C compilers support this with # either +M or +Make; the older compilers # interpret +M as something completely # different, so we use +Make so we don't # think it works with the older compilers. # ac_lbl_dependency_flag="+Make" ;; *) # # Not one of the above; assume no support for # generating dependencies. # ac_lbl_dependency_flag="" ;; esac fi # # Is ac_lbl_dependency_flag defined and, if so, does the compiler # complain about it? # # Note: clang doesn't seem to exit with an error status when handed # an unknown non-warning error, even if you pass it # -Werror=unknown-warning-option. However, it always supports # -M, so the fact that this test always succeeds with clang # isn't an issue. # if test ! -z "$ac_lbl_dependency_flag"; then cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main(void) { return 0; } _ACEOF echo "$CC" $ac_lbl_dependency_flag conftest.c >&5 if "$CC" $ac_lbl_dependency_flag conftest.c >/dev/null 2>&1; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, with $ac_lbl_dependency_flag" >&5 $as_echo "yes, with $ac_lbl_dependency_flag" >&6; } DEPENDENCY_CFLAG="$ac_lbl_dependency_flag" MKDEP='${srcdir}/mkdep' else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } # # We can't run mkdep, so have "make depend" do # nothing. # MKDEP=: fi rm -rf conftest* else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } # # We can't run mkdep, so have "make depend" do # nothing. # MKDEP=: fi # # We used to set -n32 for IRIX 6 when not using GCC (presumed # to mean that we're using MIPS C or MIPSpro C); it specified # the "new" faster 32-bit ABI, introduced in IRIX 6.2. I'm # not sure why that would be something to do *only* with a # .devel file; why should the ABI for which we produce code # depend on .devel? # os=`echo $host_os | sed -e 's/\([0-9][0-9]*\)[^0-9].*$/\1/'` name="lbl/os-$os.h" if test -f $name ; then ln -s $name os-proto.h $as_echo "#define HAVE_OS_PROTO_H 1" >>confdefs.h else { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: can't find $name" >&5 $as_echo "$as_me: WARNING: can't find $name" >&2;} fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking if sockaddr struct has the sa_len member" >&5 $as_echo_n "checking if sockaddr struct has the sa_len member... " >&6; } if ${ac_cv_lbl_sockaddr_has_sa_len+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ # include # include int main () { u_int i = sizeof(((struct sockaddr *)0)->sa_len) ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_lbl_sockaddr_has_sa_len=yes else ac_cv_lbl_sockaddr_has_sa_len=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lbl_sockaddr_has_sa_len" >&5 $as_echo "$ac_cv_lbl_sockaddr_has_sa_len" >&6; } if test $ac_cv_lbl_sockaddr_has_sa_len = yes ; then $as_echo "#define HAVE_SOCKADDR_SA_LEN 1" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking if unaligned accesses fail" >&5 $as_echo_n "checking if unaligned accesses fail... " >&6; } if ${ac_cv_lbl_unaligned_fail+:} false; then : $as_echo_n "(cached) " >&6 else case "$host_cpu" in # # These are CPU types where: # # the CPU faults on an unaligned access, but at least some # OSes that support that CPU catch the fault and simulate # the unaligned access (e.g., Alpha/{Digital,Tru64} UNIX) - # the simulation is slow, so we don't want to use it; # # the CPU, I infer (from the old # # XXX: should also check that they don't do weird things (like on arm) # # comment) doesn't fault on unaligned accesses, but doesn't # do a normal unaligned fetch, either (e.g., presumably, ARM); # # for whatever reason, the test program doesn't work # (this has been claimed to be the case for several of those # CPUs - I don't know what the problem is; the problem # was reported as "the test program dumps core" for SuperH, # but that's what the test program is *supposed* to do - # it dumps core before it writes anything, so the test # for an empty output file should find an empty output # file and conclude that unaligned accesses don't work). # # This run-time test won't work if you're cross-compiling, so # in order to support cross-compiling for a particular CPU, # we have to wire in the list of CPU types anyway, as far as # I know, so perhaps we should just have a set of CPUs on # which we know it doesn't work, a set of CPUs on which we # know it does work, and have the script just fail on other # cpu types and update it when such a failure occurs. # alpha*|arm*|bfin*|hp*|mips*|sh*|sparc*|ia64|nv1) ac_cv_lbl_unaligned_fail=yes ;; *) cat >conftest.c < # include # include unsigned char a[5] = { 1, 2, 3, 4, 5 }; main() { unsigned int i; pid_t pid; int status; /* avoid "core dumped" message */ pid = fork(); if (pid < 0) exit(2); if (pid > 0) { /* parent */ pid = waitpid(pid, &status, 0); if (pid < 0) exit(3); exit(!WIFEXITED(status)); } /* child */ i = *(unsigned int *)&a[1]; printf("%d\n", i); exit(0); } EOF ${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS \ conftest.c $LIBS >/dev/null 2>&1 if test ! -x conftest ; then ac_cv_lbl_unaligned_fail=yes else ./conftest >conftest.out if test ! -s conftest.out ; then ac_cv_lbl_unaligned_fail=yes else ac_cv_lbl_unaligned_fail=no fi fi rm -f -r conftest* core core.conftest ;; esac fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lbl_unaligned_fail" >&5 $as_echo "$ac_cv_lbl_unaligned_fail" >&6; } if test $ac_cv_lbl_unaligned_fail = yes ; then $as_echo "#define LBL_ALIGN 1" >>confdefs.h fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for h_errno" >&5 $as_echo_n "checking for h_errno... " >&6; } if ${ac_cv_var_h_errno+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ # include # include int main () { int foo = h_errno; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_var_h_errno=yes else ac_cv_var_h_errno=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_var_h_errno" >&5 $as_echo "$ac_cv_var_h_errno" >&6; } if test "$ac_cv_var_h_errno" = "yes"; then $as_echo "#define HAVE_H_ERRNO 1" >>confdefs.h fi # Check for OpenSSL libcrypto { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to use OpenSSL libcrypto" >&5 $as_echo_n "checking whether to use OpenSSL libcrypto... " >&6; } # Specify location for both includes and libraries. want_libcrypto=ifavailable # Check whether --with-crypto was given. if test "${with_crypto+set}" = set; then : withval=$with_crypto; if test $withval = no then want_libcrypto=no { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } elif test $withval = yes then want_libcrypto=yes { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi else # # Use libcrypto if it's present, otherwise don't. # want_libcrypto=ifavailable { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, if available" >&5 $as_echo "yes, if available" >&6; } fi if test "$want_libcrypto" != "no"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for DES_cbc_encrypt in -lcrypto" >&5 $as_echo_n "checking for DES_cbc_encrypt in -lcrypto... " >&6; } if ${ac_cv_lib_crypto_DES_cbc_encrypt+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lcrypto $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char DES_cbc_encrypt (); int main () { return DES_cbc_encrypt (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_crypto_DES_cbc_encrypt=yes else ac_cv_lib_crypto_DES_cbc_encrypt=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_crypto_DES_cbc_encrypt" >&5 $as_echo "$ac_cv_lib_crypto_DES_cbc_encrypt" >&6; } if test "x$ac_cv_lib_crypto_DES_cbc_encrypt" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBCRYPTO 1 _ACEOF LIBS="-lcrypto $LIBS" fi for ac_header in openssl/evp.h do : ac_fn_c_check_header_mongrel "$LINENO" "openssl/evp.h" "ac_cv_header_openssl_evp_h" "$ac_includes_default" if test "x$ac_cv_header_openssl_evp_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_OPENSSL_EVP_H 1 _ACEOF fi done fi # Check for libcap-ng { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to use libcap-ng" >&5 $as_echo_n "checking whether to use libcap-ng... " >&6; } # Specify location for both includes and libraries. want_libcap_ng=ifavailable # Check whether --with-cap_ng was given. if test "${with_cap_ng+set}" = set; then : withval=$with_cap_ng; if test $withval = no then want_libcap_ng=no { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } elif test $withval = yes then want_libcap_ng=yes { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi else # # Use libcap-ng if it's present, otherwise don't. # want_libcap_ng=ifavailable { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes, if available" >&5 $as_echo "yes, if available" >&6; } fi if test "$want_libcap_ng" != "no"; then { $as_echo "$as_me:${as_lineno-$LINENO}: checking for capng_change_id in -lcap-ng" >&5 $as_echo_n "checking for capng_change_id in -lcap-ng... " >&6; } if ${ac_cv_lib_cap_ng_capng_change_id+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-lcap-ng $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char capng_change_id (); int main () { return capng_change_id (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_cap_ng_capng_change_id=yes else ac_cv_lib_cap_ng_capng_change_id=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_cap_ng_capng_change_id" >&5 $as_echo "$ac_cv_lib_cap_ng_capng_change_id" >&6; } if test "x$ac_cv_lib_cap_ng_capng_change_id" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_LIBCAP_NG 1 _ACEOF LIBS="-lcap-ng $LIBS" fi for ac_header in cap-ng.h do : ac_fn_c_check_header_mongrel "$LINENO" "cap-ng.h" "ac_cv_header_cap_ng_h" "$ac_includes_default" if test "x$ac_cv_header_cap_ng_h" = xyes; then : cat >>confdefs.h <<_ACEOF #define HAVE_CAP_NG_H 1 _ACEOF fi done fi if test "$missing_includes" = "yes"; then CPPFLAGS="$CPPFLAGS -I$srcdir/missing" V_INCLS="$V_INCLS -I$srcdir/missing" fi # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: # SysV /etc/install, /usr/sbin/install # SunOS /usr/etc/install # IRIX /sbin/install # AIX /bin/install # AmigaOS /C/install, which installs bootblocks on floppy discs # AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag # AFS /usr/afsws/bin/install, which mishandles nonexistent args # SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" # OS/2's system install, which has a completely different semantic # ./install, which can be erroneously created by make from ./install.sh. # Reject install programs that cannot install multiple files. { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 $as_echo_n "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then if ${ac_cv_path_install+:} false; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. # Account for people who put trailing slashes in PATH elements. case $as_dir/ in #(( ./ | .// | /[cC]/* | \ /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ /usr/ucb/* ) ;; *) # OSF1 and SCO ODT 3.0 have their own names for install. # Don't use installbsd from OSF since it installs stuff as root # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. : elif test $ac_prog = install && grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # program-specific install script used by HP pwplus--don't use. : else rm -rf conftest.one conftest.two conftest.dir echo one > conftest.one echo two > conftest.two mkdir conftest.dir if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && test -s conftest.one && test -s conftest.two && test -s conftest.dir/conftest.one && test -s conftest.dir/conftest.two then ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" break 3 fi fi fi done done ;; esac done IFS=$as_save_IFS rm -rf conftest.one conftest.two conftest.dir fi if test "${ac_cv_path_install+set}" = set; then INSTALL=$ac_cv_path_install else # As a last resort, use the slow shell script. Don't cache a # value for INSTALL within a source directory, because that will # break other packages using the cache if that directory is # removed, or if the value is a relative name. INSTALL=$ac_install_sh fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 $as_echo "$INSTALL" >&6; } # Use test -z because SunOS4 sh mishandles braces in ${var-val}. # It thinks the first close brace ends the variable substitution. test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' ac_config_headers="$ac_config_headers config.h" ac_config_commands="$ac_config_commands default-1" ac_config_files="$ac_config_files Makefile tcpdump.1" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) # `set' does not quote correctly, so add quotes: double-quote # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; #( *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) | sed ' /^ac_cv_env_/b end t clear :clear s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} if test ! -f "$cache_file" || test -h "$cache_file"; then cat confcache >"$cache_file" else case $cache_file in #( */* | ?:*) mv -f confcache "$cache_file"$$ && mv -f "$cache_file"$$ "$cache_file" ;; #( *) mv -f confcache "$cache_file" ;; esac fi fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' ac_i=`$as_echo "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs : "${CONFIG_STATUS=./config.status}" ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 $as_echo "$as_me: creating $CONFIG_STATUS" >&6;} as_write_fail=0 cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. debug=false ac_cs_recheck=false ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} export SHELL _ASEOF cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" exec 6>&1 ## ----------------------------------- ## ## Main body of $CONFIG_STATUS script. ## ## ----------------------------------- ## _ASEOF test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by $as_me, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ on `(hostname || uname -n) 2>/dev/null | sed 1q` " _ACEOF case $ac_config_files in *" "*) set x $ac_config_files; shift; ac_config_files=$*;; esac case $ac_config_headers in *" "*) set x $ac_config_headers; shift; ac_config_headers=$*;; esac cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" config_headers="$ac_config_headers" config_commands="$ac_config_commands" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ \`$as_me' instantiates files and other configuration actions from templates according to the current configuration. Unless the files and actions are specified as TAGs, all are instantiated by default. Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit --config print configuration, then exit -q, --quiet, --silent do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] instantiate the configuration file FILE --header=FILE[:TEMPLATE] instantiate the configuration header FILE Configuration files: $config_files Configuration headers: $config_headers Configuration commands: $config_commands Report bugs to the package provider." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ config.status configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." ac_pwd='$ac_pwd' srcdir='$srcdir' INSTALL='$INSTALL' test -n "\$AWK" || AWK=awk _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do case $1 in --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; --*=) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg= ac_shift=: ;; *) ac_option=$1 ac_optarg=$2 ac_shift=shift ;; esac case $ac_option in # Handling of the options. -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) $as_echo "$ac_cs_version"; exit ;; --config | --confi | --conf | --con | --co | --c ) $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; '') as_fn_error $? "missing file argument" ;; esac as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; esac as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; --he | --h) # Conflict between --help and --header as_fn_error $? "ambiguous option: \`$1' Try \`$0 --help' for more information.";; --help | --hel | -h ) $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. -*) as_fn_error $? "unrecognized option: \`$1' Try \`$0 --help' for more information." ;; *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac shift done ac_configure_extra_args= if $ac_cs_silent; then exec 6>/dev/null ac_configure_extra_args="$ac_configure_extra_args --silent" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' export CONFIG_SHELL exec "\$@" fi _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX $as_echo "$ac_log" } >&5 _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # # INIT-COMMANDS # _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets do case $ac_config_target in "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; "default-1") CONFIG_COMMANDS="$CONFIG_COMMANDS default-1" ;; "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; "tcpdump.1") CONFIG_FILES="$CONFIG_FILES tcpdump.1" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac done # If the user did not use the arguments to specify the items to instantiate, # then the envvar interface is used. Set only those that are not. # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers test "${CONFIG_COMMANDS+set}" = set || CONFIG_COMMANDS=$config_commands fi # Have a temporary directory for convenience. Make it in the build tree # simply because there is no reason against having it here, and in addition, # creating and moving files from /tmp can sometimes cause problems. # Hook for its removal unless debugging. # Note that there is a small window in which the directory will not be cleaned: # after its creation but before its name has been assigned to `$tmp'. $debug || { tmp= ac_tmp= trap 'exit_status=$? : "${ac_tmp:=$tmp}" { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. # This happens for instance with `./config.status config.h'. if test -n "$CONFIG_FILES"; then ac_cr=`echo X | tr X '\015'` # On cygwin, bash can eat \r inside `` if the user requested igncr. # But we know of no other shell where ac_cr would be empty at this # point, so we can use a bashism as a fallback. if test "x$ac_cr" = x; then eval ac_cr=\$\'\\r\' fi ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then ac_cs_awk_cr='\\r' else ac_cs_awk_cr=$ac_cr fi echo 'BEGIN {' >"$ac_tmp/subs1.awk" && _ACEOF { echo "cat >conf$$subs.awk <<_ACEOF" && echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && echo "_ACEOF" } >conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do . ./conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h s/^/S["/; s/!.*/"]=/ p g s/^[^!]*!// :repl t repl s/'"$ac_delim"'$// t delim :nl h s/\(.\{148\}\)..*/\1/ t more1 s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ p n b repl :more1 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t nl :delim h s/\(.\{148\}\)..*/\1/ t more2 s/["\\]/\\&/g; s/^/"/; s/$/"/ p b :more2 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t delim ' >$CONFIG_STATUS || ac_write_fail=1 rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" } { line = $ 0 nfields = split(line, field, "@") substed = 0 len = length(field[1]) for (i = 2; i < nfields; i++) { key = field[i] keylen = length(key) if (S_is_set[key]) { value = S[key] line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) len += length(value) + length(field[++i]) substed = 1 } else len += 1 + keylen } print line } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF # VPATH may cause trouble with some makes, so we remove sole $(srcdir), # ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ h s/// s/^/:/ s/[ ]*$/:/ s/:\$(srcdir):/:/g s/:\${srcdir}:/:/g s/:@srcdir@:/:/g s/^:*// s/:*$// x s/\(=[ ]*\).*/\1/ G s/\n// s/^[^=]*=[ ]*$// }' fi cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 fi # test -n "$CONFIG_FILES" # Set up the scripts for CONFIG_HEADERS section. # No need to generate them if there are no CONFIG_HEADERS. # This happens for instance with `./config.status Makefile'. if test -n "$CONFIG_HEADERS"; then cat >"$ac_tmp/defines.awk" <<\_ACAWK || BEGIN { _ACEOF # Transform confdefs.h into an awk script `defines.awk', embedded as # here-document in config.status, that substitutes the proper values into # config.h.in to produce config.h. # Create a delimiter string that does not exist in confdefs.h, to ease # handling of long lines. ac_delim='%!_!# ' for ac_last_try in false false :; do ac_tt=`sed -n "/$ac_delim/p" confdefs.h` if test -z "$ac_tt"; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done # For the awk script, D is an array of macro values keyed by name, # likewise P contains macro parameters if any. Preserve backslash # newline sequences. ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* sed -n ' s/.\{148\}/&'"$ac_delim"'/g t rset :rset s/^[ ]*#[ ]*define[ ][ ]*/ / t def d :def s/\\$// t bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3"/p s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p d :bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3\\\\\\n"\\/p t cont s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p t cont d :cont n s/.\{148\}/&'"$ac_delim"'/g t clear :clear s/\\$// t bsnlc s/["\\]/\\&/g; s/^/"/; s/$/"/p d :bsnlc s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p b cont ' >$CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 for (key in D) D_is_set[key] = 1 FS = "" } /^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { line = \$ 0 split(line, arg, " ") if (arg[1] == "#") { defundef = arg[2] mac1 = arg[3] } else { defundef = substr(arg[1], 2) mac1 = arg[2] } split(mac1, mac2, "(") #) macro = mac2[1] prefix = substr(line, 1, index(line, defundef) - 1) if (D_is_set[macro]) { # Preserve the white space surrounding the "#". print prefix "define", macro P[macro] D[macro] next } else { # Replace #undef with comments. This is necessary, for example, # in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. if (defundef == "undef") { print "/*", prefix defundef, macro, "*/" next } } } { print } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 fi # test -n "$CONFIG_HEADERS" eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS" shift for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac ac_save_IFS=$IFS IFS=: set x $ac_tag IFS=$ac_save_IFS shift ac_file=$1 shift case $ac_mode in :L) ac_source=$1;; :[FH]) ac_file_inputs= for ac_f do case $ac_f in -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. test -f "$ac_f" || case $ac_f in [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ configure_input='Generated from '` $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 $as_echo "$as_me: creating $ac_file" >&6;} fi # Neutralize special characters interpreted by sed in replacement strings. case $configure_input in #( *\&* | *\|* | *\\* ) ac_sed_conf_input=`$as_echo "$configure_input" | sed 's/[\\\\&|]/\\\\&/g'`;; #( *) ac_sed_conf_input=$configure_input;; esac case $ac_tag in *:-:* | *:-) cat >"$ac_tmp/stdin" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac ac_dir=`$as_dirname -- "$ac_file" || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix case $ac_mode in :F) # # CONFIG_FILE # case $INSTALL in [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; esac _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= ac_sed_dataroot=' /datarootdir/ { p q } /@datadir@/p /@docdir@/p /@infodir@/p /@localedir@/p /@mandir@/p' case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 $as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when `$srcdir' = `.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_sed_extra="$ac_vpsub $extrasub _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t s&@builddir@&$ac_builddir&;t t s&@abs_builddir@&$ac_abs_builddir&;t t s&@abs_top_builddir@&$ac_abs_top_builddir&;t t s&@INSTALL@&$ac_INSTALL&;t t $ac_datarootdir_hack " eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ "$ac_tmp/out"`; test -z "$ac_out"; } && { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&5 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$ac_tmp/stdin" case $ac_file in -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; esac \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; :H) # # CONFIG_HEADER # if test x"$ac_file" != x-; then { $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" } >"$ac_tmp/config.h" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 $as_echo "$as_me: $ac_file is unchanged" >&6;} else rm -f "$ac_file" mv "$ac_tmp/config.h" "$ac_file" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ || as_fn_error $? "could not create -" "$LINENO" 5 fi ;; :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 $as_echo "$as_me: executing $ac_file commands" >&6;} ;; esac case $ac_file$ac_mode in "default-1":C) if test -f .devel; then echo timestamp > stamp-h cat Makefile-devel-adds >> Makefile make depend fi ;; esac done # for ac_tag as_fn_exit 0 _ACEOF ac_clean_files=$ac_clean_files_save test $ac_write_fail = 0 || as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open # by configure, so config.status won't be able to write to it; its # output is simply discarded. So we exec the FD to /dev/null, # effectively closing config.log, so it can be properly (re)opened and # appended to by config.status. When coming back to configure, we # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: ac_config_status_args= test "$silent" = yes && ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. $ac_cs_success || as_fn_exit 1 fi if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi exit 0 Index: head/contrib/tcpdump/configure.in =================================================================== --- head/contrib/tcpdump/configure.in (revision 296046) +++ head/contrib/tcpdump/configure.in (revision 296047) @@ -1,1174 +1,1174 @@ dnl Copyright (c) 1994, 1995, 1996, 1997 dnl The Regents of the University of California. All rights reserved. dnl dnl Process this file with autoconf to produce a configure script. dnl # # See # # http://ftp.gnu.org/gnu/config/README # # for the URLs to use to fetch new versions of config.guess and # config.sub. # AC_PREREQ(2.61) AC_INIT(tcpdump.c) AC_CANONICAL_HOST AC_LBL_C_INIT_BEFORE_CC(V_INCLS) AC_PROG_CC AC_LBL_C_INIT(V_CCOPT, V_INCLS) AC_LBL_C_INLINE AC_C___ATTRIBUTE__ if test "$ac_cv___attribute__" = "yes"; then AC_C___ATTRIBUTE___UNUSED AC_C___ATTRIBUTE___NORETURN_FUNCTION_POINTER AC_C___ATTRIBUTE___FORMAT if test "$ac_cv___attribute___format" = "yes"; then AC_C___ATTRIBUTE___FORMAT_FUNCTION_POINTER fi fi AC_CHECK_HEADERS(fcntl.h rpc/rpc.h rpc/rpcent.h netdnet/dnetdb.h) AC_CHECK_HEADERS(net/pfvar.h, , , [#include #include #include ]) if test "$ac_cv_header_net_pfvar_h" = yes; then LOCALSRC="print-pflog.c $LOCALSRC" fi AC_CHECK_HEADERS(netinet/if_ether.h, , , [#include #include ]) if test "$ac_cv_header_netinet_if_ether_h" != yes; then # # The simple test didn't work. # Do we need to include first? # Unset ac_cv_header_netinet_if_ether_h so we don't # treat the previous failure as a cached value and # suppress the next test. # AC_MSG_NOTICE([Rechecking with some additional includes]) unset ac_cv_header_netinet_if_ether_h AC_CHECK_HEADERS(netinet/if_ether.h, , , [#include #include #include struct mbuf; struct rtentry; #include ]) fi AC_HEADER_TIME case "$host_os" in darwin*) AC_ARG_ENABLE(universal, AC_HELP_STRING([--disable-universal],[don't build universal on OS X])) if test "$enable_universal" != "no"; then case "$host_os" in darwin9.*) # # Leopard. Build for x86 and 32-bit PowerPC, with # x86 first. (That's what Apple does.) # V_CCOPT="$V_CCOPT -arch i386 -arch ppc" LDFLAGS="$LDFLAGS -arch i386 -arch ppc" ;; darwin10.*) # # Snow Leopard. Build for x86-64 and x86, with # x86-64 first. (That's what Apple does.) # V_CCOPT="$V_CCOPT -arch x86_64 -arch i386" LDFLAGS="$LDFLAGS -arch x86_64 -arch i386" ;; esac fi ;; esac AC_ARG_WITH(smi, [ --with-smi link with libsmi (allows to load MIBs on the fly to decode SNMP packets. [default=yes] --without-smi don't link with libsmi],, with_smi=yes) if test "x$with_smi" != "xno" ; then AC_CHECK_HEADER(smi.h, [ # # OK, we found smi.h. Do we have libsmi with smiInit? # AC_CHECK_LIB(smi, smiInit, [ # # OK, we have libsmi with smiInit. Can we use it? # AC_MSG_CHECKING([whether to enable libsmi]) savedlibs="$LIBS" LIBS="-lsmi $LIBS" AC_TRY_RUN( [ /* libsmi available check */ #include main() { int current, revision, age, n; const int required = 2; if (smiInit("")) exit(1); if (strcmp(SMI_LIBRARY_VERSION, smi_library_version)) exit(2); n = sscanf(smi_library_version, "%d:%d:%d", ¤t, &revision, &age); if (n != 3) exit(3); if (required < current - age || required > current) exit(4); exit(0); } ], [ AC_MSG_RESULT(yes) AC_DEFINE(USE_LIBSMI, 1, [Define if you enable support for libsmi]) ], [ dnl autoconf documentation says that dnl $? contains the exit value. dnl reality is that it does not. dnl We leave this in just in case dnl autoconf ever comes back to dnl match the documentation. case $? in 1) AC_MSG_RESULT(no - smiInit failed) ;; 2) AC_MSG_RESULT(no - header/library version mismatch) ;; 3) AC_MSG_RESULT(no - can't determine library version) ;; 4) AC_MSG_RESULT(no - too old) ;; *) AC_MSG_RESULT(no) ;; esac LIBS="$savedlibs" ], [ AC_MSG_RESULT(not when cross-compiling) LIBS="$savedlibs" ] ) ]) ]) fi AC_MSG_CHECKING([whether to enable the possibly-buggy SMB printer]) AC_ARG_ENABLE(smb, [ --enable-smb enable possibly-buggy SMB printer [default=yes] --disable-smb disable possibly-buggy SMB printer],, enableval=yes) case "$enableval" in yes) AC_MSG_RESULT(yes) AC_WARN([The SMB printer may have exploitable buffer overflows!!!]) AC_DEFINE(TCPDUMP_DO_SMB, 1, [define if you want to build the possibly-buggy SMB printer]) LOCALSRC="print-smb.c smbutil.c $LOCALSRC" ;; *) AC_MSG_RESULT(no) ;; esac AC_ARG_WITH(user, [ --with-user=USERNAME drop privileges by default to USERNAME]) AC_MSG_CHECKING([whether to drop root privileges by default]) if test ! -z "$with_user" ; then AC_DEFINE_UNQUOTED(WITH_USER, "$withval", [define if should drop privileges by default]) AC_MSG_RESULT(to \"$withval\") else AC_MSG_RESULT(no) fi AC_ARG_WITH(chroot, [ --with-chroot=DIRECTORY when dropping privileges, chroot to DIRECTORY]) AC_MSG_CHECKING([whether to chroot]) if test ! -z "$with_chroot" && test "$with_chroot" != "no" ; then AC_DEFINE_UNQUOTED(WITH_CHROOT, "$withval", [define if should chroot when dropping privileges]) AC_MSG_RESULT(to \"$withval\") else AC_MSG_RESULT(no) fi AC_ARG_WITH(sandbox-capsicum, AS_HELP_STRING([--with-sandbox-capsicum], [use Capsicum security functions @<:@default=yes, if available@:>@])) # # Check whether various functions are available. If any are, set # ac_lbl_capsicum_function_seen to yes; if any are not, set # ac_lbl_capsicum_function_not_seen to yes. # # We don't check cap_rights_init(), as it's a macro, wrapping another # function, in at least some versions of FreeBSD, and AC_CHECK_FUNCS() # doesn't handle that. # # All of the ones we check for must be available in order to enable # capsicum sandboxing. # # XXX - do we need to check for all of them, or are there some that, if # present, imply others are present? # if test ! -z "$with_sandbox-capsicum" && test "$with_sandbox-capsicum" != "no" ; then AC_CHECK_FUNCS(cap_enter cap_rights_limit cap_ioctls_limit openat, ac_lbl_capsicum_function_seen=yes, ac_lbl_capsicum_function_not_seen=yes) fi AC_MSG_CHECKING([whether to sandbox using capsicum]) if test "x$ac_lbl_capsicum_function_seen" = "xyes" -a "x$ac_lbl_capsicum_function_not_seen" != "xyes"; then - AC_DEFINE(HAVE_CAPSICUM, 1, [capsicum support available]) + AC_DEFINE(HAVE_CASPER, 1, [casper support available]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi # # We must check this before checking whether to enable IPv6, because, # on some platforms (such as SunOS 5.x), the test program requires # the extra networking libraries. # AC_LBL_LIBRARY_NET AC_MSG_CHECKING([whether to enable ipv6]) AC_ARG_ENABLE(ipv6, [ --enable-ipv6 enable ipv6 (with ipv4) support --disable-ipv6 disable ipv6 support], [ case "$enableval" in yes) AC_MSG_RESULT(yes) LOCALSRC="print-ip6opts.c print-mobility.c print-ripng.c print-icmp6.c print-frag6.c print-rt6.c print-ospf6.c print-dhcp6.c print-babel.c $LOCALSRC" AC_DEFINE(INET6, 1, [Define if you enable IPv6 support]) ipv6=yes ;; *) AC_MSG_RESULT(no) ipv6=no ;; esac ], AC_COMPILE_IFELSE( [ AC_LANG_SOURCE( [[/* AF_INET6 available check */ #include #include #include #ifdef AF_INET6 void foo(struct in6_addr *addr) { memset(addr, 0, sizeof (struct in6_addr)); } #else #error "AF_INET6 not defined" #endif ]]) ], [ AC_MSG_RESULT(yes) LOCALSRC="print-ip6opts.c print-mobility.c print-ripng.c print-icmp6.c print-frag6.c print-rt6.c print-ospf6.c print-dhcp6.c print-babel.c $LOCALSRC" AC_DEFINE(INET6, 1, [Define if you enable IPv6 support]) ipv6=yes], [ AC_MSG_RESULT(no) ipv6=no], [ AC_MSG_RESULT(no) ipv6=no] )) ipv6type=unknown ipv6lib=none ipv6trylibc=no if test "$ipv6" = "yes"; then AC_MSG_CHECKING([ipv6 stack type]) for i in inria kame linux-glibc linux-libinet6 toshiba v6d zeta; do case $i in inria) dnl http://www.kame.net/ AC_EGREP_CPP(yes, [#include #ifdef IPV6_INRIA_VERSION yes #endif], [ipv6type=$i; CFLAGS="-DINET6 $CFLAGS"]) ;; kame) dnl http://www.kame.net/ AC_EGREP_CPP(yes, [#include #ifdef __KAME__ yes #endif], [ipv6type=$i; ipv6lib=inet6; ipv6libdir=/usr/local/v6/lib; ipv6trylibc=yes; CFLAGS="-DINET6 $CFLAGS"]) ;; linux-glibc) dnl http://www.v6.linux.or.jp/ AC_EGREP_CPP(yes, [#include #if defined(__GLIBC__) && __GLIBC__ >= 2 && __GLIBC_MINOR__ >= 1 yes #endif], [ipv6type=$i; CFLAGS="-DINET6 $CFLAGS"]) ;; linux-libinet6) dnl http://www.v6.linux.or.jp/ dnl dnl This also matches Solaris 8 and Tru64 UNIX 5.1, dnl and possibly other versions of those OSes dnl if test -d /usr/inet6 -o -f /usr/include/netinet/ip6.h; then ipv6type=$i ipv6lib=inet6 ipv6libdir=/usr/inet6/lib ipv6trylibc=yes; CFLAGS="-DINET6 -I/usr/inet6/include $CFLAGS" fi ;; toshiba) AC_EGREP_CPP(yes, [#include #ifdef _TOSHIBA_INET6 yes #endif], [ipv6type=$i; ipv6lib=inet6; ipv6libdir=/usr/local/v6/lib; CFLAGS="-DINET6 $CFLAGS"]) ;; v6d) AC_EGREP_CPP(yes, [#include #ifdef __V6D__ yes #endif], [ipv6type=$i; ipv6lib=v6; ipv6libdir=/usr/local/v6/lib; CFLAGS="-I/usr/local/v6/include $CFLAGS"]) ;; zeta) AC_EGREP_CPP(yes, [#include #ifdef _ZETA_MINAMI_INET6 yes #endif], [ipv6type=$i; ipv6lib=inet6; ipv6libdir=/usr/local/v6/lib; CFLAGS="-DINET6 $CFLAGS"]) ;; esac if test "$ipv6type" != "unknown"; then break fi done AC_MSG_RESULT($ipv6type) fi if test "$ipv6" = "yes" -a "$ipv6lib" != "none"; then if test -d $ipv6libdir -a -f $ipv6libdir/lib$ipv6lib.a; then LIBS="-L$ipv6libdir -l$ipv6lib $LIBS" echo "You have $ipv6lib library, using it" else if test "$ipv6trylibc" = "yes"; then echo "You do not have $ipv6lib library, using libc" else echo 'Fatal: no $ipv6lib library found. cannot continue.' echo "You need to fetch lib$ipv6lib.a from appropriate" echo 'ipv6 kit and compile beforehand.' exit 1 fi fi fi if test "$ipv6" = "yes"; then # # XXX - on Tru64 UNIX 5.1, there is no "getaddrinfo()" # function in libc; there are "ngetaddrinfo()" and # "ogetaddrinfo()" functions, and #defines # "getaddrinfo" to be either "ngetaddrinfo" or # "ogetaddrinfo", depending on whether _SOCKADDR_LEN # or _XOPEN_SOURCE_EXTENDED are defined or not. # # So this test doesn't work on Tru64 5.1, and possibly # on other 5.x releases. This causes the configure # script to become confused, and results in libpcap # being unbuildable. # AC_SEARCH_LIBS(getaddrinfo, socket, [dnl AC_MSG_CHECKING(getaddrinfo bug) AC_CACHE_VAL(td_cv_buggygetaddrinfo, [AC_TRY_RUN([ #include #include #include #include #include main() { int passive, gaierr, inet4 = 0, inet6 = 0; struct addrinfo hints, *ai, *aitop; char straddr[INET6_ADDRSTRLEN], strport[16]; for (passive = 0; passive <= 1; passive++) { memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_flags = passive ? AI_PASSIVE : 0; hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP; if ((gaierr = getaddrinfo(NULL, "54321", &hints, &aitop)) != 0) { (void)gai_strerror(gaierr); goto bad; } for (ai = aitop; ai; ai = ai->ai_next) { if (ai->ai_addr == NULL || ai->ai_addrlen == 0 || getnameinfo(ai->ai_addr, ai->ai_addrlen, straddr, sizeof(straddr), strport, sizeof(strport), NI_NUMERICHOST|NI_NUMERICSERV) != 0) { goto bad; } switch (ai->ai_family) { case AF_INET: if (strcmp(strport, "54321") != 0) { goto bad; } if (passive) { if (strcmp(straddr, "0.0.0.0") != 0) { goto bad; } } else { if (strcmp(straddr, "127.0.0.1") != 0) { goto bad; } } inet4++; break; case AF_INET6: if (strcmp(strport, "54321") != 0) { goto bad; } if (passive) { if (strcmp(straddr, "::") != 0) { goto bad; } } else { if (strcmp(straddr, "::1") != 0) { goto bad; } } inet6++; break; case AF_UNSPEC: goto bad; break; #ifdef AF_UNIX case AF_UNIX: #else #ifdef AF_LOCAL case AF_LOCAL: #endif #endif default: /* another family support? */ break; } } } /* supported family should be 2, unsupported family should be 0 */ if (!(inet4 == 0 || inet4 == 2)) goto bad; if (!(inet6 == 0 || inet6 == 2)) goto bad; if (aitop) freeaddrinfo(aitop); exit(0); bad: if (aitop) freeaddrinfo(aitop); exit(1); } ], td_cv_buggygetaddrinfo=no, td_cv_buggygetaddrinfo=yes, td_cv_buggygetaddrinfo=unknown)]) if test "$td_cv_buggygetaddrinfo" = no; then AC_MSG_RESULT(good) elif test "$td_cv_buggygetaddrinfo" = unknown; then AC_MSG_RESULT([unknown (cross-compiling)]) else AC_MSG_RESULT(buggy) fi if test "$td_cv_buggygetaddrinfo" = "yes"; then # # XXX - it doesn't appear that "ipv6type" can ever be # set to "linux". Should this be testing for # "linux-glibc", or for that *or* "linux-libinet6"? # If the latter, note that "linux-libinet6" is also # the type given to some non-Linux OSes. # if test "$ipv6type" != "linux"; then echo 'Fatal: You must get working getaddrinfo() function.' echo ' or you can specify "--disable-ipv6"'. exit 1 else echo 'Warning: getaddrinfo() implementation on your system seems be buggy.' echo ' Better upgrade your system library to newest version' echo ' of GNU C library (aka glibc).' fi fi ]) AC_REPLACE_FUNCS(getnameinfo) fi AC_CACHE_CHECK([for dnet_htoa declaration in netdnet/dnetdb.h], [td_cv_decl_netdnet_dnetdb_h_dnet_htoa], [AC_EGREP_HEADER(dnet_htoa, netdnet/dnetdb.h, td_cv_decl_netdnet_dnetdb_h_dnet_htoa=yes, td_cv_decl_netdnet_dnetdb_h_dnet_htoa=no)]) if test "$td_cv_decl_netdnet_dnetdb_h_dnet_htoa" = yes; then AC_DEFINE(HAVE_NETDNET_DNETDB_H_DNET_HTOA, 1, [define if you have a dnet_htoa declaration in ]) fi dnl dnl Checks for addrinfo structure AC_STRUCT_ADDRINFO(ac_cv_addrinfo) if test "$ac_cv_addrinfo" = no; then missing_includes=yes fi dnl dnl Checks for NI_MAXSERV AC_NI_MAXSERV(ac_cv_maxserv) if test "$ac_cv_maxserv" = no; then missing_includes=yes fi dnl dnl Checks for NI_NAMEREQD AC_NI_NAMEREQD(ac_cv_namereqd) if test "$ac_cv_namereqd" = no; then missing_includes=yes fi AC_REPLACE_FUNCS(vfprintf strcasecmp strlcat strlcpy strdup strsep getopt_long) AC_CHECK_FUNCS(fork vfork strftime) AC_CHECK_FUNCS(setlinebuf alarm) needsnprintf=no AC_CHECK_FUNCS(vsnprintf snprintf,, [needsnprintf=yes]) if test $needsnprintf = yes; then AC_LIBOBJ(snprintf) fi AC_LBL_TYPE_SIGNAL AC_SEARCH_LIBS(dnet_htoa, dnet, AC_DEFINE(HAVE_DNET_HTOA, 1, [define if you have the dnet_htoa function])) AC_CHECK_LIB(rpc, main) dnl It's unclear why we might need -lrpc dnl Some platforms may need -lnsl for getrpcbynumber. AC_SEARCH_LIBS(getrpcbynumber, nsl, AC_DEFINE(HAVE_GETRPCBYNUMBER, 1, [define if you have getrpcbynumber()])) dnl AC_CHECK_LIB(z, uncompress) dnl AC_CHECK_HEADERS(zlib.h) AC_LBL_LIBPCAP(V_PCAPDEP, V_INCLS) # # Check for these after AC_LBL_LIBPCAP, so we link with the appropriate # libraries (e.g., "-lsocket -lnsl" on Solaris). # # We don't use AC_REPLACE_FUNCS because that uses AC_CHECK_FUNCS which # use AC_CHECK_FUNC which doesn't let us specify the right #includes # to make this work on BSD/OS 4.x. BSD/OS 4.x ships with the BIND8 # resolver, and the way it defines inet_{ntop,pton} is rather strange; # it does not ship with a libc symbol "inet_ntop()", it ships with # "_inet_ntop()", and has a #define macro in one of the system headers # to rename it. # dnl AC_TRY_COMPILE(inet_ntop inet_pton inet_aton) AC_MSG_CHECKING(for inet_ntop) AC_TRY_LINK([#include #include #include #include ], [char src[4], dst[128]; inet_ntop(AF_INET, src, dst, sizeof(dst));], [AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no) AC_LIBOBJ(inet_ntop)]) AC_MSG_CHECKING(for inet_pton) AC_TRY_LINK([#include #include #include #include ], [char src[128], dst[4]; inet_pton(AF_INET, src, dst);], [AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no) AC_LIBOBJ(inet_pton)]) AC_MSG_CHECKING(for inet_aton) AC_TRY_LINK([#include #include #include ], [char src[128]; struct in_addr dst; inet_aton(src, &dst);], [AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no) AC_LIBOBJ(inet_aton)]) # # Check for these after AC_LBL_LIBPCAP, for the same reason. # # You are in a twisty little maze of UN*Xes, all different. # Some might not have ether_ntohost(). # Some might have it, but not declare it in any header file. # Some might have it, but declare it in . # Some might have it, but declare it in # (And some might have it but document it as something declared in # , although appears to work.) # # Before you is a C compiler. # AC_CHECK_FUNCS(ether_ntohost, [ AC_CACHE_CHECK(for buggy ether_ntohost, ac_cv_buggy_ether_ntohost, [ AC_TRY_RUN([ #include #include #include #include int main(int argc, char **argv) { u_char ea[6] = { 0xff, 0xff, 0xff, 0xff, 0xff }; char name[MAXHOSTNAMELEN]; ether_ntohost(name, (struct ether_addr *)ea); exit(0); } ], [ac_cv_buggy_ether_ntohost=no], [ac_cv_buggy_ether_ntohost=yes], [ac_cv_buggy_ether_ntohost="not while cross-compiling"])]) if test "$ac_cv_buggy_ether_ntohost" = "no"; then AC_DEFINE(USE_ETHER_NTOHOST, 1, [define if you have ether_ntohost() and it works]) fi ]) if test "$ac_cv_func_ether_ntohost" = yes -a \ "$ac_cv_buggy_ether_ntohost" = "no"; then # # OK, we have ether_ntohost(). Do we have ? # if test "$ac_cv_header_netinet_if_ether_h" = yes; then # # Yes. Does it declare ether_ntohost()? # AC_CHECK_DECL(ether_ntohost, [ AC_DEFINE(NETINET_IF_ETHER_H_DECLARES_ETHER_NTOHOST,, [Define to 1 if netinet/if_ether.h declares `ether_ntohost']) ],, [ #include #include #include #include struct mbuf; struct rtentry; #include #include ]) fi # # Did that succeed? # if test "$ac_cv_have_decl_ether_ntohost" != yes; then # # No, how about , as on Linux? # AC_CHECK_HEADERS(netinet/ether.h) if test "$ac_cv_header_netinet_ether_h" = yes; then # # We have it - does it declare ether_ntohost()? # Unset ac_cv_have_decl_ether_ntohost so we don't # treat the previous failure as a cached value and # suppress the next test. # unset ac_cv_have_decl_ether_ntohost AC_CHECK_DECL(ether_ntohost, [ AC_DEFINE(NETINET_ETHER_H_DECLARES_ETHER_NTOHOST,, [Define to 1 if netinet/ether.h declares `ether_ntohost']) ],, [ #include ]) fi fi # # Is ether_ntohost() declared? # if test "$ac_cv_have_decl_ether_ntohost" != yes; then # # No, we'll have to declare it ourselves. # Do we have "struct ether_addr"? # AC_CHECK_TYPES(struct ether_addr,,, [ #include #include #include #include struct mbuf; struct rtentry; #include #include ]) AC_DEFINE(HAVE_DECL_ETHER_NTOHOST, 0, [Define to 1 if you have the declaration of `ether_ntohost', and to 0 if you don't.]) else AC_DEFINE(HAVE_DECL_ETHER_NTOHOST, 1, [Define to 1 if you have the declaration of `ether_ntohost', and to 0 if you don't.]) fi fi # libdlpi is needed for Solaris 11 and later. AC_CHECK_LIB(dlpi, dlpi_walk, LIBS="$LIBS -ldlpi" LDFLAGS="-L/lib $LDFLAGS", ,-L/lib) dnl portability macros for getaddrinfo/getnameinfo dnl dnl Check for sa_len AC_CHECK_SA_LEN(ac_cv_sockaddr_has_sa_len) if test "$ac_cv_sockaddr_has_sa_len" = no; then missing_includes=yes fi dnl dnl Check for "pcap_list_datalinks()", "pcap_set_datalink()", dnl and "pcap_datalink_name_to_val()", and use substitute versions dnl if they're not present. dnl AC_CHECK_FUNC(pcap_list_datalinks, [ AC_DEFINE(HAVE_PCAP_LIST_DATALINKS, 1, [define if libpcap has pcap_list_datalinks()]) AC_CHECK_FUNCS(pcap_free_datalinks) ], [ AC_LIBOBJ(datalinks) ]) AC_CHECK_FUNCS(pcap_set_datalink) AC_CHECK_FUNC(pcap_datalink_name_to_val, [ AC_DEFINE(HAVE_PCAP_DATALINK_NAME_TO_VAL, 1, [define if libpcap has pcap_datalink_name_to_val()]) AC_CHECK_FUNC(pcap_datalink_val_to_description, AC_DEFINE(HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION, 1, [define if libpcap has pcap_datalink_val_to_description()]), [ AC_LIBOBJ(dlnames) ]) ], [ AC_LIBOBJ(dlnames) ]) dnl dnl Check for "pcap_breakloop()"; you can't substitute for it if dnl it's absent (it has hooks into the live capture routines), dnl so just define the HAVE_ value if it's there. dnl AC_CHECK_FUNCS(pcap_breakloop) dnl dnl Check for "pcap_dump_ftell()" and use a substitute version dnl if it's not present. dnl AC_CHECK_FUNC(pcap_dump_ftell, AC_DEFINE(HAVE_PCAP_DUMP_FTELL, 1, [define if libpcap has pcap_dump_ftell()]), [ AC_LIBOBJ(pcap_dump_ftell) ]) # # Do we have the new open API? Check for pcap_create, and assume that, # if we do, we also have pcap_activate() and the other new routines # introduced in libpcap 1.0.0. # AC_CHECK_FUNCS(pcap_create) if test $ac_cv_func_pcap_create = "yes" ; then # # OK, do we have pcap_set_tstamp_type? If so, assume we have # pcap_list_tstamp_types and pcap_free_tstamp_types as well. # AC_CHECK_FUNCS(pcap_set_tstamp_type) # # And do we have pcap_set_tstamp_precision? If so, we assume # we also have pcap_open_offline_with_tstamp_precision. # AC_CHECK_FUNCS(pcap_set_tstamp_precision) fi # # Check for a miscellaneous collection of functions which we use # if we have them. # AC_CHECK_FUNCS(pcap_findalldevs pcap_dump_flush pcap_lib_version pcap_setdirection pcap_set_immediate_mode) if test $ac_cv_func_pcap_findalldevs = "yes" ; then dnl Check for Mac OS X, which may ship pcap.h from 0.6 but libpcap may dnl be 0.8; this means that lib has pcap_findalldevs but header doesn't dnl have pcap_if_t. savedcppflags="$CPPFLAGS" CPPFLAGS="$CPPFLAGS $V_INCLS" AC_CHECK_TYPES(pcap_if_t, , , [#include ]) CPPFLAGS="$savedcppflags" fi if test $ac_cv_func_pcap_lib_version = "no" ; then AC_MSG_CHECKING(whether pcap_version is defined by libpcap) AC_TRY_LINK([], [ extern char pcap_version[]; return (int)pcap_version; ], ac_lbl_cv_pcap_version_defined=yes, ac_lbl_cv_pcap_version_defined=no) if test "$ac_lbl_cv_pcap_version_defined" = yes ; then AC_MSG_RESULT(yes) AC_DEFINE(HAVE_PCAP_VERSION, 1, [define if libpcap has pcap_version]) else AC_MSG_RESULT(no) fi fi AC_MSG_CHECKING(whether pcap_debug is defined by libpcap) AC_TRY_LINK([], [ extern int pcap_debug; return pcap_debug; ], ac_lbl_cv_pcap_debug_defined=yes, ac_lbl_cv_pcap_debug_defined=no) if test "$ac_lbl_cv_pcap_debug_defined" = yes ; then AC_MSG_RESULT(yes) AC_DEFINE(HAVE_PCAP_DEBUG, 1, [define if libpcap has pcap_debug]) else AC_MSG_RESULT(no) # # OK, what about "yydebug"? # AC_MSG_CHECKING(whether yydebug is defined by libpcap) AC_TRY_LINK([], [ extern int yydebug; return yydebug; ], ac_lbl_cv_yydebug_defined=yes, ac_lbl_cv_yydebug_defined=no) if test "$ac_lbl_cv_yydebug_defined" = yes ; then AC_MSG_RESULT(yes) AC_DEFINE(HAVE_YYDEBUG, 1, [define if libpcap has yydebug]) else AC_MSG_RESULT(no) fi fi AC_REPLACE_FUNCS(bpf_dump) dnl moved to libpcap in 0.6 V_GROUP=0 if test -f /etc/group -a ! -z "`grep '^wheel:' /etc/group`" ; then V_GROUP=wheel fi # # Assume V7/BSD convention for man pages (file formats in section 5, # miscellaneous info in section 7). # MAN_FILE_FORMATS=5 MAN_MISC_INFO=7 case "$host_os" in aix*) dnl Workaround to enable certain features AC_DEFINE(_SUN,1,[define on AIX to get certain functions]) ;; hpux*) # # Use System V conventions for man pages. # MAN_FILE_FORMATS=4 MAN_MISC_INFO=5 ;; irix*) V_GROUP=sys # # Use System V conventions for man pages. # MAN_FILE_FORMATS=4 MAN_MISC_INFO=5 ;; osf*) V_GROUP=system # # Use System V conventions for man pages. # MAN_FILE_FORMATS=4 MAN_MISC_INFO=5 ;; solaris*) V_GROUP=sys # # Use System V conventions for man pages. # MAN_FILE_FORMATS=4 MAN_MISC_INFO=5 ;; esac if test -f /dev/bpf0 ; then V_GROUP=bpf fi # # Make sure we have definitions for all the C99 specified-width types # (regardless of whether the environment is a C99 environment or not). # AC_TYPE_INT8_T AC_TYPE_INT16_T AC_TYPE_INT32_T AC_TYPE_INT64_T AC_TYPE_UINT8_T AC_TYPE_UINT16_T AC_TYPE_UINT32_T AC_TYPE_UINT64_T # # Make sure we have a definition for C99's uintptr_t (regardless of # whether the environment is a C99 environment or not). # AC_TYPE_UINTPTR_T # # Define the old BSD specified-width types in terms of the C99 types; # we may need them with libpcap include files. # AC_CHECK_TYPE([u_int8_t], , [AC_DEFINE([u_int8_t], [uint8_t], [Define to `uint8_t' if u_int8_t not defined.])], [AC_INCLUDES_DEFAULT #include ]) AC_CHECK_TYPE([u_int16_t], , [AC_DEFINE([u_int16_t], [uint16_t], [Define to `uint16_t' if u_int16_t not defined.])], [AC_INCLUDES_DEFAULT #include ]) AC_CHECK_TYPE([u_int32_t], , [AC_DEFINE([u_int32_t], [uint32_t], [Define to `uint32_t' if u_int32_t not defined.])], [AC_INCLUDES_DEFAULT #include ]) AC_CHECK_TYPE([u_int64_t], , [AC_DEFINE([u_int64_t], [uint64_t], [Define to `uint64_t' if u_int64_t not defined.])], [AC_INCLUDES_DEFAULT #include ]) # # Check for # AC_CHECK_HEADERS(inttypes.h, [ # # OK, we have inttypes.h, but does it define all the PRI[doxu]64 macros? # Some systems have an inttypes.h that doesn't define all of them. # AC_MSG_CHECKING([[whether inttypes.h defines the PRI[doxu]64 macros]]) AC_COMPILE_IFELSE( [ AC_LANG_SOURCE( [[ #include #include #include main() { printf("%" PRId64 "\n", (uint64_t)1); printf("%" PRIo64 "\n", (uint64_t)1); printf("%" PRIx64 "\n", (uint64_t)1); printf("%" PRIu64 "\n", (uint64_t)1); } ]]) ], [ AC_MSG_RESULT(yes) ac_lbl_inttypes_h_defines_formats=yes ], [ AC_MSG_RESULT(no) ac_lbl_inttypes_h_defines_formats=no ]) ], [ # # We don't have inttypes.h, so it obviously can't define those # macros. # ac_lbl_inttypes_h_defines_formats=no ]) if test "$ac_lbl_inttypes_h_defines_formats" = no; then AC_LBL_CHECK_64BIT_FORMAT(l, [ AC_LBL_CHECK_64BIT_FORMAT(ll, [ AC_LBL_CHECK_64BIT_FORMAT(L, [ AC_LBL_CHECK_64BIT_FORMAT(q, [ AC_MSG_ERROR([neither %llx nor %Lx nor %qx worked on a 64-bit integer]) ]) ]) ]) ]) fi # # Check for some headers introduced in later versions of libpcap # and used by some printers. # # Those headers use the {u_}intN_t types, so we must do this after # we check for what's needed to get them defined. # savedcppflags="$CPPFLAGS" CPPFLAGS="$CPPFLAGS $V_INCLS" AC_CHECK_HEADERS(pcap/bluetooth.h,,,[#include "tcpdump-stdinc.h"]) AC_CHECK_HEADERS(pcap/nflog.h,,,[#include "tcpdump-stdinc.h"]) AC_CHECK_HEADERS(pcap/usb.h,,,[#include "tcpdump-stdinc.h"]) CPPFLAGS="$savedcppflags" AC_PROG_RANLIB AC_CHECK_TOOL([AR], [ar]) AC_LBL_DEVEL(V_CCOPT) AC_LBL_SOCKADDR_SA_LEN AC_LBL_UNALIGNED_ACCESS AC_VAR_H_ERRNO # Check for OpenSSL libcrypto AC_MSG_CHECKING(whether to use OpenSSL libcrypto) # Specify location for both includes and libraries. want_libcrypto=ifavailable AC_ARG_WITH(crypto, AS_HELP_STRING([--with-crypto], [use OpenSSL libcrypto @<:@default=yes, if available@:>@]), [ if test $withval = no then want_libcrypto=no AC_MSG_RESULT(no) elif test $withval = yes then want_libcrypto=yes AC_MSG_RESULT(yes) fi ],[ # # Use libcrypto if it's present, otherwise don't. # want_libcrypto=ifavailable AC_MSG_RESULT([yes, if available]) ]) if test "$want_libcrypto" != "no"; then AC_CHECK_LIB(crypto, DES_cbc_encrypt) AC_CHECK_HEADERS(openssl/evp.h) fi # Check for libcap-ng AC_MSG_CHECKING(whether to use libcap-ng) # Specify location for both includes and libraries. want_libcap_ng=ifavailable AC_ARG_WITH(cap_ng, AS_HELP_STRING([--with-cap-ng], [use libcap-ng @<:@default=yes, if available@:>@]), [ if test $withval = no then want_libcap_ng=no AC_MSG_RESULT(no) elif test $withval = yes then want_libcap_ng=yes AC_MSG_RESULT(yes) fi ],[ # # Use libcap-ng if it's present, otherwise don't. # want_libcap_ng=ifavailable AC_MSG_RESULT([yes, if available]) ]) if test "$want_libcap_ng" != "no"; then AC_CHECK_LIB(cap-ng, capng_change_id) AC_CHECK_HEADERS(cap-ng.h) fi dnl dnl set additional include path if necessary if test "$missing_includes" = "yes"; then CPPFLAGS="$CPPFLAGS -I$srcdir/missing" V_INCLS="$V_INCLS -I$srcdir/missing" fi AC_SUBST(V_CCOPT) AC_SUBST(V_DEFS) AC_SUBST(V_GROUP) AC_SUBST(V_INCLS) AC_SUBST(V_PCAPDEP) AC_SUBST(LOCALSRC) AC_SUBST(MAN_FILE_FORMATS) AC_SUBST(MAN_MISC_INFO) AC_PROG_INSTALL AC_CONFIG_HEADER(config.h) AC_OUTPUT_COMMANDS([if test -f .devel; then echo timestamp > stamp-h cat Makefile-devel-adds >> Makefile make depend fi]) AC_OUTPUT(Makefile tcpdump.1) exit 0 Index: head/contrib/tcpdump/tcpdump.c =================================================================== --- head/contrib/tcpdump/tcpdump.c (revision 296046) +++ head/contrib/tcpdump/tcpdump.c (revision 296047) @@ -1,2809 +1,2806 @@ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that: (1) source code distributions * retain the above copyright notice and this paragraph in its entirety, (2) * distributions including binary code include the above copyright notice and * this paragraph in its entirety in the documentation or other materials * provided with the distribution, and (3) all advertising materials mentioning * features or use of this software display the following acknowledgement: * ``This product includes software developed by the University of California, * Lawrence Berkeley Laboratory and its contributors.'' Neither the name of * the University nor the names of its contributors may be used to endorse * or promote products derived from this software without specific prior * written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * * Support for splitting captures into multiple files with a maximum * file size: * * Copyright (c) 2001 * Seth Webster */ #ifndef lint static const char copyright[] _U_ = "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* $FreeBSD$ */ /* * tcpdump - monitor tcp/ip traffic on an ethernet. * * First written in 1987 by Van Jacobson, Lawrence Berkeley Laboratory. * Mercilessly hacked and occasionally improved since then via the * combined efforts of Van, Steve McCanne and Craig Leres of LBL. */ #ifdef HAVE_CONFIG_H #include "config.h" #endif /* * Mac OS X may ship pcap.h from libpcap 0.6 with a libpcap based on * 0.8. That means it has pcap_findalldevs() but the header doesn't * define pcap_if_t, meaning that we can't actually *use* pcap_findalldevs(). */ #ifdef HAVE_PCAP_FINDALLDEVS #ifndef HAVE_PCAP_IF_T #undef HAVE_PCAP_FINDALLDEVS #endif #endif #include #ifdef WIN32 #include "w32_fzs.h" extern int strcasecmp (const char *__s1, const char *__s2); extern int SIZE_BUF; #define off_t long #define uint UINT #endif /* WIN32 */ #ifdef USE_LIBSMI #include #endif #ifdef HAVE_LIBCRYPTO #include #endif #ifdef HAVE_GETOPT_LONG #include #else #include "getopt_long.h" #endif /* Capsicum-specific code requires macros from , which will fail * to compile if has already been included; including the headers * in the opposite order works fine. */ #ifdef __FreeBSD__ #include #include #endif /* __FreeBSD__ */ -#ifdef HAVE_CAPSICUM -#include -#include -#include +#ifdef HAVE_CAPSPER +#include +#include #include #include #include #include #include #include -#endif /* HAVE_CAPSICUM */ +#endif /* HAVE_CAPSPER */ #include #include #include #include #include #include #ifndef WIN32 #include #include #include #include #endif /* WIN32 */ /* capabilities convenience library */ /* If a code depends on HAVE_LIBCAP_NG, it depends also on HAVE_CAP_NG_H. * If HAVE_CAP_NG_H is not defined, undefine HAVE_LIBCAP_NG. * Thus, the later tests are done only on HAVE_LIBCAP_NG. */ #ifdef HAVE_LIBCAP_NG #ifdef HAVE_CAP_NG_H #include #else #undef HAVE_LIBCAP_NG #endif /* HAVE_CAP_NG_H */ #endif /* HAVE_LIBCAP_NG */ #include "netdissect.h" #include "interface.h" #include "addrtoname.h" #include "machdep.h" #include "setsignal.h" #include "gmt2local.h" #include "pcap-missing.h" #ifndef PATH_MAX #define PATH_MAX 1024 #endif #ifdef SIGINFO #define SIGNAL_REQ_INFO SIGINFO #elif SIGUSR1 #define SIGNAL_REQ_INFO SIGUSR1 #endif netdissect_options Gndo; netdissect_options *gndo = &Gndo; static int Dflag; /* list available devices and exit */ static int dflag; /* print filter code */ static int Lflag; /* list available data link types and exit */ #ifdef HAVE_PCAP_SET_TSTAMP_TYPE static int Jflag; /* list available time stamp types */ #endif #ifdef HAVE_PCAP_SETDIRECTION int Qflag = -1; /* restrict captured packet by send/receive direction */ #endif static char *zflag = NULL; /* compress each savefile using a specified command (like gzip or bzip2) */ static int infodelay; static int infoprint; char *program_name; -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER cap_channel_t *capdns; #endif int32_t thiszone; /* seconds offset from gmt to local time */ /* Forwards */ static RETSIGTYPE cleanup(int); static RETSIGTYPE child_cleanup(int); static void print_version(void); static void print_usage(void); static void show_dlts_and_exit(const char *device, pcap_t *pd) __attribute__((noreturn)); static void print_packet(u_char *, const struct pcap_pkthdr *, const u_char *); static void ndo_default_print(netdissect_options *, const u_char *, u_int); static void dump_packet_and_trunc(u_char *, const struct pcap_pkthdr *, const u_char *); static void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *); static void droproot(const char *, const char *); static void ndo_error(netdissect_options *ndo, const char *fmt, ...) __attribute__((noreturn)) #ifdef __ATTRIBUTE___FORMAT_OK __attribute__((format (printf, 2, 3))) #endif /* __ATTRIBUTE___FORMAT_OK */ ; static void ndo_warning(netdissect_options *ndo, const char *fmt, ...) #ifdef __ATTRIBUTE___FORMAT_OK __attribute__((format (printf, 2, 3))) #endif /* __ATTRIBUTE___FORMAT_OK */ ; #ifdef SIGNAL_REQ_INFO RETSIGTYPE requestinfo(int); #endif #if defined(USE_WIN32_MM_TIMER) #include static UINT timer_id; static void CALLBACK verbose_stats_dump(UINT, UINT, DWORD_PTR, DWORD_PTR, DWORD_PTR); #elif defined(HAVE_ALARM) static void verbose_stats_dump(int sig); #endif static void info(int); static u_int packets_captured; struct printer { if_printer f; int type; }; struct ndo_printer { if_ndo_printer f; int type; }; static const struct printer printers[] = { { NULL, 0 }, }; static const struct ndo_printer ndo_printers[] = { { ether_if_print, DLT_EN10MB }, #ifdef DLT_IPNET { ipnet_if_print, DLT_IPNET }, #endif #ifdef DLT_IEEE802_15_4 { ieee802_15_4_if_print, DLT_IEEE802_15_4 }, #endif #ifdef DLT_IEEE802_15_4_NOFCS { ieee802_15_4_if_print, DLT_IEEE802_15_4_NOFCS }, #endif #ifdef DLT_PPI { ppi_if_print, DLT_PPI }, #endif #ifdef DLT_NETANALYZER { netanalyzer_if_print, DLT_NETANALYZER }, #endif #ifdef DLT_NETANALYZER_TRANSPARENT { netanalyzer_transparent_if_print, DLT_NETANALYZER_TRANSPARENT }, #endif #if defined(DLT_NFLOG) && defined(HAVE_PCAP_NFLOG_H) { nflog_if_print, DLT_NFLOG}, #endif #ifdef DLT_CIP { cip_if_print, DLT_CIP }, #endif #ifdef DLT_ATM_CLIP { cip_if_print, DLT_ATM_CLIP }, #endif #ifdef DLT_IP_OVER_FC { ipfc_if_print, DLT_IP_OVER_FC }, #endif { null_if_print, DLT_NULL }, #ifdef DLT_LOOP { null_if_print, DLT_LOOP }, #endif #ifdef DLT_APPLE_IP_OVER_IEEE1394 { ap1394_if_print, DLT_APPLE_IP_OVER_IEEE1394 }, #endif #if defined(DLT_BLUETOOTH_HCI_H4_WITH_PHDR) && defined(HAVE_PCAP_BLUETOOTH_H) { bt_if_print, DLT_BLUETOOTH_HCI_H4_WITH_PHDR}, #endif #ifdef DLT_LANE8023 { lane_if_print, DLT_LANE8023 }, #endif { arcnet_if_print, DLT_ARCNET }, #ifdef DLT_ARCNET_LINUX { arcnet_linux_if_print, DLT_ARCNET_LINUX }, #endif { raw_if_print, DLT_RAW }, #ifdef DLT_IPV4 { raw_if_print, DLT_IPV4 }, #endif #ifdef DLT_IPV6 { raw_if_print, DLT_IPV6 }, #endif #ifdef HAVE_PCAP_USB_H #ifdef DLT_USB_LINUX { usb_linux_48_byte_print, DLT_USB_LINUX}, #endif /* DLT_USB_LINUX */ #ifdef DLT_USB_LINUX_MMAPPED { usb_linux_64_byte_print, DLT_USB_LINUX_MMAPPED}, #endif /* DLT_USB_LINUX_MMAPPED */ #endif /* HAVE_PCAP_USB_H */ #ifdef DLT_SYMANTEC_FIREWALL { symantec_if_print, DLT_SYMANTEC_FIREWALL }, #endif #ifdef DLT_C_HDLC { chdlc_if_print, DLT_C_HDLC }, #endif #ifdef DLT_HDLC { chdlc_if_print, DLT_HDLC }, #endif #ifdef DLT_PPP_ETHER { pppoe_if_print, DLT_PPP_ETHER }, #endif #if defined(DLT_PFLOG) && defined(HAVE_NET_PFVAR_H) { pflog_if_print, DLT_PFLOG }, #endif { token_if_print, DLT_IEEE802 }, { fddi_if_print, DLT_FDDI }, #ifdef DLT_LINUX_SLL { sll_if_print, DLT_LINUX_SLL }, #endif #ifdef DLT_FR { fr_if_print, DLT_FR }, #endif #ifdef DLT_FRELAY { fr_if_print, DLT_FRELAY }, #endif #ifdef DLT_MFR { mfr_if_print, DLT_MFR }, #endif { atm_if_print, DLT_ATM_RFC1483 }, #ifdef DLT_SUNATM { sunatm_if_print, DLT_SUNATM }, #endif #ifdef DLT_ENC { enc_if_print, DLT_ENC }, #endif { sl_if_print, DLT_SLIP }, #ifdef DLT_SLIP_BSDOS { sl_bsdos_if_print, DLT_SLIP_BSDOS }, #endif #ifdef DLT_LTALK { ltalk_if_print, DLT_LTALK }, #endif #ifdef DLT_JUNIPER_ATM1 { juniper_atm1_print, DLT_JUNIPER_ATM1 }, #endif #ifdef DLT_JUNIPER_ATM2 { juniper_atm2_print, DLT_JUNIPER_ATM2 }, #endif #ifdef DLT_JUNIPER_MFR { juniper_mfr_print, DLT_JUNIPER_MFR }, #endif #ifdef DLT_JUNIPER_MLFR { juniper_mlfr_print, DLT_JUNIPER_MLFR }, #endif #ifdef DLT_JUNIPER_MLPPP { juniper_mlppp_print, DLT_JUNIPER_MLPPP }, #endif #ifdef DLT_JUNIPER_PPPOE { juniper_pppoe_print, DLT_JUNIPER_PPPOE }, #endif #ifdef DLT_JUNIPER_PPPOE_ATM { juniper_pppoe_atm_print, DLT_JUNIPER_PPPOE_ATM }, #endif #ifdef DLT_JUNIPER_GGSN { juniper_ggsn_print, DLT_JUNIPER_GGSN }, #endif #ifdef DLT_JUNIPER_ES { juniper_es_print, DLT_JUNIPER_ES }, #endif #ifdef DLT_JUNIPER_MONITOR { juniper_monitor_print, DLT_JUNIPER_MONITOR }, #endif #ifdef DLT_JUNIPER_SERVICES { juniper_services_print, DLT_JUNIPER_SERVICES }, #endif #ifdef DLT_JUNIPER_ETHER { juniper_ether_print, DLT_JUNIPER_ETHER }, #endif #ifdef DLT_JUNIPER_PPP { juniper_ppp_print, DLT_JUNIPER_PPP }, #endif #ifdef DLT_JUNIPER_FRELAY { juniper_frelay_print, DLT_JUNIPER_FRELAY }, #endif #ifdef DLT_JUNIPER_CHDLC { juniper_chdlc_print, DLT_JUNIPER_CHDLC }, #endif #ifdef DLT_PKTAP { pktap_if_print, DLT_PKTAP }, #endif #ifdef DLT_IEEE802_11_RADIO { ieee802_11_radio_if_print, DLT_IEEE802_11_RADIO }, #endif #ifdef DLT_IEEE802_11 { ieee802_11_if_print, DLT_IEEE802_11}, #endif #ifdef DLT_IEEE802_11_RADIO_AVS { ieee802_11_radio_avs_if_print, DLT_IEEE802_11_RADIO_AVS }, #endif #ifdef DLT_PRISM_HEADER { prism_if_print, DLT_PRISM_HEADER }, #endif { ppp_if_print, DLT_PPP }, #ifdef DLT_PPP_WITHDIRECTION { ppp_if_print, DLT_PPP_WITHDIRECTION }, #endif #ifdef DLT_PPP_BSDOS { ppp_bsdos_if_print, DLT_PPP_BSDOS }, #endif #ifdef DLT_PPP_SERIAL { ppp_hdlc_if_print, DLT_PPP_SERIAL }, #endif { NULL, 0 }, }; static const struct tok status_flags[] = { #ifdef PCAP_IF_UP { PCAP_IF_UP, "Up" }, #endif #ifdef PCAP_IF_RUNNING { PCAP_IF_RUNNING, "Running" }, #endif { PCAP_IF_LOOPBACK, "Loopback" }, { 0, NULL } }; if_printer lookup_printer(int type) { const struct printer *p; for (p = printers; p->f; ++p) if (type == p->type) return p->f; return NULL; /* NOTREACHED */ } if_ndo_printer lookup_ndo_printer(int type) { const struct ndo_printer *p; for (p = ndo_printers; p->f; ++p) if (type == p->type) return p->f; #if defined(DLT_USER2) && defined(DLT_PKTAP) /* * Apple incorrectly chose to use DLT_USER2 for their PKTAP * header. * * We map DLT_PKTAP, whether it's DLT_USER2 as it is on Darwin- * based OSes or the same value as LINKTYPE_PKTAP as it is on * other OSes, to LINKTYPE_PKTAP, so files written with * this version of libpcap for a DLT_PKTAP capture have a link- * layer header type of LINKTYPE_PKTAP. * * However, files written on OS X Mavericks for a DLT_PKTAP * capture have a link-layer header type of LINKTYPE_USER2. * If we don't have a printer for DLT_USER2, and type is * DLT_USER2, we look up the printer for DLT_PKTAP and use * that. */ if (type == DLT_USER2) { for (p = ndo_printers; p->f; ++p) if (DLT_PKTAP == p->type) return p->f; } #endif return NULL; /* NOTREACHED */ } static pcap_t *pd; static int supports_monitor_mode; extern int optind; extern int opterr; extern char *optarg; struct print_info { netdissect_options *ndo; union { if_printer printer; if_ndo_printer ndo_printer; } p; int ndo_type; }; struct dump_info { char *WFileName; char *CurrentFileName; pcap_t *pd; pcap_dumper_t *p; -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER int dirfd; #endif }; #ifdef HAVE_PCAP_SET_TSTAMP_TYPE static void show_tstamp_types_and_exit(const char *device, pcap_t *pd) { int n_tstamp_types; int *tstamp_types = 0; const char *tstamp_type_name; int i; n_tstamp_types = pcap_list_tstamp_types(pd, &tstamp_types); if (n_tstamp_types < 0) error("%s", pcap_geterr(pd)); if (n_tstamp_types == 0) { fprintf(stderr, "Time stamp type cannot be set for %s\n", device); exit(0); } fprintf(stderr, "Time stamp types for %s (use option -j to set):\n", device); for (i = 0; i < n_tstamp_types; i++) { tstamp_type_name = pcap_tstamp_type_val_to_name(tstamp_types[i]); if (tstamp_type_name != NULL) { (void) fprintf(stderr, " %s (%s)\n", tstamp_type_name, pcap_tstamp_type_val_to_description(tstamp_types[i])); } else { (void) fprintf(stderr, " %d\n", tstamp_types[i]); } } pcap_free_tstamp_types(tstamp_types); exit(0); } #endif static void show_dlts_and_exit(const char *device, pcap_t *pd) { int n_dlts; int *dlts = 0; const char *dlt_name; n_dlts = pcap_list_datalinks(pd, &dlts); if (n_dlts < 0) error("%s", pcap_geterr(pd)); else if (n_dlts == 0 || !dlts) error("No data link types."); /* * If the interface is known to support monitor mode, indicate * whether these are the data link types available when not in * monitor mode, if -I wasn't specified, or when in monitor mode, * when -I was specified (the link-layer types available in * monitor mode might be different from the ones available when * not in monitor mode). */ if (supports_monitor_mode) (void) fprintf(stderr, "Data link types for %s %s (use option -y to set):\n", device, Iflag ? "when in monitor mode" : "when not in monitor mode"); else (void) fprintf(stderr, "Data link types for %s (use option -y to set):\n", device); while (--n_dlts >= 0) { dlt_name = pcap_datalink_val_to_name(dlts[n_dlts]); if (dlt_name != NULL) { (void) fprintf(stderr, " %s (%s)", dlt_name, pcap_datalink_val_to_description(dlts[n_dlts])); /* * OK, does tcpdump handle that type? */ if (lookup_printer(dlts[n_dlts]) == NULL && lookup_ndo_printer(dlts[n_dlts]) == NULL) (void) fprintf(stderr, " (printing not supported)"); fprintf(stderr, "\n"); } else { (void) fprintf(stderr, " DLT %d (printing not supported)\n", dlts[n_dlts]); } } #ifdef HAVE_PCAP_FREE_DATALINKS pcap_free_datalinks(dlts); #endif exit(0); } #ifdef HAVE_PCAP_FINDALLDEVS static void show_devices_and_exit (void) { pcap_if_t *devpointer; char ebuf[PCAP_ERRBUF_SIZE]; int i; if (pcap_findalldevs(&devpointer, ebuf) < 0) error("%s", ebuf); else { for (i = 0; devpointer != NULL; i++) { printf("%d.%s", i+1, devpointer->name); if (devpointer->description != NULL) printf(" (%s)", devpointer->description); if (devpointer->flags != 0) printf(" [%s]", bittok2str(status_flags, "none", devpointer->flags)); printf("\n"); devpointer = devpointer->next; } } exit(0); } #endif /* HAVE_PCAP_FINDALLDEVS */ /* * Short options. * * Note that there we use all letters for short options except for g, k, * o, and P, and those are used by other versions of tcpdump, and we should * only use them for the same purposes that the other versions of tcpdump * use them: * * OS X tcpdump uses -g to force non--v output for IP to be on one * line, making it more "g"repable; * * OS X tcpdump uses -k tospecify that packet comments in pcap-ng files * should be printed; * * OpenBSD tcpdump uses -o to indicate that OS fingerprinting should be done * for hosts sending TCP SYN packets; * * OS X tcpdump uses -P to indicate that -w should write pcap-ng rather * than pcap files. * * OS X tcpdump also uses -Q to specify expressions that match packet * metadata, including but not limited to the packet direction. * The expression syntax is different from a simple "in|out|inout", * and those expressions aren't accepted by OS X tcpdump, but the * equivalents would be "in" = "dir=in", "out" = "dir=out", and * "inout" = "dir=in or dir=out", and the parser could conceivably * special-case "in", "out", and "inout" as expressions for backwards * compatibility, so all is not (yet) lost. */ /* * Set up flags that might or might not be supported depending on the * version of libpcap we're using. */ #if defined(HAVE_PCAP_CREATE) || defined(WIN32) #define B_FLAG "B:" #define B_FLAG_USAGE " [ -B size ]" #else /* defined(HAVE_PCAP_CREATE) || defined(WIN32) */ #define B_FLAG #define B_FLAG_USAGE #endif /* defined(HAVE_PCAP_CREATE) || defined(WIN32) */ #ifdef HAVE_PCAP_CREATE #define I_FLAG "I" #else /* HAVE_PCAP_CREATE */ #define I_FLAG #endif /* HAVE_PCAP_CREATE */ #ifdef HAVE_PCAP_SET_TSTAMP_TYPE #define j_FLAG "j:" #define j_FLAG_USAGE " [ -j tstamptype ]" #define J_FLAG "J" #else /* PCAP_ERROR_TSTAMP_TYPE_NOTSUP */ #define j_FLAG #define j_FLAG_USAGE #define J_FLAG #endif /* PCAP_ERROR_TSTAMP_TYPE_NOTSUP */ #ifdef HAVE_PCAP_FINDALLDEVS #define D_FLAG "D" #else #define D_FLAG #endif #ifdef HAVE_PCAP_DUMP_FLUSH #define U_FLAG "U" #else #define U_FLAG #endif #ifdef HAVE_PCAP_SETDIRECTION #define Q_FLAG "Q:" #else #define Q_FLAG #endif #define SHORTOPTS "aAb" B_FLAG "c:C:d" D_FLAG "eE:fF:G:hHi:" I_FLAG j_FLAG J_FLAG "KlLm:M:nNOpq" Q_FLAG "r:Rs:StT:u" U_FLAG "vV:w:W:xXy:Yz:Z:#" /* * Long options. * * We do not currently have long options corresponding to all short * options; we should probably pick appropriate option names for them. * * However, the short options where the number of times the option is * specified matters, such as -v and -d and -t, should probably not * just map to a long option, as saying * * tcpdump --verbose --verbose * * doesn't make sense; it should be --verbosity={N} or something such * as that. * * For long options with no corresponding short options, we define values * outside the range of ASCII graphic characters, make that the last * component of the entry for the long option, and have a case for that * option in the switch statement. */ #define OPTION_VERSION 128 #define OPTION_TSTAMP_PRECISION 129 #define OPTION_IMMEDIATE_MODE 130 static const struct option longopts[] = { #if defined(HAVE_PCAP_CREATE) || defined(WIN32) { "buffer-size", required_argument, NULL, 'B' }, #endif { "list-interfaces", no_argument, NULL, 'D' }, { "help", no_argument, NULL, 'h' }, { "interface", required_argument, NULL, 'i' }, #ifdef HAVE_PCAP_CREATE { "monitor-mode", no_argument, NULL, 'I' }, #endif #ifdef HAVE_PCAP_SET_TSTAMP_TYPE { "time-stamp-type", required_argument, NULL, 'j' }, { "list-time-stamp-types", no_argument, NULL, 'J' }, #endif #ifdef HAVE_PCAP_SET_TSTAMP_PRECISION { "time-stamp-precision", required_argument, NULL, OPTION_TSTAMP_PRECISION}, #endif { "dont-verify-checksums", no_argument, NULL, 'K' }, { "list-data-link-types", no_argument, NULL, 'L' }, { "no-optimize", no_argument, NULL, 'O' }, { "no-promiscuous-mode", no_argument, NULL, 'p' }, #ifdef HAVE_PCAP_SETDIRECTION { "direction", required_argument, NULL, 'Q' }, #endif { "snapshot-length", required_argument, NULL, 's' }, { "absolute-tcp-sequence-numbers", no_argument, NULL, 'S' }, #ifdef HAVE_PCAP_DUMP_FLUSH { "packet-buffered", no_argument, NULL, 'U' }, #endif { "linktype", required_argument, NULL, 'y' }, #ifdef HAVE_PCAP_SET_IMMEDIATE_MODE { "immediate-mode", no_argument, NULL, OPTION_IMMEDIATE_MODE }, #endif #if defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG) { "debug-filter-parser", no_argument, NULL, 'Y' }, #endif { "relinquish-privileges", required_argument, NULL, 'Z' }, { "number", no_argument, NULL, '#' }, { "version", no_argument, NULL, OPTION_VERSION }, { NULL, 0, NULL, 0 } }; #ifndef WIN32 /* Drop root privileges and chroot if necessary */ static void droproot(const char *username, const char *chroot_dir) { struct passwd *pw = NULL; if (chroot_dir && !username) { fprintf(stderr, "tcpdump: Chroot without dropping root is insecure\n"); exit(1); } pw = getpwnam(username); if (pw) { if (chroot_dir) { if (chroot(chroot_dir) != 0 || chdir ("/") != 0) { fprintf(stderr, "tcpdump: Couldn't chroot/chdir to '%.64s': %s\n", chroot_dir, pcap_strerror(errno)); exit(1); } } #ifdef HAVE_LIBCAP_NG int ret = capng_change_id(pw->pw_uid, pw->pw_gid, CAPNG_NO_FLAG); if (ret < 0) { fprintf(stderr, "error : ret %d\n", ret); } else { fprintf(stderr, "dropped privs to %s\n", username); } #else if (initgroups(pw->pw_name, pw->pw_gid) != 0 || setgid(pw->pw_gid) != 0 || setuid(pw->pw_uid) != 0) { fprintf(stderr, "tcpdump: Couldn't change to '%.32s' uid=%lu gid=%lu: %s\n", username, (unsigned long)pw->pw_uid, (unsigned long)pw->pw_gid, pcap_strerror(errno)); exit(1); } else { fprintf(stderr, "dropped privs to %s\n", username); } #endif /* HAVE_LIBCAP_NG */ } else { fprintf(stderr, "tcpdump: Couldn't find user '%.32s'\n", username); exit(1); } #ifdef HAVE_LIBCAP_NG /* We don't need CAP_SETUID and CAP_SETGID any more. */ capng_updatev( CAPNG_DROP, CAPNG_EFFECTIVE | CAPNG_PERMITTED, CAP_SETUID, CAP_SETGID, -1); capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ } #endif /* WIN32 */ static int getWflagChars(int x) { int c = 0; x -= 1; while (x > 0) { c += 1; x /= 10; } return c; } static void MakeFilename(char *buffer, char *orig_name, int cnt, int max_chars) { char *filename = malloc(PATH_MAX + 1); if (filename == NULL) error("Makefilename: malloc"); /* Process with strftime if Gflag is set. */ if (Gflag != 0) { struct tm *local_tm; /* Convert Gflag_time to a usable format */ if ((local_tm = localtime(&Gflag_time)) == NULL) { error("MakeTimedFilename: localtime"); } /* There's no good way to detect an error in strftime since a return * value of 0 isn't necessarily failure. */ strftime(filename, PATH_MAX, orig_name, local_tm); } else { strncpy(filename, orig_name, PATH_MAX); } if (cnt == 0 && max_chars == 0) strncpy(buffer, filename, PATH_MAX + 1); else if (snprintf(buffer, PATH_MAX + 1, "%s%0*d", filename, max_chars, cnt) > PATH_MAX) /* Report an error if the filename is too large */ error("too many output files or filename is too long (> %d)", PATH_MAX); free(filename); } static int tcpdump_printf(netdissect_options *ndo _U_, const char *fmt, ...) { va_list args; int ret; va_start(args, fmt); ret=vfprintf(stdout, fmt, args); va_end(args); return ret; } static struct print_info get_print_info(int type) { struct print_info printinfo; printinfo.ndo_type = 1; printinfo.ndo = gndo; printinfo.p.ndo_printer = lookup_ndo_printer(type); if (printinfo.p.ndo_printer == NULL) { printinfo.p.printer = lookup_printer(type); printinfo.ndo_type = 0; if (printinfo.p.printer == NULL) { gndo->ndo_dltname = pcap_datalink_val_to_name(type); if (gndo->ndo_dltname != NULL) error("packet printing is not supported for link type %s: use -w", gndo->ndo_dltname); else error("packet printing is not supported for link type %d: use -w", type); } } return (printinfo); } static char * get_next_file(FILE *VFile, char *ptr) { char *ret; ret = fgets(ptr, PATH_MAX, VFile); if (!ret) return NULL; if (ptr[strlen(ptr) - 1] == '\n') ptr[strlen(ptr) - 1] = '\0'; return ret; } -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER static cap_channel_t * capdns_setup(void) { cap_channel_t *capcas, *capdnsloc; const char *types[1]; int families[2]; capcas = cap_init(); - if (capcas == NULL) { - warning("unable to contact casperd"); - return (NULL); - } + if (capcas == NULL) + error("unable to create casper process"); capdnsloc = cap_service_open(capcas, "system.dns"); /* Casper capability no longer needed. */ cap_close(capcas); if (capdnsloc == NULL) error("unable to open system.dns service"); /* Limit system.dns to reverse DNS lookups. */ types[0] = "ADDR"; if (cap_dns_type_limit(capdnsloc, types, 1) < 0) error("unable to limit access to system.dns service"); families[0] = AF_INET; families[1] = AF_INET6; if (cap_dns_family_limit(capdnsloc, families, 2) < 0) error("unable to limit access to system.dns service"); return (capdnsloc); } -#endif /* HAVE_CAPSICUM */ +#endif /* HAVE_CAPSPER */ #ifdef HAVE_PCAP_SET_TSTAMP_PRECISION static int tstamp_precision_from_string(const char *precision) { if (strncmp(precision, "nano", strlen("nano")) == 0) return PCAP_TSTAMP_PRECISION_NANO; if (strncmp(precision, "micro", strlen("micro")) == 0) return PCAP_TSTAMP_PRECISION_MICRO; return -EINVAL; } static const char * tstamp_precision_to_string(int precision) { switch (precision) { case PCAP_TSTAMP_PRECISION_MICRO: return "micro"; case PCAP_TSTAMP_PRECISION_NANO: return "nano"; default: return "unknown"; } } #endif -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER /* * Ensure that, on a dump file's descriptor, we have all the rights * necessary to make the standard I/O library work with an fdopen()ed * FILE * from that descriptor. * * A long time ago, in a galaxy far far away, AT&T decided that, instead * of providing separate APIs for getting and setting the FD_ flags on a * descriptor, getting and setting the O_ flags on a descriptor, and * locking files, they'd throw them all into a kitchen-sink fcntl() call * along the lines of ioctl(), the fact that ioctl() operations are * largely specific to particular character devices but fcntl() operations * are either generic to all descriptors or generic to all descriptors for * regular files nonwithstanding. * * The Capsicum people decided that fine-grained control of descriptor * operations was required, so that you need to grant permission for * reading, writing, seeking, and fcntl-ing. The latter, courtesy of * AT&T's decision, means that "fcntl-ing" isn't a thing, but a motley * collection of things, so there are *individual* fcntls for which * permission needs to be granted. * * The FreeBSD standard I/O people implemented some optimizations that * requires that the standard I/O routines be able to determine whether * the descriptor for the FILE * is open append-only or not; as that * descriptor could have come from an open() rather than an fopen(), * that requires that it be able to do an F_GETFL fcntl() to read * the O_ flags. * * Tcpdump uses ftell() to determine how much data has been written * to a file in order to, when used with -C, determine when it's time * to rotate capture files. ftell() therefore needs to do an lseek() * to find out the file offset and must, thanks to the aforementioned * optimization, also know whether the descriptor is open append-only * or not. * * The net result of all the above is that we need to grant CAP_SEEK, * CAP_WRITE, and CAP_FCNTL with the CAP_FCNTL_GETFL subcapability. * * Perhaps this is the universe's way of saying that either * * 1) there needs to be an fopenat() call and a pcap_dump_openat() call * using it, so that Capsicum-capable tcpdump wouldn't need to do * an fdopen() * * or * * 2) there needs to be a cap_fdopen() call in the FreeBSD standard * I/O library that knows what rights are needed by the standard * I/O library, based on the open mode, and assigns them, perhaps * with an additional argument indicating, for example, whether * seeking should be allowed, so that tcpdump doesn't need to know * what the standard I/O library happens to require this week. */ static void set_dumper_capsicum_rights(pcap_dumper_t *p) { int fd = fileno(pcap_dump_file(p)); cap_rights_t rights; cap_rights_init(&rights, CAP_SEEK, CAP_WRITE, CAP_FCNTL); if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) { error("unable to limit dump descriptor"); } if (cap_fcntls_limit(fd, CAP_FCNTL_GETFL) < 0 && errno != ENOSYS) { error("unable to limit dump descriptor fcntls"); } } #endif int main(int argc, char **argv) { register int cnt, op, i; bpf_u_int32 localnet =0 , netmask = 0; register char *cp, *infile, *cmdbuf, *device, *RFileName, *VFileName, *WFileName; pcap_handler callback; int type; int dlt; int new_dlt; const char *dlt_name; struct bpf_program fcode; #ifndef WIN32 RETSIGTYPE (*oldhandler)(int); #endif struct print_info printinfo; struct dump_info dumpinfo; u_char *pcap_userdata; char ebuf[PCAP_ERRBUF_SIZE]; char VFileLine[PATH_MAX + 1]; char *username = NULL; char *chroot_dir = NULL; char *ret = NULL; char *end; #ifdef HAVE_PCAP_FINDALLDEVS pcap_if_t *devpointer; int devnum; #endif int status; FILE *VFile; -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER cap_rights_t rights; -#endif /* HAVE_CAPSICUM */ +#endif /* HAVE_CAPSPER */ int cansandbox; #ifdef WIN32 if(wsockinit() != 0) return 1; #endif /* WIN32 */ jflag=-1; /* not set */ gndo->ndo_Oflag=1; gndo->ndo_Rflag=1; gndo->ndo_dlt=-1; gndo->ndo_default_print=ndo_default_print; gndo->ndo_printf=tcpdump_printf; gndo->ndo_error=ndo_error; gndo->ndo_warning=ndo_warning; gndo->ndo_snaplen = DEFAULT_SNAPLEN; gndo->ndo_immediate = 0; cnt = -1; device = NULL; infile = NULL; RFileName = NULL; VFileName = NULL; VFile = NULL; WFileName = NULL; dlt = -1; if ((cp = strrchr(argv[0], '/')) != NULL) program_name = cp + 1; else program_name = argv[0]; /* * On platforms where the CPU doesn't support unaligned loads, * force unaligned accesses to abort with SIGBUS, rather than * being fixed up (slowly) by the OS kernel; on those platforms, * misaligned accesses are bugs, and we want tcpdump to crash so * that the bugs are reported. */ if (abort_on_misalignment(ebuf, sizeof(ebuf)) < 0) error("%s", ebuf); #ifdef USE_LIBSMI smiInit("tcpdump"); #endif while ( (op = getopt_long(argc, argv, SHORTOPTS, longopts, NULL)) != -1) switch (op) { case 'a': /* compatibility for old -a */ break; case 'A': ++Aflag; break; case 'b': ++bflag; break; #if defined(HAVE_PCAP_CREATE) || defined(WIN32) case 'B': Bflag = atoi(optarg)*1024; if (Bflag <= 0) error("invalid packet buffer size %s", optarg); break; #endif /* defined(HAVE_PCAP_CREATE) || defined(WIN32) */ case 'c': cnt = atoi(optarg); if (cnt <= 0) error("invalid packet count %s", optarg); break; case 'C': Cflag = atoi(optarg) * 1000000; if (Cflag < 0) error("invalid file size %s", optarg); break; case 'd': ++dflag; break; case 'D': Dflag++; break; case 'L': Lflag++; break; case 'e': ++eflag; break; case 'E': #ifndef HAVE_LIBCRYPTO warning("crypto code not compiled in"); #endif gndo->ndo_espsecret = optarg; break; case 'f': ++fflag; break; case 'F': infile = optarg; break; case 'G': Gflag = atoi(optarg); if (Gflag < 0) error("invalid number of seconds %s", optarg); /* We will create one file initially. */ Gflag_count = 0; /* Grab the current time for rotation use. */ if ((Gflag_time = time(NULL)) == (time_t)-1) { error("main: can't get current time: %s", pcap_strerror(errno)); } break; case 'h': print_usage(); exit(0); break; case 'H': ++Hflag; break; case 'i': if (optarg[0] == '0' && optarg[1] == 0) error("Invalid adapter index"); #ifdef HAVE_PCAP_FINDALLDEVS /* * If the argument is a number, treat it as * an index into the list of adapters, as * printed by "tcpdump -D". * * This should be OK on UNIX systems, as interfaces * shouldn't have names that begin with digits. * It can be useful on Windows, where more than * one interface can have the same name. */ devnum = strtol(optarg, &end, 10); if (optarg != end && *end == '\0') { if (devnum < 0) error("Invalid adapter index"); if (pcap_findalldevs(&devpointer, ebuf) < 0) error("%s", ebuf); else { /* * Look for the devnum-th entry * in the list of devices * (1-based). */ for (i = 0; i < devnum-1 && devpointer != NULL; i++, devpointer = devpointer->next) ; if (devpointer == NULL) error("Invalid adapter index"); } device = devpointer->name; break; } #endif /* HAVE_PCAP_FINDALLDEVS */ device = optarg; break; #ifdef HAVE_PCAP_CREATE case 'I': ++Iflag; break; #endif /* HAVE_PCAP_CREATE */ #ifdef HAVE_PCAP_SET_TSTAMP_TYPE case 'j': jflag = pcap_tstamp_type_name_to_val(optarg); if (jflag < 0) error("invalid time stamp type %s", optarg); break; case 'J': Jflag++; break; #endif case 'l': #ifdef WIN32 /* * _IOLBF is the same as _IOFBF in Microsoft's C * libraries; the only alternative they offer * is _IONBF. * * XXX - this should really be checking for MSVC++, * not WIN32, if, for example, MinGW has its own * C library that is more UNIX-compatible. */ setvbuf(stdout, NULL, _IONBF, 0); #else /* WIN32 */ #ifdef HAVE_SETLINEBUF setlinebuf(stdout); #else setvbuf(stdout, NULL, _IOLBF, 0); #endif #endif /* WIN32 */ break; case 'K': ++Kflag; break; case 'm': #ifdef USE_LIBSMI if (smiLoadModule(optarg) == 0) { error("could not load MIB module %s", optarg); } sflag = 1; #else (void)fprintf(stderr, "%s: ignoring option `-m %s' ", program_name, optarg); (void)fprintf(stderr, "(no libsmi support)\n"); #endif break; case 'M': /* TCP-MD5 shared secret */ #ifndef HAVE_LIBCRYPTO warning("crypto code not compiled in"); #endif sigsecret = optarg; break; case 'n': ++nflag; break; case 'N': ++Nflag; break; case 'O': Oflag = 0; break; case 'p': ++pflag; break; case 'q': ++qflag; ++suppress_default_print; break; #ifdef HAVE_PCAP_SETDIRECTION case 'Q': if (strcasecmp(optarg, "in") == 0) Qflag = PCAP_D_IN; else if (strcasecmp(optarg, "out") == 0) Qflag = PCAP_D_OUT; else if (strcasecmp(optarg, "inout") == 0) Qflag = PCAP_D_INOUT; else error("unknown capture direction `%s'", optarg); break; #endif /* HAVE_PCAP_SETDIRECTION */ case 'r': RFileName = optarg; break; case 'R': Rflag = 0; break; case 's': snaplen = strtol(optarg, &end, 0); if (optarg == end || *end != '\0' || snaplen < 0 || snaplen > MAXIMUM_SNAPLEN) error("invalid snaplen %s", optarg); else if (snaplen == 0) snaplen = MAXIMUM_SNAPLEN; break; case 'S': ++Sflag; break; case 't': ++tflag; break; case 'T': if (strcasecmp(optarg, "vat") == 0) packettype = PT_VAT; else if (strcasecmp(optarg, "wb") == 0) packettype = PT_WB; else if (strcasecmp(optarg, "rpc") == 0) packettype = PT_RPC; else if (strcasecmp(optarg, "rtp") == 0) packettype = PT_RTP; else if (strcasecmp(optarg, "rtcp") == 0) packettype = PT_RTCP; else if (strcasecmp(optarg, "snmp") == 0) packettype = PT_SNMP; else if (strcasecmp(optarg, "cnfp") == 0) packettype = PT_CNFP; else if (strcasecmp(optarg, "tftp") == 0) packettype = PT_TFTP; else if (strcasecmp(optarg, "aodv") == 0) packettype = PT_AODV; else if (strcasecmp(optarg, "carp") == 0) packettype = PT_CARP; else if (strcasecmp(optarg, "radius") == 0) packettype = PT_RADIUS; else if (strcasecmp(optarg, "zmtp1") == 0) packettype = PT_ZMTP1; else if (strcasecmp(optarg, "vxlan") == 0) packettype = PT_VXLAN; else if (strcasecmp(optarg, "pgm") == 0) packettype = PT_PGM; else if (strcasecmp(optarg, "pgm_zmtp1") == 0) packettype = PT_PGM_ZMTP1; else if (strcasecmp(optarg, "lmp") == 0) packettype = PT_LMP; else error("unknown packet type `%s'", optarg); break; case 'u': ++uflag; break; #ifdef HAVE_PCAP_DUMP_FLUSH case 'U': ++Uflag; break; #endif case 'v': ++vflag; break; case 'V': VFileName = optarg; break; case 'w': WFileName = optarg; break; case 'W': Wflag = atoi(optarg); if (Wflag < 0) error("invalid number of output files %s", optarg); WflagChars = getWflagChars(Wflag); break; case 'x': ++xflag; ++suppress_default_print; break; case 'X': ++Xflag; ++suppress_default_print; break; case 'y': gndo->ndo_dltname = optarg; gndo->ndo_dlt = pcap_datalink_name_to_val(gndo->ndo_dltname); if (gndo->ndo_dlt < 0) error("invalid data link type %s", gndo->ndo_dltname); break; #if defined(HAVE_PCAP_DEBUG) || defined(HAVE_YYDEBUG) case 'Y': { /* Undocumented flag */ #ifdef HAVE_PCAP_DEBUG extern int pcap_debug; pcap_debug = 1; #else extern int yydebug; yydebug = 1; #endif } break; #endif case 'z': zflag = strdup(optarg); break; case 'Z': username = strdup(optarg); break; case '#': gndo->ndo_packet_number = 1; break; case OPTION_VERSION: print_version(); exit(0); break; #ifdef HAVE_PCAP_SET_TSTAMP_PRECISION case OPTION_TSTAMP_PRECISION: gndo->ndo_tstamp_precision = tstamp_precision_from_string(optarg); if (gndo->ndo_tstamp_precision < 0) error("unsupported time stamp precision"); break; #endif #ifdef HAVE_PCAP_SET_IMMEDIATE_MODE case OPTION_IMMEDIATE_MODE: gndo->ndo_immediate = 1; break; #endif default: print_usage(); exit(1); /* NOTREACHED */ } #ifdef HAVE_PCAP_FINDALLDEVS if (Dflag) show_devices_and_exit(); #endif switch (tflag) { case 0: /* Default */ case 4: /* Default + Date*/ thiszone = gmt2local(0); break; case 1: /* No time stamp */ case 2: /* Unix timeval style */ case 3: /* Microseconds since previous packet */ case 5: /* Microseconds since first packet */ break; default: /* Not supported */ error("only -t, -tt, -ttt, -tttt and -ttttt are supported"); break; } if (fflag != 0 && (VFileName != NULL || RFileName != NULL)) error("-f can not be used with -V or -r"); if (VFileName != NULL && RFileName != NULL) error("-V and -r are mutually exclusive."); #ifdef HAVE_PCAP_SET_IMMEDIATE_MODE /* * If we're printing dissected packets to the standard output * rather than saving raw packets to a file, and the standard * output is a terminal, use immediate mode, as the user's * probably expecting to see packets pop up immediately. */ if (WFileName == NULL && isatty(1)) gndo->ndo_immediate = 1; #endif #ifdef WITH_CHROOT /* if run as root, prepare for chrooting */ if (getuid() == 0 || geteuid() == 0) { /* future extensibility for cmd-line arguments */ if (!chroot_dir) chroot_dir = WITH_CHROOT; } #endif #ifdef WITH_USER /* if run as root, prepare for dropping root privileges */ if (getuid() == 0 || geteuid() == 0) { /* Run with '-Z root' to restore old behaviour */ if (!username) username = WITH_USER; } #endif if (RFileName != NULL || VFileName != NULL) { /* * If RFileName is non-null, it's the pathname of a * savefile to read. If VFileName is non-null, it's * the pathname of a file containing a list of pathnames * (one per line) of savefiles to read. * * In either case, we're reading a savefile, not doing * a live capture. */ #ifndef WIN32 /* * We don't need network access, so relinquish any set-UID * or set-GID privileges we have (if any). * * We do *not* want set-UID privileges when opening a * trace file, as that might let the user read other * people's trace files (especially if we're set-UID * root). */ if (setgid(getgid()) != 0 || setuid(getuid()) != 0 ) fprintf(stderr, "Warning: setgid/setuid failed !\n"); #endif /* WIN32 */ if (VFileName != NULL) { if (VFileName[0] == '-' && VFileName[1] == '\0') VFile = stdin; else VFile = fopen(VFileName, "r"); if (VFile == NULL) error("Unable to open file: %s\n", strerror(errno)); ret = get_next_file(VFile, VFileLine); if (!ret) error("Nothing in %s\n", VFileName); RFileName = VFileLine; } #ifdef HAVE_PCAP_SET_TSTAMP_PRECISION pd = pcap_open_offline_with_tstamp_precision(RFileName, gndo->ndo_tstamp_precision, ebuf); #else pd = pcap_open_offline(RFileName, ebuf); #endif if (pd == NULL) error("%s", ebuf); -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER cap_rights_init(&rights, CAP_READ); if (cap_rights_limit(fileno(pcap_file(pd)), &rights) < 0 && errno != ENOSYS) { error("unable to limit pcap descriptor"); } #endif dlt = pcap_datalink(pd); dlt_name = pcap_datalink_val_to_name(dlt); if (dlt_name == NULL) { fprintf(stderr, "reading from file %s, link-type %u\n", RFileName, dlt); } else { fprintf(stderr, "reading from file %s, link-type %s (%s)\n", RFileName, dlt_name, pcap_datalink_val_to_description(dlt)); } } else { /* * We're doing a live capture. */ if (device == NULL) { device = pcap_lookupdev(ebuf); if (device == NULL) error("%s", ebuf); } #ifdef WIN32 /* * Print a message to the standard error on Windows. * XXX - why do it here, with a different message? */ if(strlen(device) == 1) /* we assume that an ASCII string is always longer than 1 char */ { /* a Unicode string has a \0 as second byte (so strlen() is 1) */ fprintf(stderr, "%s: listening on %ws\n", program_name, device); } else { fprintf(stderr, "%s: listening on %s\n", program_name, device); } fflush(stderr); #endif /* WIN32 */ #ifdef HAVE_PCAP_CREATE pd = pcap_create(device, ebuf); if (pd == NULL) error("%s", ebuf); #ifdef HAVE_PCAP_SET_TSTAMP_TYPE if (Jflag) show_tstamp_types_and_exit(device, pd); #endif #ifdef HAVE_PCAP_SET_TSTAMP_PRECISION status = pcap_set_tstamp_precision(pd, gndo->ndo_tstamp_precision); if (status != 0) error("%s: Can't set %ssecond time stamp precision: %s", device, tstamp_precision_to_string(gndo->ndo_tstamp_precision), pcap_statustostr(status)); #endif #ifdef HAVE_PCAP_SET_IMMEDIATE_MODE if (gndo->ndo_immediate) { status = pcap_set_immediate_mode(pd, 1); if (status != 0) error("%s: Can't set immediate mode: %s", device, pcap_statustostr(status)); } #endif /* * Is this an interface that supports monitor mode? */ if (pcap_can_set_rfmon(pd) == 1) supports_monitor_mode = 1; else supports_monitor_mode = 0; status = pcap_set_snaplen(pd, snaplen); if (status != 0) error("%s: Can't set snapshot length: %s", device, pcap_statustostr(status)); status = pcap_set_promisc(pd, !pflag); if (status != 0) error("%s: Can't set promiscuous mode: %s", device, pcap_statustostr(status)); if (Iflag) { status = pcap_set_rfmon(pd, 1); if (status != 0) error("%s: Can't set monitor mode: %s", device, pcap_statustostr(status)); } status = pcap_set_timeout(pd, 1000); if (status != 0) error("%s: pcap_set_timeout failed: %s", device, pcap_statustostr(status)); if (Bflag != 0) { status = pcap_set_buffer_size(pd, Bflag); if (status != 0) error("%s: Can't set buffer size: %s", device, pcap_statustostr(status)); } #ifdef HAVE_PCAP_SET_TSTAMP_TYPE if (jflag != -1) { status = pcap_set_tstamp_type(pd, jflag); if (status < 0) error("%s: Can't set time stamp type: %s", device, pcap_statustostr(status)); } #endif status = pcap_activate(pd); if (status < 0) { /* * pcap_activate() failed. */ cp = pcap_geterr(pd); if (status == PCAP_ERROR) error("%s", cp); else if ((status == PCAP_ERROR_NO_SUCH_DEVICE || status == PCAP_ERROR_PERM_DENIED) && *cp != '\0') error("%s: %s\n(%s)", device, pcap_statustostr(status), cp); #ifdef __FreeBSD__ else if (status == PCAP_ERROR_RFMON_NOTSUP && strncmp(device, "wlan", 4) == 0) { char parent[8], newdev[8]; char sysctl[32]; size_t s = sizeof(parent); snprintf(sysctl, sizeof(sysctl), "net.wlan.%d.%%parent", atoi(device + 4)); sysctlbyname(sysctl, parent, &s, NULL, 0); strlcpy(newdev, device, sizeof(newdev)); /* Suggest a new wlan device. */ newdev[strlen(newdev)-1]++; error("%s is not a monitor mode VAP\n" "To create a new monitor mode VAP use:\n" " ifconfig %s create wlandev %s wlanmode " "monitor\nand use %s as the tcpdump " "interface", device, newdev, parent, newdev); } #endif else error("%s: %s", device, pcap_statustostr(status)); } else if (status > 0) { /* * pcap_activate() succeeded, but it's warning us * of a problem it had. */ cp = pcap_geterr(pd); if (status == PCAP_WARNING) warning("%s", cp); else if (status == PCAP_WARNING_PROMISC_NOTSUP && *cp != '\0') warning("%s: %s\n(%s)", device, pcap_statustostr(status), cp); else warning("%s: %s", device, pcap_statustostr(status)); } #ifdef HAVE_PCAP_SETDIRECTION if (Qflag != -1) { status = pcap_setdirection(pd, Qflag); if (status != 0) error("%s: pcap_setdirection() failed: %s", device, pcap_geterr(pd)); } #endif /* HAVE_PCAP_SETDIRECTION */ #else *ebuf = '\0'; pd = pcap_open_live(device, snaplen, !pflag, 1000, ebuf); if (pd == NULL) error("%s", ebuf); else if (*ebuf) warning("%s", ebuf); #endif /* HAVE_PCAP_CREATE */ /* * Let user own process after socket has been opened. */ #ifndef WIN32 if (setgid(getgid()) != 0 || setuid(getuid()) != 0) fprintf(stderr, "Warning: setgid/setuid failed !\n"); #endif /* WIN32 */ #if !defined(HAVE_PCAP_CREATE) && defined(WIN32) if(Bflag != 0) if(pcap_setbuff(pd, Bflag)==-1){ error("%s", pcap_geterr(pd)); } #endif /* !defined(HAVE_PCAP_CREATE) && defined(WIN32) */ if (Lflag) show_dlts_and_exit(device, pd); if (gndo->ndo_dlt >= 0) { #ifdef HAVE_PCAP_SET_DATALINK if (pcap_set_datalink(pd, gndo->ndo_dlt) < 0) error("%s", pcap_geterr(pd)); #else /* * We don't actually support changing the * data link type, so we only let them * set it to what it already is. */ if (gndo->ndo_dlt != pcap_datalink(pd)) { error("%s is not one of the DLTs supported by this device\n", gndo->ndo_dltname); } #endif (void)fprintf(stderr, "%s: data link type %s\n", program_name, gndo->ndo_dltname); (void)fflush(stderr); } i = pcap_snapshot(pd); if (snaplen < i) { warning("snaplen raised from %d to %d", snaplen, i); snaplen = i; } if(fflag != 0) { if (pcap_lookupnet(device, &localnet, &netmask, ebuf) < 0) { warning("foreign (-f) flag used but: %s", ebuf); } } } if (infile) cmdbuf = read_infile(infile); else cmdbuf = copy_argv(&argv[optind]); if (pcap_compile(pd, &fcode, cmdbuf, Oflag, netmask) < 0) error("%s", pcap_geterr(pd)); if (dflag) { bpf_dump(&fcode, dflag); pcap_close(pd); free(cmdbuf); exit(0); } -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER if (!nflag) capdns = capdns_setup(); -#endif /* HAVE_CAPSICUM */ +#endif /* HAVE_CAPSPER */ init_addrtoname(gndo, localnet, netmask); init_checksum(); #ifndef WIN32 (void)setsignal(SIGPIPE, cleanup); (void)setsignal(SIGTERM, cleanup); (void)setsignal(SIGINT, cleanup); #endif /* WIN32 */ #if defined(HAVE_FORK) || defined(HAVE_VFORK) (void)setsignal(SIGCHLD, child_cleanup); #endif /* Cooperate with nohup(1) */ #ifndef WIN32 if ((oldhandler = setsignal(SIGHUP, cleanup)) != SIG_DFL) (void)setsignal(SIGHUP, oldhandler); #endif /* WIN32 */ #ifndef WIN32 /* * If a user name was specified with "-Z", attempt to switch to * that user's UID. This would probably be used with sudo, * to allow tcpdump to be run in a special restricted * account (if you just want to allow users to open capture * devices, and can't just give users that permission, * you'd make tcpdump set-UID or set-GID). * * Tcpdump doesn't necessarily write only to one savefile; * the general only way to allow a -Z instance to write to * savefiles as the user under whose UID it's run, rather * than as the user specified with -Z, would thus be to switch * to the original user ID before opening a capture file and * then switch back to the -Z user ID after opening the savefile. * Switching to the -Z user ID only after opening the first * savefile doesn't handle the general case. */ if (getuid() == 0 || geteuid() == 0) { #ifdef HAVE_LIBCAP_NG /* Initialize capng */ capng_clear(CAPNG_SELECT_BOTH); if (username) { capng_updatev( CAPNG_ADD, CAPNG_PERMITTED | CAPNG_EFFECTIVE, CAP_SETUID, CAP_SETGID, -1); } if (WFileName) { capng_update( CAPNG_ADD, CAPNG_PERMITTED | CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE ); } capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ if (username || chroot_dir) droproot(username, chroot_dir); } #endif /* WIN32 */ if (pcap_setfilter(pd, &fcode) < 0) error("%s", pcap_geterr(pd)); -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER if (RFileName == NULL && VFileName == NULL) { static const unsigned long cmds[] = { BIOCGSTATS }; /* * The various libpcap devices use a combination of * read (bpf), ioctl (bpf, netmap), poll (netmap). * Grant the relevant access rights, sorted by name. */ cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ); if (cap_rights_limit(pcap_fileno(pd), &rights) < 0 && errno != ENOSYS) { error("unable to limit pcap descriptor"); } if (cap_ioctls_limit(pcap_fileno(pd), cmds, sizeof(cmds) / sizeof(cmds[0])) < 0 && errno != ENOSYS) { error("unable to limit ioctls on pcap descriptor"); } } #endif if (WFileName) { pcap_dumper_t *p; /* Do not exceed the default PATH_MAX for files. */ dumpinfo.CurrentFileName = (char *)malloc(PATH_MAX + 1); if (dumpinfo.CurrentFileName == NULL) error("malloc of dumpinfo.CurrentFileName"); /* We do not need numbering for dumpfiles if Cflag isn't set. */ if (Cflag != 0) MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, WflagChars); else MakeFilename(dumpinfo.CurrentFileName, WFileName, 0, 0); p = pcap_dump_open(pd, dumpinfo.CurrentFileName); #ifdef HAVE_LIBCAP_NG /* Give up CAP_DAC_OVERRIDE capability. * Only allow it to be restored if the -C or -G flag have been * set since we may need to create more files later on. */ capng_update( CAPNG_DROP, (Cflag || Gflag ? 0 : CAPNG_PERMITTED) | CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE ); capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ if (p == NULL) error("%s", pcap_geterr(pd)); -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER set_dumper_capsicum_rights(p); #endif if (Cflag != 0 || Gflag != 0) { -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER dumpinfo.WFileName = strdup(basename(WFileName)); dumpinfo.dirfd = open(dirname(WFileName), O_DIRECTORY | O_RDONLY); if (dumpinfo.dirfd < 0) { error("unable to open directory %s", dirname(WFileName)); } cap_rights_init(&rights, CAP_CREATE, CAP_FCNTL, CAP_FTRUNCATE, CAP_LOOKUP, CAP_SEEK, CAP_WRITE); if (cap_rights_limit(dumpinfo.dirfd, &rights) < 0 && errno != ENOSYS) { error("unable to limit directory rights"); } if (cap_fcntls_limit(dumpinfo.dirfd, CAP_FCNTL_GETFL) < 0 && errno != ENOSYS) { error("unable to limit dump descriptor fcntls"); } -#else /* !HAVE_CAPSICUM */ +#else /* !HAVE_CAPSPER */ dumpinfo.WFileName = WFileName; #endif callback = dump_packet_and_trunc; dumpinfo.pd = pd; dumpinfo.p = p; pcap_userdata = (u_char *)&dumpinfo; } else { callback = dump_packet; pcap_userdata = (u_char *)p; } #ifdef HAVE_PCAP_DUMP_FLUSH if (Uflag) pcap_dump_flush(p); #endif } else { type = pcap_datalink(pd); printinfo = get_print_info(type); callback = print_packet; pcap_userdata = (u_char *)&printinfo; } #ifdef SIGNAL_REQ_INFO /* * We can't get statistics when reading from a file rather * than capturing from a device. */ if (RFileName == NULL) (void)setsignal(SIGNAL_REQ_INFO, requestinfo); #endif if (vflag > 0 && WFileName) { /* * When capturing to a file, "-v" means tcpdump should, * every 10 secodns, "v"erbosely report the number of * packets captured. */ #ifdef USE_WIN32_MM_TIMER /* call verbose_stats_dump() each 1000 +/-100msec */ timer_id = timeSetEvent(1000, 100, verbose_stats_dump, 0, TIME_PERIODIC); setvbuf(stderr, NULL, _IONBF, 0); #elif defined(HAVE_ALARM) (void)setsignal(SIGALRM, verbose_stats_dump); alarm(1); #endif } #ifndef WIN32 if (RFileName == NULL) { /* * Live capture (if -V was specified, we set RFileName * to a file from the -V file). Print a message to * the standard error on UN*X. */ if (!vflag && !WFileName) { (void)fprintf(stderr, "%s: verbose output suppressed, use -v or -vv for full protocol decode\n", program_name); } else (void)fprintf(stderr, "%s: ", program_name); dlt = pcap_datalink(pd); dlt_name = pcap_datalink_val_to_name(dlt); if (dlt_name == NULL) { (void)fprintf(stderr, "listening on %s, link-type %u, capture size %u bytes\n", device, dlt, snaplen); } else { (void)fprintf(stderr, "listening on %s, link-type %s (%s), capture size %u bytes\n", device, dlt_name, pcap_datalink_val_to_description(dlt), snaplen); } (void)fflush(stderr); } #endif /* WIN32 */ #ifdef __FreeBSD__ cansandbox = (VFileName == NULL && zflag == NULL); -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER cansandbox = (cansandbox && (nflag || capdns != NULL)); #else cansandbox = (cansandbox && nflag); #endif if (cansandbox && cap_enter() < 0 && errno != ENOSYS) error("unable to enter the capability mode"); #endif /* __FreeBSD__ */ do { status = pcap_loop(pd, cnt, callback, pcap_userdata); if (WFileName == NULL) { /* * We're printing packets. Flush the printed output, * so it doesn't get intermingled with error output. */ if (status == -2) { /* * We got interrupted, so perhaps we didn't * manage to finish a line we were printing. * Print an extra newline, just in case. */ putchar('\n'); } (void)fflush(stdout); } if (status == -2) { /* * We got interrupted. If we are reading multiple * files (via -V) set these so that we stop. */ VFileName = NULL; ret = NULL; } if (status == -1) { /* * Error. Report it. */ (void)fprintf(stderr, "%s: pcap_loop: %s\n", program_name, pcap_geterr(pd)); } if (RFileName == NULL) { /* * We're doing a live capture. Report the capture * statistics. */ info(1); } pcap_close(pd); if (VFileName != NULL) { ret = get_next_file(VFile, VFileLine); if (ret) { RFileName = VFileLine; pd = pcap_open_offline(RFileName, ebuf); if (pd == NULL) error("%s", ebuf); -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER cap_rights_init(&rights, CAP_READ); if (cap_rights_limit(fileno(pcap_file(pd)), &rights) < 0 && errno != ENOSYS) { error("unable to limit pcap descriptor"); } #endif new_dlt = pcap_datalink(pd); if (WFileName && new_dlt != dlt) error("%s: new dlt does not match original", RFileName); printinfo = get_print_info(new_dlt); dlt_name = pcap_datalink_val_to_name(new_dlt); if (dlt_name == NULL) { fprintf(stderr, "reading from file %s, link-type %u\n", RFileName, new_dlt); } else { fprintf(stderr, "reading from file %s, link-type %s (%s)\n", RFileName, dlt_name, pcap_datalink_val_to_description(new_dlt)); } if (pcap_compile(pd, &fcode, cmdbuf, Oflag, netmask) < 0) error("%s", pcap_geterr(pd)); if (pcap_setfilter(pd, &fcode) < 0) error("%s", pcap_geterr(pd)); } } } while (ret != NULL); free(cmdbuf); exit(status == -1 ? 1 : 0); } /* make a clean exit on interrupts */ static RETSIGTYPE cleanup(int signo _U_) { #ifdef USE_WIN32_MM_TIMER if (timer_id) timeKillEvent(timer_id); timer_id = 0; #elif defined(HAVE_ALARM) alarm(0); #endif #ifdef HAVE_PCAP_BREAKLOOP /* * We have "pcap_breakloop()"; use it, so that we do as little * as possible in the signal handler (it's probably not safe * to do anything with standard I/O streams in a signal handler - * the ANSI C standard doesn't say it is). */ pcap_breakloop(pd); #else /* * We don't have "pcap_breakloop()"; this isn't safe, but * it's the best we can do. Print the summary if we're * not reading from a savefile - i.e., if we're doing a * live capture - and exit. */ if (pd != NULL && pcap_file(pd) == NULL) { /* * We got interrupted, so perhaps we didn't * manage to finish a line we were printing. * Print an extra newline, just in case. */ putchar('\n'); (void)fflush(stdout); info(1); } exit(0); #endif } /* On windows, we do not use a fork, so we do not care less about waiting a child processes to die */ #if defined(HAVE_FORK) || defined(HAVE_VFORK) static RETSIGTYPE child_cleanup(int signo _U_) { wait(NULL); } #endif /* HAVE_FORK && HAVE_VFORK */ static void info(register int verbose) { struct pcap_stat stat; /* * Older versions of libpcap didn't set ps_ifdrop on some * platforms; initialize it to 0 to handle that. */ stat.ps_ifdrop = 0; if (pcap_stats(pd, &stat) < 0) { (void)fprintf(stderr, "pcap_stats: %s\n", pcap_geterr(pd)); infoprint = 0; return; } if (!verbose) fprintf(stderr, "%s: ", program_name); (void)fprintf(stderr, "%u packet%s captured", packets_captured, PLURAL_SUFFIX(packets_captured)); if (!verbose) fputs(", ", stderr); else putc('\n', stderr); (void)fprintf(stderr, "%u packet%s received by filter", stat.ps_recv, PLURAL_SUFFIX(stat.ps_recv)); if (!verbose) fputs(", ", stderr); else putc('\n', stderr); (void)fprintf(stderr, "%u packet%s dropped by kernel", stat.ps_drop, PLURAL_SUFFIX(stat.ps_drop)); if (stat.ps_ifdrop != 0) { if (!verbose) fputs(", ", stderr); else putc('\n', stderr); (void)fprintf(stderr, "%u packet%s dropped by interface\n", stat.ps_ifdrop, PLURAL_SUFFIX(stat.ps_ifdrop)); } else putc('\n', stderr); infoprint = 0; } #if defined(HAVE_FORK) || defined(HAVE_VFORK) static void compress_savefile(const char *filename) { # ifdef HAVE_FORK if (fork()) # else if (vfork()) # endif return; /* * Set to lowest priority so that this doesn't disturb the capture */ #ifdef NZERO setpriority(PRIO_PROCESS, 0, NZERO - 1); #else setpriority(PRIO_PROCESS, 0, 19); #endif if (execlp(zflag, zflag, filename, (char *)NULL) == -1) fprintf(stderr, "compress_savefile:execlp(%s, %s): %s\n", zflag, filename, strerror(errno)); # ifdef HAVE_FORK exit(1); # else _exit(1); # endif } #else /* HAVE_FORK && HAVE_VFORK */ static void compress_savefile(const char *filename) { fprintf(stderr, "compress_savefile failed. Functionality not implemented under your system\n"); } #endif /* HAVE_FORK && HAVE_VFORK */ static void dump_packet_and_trunc(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) { struct dump_info *dump_info; ++packets_captured; ++infodelay; dump_info = (struct dump_info *)user; /* * XXX - this won't force the file to rotate on the specified time * boundary, but it will rotate on the first packet received after the * specified Gflag number of seconds. Note: if a Gflag time boundary * and a Cflag size boundary coincide, the time rotation will occur * first thereby cancelling the Cflag boundary (since the file should * be 0). */ if (Gflag != 0) { /* Check if it is time to rotate */ time_t t; /* Get the current time */ if ((t = time(NULL)) == (time_t)-1) { error("dump_and_trunc_packet: can't get current_time: %s", pcap_strerror(errno)); } /* If the time is greater than the specified window, rotate */ if (t - Gflag_time >= Gflag) { -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER FILE *fp; int fd; #endif /* Update the Gflag_time */ Gflag_time = t; /* Update Gflag_count */ Gflag_count++; /* * Close the current file and open a new one. */ pcap_dump_close(dump_info->p); /* * Compress the file we just closed, if the user asked for it */ if (zflag != NULL) compress_savefile(dump_info->CurrentFileName); /* * Check to see if we've exceeded the Wflag (when * not using Cflag). */ if (Cflag == 0 && Wflag > 0 && Gflag_count >= Wflag) { (void)fprintf(stderr, "Maximum file limit reached: %d\n", Wflag); exit(0); /* NOTREACHED */ } if (dump_info->CurrentFileName != NULL) free(dump_info->CurrentFileName); /* Allocate space for max filename + \0. */ dump_info->CurrentFileName = (char *)malloc(PATH_MAX + 1); if (dump_info->CurrentFileName == NULL) error("dump_packet_and_trunc: malloc"); /* * Gflag was set otherwise we wouldn't be here. Reset the count * so multiple files would end with 1,2,3 in the filename. * The counting is handled with the -C flow after this. */ Cflag_count = 0; /* * This is always the first file in the Cflag * rotation: e.g. 0 * We also don't need numbering if Cflag is not set. */ if (Cflag != 0) MakeFilename(dump_info->CurrentFileName, dump_info->WFileName, 0, WflagChars); else MakeFilename(dump_info->CurrentFileName, dump_info->WFileName, 0, 0); #ifdef HAVE_LIBCAP_NG capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE); capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER fd = openat(dump_info->dirfd, dump_info->CurrentFileName, O_CREAT | O_WRONLY | O_TRUNC, 0644); if (fd < 0) { error("unable to open file %s", dump_info->CurrentFileName); } fp = fdopen(fd, "w"); if (fp == NULL) { error("unable to fdopen file %s", dump_info->CurrentFileName); } dump_info->p = pcap_dump_fopen(dump_info->pd, fp); -#else /* !HAVE_CAPSICUM */ +#else /* !HAVE_CAPSPER */ dump_info->p = pcap_dump_open(dump_info->pd, dump_info->CurrentFileName); #endif #ifdef HAVE_LIBCAP_NG capng_update(CAPNG_DROP, CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE); capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ if (dump_info->p == NULL) error("%s", pcap_geterr(pd)); -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER set_dumper_capsicum_rights(dump_info->p); #endif } } /* * XXX - this won't prevent capture files from getting * larger than Cflag - the last packet written to the * file could put it over Cflag. */ if (Cflag != 0) { long size = pcap_dump_ftell(dump_info->p); if (size == -1) error("ftell fails on output file"); if (size > Cflag) { -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER FILE *fp; int fd; #endif /* * Close the current file and open a new one. */ pcap_dump_close(dump_info->p); /* * Compress the file we just closed, if the user * asked for it. */ if (zflag != NULL) compress_savefile(dump_info->CurrentFileName); Cflag_count++; if (Wflag > 0) { if (Cflag_count >= Wflag) Cflag_count = 0; } if (dump_info->CurrentFileName != NULL) free(dump_info->CurrentFileName); dump_info->CurrentFileName = (char *)malloc(PATH_MAX + 1); if (dump_info->CurrentFileName == NULL) error("dump_packet_and_trunc: malloc"); MakeFilename(dump_info->CurrentFileName, dump_info->WFileName, Cflag_count, WflagChars); #ifdef HAVE_LIBCAP_NG capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE); capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER fd = openat(dump_info->dirfd, dump_info->CurrentFileName, O_CREAT | O_WRONLY | O_TRUNC, 0644); if (fd < 0) { error("unable to open file %s", dump_info->CurrentFileName); } fp = fdopen(fd, "w"); if (fp == NULL) { error("unable to fdopen file %s", dump_info->CurrentFileName); } dump_info->p = pcap_dump_fopen(dump_info->pd, fp); -#else /* !HAVE_CAPSICUM */ +#else /* !HAVE_CAPSPER */ dump_info->p = pcap_dump_open(dump_info->pd, dump_info->CurrentFileName); #endif #ifdef HAVE_LIBCAP_NG capng_update(CAPNG_DROP, CAPNG_EFFECTIVE, CAP_DAC_OVERRIDE); capng_apply(CAPNG_SELECT_BOTH); #endif /* HAVE_LIBCAP_NG */ if (dump_info->p == NULL) error("%s", pcap_geterr(pd)); -#ifdef HAVE_CAPSICUM +#ifdef HAVE_CAPSPER set_dumper_capsicum_rights(dump_info->p); #endif } } pcap_dump((u_char *)dump_info->p, h, sp); #ifdef HAVE_PCAP_DUMP_FLUSH if (Uflag) pcap_dump_flush(dump_info->p); #endif --infodelay; if (infoprint) info(0); } static void dump_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) { ++packets_captured; ++infodelay; pcap_dump(user, h, sp); #ifdef HAVE_PCAP_DUMP_FLUSH if (Uflag) pcap_dump_flush((pcap_dumper_t *)user); #endif --infodelay; if (infoprint) info(0); } static void print_packet(u_char *user, const struct pcap_pkthdr *h, const u_char *sp) { struct print_info *print_info; u_int hdrlen; netdissect_options *ndo; ++packets_captured; ++infodelay; print_info = (struct print_info *)user; ndo = print_info->ndo; if(ndo->ndo_packet_number) ND_PRINT((ndo, "%5u ", packets_captured)); ts_print(ndo, &h->ts); /* * Some printers want to check that they're not walking off the * end of the packet. * Rather than pass it all the way down, we set this member * of the netdissect_options structure. */ ndo->ndo_snapend = sp + h->caplen; if(print_info->ndo_type) { hdrlen = (*print_info->p.ndo_printer)(print_info->ndo, h, sp); } else { hdrlen = (*print_info->p.printer)(h, sp); } /* * Restore the original snapend, as a printer might have * changed it. */ ndo->ndo_snapend = sp + h->caplen; if (ndo->ndo_Xflag) { /* * Print the raw packet data in hex and ASCII. */ if (ndo->ndo_Xflag > 1) { /* * Include the link-layer header. */ hex_and_ascii_print(ndo, "\n\t", sp, h->caplen); } else { /* * Don't include the link-layer header - and if * we have nothing past the link-layer header, * print nothing. */ if (h->caplen > hdrlen) hex_and_ascii_print(ndo, "\n\t", sp + hdrlen, h->caplen - hdrlen); } } else if (ndo->ndo_xflag) { /* * Print the raw packet data in hex. */ if (ndo->ndo_xflag > 1) { /* * Include the link-layer header. */ hex_print(ndo, "\n\t", sp, h->caplen); } else { /* * Don't include the link-layer header - and if * we have nothing past the link-layer header, * print nothing. */ if (h->caplen > hdrlen) hex_print(ndo, "\n\t", sp + hdrlen, h->caplen - hdrlen); } } else if (ndo->ndo_Aflag) { /* * Print the raw packet data in ASCII. */ if (ndo->ndo_Aflag > 1) { /* * Include the link-layer header. */ ascii_print(ndo, sp, h->caplen); } else { /* * Don't include the link-layer header - and if * we have nothing past the link-layer header, * print nothing. */ if (h->caplen > hdrlen) ascii_print(ndo, sp + hdrlen, h->caplen - hdrlen); } } putchar('\n'); --infodelay; if (infoprint) info(0); } #ifdef WIN32 /* * XXX - there should really be libpcap calls to get the version * number as a string (the string would be generated from #defines * at run time, so that it's not generated from string constants * in the library, as, on many UNIX systems, those constants would * be statically linked into the application executable image, and * would thus reflect the version of libpcap on the system on * which the application was *linked*, not the system on which it's * *running*. * * That routine should be documented, unlike the "version[]" * string, so that UNIX vendors providing their own libpcaps * don't omit it (as a couple of vendors have...). * * Packet.dll should perhaps also export a routine to return the * version number of the Packet.dll code, to supply the * "Wpcap_version" information on Windows. */ char WDversion[]="current-git.tcpdump.org"; #if !defined(HAVE_GENERATED_VERSION) char version[]="current-git.tcpdump.org"; #endif char pcap_version[]="current-git.tcpdump.org"; char Wpcap_version[]="3.1"; #endif /* * By default, print the specified data out in hex and ASCII. */ static void ndo_default_print(netdissect_options *ndo, const u_char *bp, u_int length) { hex_and_ascii_print(ndo, "\n\t", bp, length); /* pass on lf and indentation string */ } void default_print(const u_char *bp, u_int length) { ndo_default_print(gndo, bp, length); } #ifdef SIGNAL_REQ_INFO RETSIGTYPE requestinfo(int signo _U_) { if (infodelay) ++infoprint; else info(0); } #endif /* * Called once each second in verbose mode while dumping to file */ #ifdef USE_WIN32_MM_TIMER void CALLBACK verbose_stats_dump (UINT timer_id _U_, UINT msg _U_, DWORD_PTR arg _U_, DWORD_PTR dw1 _U_, DWORD_PTR dw2 _U_) { struct pcap_stat stat; if (infodelay == 0 && pcap_stats(pd, &stat) >= 0) fprintf(stderr, "Got %u\r", packets_captured); } #elif defined(HAVE_ALARM) static void verbose_stats_dump(int sig _U_) { struct pcap_stat stat; if (infodelay == 0 && pcap_stats(pd, &stat) >= 0) fprintf(stderr, "Got %u\r", packets_captured); alarm(1); } #endif USES_APPLE_DEPRECATED_API static void print_version(void) { extern char version[]; #ifndef HAVE_PCAP_LIB_VERSION #if defined(WIN32) || defined(HAVE_PCAP_VERSION) extern char pcap_version[]; #else /* defined(WIN32) || defined(HAVE_PCAP_VERSION) */ static char pcap_version[] = "unknown"; #endif /* defined(WIN32) || defined(HAVE_PCAP_VERSION) */ #endif /* HAVE_PCAP_LIB_VERSION */ #ifdef HAVE_PCAP_LIB_VERSION #ifdef WIN32 (void)fprintf(stderr, "%s version %s, based on tcpdump version %s\n", program_name, WDversion, version); #else /* WIN32 */ (void)fprintf(stderr, "%s version %s\n", program_name, version); #endif /* WIN32 */ (void)fprintf(stderr, "%s\n",pcap_lib_version()); #else /* HAVE_PCAP_LIB_VERSION */ #ifdef WIN32 (void)fprintf(stderr, "%s version %s, based on tcpdump version %s\n", program_name, WDversion, version); (void)fprintf(stderr, "WinPcap version %s, based on libpcap version %s\n",Wpcap_version, pcap_version); #else /* WIN32 */ (void)fprintf(stderr, "%s version %s\n", program_name, version); (void)fprintf(stderr, "libpcap version %s\n", pcap_version); #endif /* WIN32 */ #endif /* HAVE_PCAP_LIB_VERSION */ #if defined(HAVE_LIBCRYPTO) && defined(SSLEAY_VERSION) (void)fprintf (stderr, "%s\n", SSLeay_version(SSLEAY_VERSION)); #endif #ifdef USE_LIBSMI (void)fprintf (stderr, "SMI-library: %s\n", smi_version_string); #endif } USES_APPLE_RST static void print_usage(void) { print_version(); (void)fprintf(stderr, "Usage: %s [-aAbd" D_FLAG "efhH" I_FLAG J_FLAG "KlLnNOpqRStu" U_FLAG "vxX#]" B_FLAG_USAGE " [ -c count ]\n", program_name); (void)fprintf(stderr, "\t\t[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]\n"); (void)fprintf(stderr, "\t\t[ -i interface ]" j_FLAG_USAGE " [ -M secret ] [ --number ]\n"); #ifdef HAVE_PCAP_SETDIRECTION (void)fprintf(stderr, "\t\t[ -Q in|out|inout ]\n"); #endif (void)fprintf(stderr, "\t\t[ -r file ] [ -s snaplen ] "); #ifdef HAVE_PCAP_SET_TSTAMP_PRECISION (void)fprintf(stderr, "[ --time-stamp-precision precision ]\n"); (void)fprintf(stderr, "\t\t"); #endif #ifdef HAVE_PCAP_SET_IMMEDIATE_MODE (void)fprintf(stderr, "[ --immediate-mode ] "); #endif (void)fprintf(stderr, "[ -T type ] [ --version ] [ -V file ]\n"); (void)fprintf(stderr, "\t\t[ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z command ]\n"); (void)fprintf(stderr, "\t\t[ -Z user ] [ expression ]\n"); } /* VARARGS */ static void ndo_error(netdissect_options *ndo _U_, const char *fmt, ...) { va_list ap; (void)fprintf(stderr, "%s: ", program_name); va_start(ap, fmt); (void)vfprintf(stderr, fmt, ap); va_end(ap); if (*fmt) { fmt += strlen(fmt); if (fmt[-1] != '\n') (void)fputc('\n', stderr); } exit(1); /* NOTREACHED */ } /* VARARGS */ static void ndo_warning(netdissect_options *ndo _U_, const char *fmt, ...) { va_list ap; (void)fprintf(stderr, "%s: WARNING: ", program_name); va_start(ap, fmt); (void)vfprintf(stderr, fmt, ap); va_end(ap); if (*fmt) { fmt += strlen(fmt); if (fmt[-1] != '\n') (void)fputc('\n', stderr); } } /* * Local Variables: * c-style: whitesmith * c-basic-offset: 8 * End: */ Index: head/etc/defaults/rc.conf =================================================================== --- head/etc/defaults/rc.conf (revision 296046) +++ head/etc/defaults/rc.conf (revision 296047) @@ -1,735 +1,734 @@ #!/bin/sh # This is rc.conf - a file full of useful variables that you can set # to change the default startup behavior of your system. You should # not edit this file! Put any overrides into one of the ${rc_conf_files} # instead and you will be able to update these defaults later without # spamming your local configuration information. # # The ${rc_conf_files} files should only contain values which override # values set in this file. This eases the upgrade path when defaults # are changed and new features are added. # # All arguments must be in double or single quotes. # # For a more detailed explanation of all the rc.conf variables, please # refer to the rc.conf(5) manual page. # # $FreeBSD$ ############################################################## ### Important initial Boot-time options #################### ############################################################## #rc_debug="NO" # Set to YES to enable debugging output from rc.d rc_info="NO" # Enables display of informational messages at boot. rc_startmsgs="YES" # Show "Starting foo:" messages at boot rcshutdown_timeout="90" # Seconds to wait before terminating rc.shutdown early_late_divider="FILESYSTEMS" # Script that separates early/late # stages of the boot process. Make sure you know # the ramifications if you change this. # See rc.conf(5) for more details. always_force_depends="NO" # Set to check that indicated dependencies are # running during boot (can increase boot time). apm_enable="NO" # Set to YES to enable APM BIOS functions (or NO). apmd_enable="NO" # Run apmd to handle APM event from userland. apmd_flags="" # Flags to apmd (if enabled). ddb_enable="NO" # Set to YES to load ddb scripts at boot. ddb_config="/etc/ddb.conf" # ddb(8) config file. devd_enable="YES" # Run devd, to trigger programs on device tree changes. devd_flags="" # Additional flags for devd(8). #kld_list="" # Kernel modules to load after local disks are mounted kldxref_enable="NO" # Build linker.hints files with kldxref(8). kldxref_clobber="NO" # Overwrite old linker.hints at boot. kldxref_module_path="" # Override kern.module_path. A ';'-delimited list. powerd_enable="NO" # Run powerd to lower our power usage. powerd_flags="" # Flags to powerd (if enabled). tmpmfs="AUTO" # Set to YES to always create an mfs /tmp, NO to never tmpsize="20m" # Size of mfs /tmp if created tmpmfs_flags="-S" # Extra mdmfs options for the mfs /tmp varmfs="AUTO" # Set to YES to always create an mfs /var, NO to never varsize="32m" # Size of mfs /var if created varmfs_flags="-S" # Extra mount options for the mfs /var populate_var="AUTO" # Set to YES to always (re)populate /var, NO to never cleanvar_enable="YES" # Clean the /var directory local_startup="/usr/local/etc/rc.d" # startup script dirs. script_name_sep=" " # Change if your startup scripts' names contain spaces rc_conf_files="/etc/rc.conf /etc/rc.conf.local" # ZFS support zfs_enable="NO" # Set to YES to automatically mount ZFS file systems gptboot_enable="YES" # GPT boot success/failure reporting. # Experimental - test before enabling gbde_autoattach_all="NO" # YES automatically mounts gbde devices from fstab gbde_devices="NO" # Devices to automatically attach (list, or AUTO) gbde_attach_attempts="3" # Number of times to attempt attaching gbde devices gbde_lockdir="/etc" # Where to look for gbde lockfiles # GELI disk encryption configuration. geli_devices="" # List of devices to automatically attach in addition to # GELI devices listed in /etc/fstab. geli_tries="" # Number of times to attempt attaching geli device. # If empty, kern.geom.eli.tries will be used. geli_default_flags="" # Default flags for geli(8). geli_autodetach="YES" # Automatically detach on last close. # Providers are marked as such when all file systems are # mounted. # Example use. #geli_devices="da1 mirror/home" #geli_da1_flags="-p -k /etc/geli/da1.keys" #geli_da1_autodetach="NO" #geli_mirror_home_flags="-k /etc/geli/home.keys" root_rw_mount="YES" # Set to NO to inhibit remounting root read-write. root_hold_delay="30" # Time to wait for root mount hold release. fsck_y_enable="NO" # Set to YES to do fsck -y if the initial preen fails. fsck_y_flags="" # Additional flags for fsck -y background_fsck="YES" # Attempt to run fsck in the background where possible. background_fsck_delay="60" # Time to wait (seconds) before starting the fsck. netfs_types="nfs:NFS smbfs:SMB" # Net filesystems. extra_netfs_types="NO" # List of network extra filesystem types for delayed # mount at startup (or NO). ############################################################## ### Network configuration sub-section ###################### ############################################################## ### Basic network and firewall/security options: ### hostname="" # Set this! hostid_enable="YES" # Set host UUID. hostid_file="/etc/hostid" # File with hostuuid. nisdomainname="NO" # Set to NIS domain if using NIS (or NO). dhclient_program="/sbin/dhclient" # Path to dhcp client program. dhclient_flags="" # Extra flags to pass to dhcp client. #dhclient_flags_fxp0="" # Extra dhclient flags for fxp0 only background_dhclient="NO" # Start dhcp client in the background. #background_dhclient_fxp0="YES" # Start dhcp client on fxp0 in the background. synchronous_dhclient="NO" # Start dhclient directly on configured # interfaces during startup. defaultroute_delay="30" # Time to wait for a default route on a DHCP interface. defaultroute_carrier_delay="5" # Time to wait for carrier while waiting for a default route. netif_enable="YES" # Set to YES to initialize network interfaces netif_ipexpand_max="2048" # Maximum number of IP addrs in a range spec. wpa_supplicant_program="/usr/sbin/wpa_supplicant" wpa_supplicant_flags="-s" # Extra flags to pass to wpa_supplicant wpa_supplicant_conf_file="/etc/wpa_supplicant.conf" # firewall_enable="NO" # Set to YES to enable firewall functionality firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall) firewall_quiet="NO" # Set to YES to suppress rule display firewall_logging="NO" # Set to YES to enable events logging firewall_logif="NO" # Set to YES to create logging-pseudo interface firewall_flags="" # Flags passed to ipfw when type is a file firewall_coscripts="" # List of executables/scripts to run after # firewall starts/stops firewall_client_net="192.0.2.0/24" # IPv4 Network address for "client" # firewall. #firewall_client_net_ipv6="2001:db8:2:1::/64" # IPv6 network prefix for # "client" firewall. firewall_simple_iif="ed1" # Inside network interface for "simple" # firewall. firewall_simple_inet="192.0.2.16/28" # Inside network address for "simple" # firewall. firewall_simple_oif="ed0" # Outside network interface for "simple" # firewall. firewall_simple_onet="192.0.2.0/28" # Outside network address for "simple" # firewall. #firewall_simple_iif_ipv6="ed1" # Inside IPv6 network interface for "simple" # firewall. #firewall_simple_inet_ipv6="2001:db8:2:800::/56" # Inside IPv6 network prefix # for "simple" firewall. #firewall_simple_oif_ipv6="ed0" # Outside IPv6 network interface for "simple" # firewall. #firewall_simple_onet_ipv6="2001:db8:2:0::/56" # Outside IPv6 network prefix # for "simple" firewall. firewall_myservices="" # List of TCP ports on which this host # offers services for "workstation" firewall. firewall_allowservices="" # List of IPs which have access to # $firewall_myservices for "workstation" # firewall. firewall_trusted="" # List of IPs which have full access to this # host for "workstation" firewall. firewall_logdeny="NO" # Set to YES to log default denied incoming # packets for "workstation" firewall. firewall_nologports="135-139,445 1026,1027 1433,1434" # List of TCP/UDP ports # for which denied incoming packets are not # logged for "workstation" firewall. firewall_nat_enable="NO" # Enable kernel NAT (if firewall_enable == YES) firewall_nat_interface="" # Public interface or IPaddress to use firewall_nat_flags="" # Additional configuration parameters dummynet_enable="NO" # Load the dummynet(4) module ip_portrange_first="NO" # Set first dynamically allocated port ip_portrange_last="NO" # Set last dynamically allocated port ike_enable="NO" # Enable IKE daemon (usually racoon or isakmpd) ike_program="/usr/local/sbin/isakmpd" # Path to IKE daemon ike_flags="" # Additional flags for IKE daemon ipsec_enable="NO" # Set to YES to run setkey on ipsec_file ipsec_file="/etc/ipsec.conf" # Name of config file for setkey natd_program="/sbin/natd" # path to natd, if you want a different one. natd_enable="NO" # Enable natd (if firewall_enable == YES). natd_interface="" # Public interface or IPaddress to use. natd_flags="" # Additional flags for natd. ipfilter_enable="NO" # Set to YES to enable ipfilter functionality ipfilter_program="/sbin/ipf" # where the ipfilter program lives ipfilter_rules="/etc/ipf.rules" # rules definition file for ipfilter, see # /usr/src/contrib/ipfilter/rules for examples ipfilter_flags="" # additional flags for ipfilter ipnat_enable="NO" # Set to YES to enable ipnat functionality ipnat_program="/sbin/ipnat" # where the ipnat program lives ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat ipnat_flags="" # additional flags for ipnat ipmon_enable="NO" # Set to YES for ipmon; needs ipfilter or ipnat ipmon_program="/sbin/ipmon" # where the ipfilter monitor program lives ipmon_flags="-Ds" # typically "-Ds" or "-D /var/log/ipflog" ipfs_enable="NO" # Set to YES to enable saving and restoring # of state tables at shutdown and boot ipfs_program="/sbin/ipfs" # where the ipfs program lives ipfs_flags="" # additional flags for ipfs pf_enable="NO" # Set to YES to enable packet filter (pf) pf_rules="/etc/pf.conf" # rules definition file for pf pf_program="/sbin/pfctl" # where the pfctl program lives pf_flags="" # additional flags for pfctl pflog_enable="NO" # Set to YES to enable packet filter logging pflog_logfile="/var/log/pflog" # where pflogd should store the logfile pflog_program="/sbin/pflogd" # where the pflogd program lives pflog_flags="" # additional flags for pflogd ftpproxy_enable="NO" # Set to YES to enable ftp-proxy(8) for pf ftpproxy_flags="" # additional flags for ftp-proxy(8) pfsync_enable="NO" # Expose pf state to other hosts for syncing pfsync_syncdev="" # Interface for pfsync to work through pfsync_syncpeer="" # IP address of pfsync peer host pfsync_ifconfig="" # Additional options to ifconfig(8) for pfsync tcp_extensions="YES" # Set to NO to turn off RFC1323 extensions. log_in_vain="0" # >=1 to log connects to ports w/o listeners. tcp_keepalive="YES" # Enable stale TCP connection timeout (or NO). tcp_drop_synfin="NO" # Set to YES to drop TCP packets with SYN+FIN # NOTE: this violates the TCP specification icmp_drop_redirect="NO" # Set to YES to ignore ICMP REDIRECT packets icmp_log_redirect="NO" # Set to YES to log ICMP REDIRECT packets network_interfaces="auto" # List of network interfaces (or "auto"). cloned_interfaces="" # List of cloned network interfaces to create. #cloned_interfaces="gif0 gif1 gif2 gif3" # Pre-cloning GENERIC config. #ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration. #ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample alias entry. #ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64" # Sample IPv6 addr entry #ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64" # Sample IPv6 alias #ifconfig_fxp0_name="net0" # Change interface name from fxp0 to net0. #vlans_fxp0="101 vlan0" # vlan(4) interfaces for fxp0 device #create_args_vlan0="vlan 102" # vlan tag for vlan0 device #wlans_ath0="wlan0" # wlan(4) interfaces for ath0 device #wlandebug_wlan0="scan+auth+assoc" # Set debug flags with wlanddebug(8) #ipv4_addrs_fxp0="192.168.0.1/24 192.168.1.1-5/28" # example IPv4 address entry. # #autobridge_interfaces="bridge0" # List of bridges to check #autobridge_bridge0="tap* vlan0" # Interface glob to automatically add to the bridge # # If you have any sppp(4) interfaces above, you might also want to set # the following parameters. Refer to spppcontrol(8) for their meaning. sppp_interfaces="" # List of sppp interfaces. #sppp_interfaces="...0" # example: sppp over ... #spppconfig_...0="authproto=chap myauthname=foo myauthsecret='top secret' hisauthname=some-gw hisauthsecret='another secret'" # User ppp configuration. ppp_enable="NO" # Start user-ppp (or NO). ppp_program="/usr/sbin/ppp" # Path to user-ppp program. ppp_mode="auto" # Choice of "auto", "ddial", "direct" or "dedicated". # For details see man page for ppp(8). Default is auto. ppp_nat="YES" # Use PPP's internal network address translation or NO. ppp_profile="papchap" # Which profile to use from /etc/ppp/ppp.conf. ppp_user="root" # Which user to run ppp as # Start multiple instances of ppp at boot time #ppp_profile="profile1 profile2 profile3" # Which profiles to use #ppp_profile1_mode="ddial" # Override ppp mode for profile1 #ppp_profile2_nat="NO" # Override nat mode for profile2 # profile3 uses default ppp_mode and ppp_nat ### Network daemon (miscellaneous) ### hostapd_enable="NO" # Run hostap daemon. syslogd_enable="YES" # Run syslog daemon (or NO). syslogd_program="/usr/sbin/syslogd" # path to syslogd, if you want a different one. syslogd_flags="-s" # Flags to syslogd (if enabled). syslogd_oomprotect="YES" # Don't kill syslogd when swap space is exhausted. altlog_proglist="" # List of chrooted applicatioins in /var inetd_enable="NO" # Run the network daemon dispatcher (YES/NO). inetd_program="/usr/sbin/inetd" # path to inetd, if you want a different one. inetd_flags="-wW -C 60" # Optional flags to inetd iscsid_enable="NO" # iSCSI initiator daemon. iscsictl_enable="NO" # iSCSI initiator autostart. iscsictl_flags="-Aa" # Optional flags to iscsictl. hastd_enable="NO" # Run the HAST daemon (YES/NO). hastd_program="/sbin/hastd" # path to hastd, if you want a different one. hastd_flags="" # Optional flags to hastd. ctld_enable="NO" # CAM Target Layer / iSCSI target daemon. local_unbound_enable="NO" # local caching resolver # # kerberos. Do not run the admin daemons on slave servers # kdc_enable="NO" # Run a kerberos 5 KDC (or NO). kdc_program="/usr/libexec/kdc" # path to kerberos 5 KDC kdc_flags="" # Additional flags to the kerberos 5 KDC kadmind_enable="NO" # Run kadmind (or NO) kadmind_program="/usr/libexec/kadmind" # path to kadmind kpasswdd_enable="NO" # Run kpasswdd (or NO) kpasswdd_program="/usr/libexec/kpasswdd" # path to kpasswdd kfd_enable="NO" # Run kfd (or NO) kfd_program="/usr/libexec/kfd" # path to kerberos 5 kfd daemon kfd_flags="" ipropd_master_enable="NO" # Run Heimdal incremental propagation daemon # (master daemon). ipropd_master_program="/usr/libexec/ipropd-master" ipropd_master_flags="" # Flags to ipropd-master. ipropd_master_keytab="/etc/krb5.keytab" # keytab for ipropd-master. ipropd_master_slaves="" # slave node names used for /var/heimdal/slaves. ipropd_slave_enable="NO" # Run Heimdal incremental propagation daemon # (slave daemon). ipropd_slave_program="/usr/libexec/ipropd-slave" ipropd_slave_flags="" # Flags to ipropd-slave. ipropd_slave_keytab="/etc/krb5.keytab" # keytab for ipropd-slave. ipropd_slave_master="" # master node name. gssd_enable="NO" # Run the gssd daemon (or NO). gssd_program="/usr/sbin/gssd" # Path to gssd. gssd_flags="" # Flags for gssd. rwhod_enable="NO" # Run the rwho daemon (or NO). rwhod_flags="" # Flags for rwhod rarpd_enable="NO" # Run rarpd (or NO). rarpd_flags="-a" # Flags to rarpd. bootparamd_enable="NO" # Run bootparamd (or NO). bootparamd_flags="" # Flags to bootparamd pppoed_enable="NO" # Run the PPP over Ethernet daemon. pppoed_provider="*" # Provider and ppp(8) config file entry. pppoed_flags="-P /var/run/pppoed.pid" # Flags to pppoed (if enabled). pppoed_interface="fxp0" # The interface that pppoed runs on. sshd_enable="NO" # Enable sshd sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one. sshd_flags="" # Additional flags for sshd. ftpd_enable="NO" # Enable stand-alone ftpd. ftpd_program="/usr/libexec/ftpd" # Path to ftpd, if you want a different one. ftpd_flags="" # Additional flags to stand-alone ftpd. ### Network daemon (NFS): All need rpcbind_enable="YES" ### amd_enable="NO" # Run amd service with $amd_flags (or NO). amd_program="/usr/sbin/amd" # path to amd, if you want a different one. amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map" amd_map_program="NO" # Can be set to "ypcat -k amd.master" autofs_enable="NO" # Run autofs daemons. automount_flags="" # Flags to automount(8) (if autofs enabled). automountd_flags="" # Flags to automountd(8) (if autofs enabled). autounmountd_flags="" # Flags to autounmountd(8) (if autofs enabled). nfs_client_enable="NO" # This host is an NFS client (or NO). nfs_access_cache="60" # Client cache timeout in seconds nfs_server_enable="NO" # This host is an NFS server (or NO). nfs_server_flags="-u -t" # Flags to nfsd (if enabled). nfs_server_managegids="NO" # The NFS server maps gids for AUTH_SYS (or NO). mountd_enable="NO" # Run mountd (or NO). mountd_flags="-r" # Flags to mountd (if NFS server enabled). weak_mountd_authentication="NO" # Allow non-root mount requests to be served. nfs_reserved_port_only="NO" # Provide NFS only on secure port (or NO). nfs_bufpackets="" # bufspace (in packets) for client rpc_lockd_enable="NO" # Run NFS rpc.lockd needed for client/server. rpc_lockd_flags="" # Flags to rpc.lockd (if enabled). rpc_statd_enable="NO" # Run NFS rpc.statd needed for client/server. rpc_statd_flags="" # Flags to rpc.statd (if enabled). rpcbind_enable="NO" # Run the portmapper service (YES/NO). rpcbind_program="/usr/sbin/rpcbind" # path to rpcbind, if you want a different one. rpcbind_flags="" # Flags to rpcbind (if enabled). rpc_ypupdated_enable="NO" # Run if NIS master and SecureRPC (or NO). keyserv_enable="NO" # Run the SecureRPC keyserver (or NO). keyserv_flags="" # Flags to keyserv (if enabled). nfsv4_server_enable="NO" # Enable support for NFSv4 nfscbd_enable="NO" # NFSv4 client side callback daemon nfscbd_flags="" # Flags for nfscbd nfsuserd_enable="NO" # NFSv4 user/group name mapping daemon nfsuserd_flags="" # Flags for nfsuserd ### Network Time Services options: ### timed_enable="NO" # Run the time daemon (or NO). timed_flags="" # Flags to timed (if enabled). ntpdate_enable="NO" # Run ntpdate to sync time on boot (or NO). ntpdate_program="/usr/sbin/ntpdate" # path to ntpdate, if you want a different one. ntpdate_flags="-b" # Flags to ntpdate (if enabled). ntpdate_config="/etc/ntp.conf" # ntpdate(8) configuration file ntpdate_hosts="" # Whitespace-separated list of ntpdate(8) servers. ntpd_enable="NO" # Run ntpd Network Time Protocol (or NO). ntpd_program="/usr/sbin/ntpd" # path to ntpd, if you want a different one. ntpd_config="/etc/ntp.conf" # ntpd(8) configuration file ntpd_sync_on_start="NO" # Sync time on ntpd startup, even if offset is high ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntpd.drift" # Flags to ntpd (if enabled). ntp_src_leapfile="/etc/ntp/leap-seconds" # Initial source for ntpd leapfile ntp_db_leapfile="/var/db/ntpd.leap-seconds.list" # Working copy (updated weekly) leapfile ntp_leapfile_sources="https://www.ietf.org/timezones/data/leap-seconds.list" # Source from which to fetch leapfile ntp_leapfile_fetch_opts="-mq" # Options to use for ntp leapfile fetch, # e.g. --no-verify-peer ntp_leapfile_expiry_days=30 # Check for new leapfile 30 days prior to # expiry. ntp_leapfile_fetch_verbose="NO" # Be verbose during NTP leapfile fetch # Network Information Services (NIS) options: All need rpcbind_enable="YES" ### nis_client_enable="NO" # We're an NIS client (or NO). nis_client_flags="" # Flags to ypbind (if enabled). nis_ypset_enable="NO" # Run ypset at boot time (or NO). nis_ypset_flags="" # Flags to ypset (if enabled). nis_server_enable="NO" # We're an NIS server (or NO). nis_server_flags="" # Flags to ypserv (if enabled). nis_ypxfrd_enable="NO" # Run rpc.ypxfrd at boot time (or NO). nis_ypxfrd_flags="" # Flags to rpc.ypxfrd (if enabled). nis_yppasswdd_enable="NO" # Run rpc.yppasswdd at boot time (or NO). nis_yppasswdd_flags="" # Flags to rpc.yppasswdd (if enabled). ### SNMP daemon ### # Be sure to understand the security implications of running SNMP v1/v2 # in your network. bsnmpd_enable="NO" # Run the SNMP daemon (or NO). bsnmpd_flags="" # Flags for bsnmpd. ### Network routing options: ### defaultrouter="NO" # Set to default gateway (or NO). static_arp_pairs="" # Set to static ARP list (or leave empty). static_ndp_pairs="" # Set to static NDP list (or leave empty). static_routes="" # Set to static route list (or leave empty). natm_static_routes="" # Set to static route list for NATM (or leave empty). gateway_enable="NO" # Set to YES if this host will be a gateway. routed_enable="NO" # Set to YES to enable a routing daemon. routed_program="/sbin/routed" # Name of routing daemon to use if enabled. routed_flags="-q" # Flags for routing daemon. arpproxy_all="NO" # replaces obsolete kernel option ARP_PROXYALL. forward_sourceroute="NO" # do source routing (only if gateway_enable is set to "YES") accept_sourceroute="NO" # accept source routed packets to us ### ATM interface options: ### atm_enable="NO" # Configure ATM interfaces (or NO). #atm_netif_hea0="atm 1" # Network interfaces for physical interface. #atm_sigmgr_hea0="uni31" # Signalling manager for physical interface. #atm_prefix_hea0="ILMI" # NSAP prefix (UNI interfaces only) (or ILMI). #atm_macaddr_hea0="NO" # Override physical MAC address (or NO). #atm_arpserver_atm0="0x47.0005.80.999999.9999.9999.9999.999999999999.00" # ATMARP server address (or local). #atm_scsparp_atm0="NO" # Run SCSP/ATMARP on network interface (or NO). atm_pvcs="" # Set to PVC list (or leave empty). atm_arps="" # Set to permanent ARP list (or leave empty). ### Bluetooth ### hcsecd_enable="NO" # Enable hcsecd(8) (or NO) hcsecd_config="/etc/bluetooth/hcsecd.conf" # hcsecd(8) configuration file sdpd_enable="NO" # Enable sdpd(8) (or NO) sdpd_control="/var/run/sdp" # sdpd(8) control socket sdpd_groupname="nobody" # set spdp(8) user/group to run as after sdpd_username="nobody" # it initializes bthidd_enable="NO" # Enable bthidd(8) (or NO) bthidd_config="/etc/bluetooth/bthidd.conf" # bthidd(8) configuration file bthidd_hids="/var/db/bthidd.hids" # bthidd(8) known HID devices file rfcomm_pppd_server_enable="NO" # Enable rfcomm_pppd(8) in server mode (or NO) rfcomm_pppd_server_profile="one two" # Profile to use from /etc/ppp/ppp.conf # #rfcomm_pppd_server_one_bdaddr="" # Override local bdaddr for 'one' rfcomm_pppd_server_one_channel="1" # Override local channel for 'one' #rfcomm_pppd_server_one_register_sp="NO" # Override SP and DUN register #rfcomm_pppd_server_one_register_dun="NO" # for 'one' # #rfcomm_pppd_server_two_bdaddr="" # Override local bdaddr for 'two' rfcomm_pppd_server_two_channel="3" # Override local channel for 'two' #rfcomm_pppd_server_two_register_sp="NO" # Override SP and DUN register #rfcomm_pppd_server_two_register_dun="NO" # for 'two' ubthidhci_enable="NO" # Switch an USB BT controller present on #ubthidhci_busnum="3" # bus 3 and addr 2 from HID mode to HCI mode. #ubthidhci_addr="2" # Check usbconfig list to find the correct # numbers for your system. ### Network link/usability verification options netwait_enable="NO" # Enable rc.d/netwait (or NO) #netwait_ip="" # Wait for ping response from any IP in this list. netwait_timeout="60" # Total number of seconds to perform pings. #netwait_if="" # Wait for active link on each intf in this list. netwait_if_timeout="30" # Total number of seconds to monitor link state. ### Miscellaneous network options: ### icmp_bmcastecho="NO" # respond to broadcast ping packets ### IPv6 options: ### ipv6_network_interfaces="auto" # List of IPv6 network interfaces # (or "auto" or "none"). ipv6_activate_all_interfaces="NO" # If NO, interfaces which have no # corresponding $ifconfig_IF_ipv6 is # marked as IFDISABLED for security # reason. ipv6_defaultrouter="NO" # Set to IPv6 default gateway (or NO). #ipv6_defaultrouter="2002:c058:6301::" # Use this for 6to4 (RFC 3068) ipv6_static_routes="" # Set to static route list (or leave empty). #ipv6_static_routes="xxx" # An example to set fec0:0000:0000:0006::/64 # route toward loopback interface. #ipv6_route_xxx="fec0:0000:0000:0006:: -prefixlen 64 ::1" ipv6_gateway_enable="NO" # Set to YES if this host will be a gateway. ipv6_cpe_wanif="NO" # Set to the upstram interface name if this # node will work as a router to forward IPv6 # packets not explicitly addressed to itself. ipv6_privacy="NO" # Use privacy address on RA-receiving IFs # (RFC 4941) route6d_enable="NO" # Set to YES to enable an IPv6 routing daemon. route6d_program="/usr/sbin/route6d" # Name of IPv6 routing daemon. route6d_flags="" # Flags to IPv6 routing daemon. #route6d_flags="-l" # Example for route6d with only IPv6 site local # addrs. #route6d_flags="-q" # If you want to run a routing daemon on an end # node, you should stop advertisement. #ipv6_network_interfaces="ed0 ep0" # Examples for router # or static configuration for end node. # Choose correct prefix value. #ipv6_prefix_ed0="fec0:0000:0000:0001 fec0:0000:0000:0002" # Examples for rtr. #ipv6_prefix_ep0="fec0:0000:0000:0003 fec0:0000:0000:0004" # Examples for rtr. ipv6_default_interface="NO" # Default output interface for scoped addrs. # This works only with # ipv6_gateway_enable="NO". rtsol_flags="" # Flags to IPv6 router solicitation. rtsold_enable="NO" # Set to YES to enable an IPv6 router # solicitation daemon. rtsold_flags="-a" # Flags to an IPv6 router solicitation # daemon. rtadvd_enable="NO" # Set to YES to enable an IPv6 router # advertisement daemon. If set to YES, # this router becomes a possible candidate # IPv6 default router for local subnets. rtadvd_interfaces="" # Interfaces rtadvd sends RA packets. mroute6d_enable="NO" # Do IPv6 multicast routing. mroute6d_program="/usr/local/sbin/pim6dd" # Name of IPv6 multicast # routing daemon. You need to # install it from package or # port. mroute6d_flags="" # Flags to IPv6 multicast routing daemon. stf_interface_ipv4addr="" # Local IPv4 addr for 6to4 IPv6 over IPv4 # tunneling interface. Specify this entry # to enable 6to4 interface. stf_interface_ipv4plen="0" # Prefix length for 6to4 IPv4 addr, # to limit peer addr range. Effective value # is 0-31. stf_interface_ipv6_ifid="0:0:0:1" # IPv6 interface id for stf0. # If you like, you can set "AUTO" for this. stf_interface_ipv6_slaid="0000" # IPv6 Site Level Aggregator for stf0 ipv6_ipv4mapping="NO" # Set to "YES" to enable IPv4 mapped IPv6 addr # communication. (like ::ffff:a.b.c.d) ipv6_ipfilter_rules="/etc/ipf6.rules" # rules definition file for ipfilter, # see /usr/src/contrib/ipfilter/rules # for examples ip6addrctl_enable="YES" # Set to YES to enable default address selection ip6addrctl_verbose="NO" # Set to YES to enable verbose configuration messages ip6addrctl_policy="AUTO" # A pre-defined address selection policy # (ipv4_prefer, ipv6_prefer, or AUTO) ############################################################## ### System console options ################################# ############################################################## keyboard="" # keyboard device to use (default /dev/kbd0). keymap="NO" # keymap in /usr/share/{syscons,vt}/keymaps/* (or NO). keyrate="NO" # keyboard rate to: slow, normal, fast (or NO). keybell="NO" # See kbdcontrol(1) for options. Use "off" to disable. keychange="NO" # function keys default values (or NO). cursor="NO" # cursor type {normal|blink|destructive} (or NO). scrnmap="NO" # screen map in /usr/share/syscons/scrnmaps/* (or NO). font8x16="NO" # font 8x16 from /usr/share/{syscons,vt}/fonts/* (or NO). font8x14="NO" # font 8x14 from /usr/share/{syscons,vt}/fonts/* (or NO). font8x8="NO" # font 8x8 from /usr/share/{syscons,vt}/fonts/* (or NO). blanktime="300" # blank time (in seconds) or "NO" to turn it off. saver="NO" # screen saver: Uses /boot/kernel/${saver}_saver.ko moused_nondefault_enable="YES" # Treat non-default mice as enabled unless # specifically overriden in rc.conf(5). moused_enable="NO" # Run the mouse daemon. moused_type="auto" # See man page for rc.conf(5) for available settings. moused_port="/dev/psm0" # Set to your mouse port. moused_flags="" # Any additional flags to moused. mousechar_start="NO" # if 0xd0-0xd3 default range is occupied in your # language code table, specify alternative range # start like mousechar_start=3, see vidcontrol(1) allscreens_flags="" # Set this vidcontrol mode for all virtual screens allscreens_kbdflags="" # Set this kbdcontrol mode for all virtual screens ############################################################## ### Mail Transfer Agent (MTA) options ###################### ############################################################## mta_start_script="/etc/rc.sendmail" # Script to start your chosen MTA, called by /etc/rc. # Settings for /etc/rc.sendmail and /etc/rc.d/sendmail: sendmail_enable="NO" # Run the sendmail inbound daemon (YES/NO). sendmail_pidfile="/var/run/sendmail.pid" # sendmail pid file sendmail_procname="/usr/sbin/sendmail" # sendmail process name sendmail_flags="-L sm-mta -bd -q30m" # Flags to sendmail (as a server) sendmail_cert_create="YES" # Create a server certificate if none (YES/NO) #sendmail_cert_cn="CN" # CN of the generate certificate sendmail_submit_enable="YES" # Start a localhost-only MTA for mail submission sendmail_submit_flags="-L sm-mta -bd -q30m -ODaemonPortOptions=Addr=localhost" # Flags for localhost-only MTA sendmail_outbound_enable="YES" # Dequeue stuck mail (YES/NO). sendmail_outbound_flags="-L sm-queue -q30m" # Flags to sendmail (outbound only) sendmail_msp_queue_enable="YES" # Dequeue stuck clientmqueue mail (YES/NO). sendmail_msp_queue_flags="-L sm-msp-queue -Ac -q30m" # Flags for sendmail_msp_queue daemon. sendmail_rebuild_aliases="NO" # Run newaliases if necessary (YES/NO). ############################################################## ### Miscellaneous administrative options ################### ############################################################## auditd_enable="NO" # Run the audit daemon. auditd_program="/usr/sbin/auditd" # Path to the audit daemon. auditd_flags="" # Which options to pass to the audit daemon. auditdistd_enable="NO" # Run the audit daemon. auditdistd_program="/usr/sbin/auditdistd" # Path to the auditdistd daemon. auditdistd_flags="" # Which options to pass to the auditdistd daemon. cron_enable="YES" # Run the periodic job daemon. cron_program="/usr/sbin/cron" # Which cron executable to run (if enabled). cron_dst="YES" # Handle DST transitions intelligently (YES/NO) cron_flags="" # Which options to pass to the cron daemon. lpd_enable="NO" # Run the line printer daemon. lpd_program="/usr/sbin/lpd" # path to lpd, if you want a different one. lpd_flags="" # Flags to lpd (if enabled). nscd_enable="NO" # Run the nsswitch caching daemon. chkprintcap_enable="NO" # Run chkprintcap(8) before running lpd. chkprintcap_flags="-d" # Create missing directories by default. dumpdev="AUTO" # Device to crashdump to (device name, AUTO, or NO). dumpdir="/var/crash" # Directory where crash dumps are to be stored savecore_flags="-m 10" # Used if dumpdev is enabled above, and present. # By default, only the 10 most recent kernel dumps # are saved. crashinfo_enable="YES" # Automatically generate crash dump summary. crashinfo_program="/usr/sbin/crashinfo" # Script to generate crash dump summary. quota_enable="NO" # turn on quotas on startup (or NO). check_quotas="YES" # Check quotas on startup (or NO). quotaon_flags="-a" # Turn quotas on for all file systems (if enabled) quotaoff_flags="-a" # Turn quotas off for all file systems at shutdown quotacheck_flags="-a" # Check all file system quotas (if enabled) accounting_enable="NO" # Turn on process accounting (or NO). ibcs2_enable="NO" # Ibcs2 (SCO) emulation loaded at startup (or NO). ibcs2_loaders="coff" # List of additional Ibcs2 loaders (or NO). firstboot_sentinel="/firstboot" # Scripts with "firstboot" keyword are run if # this file exists. Should be on a R/W filesystem so # the file can be deleted after the boot completes. # Emulation/compatibility services provided by /etc/rc.d/abi sysvipc_enable="NO" # Load System V IPC primitives at startup (or NO). linux_enable="NO" # Linux binary compatibility loaded at startup (or NO). svr4_enable="NO" # SysVR4 emulation loaded at startup (or NO). clear_tmp_enable="NO" # Clear /tmp at startup. clear_tmp_X="YES" # Clear and recreate X11-related directories in /tmp ldconfig_insecure="NO" # Set to YES to disable ldconfig security checks ldconfig_paths="/usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg" # shared library search paths ldconfig32_paths="/usr/lib32 /usr/lib32/compat" # 32-bit compatibility shared library search paths ldconfigsoft_paths="/usr/libsoft /usr/libsoft/compat /usr/local/libsoft" # soft float compatibility shared library search paths # Note: temporarily with extra stuff for transition ldconfig_paths_aout="/usr/lib/compat/aout /usr/local/lib/aout" # a.out shared library search paths ldconfig_local_dirs="/usr/local/libdata/ldconfig" # Local directories with ldconfig configuration files. ldconfig_local32_dirs="/usr/local/libdata/ldconfig32" # Local directories with 32-bit compatibility ldconfig # configuration files. ldconfig_localsoft_dirs="/usr/local/libdata/ldconfigsoft" # Local directories with soft float compatibility ldconfig # configuration files. kern_securelevel_enable="NO" # kernel security level (see security(7)) kern_securelevel="-1" # range: -1..3 ; `-1' is the most insecure # Note that setting securelevel to 0 will result # in the system booting with securelevel set to 1, as # init(8) will raise the level when rc(8) completes. update_motd="YES" # update version info in /etc/motd (or NO) entropy_boot_file="/boot/entropy" # Set to NO to disable very early # (used at early boot time) entropy caching through reboots. entropy_file="/entropy" # Set to NO to disable late (used when going multi-user) # entropy through reboots. # /var/db/entropy-file is preferred if / is not avail. entropy_dir="/var/db/entropy" # Set to NO to disable caching entropy via cron. entropy_save_sz="4096" # Size of the entropy cache files. entropy_save_num="8" # Number of entropy cache files to save. harvest_mask="511" # Entropy device harvests all but the very invasive sources. # (See 'sysctl kern.random.harvest' and random(4)) dmesg_enable="YES" # Save dmesg(8) to /var/run/dmesg.boot watchdogd_enable="NO" # Start the software watchdog daemon watchdogd_flags="" # Flags to watchdogd (if enabled) devfs_rulesets="/etc/defaults/devfs.rules /etc/devfs.rules" # Files containing # devfs(8) rules. devfs_system_ruleset="" # The name (NOT number) of a ruleset to apply to /dev devfs_set_rulesets="" # A list of /mount/dev=ruleset_name settings to # apply (must be mounted already, i.e. fstab(5)) devfs_load_rulesets="YES" # Enable to always load the default rulesets performance_cx_lowest="C2" # Online CPU idle state performance_cpu_freq="NONE" # Online CPU frequency economy_cx_lowest="Cmax" # Offline CPU idle state economy_cpu_freq="NONE" # Offline CPU frequency virecover_enable="YES" # Perform housekeeping for the vi(1) editor ugidfw_enable="NO" # Load mac_bsdextended(4) rules on boot bsdextended_script="/etc/rc.bsdextended" # Default mac_bsdextended(4) # ruleset file. newsyslog_enable="YES" # Run newsyslog at startup. newsyslog_flags="-CN" # Newsyslog flags to create marked files mixer_enable="YES" # Run the sound mixer. opensm_enable="NO" # Opensm(8) for infiniband devices defaults to off -casperd_enable="YES" # casperd(8) daemon # rctl(8) requires kernel options RACCT and RCTL rctl_enable="YES" # Load rctl(8) rules on boot rctl_rules="/etc/rctl.conf" # rctl(8) ruleset. See rctl.conf(5). iovctl_files="" # Config files for iovctl(8) ############################################################## ### Jail Configuration (see rc.conf(5) manual page) ########## ############################################################## jail_enable="NO" # Set to NO to disable starting of any jails jail_parallel_start="NO" # Start jails in the background jail_list="" # Space separated list of names of jails jail_reverse_stop="NO" # Stop jails in reverse order ############################################################## ### Define source_rc_confs, the mechanism used by /etc/rc.* ## ### scripts to source rc_conf_files overrides safely. ## ############################################################## if [ -z "${source_rc_confs_defined}" ]; then source_rc_confs_defined=yes source_rc_confs() { local i sourced_files for i in ${rc_conf_files}; do case ${sourced_files} in *:$i:*) ;; *) sourced_files="${sourced_files}:$i:" if [ -r $i ]; then . $i fi ;; esac done # Re-do process to pick up [possibly] redefined $rc_conf_files for i in ${rc_conf_files}; do case ${sourced_files} in *:$i:*) ;; *) sourced_files="${sourced_files}:$i:" if [ -r $i ]; then . $i fi ;; esac done } fi Index: head/etc/mtree/BSD.debug.dist =================================================================== --- head/etc/mtree/BSD.debug.dist (revision 296046) +++ head/etc/mtree/BSD.debug.dist (revision 296047) @@ -1,62 +1,60 @@ # $FreeBSD$ # # Please see the file src/etc/mtree/README before making changes to this file. # /set type=dir uname=root gname=wheel mode=0755 . debug bin .. boot kernel .. .. lib geom .. - .. - libexec casper .. .. sbin .. usr bin .. lib clang 3.7.1 lib freebsd .. .. .. .. engines .. i18n .. private .. .. libexec bsdinstall .. lpr ru .. .. sendmail .. sm.bin .. .. sbin .. tests .. .. .. .. Index: head/etc/mtree/BSD.include.dist =================================================================== --- head/etc/mtree/BSD.include.dist (revision 296046) +++ head/etc/mtree/BSD.include.dist (revision 296047) @@ -1,344 +1,346 @@ # $FreeBSD$ # # Please see the file src/etc/mtree/README before making changes to this file. # /set type=dir uname=root gname=wheel mode=0755 . arpa .. atf-c .. atf-c++ .. bsm .. bsnmp .. c++ 4.2 backward .. bits .. debug .. ext pb_ds detail basic_tree_policy .. bin_search_tree_ .. binary_heap_ .. binomial_heap_ .. binomial_heap_base_ .. cc_hash_table_map_ .. eq_fn .. gp_hash_table_map_ .. hash_fn .. left_child_next_sibling_heap_ .. list_update_map_ .. list_update_policy .. ov_tree_map_ .. pairing_heap_ .. pat_trie_ .. rb_tree_map_ .. rc_binomial_heap_ .. resize_policy .. splay_tree_ .. thin_heap_ .. tree_policy .. trie_policy .. unordered_iterator .. .. .. .. tr1 .. .. v1 experimental .. ext .. tr1 .. .. .. cam ata .. scsi .. .. + casper + .. crypto .. dev acpica .. agp .. an .. bktr .. ciss .. filemon .. firewire .. hwpmc .. ic .. iicbus .. io .. lmc .. mfi .. mpt mpilib .. .. nand .. nvme .. ofw .. pbio .. pci .. powermac_nvram .. ppbus .. smbus .. speaker .. usb .. utopia .. vkbd .. wi .. .. edit readline .. .. fs cuse .. devfs .. fdescfs .. msdosfs .. nandfs .. nfs .. nullfs .. procfs .. smbfs .. udf .. unionfs .. .. gcc 4.2 .. .. geom cache .. concat .. eli .. gate .. journal .. label .. mirror .. mountver .. multipath .. nop .. raid .. raid3 .. shsec .. stripe .. virstor .. .. gnu posix .. .. gssapi .. infiniband complib .. iba .. opensm .. vendor .. .. isofs cd9660 .. .. kadm5 .. krb5 .. lib80211 .. libmilter .. libxo .. lzma .. machine pc .. .. net altq .. .. net80211 .. netgraph atm .. bluetooth include .. .. netflow .. .. netinet cc .. .. netinet6 .. netipsec .. netnatm api .. msg .. saal .. sig .. .. netpfil pf .. .. netsmb .. nfs .. nfsclient .. nfsserver .. openssl .. pcap .. protocols .. rdma .. rpc .. rpcsvc .. security audit .. mac_biba .. mac_bsdextended .. mac_lomac .. mac_mls .. mac_partition .. .. ssp .. sys .. teken .. ufs ffs .. ufs .. .. vm .. xlocale .. .. Index: head/etc/mtree/BSD.root.dist =================================================================== --- head/etc/mtree/BSD.root.dist (revision 296046) +++ head/etc/mtree/BSD.root.dist (revision 296047) @@ -1,110 +1,110 @@ # $FreeBSD$ # # Please see the file src/etc/mtree/README before making changes to this file. # /set type=dir uname=root gname=wheel mode=0755 . bin .. boot defaults .. dtb .. firmware .. kernel .. modules .. zfs .. .. dev mode=0555 .. etc X11 .. autofs .. bluetooth .. casper .. defaults .. devd .. dma .. gss .. mail .. mtree .. newsyslog.conf.d .. ntp mode=0700 .. pam.d .. periodic daily .. monthly .. security .. weekly .. .. pkg .. ppp .. rc.conf.d .. rc.d .. security .. skel .. ssh .. ssl .. zfs .. .. lib + casper + .. geom .. .. libexec - casper - .. resolvconf .. .. media .. mnt .. proc mode=0555 .. rescue .. root .. sbin .. tmp mode=01777 .. usr .. var .. .. Index: head/etc/rc.d/casperd =================================================================== --- head/etc/rc.d/casperd (revision 296046) +++ head/etc/rc.d/casperd (nonexistent) @@ -1,19 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# - -# PROVIDE: casperd -# REQUIRE: NETWORKING syslogd -# BEFORE: DAEMON -# KEYWORD: shutdown - -. /etc/rc.subr - -name="casperd" -rcvar="casperd_enable" -pidfile="/var/run/${name}.pid" -command="/sbin/${name}" - -load_rc_config $name -run_rc_command "$1" Property changes on: head/etc/rc.d/casperd ___________________________________________________________________ Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Index: head/etc/rc.d/Makefile =================================================================== --- head/etc/rc.d/Makefile (revision 296046) +++ head/etc/rc.d/Makefile (revision 296047) @@ -1,290 +1,285 @@ # $FreeBSD$ .include FILES= DAEMON \ FILESYSTEMS \ LOGIN \ NETWORKING \ SERVERS \ abi \ accounting \ addswap \ adjkerntz \ archdep \ atm1 \ atm2 \ atm3 \ auditd \ auditdistd \ bgfsck \ ${_bluetooth} \ bridge \ ${_bthidd} \ - ${_casperd} \ cleanvar \ cleartmp \ cron \ ctld \ ddb \ defaultroute \ devd \ devfs \ dhclient \ dmesg \ dumpon \ fsck \ gbde \ geli \ geli2 \ gptboot \ growfs \ gssd \ ${_hcsecd} \ hostid \ hostid_save \ hostname \ iovctl \ ip6addrctl \ ipfilter \ ipfs \ ipfw \ ipmon \ ipnat \ ipsec \ ${_kadmind} \ ${_kdc} \ ${_kfd} \ kld \ kldxref \ ${_kpasswdd} \ ldconfig \ local \ localpkg \ lockd \ mixer \ motd \ mountcritlocal \ mountcritremote \ mountlate \ mdconfig \ mdconfig2 \ mountd \ mroute6d \ msgs \ natd \ netif \ netoptions \ netwait \ newsyslog \ nfsclient \ nfscbd \ nfsd \ nfsuserd \ nisdomain \ ${_nscd} \ nsswitch \ ntpdate \ ${_opensm} \ pf \ pflog \ pfsync \ ppp \ pppoed \ pwcheck \ quota \ random \ rarpd \ rctl \ resolv \ rfcomm_pppd_server \ root \ route6d \ routing \ rpcbind \ rtadvd \ rtsold \ savecore \ sdpd \ securelevel \ serial \ sppp \ ${_sshd} \ statd \ static_arp \ static_ndp \ stf \ swap \ swaplate \ sysctl \ syslogd \ tmp \ ${_ubthidhci} \ ugidfw \ ${_unbound} \ ${_utx} \ var \ watchdogd \ ypbind \ yppasswdd \ ypserv \ ypset \ ypupdated \ ypxfrd \ zfs \ zvol .if ${MK_ACCT} != "no" FILES+= accounting .endif .if ${MK_ACPI} != "no" FILES+= power_profile .endif .if ${MK_ACPI} != "no" || ${MK_APM} != "no" FILES+= powerd .endif .if ${MK_AMD} != "no" FILES+= amd .endif .if ${MK_APM} != "no" FILES+= apm FILES+= apmd .endif .if ${MK_AUTOFS} != "no" FILES+= automount FILES+= automountd FILES+= autounmountd .endif .if ${MK_BLUETOOTH} != "no" _bluetooth= bluetooth _bthidd= bthidd _hcsecd= hcsecd _ubthidhci= ubthidhci .endif .if ${MK_BOOTPARAMD} != "no" FILES+= bootparams .endif .if ${MK_BSNMP} != "no" FILES+= bsnmpd -.endif - -.if ${MK_CASPER} != "no" -_casperd= casperd .endif .if ${MK_CCD} != "no" FILES+= ccd .endif .if ${MK_FTP} != "no" FILES+= ftpd .endif .if ${MK_HAST} != "no" FILES+= hastd .endif .if ${MK_INETD} != "no" FILES+= inetd .endif .if ${MK_ISCSI} != "no" FILES+= iscsictl FILES+= iscsid .endif .if ${MK_JAIL} != "no" FILES+= jail .endif .if ${MK_LEGACY_CONSOLE} != "no" FILES+= moused FILES+= syscons .endif .if ${MK_LPR} != "no" FILES+= lpd .endif .if ${MK_KERBEROS} != "no" FILES+= ipropd_master FILES+= ipropd_slave _kadmind= kadmind _kdc= kdc _kfd= kfd _kpasswdd= kpasswdd .endif .if ${MK_MAIL} != "no" FILES+= othermta .endif .if ${MK_NS_CACHING} != "no" _nscd= nscd .endif .if ${MK_NTP} != "no" FILES+= ntpd .endif .if ${MK_OFED} != "no" _opensm= opensm .endif .if ${MK_OPENSSL} != "no" FILES+= keyserv .endif .if ${MK_OPENSSH} != "no" _sshd= sshd .endif .if ${MK_PF} != "no" FILES+= ftp-proxy .endif .if ${MK_RCMDS} != "no" FILES+= rwho .endif .if ${MK_ROUTED} != "no" FILES+= routed .endif .if ${MK_SENDMAIL} != "no" FILES+= sendmail .endif .if ${MK_TIMED} != "no" FILES+= timed .endif .if ${MK_UNBOUND} != "no" _unbound= local_unbound .endif .if ${MK_UTMPX} != "no" _utx= utx .endif .if ${MK_VI} != "no" FILES+= virecover .endif .if ${MK_WIRELESS} != "no" FILES+= hostapd FILES+= wpa_supplicant .endif FILESDIR= /etc/rc.d FILESMODE= ${BINMODE} .include Index: head/gnu/usr.bin/groff/tmac/mdoc.local.in =================================================================== --- head/gnu/usr.bin/groff/tmac/mdoc.local.in (revision 296046) +++ head/gnu/usr.bin/groff/tmac/mdoc.local.in (revision 296047) @@ -1,80 +1,80 @@ .\" Copyright (c) 2001-2004 Ruslan Ermilov . .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" .\" %beginstrip% . .eo . . .ds doc-volume-operating-system FreeBSD . .\" FreeBSD .Lb values .ds doc-str-Lb-libarchive Streaming Archive Library (libarchive, \-larchive) .ds doc-str-Lb-libbluetooth Bluetooth User Library (libbluetooth, \-lbluetooth) -.ds doc-str-Lb-libcapsicum Capsicum Library (libcapsicum, \-lcapsicum) +.ds doc-str-Lb-libcseper Casper Library (libcapsicum, \-lcasper) .ds doc-str-Lb-libcuse Userland Character Device Library (libcuse, \-lcuse) .ds doc-str-Lb-libedit Line Editor and History Library (libedit, \-ledit) .ds doc-str-Lb-libefi EFI Runtime Services Library (libefi, \-lefi) .ds doc-str-Lb-libelf ELF Parsing Library (libelf, \-lelf) .ds doc-str-Lb-libexecinfo Backtrace Access Library (libexecinfo, \-lexecinfo) .ds doc-str-Lb-libfetch File Transfer Library (libfetch, \-lfetch) .ds doc-str-Lb-libnv Name/value pairs library (libnv, \-lnv) .ds doc-str-Lb-libpmc Performance Monitoring Counters Interface Library (libpmc, \-lpmc) .ds doc-str-Lb-libproc Processor Monitoring and Analysis Library (libproc, \-lproc) .ds doc-str-Lb-libprocstat Process and Files Information Retrieval (libprocstat, \-lprocstat) .ds doc-str-Lb-librtld_db Run-time Linker Debugging Library (librtld_db, \-lrtld_db) .ds doc-str-Lb-libsbuf Safe String Composition Library (libsbuf, \-lsbuf) .ds doc-str-Lb-libstdthreads C11 Threads Library (libstdthreads, \-lstdthreads) . .\" Default .Os value .ds doc-default-operating-system FreeBSD\~11.0 . .\" FreeBSD releases not found in doc-common .ds doc-operating-system-FreeBSD-2.2.9 2.2.9 .ds doc-operating-system-FreeBSD-7.4 7.4 .ds doc-operating-system-FreeBSD-8.3 8.3 .ds doc-operating-system-FreeBSD-8.4 8.4 .ds doc-operating-system-FreeBSD-9.1 9.1 .ds doc-operating-system-FreeBSD-9.2 9.2 .ds doc-operating-system-FreeBSD-9.3 9.3 .ds doc-operating-system-FreeBSD-10.0 10.0 .ds doc-operating-system-FreeBSD-10.1 10.1 .ds doc-operating-system-FreeBSD-11.0 11.0 . .\" Definitions for other *BSDs not (yet) in doc-common .ds doc-operating-system-NetBSD-7.0 7.0 . .\" Definitions not (yet) in doc-syms . .ec . .\" Locale support .if d doc-locale \{\ . ie "\*[doc-locale]"ru.KOI8-R" \ . mso mdoc/ru.KOI8-R . el \{ .if "\*[doc-locale]"fr.ISO8859-1" \ . mso mdoc/fr.ISO8859-1 .\}\} Index: head/lib/libcapsicum/libcapsicum.3 =================================================================== --- head/lib/libcapsicum/libcapsicum.3 (revision 296046) +++ head/lib/libcapsicum/libcapsicum.3 (nonexistent) @@ -1,300 +0,0 @@ -.\" Copyright (c) 2013 The FreeBSD Foundation -.\" All rights reserved. -.\" -.\" This documentation was written by Pawel Jakub Dawidek under sponsorship -.\" from the FreeBSD Foundation. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD$ -.\" -.Dd May 2, 2015 -.Dt LIBCAPSICUM 3 -.Os -.Sh NAME -.Nm cap_init , -.Nm cap_wrap , -.Nm cap_unwrap , -.Nm cap_sock , -.Nm cap_clone , -.Nm cap_close , -.Nm cap_limit_get , -.Nm cap_limit_set , -.Nm cap_send_nvlist , -.Nm cap_recv_nvlist , -.Nm cap_xfer_nvlist , -.Nm cap_service_open -.Nd "library for handling application capabilities" -.Sh LIBRARY -.Lb libcapsicum -.Sh SYNOPSIS -.In libcapsicum.h -.In nv.h -.Ft "cap_channel_t *" -.Fn cap_init "void" -.Ft "cap_channel_t *" -.Fn cap_wrap "int sock" -.Ft "int" -.Fn cap_unwrap "cap_channel_t *chan" -.Ft "int" -.Fn cap_sock "const cap_channel_t *chan" -.Ft "cap_channel_t *" -.Fn cap_clone "const cap_channel_t *chan" -.Ft "void" -.Fn cap_close "cap_channel_t *chan" -.Ft "int" -.Fn cap_limit_get "const cap_channel_t *chan" "nvlist_t **limitsp" -.Ft "int" -.Fn cap_limit_set "const cap_channel_t *chan" "nvlist_t *limits" -.Ft "int" -.Fn cap_send_nvlist "const cap_channel_t *chan" "const nvlist_t *nvl" -.Ft "nvlist_t *" -.Fn cap_recv_nvlist "const cap_channel_t *chan" "int flags" -.Ft "nvlist_t *" -.Fn cap_xfer_nvlist "const cap_channel_t *chan" "nvlist_t *nvl" "int flags" -.In libcapsicum_service.h -.Ft "cap_channel_t *" -.Fn cap_service_open "const cap_channel_t *chan" "const char *name" -.Sh DESCRIPTION -The -.Nm libcapsicum -library allows to manage application capabilities through the -.Xr casperd 8 -daemon. -.Pp -The application capability (represented by the -.Vt cap_channel_t -type) is a communication channel between the caller and the -.Xr casperd 8 -daemon or an instance of one of its services. -A capability to the -.Xr casperd 8 -daemon obtained with the -.Fn cap_init -function allows to create capabilities to casper's services via the -.Fn cap_service_open -function. -.Pp -The -.Fn cap_init -function opens capability to the -.Xr casperd 8 -daemon. -.Pp -The -.Fn cap_wrap -function creates -.Vt cap_channel_t -based on the given socket. -The function is used when capability is inherited through -.Xr execve 2 -or send over -.Xr unix 4 -domain socket as a regular file descriptor and has to be represented as -.Vt cap_channel_t -again. -.Pp -The -.Fn cap_unwrap -function is the opposite of the -.Fn cap_wrap -function. -It frees the -.Vt cap_channel_t -structure and returns -.Xr unix 4 -domain socket associated with it. -.Pp -The -.Fn cap_clone -function clones the given capability. -.Pp -The -.Fn cap_close -function closes the given capability. -.Pp -The -.Fn cap_sock -function returns -.Xr unix 4 -domain socket descriptor associated with the given capability for use with -system calls like -.Xr kevent 2 , -.Xr poll 2 -and -.Xr select 2 . -.Pp -The -.Fn cap_limit_get -function stores current limits of the given capability in the -.Fa limitsp -argument. -If the function return -.Va 0 -and -.Dv NULL -is stored in -.Fa limitsp -it means there are no limits set. -.Pp -The -.Fn cap_limit_set -function sets limits for the given capability. -The limits are provided as nvlist. -The exact format depends on the service the capability represents. -.Pp -The -.Fn cap_send_nvlist -function sends the given nvlist over the given capability. -This is low level interface to communicate with casper services. -Most services should provide higher level API. -.Pp -The -.Fn cap_recv_nvlist -function receives the given nvlist over the given capability. -The -.Fa flags -argument defines what type the top nvlist is expected to be. -If the nvlist flags do not match the flags passed to -.Fn cap_recv_nvlist , -the nvlist will not be returned. -.Pp -The -.Fn cap_xfer_nvlist -function sends the given nvlist, destroys it and receives new nvlist in -response over the given capability. -The -.Fa flags -argument defines what type the top nvlist is expected to be. -If the nvlist flags do not match the flags passed to -.Fn cap_xfer_nvlist , -the nvlist will not be returned. -It does not matter if the function succeeds or fails, the nvlist given -for sending will always be destroyed once the function returns. -.Pp -The -.Fn cap_service_open -function opens casper service of the given name through casper capability -obtained via the -.Fn cap_init -function. -The function returns capability that provides access to opened service. -.Sh RETURN VALUES -The -.Fn cap_clone , -.Fn cap_init , -.Fn cap_recv_nvlist , -.Fn cap_service_open , -.Fn cap_wrap -and -.Fn cap_xfer_nvlist -functions return -.Dv NULL -and set the -.Va errno -variable on failure. -.Pp -The -.Fn cap_limit_get , -.Fn cap_limit_set -and -.Fn cap_send_nvlist -functions return -.Dv -1 -and set the -.Va errno -variable on failure. -.Pp -The -.Fn cap_close , -.Fn cap_sock -and -.Fn cap_unwrap -functions always succeed. -.Sh EXAMPLES -The following example first opens capability to the -.Xr casperd 8 -daemon, then using this capability creates new capability to the -.Nm system.dns -casper service and uses the latter capability to resolve IP address. -.Bd -literal -cap_channel_t *capcas, *capdns; -nvlist_t *limits; -const char *ipstr = "127.0.0.1"; -struct in_addr ip; -struct hostent *hp; - -/* Open capability to the Casper daemon. */ -capcas = cap_init(); -if (capcas == NULL) - err(1, "Unable to contact Casper daemon"); - -/* Enter capability mode sandbox. */ -if (cap_enter() < 0 && errno != ENOSYS) - err(1, "Unable to enter capability mode"); - -/* Use Casper capability to create capability to the system.dns service. */ -capdns = cap_service_open(capcas, "system.dns"); -if (capdns == NULL) - err(1, "Unable to open system.dns service"); - -/* Close Casper capability, we don't need it anymore. */ -cap_close(capcas); - -/* Limit system.dns to reverse DNS lookups and IPv4 addresses. */ -limits = nvlist_create(0); -nvlist_add_string(limits, "type", "ADDR"); -nvlist_add_number(limits, "family", (uint64_t)AF_INET); -if (cap_limit_set(capdns, limits) < 0) - err(1, "Unable to limit access to the system.dns service"); - -/* Convert IP address in C-string to in_addr. */ -if (!inet_aton(ipstr, &ip)) - errx(1, "Unable to parse IP address %s.", ipstr); - -/* Find hostname for the given IP address. */ -hp = cap_gethostbyaddr(capdns, (const void *)&ip, sizeof(ip), AF_INET); -if (hp == NULL) - errx(1, "No name associated with %s.", ipstr); - -printf("Name associated with %s is %s.\\n", ipstr, hp->h_name); -.Ed -.Sh SEE ALSO -.Xr cap_enter 2 , -.Xr execve 2 , -.Xr kevent 2 , -.Xr poll 2 , -.Xr select 2 , -.Xr cap_gethostbyaddr 3 , -.Xr err 3 , -.Xr gethostbyaddr 3 , -.Xr inet_aton 3 , -.Xr nv 3 , -.Xr capsicum 4 , -.Xr unix 4 , -.Xr casperd 8 -.Sh AUTHORS -The -.Nm libcapsicum -library was implemented by -.An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net -under sponsorship from the FreeBSD Foundation. Property changes on: head/lib/libcapsicum/libcapsicum.3 ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_sysctl.h =================================================================== --- head/lib/libcapsicum/libcapsicum_sysctl.h (revision 296046) +++ head/lib/libcapsicum/libcapsicum_sysctl.h (nonexistent) @@ -1,43 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCAPSICUM_SYSCTL_H_ -#define _LIBCAPSICUM_SYSCTL_H_ - -#define CAP_SYSCTL_READ 0x01 -#define CAP_SYSCTL_WRITE 0x02 -#define CAP_SYSCTL_RDWR (CAP_SYSCTL_READ | CAP_SYSCTL_WRITE) -#define CAP_SYSCTL_RECURSIVE 0x04 - -int cap_sysctlbyname(cap_channel_t *chan, const char *name, void *oldp, - size_t *oldlenp, const void *newp, size_t newlen); - -#endif /* !_LIBCAPSICUM_SYSCTL_H_ */ Property changes on: head/lib/libcapsicum/libcapsicum_sysctl.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_sysctl.c =================================================================== --- head/lib/libcapsicum/libcapsicum_sysctl.c (revision 296046) +++ head/lib/libcapsicum/libcapsicum_sysctl.c (nonexistent) @@ -1,86 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include - -#include "libcapsicum.h" -#include "libcapsicum_sysctl.h" - -int -cap_sysctlbyname(cap_channel_t *chan, const char *name, void *oldp, - size_t *oldlenp, const void *newp, size_t newlen) -{ - nvlist_t *nvl; - const uint8_t *retoldp; - uint8_t operation; - size_t oldlen; - - operation = 0; - if (oldp != NULL) - operation |= CAP_SYSCTL_READ; - if (newp != NULL) - operation |= CAP_SYSCTL_WRITE; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "sysctl"); - nvlist_add_string(nvl, "name", name); - nvlist_add_number(nvl, "operation", (uint64_t)operation); - if (oldp == NULL && oldlenp != NULL) - nvlist_add_null(nvl, "justsize"); - else if (oldlenp != NULL) - nvlist_add_number(nvl, "oldlen", (uint64_t)*oldlenp); - if (newp != NULL) - nvlist_add_binary(nvl, "newp", newp, newlen); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) - return (-1); - if (nvlist_get_number(nvl, "error") != 0) { - errno = (int)nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (-1); - } - - if (oldp == NULL && oldlenp != NULL) { - *oldlenp = (size_t)nvlist_get_number(nvl, "oldlen"); - } else if (oldp != NULL) { - retoldp = nvlist_get_binary(nvl, "oldp", &oldlen); - memcpy(oldp, retoldp, oldlen); - if (oldlenp != NULL) - *oldlenp = oldlen; - } - nvlist_destroy(nvl); - - return (0); -} Property changes on: head/lib/libcapsicum/libcapsicum_sysctl.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_impl.h =================================================================== --- head/lib/libcapsicum/libcapsicum_impl.h (revision 296046) +++ head/lib/libcapsicum/libcapsicum_impl.h (nonexistent) @@ -1,39 +0,0 @@ -/*- - * Copyright (c) 2012-2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCAPSICUM_IMPL_H_ -#define _LIBCAPSICUM_IMPL_H_ - -#define CASPER_SOCKPATH "/var/run/casper" - -bool fd_is_valid(int fd); - -#endif /* !_LIBCAPSICUM_IMPL_H_ */ Property changes on: head/lib/libcapsicum/libcapsicum_impl.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_dns.c =================================================================== --- head/lib/libcapsicum/libcapsicum_dns.c (revision 296046) +++ head/lib/libcapsicum/libcapsicum_dns.c (nonexistent) @@ -1,365 +0,0 @@ -/*- - * Copyright (c) 2012-2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include -#include -#include - -#include "libcapsicum.h" -#include "libcapsicum_dns.h" - -static struct hostent hent; - -static void -hostent_free(struct hostent *hp) -{ - unsigned int ii; - - free(hp->h_name); - hp->h_name = NULL; - if (hp->h_aliases != NULL) { - for (ii = 0; hp->h_aliases[ii] != NULL; ii++) - free(hp->h_aliases[ii]); - free(hp->h_aliases); - hp->h_aliases = NULL; - } - if (hp->h_addr_list != NULL) { - for (ii = 0; hp->h_addr_list[ii] != NULL; ii++) - free(hp->h_addr_list[ii]); - free(hp->h_addr_list); - hp->h_addr_list = NULL; - } -} - -static struct hostent * -hostent_unpack(const nvlist_t *nvl, struct hostent *hp) -{ - unsigned int ii, nitems; - char nvlname[64]; - int n; - - hostent_free(hp); - - hp->h_name = strdup(nvlist_get_string(nvl, "name")); - if (hp->h_name == NULL) - goto fail; - hp->h_addrtype = (int)nvlist_get_number(nvl, "addrtype"); - hp->h_length = (int)nvlist_get_number(nvl, "length"); - - nitems = (unsigned int)nvlist_get_number(nvl, "naliases"); - hp->h_aliases = calloc(sizeof(hp->h_aliases[0]), nitems + 1); - if (hp->h_aliases == NULL) - goto fail; - for (ii = 0; ii < nitems; ii++) { - n = snprintf(nvlname, sizeof(nvlname), "alias%u", ii); - assert(n > 0 && n < (int)sizeof(nvlname)); - hp->h_aliases[ii] = - strdup(nvlist_get_string(nvl, nvlname)); - if (hp->h_aliases[ii] == NULL) - goto fail; - } - hp->h_aliases[ii] = NULL; - - nitems = (unsigned int)nvlist_get_number(nvl, "naddrs"); - hp->h_addr_list = calloc(sizeof(hp->h_addr_list[0]), nitems + 1); - if (hp->h_addr_list == NULL) - goto fail; - for (ii = 0; ii < nitems; ii++) { - hp->h_addr_list[ii] = malloc(hp->h_length); - if (hp->h_addr_list[ii] == NULL) - goto fail; - n = snprintf(nvlname, sizeof(nvlname), "addr%u", ii); - assert(n > 0 && n < (int)sizeof(nvlname)); - bcopy(nvlist_get_binary(nvl, nvlname, NULL), - hp->h_addr_list[ii], hp->h_length); - } - hp->h_addr_list[ii] = NULL; - - return (hp); -fail: - hostent_free(hp); - h_errno = NO_RECOVERY; - return (NULL); -} - -struct hostent * -cap_gethostbyname(cap_channel_t *chan, const char *name) -{ - - return (cap_gethostbyname2(chan, name, AF_INET)); -} - -struct hostent * -cap_gethostbyname2(cap_channel_t *chan, const char *name, int type) -{ - struct hostent *hp; - nvlist_t *nvl; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "gethostbyname"); - nvlist_add_number(nvl, "family", (uint64_t)type); - nvlist_add_string(nvl, "name", name); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) { - h_errno = NO_RECOVERY; - return (NULL); - } - if (nvlist_get_number(nvl, "error") != 0) { - h_errno = (int)nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (NULL); - } - - hp = hostent_unpack(nvl, &hent); - nvlist_destroy(nvl); - return (hp); -} - -struct hostent * -cap_gethostbyaddr(cap_channel_t *chan, const void *addr, socklen_t len, - int type) -{ - struct hostent *hp; - nvlist_t *nvl; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "gethostbyaddr"); - nvlist_add_binary(nvl, "addr", addr, (size_t)len); - nvlist_add_number(nvl, "family", (uint64_t)type); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) { - h_errno = NO_RECOVERY; - return (NULL); - } - if (nvlist_get_number(nvl, "error") != 0) { - h_errno = (int)nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (NULL); - } - hp = hostent_unpack(nvl, &hent); - nvlist_destroy(nvl); - return (hp); -} - -static struct addrinfo * -addrinfo_unpack(const nvlist_t *nvl) -{ - struct addrinfo *ai; - const void *addr; - size_t addrlen; - const char *canonname; - - addr = nvlist_get_binary(nvl, "ai_addr", &addrlen); - ai = malloc(sizeof(*ai) + addrlen); - if (ai == NULL) - return (NULL); - ai->ai_flags = (int)nvlist_get_number(nvl, "ai_flags"); - ai->ai_family = (int)nvlist_get_number(nvl, "ai_family"); - ai->ai_socktype = (int)nvlist_get_number(nvl, "ai_socktype"); - ai->ai_protocol = (int)nvlist_get_number(nvl, "ai_protocol"); - ai->ai_addrlen = (socklen_t)addrlen; - canonname = nvlist_get_string(nvl, "ai_canonname"); - if (canonname != NULL) { - ai->ai_canonname = strdup(canonname); - if (ai->ai_canonname == NULL) { - free(ai); - return (NULL); - } - } else { - ai->ai_canonname = NULL; - } - ai->ai_addr = (void *)(ai + 1); - bcopy(addr, ai->ai_addr, addrlen); - ai->ai_next = NULL; - - return (ai); -} - -int -cap_getaddrinfo(cap_channel_t *chan, const char *hostname, const char *servname, - const struct addrinfo *hints, struct addrinfo **res) -{ - struct addrinfo *firstai, *prevai, *curai; - unsigned int ii; - const nvlist_t *nvlai; - char nvlname[64]; - nvlist_t *nvl; - int error, n; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "getaddrinfo"); - nvlist_add_string(nvl, "hostname", hostname); - nvlist_add_string(nvl, "servname", servname); - if (hints != NULL) { - nvlist_add_number(nvl, "hints.ai_flags", - (uint64_t)hints->ai_flags); - nvlist_add_number(nvl, "hints.ai_family", - (uint64_t)hints->ai_family); - nvlist_add_number(nvl, "hints.ai_socktype", - (uint64_t)hints->ai_socktype); - nvlist_add_number(nvl, "hints.ai_protocol", - (uint64_t)hints->ai_protocol); - } - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) - return (EAI_MEMORY); - if (nvlist_get_number(nvl, "error") != 0) { - error = (int)nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (error); - } - - nvlai = NULL; - firstai = prevai = curai = NULL; - for (ii = 0; ; ii++) { - n = snprintf(nvlname, sizeof(nvlname), "res%u", ii); - assert(n > 0 && n < (int)sizeof(nvlname)); - if (!nvlist_exists_nvlist(nvl, nvlname)) - break; - nvlai = nvlist_get_nvlist(nvl, nvlname); - curai = addrinfo_unpack(nvlai); - if (curai == NULL) - break; - if (prevai != NULL) - prevai->ai_next = curai; - else if (firstai == NULL) - firstai = curai; - prevai = curai; - } - nvlist_destroy(nvl); - if (curai == NULL && nvlai != NULL) { - if (firstai == NULL) - freeaddrinfo(firstai); - return (EAI_MEMORY); - } - - *res = firstai; - return (0); -} - -int -cap_getnameinfo(cap_channel_t *chan, const struct sockaddr *sa, socklen_t salen, - char *host, size_t hostlen, char *serv, size_t servlen, int flags) -{ - nvlist_t *nvl; - int error; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "getnameinfo"); - nvlist_add_number(nvl, "hostlen", (uint64_t)hostlen); - nvlist_add_number(nvl, "servlen", (uint64_t)servlen); - nvlist_add_binary(nvl, "sa", sa, (size_t)salen); - nvlist_add_number(nvl, "flags", (uint64_t)flags); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) - return (EAI_MEMORY); - if (nvlist_get_number(nvl, "error") != 0) { - error = (int)nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (error); - } - - if (host != NULL) - strlcpy(host, nvlist_get_string(nvl, "host"), hostlen + 1); - if (serv != NULL) - strlcpy(serv, nvlist_get_string(nvl, "serv"), servlen + 1); - nvlist_destroy(nvl); - return (0); -} - -static void -limit_remove(nvlist_t *limits, const char *prefix) -{ - const char *name; - size_t prefixlen; - void *cookie; - - prefixlen = strlen(prefix); -again: - cookie = NULL; - while ((name = nvlist_next(limits, NULL, &cookie)) != NULL) { - if (strncmp(name, prefix, prefixlen) == 0) { - nvlist_free(limits, name); - goto again; - } - } -} - -int -cap_dns_type_limit(cap_channel_t *chan, const char * const *types, - size_t ntypes) -{ - nvlist_t *limits; - unsigned int i; - char nvlname[64]; - int n; - - if (cap_limit_get(chan, &limits) < 0) - return (-1); - if (limits == NULL) - limits = nvlist_create(0); - else - limit_remove(limits, "type"); - for (i = 0; i < ntypes; i++) { - n = snprintf(nvlname, sizeof(nvlname), "type%u", i); - assert(n > 0 && n < (int)sizeof(nvlname)); - nvlist_add_string(limits, nvlname, types[i]); - } - return (cap_limit_set(chan, limits)); -} - -int -cap_dns_family_limit(cap_channel_t *chan, const int *families, - size_t nfamilies) -{ - nvlist_t *limits; - unsigned int i; - char nvlname[64]; - int n; - - if (cap_limit_get(chan, &limits) < 0) - return (-1); - if (limits == NULL) - limits = nvlist_create(0); - else - limit_remove(limits, "family"); - for (i = 0; i < nfamilies; i++) { - n = snprintf(nvlname, sizeof(nvlname), "family%u", i); - assert(n > 0 && n < (int)sizeof(nvlname)); - nvlist_add_number(limits, nvlname, (uint64_t)families[i]); - } - return (cap_limit_set(chan, limits)); -} Property changes on: head/lib/libcapsicum/libcapsicum_dns.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_grp.c =================================================================== --- head/lib/libcapsicum/libcapsicum_grp.c (revision 296046) +++ head/lib/libcapsicum/libcapsicum_grp.c (nonexistent) @@ -1,438 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "libcapsicum.h" -#include "libcapsicum_grp.h" - -static struct group ggrp; -static char *gbuffer; -static size_t gbufsize; - -static int -group_resize(void) -{ - char *buf; - - if (gbufsize == 0) - gbufsize = 1024; - else - gbufsize *= 2; - - buf = gbuffer; - gbuffer = realloc(buf, gbufsize); - if (gbuffer == NULL) { - free(buf); - gbufsize = 0; - return (ENOMEM); - } - memset(gbuffer, 0, gbufsize); - - return (0); -} - -static int -group_unpack_string(const nvlist_t *nvl, const char *fieldname, char **fieldp, - char **bufferp, size_t *bufsizep) -{ - const char *str; - size_t len; - - str = nvlist_get_string(nvl, fieldname); - len = strlcpy(*bufferp, str, *bufsizep); - if (len >= *bufsizep) - return (ERANGE); - *fieldp = *bufferp; - *bufferp += len + 1; - *bufsizep -= len + 1; - - return (0); -} - -static int -group_unpack_members(const nvlist_t *nvl, char ***fieldp, char **bufferp, - size_t *bufsizep) -{ - const char *mem; - char **outstrs, *str, nvlname[64]; - size_t nmem, datasize, strsize; - unsigned int ii; - int n; - - if (!nvlist_exists_number(nvl, "gr_nmem")) { - datasize = _ALIGNBYTES + sizeof(char *); - if (datasize >= *bufsizep) - return (ERANGE); - outstrs = (char **)_ALIGN(*bufferp); - outstrs[0] = NULL; - *fieldp = outstrs; - *bufferp += datasize; - *bufsizep -= datasize; - return (0); - } - - nmem = (size_t)nvlist_get_number(nvl, "gr_nmem"); - datasize = _ALIGNBYTES + sizeof(char *) * (nmem + 1); - for (ii = 0; ii < nmem; ii++) { - n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii); - assert(n > 0 && n < (int)sizeof(nvlname)); - mem = dnvlist_get_string(nvl, nvlname, NULL); - if (mem == NULL) - return (EINVAL); - datasize += strlen(mem) + 1; - } - - if (datasize >= *bufsizep) - return (ERANGE); - - outstrs = (char **)_ALIGN(*bufferp); - str = (char *)outstrs + sizeof(char *) * (nmem + 1); - for (ii = 0; ii < nmem; ii++) { - n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii); - assert(n > 0 && n < (int)sizeof(nvlname)); - mem = nvlist_get_string(nvl, nvlname); - strsize = strlen(mem) + 1; - memcpy(str, mem, strsize); - outstrs[ii] = str; - str += strsize; - } - assert(ii == nmem); - outstrs[ii] = NULL; - - *fieldp = outstrs; - *bufferp += datasize; - *bufsizep -= datasize; - - return (0); -} - -static int -group_unpack(const nvlist_t *nvl, struct group *grp, char *buffer, - size_t bufsize) -{ - int error; - - if (!nvlist_exists_string(nvl, "gr_name")) - return (EINVAL); - - memset(grp, 0, sizeof(*grp)); - - error = group_unpack_string(nvl, "gr_name", &grp->gr_name, &buffer, - &bufsize); - if (error != 0) - return (error); - error = group_unpack_string(nvl, "gr_passwd", &grp->gr_passwd, &buffer, - &bufsize); - if (error != 0) - return (error); - grp->gr_gid = (gid_t)nvlist_get_number(nvl, "gr_gid"); - error = group_unpack_members(nvl, &grp->gr_mem, &buffer, &bufsize); - if (error != 0) - return (error); - - return (0); -} - -static int -cap_getgrcommon_r(cap_channel_t *chan, const char *cmd, const char *name, - gid_t gid, struct group *grp, char *buffer, size_t bufsize, - struct group **result) -{ - nvlist_t *nvl; - bool getgr_r; - int error; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", cmd); - if (strcmp(cmd, "getgrent") == 0 || strcmp(cmd, "getgrent_r") == 0) { - /* Add nothing. */ - } else if (strcmp(cmd, "getgrnam") == 0 || - strcmp(cmd, "getgrnam_r") == 0) { - nvlist_add_string(nvl, "name", name); - } else if (strcmp(cmd, "getgrgid") == 0 || - strcmp(cmd, "getgrgid_r") == 0) { - nvlist_add_number(nvl, "gid", (uint64_t)gid); - } else { - abort(); - } - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) { - assert(errno != 0); - *result = NULL; - return (errno); - } - error = (int)nvlist_get_number(nvl, "error"); - if (error != 0) { - nvlist_destroy(nvl); - *result = NULL; - return (error); - } - - if (!nvlist_exists_string(nvl, "gr_name")) { - /* Not found. */ - nvlist_destroy(nvl); - *result = NULL; - return (0); - } - - getgr_r = (strcmp(cmd, "getgrent_r") == 0 || - strcmp(cmd, "getgrnam_r") == 0 || strcmp(cmd, "getgrgid_r") == 0); - - for (;;) { - error = group_unpack(nvl, grp, buffer, bufsize); - if (getgr_r || error != ERANGE) - break; - assert(buffer == gbuffer); - assert(bufsize == gbufsize); - error = group_resize(); - if (error != 0) - break; - /* Update pointers after resize. */ - buffer = gbuffer; - bufsize = gbufsize; - } - - nvlist_destroy(nvl); - - if (error == 0) - *result = grp; - else - *result = NULL; - - return (error); -} - -static struct group * -cap_getgrcommon(cap_channel_t *chan, const char *cmd, const char *name, - gid_t gid) -{ - struct group *result; - int error, serrno; - - serrno = errno; - - error = cap_getgrcommon_r(chan, cmd, name, gid, &ggrp, gbuffer, - gbufsize, &result); - if (error != 0) { - errno = error; - return (NULL); - } - - errno = serrno; - - return (result); -} - -struct group * -cap_getgrent(cap_channel_t *chan) -{ - - return (cap_getgrcommon(chan, "getgrent", NULL, 0)); -} - -struct group * -cap_getgrnam(cap_channel_t *chan, const char *name) -{ - - return (cap_getgrcommon(chan, "getgrnam", name, 0)); -} - -struct group * -cap_getgrgid(cap_channel_t *chan, gid_t gid) -{ - - return (cap_getgrcommon(chan, "getgrgid", NULL, gid)); -} - -int -cap_getgrent_r(cap_channel_t *chan, struct group *grp, char *buffer, - size_t bufsize, struct group **result) -{ - - return (cap_getgrcommon_r(chan, "getgrent_r", NULL, 0, grp, buffer, - bufsize, result)); -} - -int -cap_getgrnam_r(cap_channel_t *chan, const char *name, struct group *grp, - char *buffer, size_t bufsize, struct group **result) -{ - - return (cap_getgrcommon_r(chan, "getgrnam_r", name, 0, grp, buffer, - bufsize, result)); -} - -int -cap_getgrgid_r(cap_channel_t *chan, gid_t gid, struct group *grp, char *buffer, - size_t bufsize, struct group **result) -{ - - return (cap_getgrcommon_r(chan, "getgrgid_r", NULL, gid, grp, buffer, - bufsize, result)); -} - -int -cap_setgroupent(cap_channel_t *chan, int stayopen) -{ - nvlist_t *nvl; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "setgroupent"); - nvlist_add_bool(nvl, "stayopen", stayopen != 0); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) - return (0); - if (nvlist_get_number(nvl, "error") != 0) { - errno = nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (0); - } - nvlist_destroy(nvl); - - return (1); -} - -int -cap_setgrent(cap_channel_t *chan) -{ - nvlist_t *nvl; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "setgrent"); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) - return (0); - if (nvlist_get_number(nvl, "error") != 0) { - errno = nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (0); - } - nvlist_destroy(nvl); - - return (1); -} - -void -cap_endgrent(cap_channel_t *chan) -{ - nvlist_t *nvl; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "endgrent"); - /* Ignore any errors, we have no way to report them. */ - nvlist_destroy(cap_xfer_nvlist(chan, nvl, 0)); -} - -int -cap_grp_limit_cmds(cap_channel_t *chan, const char * const *cmds, size_t ncmds) -{ - nvlist_t *limits, *nvl; - unsigned int i; - - if (cap_limit_get(chan, &limits) < 0) - return (-1); - if (limits == NULL) { - limits = nvlist_create(0); - } else { - if (nvlist_exists_nvlist(limits, "cmds")) - nvlist_free_nvlist(limits, "cmds"); - } - nvl = nvlist_create(0); - for (i = 0; i < ncmds; i++) - nvlist_add_null(nvl, cmds[i]); - nvlist_move_nvlist(limits, "cmds", nvl); - return (cap_limit_set(chan, limits)); -} - -int -cap_grp_limit_fields(cap_channel_t *chan, const char * const *fields, - size_t nfields) -{ - nvlist_t *limits, *nvl; - unsigned int i; - - if (cap_limit_get(chan, &limits) < 0) - return (-1); - if (limits == NULL) { - limits = nvlist_create(0); - } else { - if (nvlist_exists_nvlist(limits, "fields")) - nvlist_free_nvlist(limits, "fields"); - } - nvl = nvlist_create(0); - for (i = 0; i < nfields; i++) - nvlist_add_null(nvl, fields[i]); - nvlist_move_nvlist(limits, "fields", nvl); - return (cap_limit_set(chan, limits)); -} - -int -cap_grp_limit_groups(cap_channel_t *chan, const char * const *names, - size_t nnames, gid_t *gids, size_t ngids) -{ - nvlist_t *limits, *groups; - unsigned int i; - char nvlname[64]; - int n; - - if (cap_limit_get(chan, &limits) < 0) - return (-1); - if (limits == NULL) { - limits = nvlist_create(0); - } else { - if (nvlist_exists_nvlist(limits, "groups")) - nvlist_free_nvlist(limits, "groups"); - } - groups = nvlist_create(0); - for (i = 0; i < ngids; i++) { - n = snprintf(nvlname, sizeof(nvlname), "gid%u", i); - assert(n > 0 && n < (int)sizeof(nvlname)); - nvlist_add_number(groups, nvlname, (uint64_t)gids[i]); - } - for (i = 0; i < nnames; i++) { - n = snprintf(nvlname, sizeof(nvlname), "gid%u", i); - assert(n > 0 && n < (int)sizeof(nvlname)); - nvlist_add_string(groups, nvlname, names[i]); - } - nvlist_move_nvlist(limits, "groups", groups); - return (cap_limit_set(chan, limits)); -} Property changes on: head/lib/libcapsicum/libcapsicum_grp.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum.c =================================================================== --- head/lib/libcapsicum/libcapsicum.c (revision 296046) +++ head/lib/libcapsicum/libcapsicum.c (nonexistent) @@ -1,266 +0,0 @@ -/*- - * Copyright (c) 2012-2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "libcapsicum.h" -#include "libcapsicum_impl.h" - -/* - * Structure describing communication channel between two separated processes. - */ -#define CAP_CHANNEL_MAGIC 0xcac8a31 -struct cap_channel { - /* - * Magic value helps to ensure that a pointer to the right structure is - * passed to our functions. - */ - int cch_magic; - /* Socket descriptor for IPC. */ - int cch_sock; -}; - -bool -fd_is_valid(int fd) -{ - - return (fcntl(fd, F_GETFL) != -1 || errno != EBADF); -} - -cap_channel_t * -cap_init(void) -{ - cap_channel_t *chan; - struct sockaddr_un sun; - int serrno, sock; - - bzero(&sun, sizeof(sun)); - sun.sun_family = AF_UNIX; - strlcpy(sun.sun_path, CASPER_SOCKPATH, sizeof(sun.sun_path)); - sun.sun_len = SUN_LEN(&sun); - - sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock == -1) - return (NULL); - if (connect(sock, (struct sockaddr *)&sun, sizeof(sun)) < 0) { - serrno = errno; - close(sock); - errno = serrno; - return (NULL); - } - chan = cap_wrap(sock); - if (chan == NULL) { - serrno = errno; - close(sock); - errno = serrno; - return (NULL); - } - return (chan); -} - -cap_channel_t * -cap_wrap(int sock) -{ - cap_channel_t *chan; - - if (!fd_is_valid(sock)) - return (NULL); - - chan = malloc(sizeof(*chan)); - if (chan != NULL) { - chan->cch_sock = sock; - chan->cch_magic = CAP_CHANNEL_MAGIC; - } - - return (chan); -} - -int -cap_unwrap(cap_channel_t *chan) -{ - int sock; - - assert(chan != NULL); - assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - - sock = chan->cch_sock; - chan->cch_magic = 0; - free(chan); - - return (sock); -} - -cap_channel_t * -cap_clone(const cap_channel_t *chan) -{ - cap_channel_t *newchan; - nvlist_t *nvl; - int newsock; - - assert(chan != NULL); - assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "clone"); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) - return (NULL); - if (nvlist_get_number(nvl, "error") != 0) { - errno = (int)nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (NULL); - } - newsock = nvlist_take_descriptor(nvl, "sock"); - nvlist_destroy(nvl); - newchan = cap_wrap(newsock); - if (newchan == NULL) { - int serrno; - - serrno = errno; - close(newsock); - errno = serrno; - } - - return (newchan); -} - -void -cap_close(cap_channel_t *chan) -{ - - assert(chan != NULL); - assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - - chan->cch_magic = 0; - close(chan->cch_sock); - free(chan); -} - -int -cap_sock(const cap_channel_t *chan) -{ - - assert(chan != NULL); - assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - - return (chan->cch_sock); -} - -int -cap_limit_set(const cap_channel_t *chan, nvlist_t *limits) -{ - nvlist_t *nvlmsg; - int error; - - nvlmsg = nvlist_create(0); - nvlist_add_string(nvlmsg, "cmd", "limit_set"); - nvlist_add_nvlist(nvlmsg, "limits", limits); - nvlmsg = cap_xfer_nvlist(chan, nvlmsg, 0); - if (nvlmsg == NULL) { - nvlist_destroy(limits); - return (-1); - } - error = (int)nvlist_get_number(nvlmsg, "error"); - nvlist_destroy(nvlmsg); - nvlist_destroy(limits); - if (error != 0) { - errno = error; - return (-1); - } - return (0); -} - -int -cap_limit_get(const cap_channel_t *chan, nvlist_t **limitsp) -{ - nvlist_t *nvlmsg; - int error; - - nvlmsg = nvlist_create(0); - nvlist_add_string(nvlmsg, "cmd", "limit_get"); - nvlmsg = cap_xfer_nvlist(chan, nvlmsg, 0); - if (nvlmsg == NULL) - return (-1); - error = (int)nvlist_get_number(nvlmsg, "error"); - if (error != 0) { - nvlist_destroy(nvlmsg); - errno = error; - return (-1); - } - if (nvlist_exists_null(nvlmsg, "limits")) - *limitsp = NULL; - else - *limitsp = nvlist_take_nvlist(nvlmsg, "limits"); - nvlist_destroy(nvlmsg); - return (0); -} - -int -cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl) -{ - - assert(chan != NULL); - assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - - return (nvlist_send(chan->cch_sock, nvl)); -} - -nvlist_t * -cap_recv_nvlist(const cap_channel_t *chan, int flags) -{ - - assert(chan != NULL); - assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - - return (nvlist_recv(chan->cch_sock, flags)); -} - -nvlist_t * -cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl, int flags) -{ - - assert(chan != NULL); - assert(chan->cch_magic == CAP_CHANNEL_MAGIC); - - return (nvlist_xfer(chan->cch_sock, nvl, flags)); -} Property changes on: head/lib/libcapsicum/libcapsicum.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/Makefile.depend =================================================================== --- head/lib/libcapsicum/Makefile.depend (revision 296046) +++ head/lib/libcapsicum/Makefile.depend (nonexistent) @@ -1,19 +0,0 @@ -# $FreeBSD$ -# Autogenerated - do NOT edit! - -DIRDEPS = \ - gnu/lib/csu \ - gnu/lib/libgcc \ - include \ - include/xlocale \ - lib/${CSU_DIR} \ - lib/libc \ - lib/libcompiler_rt \ - lib/libnv \ - - -.include - -.if ${DEP_RELDIR} == ${_DEP_RELDIR} -# local dependencies - needed for -jN in clean tree -.endif Property changes on: head/lib/libcapsicum/Makefile.depend ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_dns.h =================================================================== --- head/lib/libcapsicum/libcapsicum_dns.h (revision 296046) +++ head/lib/libcapsicum/libcapsicum_dns.h (nonexistent) @@ -1,57 +0,0 @@ -/*- - * Copyright (c) 2012 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCAPSICUM_DNS_H_ -#define _LIBCAPSICUM_DNS_H_ - -#include /* socklen_t */ - -struct addrinfo; -struct hostent; - -struct hostent *cap_gethostbyname(cap_channel_t *chan, const char *name); -struct hostent *cap_gethostbyname2(cap_channel_t *chan, const char *name, - int type); -struct hostent *cap_gethostbyaddr(cap_channel_t *chan, const void *addr, - socklen_t len, int type); - -int cap_getaddrinfo(cap_channel_t *chan, const char *hostname, - const char *servname, const struct addrinfo *hints, struct addrinfo **res); -int cap_getnameinfo(cap_channel_t *chan, const struct sockaddr *sa, - socklen_t salen, char *host, size_t hostlen, char *serv, size_t servlen, - int flags); - -int cap_dns_type_limit(cap_channel_t *chan, const char * const *types, - size_t ntypes); -int cap_dns_family_limit(cap_channel_t *chan, const int *families, - size_t nfamilies); - -#endif /* !_LIBCAPSICUM_DNS_H_ */ Property changes on: head/lib/libcapsicum/libcapsicum_dns.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_pwd.c =================================================================== --- head/lib/libcapsicum/libcapsicum_pwd.c (revision 296046) +++ head/lib/libcapsicum/libcapsicum_pwd.c (nonexistent) @@ -1,391 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "libcapsicum.h" -#include "libcapsicum_pwd.h" - -static struct passwd gpwd; -static char *gbuffer; -static size_t gbufsize; - -static int -passwd_resize(void) -{ - char *buf; - - if (gbufsize == 0) - gbufsize = 1024; - else - gbufsize *= 2; - - buf = gbuffer; - gbuffer = realloc(buf, gbufsize); - if (gbuffer == NULL) { - free(buf); - gbufsize = 0; - return (ENOMEM); - } - memset(gbuffer, 0, gbufsize); - - return (0); -} - -static int -passwd_unpack_string(const nvlist_t *nvl, const char *fieldname, char **fieldp, - char **bufferp, size_t *bufsizep) -{ - const char *str; - size_t len; - - str = nvlist_get_string(nvl, fieldname); - len = strlcpy(*bufferp, str, *bufsizep); - if (len >= *bufsizep) - return (ERANGE); - *fieldp = *bufferp; - *bufferp += len + 1; - *bufsizep -= len + 1; - - return (0); -} - -static int -passwd_unpack(const nvlist_t *nvl, struct passwd *pwd, char *buffer, - size_t bufsize) -{ - int error; - - if (!nvlist_exists_string(nvl, "pw_name")) - return (EINVAL); - - memset(pwd, 0, sizeof(*pwd)); - - error = passwd_unpack_string(nvl, "pw_name", &pwd->pw_name, &buffer, - &bufsize); - if (error != 0) - return (error); - pwd->pw_uid = (uid_t)nvlist_get_number(nvl, "pw_uid"); - pwd->pw_gid = (gid_t)nvlist_get_number(nvl, "pw_gid"); - pwd->pw_change = (time_t)nvlist_get_number(nvl, "pw_change"); - error = passwd_unpack_string(nvl, "pw_passwd", &pwd->pw_passwd, &buffer, - &bufsize); - if (error != 0) - return (error); - error = passwd_unpack_string(nvl, "pw_class", &pwd->pw_class, &buffer, - &bufsize); - if (error != 0) - return (error); - error = passwd_unpack_string(nvl, "pw_gecos", &pwd->pw_gecos, &buffer, - &bufsize); - if (error != 0) - return (error); - error = passwd_unpack_string(nvl, "pw_dir", &pwd->pw_dir, &buffer, - &bufsize); - if (error != 0) - return (error); - error = passwd_unpack_string(nvl, "pw_shell", &pwd->pw_shell, &buffer, - &bufsize); - if (error != 0) - return (error); - pwd->pw_expire = (time_t)nvlist_get_number(nvl, "pw_expire"); - pwd->pw_fields = (int)nvlist_get_number(nvl, "pw_fields"); - - return (0); -} - -static int -cap_getpwcommon_r(cap_channel_t *chan, const char *cmd, const char *login, - uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize, - struct passwd **result) -{ - nvlist_t *nvl; - bool getpw_r; - int error; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", cmd); - if (strcmp(cmd, "getpwent") == 0 || strcmp(cmd, "getpwent_r") == 0) { - /* Add nothing. */ - } else if (strcmp(cmd, "getpwnam") == 0 || - strcmp(cmd, "getpwnam_r") == 0) { - nvlist_add_string(nvl, "name", login); - } else if (strcmp(cmd, "getpwuid") == 0 || - strcmp(cmd, "getpwuid_r") == 0) { - nvlist_add_number(nvl, "uid", (uint64_t)uid); - } else { - abort(); - } - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) { - assert(errno != 0); - *result = NULL; - return (errno); - } - error = (int)nvlist_get_number(nvl, "error"); - if (error != 0) { - nvlist_destroy(nvl); - *result = NULL; - return (error); - } - - if (!nvlist_exists_string(nvl, "pw_name")) { - /* Not found. */ - nvlist_destroy(nvl); - *result = NULL; - return (0); - } - - getpw_r = (strcmp(cmd, "getpwent_r") == 0 || - strcmp(cmd, "getpwnam_r") == 0 || strcmp(cmd, "getpwuid_r") == 0); - - for (;;) { - error = passwd_unpack(nvl, pwd, buffer, bufsize); - if (getpw_r || error != ERANGE) - break; - assert(buffer == gbuffer); - assert(bufsize == gbufsize); - error = passwd_resize(); - if (error != 0) - break; - /* Update pointers after resize. */ - buffer = gbuffer; - bufsize = gbufsize; - } - - nvlist_destroy(nvl); - - if (error == 0) - *result = pwd; - else - *result = NULL; - - return (error); -} - -static struct passwd * -cap_getpwcommon(cap_channel_t *chan, const char *cmd, const char *login, - uid_t uid) -{ - struct passwd *result; - int error, serrno; - - serrno = errno; - - error = cap_getpwcommon_r(chan, cmd, login, uid, &gpwd, gbuffer, - gbufsize, &result); - if (error != 0) { - errno = error; - return (NULL); - } - - errno = serrno; - - return (result); -} - -struct passwd * -cap_getpwent(cap_channel_t *chan) -{ - - return (cap_getpwcommon(chan, "getpwent", NULL, 0)); -} - -struct passwd * -cap_getpwnam(cap_channel_t *chan, const char *login) -{ - - return (cap_getpwcommon(chan, "getpwnam", login, 0)); -} - -struct passwd * -cap_getpwuid(cap_channel_t *chan, uid_t uid) -{ - - return (cap_getpwcommon(chan, "getpwuid", NULL, uid)); -} - -int -cap_getpwent_r(cap_channel_t *chan, struct passwd *pwd, char *buffer, - size_t bufsize, struct passwd **result) -{ - - return (cap_getpwcommon_r(chan, "getpwent_r", NULL, 0, pwd, buffer, - bufsize, result)); -} - -int -cap_getpwnam_r(cap_channel_t *chan, const char *name, struct passwd *pwd, - char *buffer, size_t bufsize, struct passwd **result) -{ - - return (cap_getpwcommon_r(chan, "getpwnam_r", name, 0, pwd, buffer, - bufsize, result)); -} - -int -cap_getpwuid_r(cap_channel_t *chan, uid_t uid, struct passwd *pwd, char *buffer, - size_t bufsize, struct passwd **result) -{ - - return (cap_getpwcommon_r(chan, "getpwuid_r", NULL, uid, pwd, buffer, - bufsize, result)); -} - -int -cap_setpassent(cap_channel_t *chan, int stayopen) -{ - nvlist_t *nvl; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "setpassent"); - nvlist_add_bool(nvl, "stayopen", stayopen != 0); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) - return (0); - if (nvlist_get_number(nvl, "error") != 0) { - errno = nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (0); - } - nvlist_destroy(nvl); - - return (1); -} - -static void -cap_set_end_pwent(cap_channel_t *chan, const char *cmd) -{ - nvlist_t *nvl; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", cmd); - /* Ignore any errors, we have no way to report them. */ - nvlist_destroy(cap_xfer_nvlist(chan, nvl, 0)); -} - -void -cap_setpwent(cap_channel_t *chan) -{ - - cap_set_end_pwent(chan, "setpwent"); -} - -void -cap_endpwent(cap_channel_t *chan) -{ - - cap_set_end_pwent(chan, "endpwent"); -} - -int -cap_pwd_limit_cmds(cap_channel_t *chan, const char * const *cmds, size_t ncmds) -{ - nvlist_t *limits, *nvl; - unsigned int i; - - if (cap_limit_get(chan, &limits) < 0) - return (-1); - if (limits == NULL) { - limits = nvlist_create(0); - } else { - if (nvlist_exists_nvlist(limits, "cmds")) - nvlist_free_nvlist(limits, "cmds"); - } - nvl = nvlist_create(0); - for (i = 0; i < ncmds; i++) - nvlist_add_null(nvl, cmds[i]); - nvlist_move_nvlist(limits, "cmds", nvl); - return (cap_limit_set(chan, limits)); -} - -int -cap_pwd_limit_fields(cap_channel_t *chan, const char * const *fields, - size_t nfields) -{ - nvlist_t *limits, *nvl; - unsigned int i; - - if (cap_limit_get(chan, &limits) < 0) - return (-1); - if (limits == NULL) { - limits = nvlist_create(0); - } else { - if (nvlist_exists_nvlist(limits, "fields")) - nvlist_free_nvlist(limits, "fields"); - } - nvl = nvlist_create(0); - for (i = 0; i < nfields; i++) - nvlist_add_null(nvl, fields[i]); - nvlist_move_nvlist(limits, "fields", nvl); - return (cap_limit_set(chan, limits)); -} - -int -cap_pwd_limit_users(cap_channel_t *chan, const char * const *names, - size_t nnames, uid_t *uids, size_t nuids) -{ - nvlist_t *limits, *users; - char nvlname[64]; - unsigned int i; - int n; - - if (cap_limit_get(chan, &limits) < 0) - return (-1); - if (limits == NULL) { - limits = nvlist_create(0); - } else { - if (nvlist_exists_nvlist(limits, "users")) - nvlist_free_nvlist(limits, "users"); - } - users = nvlist_create(0); - for (i = 0; i < nuids; i++) { - n = snprintf(nvlname, sizeof(nvlname), "uid%u", i); - assert(n > 0 && n < (int)sizeof(nvlname)); - nvlist_add_number(users, nvlname, (uint64_t)uids[i]); - } - for (i = 0; i < nnames; i++) { - n = snprintf(nvlname, sizeof(nvlname), "name%u", i); - assert(n > 0 && n < (int)sizeof(nvlname)); - nvlist_add_string(users, nvlname, names[i]); - } - nvlist_move_nvlist(limits, "users", users); - return (cap_limit_set(chan, limits)); -} Property changes on: head/lib/libcapsicum/libcapsicum_pwd.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_grp.h =================================================================== --- head/lib/libcapsicum/libcapsicum_grp.h (revision 296046) +++ head/lib/libcapsicum/libcapsicum_grp.h (nonexistent) @@ -1,57 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCAPSICUM_GRP_H_ -#define _LIBCAPSICUM_GRP_H_ - -struct group *cap_getgrent(cap_channel_t *chan); -struct group *cap_getgrnam(cap_channel_t *chan, const char *name); -struct group *cap_getgrgid(cap_channel_t *chan, gid_t gid); - -int cap_getgrent_r(cap_channel_t *chan, struct group *grp, char *buffer, - size_t bufsize, struct group **result); -int cap_getgrnam_r(cap_channel_t *chan, const char *name, struct group *grp, - char *buffer, size_t bufsize, struct group **result); -int cap_getgrgid_r(cap_channel_t *chan, gid_t gid, struct group *grp, - char *buffer, size_t bufsize, struct group **result); - -int cap_setgroupent(cap_channel_t *chan, int stayopen); -int cap_setgrent(cap_channel_t *chan); -void cap_endgrent(cap_channel_t *chan); - -int cap_grp_limit_cmds(cap_channel_t *chan, const char * const *cmds, - size_t ncmds); -int cap_grp_limit_fields(cap_channel_t *chan, const char * const *fields, - size_t nfields); -int cap_grp_limit_groups(cap_channel_t *chan, const char * const *names, - size_t nnames, gid_t *gids, size_t ngids); - -#endif /* !_LIBCAPSICUM_GRP_H_ */ Property changes on: head/lib/libcapsicum/libcapsicum_grp.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum.h =================================================================== --- head/lib/libcapsicum/libcapsicum.h (revision 296046) +++ head/lib/libcapsicum/libcapsicum.h (nonexistent) @@ -1,115 +0,0 @@ -/*- - * Copyright (c) 2012-2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCAPSICUM_H_ -#define _LIBCAPSICUM_H_ - -#ifndef _NVLIST_T_DECLARED -#define _NVLIST_T_DECLARED -struct nvlist; - -typedef struct nvlist nvlist_t; -#endif - -#ifndef _CAP_CHANNEL_T_DECLARED -#define _CAP_CHANNEL_T_DECLARED -struct cap_channel; - -typedef struct cap_channel cap_channel_t; -#endif - -/* - * The function opens unrestricted communication channel to Casper. - */ -cap_channel_t *cap_init(void); - -/* - * The function creates cap_channel_t based on the given socket. - */ -cap_channel_t *cap_wrap(int sock); - -/* - * The function returns communication socket and frees cap_channel_t. - */ -int cap_unwrap(cap_channel_t *chan); - -/* - * The function clones the given capability. - */ -cap_channel_t *cap_clone(const cap_channel_t *chan); - -/* - * The function closes the given capability. - */ -void cap_close(cap_channel_t *chan); - -/* - * The function returns socket descriptor associated with the given - * cap_channel_t for use with select(2)/kqueue(2)/etc. - */ -int cap_sock(const cap_channel_t *chan); - -/* - * The function limits the given capability. - * It always destroys 'limits' on return. - */ -int cap_limit_set(const cap_channel_t *chan, nvlist_t *limits); - -/* - * The function returns current limits of the given capability. - */ -int cap_limit_get(const cap_channel_t *chan, nvlist_t **limitsp); - -#ifdef TODO -/* - * The function registers a service within provided Casper's capability. - * It will run with the same privileges the process has at the time of - * calling this function. - */ -int cap_service_register(cap_channel_t *chan, const char *name, - cap_func_t *func); -#endif - -/* - * Function sends nvlist over the given capability. - */ -int cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl); -/* - * Function receives nvlist over the given capability. - */ -nvlist_t *cap_recv_nvlist(const cap_channel_t *chan, int flags); -/* - * Function sends the given nvlist, destroys it and receives new nvlist in - * response over the given capability. - */ -nvlist_t *cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl, int flags); - -#endif /* !_LIBCAPSICUM_H_ */ Property changes on: head/lib/libcapsicum/libcapsicum.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_pwd.h =================================================================== --- head/lib/libcapsicum/libcapsicum_pwd.h (revision 296046) +++ head/lib/libcapsicum/libcapsicum_pwd.h (nonexistent) @@ -1,57 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCAPSICUM_PWD_H_ -#define _LIBCAPSICUM_PWD_H_ - -struct passwd *cap_getpwent(cap_channel_t *chan); -struct passwd *cap_getpwnam(cap_channel_t *chan, const char *login); -struct passwd *cap_getpwuid(cap_channel_t *chan, uid_t uid); - -int cap_getpwent_r(cap_channel_t *chan, struct passwd *pwd, char *buffer, - size_t bufsize, struct passwd **result); -int cap_getpwnam_r(cap_channel_t *chan, const char *name, struct passwd *pwd, - char *buffer, size_t bufsize, struct passwd **result); -int cap_getpwuid_r(cap_channel_t *chan, uid_t uid, struct passwd *pwd, - char *buffer, size_t bufsize, struct passwd **result); - -int cap_setpassent(cap_channel_t *chan, int stayopen); -void cap_setpwent(cap_channel_t *chan); -void cap_endpwent(cap_channel_t *chan); - -int cap_pwd_limit_cmds(cap_channel_t *chan, const char * const *cmds, - size_t ncmds); -int cap_pwd_limit_fields(cap_channel_t *chan, const char * const *fields, - size_t nfields); -int cap_pwd_limit_users(cap_channel_t *chan, const char * const *names, - size_t nnames, uid_t *uids, size_t nuids); - -#endif /* !_LIBCAPSICUM_PWD_H_ */ Property changes on: head/lib/libcapsicum/libcapsicum_pwd.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_service.c =================================================================== --- head/lib/libcapsicum/libcapsicum_service.c (revision 296046) +++ head/lib/libcapsicum/libcapsicum_service.c (nonexistent) @@ -1,97 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include -#include - -#include "msgio.h" - -#include "libcapsicum.h" -#include "libcapsicum_impl.h" -#include "libcapsicum_service.h" - -cap_channel_t * -cap_service_open(const cap_channel_t *chan, const char *name) -{ - cap_channel_t *newchan; - nvlist_t *nvl; - int sock, error; - - sock = -1; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "open"); - nvlist_add_string(nvl, "service", name); - if (fd_is_valid(STDERR_FILENO)) - nvlist_add_descriptor(nvl, "stderrfd", STDERR_FILENO); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) - return (NULL); - error = (int)nvlist_get_number(nvl, "error"); - if (error != 0) { - nvlist_destroy(nvl); - errno = error; - return (NULL); - } - sock = nvlist_take_descriptor(nvl, "chanfd"); - assert(sock >= 0); - nvlist_destroy(nvl); - nvl = NULL; - if (cred_send(sock) == -1) - goto fail; - newchan = cap_wrap(sock); - if (newchan == NULL) - goto fail; - return (newchan); -fail: - error = errno; - close(sock); - errno = error; - return (NULL); -} - -int -cap_service_limit(const cap_channel_t *chan, const char * const *names, - size_t nnames) -{ - nvlist_t *limits; - unsigned int i; - - limits = nvlist_create(0); - for (i = 0; i < nnames; i++) - nvlist_add_null(limits, names[i]); - return (cap_limit_set(chan, limits)); -} Property changes on: head/lib/libcapsicum/libcapsicum_service.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/Makefile =================================================================== --- head/lib/libcapsicum/Makefile (revision 296046) +++ head/lib/libcapsicum/Makefile (nonexistent) @@ -1,46 +0,0 @@ -# $FreeBSD$ - -LIB= capsicum - -SHLIB_MAJOR= 0 -SHLIBDIR?= /lib - -SRCS= libcapsicum.c -SRCS+= libcapsicum_dns.c -SRCS+= libcapsicum_grp.c -SRCS+= libcapsicum_pwd.c -SRCS+= libcapsicum_random.c -SRCS+= libcapsicum_service.c -SRCS+= libcapsicum_sysctl.c - -INCS= libcapsicum.h -INCS+= libcapsicum_dns.h -INCS+= libcapsicum_grp.h -INCS+= libcapsicum_pwd.h -INCS+= libcapsicum_random.h -INCS+= libcapsicum_service.h -INCS+= libcapsicum_sysctl.h - -LIBADD= nv - -CFLAGS+=-I${.CURDIR} -CFLAGS+=-I${.CURDIR}/../libnv - -WARNS?= 6 - -MAN+= libcapsicum.3 - -MLINKS+=libcapsicum.3 cap_init.3 -MLINKS+=libcapsicum.3 cap_wrap.3 -MLINKS+=libcapsicum.3 cap_unwrap.3 -MLINKS+=libcapsicum.3 cap_sock.3 -MLINKS+=libcapsicum.3 cap_clone.3 -MLINKS+=libcapsicum.3 cap_close.3 -MLINKS+=libcapsicum.3 cap_limit_get.3 -MLINKS+=libcapsicum.3 cap_limit_set.3 -MLINKS+=libcapsicum.3 cap_send_nvlist.3 -MLINKS+=libcapsicum.3 cap_recv_nvlist.3 -MLINKS+=libcapsicum.3 cap_xfer_nvlist.3 -MLINKS+=libcapsicum.3 cap_service_open.3 - -.include Property changes on: head/lib/libcapsicum/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_service.h =================================================================== --- head/lib/libcapsicum/libcapsicum_service.h (revision 296046) +++ head/lib/libcapsicum/libcapsicum_service.h (nonexistent) @@ -1,40 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCAPSICUM_SERVICE_H_ -#define _LIBCAPSICUM_SERVICE_H_ - -cap_channel_t *cap_service_open(const cap_channel_t *chan, const char *name); - -int cap_service_limit(const cap_channel_t *chan, const char * const *names, - size_t nnames); - -#endif /* !_LIBCAPSICUM_SERVICE_H_ */ Property changes on: head/lib/libcapsicum/libcapsicum_service.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_random.h =================================================================== --- head/lib/libcapsicum/libcapsicum_random.h (revision 296046) +++ head/lib/libcapsicum/libcapsicum_random.h (nonexistent) @@ -1,37 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCAPSICUM_RANDOM_H_ -#define _LIBCAPSICUM_RANDOM_H_ - -int cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes); - -#endif /* !_LIBCAPSICUM_RANDOM_H_ */ Property changes on: head/lib/libcapsicum/libcapsicum_random.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcapsicum/libcapsicum_random.c =================================================================== --- head/lib/libcapsicum/libcapsicum_random.c (revision 296046) +++ head/lib/libcapsicum/libcapsicum_random.c (nonexistent) @@ -1,80 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include - -#include "libcapsicum.h" -#include "libcapsicum_random.h" - -#define MAXSIZE (1024 * 1024) - -int -cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes) -{ - nvlist_t *nvl; - const void *randbuf; - uint8_t *ptr; - size_t left, randbufsize; - - left = nbytes; - ptr = buf; - - while (left > 0) { - nvl = nvlist_create(0); - nvlist_add_string(nvl, "cmd", "generate"); - nvlist_add_number(nvl, "size", - (uint64_t)(left > MAXSIZE ? MAXSIZE : left)); - nvl = cap_xfer_nvlist(chan, nvl, 0); - if (nvl == NULL) - return (-1); - if (nvlist_get_number(nvl, "error") != 0) { - errno = (int)nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - return (-1); - } - - randbuf = nvlist_get_binary(nvl, "data", &randbufsize); - memcpy(ptr, randbuf, randbufsize); - - nvlist_destroy(nvl); - - ptr += randbufsize; - assert(left >= randbufsize); - left -= randbufsize; - } - - return (0); -} Property changes on: head/lib/libcapsicum/libcapsicum_random.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/Makefile =================================================================== --- head/lib/Makefile (revision 296046) +++ head/lib/Makefile (revision 296047) @@ -1,318 +1,315 @@ # @(#)Makefile 8.1 (Berkeley) 6/4/93 # $FreeBSD$ .include # The SUBDIR_ORDERED list is a small set of libraries which are used by many # of the other libraries. These are built first with a .WAIT between them # and the main list to avoid needing a SUBDIR_DEPEND line on every library # naming just these few items. SUBDIR_ORDERED= csu \ .WAIT \ libc \ libc_nonshared \ libcompiler_rt \ ${_libclang_rt} \ ${_libcplusplus} \ ${_libcxxrt} \ libelf \ msun # The main list; please keep these sorted alphabetically. SUBDIR= ${SUBDIR_ORDERED} \ .WAIT \ libalias \ libarchive \ ${_libatm} \ libauditd \ libbegemot \ libblocksruntime \ ${_libbluetooth} \ ${_libbsnmp} \ libbsdstat \ libbsm \ libbz2 \ libcalendar \ libcam \ - ${_libcapsicum} \ ${_libcasper} \ ${_libcom_err} \ libcompat \ libcrypt \ libdevctl \ libdevinfo \ libdevstat \ libdpv \ libdwarf \ libedit \ ${_libelftc} \ libevent \ libexecinfo \ libexpat \ libfetch \ libfigpar \ libgeom \ ${_libgpio} \ ${_libgssapi} \ ${_librpcsec_gss} \ ${_libiconv_modules} \ libipsec \ libjail \ libkiconv \ libkvm \ ${_libldns} \ liblzma \ ${_libmagic} \ libmemstat \ libmd \ ${_libmilter} \ ${_libmp} \ libmt \ ${_libnandfs} \ lib80211 \ libnetbsd \ ${_libnetgraph} \ ${_libngatm} \ libnv \ libopenbsd \ libopie \ libpam \ libpcap \ ${_libpe} \ libpjdlog \ ${_libpmc} \ ${_libproc} \ libprocstat \ ${_libradius} \ librpcsvc \ librt \ ${_librtld_db} \ libsbuf \ ${_libsdp} \ ${_libsm} \ libsmb \ ${_libsmdb} \ ${_libsmutil} \ libsqlite3 \ libstand \ libstdbuf \ libstdthreads \ libsysdecode \ libtacplus \ ${_libtelnet} \ ${_libthr} \ libthread_db \ libucl \ libufs \ libugidfw \ libulog \ ${_libunbound} \ ${_libusbhid} \ ${_libusb} \ libutil \ ${_libvgl} \ ${_libvmmapi} \ libwrap \ libxo \ liby \ ${_libypclnt} \ libz \ ncurses \ ${_atf} \ ${_clang} \ ${_cuse} \ ${_tests} # Inter-library dependencies. When the makefile for a library contains LDADD # libraries, those libraries should be listed as build order dependencies here. SUBDIR_DEPEND_libarchive= libz libbz2 libexpat liblzma libmd SUBDIR_DEPEND_libatm= libmd SUBDIR_DEPEND_libauditdm= libbsm SUBDIR_DEPEND_libbsnmp= ${_libnetgraph} SUBDIR_DEPEND_libc++:= libcxxrt SUBDIR_DEPEND_libc= libcompiler_rt SUBDIR_DEPEND_libcam= libsbuf -SUBDIR_DEPEND_libcapsicum= libnv -SUBDIR_DEPEND_libcasper= libcapsicum libnv libpjdlog +SUBDIR_DEPEND_libcasper= libnv SUBDIR_DEPEND_libdevstat= libkvm SUBDIR_DEPEND_libdpv= libfigpar ncurses libutil SUBDIR_DEPEND_libedit= ncurses SUBDIR_DEPEND_libgeom= libexpat libsbuf SUBDIR_DEPEND_liblibrpcsec_gss= libgssapi SUBDIR_DEPEND_libmagic= libz SUBDIR_DEPEND_libmemstat= libkvm SUBDIR_DEPEND_libopie= libmd SUBDIR_DEPEND_libpam= libcrypt libopie ${_libradius} librpcsvc libtacplus libutil ${_libypclnt} ${_libcom_err} SUBDIR_DEPEND_libpjdlog= libutil SUBDIR_DEPEND_libprocstat= libkvm libutil SUBDIR_DEPEND_libradius= libmd SUBDIR_DEPEND_libsmb= libkiconv SUBDIR_DEPEND_libtacplus= libmd SUBDIR_DEPEND_libulog= libmd SUBDIR_DEPEND_libunbound= ${_libldns} SUBDIR_DEPEND_liblzma= ${_libthr} # NB: keep these sorted by MK_* knobs .if ${MK_ATM} != "no" _libngatm= libngatm .endif .if ${MK_BLUETOOTH} != "no" _libbluetooth= libbluetooth _libsdp= libsdp .endif .if ${MK_BSNMP} != "no" _libbsnmp= libbsnmp .endif .if ${MK_CASPER} != "no" -_libcapsicum= libcapsicum _libcasper= libcasper .endif .if ${MK_CLANG} != "no" && !defined(COMPAT_32BIT) _clang= clang .endif .if ${MK_CUSE} != "no" _cuse= libcuse .endif .if ${MK_TOOLCHAIN} != "no" _libelftc= libelftc _libpe= libpe .endif .if ${MK_FILE} != "no" _libmagic= libmagic .endif .if ${MK_GPIO} != "no" _libgpio= libgpio .endif .if ${MK_GSSAPI} != "no" _libgssapi= libgssapi _librpcsec_gss= librpcsec_gss .endif .if ${MK_ICONV} != "no" _libiconv_modules= libiconv_modules .endif .if ${MK_KERBEROS_SUPPORT} != "no" _libcom_err= libcom_err .endif .if ${MK_LDNS} != "no" _libldns= libldns .endif # The libraries under libclang_rt can only be built by clang, and only make # sense to build when clang is enabled at all. Furthermore, they can only be # built for certain architectures. .if ${MK_CLANG} != "no" && ${COMPILER_TYPE} == "clang" && \ (${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "amd64" || \ (${MACHINE_CPUARCH} == "arm" && ${MACHINE_ARCH} != "armeb") || \ (${MACHINE_CPUARCH} == "i386")) _libclang_rt= libclang_rt .endif .if ${MK_LIBCPLUSPLUS} != "no" _libcxxrt= libcxxrt _libcplusplus= libc++ .endif .if ${MK_LIBTHR} != "no" _libthr= libthr .endif .if ${MK_NAND} != "no" _libnandfs= libnandfs .endif .if ${MK_NETGRAPH} != "no" _libnetgraph= libnetgraph .endif .if ${MK_NIS} != "no" _libypclnt= libypclnt .endif .if ${MACHINE_CPUARCH} == "i386" || ${MACHINE_CPUARCH} == "amd64" _libvgl= libvgl _libproc= libproc _librtld_db= librtld_db .endif .if ${MACHINE_CPUARCH} == "amd64" .if ${MK_BHYVE} != "no" _libvmmapi= libvmmapi .endif .endif .if ${MACHINE_CPUARCH} == "mips" _libproc= libproc _librtld_db= librtld_db .endif .if ${MACHINE_CPUARCH} == "powerpc" _libproc= libproc _librtld_db= librtld_db .endif .if ${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "arm" || \ ${MACHINE_CPUARCH} == "riscv" _libproc= libproc _librtld_db= librtld_db .endif .if ${MK_OPENSSL} != "no" _libmp= libmp .endif .if ${MK_PMC} != "no" _libpmc= libpmc .endif .if ${MK_RADIUS_SUPPORT} != "no" _libradius= libradius .endif .if ${MK_SENDMAIL} != "no" _libmilter= libmilter _libsm= libsm _libsmdb= libsmdb _libsmutil= libsmutil .endif .if ${MK_TELNET} != "no" _libtelnet= libtelnet .endif .if ${MK_TESTS_SUPPORT} != "no" _atf= atf .endif .if ${MK_TESTS} != "no" _tests= tests .endif .if ${MK_UNBOUND} != "no" _libunbound= libunbound .endif .if ${MK_USB} != "no" _libusbhid= libusbhid _libusb= libusb .endif .if !make(install) SUBDIR_PARALLEL= .endif .include Index: head/lib/libc/posix1e/posix1e.3 =================================================================== --- head/lib/libc/posix1e/posix1e.3 (revision 296046) +++ head/lib/libc/posix1e/posix1e.3 (revision 296047) @@ -1,118 +1,118 @@ .\"- .\" Copyright (c) 2000, 2009 Robert N. M. Watson .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" -.Dd April 15, 2014 +.Dd February 25, 2016 .Dt POSIX1E 3 .Os .Sh NAME .Nm posix1e .Nd introduction to the POSIX.1e security API .Sh LIBRARY .Lb libc .Sh SYNOPSIS .In sys/types.h .In sys/acl.h .In sys/mac.h .Sh DESCRIPTION POSIX.1e describes five security extensions to the POSIX.1 API: Access Control Lists (ACLs), Auditing, Capabilities, Mandatory Access Control, and Information Flow Labels. While IEEE POSIX.1e D17 specification has not been standardized, several of its interfaces are widely used. .Pp .Fx implements POSIX.1e interface for access control lists, described in .Xr acl 3 , and supports ACLs on the .Xr ffs 7 file system; ACLs must be administratively enabled using .Xr tunefs 8 . .Pp .Fx implements a POSIX.1e-like mandatory access control interface, described in .Xr mac 3 , although with a number of extensions and important semantic differences. .Pp .Fx does not implement the POSIX.1e audit, privilege (capability), or information flow label APIs. However, .Fx does implement the .Xr libbsm audit API. It also provides .Xr capsicum 4 , a lightweight OS capability and sandbox framework implementing a hybrid capability system model. .Sh ENVIRONMENT POSIX.1e assigns security attributes to all objects, extending the security functionality described in POSIX.1. These additional attributes store fine-grained discretionary access control information and mandatory access control labels; for files, they are stored in extended attributes, described in .Xr extattr 3 . .Pp POSIX.2c describes a set of userland utilities for manipulating these attributes, including .Xr getfacl 1 and .Xr setfacl 1 for access control lists, and .Xr getfmac 8 and .Xr setfmac 8 for mandatory access control labels. .Sh SEE ALSO .Xr getfacl 1 , .Xr setfacl 1 , .Xr extattr 2 , .Xr acl 3 , .Xr extattr 3 , .Xr libbsm 3 , -.Xr libcapsicum 3 , +.Xr libcasper 3 , .Xr mac 3 , .Xr capsicum 4 , .Xr ffs 7 , .Xr getfmac 8 , .Xr setfmac 8 , .Xr tunefs 8 , .Xr acl 9 , .Xr extattr 9 , .Xr mac 9 .Sh STANDARDS POSIX.1e is described in IEEE POSIX.1e draft 17. .Sh HISTORY POSIX.1e support was introduced in .Fx 4.0 ; most features were available as of .Fx 5.0 . .Sh AUTHORS .An Robert N M Watson .An Chris D. Faulhaber .An Thomas Moestl .An Ilmar S Habibulin Index: head/lib/libcasper/libcasper_impl.h =================================================================== --- head/lib/libcasper/libcasper_impl.h (revision 296046) +++ head/lib/libcasper/libcasper_impl.h (nonexistent) @@ -1,46 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCASPER_IMPL_H_ -#define _LIBCASPER_IMPL_H_ - -#include "libcasper.h" - -struct service; -struct service_connection; - -struct service * service_alloc(const char *name, - service_limit_func_t *limitfunc, service_command_func_t *commandfunc); -void service_free(struct service *service); - -void service_message(struct service *service, struct service_connection *sconn); - -#endif /* !_LIBCASPER_IMPL_H_ */ Property changes on: head/lib/libcasper/libcasper_impl.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper.c =================================================================== --- head/lib/libcasper/libcasper.c (revision 296046) +++ head/lib/libcasper/libcasper.c (nonexistent) @@ -1,441 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -/* - * Currently there is only one service_connection per service. - * In the future we may want multiple connections from multiple clients - * per one service instance, but it has to be carefully designed. - * The problem is that we may restrict/sandbox service instance according - * to the limits provided. When new connection comes in with different - * limits we won't be able to access requested resources. - * Not to mention one process will serve to mutiple mutually untrusted - * clients and compromise of this service instance by one of its clients - * can lead to compromise of the other clients. - */ - -/* - * Client connections to the given service. - */ -#define SERVICE_CONNECTION_MAGIC 0x5e91c0ec -struct service_connection { - int sc_magic; - cap_channel_t *sc_chan; - nvlist_t *sc_limits; - TAILQ_ENTRY(service_connection) sc_next; -}; - -#define SERVICE_MAGIC 0x5e91ce -struct service { - int s_magic; - char *s_name; - service_limit_func_t *s_limit; - service_command_func_t *s_command; - TAILQ_HEAD(, service_connection) s_connections; -}; - -struct service * -service_alloc(const char *name, service_limit_func_t *limitfunc, - service_command_func_t *commandfunc) -{ - struct service *service; - - service = malloc(sizeof(*service)); - if (service == NULL) - return (NULL); - service->s_name = strdup(name); - if (service->s_name == NULL) { - free(service); - return (NULL); - } - service->s_limit = limitfunc; - service->s_command = commandfunc; - TAILQ_INIT(&service->s_connections); - service->s_magic = SERVICE_MAGIC; - - return (service); -} - -void -service_free(struct service *service) -{ - struct service_connection *sconn; - - PJDLOG_ASSERT(service->s_magic == SERVICE_MAGIC); - - service->s_magic = 0; - while ((sconn = service_connection_first(service)) != NULL) - service_connection_remove(service, sconn); - free(service->s_name); - free(service); -} - -struct service_connection * -service_connection_add(struct service *service, int sock, - const nvlist_t *limits) -{ - struct service_connection *sconn; - int serrno; - - PJDLOG_ASSERT(service->s_magic == SERVICE_MAGIC); - - sconn = malloc(sizeof(*sconn)); - if (sconn == NULL) { - pjdlog_error("Unable to allocate memory for service connection."); - return (NULL); - } - sconn->sc_chan = cap_wrap(sock); - if (sconn->sc_chan == NULL) { - serrno = errno; - pjdlog_error("Unable to wrap communication channel."); - free(sconn); - errno = serrno; - return (NULL); - } - if (limits == NULL) { - sconn->sc_limits = NULL; - } else { - sconn->sc_limits = nvlist_clone(limits); - if (sconn->sc_limits == NULL) { - serrno = errno; - pjdlog_error("Unable to clone limits."); - (void)cap_unwrap(sconn->sc_chan); - free(sconn); - errno = serrno; - return (NULL); - } - } - sconn->sc_magic = SERVICE_CONNECTION_MAGIC; - TAILQ_INSERT_TAIL(&service->s_connections, sconn, sc_next); - return (sconn); -} - -void -service_connection_remove(struct service *service, - struct service_connection *sconn) -{ - - PJDLOG_ASSERT(service->s_magic == SERVICE_MAGIC); - PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); - - TAILQ_REMOVE(&service->s_connections, sconn, sc_next); - sconn->sc_magic = 0; - nvlist_destroy(sconn->sc_limits); - cap_close(sconn->sc_chan); - free(sconn); -} - -int -service_connection_clone(struct service *service, - struct service_connection *sconn) -{ - struct service_connection *newsconn; - int serrno, sock[2]; - - if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, sock) < 0) - return (-1); - - newsconn = service_connection_add(service, sock[0], - service_connection_get_limits(sconn)); - if (newsconn == NULL) { - serrno = errno; - close(sock[0]); - close(sock[1]); - errno = serrno; - return (-1); - } - - return (sock[1]); -} - -struct service_connection * -service_connection_first(struct service *service) -{ - struct service_connection *sconn; - - PJDLOG_ASSERT(service->s_magic == SERVICE_MAGIC); - - sconn = TAILQ_FIRST(&service->s_connections); - PJDLOG_ASSERT(sconn == NULL || - sconn->sc_magic == SERVICE_CONNECTION_MAGIC); - return (sconn); -} - -struct service_connection * -service_connection_next(struct service_connection *sconn) -{ - - PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); - - sconn = TAILQ_NEXT(sconn, sc_next); - PJDLOG_ASSERT(sconn == NULL || - sconn->sc_magic == SERVICE_CONNECTION_MAGIC); - return (sconn); -} - -cap_channel_t * -service_connection_get_chan(const struct service_connection *sconn) -{ - - PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); - - return (sconn->sc_chan); -} - -int -service_connection_get_sock(const struct service_connection *sconn) -{ - - PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); - - return (cap_sock(sconn->sc_chan)); -} - -const nvlist_t * -service_connection_get_limits(const struct service_connection *sconn) -{ - - PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); - - return (sconn->sc_limits); -} - -void -service_connection_set_limits(struct service_connection *sconn, - nvlist_t *limits) -{ - - PJDLOG_ASSERT(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); - - nvlist_destroy(sconn->sc_limits); - sconn->sc_limits = limits; -} - -#if 0 -static void -casper_message_connection(struct service *service, const nvlist_t *nvl) -{ - - service_connection_add(&service->s_connections, - nvlist_get_descriptor(nvl, "sock")); -} - -static void -casper_message(const cap_channel_t *capcas, struct service *service) -{ - const char *cmd; - nvlist_t *nvl; - - nvl = cap_recv_nvlist(capcas, 0); - if (nvl == NULL) - pjdlog_exit(1, "Unable to receive message from Casper"); - cmd = nvlist_get_string(nvl, "cmd"); - if (strcmp(cmd, "connection") == 0) - casper_message_connection(service, nvl); - else - PJDLOG_ABORT("Unknown command from Casper: %s.", cmd); -} -#endif - -void -service_message(struct service *service, struct service_connection *sconn) -{ - nvlist_t *nvlin, *nvlout; - const char *cmd; - int error; - - nvlin = cap_recv_nvlist(service_connection_get_chan(sconn), 0); - if (nvlin == NULL) { - if (errno == ENOTCONN) { - pjdlog_debug(1, "Connection closed by the client."); - } else { - pjdlog_errno(LOG_ERR, - "Unable to receive message from client"); - } - service_connection_remove(service, sconn); - return; - } - - error = EDOOFUS; - nvlout = nvlist_create(0); - - cmd = nvlist_get_string(nvlin, "cmd"); - pjdlog_debug(1, "Command received from client: %s.", cmd); - if (pjdlog_debug_get() >= 2) - nvlist_fdump(nvlin, stderr); - if (strcmp(cmd, "limit_set") == 0) { - nvlist_t *nvllim; - - nvllim = nvlist_take_nvlist(nvlin, "limits"); - error = service->s_limit(service_connection_get_limits(sconn), - nvllim); - if (error == 0) { - service_connection_set_limits(sconn, nvllim); - /* Function consumes nvllim. */ - } else { - nvlist_destroy(nvllim); - } - } else if (strcmp(cmd, "limit_get") == 0) { - const nvlist_t *nvllim; - - nvllim = service_connection_get_limits(sconn); - if (nvllim != NULL) - nvlist_add_nvlist(nvlout, "limits", nvllim); - else - nvlist_add_null(nvlout, "limits"); - error = 0; - } else if (strcmp(cmd, "clone") == 0) { - int sock; - - sock = service_connection_clone(service, sconn); - if (sock == -1) { - error = errno; - } else { - nvlist_move_descriptor(nvlout, "sock", sock); - error = 0; - } - } else { - error = service->s_command(cmd, - service_connection_get_limits(sconn), nvlin, nvlout); - } - - nvlist_destroy(nvlin); - nvlist_add_number(nvlout, "error", (uint64_t)error); - pjdlog_debug(1, "Sending reply to client (error=%d).", error); - if (pjdlog_debug_get() >= 2) - nvlist_fdump(nvlout, stderr); - - if (cap_send_nvlist(service_connection_get_chan(sconn), nvlout) == -1) { - pjdlog_errno(LOG_ERR, "Unable to send message to client"); - service_connection_remove(service, sconn); - } - - nvlist_destroy(nvlout); -} - -static int -fd_add(fd_set *fdsp, int maxfd, int fd) -{ - - FD_SET(fd, fdsp); - return (fd > maxfd ? fd : maxfd); -} - -int -service_start(const char *name, int sock, service_limit_func_t *limitfunc, - service_command_func_t *commandfunc, int argc, char *argv[]) -{ - struct service *service; - struct service_connection *sconn, *sconntmp; - fd_set fds; - int maxfd, nfds, serrno; - - assert(argc == 2); - - pjdlog_init(PJDLOG_MODE_STD); - pjdlog_debug_set(atoi(argv[1])); - - service = service_alloc(name, limitfunc, commandfunc); - if (service == NULL) - return (errno); - if (service_connection_add(service, sock, NULL) == NULL) { - serrno = errno; - service_free(service); - return (serrno); - } - - for (;;) { - FD_ZERO(&fds); - maxfd = -1; - for (sconn = service_connection_first(service); sconn != NULL; - sconn = service_connection_next(sconn)) { - maxfd = fd_add(&fds, maxfd, - service_connection_get_sock(sconn)); - } - - PJDLOG_ASSERT(maxfd >= 0); - PJDLOG_ASSERT(maxfd + 1 <= (int)FD_SETSIZE); - nfds = select(maxfd + 1, &fds, NULL, NULL, NULL); - if (nfds < 0) { - if (errno != EINTR) - pjdlog_errno(LOG_ERR, "select() failed"); - continue; - } else if (nfds == 0) { - /* Timeout. */ - PJDLOG_ABORT("select() timeout"); - continue; - } - - for (sconn = service_connection_first(service); sconn != NULL; - sconn = sconntmp) { - /* - * Prepare for connection to be removed from the list - * on failure. - */ - sconntmp = service_connection_next(sconn); - if (FD_ISSET(service_connection_get_sock(sconn), &fds)) - service_message(service, sconn); - } - if (service_connection_first(service) == NULL) { - /* - * No connections left, exiting. - */ - break; - } - } - - return (0); -} Property changes on: head/lib/libcasper/libcasper.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper.h =================================================================== --- head/lib/libcasper/libcasper.h (revision 296046) +++ head/lib/libcasper/libcasper.h (nonexistent) @@ -1,70 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _LIBCASPER_H_ -#define _LIBCASPER_H_ - -#ifndef _NVLIST_T_DECLARED -#define _NVLIST_T_DECLARED -struct nvlist; - -typedef struct nvlist nvlist_t; -#endif - -#define PARENT_FILENO 3 -#define EXECUTABLE_FILENO 4 -#define PROC_FILENO 5 - -struct service; -struct service_connection; - -typedef int service_limit_func_t(const nvlist_t *, const nvlist_t *); -typedef int service_command_func_t(const char *cmd, const nvlist_t *, - nvlist_t *, nvlist_t *); - -struct service_connection *service_connection_add(struct service *service, - int sock, const nvlist_t *limits); -void service_connection_remove(struct service *service, - struct service_connection *sconn); -int service_connection_clone(struct service *service, - struct service_connection *sconn); -struct service_connection *service_connection_first(struct service *service); -struct service_connection *service_connection_next(struct service_connection *sconn); -cap_channel_t *service_connection_get_chan(const struct service_connection *sconn); -int service_connection_get_sock(const struct service_connection *sconn); -const nvlist_t *service_connection_get_limits(const struct service_connection *sconn); -void service_connection_set_limits(struct service_connection *sconn, - nvlist_t *limits); - -int service_start(const char *name, int sock, service_limit_func_t *limitfunc, - service_command_func_t *commandfunc, int argc, char *argv[]); - -#endif /* !_LIBCASPER_H_ */ Property changes on: head/lib/libcasper/libcasper.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/lib/libcasper/Makefile =================================================================== --- head/lib/libcasper/Makefile (revision 296046) +++ head/lib/libcasper/Makefile (revision 296047) @@ -1,19 +1,6 @@ # $FreeBSD$ -LIB= casper +SUBDIR= libcasper +SUBDIR+= services -SHLIB_MAJOR= 0 -SHLIBDIR?= /lib - -SRCS= libcasper.c -INCS= libcasper.h - -LIBADD= capsicum nv pjdlog - -CFLAGS+=-I${.CURDIR} -CFLAGS+=-I${.CURDIR}/../libpjdlog -CFLAGS+=-I${.CURDIR}/../../sbin/casper - -WARNS?= 6 - -.include +.include Index: head/lib/libcasper/libcasper/Makefile =================================================================== --- head/lib/libcasper/libcasper/Makefile (nonexistent) +++ head/lib/libcasper/libcasper/Makefile (revision 296047) @@ -0,0 +1,38 @@ +# $FreeBSD$ + +LIB= casper + +SHLIB_MAJOR= 0 +SHLIBDIR?= /lib + +SRCS= libcasper.c +SRCS+= libcasper_impl.c +SRCS+= libcasper_service.c +SRCS+= service.c +SRCS+= zygote.c + +INCS= libcasper.h +INCS+= libcasper_service.h + +LIBADD= nv + +CFLAGS+=-I${.CURDIR} + +WARNS?= 6 + +MAN+= libcasper.3 + +MLINKS+=libcasper.3 cap_init.3 +MLINKS+=libcasper.3 cap_wrap.3 +MLINKS+=libcasper.3 cap_unwrap.3 +MLINKS+=libcasper.3 cap_sock.3 +MLINKS+=libcasper.3 cap_clone.3 +MLINKS+=libcasper.3 cap_close.3 +MLINKS+=libcasper.3 cap_limit_get.3 +MLINKS+=libcasper.3 cap_limit_set.3 +MLINKS+=libcasper.3 cap_send_nvlist.3 +MLINKS+=libcasper.3 cap_recv_nvlist.3 +MLINKS+=libcasper.3 cap_xfer_nvlist.3 +MLINKS+=libcasper.3 cap_service_open.3 + +.include Property changes on: head/lib/libcasper/libcasper/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/libcasper.3 =================================================================== --- head/lib/libcasper/libcasper/libcasper.3 (nonexistent) +++ head/lib/libcasper/libcasper/libcasper.3 (revision 296047) @@ -0,0 +1,295 @@ +.\" Copyright (c) 2013 The FreeBSD Foundation +.\" All rights reserved. +.\" +.\" This documentation was written by Pawel Jakub Dawidek under sponsorship +.\" from the FreeBSD Foundation. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd February 25, 2016 +.Dt LIBCASPER 3 +.Os +.Sh NAME +.Nm cap_init , +.Nm cap_wrap , +.Nm cap_unwrap , +.Nm cap_sock , +.Nm cap_clone , +.Nm cap_close , +.Nm cap_limit_get , +.Nm cap_limit_set , +.Nm cap_send_nvlist , +.Nm cap_recv_nvlist , +.Nm cap_xfer_nvlist , +.Nm cap_service_open +.Nd "library for handling application capabilities" +.Sh LIBRARY +.Lb libcasper +.Sh SYNOPSIS +.In libcasper.h +.In nv.h +.Ft "cap_channel_t *" +.Fn cap_init "void" +.Ft "cap_channel_t *" +.Fn cap_wrap "int sock" +.Ft "int" +.Fn cap_unwrap "cap_channel_t *chan" +.Ft "int" +.Fn cap_sock "const cap_channel_t *chan" +.Ft "cap_channel_t *" +.Fn cap_clone "const cap_channel_t *chan" +.Ft "void" +.Fn cap_close "cap_channel_t *chan" +.Ft "int" +.Fn cap_limit_get "const cap_channel_t *chan" "nvlist_t **limitsp" +.Ft "int" +.Fn cap_limit_set "const cap_channel_t *chan" "nvlist_t *limits" +.Ft "int" +.Fn cap_send_nvlist "const cap_channel_t *chan" "const nvlist_t *nvl" +.Ft "nvlist_t *" +.Fn cap_recv_nvlist "const cap_channel_t *chan" "int flags" +.Ft "nvlist_t *" +.Fn cap_xfer_nvlist "const cap_channel_t *chan" "nvlist_t *nvl" "int flags" +.Ft "cap_channel_t *" +.Fn cap_service_open "const cap_channel_t *chan" "const char *name" +.Sh DESCRIPTION +The +.Nm libcapsicum +library allows to manage application capabilities through the casper process. +.Pp +The application capability (represented by the +.Vt cap_channel_t +type) is a communication channel between the caller and the casper process +daemon or an instance of one of its services. +A capability to the casper process obtained with the +.Fn cap_init +function allows to create capabilities to casper's services via the +.Fn cap_service_open +function. +.Pp +The +.Fn cap_init +function opens capability to the casper process. +.Pp +The +.Fn cap_wrap +function creates +.Vt cap_channel_t +based on the given socket. +The function is used when capability is inherited through +.Xr execve 2 +or send over +.Xr unix 4 +domain socket as a regular file descriptor and has to be represented as +.Vt cap_channel_t +again. +.Pp +The +.Fn cap_unwrap +function is the opposite of the +.Fn cap_wrap +function. +It frees the +.Vt cap_channel_t +structure and returns +.Xr unix 4 +domain socket associated with it. +.Pp +The +.Fn cap_clone +function clones the given capability. +.Pp +The +.Fn cap_close +function closes the given capability. +.Pp +The +.Fn cap_sock +function returns +.Xr unix 4 +domain socket descriptor associated with the given capability for use with +system calls like +.Xr kevent 2 , +.Xr poll 2 +and +.Xr select 2 . +.Pp +The +.Fn cap_limit_get +function stores current limits of the given capability in the +.Fa limitsp +argument. +If the function return +.Va 0 +and +.Dv NULL +is stored in +.Fa limitsp +it means there are no limits set. +.Pp +The +.Fn cap_limit_set +function sets limits for the given capability. +The limits are provided as nvlist. +The exact format depends on the service the capability represents. +.Pp +The +.Fn cap_send_nvlist +function sends the given nvlist over the given capability. +This is low level interface to communicate with casper services. +Most services should provide higher level API. +.Pp +The +.Fn cap_recv_nvlist +function receives the given nvlist over the given capability. +The +.Fa flags +argument defines what type the top nvlist is expected to be. +If the nvlist flags do not match the flags passed to +.Fn cap_recv_nvlist , +the nvlist will not be returned. +.Pp +The +.Fn cap_xfer_nvlist +function sends the given nvlist, destroys it and receives new nvlist in +response over the given capability. +The +.Fa flags +argument defines what type the top nvlist is expected to be. +If the nvlist flags do not match the flags passed to +.Fn cap_xfer_nvlist , +the nvlist will not be returned. +It does not matter if the function succeeds or fails, the nvlist given +for sending will always be destroyed once the function returns. +.Pp +The +.Fn cap_service_open +function opens casper service of the given name through casper capability +obtained via the +.Fn cap_init +function. +The function returns capability that provides access to opened service. +.Sh RETURN VALUES +The +.Fn cap_clone , +.Fn cap_init , +.Fn cap_recv_nvlist , +.Fn cap_service_open , +.Fn cap_wrap +and +.Fn cap_xfer_nvlist +functions return +.Dv NULL +and set the +.Va errno +variable on failure. +.Pp +The +.Fn cap_limit_get , +.Fn cap_limit_set +and +.Fn cap_send_nvlist +functions return +.Dv -1 +and set the +.Va errno +variable on failure. +.Pp +The +.Fn cap_close , +.Fn cap_sock +and +.Fn cap_unwrap +functions always succeed. +.Sh EXAMPLES +The following example first opens capability to the casper then using this +capability creates new capability to the +.Nm system.dns +casper service and uses the latter capability to resolve IP address. +.Bd -literal +cap_channel_t *capcas, *capdns; +nvlist_t *limits; +const char *ipstr = "127.0.0.1"; +struct in_addr ip; +struct hostent *hp; + +/* Open capability to the Casper. */ +capcas = cap_init(); +if (capcas == NULL) + err(1, "Unable to contact Casper"); + +/* Enter capability mode sandbox. */ +if (cap_enter() < 0 && errno != ENOSYS) + err(1, "Unable to enter capability mode"); + +/* Use Casper capability to create capability to the system.dns service. */ +capdns = cap_service_open(capcas, "system.dns"); +if (capdns == NULL) + err(1, "Unable to open system.dns service"); + +/* Close Casper capability, we don't need it anymore. */ +cap_close(capcas); + +/* Limit system.dns to reverse DNS lookups and IPv4 addresses. */ +limits = nvlist_create(0); +nvlist_add_string(limits, "type", "ADDR"); +nvlist_add_number(limits, "family", (uint64_t)AF_INET); +if (cap_limit_set(capdns, limits) < 0) + err(1, "Unable to limit access to the system.dns service"); + +/* Convert IP address in C-string to in_addr. */ +if (!inet_aton(ipstr, &ip)) + errx(1, "Unable to parse IP address %s.", ipstr); + +/* Find hostname for the given IP address. */ +hp = cap_gethostbyaddr(capdns, (const void *)&ip, sizeof(ip), AF_INET); +if (hp == NULL) + errx(1, "No name associated with %s.", ipstr); + +printf("Name associated with %s is %s.\\n", ipstr, hp->h_name); +.Ed +.Sh SEE ALSO +.Xr cap_enter 2 , +.Xr execve 2 , +.Xr kevent 2 , +.Xr poll 2 , +.Xr select 2 , +.Xr cap_gethostbyaddr 3 , +.Xr err 3 , +.Xr gethostbyaddr 3 , +.Xr inet_aton 3 , +.Xr nv 3 , +.Xr capsicum 4 , +.Xr unix 4 +.Sh AUTHORS +The +.Nm libcasper +library was implemented by +.An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net +under sponsorship from the FreeBSD Foundation. +The +.Nm libcasper +new architecture was implemented by +.An Mariusz Zaborski Aq Mt oshogbo@FreeBSD.org +. Property changes on: head/lib/libcasper/libcasper/libcasper.3 ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/libcasper.c =================================================================== --- head/lib/libcasper/libcasper/libcasper.c (nonexistent) +++ head/lib/libcasper/libcasper/libcasper.c (revision 296047) @@ -0,0 +1,337 @@ +/*- + * Copyright (c) 2012-2013 The FreeBSD Foundation + * Copyright (c) 2015 Mariusz Zaborski + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include "libcasper.h" +#include "libcasper_impl.h" + +/* + * Structure describing communication channel between two separated processes. + */ +#define CAP_CHANNEL_MAGIC 0xcac8a31 +struct cap_channel { + /* + * Magic value helps to ensure that a pointer to the right structure is + * passed to our functions. + */ + int cch_magic; + /* Socket descriptor for IPC. */ + int cch_sock; + /* Process descriptor for casper. */ + int cch_pd; +}; + +static bool +cap_add_pd(cap_channel_t *chan, int pd) +{ + + if (!fd_is_valid(pd)) + return (false); + chan->cch_pd = pd; + return (true); +} + +cap_channel_t * +cap_init(void) +{ + pid_t pid; + int sock[2], serrno, pfd; + bool ret; + cap_channel_t *chan; + + if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, + sock) == -1) { + return (NULL); + } + + pid = pdfork(&pfd, 0); + if (pid == 0) { + /* Parent. */ + close(sock[0]); + casper_main_loop(sock[1]); + /* NOTREACHED. */ + } else if (pid > 0) { + /* Child. */ + close(sock[1]); + chan = cap_wrap(sock[0]); + if (chan == NULL) { + serrno = errno; + close(sock[0]); + close(pfd); + errno = serrno; + return (NULL); + } + ret = cap_add_pd(chan, pfd); + assert(ret); + return (chan); + } + + /* Error. */ + serrno = errno; + close(sock[0]); + close(sock[1]); + errno = serrno; + return (NULL); +} + +cap_channel_t * +cap_wrap(int sock) +{ + cap_channel_t *chan; + + if (!fd_is_valid(sock)) + return (NULL); + + chan = malloc(sizeof(*chan)); + if (chan != NULL) { + chan->cch_sock = sock; + chan->cch_pd = -1; + chan->cch_magic = CAP_CHANNEL_MAGIC; + } + + return (chan); +} + +int +cap_unwrap(cap_channel_t *chan) +{ + int sock; + + assert(chan != NULL); + assert(chan->cch_magic == CAP_CHANNEL_MAGIC); + + sock = chan->cch_sock; + if (chan->cch_pd != -1) + close(chan->cch_pd); + chan->cch_magic = 0; + free(chan); + + return (sock); +} + +cap_channel_t * +cap_clone(const cap_channel_t *chan) +{ + cap_channel_t *newchan; + nvlist_t *nvl; + int newsock; + + assert(chan != NULL); + assert(chan->cch_magic == CAP_CHANNEL_MAGIC); + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "clone"); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) + return (NULL); + if (nvlist_get_number(nvl, "error") != 0) { + errno = (int)nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (NULL); + } + newsock = nvlist_take_descriptor(nvl, "sock"); + nvlist_destroy(nvl); + newchan = cap_wrap(newsock); + if (newchan == NULL) { + int serrno; + + serrno = errno; + close(newsock); + errno = serrno; + } + + return (newchan); +} + +void +cap_close(cap_channel_t *chan) +{ + + assert(chan != NULL); + assert(chan->cch_magic == CAP_CHANNEL_MAGIC); + + chan->cch_magic = 0; + if (chan->cch_pd != -1) + close(chan->cch_pd); + close(chan->cch_sock); + free(chan); +} + +int +cap_sock(const cap_channel_t *chan) +{ + + assert(chan != NULL); + assert(chan->cch_magic == CAP_CHANNEL_MAGIC); + + return (chan->cch_sock); +} + +int +cap_limit_set(const cap_channel_t *chan, nvlist_t *limits) +{ + nvlist_t *nvlmsg; + int error; + + nvlmsg = nvlist_create(0); + nvlist_add_string(nvlmsg, "cmd", "limit_set"); + nvlist_add_nvlist(nvlmsg, "limits", limits); + nvlmsg = cap_xfer_nvlist(chan, nvlmsg, 0); + if (nvlmsg == NULL) { + nvlist_destroy(limits); + return (-1); + } + error = (int)nvlist_get_number(nvlmsg, "error"); + nvlist_destroy(nvlmsg); + nvlist_destroy(limits); + if (error != 0) { + errno = error; + return (-1); + } + return (0); +} + +int +cap_limit_get(const cap_channel_t *chan, nvlist_t **limitsp) +{ + nvlist_t *nvlmsg; + int error; + + nvlmsg = nvlist_create(0); + nvlist_add_string(nvlmsg, "cmd", "limit_get"); + nvlmsg = cap_xfer_nvlist(chan, nvlmsg, 0); + if (nvlmsg == NULL) + return (-1); + error = (int)nvlist_get_number(nvlmsg, "error"); + if (error != 0) { + nvlist_destroy(nvlmsg); + errno = error; + return (-1); + } + if (nvlist_exists_null(nvlmsg, "limits")) + *limitsp = NULL; + else + *limitsp = nvlist_take_nvlist(nvlmsg, "limits"); + nvlist_destroy(nvlmsg); + return (0); +} + +int +cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl) +{ + + assert(chan != NULL); + assert(chan->cch_magic == CAP_CHANNEL_MAGIC); + + return (nvlist_send(chan->cch_sock, nvl)); +} + +nvlist_t * +cap_recv_nvlist(const cap_channel_t *chan, int flags) +{ + + assert(chan != NULL); + assert(chan->cch_magic == CAP_CHANNEL_MAGIC); + + return (nvlist_recv(chan->cch_sock, flags)); +} + +nvlist_t * +cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl, int flags) +{ + + assert(chan != NULL); + assert(chan->cch_magic == CAP_CHANNEL_MAGIC); + + return (nvlist_xfer(chan->cch_sock, nvl, flags)); +} + +cap_channel_t * +cap_service_open(const cap_channel_t *chan, const char *name) +{ + cap_channel_t *newchan; + nvlist_t *nvl; + int sock, error; + + sock = -1; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "open"); + nvlist_add_string(nvl, "service", name); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) + return (NULL); + error = (int)nvlist_get_number(nvl, "error"); + if (error != 0) { + nvlist_destroy(nvl); + errno = error; + return (NULL); + } + sock = nvlist_take_descriptor(nvl, "chanfd"); + assert(sock >= 0); + nvlist_destroy(nvl); + nvl = NULL; + newchan = cap_wrap(sock); + if (newchan == NULL) + goto fail; + return (newchan); +fail: + error = errno; + close(sock); + errno = error; + return (NULL); +} + +int +cap_service_limit(const cap_channel_t *chan, const char * const *names, + size_t nnames) +{ + nvlist_t *limits; + unsigned int i; + + limits = nvlist_create(0); + for (i = 0; i < nnames; i++) + nvlist_add_null(limits, names[i]); + return (cap_limit_set(chan, limits)); +} Property changes on: head/lib/libcasper/libcasper/libcasper.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/libcasper.h =================================================================== --- head/lib/libcasper/libcasper/libcasper.h (nonexistent) +++ head/lib/libcasper/libcasper/libcasper.h (revision 296047) @@ -0,0 +1,115 @@ +/*- + * Copyright (c) 2012-2013 The FreeBSD Foundation + * Copyright (c) 2015 Mariusz Zaborski + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _LIBCASPER_H_ +#define _LIBCASPER_H_ + +#include + +#ifndef _NVLIST_T_DECLARED +#define _NVLIST_T_DECLARED +struct nvlist; + +typedef struct nvlist nvlist_t; +#endif + +#ifndef _CAP_CHANNEL_T_DECLARED +#define _CAP_CHANNEL_T_DECLARED +struct cap_channel; + +typedef struct cap_channel cap_channel_t; +#endif + +/* + * The functions opens unrestricted communication channel to Casper. + */ +cap_channel_t *cap_init(void); + +/* + * The functions to communicate with service. + */ +cap_channel_t *cap_service_open(const cap_channel_t *chan, const char *name); +int cap_service_limit(const cap_channel_t *chan, + const char * const *names, size_t nnames); + +/* + * The function creates cap_channel_t based on the given socket. + */ +cap_channel_t *cap_wrap(int sock); + +/* + * The function returns communication socket and frees cap_channel_t. + */ +int cap_unwrap(cap_channel_t *chan); + +/* + * The function clones the given capability. + */ +cap_channel_t *cap_clone(const cap_channel_t *chan); + +/* + * The function closes the given capability. + */ +void cap_close(cap_channel_t *chan); + +/* + * The function returns socket descriptor associated with the given + * cap_channel_t for use with select(2)/kqueue(2)/etc. + */ +int cap_sock(const cap_channel_t *chan); + +/* + * The function limits the given capability. + * It always destroys 'limits' on return. + */ +int cap_limit_set(const cap_channel_t *chan, nvlist_t *limits); + +/* + * The function returns current limits of the given capability. + */ +int cap_limit_get(const cap_channel_t *chan, nvlist_t **limitsp); + +/* + * Function sends nvlist over the given capability. + */ +int cap_send_nvlist(const cap_channel_t *chan, const nvlist_t *nvl); +/* + * Function receives nvlist over the given capability. + */ +nvlist_t *cap_recv_nvlist(const cap_channel_t *chan, int flags); +/* + * Function sends the given nvlist, destroys it and receives new nvlist in + * response over the given capability. + */ +nvlist_t *cap_xfer_nvlist(const cap_channel_t *chan, nvlist_t *nvl, int flags); + +#endif /* !_LIBCASPER_H_ */ Property changes on: head/lib/libcasper/libcasper/libcasper.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/libcasper_impl.c =================================================================== --- head/lib/libcasper/libcasper/libcasper_impl.c (nonexistent) +++ head/lib/libcasper/libcasper/libcasper_impl.c (revision 296047) @@ -0,0 +1,44 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * Copyright (c) 2015 Mariusz Zaborski + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +#include +#include + +#include "libcasper_impl.h" + +bool +fd_is_valid(int fd) +{ + + return (fcntl(fd, F_GETFL) != -1 || errno != EBADF); +} Property changes on: head/lib/libcasper/libcasper/libcasper_impl.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/libcasper_impl.h =================================================================== --- head/lib/libcasper/libcasper/libcasper_impl.h (nonexistent) +++ head/lib/libcasper/libcasper/libcasper_impl.h (revision 296047) @@ -0,0 +1,82 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * Copyright (c) 2015 Mariusz Zaborski + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _LIBCASPER_IMPL_H_ +#define _LIBCASPER_IMPL_H_ + +#include + +#include "libcasper.h" +#include "libcasper_service.h" + +struct service; +struct service_connection; + +bool fd_is_valid(int fd); + +/* Private service functions. */ +struct service *service_alloc(const char *name, + service_limit_func_t *limitfunc, + service_command_func_t *commandfunc); +void service_free(struct service *service); +void service_message(struct service *service, + struct service_connection *sconn); +void service_start(struct service *service, int sock); +const char *service_name(struct service *service); + +/* Private service connection functions. */ +struct service_connection *service_connection_add(struct service *service, + int sock, const nvlist_t *limits); +void service_connection_remove( + struct service *service, + struct service_connection *sconn); +int service_connection_clone( + struct service *service, + struct service_connection *sconn); +struct service_connection *service_connection_first( + struct service *service); +struct service_connection *service_connection_next( + struct service_connection *sconn); +cap_channel_t *service_connection_get_chan( + const struct service_connection *sconn); +int service_connection_get_sock( + const struct service_connection *sconn); +const nvlist_t *service_connection_get_limits( + const struct service_connection *sconn); +void service_connection_set_limits( + struct service_connection *sconn, + nvlist_t *limits); + +/* Private libcasper functions. */ +void casper_main_loop(int fd); + +#endif /* !_LIBCASPER_IMPL_H_ */ Property changes on: head/lib/libcasper/libcasper/libcasper_impl.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/libcasper_service.c =================================================================== --- head/lib/libcasper/libcasper/libcasper_service.c (nonexistent) +++ head/lib/libcasper/libcasper/libcasper_service.c (revision 296047) @@ -0,0 +1,277 @@ +/*- + * Copyright (c) 2012 The FreeBSD Foundation + * Copyright (c) 2015 Mariusz Zaborski + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include "libcasper_impl.h" +#include "zygote.h" + +struct casper_service { + struct service *cs_service; + TAILQ_ENTRY(casper_service) cs_next; +}; + +static TAILQ_HEAD(, casper_service) casper_services = + TAILQ_HEAD_INITIALIZER(casper_services); + +#define CORE_CASPER_NAME "core.casper" +#define CSERVICE_IS_CORE(service) \ + (strcmp(service_name(service->cs_service), CORE_CASPER_NAME) == 0) + +static struct casper_service * +service_find(const char *name) +{ + struct casper_service *casserv; + + TAILQ_FOREACH(casserv, &casper_services, cs_next) { + if (strcmp(service_name(casserv->cs_service), name) == 0) + break; + } + return (casserv); +} + +struct casper_service * +service_register(const char *name, service_limit_func_t *limitfunc, + service_command_func_t *commandfunc) +{ + struct casper_service *casserv; + + if (commandfunc == NULL) + return (NULL); + if (name == NULL || name[0] == '\0') + return (NULL); + if (service_find(name) != NULL) + return (NULL); + + casserv = malloc(sizeof(*casserv)); + if (casserv == NULL) + return (NULL); + + casserv->cs_service = service_alloc(name, limitfunc, commandfunc); + if (casserv->cs_service == NULL) { + free(casserv); + return (NULL); + } + TAILQ_INSERT_TAIL(&casper_services, casserv, cs_next); + + return (casserv); +} + +static bool +casper_allowed_service(const nvlist_t *limits, const char *service) +{ + + if (limits == NULL) + return (true); + + if (nvlist_exists_null(limits, service)) + return (true); + + return (false); +} + +static int +casper_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const char *name; + int type; + void *cookie; + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + if (type != NV_TYPE_NULL) + return (EINVAL); + if (!casper_allowed_service(oldlimits, name)) + return (ENOTCAPABLE); + } + + return (0); +} + +static void +service_execute(int chanfd) +{ + struct service *service; + nvlist_t *nvl; + int procfd; + + nvl = nvlist_recv(chanfd, 0); + if (nvl == NULL) + exit(1); + service = (struct service *)(uintptr_t)nvlist_take_number(nvl, + "service"); + //XXX: We should remove this? + procfd = nvlist_take_descriptor(nvl, "procfd"); + nvlist_destroy(nvl); + + service_start(service, chanfd); + /* Not reached. */ + exit(1); +} + +static int +casper_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, + nvlist_t *nvlout) +{ + struct casper_service *casserv; + const char *servname; + nvlist_t *nvl; + int chanfd, procfd, error; + + if (strcmp(cmd, "open") != 0) + return (EINVAL); + if (!nvlist_exists_string(nvlin, "service")) + return (EINVAL); + + servname = nvlist_get_string(nvlin, "service"); + casserv = service_find(servname); + if (casserv == NULL) + return (ENOENT); + + if (!casper_allowed_service(limits, servname)) + return (ENOTCAPABLE); + + if (zygote_clone(service_execute, &chanfd, &procfd) == -1) + return (errno); + + nvl = nvlist_create(0); + nvlist_add_number(nvl, "service", + (uint64_t)(uintptr_t)casserv->cs_service); + nvlist_move_descriptor(nvl, "procfd", procfd); + if (nvlist_send(chanfd, nvl) == -1) { + error = errno; + nvlist_destroy(nvl); + close(chanfd); + return (error); + } + nvlist_destroy(nvl); + + nvlist_move_descriptor(nvlout, "chanfd", chanfd); + + return (0); +} + +static void +service_register_core(int fd) +{ + struct casper_service *casserv; + struct service_connection *sconn; + + casserv = service_register(CORE_CASPER_NAME, casper_limit, + casper_command); + sconn = service_connection_add(casserv->cs_service, fd, NULL); + if (sconn == NULL) { + close(fd); + abort(); + } +} + +void +casper_main_loop(int fd) +{ + fd_set fds; + struct casper_service *casserv; + struct service_connection *sconn, *sconntmp; + int sock, maxfd, ret; + + if (zygote_init() < 0) + exit(1); + + /* + * Register core services. + */ + service_register_core(fd); + + for (;;) { + FD_ZERO(&fds); + FD_SET(fd, &fds); + maxfd = -1; + TAILQ_FOREACH(casserv, &casper_services, cs_next) { + /* We handle only core services. */ + if (!CSERVICE_IS_CORE(casserv)) + continue; + for (sconn = service_connection_first(casserv->cs_service); + sconn != NULL; + sconn = service_connection_next(sconn)) { + sock = service_connection_get_sock(sconn); + FD_SET(sock, &fds); + maxfd = sock > maxfd ? sock : maxfd; + } + } + if (maxfd == -1) { + /* Nothing to do. */ + exit(0); + } + maxfd++; + + + assert(maxfd <= (int)FD_SETSIZE); + ret = select(maxfd, &fds, NULL, NULL, NULL); + assert(ret == -1 || ret > 0); /* select() cannot timeout */ + if (ret == -1) { + if (errno == EINTR) + continue; + exit(1); + } + + TAILQ_FOREACH(casserv, &casper_services, cs_next) { + /* We handle only core services. */ + if (!CSERVICE_IS_CORE(casserv)) + continue; + for (sconn = service_connection_first(casserv->cs_service); + sconn != NULL; sconn = sconntmp) { + /* + * Prepare for connection to be removed from + * the list on failure. + */ + sconntmp = service_connection_next(sconn); + sock = service_connection_get_sock(sconn); + if (FD_ISSET(sock, &fds)) { + service_message(casserv->cs_service, + sconn); + } + } + } + } +} Property changes on: head/lib/libcasper/libcasper/libcasper_service.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/libcasper_service.h =================================================================== --- head/lib/libcasper/libcasper/libcasper_service.h (nonexistent) +++ head/lib/libcasper/libcasper/libcasper_service.h (revision 296047) @@ -0,0 +1,60 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * Copyright (c) 2015 Mariusz Zaborski + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _LIBCASPER_SERVICE_H_ +#define _LIBCASPER_SERVICE_H_ + +#ifndef _NVLIST_T_DECLARED +#define _NVLIST_T_DECLARED +struct nvlist; + +typedef struct nvlist nvlist_t; +#endif + +typedef int service_limit_func_t(const nvlist_t *, const nvlist_t *); +typedef int service_command_func_t(const char *cmd, const nvlist_t *, + nvlist_t *, nvlist_t *); + +struct casper_service *service_register(const char *name, + service_limit_func_t *limitfunc, service_command_func_t *commandfunc); + +#define __constructor __attribute__((constructor)) +#define CREATE_SERVICE(name, limit_func, command_func) \ + static __constructor void \ + init_casper_service(void) \ + { \ + \ + (void)service_register(name, limit_func, \ + command_func); \ + } + +#endif /* !_LIBCASPER_SERVICE_H_ */ Property changes on: head/lib/libcasper/libcasper/libcasper_service.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/service.c =================================================================== --- head/lib/libcasper/libcasper/service.c (nonexistent) +++ head/lib/libcasper/libcasper/service.c (revision 296047) @@ -0,0 +1,394 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * Copyright (c) 2015 Mariusz Zaborski + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "libcasper.h" +#include "libcasper_impl.h" + +/* + * Currently there is only one service_connection per service. + * In the future we may want multiple connections from multiple clients + * per one service instance, but it has to be carefully designed. + * The problem is that we may restrict/sandbox service instance according + * to the limits provided. When new connection comes in with different + * limits we won't be able to access requested resources. + * Not to mention one process will serve to mutiple mutually untrusted + * clients and compromise of this service instance by one of its clients + * can lead to compromise of the other clients. + */ + +/* + * Client connections to the given service. + */ +#define SERVICE_CONNECTION_MAGIC 0x5e91c0ec +struct service_connection { + int sc_magic; + cap_channel_t *sc_chan; + nvlist_t *sc_limits; + TAILQ_ENTRY(service_connection) sc_next; +}; + +#define SERVICE_MAGIC 0x5e91ce +struct service { + int s_magic; + char *s_name; + service_limit_func_t *s_limit; + service_command_func_t *s_command; + TAILQ_HEAD(, service_connection) s_connections; +}; + +struct service * +service_alloc(const char *name, service_limit_func_t *limitfunc, + service_command_func_t *commandfunc) +{ + struct service *service; + + service = malloc(sizeof(*service)); + if (service == NULL) + return (NULL); + service->s_name = strdup(name); + if (service->s_name == NULL) { + free(service); + return (NULL); + } + service->s_limit = limitfunc; + service->s_command = commandfunc; + TAILQ_INIT(&service->s_connections); + service->s_magic = SERVICE_MAGIC; + + return (service); +} + +void +service_free(struct service *service) +{ + struct service_connection *sconn; + + assert(service->s_magic == SERVICE_MAGIC); + + service->s_magic = 0; + while ((sconn = service_connection_first(service)) != NULL) + service_connection_remove(service, sconn); + free(service->s_name); + free(service); +} + +struct service_connection * +service_connection_add(struct service *service, int sock, + const nvlist_t *limits) +{ + struct service_connection *sconn; + int serrno; + + assert(service->s_magic == SERVICE_MAGIC); + + sconn = malloc(sizeof(*sconn)); + if (sconn == NULL) + return (NULL); + sconn->sc_chan = cap_wrap(sock); + if (sconn->sc_chan == NULL) { + serrno = errno; + free(sconn); + errno = serrno; + return (NULL); + } + if (limits == NULL) { + sconn->sc_limits = NULL; + } else { + sconn->sc_limits = nvlist_clone(limits); + if (sconn->sc_limits == NULL) { + serrno = errno; + (void)cap_unwrap(sconn->sc_chan); + free(sconn); + errno = serrno; + return (NULL); + } + } + sconn->sc_magic = SERVICE_CONNECTION_MAGIC; + TAILQ_INSERT_TAIL(&service->s_connections, sconn, sc_next); + return (sconn); +} + +void +service_connection_remove(struct service *service, + struct service_connection *sconn) +{ + + assert(service->s_magic == SERVICE_MAGIC); + assert(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); + + TAILQ_REMOVE(&service->s_connections, sconn, sc_next); + sconn->sc_magic = 0; + nvlist_destroy(sconn->sc_limits); + cap_close(sconn->sc_chan); + free(sconn); +} + +int +service_connection_clone(struct service *service, + struct service_connection *sconn) +{ + struct service_connection *newsconn; + int serrno, sock[2]; + + if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, sock) < 0) + return (-1); + + newsconn = service_connection_add(service, sock[0], + service_connection_get_limits(sconn)); + if (newsconn == NULL) { + serrno = errno; + close(sock[0]); + close(sock[1]); + errno = serrno; + return (-1); + } + + return (sock[1]); +} + +struct service_connection * +service_connection_first(struct service *service) +{ + struct service_connection *sconn; + + assert(service->s_magic == SERVICE_MAGIC); + + sconn = TAILQ_FIRST(&service->s_connections); + assert(sconn == NULL || + sconn->sc_magic == SERVICE_CONNECTION_MAGIC); + return (sconn); +} + +struct service_connection * +service_connection_next(struct service_connection *sconn) +{ + + assert(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); + + sconn = TAILQ_NEXT(sconn, sc_next); + assert(sconn == NULL || + sconn->sc_magic == SERVICE_CONNECTION_MAGIC); + return (sconn); +} + +cap_channel_t * +service_connection_get_chan(const struct service_connection *sconn) +{ + + assert(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); + + return (sconn->sc_chan); +} + +int +service_connection_get_sock(const struct service_connection *sconn) +{ + + assert(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); + + return (cap_sock(sconn->sc_chan)); +} + +const nvlist_t * +service_connection_get_limits(const struct service_connection *sconn) +{ + + assert(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); + + return (sconn->sc_limits); +} + +void +service_connection_set_limits(struct service_connection *sconn, + nvlist_t *limits) +{ + + assert(sconn->sc_magic == SERVICE_CONNECTION_MAGIC); + + nvlist_destroy(sconn->sc_limits); + sconn->sc_limits = limits; +} + +void +service_message(struct service *service, struct service_connection *sconn) +{ + nvlist_t *nvlin, *nvlout; + const char *cmd; + int error; + + nvlin = cap_recv_nvlist(service_connection_get_chan(sconn), 0); + if (nvlin == NULL) { + service_connection_remove(service, sconn); + return; + } + + error = EDOOFUS; + nvlout = nvlist_create(0); + + cmd = nvlist_get_string(nvlin, "cmd"); + if (strcmp(cmd, "limit_set") == 0) { + nvlist_t *nvllim; + + nvllim = nvlist_take_nvlist(nvlin, "limits"); + if (service->s_limit == NULL) { + error = EOPNOTSUPP; + } else { + error = service->s_limit( + service_connection_get_limits(sconn), nvllim); + } + if (error == 0) { + service_connection_set_limits(sconn, nvllim); + /* Function consumes nvllim. */ + } else { + nvlist_destroy(nvllim); + } + } else if (strcmp(cmd, "limit_get") == 0) { + const nvlist_t *nvllim; + + nvllim = service_connection_get_limits(sconn); + if (nvllim != NULL) + nvlist_add_nvlist(nvlout, "limits", nvllim); + else + nvlist_add_null(nvlout, "limits"); + error = 0; + } else if (strcmp(cmd, "clone") == 0) { + int sock; + + sock = service_connection_clone(service, sconn); + if (sock == -1) { + error = errno; + } else { + nvlist_move_descriptor(nvlout, "sock", sock); + error = 0; + } + } else { + error = service->s_command(cmd, + service_connection_get_limits(sconn), nvlin, nvlout); + } + + nvlist_destroy(nvlin); + nvlist_add_number(nvlout, "error", (uint64_t)error); + + if (cap_send_nvlist(service_connection_get_chan(sconn), nvlout) == -1) + service_connection_remove(service, sconn); + + nvlist_destroy(nvlout); +} + +static int +fd_add(fd_set *fdsp, int maxfd, int fd) +{ + + FD_SET(fd, fdsp); + return (fd > maxfd ? fd : maxfd); +} + +const char * +service_name(struct service *service) +{ + + assert(service->s_magic == SERVICE_MAGIC); + return (service->s_name); +} + +void +service_start(struct service *service, int sock) +{ + struct service_connection *sconn, *sconntmp; + fd_set fds; + int maxfd, nfds; + + assert(service != NULL); + assert(service->s_magic == SERVICE_MAGIC); + setproctitle("%s", service->s_name); + if (service_connection_add(service, sock, NULL) == NULL) + exit(1); + + for (;;) { + FD_ZERO(&fds); + maxfd = -1; + for (sconn = service_connection_first(service); sconn != NULL; + sconn = service_connection_next(sconn)) { + maxfd = fd_add(&fds, maxfd, + service_connection_get_sock(sconn)); + } + + assert(maxfd >= 0); + assert(maxfd + 1 <= (int)FD_SETSIZE); + nfds = select(maxfd + 1, &fds, NULL, NULL, NULL); + if (nfds < 0) { + if (errno != EINTR) + exit(1); + continue; + } else if (nfds == 0) { + /* Timeout. */ + abort(); + } + + for (sconn = service_connection_first(service); sconn != NULL; + sconn = sconntmp) { + /* + * Prepare for connection to be removed from the list + * on failure. + */ + sconntmp = service_connection_next(sconn); + if (FD_ISSET(service_connection_get_sock(sconn), &fds)) + service_message(service, sconn); + } + if (service_connection_first(service) == NULL) { + /* + * No connections left, exiting. + */ + break; + } + } + + exit(0); +} Property changes on: head/lib/libcasper/libcasper/service.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/zygote.c =================================================================== --- head/lib/libcasper/libcasper/zygote.c (nonexistent) +++ head/lib/libcasper/libcasper/zygote.c (revision 296047) @@ -0,0 +1,223 @@ +/*- + * Copyright (c) 2012 The FreeBSD Foundation + * Copyright (c) 2015 Mariusz Zaborski + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "zygote.h" + +/* Zygote info. */ +static int zygote_sock = -1; + +static void +stdnull(void) +{ + int fd; + + fd = open(_PATH_DEVNULL, O_RDWR); + if (fd == -1) + errx(1, "Unable to open %s", _PATH_DEVNULL); + + if (setsid() == -1) + errx(1, "Unable to detach from session"); + + if (dup2(fd, STDIN_FILENO) == -1) + errx(1, "Unable to cover stdin"); + if (dup2(fd, STDOUT_FILENO) == -1) + errx(1, "Unable to cover stdout"); + if (dup2(fd, STDERR_FILENO) == -1) + errx(1, "Unable to cover stderr"); + + close(fd); +} + +int +zygote_clone(zygote_func_t *func, int *chanfdp, int *procfdp) +{ + nvlist_t *nvl; + int error; + + if (zygote_sock == -1) { + /* Zygote didn't start. */ + errno = ENXIO; + return (-1); + } + + nvl = nvlist_create(0); + nvlist_add_number(nvl, "func", (uint64_t)(uintptr_t)func); + nvl = nvlist_xfer(zygote_sock, nvl, 0); + if (nvl == NULL) + return (-1); + if (nvlist_exists_number(nvl, "error")) { + error = (int)nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + errno = error; + return (-1); + } + + *chanfdp = nvlist_take_descriptor(nvl, "chanfd"); + *procfdp = nvlist_take_descriptor(nvl, "procfd"); + + nvlist_destroy(nvl); + return (0); +} + +/* + * This function creates sandboxes on-demand whoever has access to it via + * 'sock' socket. Function sends two descriptors to the caller: process + * descriptor of the sandbox and socket pair descriptor for communication + * between sandbox and its owner. + */ +static void +zygote_main(int sock) +{ + int error, fd, procfd; + int chanfd[2]; + nvlist_t *nvlin, *nvlout; + zygote_func_t *func; + pid_t pid; + + assert(sock > STDERR_FILENO); + + setproctitle("zygote"); + + stdnull(); + for (fd = STDERR_FILENO + 1; fd < sock; fd++) + close(fd); + closefrom(sock + 1); + + for (;;) { + nvlin = nvlist_recv(sock, 0); + if (nvlin == NULL) { + if (errno == ENOTCONN) { + /* Casper exited. */ + exit(0); + } + continue; + } + func = (zygote_func_t *)(uintptr_t)nvlist_get_number(nvlin, + "func"); + nvlist_destroy(nvlin); + + /* + * Someone is requesting a new process, create one. + */ + procfd = -1; + chanfd[0] = -1; + chanfd[1] = -1; + error = 0; + if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, + chanfd) == -1) { + error = errno; + goto send; + } + pid = pdfork(&procfd, 0); + switch (pid) { + case -1: + /* Failure. */ + error = errno; + break; + case 0: + /* Child. */ + close(sock); + close(chanfd[0]); + func(chanfd[1]); + /* NOTREACHED */ + exit(1); + default: + /* Parent. */ + close(chanfd[1]); + break; + } +send: + nvlout = nvlist_create(0); + if (error != 0) { + nvlist_add_number(nvlout, "error", (uint64_t)error); + if (chanfd[0] >= 0) + close(chanfd[0]); + if (procfd >= 0) + close(procfd); + } else { + nvlist_move_descriptor(nvlout, "chanfd", chanfd[0]); + nvlist_move_descriptor(nvlout, "procfd", procfd); + } + (void)nvlist_send(sock, nvlout); + nvlist_destroy(nvlout); + } + /* NOTREACHED */ +} + +int +zygote_init(void) +{ + int serrno, sp[2]; + pid_t pid; + + if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, sp) == -1) + return (-1); + + pid = fork(); + switch (pid) { + case -1: + /* Failure. */ + serrno = errno; + close(sp[0]); + close(sp[1]); + errno = serrno; + return (-1); + case 0: + /* Child. */ + close(sp[0]); + zygote_main(sp[1]); + /* NOTREACHED */ + abort(); + default: + /* Parent. */ + zygote_sock = sp[0]; + close(sp[1]); + return (0); + } + /* NOTREACHED */ +} Property changes on: head/lib/libcasper/libcasper/zygote.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/libcasper/zygote.h =================================================================== --- head/lib/libcasper/libcasper/zygote.h (nonexistent) +++ head/lib/libcasper/libcasper/zygote.h (revision 296047) @@ -0,0 +1,41 @@ +/*- + * Copyright (c) 2012 The FreeBSD Foundation + * Copyright (c) 2015 Mariusz Zaborski + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _ZYGOTE_H_ +#define _ZYGOTE_H_ + +typedef void zygote_func_t(int); + +int zygote_init(void); +int zygote_clone(zygote_func_t *func, int *chanfdp, int *procfdp); + +#endif /* !_ZYGOTE_H_ */ Property changes on: head/lib/libcasper/libcasper/zygote.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/Makefile =================================================================== --- head/lib/libcasper/services/Makefile (nonexistent) +++ head/lib/libcasper/services/Makefile (revision 296047) @@ -0,0 +1,9 @@ +# $FreeBSD$ + +SUBDIR= cap_dns +SUBDIR+= cap_grp +SUBDIR+= cap_pwd +SUBDIR+= cap_random +SUBDIR+= cap_sysctl + +.include Property changes on: head/lib/libcasper/services/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_dns/Makefile =================================================================== --- head/lib/libcasper/services/cap_dns/Makefile (nonexistent) +++ head/lib/libcasper/services/cap_dns/Makefile (revision 296047) @@ -0,0 +1,20 @@ +# $FreeBSD$ + +LIB= cap_dns + +SHLIB_MAJOR= 0 +SHLIBDIR?= /lib/casper +INCSDIR?= ${INCLUDEDIR}/casper + +SRCS= cap_dns.c + +INCS= cap_dns.h + +LIBADD= nv + +CFLAGS+=-I${.CURDIR} +CFLAGS+=-I${.CURDIR}/../libcasper + +WARNS?= 6 + +.include Property changes on: head/lib/libcasper/services/cap_dns/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_dns/cap_dns.c =================================================================== --- head/lib/libcasper/services/cap_dns/cap_dns.c (nonexistent) +++ head/lib/libcasper/services/cap_dns/cap_dns.c (revision 296047) @@ -0,0 +1,761 @@ +/*- + * Copyright (c) 2012-2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "cap_dns.h" + +static struct hostent hent; + +static void +hostent_free(struct hostent *hp) +{ + unsigned int ii; + + free(hp->h_name); + hp->h_name = NULL; + if (hp->h_aliases != NULL) { + for (ii = 0; hp->h_aliases[ii] != NULL; ii++) + free(hp->h_aliases[ii]); + free(hp->h_aliases); + hp->h_aliases = NULL; + } + if (hp->h_addr_list != NULL) { + for (ii = 0; hp->h_addr_list[ii] != NULL; ii++) + free(hp->h_addr_list[ii]); + free(hp->h_addr_list); + hp->h_addr_list = NULL; + } +} + +static struct hostent * +hostent_unpack(const nvlist_t *nvl, struct hostent *hp) +{ + unsigned int ii, nitems; + char nvlname[64]; + int n; + + hostent_free(hp); + + hp->h_name = strdup(nvlist_get_string(nvl, "name")); + if (hp->h_name == NULL) + goto fail; + hp->h_addrtype = (int)nvlist_get_number(nvl, "addrtype"); + hp->h_length = (int)nvlist_get_number(nvl, "length"); + + nitems = (unsigned int)nvlist_get_number(nvl, "naliases"); + hp->h_aliases = calloc(sizeof(hp->h_aliases[0]), nitems + 1); + if (hp->h_aliases == NULL) + goto fail; + for (ii = 0; ii < nitems; ii++) { + n = snprintf(nvlname, sizeof(nvlname), "alias%u", ii); + assert(n > 0 && n < (int)sizeof(nvlname)); + hp->h_aliases[ii] = + strdup(nvlist_get_string(nvl, nvlname)); + if (hp->h_aliases[ii] == NULL) + goto fail; + } + hp->h_aliases[ii] = NULL; + + nitems = (unsigned int)nvlist_get_number(nvl, "naddrs"); + hp->h_addr_list = calloc(sizeof(hp->h_addr_list[0]), nitems + 1); + if (hp->h_addr_list == NULL) + goto fail; + for (ii = 0; ii < nitems; ii++) { + hp->h_addr_list[ii] = malloc(hp->h_length); + if (hp->h_addr_list[ii] == NULL) + goto fail; + n = snprintf(nvlname, sizeof(nvlname), "addr%u", ii); + assert(n > 0 && n < (int)sizeof(nvlname)); + bcopy(nvlist_get_binary(nvl, nvlname, NULL), + hp->h_addr_list[ii], hp->h_length); + } + hp->h_addr_list[ii] = NULL; + + return (hp); +fail: + hostent_free(hp); + h_errno = NO_RECOVERY; + return (NULL); +} + +struct hostent * +cap_gethostbyname(cap_channel_t *chan, const char *name) +{ + + return (cap_gethostbyname2(chan, name, AF_INET)); +} + +struct hostent * +cap_gethostbyname2(cap_channel_t *chan, const char *name, int type) +{ + struct hostent *hp; + nvlist_t *nvl; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "gethostbyname"); + nvlist_add_number(nvl, "family", (uint64_t)type); + nvlist_add_string(nvl, "name", name); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) { + h_errno = NO_RECOVERY; + return (NULL); + } + if (nvlist_get_number(nvl, "error") != 0) { + h_errno = (int)nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (NULL); + } + + hp = hostent_unpack(nvl, &hent); + nvlist_destroy(nvl); + return (hp); +} + +struct hostent * +cap_gethostbyaddr(cap_channel_t *chan, const void *addr, socklen_t len, + int type) +{ + struct hostent *hp; + nvlist_t *nvl; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "gethostbyaddr"); + nvlist_add_binary(nvl, "addr", addr, (size_t)len); + nvlist_add_number(nvl, "family", (uint64_t)type); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) { + h_errno = NO_RECOVERY; + return (NULL); + } + if (nvlist_get_number(nvl, "error") != 0) { + h_errno = (int)nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (NULL); + } + hp = hostent_unpack(nvl, &hent); + nvlist_destroy(nvl); + return (hp); +} + +static struct addrinfo * +addrinfo_unpack(const nvlist_t *nvl) +{ + struct addrinfo *ai; + const void *addr; + size_t addrlen; + const char *canonname; + + addr = nvlist_get_binary(nvl, "ai_addr", &addrlen); + ai = malloc(sizeof(*ai) + addrlen); + if (ai == NULL) + return (NULL); + ai->ai_flags = (int)nvlist_get_number(nvl, "ai_flags"); + ai->ai_family = (int)nvlist_get_number(nvl, "ai_family"); + ai->ai_socktype = (int)nvlist_get_number(nvl, "ai_socktype"); + ai->ai_protocol = (int)nvlist_get_number(nvl, "ai_protocol"); + ai->ai_addrlen = (socklen_t)addrlen; + canonname = dnvlist_get_string(nvl, "ai_canonname", NULL); + if (canonname != NULL) { + ai->ai_canonname = strdup(canonname); + if (ai->ai_canonname == NULL) { + free(ai); + return (NULL); + } + } else { + ai->ai_canonname = NULL; + } + ai->ai_addr = (void *)(ai + 1); + bcopy(addr, ai->ai_addr, addrlen); + ai->ai_next = NULL; + + return (ai); +} + +int +cap_getaddrinfo(cap_channel_t *chan, const char *hostname, const char *servname, + const struct addrinfo *hints, struct addrinfo **res) +{ + struct addrinfo *firstai, *prevai, *curai; + unsigned int ii; + const nvlist_t *nvlai; + char nvlname[64]; + nvlist_t *nvl; + int error, n; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "getaddrinfo"); + if (hostname != NULL) + nvlist_add_string(nvl, "hostname", hostname); + if (servname != NULL) + nvlist_add_string(nvl, "servname", servname); + if (hints != NULL) { + nvlist_add_number(nvl, "hints.ai_flags", + (uint64_t)hints->ai_flags); + nvlist_add_number(nvl, "hints.ai_family", + (uint64_t)hints->ai_family); + nvlist_add_number(nvl, "hints.ai_socktype", + (uint64_t)hints->ai_socktype); + nvlist_add_number(nvl, "hints.ai_protocol", + (uint64_t)hints->ai_protocol); + } + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) + return (EAI_MEMORY); + if (nvlist_get_number(nvl, "error") != 0) { + error = (int)nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (error); + } + + nvlai = NULL; + firstai = prevai = curai = NULL; + for (ii = 0; ; ii++) { + n = snprintf(nvlname, sizeof(nvlname), "res%u", ii); + assert(n > 0 && n < (int)sizeof(nvlname)); + if (!nvlist_exists_nvlist(nvl, nvlname)) + break; + nvlai = nvlist_get_nvlist(nvl, nvlname); + curai = addrinfo_unpack(nvlai); + if (curai == NULL) + break; + if (prevai != NULL) + prevai->ai_next = curai; + else if (firstai == NULL) + firstai = curai; + prevai = curai; + } + nvlist_destroy(nvl); + if (curai == NULL && nvlai != NULL) { + if (firstai == NULL) + freeaddrinfo(firstai); + return (EAI_MEMORY); + } + + *res = firstai; + return (0); +} + +int +cap_getnameinfo(cap_channel_t *chan, const struct sockaddr *sa, socklen_t salen, + char *host, size_t hostlen, char *serv, size_t servlen, int flags) +{ + nvlist_t *nvl; + int error; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "getnameinfo"); + nvlist_add_number(nvl, "hostlen", (uint64_t)hostlen); + nvlist_add_number(nvl, "servlen", (uint64_t)servlen); + nvlist_add_binary(nvl, "sa", sa, (size_t)salen); + nvlist_add_number(nvl, "flags", (uint64_t)flags); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) + return (EAI_MEMORY); + if (nvlist_get_number(nvl, "error") != 0) { + error = (int)nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (error); + } + + if (host != NULL && nvlist_exists_string(nvl, "host")) + strlcpy(host, nvlist_get_string(nvl, "host"), hostlen + 1); + if (serv != NULL && nvlist_exists_string(nvl, "serv")) + strlcpy(serv, nvlist_get_string(nvl, "serv"), servlen + 1); + nvlist_destroy(nvl); + return (0); +} + +static void +limit_remove(nvlist_t *limits, const char *prefix) +{ + const char *name; + size_t prefixlen; + void *cookie; + + prefixlen = strlen(prefix); +again: + cookie = NULL; + while ((name = nvlist_next(limits, NULL, &cookie)) != NULL) { + if (strncmp(name, prefix, prefixlen) == 0) { + nvlist_free(limits, name); + goto again; + } + } +} + +int +cap_dns_type_limit(cap_channel_t *chan, const char * const *types, + size_t ntypes) +{ + nvlist_t *limits; + unsigned int i; + char nvlname[64]; + int n; + + if (cap_limit_get(chan, &limits) < 0) + return (-1); + if (limits == NULL) + limits = nvlist_create(0); + else + limit_remove(limits, "type"); + for (i = 0; i < ntypes; i++) { + n = snprintf(nvlname, sizeof(nvlname), "type%u", i); + assert(n > 0 && n < (int)sizeof(nvlname)); + nvlist_add_string(limits, nvlname, types[i]); + } + return (cap_limit_set(chan, limits)); +} + +int +cap_dns_family_limit(cap_channel_t *chan, const int *families, + size_t nfamilies) +{ + nvlist_t *limits; + unsigned int i; + char nvlname[64]; + int n; + + if (cap_limit_get(chan, &limits) < 0) + return (-1); + if (limits == NULL) + limits = nvlist_create(0); + else + limit_remove(limits, "family"); + for (i = 0; i < nfamilies; i++) { + n = snprintf(nvlname, sizeof(nvlname), "family%u", i); + assert(n > 0 && n < (int)sizeof(nvlname)); + nvlist_add_number(limits, nvlname, (uint64_t)families[i]); + } + return (cap_limit_set(chan, limits)); +} + +/* + * Service functions. + */ +static bool +dns_allowed_type(const nvlist_t *limits, const char *type) +{ + const char *name; + bool notypes; + void *cookie; + + if (limits == NULL) + return (true); + + notypes = true; + cookie = NULL; + while ((name = nvlist_next(limits, NULL, &cookie)) != NULL) { + if (strncmp(name, "type", sizeof("type") - 1) != 0) + continue; + notypes = false; + if (strcmp(nvlist_get_string(limits, name), type) == 0) + return (true); + } + + /* If there are no types at all, allow any type. */ + if (notypes) + return (true); + + return (false); +} + +static bool +dns_allowed_family(const nvlist_t *limits, int family) +{ + const char *name; + bool nofamilies; + void *cookie; + + if (limits == NULL) + return (true); + + nofamilies = true; + cookie = NULL; + while ((name = nvlist_next(limits, NULL, &cookie)) != NULL) { + if (strncmp(name, "family", sizeof("family") - 1) != 0) + continue; + nofamilies = false; + if (family == AF_UNSPEC) + continue; + if (nvlist_get_number(limits, name) == (uint64_t)family) + return (true); + } + + /* If there are no families at all, allow any family. */ + if (nofamilies) + return (true); + + return (false); +} + +static void +hostent_pack(const struct hostent *hp, nvlist_t *nvl) +{ + unsigned int ii; + char nvlname[64]; + int n; + + nvlist_add_string(nvl, "name", hp->h_name); + nvlist_add_number(nvl, "addrtype", (uint64_t)hp->h_addrtype); + nvlist_add_number(nvl, "length", (uint64_t)hp->h_length); + + if (hp->h_aliases == NULL) { + nvlist_add_number(nvl, "naliases", 0); + } else { + for (ii = 0; hp->h_aliases[ii] != NULL; ii++) { + n = snprintf(nvlname, sizeof(nvlname), "alias%u", ii); + assert(n > 0 && n < (int)sizeof(nvlname)); + nvlist_add_string(nvl, nvlname, hp->h_aliases[ii]); + } + nvlist_add_number(nvl, "naliases", (uint64_t)ii); + } + + if (hp->h_addr_list == NULL) { + nvlist_add_number(nvl, "naddrs", 0); + } else { + for (ii = 0; hp->h_addr_list[ii] != NULL; ii++) { + n = snprintf(nvlname, sizeof(nvlname), "addr%u", ii); + assert(n > 0 && n < (int)sizeof(nvlname)); + nvlist_add_binary(nvl, nvlname, hp->h_addr_list[ii], + (size_t)hp->h_length); + } + nvlist_add_number(nvl, "naddrs", (uint64_t)ii); + } +} + +static int +dns_gethostbyname(const nvlist_t *limits, const nvlist_t *nvlin, + nvlist_t *nvlout) +{ + struct hostent *hp; + int family; + + if (!dns_allowed_type(limits, "NAME")) + return (NO_RECOVERY); + + family = (int)nvlist_get_number(nvlin, "family"); + + if (!dns_allowed_family(limits, family)) + return (NO_RECOVERY); + + hp = gethostbyname2(nvlist_get_string(nvlin, "name"), family); + if (hp == NULL) + return (h_errno); + hostent_pack(hp, nvlout); + return (0); +} + +static int +dns_gethostbyaddr(const nvlist_t *limits, const nvlist_t *nvlin, + nvlist_t *nvlout) +{ + struct hostent *hp; + const void *addr; + size_t addrsize; + int family; + + if (!dns_allowed_type(limits, "ADDR")) + return (NO_RECOVERY); + + family = (int)nvlist_get_number(nvlin, "family"); + + if (!dns_allowed_family(limits, family)) + return (NO_RECOVERY); + + addr = nvlist_get_binary(nvlin, "addr", &addrsize); + hp = gethostbyaddr(addr, (socklen_t)addrsize, family); + if (hp == NULL) + return (h_errno); + hostent_pack(hp, nvlout); + return (0); +} + +static int +dns_getnameinfo(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) +{ + struct sockaddr_storage sast; + const void *sabin; + char *host, *serv; + size_t sabinsize, hostlen, servlen; + socklen_t salen; + int error, flags; + + if (!dns_allowed_type(limits, "NAME")) + return (NO_RECOVERY); + + error = 0; + host = serv = NULL; + memset(&sast, 0, sizeof(sast)); + + hostlen = (size_t)nvlist_get_number(nvlin, "hostlen"); + servlen = (size_t)nvlist_get_number(nvlin, "servlen"); + + if (hostlen > 0) { + host = calloc(1, hostlen + 1); + if (host == NULL) { + error = EAI_MEMORY; + goto out; + } + } + if (servlen > 0) { + serv = calloc(1, servlen + 1); + if (serv == NULL) { + error = EAI_MEMORY; + goto out; + } + } + + sabin = nvlist_get_binary(nvlin, "sa", &sabinsize); + if (sabinsize > sizeof(sast)) { + error = EAI_FAIL; + goto out; + } + + memcpy(&sast, sabin, sabinsize); + salen = (socklen_t)sabinsize; + + if ((sast.ss_family != AF_INET || + salen != sizeof(struct sockaddr_in)) && + (sast.ss_family != AF_INET6 || + salen != sizeof(struct sockaddr_in6))) { + error = EAI_FAIL; + goto out; + } + + if (!dns_allowed_family(limits, (int)sast.ss_family)) { + error = NO_RECOVERY; + goto out; + } + + flags = (int)nvlist_get_number(nvlin, "flags"); + + error = getnameinfo((struct sockaddr *)&sast, salen, host, hostlen, + serv, servlen, flags); + if (error != 0) + goto out; + + if (host != NULL) + nvlist_move_string(nvlout, "host", host); + if (serv != NULL) + nvlist_move_string(nvlout, "serv", serv); +out: + if (error != 0) { + free(host); + free(serv); + } + return (error); +} + +static nvlist_t * +addrinfo_pack(const struct addrinfo *ai) +{ + nvlist_t *nvl; + + nvl = nvlist_create(0); + nvlist_add_number(nvl, "ai_flags", (uint64_t)ai->ai_flags); + nvlist_add_number(nvl, "ai_family", (uint64_t)ai->ai_family); + nvlist_add_number(nvl, "ai_socktype", (uint64_t)ai->ai_socktype); + nvlist_add_number(nvl, "ai_protocol", (uint64_t)ai->ai_protocol); + nvlist_add_binary(nvl, "ai_addr", ai->ai_addr, (size_t)ai->ai_addrlen); + if (ai->ai_canonname != NULL) + nvlist_add_string(nvl, "ai_canonname", ai->ai_canonname); + + return (nvl); +} + +static int +dns_getaddrinfo(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) +{ + struct addrinfo hints, *hintsp, *res, *cur; + const char *hostname, *servname; + char nvlname[64]; + nvlist_t *elem; + unsigned int ii; + int error, family, n; + + if (!dns_allowed_type(limits, "ADDR")) + return (NO_RECOVERY); + + hostname = dnvlist_get_string(nvlin, "hostname", NULL); + servname = dnvlist_get_string(nvlin, "servname", NULL); + if (nvlist_exists_number(nvlin, "hints.ai_flags")) { + hints.ai_flags = (int)nvlist_get_number(nvlin, + "hints.ai_flags"); + hints.ai_family = (int)nvlist_get_number(nvlin, + "hints.ai_family"); + hints.ai_socktype = (int)nvlist_get_number(nvlin, + "hints.ai_socktype"); + hints.ai_protocol = (int)nvlist_get_number(nvlin, + "hints.ai_protocol"); + hints.ai_addrlen = 0; + hints.ai_addr = NULL; + hints.ai_canonname = NULL; + hintsp = &hints; + family = hints.ai_family; + } else { + hintsp = NULL; + family = AF_UNSPEC; + } + + if (!dns_allowed_family(limits, family)) + return (NO_RECOVERY); + + error = getaddrinfo(hostname, servname, hintsp, &res); + if (error != 0) + goto out; + + for (cur = res, ii = 0; cur != NULL; cur = cur->ai_next, ii++) { + elem = addrinfo_pack(cur); + n = snprintf(nvlname, sizeof(nvlname), "res%u", ii); + assert(n > 0 && n < (int)sizeof(nvlname)); + nvlist_move_nvlist(nvlout, nvlname, elem); + } + + freeaddrinfo(res); + error = 0; +out: + return (error); +} + +static bool +limit_has_entry(const nvlist_t *limits, const char *prefix) +{ + const char *name; + size_t prefixlen; + void *cookie; + + if (limits == NULL) + return (false); + + prefixlen = strlen(prefix); + + cookie = NULL; + while ((name = nvlist_next(limits, NULL, &cookie)) != NULL) { + if (strncmp(name, prefix, prefixlen) == 0) + return (true); + } + + return (false); +} + +static int +dns_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const char *name; + void *cookie; + int nvtype; + bool hastype, hasfamily; + + hastype = false; + hasfamily = false; + + cookie = NULL; + while ((name = nvlist_next(newlimits, &nvtype, &cookie)) != NULL) { + if (nvtype == NV_TYPE_STRING) { + const char *type; + + if (strncmp(name, "type", sizeof("type") - 1) != 0) + return (EINVAL); + type = nvlist_get_string(newlimits, name); + if (strcmp(type, "ADDR") != 0 && + strcmp(type, "NAME") != 0) { + return (EINVAL); + } + if (!dns_allowed_type(oldlimits, type)) + return (ENOTCAPABLE); + hastype = true; + } else if (nvtype == NV_TYPE_NUMBER) { + int family; + + if (strncmp(name, "family", sizeof("family") - 1) != 0) + return (EINVAL); + family = (int)nvlist_get_number(newlimits, name); + if (!dns_allowed_family(oldlimits, family)) + return (ENOTCAPABLE); + hasfamily = true; + } else { + return (EINVAL); + } + } + + /* + * If the new limit doesn't mention type or family we have to + * check if the current limit does have those. Missing type or + * family in the limit means that all types or families are + * allowed. + */ + if (!hastype) { + if (limit_has_entry(oldlimits, "type")) + return (ENOTCAPABLE); + } + if (!hasfamily) { + if (limit_has_entry(oldlimits, "family")) + return (ENOTCAPABLE); + } + + return (0); +} + +static int +dns_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, + nvlist_t *nvlout) +{ + int error; + + if (strcmp(cmd, "gethostbyname") == 0) + error = dns_gethostbyname(limits, nvlin, nvlout); + else if (strcmp(cmd, "gethostbyaddr") == 0) + error = dns_gethostbyaddr(limits, nvlin, nvlout); + else if (strcmp(cmd, "getnameinfo") == 0) + error = dns_getnameinfo(limits, nvlin, nvlout); + else if (strcmp(cmd, "getaddrinfo") == 0) + error = dns_getaddrinfo(limits, nvlin, nvlout); + else + error = NO_RECOVERY; + + return (error); +} + +CREATE_SERVICE("system.dns", dns_limit, dns_command); Property changes on: head/lib/libcasper/services/cap_dns/cap_dns.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_dns/cap_dns.h =================================================================== --- head/lib/libcasper/services/cap_dns/cap_dns.h (nonexistent) +++ head/lib/libcasper/services/cap_dns/cap_dns.h (revision 296047) @@ -0,0 +1,57 @@ +/*- + * Copyright (c) 2012 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _CAP_DNS_H_ +#define _CAP_DNS_H_ + +#include /* socklen_t */ + +struct addrinfo; +struct hostent; + +struct hostent *cap_gethostbyname(cap_channel_t *chan, const char *name); +struct hostent *cap_gethostbyname2(cap_channel_t *chan, const char *name, + int type); +struct hostent *cap_gethostbyaddr(cap_channel_t *chan, const void *addr, + socklen_t len, int type); + +int cap_getaddrinfo(cap_channel_t *chan, const char *hostname, + const char *servname, const struct addrinfo *hints, struct addrinfo **res); +int cap_getnameinfo(cap_channel_t *chan, const struct sockaddr *sa, + socklen_t salen, char *host, size_t hostlen, char *serv, size_t servlen, + int flags); + +int cap_dns_type_limit(cap_channel_t *chan, const char * const *types, + size_t ntypes); +int cap_dns_family_limit(cap_channel_t *chan, const int *families, + size_t nfamilies); + +#endif /* !_CAP_DNS_H_ */ Property changes on: head/lib/libcasper/services/cap_dns/cap_dns.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_grp/Makefile =================================================================== --- head/lib/libcasper/services/cap_grp/Makefile (nonexistent) +++ head/lib/libcasper/services/cap_grp/Makefile (revision 296047) @@ -0,0 +1,20 @@ +# $FreeBSD$ + +LIB= cap_grp + +SHLIB_MAJOR= 0 +SHLIBDIR?= /lib/casper +INCSDIR?= ${INCLUDEDIR}/casper + +SRCS= cap_grp.c + +INCS= cap_grp.h + +LIBADD= nv + +CFLAGS+=-I${.CURDIR} +CFLAGS+=-I${.CURDIR}/../libcasper + +WARNS?= 6 + +.include Property changes on: head/lib/libcasper/services/cap_grp/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_grp/cap_grp.c =================================================================== --- head/lib/libcasper/services/cap_grp/cap_grp.c (nonexistent) +++ head/lib/libcasper/services/cap_grp/cap_grp.c (revision 296047) @@ -0,0 +1,787 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include + +#include +#include +#include +#include +#include + +#include +#include + +#include "cap_grp.h" + +static struct group ggrp; +static char *gbuffer; +static size_t gbufsize; + +static int +group_resize(void) +{ + char *buf; + + if (gbufsize == 0) + gbufsize = 1024; + else + gbufsize *= 2; + + buf = gbuffer; + gbuffer = realloc(buf, gbufsize); + if (gbuffer == NULL) { + free(buf); + gbufsize = 0; + return (ENOMEM); + } + memset(gbuffer, 0, gbufsize); + + return (0); +} + +static int +group_unpack_string(const nvlist_t *nvl, const char *fieldname, char **fieldp, + char **bufferp, size_t *bufsizep) +{ + const char *str; + size_t len; + + str = nvlist_get_string(nvl, fieldname); + len = strlcpy(*bufferp, str, *bufsizep); + if (len >= *bufsizep) + return (ERANGE); + *fieldp = *bufferp; + *bufferp += len + 1; + *bufsizep -= len + 1; + + return (0); +} + +static int +group_unpack_members(const nvlist_t *nvl, char ***fieldp, char **bufferp, + size_t *bufsizep) +{ + const char *mem; + char **outstrs, *str, nvlname[64]; + size_t nmem, datasize, strsize; + unsigned int ii; + int n; + + if (!nvlist_exists_number(nvl, "gr_nmem")) { + datasize = _ALIGNBYTES + sizeof(char *); + if (datasize >= *bufsizep) + return (ERANGE); + outstrs = (char **)_ALIGN(*bufferp); + outstrs[0] = NULL; + *fieldp = outstrs; + *bufferp += datasize; + *bufsizep -= datasize; + return (0); + } + + nmem = (size_t)nvlist_get_number(nvl, "gr_nmem"); + datasize = _ALIGNBYTES + sizeof(char *) * (nmem + 1); + for (ii = 0; ii < nmem; ii++) { + n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii); + assert(n > 0 && n < (int)sizeof(nvlname)); + mem = dnvlist_get_string(nvl, nvlname, NULL); + if (mem == NULL) + return (EINVAL); + datasize += strlen(mem) + 1; + } + + if (datasize >= *bufsizep) + return (ERANGE); + + outstrs = (char **)_ALIGN(*bufferp); + str = (char *)outstrs + sizeof(char *) * (nmem + 1); + for (ii = 0; ii < nmem; ii++) { + n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii); + assert(n > 0 && n < (int)sizeof(nvlname)); + mem = nvlist_get_string(nvl, nvlname); + strsize = strlen(mem) + 1; + memcpy(str, mem, strsize); + outstrs[ii] = str; + str += strsize; + } + assert(ii == nmem); + outstrs[ii] = NULL; + + *fieldp = outstrs; + *bufferp += datasize; + *bufsizep -= datasize; + + return (0); +} + +static int +group_unpack(const nvlist_t *nvl, struct group *grp, char *buffer, + size_t bufsize) +{ + int error; + + if (!nvlist_exists_string(nvl, "gr_name")) + return (EINVAL); + + memset(grp, 0, sizeof(*grp)); + + error = group_unpack_string(nvl, "gr_name", &grp->gr_name, &buffer, + &bufsize); + if (error != 0) + return (error); + error = group_unpack_string(nvl, "gr_passwd", &grp->gr_passwd, &buffer, + &bufsize); + if (error != 0) + return (error); + grp->gr_gid = (gid_t)nvlist_get_number(nvl, "gr_gid"); + error = group_unpack_members(nvl, &grp->gr_mem, &buffer, &bufsize); + if (error != 0) + return (error); + + return (0); +} + +static int +cap_getgrcommon_r(cap_channel_t *chan, const char *cmd, const char *name, + gid_t gid, struct group *grp, char *buffer, size_t bufsize, + struct group **result) +{ + nvlist_t *nvl; + bool getgr_r; + int error; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", cmd); + if (strcmp(cmd, "getgrent") == 0 || strcmp(cmd, "getgrent_r") == 0) { + /* Add nothing. */ + } else if (strcmp(cmd, "getgrnam") == 0 || + strcmp(cmd, "getgrnam_r") == 0) { + nvlist_add_string(nvl, "name", name); + } else if (strcmp(cmd, "getgrgid") == 0 || + strcmp(cmd, "getgrgid_r") == 0) { + nvlist_add_number(nvl, "gid", (uint64_t)gid); + } else { + abort(); + } + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) { + assert(errno != 0); + *result = NULL; + return (errno); + } + error = (int)nvlist_get_number(nvl, "error"); + if (error != 0) { + nvlist_destroy(nvl); + *result = NULL; + return (error); + } + + if (!nvlist_exists_string(nvl, "gr_name")) { + /* Not found. */ + nvlist_destroy(nvl); + *result = NULL; + return (0); + } + + getgr_r = (strcmp(cmd, "getgrent_r") == 0 || + strcmp(cmd, "getgrnam_r") == 0 || strcmp(cmd, "getgrgid_r") == 0); + + for (;;) { + error = group_unpack(nvl, grp, buffer, bufsize); + if (getgr_r || error != ERANGE) + break; + assert(buffer == gbuffer); + assert(bufsize == gbufsize); + error = group_resize(); + if (error != 0) + break; + /* Update pointers after resize. */ + buffer = gbuffer; + bufsize = gbufsize; + } + + nvlist_destroy(nvl); + + if (error == 0) + *result = grp; + else + *result = NULL; + + return (error); +} + +static struct group * +cap_getgrcommon(cap_channel_t *chan, const char *cmd, const char *name, + gid_t gid) +{ + struct group *result; + int error, serrno; + + serrno = errno; + + error = cap_getgrcommon_r(chan, cmd, name, gid, &ggrp, gbuffer, + gbufsize, &result); + if (error != 0) { + errno = error; + return (NULL); + } + + errno = serrno; + + return (result); +} + +struct group * +cap_getgrent(cap_channel_t *chan) +{ + + return (cap_getgrcommon(chan, "getgrent", NULL, 0)); +} + +struct group * +cap_getgrnam(cap_channel_t *chan, const char *name) +{ + + return (cap_getgrcommon(chan, "getgrnam", name, 0)); +} + +struct group * +cap_getgrgid(cap_channel_t *chan, gid_t gid) +{ + + return (cap_getgrcommon(chan, "getgrgid", NULL, gid)); +} + +int +cap_getgrent_r(cap_channel_t *chan, struct group *grp, char *buffer, + size_t bufsize, struct group **result) +{ + + return (cap_getgrcommon_r(chan, "getgrent_r", NULL, 0, grp, buffer, + bufsize, result)); +} + +int +cap_getgrnam_r(cap_channel_t *chan, const char *name, struct group *grp, + char *buffer, size_t bufsize, struct group **result) +{ + + return (cap_getgrcommon_r(chan, "getgrnam_r", name, 0, grp, buffer, + bufsize, result)); +} + +int +cap_getgrgid_r(cap_channel_t *chan, gid_t gid, struct group *grp, char *buffer, + size_t bufsize, struct group **result) +{ + + return (cap_getgrcommon_r(chan, "getgrgid_r", NULL, gid, grp, buffer, + bufsize, result)); +} + +int +cap_setgroupent(cap_channel_t *chan, int stayopen) +{ + nvlist_t *nvl; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "setgroupent"); + nvlist_add_bool(nvl, "stayopen", stayopen != 0); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) + return (0); + if (nvlist_get_number(nvl, "error") != 0) { + errno = nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (0); + } + nvlist_destroy(nvl); + + return (1); +} + +int +cap_setgrent(cap_channel_t *chan) +{ + nvlist_t *nvl; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "setgrent"); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) + return (0); + if (nvlist_get_number(nvl, "error") != 0) { + errno = nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (0); + } + nvlist_destroy(nvl); + + return (1); +} + +void +cap_endgrent(cap_channel_t *chan) +{ + nvlist_t *nvl; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "endgrent"); + /* Ignore any errors, we have no way to report them. */ + nvlist_destroy(cap_xfer_nvlist(chan, nvl, 0)); +} + +int +cap_grp_limit_cmds(cap_channel_t *chan, const char * const *cmds, size_t ncmds) +{ + nvlist_t *limits, *nvl; + unsigned int i; + + if (cap_limit_get(chan, &limits) < 0) + return (-1); + if (limits == NULL) { + limits = nvlist_create(0); + } else { + if (nvlist_exists_nvlist(limits, "cmds")) + nvlist_free_nvlist(limits, "cmds"); + } + nvl = nvlist_create(0); + for (i = 0; i < ncmds; i++) + nvlist_add_null(nvl, cmds[i]); + nvlist_move_nvlist(limits, "cmds", nvl); + return (cap_limit_set(chan, limits)); +} + +int +cap_grp_limit_fields(cap_channel_t *chan, const char * const *fields, + size_t nfields) +{ + nvlist_t *limits, *nvl; + unsigned int i; + + if (cap_limit_get(chan, &limits) < 0) + return (-1); + if (limits == NULL) { + limits = nvlist_create(0); + } else { + if (nvlist_exists_nvlist(limits, "fields")) + nvlist_free_nvlist(limits, "fields"); + } + nvl = nvlist_create(0); + for (i = 0; i < nfields; i++) + nvlist_add_null(nvl, fields[i]); + nvlist_move_nvlist(limits, "fields", nvl); + return (cap_limit_set(chan, limits)); +} + +int +cap_grp_limit_groups(cap_channel_t *chan, const char * const *names, + size_t nnames, gid_t *gids, size_t ngids) +{ + nvlist_t *limits, *groups; + unsigned int i; + char nvlname[64]; + int n; + + if (cap_limit_get(chan, &limits) < 0) + return (-1); + if (limits == NULL) { + limits = nvlist_create(0); + } else { + if (nvlist_exists_nvlist(limits, "groups")) + nvlist_free_nvlist(limits, "groups"); + } + groups = nvlist_create(0); + for (i = 0; i < ngids; i++) { + n = snprintf(nvlname, sizeof(nvlname), "gid%u", i); + assert(n > 0 && n < (int)sizeof(nvlname)); + nvlist_add_number(groups, nvlname, (uint64_t)gids[i]); + } + for (i = 0; i < nnames; i++) { + n = snprintf(nvlname, sizeof(nvlname), "gid%u", i); + assert(n > 0 && n < (int)sizeof(nvlname)); + nvlist_add_string(groups, nvlname, names[i]); + } + nvlist_move_nvlist(limits, "groups", groups); + return (cap_limit_set(chan, limits)); +} + +/* + * Service functions. + */ +static bool +grp_allowed_cmd(const nvlist_t *limits, const char *cmd) +{ + + if (limits == NULL) + return (true); + + /* + * If no limit was set on allowed commands, then all commands + * are allowed. + */ + if (!nvlist_exists_nvlist(limits, "cmds")) + return (true); + + limits = nvlist_get_nvlist(limits, "cmds"); + return (nvlist_exists_null(limits, cmd)); +} + +static int +grp_allowed_cmds(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const char *name; + void *cookie; + int type; + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + if (type != NV_TYPE_NULL) + return (EINVAL); + if (!grp_allowed_cmd(oldlimits, name)) + return (ENOTCAPABLE); + } + + return (0); +} + +static bool +grp_allowed_group(const nvlist_t *limits, const char *gname, gid_t gid) +{ + const char *name; + void *cookie; + int type; + + if (limits == NULL) + return (true); + + /* + * If no limit was set on allowed groups, then all groups are allowed. + */ + if (!nvlist_exists_nvlist(limits, "groups")) + return (true); + + limits = nvlist_get_nvlist(limits, "groups"); + cookie = NULL; + while ((name = nvlist_next(limits, &type, &cookie)) != NULL) { + switch (type) { + case NV_TYPE_NUMBER: + if (gid != (gid_t)-1 && + nvlist_get_number(limits, name) == (uint64_t)gid) { + return (true); + } + break; + case NV_TYPE_STRING: + if (gname != NULL && + strcmp(nvlist_get_string(limits, name), + gname) == 0) { + return (true); + } + break; + default: + abort(); + } + } + + return (false); +} + +static int +grp_allowed_groups(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const char *name, *gname; + void *cookie; + gid_t gid; + int type; + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + switch (type) { + case NV_TYPE_NUMBER: + gid = (gid_t)nvlist_get_number(newlimits, name); + gname = NULL; + break; + case NV_TYPE_STRING: + gid = (gid_t)-1; + gname = nvlist_get_string(newlimits, name); + break; + default: + return (EINVAL); + } + if (!grp_allowed_group(oldlimits, gname, gid)) + return (ENOTCAPABLE); + } + + return (0); +} + +static bool +grp_allowed_field(const nvlist_t *limits, const char *field) +{ + + if (limits == NULL) + return (true); + + /* + * If no limit was set on allowed fields, then all fields are allowed. + */ + if (!nvlist_exists_nvlist(limits, "fields")) + return (true); + + limits = nvlist_get_nvlist(limits, "fields"); + return (nvlist_exists_null(limits, field)); +} + +static int +grp_allowed_fields(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const char *name; + void *cookie; + int type; + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + if (type != NV_TYPE_NULL) + return (EINVAL); + if (!grp_allowed_field(oldlimits, name)) + return (ENOTCAPABLE); + } + + return (0); +} + +static bool +grp_pack(const nvlist_t *limits, const struct group *grp, nvlist_t *nvl) +{ + char nvlname[64]; + int n; + + if (grp == NULL) + return (true); + + /* + * If either name or GID is allowed, we allow it. + */ + if (!grp_allowed_group(limits, grp->gr_name, grp->gr_gid)) + return (false); + + if (grp_allowed_field(limits, "gr_name")) + nvlist_add_string(nvl, "gr_name", grp->gr_name); + else + nvlist_add_string(nvl, "gr_name", ""); + if (grp_allowed_field(limits, "gr_passwd")) + nvlist_add_string(nvl, "gr_passwd", grp->gr_passwd); + else + nvlist_add_string(nvl, "gr_passwd", ""); + if (grp_allowed_field(limits, "gr_gid")) + nvlist_add_number(nvl, "gr_gid", (uint64_t)grp->gr_gid); + else + nvlist_add_number(nvl, "gr_gid", (uint64_t)-1); + if (grp_allowed_field(limits, "gr_mem") && grp->gr_mem[0] != NULL) { + unsigned int ngroups; + + for (ngroups = 0; grp->gr_mem[ngroups] != NULL; ngroups++) { + n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", + ngroups); + assert(n > 0 && n < (ssize_t)sizeof(nvlname)); + nvlist_add_string(nvl, nvlname, grp->gr_mem[ngroups]); + } + nvlist_add_number(nvl, "gr_nmem", (uint64_t)ngroups); + } + + return (true); +} + +static int +grp_getgrent(const nvlist_t *limits, const nvlist_t *nvlin __unused, + nvlist_t *nvlout) +{ + struct group *grp; + + for (;;) { + errno = 0; + grp = getgrent(); + if (errno != 0) + return (errno); + if (grp_pack(limits, grp, nvlout)) + return (0); + } + + /* NOTREACHED */ +} + +static int +grp_getgrnam(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) +{ + struct group *grp; + const char *name; + + if (!nvlist_exists_string(nvlin, "name")) + return (EINVAL); + name = nvlist_get_string(nvlin, "name"); + assert(name != NULL); + + errno = 0; + grp = getgrnam(name); + if (errno != 0) + return (errno); + + (void)grp_pack(limits, grp, nvlout); + + return (0); +} + +static int +grp_getgrgid(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) +{ + struct group *grp; + gid_t gid; + + if (!nvlist_exists_number(nvlin, "gid")) + return (EINVAL); + + gid = (gid_t)nvlist_get_number(nvlin, "gid"); + + errno = 0; + grp = getgrgid(gid); + if (errno != 0) + return (errno); + + (void)grp_pack(limits, grp, nvlout); + + return (0); +} + +static int +grp_setgroupent(const nvlist_t *limits __unused, const nvlist_t *nvlin, + nvlist_t *nvlout __unused) +{ + int stayopen; + + if (!nvlist_exists_bool(nvlin, "stayopen")) + return (EINVAL); + + stayopen = nvlist_get_bool(nvlin, "stayopen") ? 1 : 0; + + return (setgroupent(stayopen) == 0 ? EFAULT : 0); +} + +static int +grp_setgrent(const nvlist_t *limits __unused, const nvlist_t *nvlin __unused, + nvlist_t *nvlout __unused) +{ + + return (setgrent() == 0 ? EFAULT : 0); +} + +static int +grp_endgrent(const nvlist_t *limits __unused, const nvlist_t *nvlin __unused, + nvlist_t *nvlout __unused) +{ + + endgrent(); + + return (0); +} + +static int +grp_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const nvlist_t *limits; + const char *name; + void *cookie; + int error, type; + + if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "cmds") && + !nvlist_exists_nvlist(newlimits, "cmds")) { + return (ENOTCAPABLE); + } + if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "fields") && + !nvlist_exists_nvlist(newlimits, "fields")) { + return (ENOTCAPABLE); + } + if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "groups") && + !nvlist_exists_nvlist(newlimits, "groups")) { + return (ENOTCAPABLE); + } + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + if (type != NV_TYPE_NVLIST) + return (EINVAL); + limits = nvlist_get_nvlist(newlimits, name); + if (strcmp(name, "cmds") == 0) + error = grp_allowed_cmds(oldlimits, limits); + else if (strcmp(name, "fields") == 0) + error = grp_allowed_fields(oldlimits, limits); + else if (strcmp(name, "groups") == 0) + error = grp_allowed_groups(oldlimits, limits); + else + error = EINVAL; + if (error != 0) + return (error); + } + + return (0); +} + +static int +grp_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, + nvlist_t *nvlout) +{ + int error; + + if (!grp_allowed_cmd(limits, cmd)) + return (ENOTCAPABLE); + + if (strcmp(cmd, "getgrent") == 0 || strcmp(cmd, "getgrent_r") == 0) + error = grp_getgrent(limits, nvlin, nvlout); + else if (strcmp(cmd, "getgrnam") == 0 || strcmp(cmd, "getgrnam_r") == 0) + error = grp_getgrnam(limits, nvlin, nvlout); + else if (strcmp(cmd, "getgrgid") == 0 || strcmp(cmd, "getgrgid_r") == 0) + error = grp_getgrgid(limits, nvlin, nvlout); + else if (strcmp(cmd, "setgroupent") == 0) + error = grp_setgroupent(limits, nvlin, nvlout); + else if (strcmp(cmd, "setgrent") == 0) + error = grp_setgrent(limits, nvlin, nvlout); + else if (strcmp(cmd, "endgrent") == 0) + error = grp_endgrent(limits, nvlin, nvlout); + else + error = EINVAL; + + return (error); +} + +CREATE_SERVICE("system.grp", grp_limit, grp_command); Property changes on: head/lib/libcasper/services/cap_grp/cap_grp.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_grp/cap_grp.h =================================================================== --- head/lib/libcasper/services/cap_grp/cap_grp.h (nonexistent) +++ head/lib/libcasper/services/cap_grp/cap_grp.h (revision 296047) @@ -0,0 +1,57 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _CAP_GRP_H_ +#define _CAP_GRP_H_ + +struct group *cap_getgrent(cap_channel_t *chan); +struct group *cap_getgrnam(cap_channel_t *chan, const char *name); +struct group *cap_getgrgid(cap_channel_t *chan, gid_t gid); + +int cap_getgrent_r(cap_channel_t *chan, struct group *grp, char *buffer, + size_t bufsize, struct group **result); +int cap_getgrnam_r(cap_channel_t *chan, const char *name, struct group *grp, + char *buffer, size_t bufsize, struct group **result); +int cap_getgrgid_r(cap_channel_t *chan, gid_t gid, struct group *grp, + char *buffer, size_t bufsize, struct group **result); + +int cap_setgroupent(cap_channel_t *chan, int stayopen); +int cap_setgrent(cap_channel_t *chan); +void cap_endgrent(cap_channel_t *chan); + +int cap_grp_limit_cmds(cap_channel_t *chan, const char * const *cmds, + size_t ncmds); +int cap_grp_limit_fields(cap_channel_t *chan, const char * const *fields, + size_t nfields); +int cap_grp_limit_groups(cap_channel_t *chan, const char * const *names, + size_t nnames, gid_t *gids, size_t ngids); + +#endif /* !_CAP_GRP_H_ */ Property changes on: head/lib/libcasper/services/cap_grp/cap_grp.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_pwd/Makefile =================================================================== --- head/lib/libcasper/services/cap_pwd/Makefile (nonexistent) +++ head/lib/libcasper/services/cap_pwd/Makefile (revision 296047) @@ -0,0 +1,20 @@ +# $FreeBSD$ + +LIB= cap_pwd + +SHLIB_MAJOR= 0 +SHLIBDIR?= /lib/casper +INCSDIR?= ${INCLUDEDIR}/casper + +SRCS= cap_pwd.c + +INCS= cap_pwd.h + +LIBADD= nv + +CFLAGS+=-I${.CURDIR} +CFLAGS+=-I${.CURDIR}/../libcasper + +WARNS?= 6 + +.include Property changes on: head/lib/libcasper/services/cap_pwd/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_pwd/cap_pwd.c =================================================================== --- head/lib/libcasper/services/cap_pwd/cap_pwd.c (nonexistent) +++ head/lib/libcasper/services/cap_pwd/cap_pwd.c (revision 296047) @@ -0,0 +1,783 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include + +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "cap_pwd.h" + +static struct passwd gpwd; +static char *gbuffer; +static size_t gbufsize; + +static int +passwd_resize(void) +{ + char *buf; + + if (gbufsize == 0) + gbufsize = 1024; + else + gbufsize *= 2; + + buf = gbuffer; + gbuffer = realloc(buf, gbufsize); + if (gbuffer == NULL) { + free(buf); + gbufsize = 0; + return (ENOMEM); + } + memset(gbuffer, 0, gbufsize); + + return (0); +} + +static int +passwd_unpack_string(const nvlist_t *nvl, const char *fieldname, char **fieldp, + char **bufferp, size_t *bufsizep) +{ + const char *str; + size_t len; + + str = nvlist_get_string(nvl, fieldname); + len = strlcpy(*bufferp, str, *bufsizep); + if (len >= *bufsizep) + return (ERANGE); + *fieldp = *bufferp; + *bufferp += len + 1; + *bufsizep -= len + 1; + + return (0); +} + +static int +passwd_unpack(const nvlist_t *nvl, struct passwd *pwd, char *buffer, + size_t bufsize) +{ + int error; + + if (!nvlist_exists_string(nvl, "pw_name")) + return (EINVAL); + + memset(pwd, 0, sizeof(*pwd)); + + error = passwd_unpack_string(nvl, "pw_name", &pwd->pw_name, &buffer, + &bufsize); + if (error != 0) + return (error); + pwd->pw_uid = (uid_t)nvlist_get_number(nvl, "pw_uid"); + pwd->pw_gid = (gid_t)nvlist_get_number(nvl, "pw_gid"); + pwd->pw_change = (time_t)nvlist_get_number(nvl, "pw_change"); + error = passwd_unpack_string(nvl, "pw_passwd", &pwd->pw_passwd, &buffer, + &bufsize); + if (error != 0) + return (error); + error = passwd_unpack_string(nvl, "pw_class", &pwd->pw_class, &buffer, + &bufsize); + if (error != 0) + return (error); + error = passwd_unpack_string(nvl, "pw_gecos", &pwd->pw_gecos, &buffer, + &bufsize); + if (error != 0) + return (error); + error = passwd_unpack_string(nvl, "pw_dir", &pwd->pw_dir, &buffer, + &bufsize); + if (error != 0) + return (error); + error = passwd_unpack_string(nvl, "pw_shell", &pwd->pw_shell, &buffer, + &bufsize); + if (error != 0) + return (error); + pwd->pw_expire = (time_t)nvlist_get_number(nvl, "pw_expire"); + pwd->pw_fields = (int)nvlist_get_number(nvl, "pw_fields"); + + return (0); +} + +static int +cap_getpwcommon_r(cap_channel_t *chan, const char *cmd, const char *login, + uid_t uid, struct passwd *pwd, char *buffer, size_t bufsize, + struct passwd **result) +{ + nvlist_t *nvl; + bool getpw_r; + int error; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", cmd); + if (strcmp(cmd, "getpwent") == 0 || strcmp(cmd, "getpwent_r") == 0) { + /* Add nothing. */ + } else if (strcmp(cmd, "getpwnam") == 0 || + strcmp(cmd, "getpwnam_r") == 0) { + nvlist_add_string(nvl, "name", login); + } else if (strcmp(cmd, "getpwuid") == 0 || + strcmp(cmd, "getpwuid_r") == 0) { + nvlist_add_number(nvl, "uid", (uint64_t)uid); + } else { + abort(); + } + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) { + assert(errno != 0); + *result = NULL; + return (errno); + } + error = (int)nvlist_get_number(nvl, "error"); + if (error != 0) { + nvlist_destroy(nvl); + *result = NULL; + return (error); + } + + if (!nvlist_exists_string(nvl, "pw_name")) { + /* Not found. */ + nvlist_destroy(nvl); + *result = NULL; + return (0); + } + + getpw_r = (strcmp(cmd, "getpwent_r") == 0 || + strcmp(cmd, "getpwnam_r") == 0 || strcmp(cmd, "getpwuid_r") == 0); + + for (;;) { + error = passwd_unpack(nvl, pwd, buffer, bufsize); + if (getpw_r || error != ERANGE) + break; + assert(buffer == gbuffer); + assert(bufsize == gbufsize); + error = passwd_resize(); + if (error != 0) + break; + /* Update pointers after resize. */ + buffer = gbuffer; + bufsize = gbufsize; + } + + nvlist_destroy(nvl); + + if (error == 0) + *result = pwd; + else + *result = NULL; + + return (error); +} + +static struct passwd * +cap_getpwcommon(cap_channel_t *chan, const char *cmd, const char *login, + uid_t uid) +{ + struct passwd *result; + int error, serrno; + + serrno = errno; + + error = cap_getpwcommon_r(chan, cmd, login, uid, &gpwd, gbuffer, + gbufsize, &result); + if (error != 0) { + errno = error; + return (NULL); + } + + errno = serrno; + + return (result); +} + +struct passwd * +cap_getpwent(cap_channel_t *chan) +{ + + return (cap_getpwcommon(chan, "getpwent", NULL, 0)); +} + +struct passwd * +cap_getpwnam(cap_channel_t *chan, const char *login) +{ + + return (cap_getpwcommon(chan, "getpwnam", login, 0)); +} + +struct passwd * +cap_getpwuid(cap_channel_t *chan, uid_t uid) +{ + + return (cap_getpwcommon(chan, "getpwuid", NULL, uid)); +} + +int +cap_getpwent_r(cap_channel_t *chan, struct passwd *pwd, char *buffer, + size_t bufsize, struct passwd **result) +{ + + return (cap_getpwcommon_r(chan, "getpwent_r", NULL, 0, pwd, buffer, + bufsize, result)); +} + +int +cap_getpwnam_r(cap_channel_t *chan, const char *name, struct passwd *pwd, + char *buffer, size_t bufsize, struct passwd **result) +{ + + return (cap_getpwcommon_r(chan, "getpwnam_r", name, 0, pwd, buffer, + bufsize, result)); +} + +int +cap_getpwuid_r(cap_channel_t *chan, uid_t uid, struct passwd *pwd, char *buffer, + size_t bufsize, struct passwd **result) +{ + + return (cap_getpwcommon_r(chan, "getpwuid_r", NULL, uid, pwd, buffer, + bufsize, result)); +} + +int +cap_setpassent(cap_channel_t *chan, int stayopen) +{ + nvlist_t *nvl; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "setpassent"); + nvlist_add_bool(nvl, "stayopen", stayopen != 0); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) + return (0); + if (nvlist_get_number(nvl, "error") != 0) { + errno = nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (0); + } + nvlist_destroy(nvl); + + return (1); +} + +static void +cap_set_end_pwent(cap_channel_t *chan, const char *cmd) +{ + nvlist_t *nvl; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", cmd); + /* Ignore any errors, we have no way to report them. */ + nvlist_destroy(cap_xfer_nvlist(chan, nvl, 0)); +} + +void +cap_setpwent(cap_channel_t *chan) +{ + + cap_set_end_pwent(chan, "setpwent"); +} + +void +cap_endpwent(cap_channel_t *chan) +{ + + cap_set_end_pwent(chan, "endpwent"); +} + +int +cap_pwd_limit_cmds(cap_channel_t *chan, const char * const *cmds, size_t ncmds) +{ + nvlist_t *limits, *nvl; + unsigned int i; + + if (cap_limit_get(chan, &limits) < 0) + return (-1); + if (limits == NULL) { + limits = nvlist_create(0); + } else { + if (nvlist_exists_nvlist(limits, "cmds")) + nvlist_free_nvlist(limits, "cmds"); + } + nvl = nvlist_create(0); + for (i = 0; i < ncmds; i++) + nvlist_add_null(nvl, cmds[i]); + nvlist_move_nvlist(limits, "cmds", nvl); + return (cap_limit_set(chan, limits)); +} + +int +cap_pwd_limit_fields(cap_channel_t *chan, const char * const *fields, + size_t nfields) +{ + nvlist_t *limits, *nvl; + unsigned int i; + + if (cap_limit_get(chan, &limits) < 0) + return (-1); + if (limits == NULL) { + limits = nvlist_create(0); + } else { + if (nvlist_exists_nvlist(limits, "fields")) + nvlist_free_nvlist(limits, "fields"); + } + nvl = nvlist_create(0); + for (i = 0; i < nfields; i++) + nvlist_add_null(nvl, fields[i]); + nvlist_move_nvlist(limits, "fields", nvl); + return (cap_limit_set(chan, limits)); +} + +int +cap_pwd_limit_users(cap_channel_t *chan, const char * const *names, + size_t nnames, uid_t *uids, size_t nuids) +{ + nvlist_t *limits, *users; + char nvlname[64]; + unsigned int i; + int n; + + if (cap_limit_get(chan, &limits) < 0) + return (-1); + if (limits == NULL) { + limits = nvlist_create(0); + } else { + if (nvlist_exists_nvlist(limits, "users")) + nvlist_free_nvlist(limits, "users"); + } + users = nvlist_create(0); + for (i = 0; i < nuids; i++) { + n = snprintf(nvlname, sizeof(nvlname), "uid%u", i); + assert(n > 0 && n < (int)sizeof(nvlname)); + nvlist_add_number(users, nvlname, (uint64_t)uids[i]); + } + for (i = 0; i < nnames; i++) { + n = snprintf(nvlname, sizeof(nvlname), "name%u", i); + assert(n > 0 && n < (int)sizeof(nvlname)); + nvlist_add_string(users, nvlname, names[i]); + } + nvlist_move_nvlist(limits, "users", users); + return (cap_limit_set(chan, limits)); +} + + +/* + * Service functions. + */ +static bool +pwd_allowed_cmd(const nvlist_t *limits, const char *cmd) +{ + + if (limits == NULL) + return (true); + + /* + * If no limit was set on allowed commands, then all commands + * are allowed. + */ + if (!nvlist_exists_nvlist(limits, "cmds")) + return (true); + + limits = nvlist_get_nvlist(limits, "cmds"); + return (nvlist_exists_null(limits, cmd)); +} + +static int +pwd_allowed_cmds(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const char *name; + void *cookie; + int type; + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + if (type != NV_TYPE_NULL) + return (EINVAL); + if (!pwd_allowed_cmd(oldlimits, name)) + return (ENOTCAPABLE); + } + + return (0); +} + +static bool +pwd_allowed_user(const nvlist_t *limits, const char *uname, uid_t uid) +{ + const char *name; + void *cookie; + int type; + + if (limits == NULL) + return (true); + + /* + * If no limit was set on allowed users, then all users are allowed. + */ + if (!nvlist_exists_nvlist(limits, "users")) + return (true); + + limits = nvlist_get_nvlist(limits, "users"); + cookie = NULL; + while ((name = nvlist_next(limits, &type, &cookie)) != NULL) { + switch (type) { + case NV_TYPE_NUMBER: + if (uid != (uid_t)-1 && + nvlist_get_number(limits, name) == (uint64_t)uid) { + return (true); + } + break; + case NV_TYPE_STRING: + if (uname != NULL && + strcmp(nvlist_get_string(limits, name), + uname) == 0) { + return (true); + } + break; + default: + abort(); + } + } + + return (false); +} + +static int +pwd_allowed_users(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const char *name, *uname; + void *cookie; + uid_t uid; + int type; + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + switch (type) { + case NV_TYPE_NUMBER: + uid = (uid_t)nvlist_get_number(newlimits, name); + uname = NULL; + break; + case NV_TYPE_STRING: + uid = (uid_t)-1; + uname = nvlist_get_string(newlimits, name); + break; + default: + return (EINVAL); + } + if (!pwd_allowed_user(oldlimits, uname, uid)) + return (ENOTCAPABLE); + } + + return (0); +} + +static bool +pwd_allowed_field(const nvlist_t *limits, const char *field) +{ + + if (limits == NULL) + return (true); + + /* + * If no limit was set on allowed fields, then all fields are allowed. + */ + if (!nvlist_exists_nvlist(limits, "fields")) + return (true); + + limits = nvlist_get_nvlist(limits, "fields"); + return (nvlist_exists_null(limits, field)); +} + +static int +pwd_allowed_fields(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const char *name; + void *cookie; + int type; + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + if (type != NV_TYPE_NULL) + return (EINVAL); + if (!pwd_allowed_field(oldlimits, name)) + return (ENOTCAPABLE); + } + + return (0); +} + +static bool +pwd_pack(const nvlist_t *limits, const struct passwd *pwd, nvlist_t *nvl) +{ + int fields; + + if (pwd == NULL) + return (true); + + /* + * If either name or UID is allowed, we allow it. + */ + if (!pwd_allowed_user(limits, pwd->pw_name, pwd->pw_uid)) + return (false); + + fields = pwd->pw_fields; + + if (pwd_allowed_field(limits, "pw_name")) { + nvlist_add_string(nvl, "pw_name", pwd->pw_name); + } else { + nvlist_add_string(nvl, "pw_name", ""); + fields &= ~_PWF_NAME; + } + if (pwd_allowed_field(limits, "pw_uid")) { + nvlist_add_number(nvl, "pw_uid", (uint64_t)pwd->pw_uid); + } else { + nvlist_add_number(nvl, "pw_uid", (uint64_t)-1); + fields &= ~_PWF_UID; + } + if (pwd_allowed_field(limits, "pw_gid")) { + nvlist_add_number(nvl, "pw_gid", (uint64_t)pwd->pw_gid); + } else { + nvlist_add_number(nvl, "pw_gid", (uint64_t)-1); + fields &= ~_PWF_GID; + } + if (pwd_allowed_field(limits, "pw_change")) { + nvlist_add_number(nvl, "pw_change", (uint64_t)pwd->pw_change); + } else { + nvlist_add_number(nvl, "pw_change", (uint64_t)0); + fields &= ~_PWF_CHANGE; + } + if (pwd_allowed_field(limits, "pw_passwd")) { + nvlist_add_string(nvl, "pw_passwd", pwd->pw_passwd); + } else { + nvlist_add_string(nvl, "pw_passwd", ""); + fields &= ~_PWF_PASSWD; + } + if (pwd_allowed_field(limits, "pw_class")) { + nvlist_add_string(nvl, "pw_class", pwd->pw_class); + } else { + nvlist_add_string(nvl, "pw_class", ""); + fields &= ~_PWF_CLASS; + } + if (pwd_allowed_field(limits, "pw_gecos")) { + nvlist_add_string(nvl, "pw_gecos", pwd->pw_gecos); + } else { + nvlist_add_string(nvl, "pw_gecos", ""); + fields &= ~_PWF_GECOS; + } + if (pwd_allowed_field(limits, "pw_dir")) { + nvlist_add_string(nvl, "pw_dir", pwd->pw_dir); + } else { + nvlist_add_string(nvl, "pw_dir", ""); + fields &= ~_PWF_DIR; + } + if (pwd_allowed_field(limits, "pw_shell")) { + nvlist_add_string(nvl, "pw_shell", pwd->pw_shell); + } else { + nvlist_add_string(nvl, "pw_shell", ""); + fields &= ~_PWF_SHELL; + } + if (pwd_allowed_field(limits, "pw_expire")) { + nvlist_add_number(nvl, "pw_expire", (uint64_t)pwd->pw_expire); + } else { + nvlist_add_number(nvl, "pw_expire", (uint64_t)0); + fields &= ~_PWF_EXPIRE; + } + nvlist_add_number(nvl, "pw_fields", (uint64_t)fields); + + return (true); +} + +static int +pwd_getpwent(const nvlist_t *limits, const nvlist_t *nvlin __unused, + nvlist_t *nvlout) +{ + struct passwd *pwd; + + for (;;) { + errno = 0; + pwd = getpwent(); + if (errno != 0) + return (errno); + if (pwd_pack(limits, pwd, nvlout)) + return (0); + } + + /* NOTREACHED */ +} + +static int +pwd_getpwnam(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) +{ + struct passwd *pwd; + const char *name; + + if (!nvlist_exists_string(nvlin, "name")) + return (EINVAL); + name = nvlist_get_string(nvlin, "name"); + assert(name != NULL); + + errno = 0; + pwd = getpwnam(name); + if (errno != 0) + return (errno); + + (void)pwd_pack(limits, pwd, nvlout); + + return (0); +} + +static int +pwd_getpwuid(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) +{ + struct passwd *pwd; + uid_t uid; + + if (!nvlist_exists_number(nvlin, "uid")) + return (EINVAL); + + uid = (uid_t)nvlist_get_number(nvlin, "uid"); + + errno = 0; + pwd = getpwuid(uid); + if (errno != 0) + return (errno); + + (void)pwd_pack(limits, pwd, nvlout); + + return (0); +} + +static int +pwd_setpassent(const nvlist_t *limits __unused, const nvlist_t *nvlin, + nvlist_t *nvlout __unused) +{ + int stayopen; + + if (!nvlist_exists_bool(nvlin, "stayopen")) + return (EINVAL); + + stayopen = nvlist_get_bool(nvlin, "stayopen") ? 1 : 0; + + return (setpassent(stayopen) == 0 ? EFAULT : 0); +} + +static int +pwd_setpwent(const nvlist_t *limits __unused, const nvlist_t *nvlin __unused, + nvlist_t *nvlout __unused) +{ + + setpwent(); + + return (0); +} + +static int +pwd_endpwent(const nvlist_t *limits __unused, const nvlist_t *nvlin __unused, + nvlist_t *nvlout __unused) +{ + + endpwent(); + + return (0); +} + +static int +pwd_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const nvlist_t *limits; + const char *name; + void *cookie; + int error, type; + + if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "cmds") && + !nvlist_exists_nvlist(newlimits, "cmds")) { + return (ENOTCAPABLE); + } + if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "fields") && + !nvlist_exists_nvlist(newlimits, "fields")) { + return (ENOTCAPABLE); + } + if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "users") && + !nvlist_exists_nvlist(newlimits, "users")) { + return (ENOTCAPABLE); + } + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + if (type != NV_TYPE_NVLIST) + return (EINVAL); + limits = nvlist_get_nvlist(newlimits, name); + if (strcmp(name, "cmds") == 0) + error = pwd_allowed_cmds(oldlimits, limits); + else if (strcmp(name, "fields") == 0) + error = pwd_allowed_fields(oldlimits, limits); + else if (strcmp(name, "users") == 0) + error = pwd_allowed_users(oldlimits, limits); + else + error = EINVAL; + if (error != 0) + return (error); + } + + return (0); +} + +static int +pwd_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, + nvlist_t *nvlout) +{ + int error; + + if (!pwd_allowed_cmd(limits, cmd)) + return (ENOTCAPABLE); + + if (strcmp(cmd, "getpwent") == 0 || strcmp(cmd, "getpwent_r") == 0) + error = pwd_getpwent(limits, nvlin, nvlout); + else if (strcmp(cmd, "getpwnam") == 0 || strcmp(cmd, "getpwnam_r") == 0) + error = pwd_getpwnam(limits, nvlin, nvlout); + else if (strcmp(cmd, "getpwuid") == 0 || strcmp(cmd, "getpwuid_r") == 0) + error = pwd_getpwuid(limits, nvlin, nvlout); + else if (strcmp(cmd, "setpassent") == 0) + error = pwd_setpassent(limits, nvlin, nvlout); + else if (strcmp(cmd, "setpwent") == 0) + error = pwd_setpwent(limits, nvlin, nvlout); + else if (strcmp(cmd, "endpwent") == 0) + error = pwd_endpwent(limits, nvlin, nvlout); + else + error = EINVAL; + + return (error); +} + +CREATE_SERVICE("system.pwd", pwd_limit, pwd_command); Property changes on: head/lib/libcasper/services/cap_pwd/cap_pwd.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_pwd/cap_pwd.h =================================================================== --- head/lib/libcasper/services/cap_pwd/cap_pwd.h (nonexistent) +++ head/lib/libcasper/services/cap_pwd/cap_pwd.h (revision 296047) @@ -0,0 +1,57 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _CAP_PWD_H_ +#define _CAP_PWD_H_ + +struct passwd *cap_getpwent(cap_channel_t *chan); +struct passwd *cap_getpwnam(cap_channel_t *chan, const char *login); +struct passwd *cap_getpwuid(cap_channel_t *chan, uid_t uid); + +int cap_getpwent_r(cap_channel_t *chan, struct passwd *pwd, char *buffer, + size_t bufsize, struct passwd **result); +int cap_getpwnam_r(cap_channel_t *chan, const char *name, struct passwd *pwd, + char *buffer, size_t bufsize, struct passwd **result); +int cap_getpwuid_r(cap_channel_t *chan, uid_t uid, struct passwd *pwd, + char *buffer, size_t bufsize, struct passwd **result); + +int cap_setpassent(cap_channel_t *chan, int stayopen); +void cap_setpwent(cap_channel_t *chan); +void cap_endpwent(cap_channel_t *chan); + +int cap_pwd_limit_cmds(cap_channel_t *chan, const char * const *cmds, + size_t ncmds); +int cap_pwd_limit_fields(cap_channel_t *chan, const char * const *fields, + size_t nfields); +int cap_pwd_limit_users(cap_channel_t *chan, const char * const *names, + size_t nnames, uid_t *uids, size_t nuids); + +#endif /* !_CAP_PWD_H_ */ Property changes on: head/lib/libcasper/services/cap_pwd/cap_pwd.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_random/Makefile =================================================================== --- head/lib/libcasper/services/cap_random/Makefile (nonexistent) +++ head/lib/libcasper/services/cap_random/Makefile (revision 296047) @@ -0,0 +1,20 @@ +# $FreeBSD$ + +LIB= cap_random + +SHLIB_MAJOR= 0 +SHLIBDIR?= /lib/casper +INCSDIR?= ${INCLUDEDIR}/casper + +SRCS= cap_random.c + +INCS= cap_random.h + +LIBADD= nv + +CFLAGS+=-I${.CURDIR} +CFLAGS+=-I${.CURDIR}/../libcasper + +WARNS?= 6 + +.include Property changes on: head/lib/libcasper/services/cap_random/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_random/cap_random.c =================================================================== --- head/lib/libcasper/services/cap_random/cap_random.c (nonexistent) +++ head/lib/libcasper/services/cap_random/cap_random.c (revision 296047) @@ -0,0 +1,117 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include + +#include +#include +#include +#include +#include + +#include +#include + +#include "cap_random.h" + +#define MAXSIZE (1024 * 1024) + +int +cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes) +{ + nvlist_t *nvl; + const void *randbuf; + uint8_t *ptr; + size_t left, randbufsize; + + left = nbytes; + ptr = buf; + + while (left > 0) { + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "generate"); + nvlist_add_number(nvl, "size", + (uint64_t)(left > MAXSIZE ? MAXSIZE : left)); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) + return (-1); + if (nvlist_get_number(nvl, "error") != 0) { + errno = (int)nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (-1); + } + + randbuf = nvlist_get_binary(nvl, "data", &randbufsize); + memcpy(ptr, randbuf, randbufsize); + + nvlist_destroy(nvl); + + ptr += randbufsize; + assert(left >= randbufsize); + left -= randbufsize; + } + + return (0); +} + +/* + * Service functions. + */ + +static int +random_command(const char *cmd, const nvlist_t *limits __unused, + nvlist_t *nvlin, nvlist_t *nvlout) +{ + void *data; + size_t size; + + if (strcmp(cmd, "generate") != 0) + return (EINVAL); + if (!nvlist_exists_number(nvlin, "size")) + return (EINVAL); + + size = (size_t)nvlist_get_number(nvlin, "size"); + if (size == 0 || size > MAXSIZE) + return (EINVAL); + + data = malloc(size); + if (data == NULL) + return (ENOMEM); + + arc4random_buf(data, size); + + nvlist_move_binary(nvlout, "data", data, size); + + return (0); +} + +CREATE_SERVICE("system.random", NULL, random_command); Property changes on: head/lib/libcasper/services/cap_random/cap_random.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_random/cap_random.h =================================================================== --- head/lib/libcasper/services/cap_random/cap_random.h (nonexistent) +++ head/lib/libcasper/services/cap_random/cap_random.h (revision 296047) @@ -0,0 +1,37 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _CAP_RANDOM_H_ +#define _CAP_RANDOM_H_ + +int cap_random_buf(cap_channel_t *chan, void *buf, size_t nbytes); + +#endif /* !_CAP_RANDOM_H_ */ Property changes on: head/lib/libcasper/services/cap_random/cap_random.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_sysctl/Makefile =================================================================== --- head/lib/libcasper/services/cap_sysctl/Makefile (nonexistent) +++ head/lib/libcasper/services/cap_sysctl/Makefile (revision 296047) @@ -0,0 +1,20 @@ +# $FreeBSD$ + +LIB= cap_sysctl + +SHLIB_MAJOR= 0 +SHLIBDIR?= /lib/casper +INCSDIR?= ${INCLUDEDIR}/casper + +SRCS= cap_sysctl.c + +INCS= cap_sysctl.h + +LIBADD= nv + +CFLAGS+=-I${.CURDIR} +CFLAGS+=-I${.CURDIR}/../libcasper + +WARNS?= 6 + +.include Property changes on: head/lib/libcasper/services/cap_sysctl/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_sysctl/cap_sysctl.c =================================================================== --- head/lib/libcasper/services/cap_sysctl/cap_sysctl.c (nonexistent) +++ head/lib/libcasper/services/cap_sysctl/cap_sysctl.c (revision 296047) @@ -0,0 +1,293 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include + +#include +#include +#include +#include + +#include +#include + +#include "cap_sysctl.h" + +int +cap_sysctlbyname(cap_channel_t *chan, const char *name, void *oldp, + size_t *oldlenp, const void *newp, size_t newlen) +{ + nvlist_t *nvl; + const uint8_t *retoldp; + uint8_t operation; + size_t oldlen; + + operation = 0; + if (oldp != NULL) + operation |= CAP_SYSCTL_READ; + if (newp != NULL) + operation |= CAP_SYSCTL_WRITE; + + nvl = nvlist_create(0); + nvlist_add_string(nvl, "cmd", "sysctl"); + nvlist_add_string(nvl, "name", name); + nvlist_add_number(nvl, "operation", (uint64_t)operation); + if (oldp == NULL && oldlenp != NULL) + nvlist_add_null(nvl, "justsize"); + else if (oldlenp != NULL) + nvlist_add_number(nvl, "oldlen", (uint64_t)*oldlenp); + if (newp != NULL) + nvlist_add_binary(nvl, "newp", newp, newlen); + nvl = cap_xfer_nvlist(chan, nvl, 0); + if (nvl == NULL) + return (-1); + if (nvlist_get_number(nvl, "error") != 0) { + errno = (int)nvlist_get_number(nvl, "error"); + nvlist_destroy(nvl); + return (-1); + } + + if (oldp == NULL && oldlenp != NULL) { + *oldlenp = (size_t)nvlist_get_number(nvl, "oldlen"); + } else if (oldp != NULL) { + retoldp = nvlist_get_binary(nvl, "oldp", &oldlen); + memcpy(oldp, retoldp, oldlen); + if (oldlenp != NULL) + *oldlenp = oldlen; + } + nvlist_destroy(nvl); + + return (0); +} + +/* + * Service functions. + */ +static int +sysctl_check_one(const nvlist_t *nvl, bool islimit) +{ + const char *name; + void *cookie; + int type; + unsigned int fields; + + /* NULL nvl is of course invalid. */ + if (nvl == NULL) + return (EINVAL); + if (nvlist_error(nvl) != 0) + return (nvlist_error(nvl)); + +#define HAS_NAME 0x01 +#define HAS_OPERATION 0x02 + + fields = 0; + cookie = NULL; + while ((name = nvlist_next(nvl, &type, &cookie)) != NULL) { + /* We accept only one 'name' and one 'operation' in nvl. */ + if (strcmp(name, "name") == 0) { + if (type != NV_TYPE_STRING) + return (EINVAL); + /* Only one 'name' can be present. */ + if ((fields & HAS_NAME) != 0) + return (EINVAL); + fields |= HAS_NAME; + } else if (strcmp(name, "operation") == 0) { + uint64_t operation; + + if (type != NV_TYPE_NUMBER) + return (EINVAL); + /* + * We accept only CAP_SYSCTL_READ and + * CAP_SYSCTL_WRITE flags. + */ + operation = nvlist_get_number(nvl, name); + if ((operation & ~(CAP_SYSCTL_RDWR)) != 0) + return (EINVAL); + /* ...but there has to be at least one of them. */ + if ((operation & (CAP_SYSCTL_RDWR)) == 0) + return (EINVAL); + /* Only one 'operation' can be present. */ + if ((fields & HAS_OPERATION) != 0) + return (EINVAL); + fields |= HAS_OPERATION; + } else if (islimit) { + /* If this is limit, there can be no other fields. */ + return (EINVAL); + } + } + + /* Both fields has to be there. */ + if (fields != (HAS_NAME | HAS_OPERATION)) + return (EINVAL); + +#undef HAS_OPERATION +#undef HAS_NAME + + return (0); +} + +static bool +sysctl_allowed(const nvlist_t *limits, const char *chname, uint64_t choperation) +{ + uint64_t operation; + const char *name; + void *cookie; + int type; + + if (limits == NULL) + return (true); + + cookie = NULL; + while ((name = nvlist_next(limits, &type, &cookie)) != NULL) { + assert(type == NV_TYPE_NUMBER); + + operation = nvlist_get_number(limits, name); + if ((operation & choperation) != choperation) + continue; + + if ((operation & CAP_SYSCTL_RECURSIVE) == 0) { + if (strcmp(name, chname) != 0) + continue; + } else { + size_t namelen; + + namelen = strlen(name); + if (strncmp(name, chname, namelen) != 0) + continue; + if (chname[namelen] != '.' && chname[namelen] != '\0') + continue; + } + + return (true); + } + + return (false); +} + +static int +sysctl_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) +{ + const char *name; + void *cookie; + uint64_t operation; + int type; + + cookie = NULL; + while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { + if (type != NV_TYPE_NUMBER) + return (EINVAL); + operation = nvlist_get_number(newlimits, name); + if ((operation & ~(CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE)) != 0) + return (EINVAL); + if ((operation & (CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE)) == 0) + return (EINVAL); + if (!sysctl_allowed(oldlimits, name, operation)) + return (ENOTCAPABLE); + } + + return (0); +} + +static int +sysctl_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, + nvlist_t *nvlout) +{ + const char *name; + const void *newp; + void *oldp; + uint64_t operation; + size_t oldlen, newlen; + size_t *oldlenp; + int error; + + if (strcmp(cmd, "sysctl") != 0) + return (EINVAL); + error = sysctl_check_one(nvlin, false); + if (error != 0) + return (error); + + name = nvlist_get_string(nvlin, "name"); + operation = nvlist_get_number(nvlin, "operation"); + if (!sysctl_allowed(limits, name, operation)) + return (ENOTCAPABLE); + + if ((operation & CAP_SYSCTL_WRITE) != 0) { + if (!nvlist_exists_binary(nvlin, "newp")) + return (EINVAL); + newp = nvlist_get_binary(nvlin, "newp", &newlen); + assert(newp != NULL && newlen > 0); + } else { + newp = NULL; + newlen = 0; + } + + if ((operation & CAP_SYSCTL_READ) != 0) { + if (nvlist_exists_null(nvlin, "justsize")) { + oldp = NULL; + oldlen = 0; + oldlenp = &oldlen; + } else { + if (!nvlist_exists_number(nvlin, "oldlen")) + return (EINVAL); + oldlen = (size_t)nvlist_get_number(nvlin, "oldlen"); + if (oldlen == 0) + return (EINVAL); + oldp = calloc(1, oldlen); + if (oldp == NULL) + return (ENOMEM); + oldlenp = &oldlen; + } + } else { + oldp = NULL; + oldlen = 0; + oldlenp = NULL; + } + + if (sysctlbyname(name, oldp, oldlenp, newp, newlen) == -1) { + error = errno; + free(oldp); + return (error); + } + + if ((operation & CAP_SYSCTL_READ) != 0) { + if (nvlist_exists_null(nvlin, "justsize")) + nvlist_add_number(nvlout, "oldlen", (uint64_t)oldlen); + else + nvlist_move_binary(nvlout, "oldp", oldp, oldlen); + } + + return (0); +} + +CREATE_SERVICE("system.sysctl", sysctl_limit, sysctl_command); Property changes on: head/lib/libcasper/services/cap_sysctl/cap_sysctl.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/lib/libcasper/services/cap_sysctl/cap_sysctl.h =================================================================== --- head/lib/libcasper/services/cap_sysctl/cap_sysctl.h (nonexistent) +++ head/lib/libcasper/services/cap_sysctl/cap_sysctl.h (revision 296047) @@ -0,0 +1,43 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _CAP_SYSCTL_H_ +#define _CAP_SYSCTL_H_ + +#define CAP_SYSCTL_READ 0x01 +#define CAP_SYSCTL_WRITE 0x02 +#define CAP_SYSCTL_RDWR (CAP_SYSCTL_READ | CAP_SYSCTL_WRITE) +#define CAP_SYSCTL_RECURSIVE 0x04 + +int cap_sysctlbyname(cap_channel_t *chan, const char *name, void *oldp, + size_t *oldlenp, const void *newp, size_t newlen); + +#endif /* !_CAP_SYSCTL_H_ */ Property changes on: head/lib/libcasper/services/cap_sysctl/cap_sysctl.h ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/libexec/Makefile =================================================================== --- head/libexec/Makefile (revision 296046) +++ head/libexec/Makefile (revision 296047) @@ -1,119 +1,114 @@ # @(#)Makefile 8.1 (Berkeley) 6/4/93 # $FreeBSD$ .include SUBDIR= ${_atf} \ ${_atrun} \ - ${_casper} \ ${_comsat} \ ${_dma} \ getty \ ${_mail.local} \ ${_makewhatis.local} \ ${_mknetid} \ ${_pppoed} \ revnetgroup \ ${_rlogind} \ rpc.rquotad \ rpc.rstatd \ rpc.rusersd \ rpc.rwalld \ rpc.sprayd \ ${_rshd} \ ${_rtld-elf} \ save-entropy \ ${_smrsh} \ ${_telnetd} \ ${_tests} \ ${_tftp-proxy} \ ulog-helper \ ${_ypxfr} .if ${MK_AT} != "no" _atrun= atrun .endif .if ${MK_BOOTPD} != "no" SUBDIR+= bootpd -.endif - -.if ${MK_CASPER} != "no" -_casper= casper .endif .if ${MK_FINGER} != "no" SUBDIR+= fingerd .endif .if ${MK_FTP} != "no" SUBDIR+= ftpd .endif .if ${MK_MAIL} != "no" _comsat= comsat .endif .if ${MK_DMAGENT} != "no" _dma= dma .endif .if ${MK_NIS} != "no" _mknetid= mknetid _ypxfr= ypxfr .endif .if ${MK_NETGRAPH} != "no" _pppoed= pppoed .endif .if ${MK_PF} != "no" _tftp-proxy= tftp-proxy .endif .if !defined(NO_PIC) && !defined(NO_RTLD) _rtld-elf= rtld-elf .endif .if ${MK_RBOOTD} != "no" SUBDIR+= rbootd .endif .if ${MK_RCMDS} != "no" _rlogind= rlogind _rshd= rshd .endif .if ${MK_SENDMAIL} != "no" _mail.local= mail.local _smrsh= smrsh .endif .if ${MK_MAN_UTILS} != "no" _makewhatis.local= makewhatis.local .endif .if ${MK_TALK} != "no" SUBDIR+= talkd .endif .if ${MK_TCP_WRAPPERS} != "no" SUBDIR+= tcpd .endif .if ${MK_TELNET} != "no" _telnetd= telnetd .endif .if ${MK_TFTP} != "no" SUBDIR+= tftpd .endif .if ${MK_TESTS} != "no" _atf= atf _tests= tests .endif .include .include Index: head/libexec/casper/Makefile =================================================================== --- head/libexec/casper/Makefile (revision 296046) +++ head/libexec/casper/Makefile (nonexistent) @@ -1,11 +0,0 @@ -# $FreeBSD$ - -.include - -SUBDIR= dns -SUBDIR+=grp -SUBDIR+=pwd -SUBDIR+=random -SUBDIR+=sysctl - -.include Property changes on: head/libexec/casper/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/dns/dns.c =================================================================== --- head/libexec/casper/dns/dns.c (revision 296046) +++ head/libexec/casper/dns/dns.c (nonexistent) @@ -1,436 +0,0 @@ -/*- - * Copyright (c) 2012-2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include - -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -static bool -dns_allowed_type(const nvlist_t *limits, const char *type) -{ - const char *name; - bool notypes; - void *cookie; - - if (limits == NULL) - return (true); - - notypes = true; - cookie = NULL; - while ((name = nvlist_next(limits, NULL, &cookie)) != NULL) { - if (strncmp(name, "type", sizeof("type") - 1) != 0) - continue; - notypes = false; - if (strcmp(nvlist_get_string(limits, name), type) == 0) - return (true); - } - - /* If there are no types at all, allow any type. */ - if (notypes) - return (true); - - return (false); -} - -static bool -dns_allowed_family(const nvlist_t *limits, int family) -{ - const char *name; - bool nofamilies; - void *cookie; - - if (limits == NULL) - return (true); - - nofamilies = true; - cookie = NULL; - while ((name = nvlist_next(limits, NULL, &cookie)) != NULL) { - if (strncmp(name, "family", sizeof("family") - 1) != 0) - continue; - nofamilies = false; - if (family == AF_UNSPEC) - continue; - if (nvlist_get_number(limits, name) == (uint64_t)family) - return (true); - } - - /* If there are no families at all, allow any family. */ - if (nofamilies) - return (true); - - return (false); -} - -static void -hostent_pack(const struct hostent *hp, nvlist_t *nvl) -{ - unsigned int ii; - char nvlname[64]; - int n; - - nvlist_add_string(nvl, "name", hp->h_name); - nvlist_add_number(nvl, "addrtype", (uint64_t)hp->h_addrtype); - nvlist_add_number(nvl, "length", (uint64_t)hp->h_length); - - if (hp->h_aliases == NULL) { - nvlist_add_number(nvl, "naliases", 0); - } else { - for (ii = 0; hp->h_aliases[ii] != NULL; ii++) { - n = snprintf(nvlname, sizeof(nvlname), "alias%u", ii); - assert(n > 0 && n < (int)sizeof(nvlname)); - nvlist_add_string(nvl, nvlname, hp->h_aliases[ii]); - } - nvlist_add_number(nvl, "naliases", (uint64_t)ii); - } - - if (hp->h_addr_list == NULL) { - nvlist_add_number(nvl, "naddrs", 0); - } else { - for (ii = 0; hp->h_addr_list[ii] != NULL; ii++) { - n = snprintf(nvlname, sizeof(nvlname), "addr%u", ii); - assert(n > 0 && n < (int)sizeof(nvlname)); - nvlist_add_binary(nvl, nvlname, hp->h_addr_list[ii], - (size_t)hp->h_length); - } - nvlist_add_number(nvl, "naddrs", (uint64_t)ii); - } -} - -static int -dns_gethostbyname(const nvlist_t *limits, const nvlist_t *nvlin, - nvlist_t *nvlout) -{ - struct hostent *hp; - int family; - - if (!dns_allowed_type(limits, "NAME")) - return (NO_RECOVERY); - - family = (int)nvlist_get_number(nvlin, "family"); - - if (!dns_allowed_family(limits, family)) - return (NO_RECOVERY); - - hp = gethostbyname2(nvlist_get_string(nvlin, "name"), family); - if (hp == NULL) - return (h_errno); - hostent_pack(hp, nvlout); - return (0); -} - -static int -dns_gethostbyaddr(const nvlist_t *limits, const nvlist_t *nvlin, - nvlist_t *nvlout) -{ - struct hostent *hp; - const void *addr; - size_t addrsize; - int family; - - if (!dns_allowed_type(limits, "ADDR")) - return (NO_RECOVERY); - - family = (int)nvlist_get_number(nvlin, "family"); - - if (!dns_allowed_family(limits, family)) - return (NO_RECOVERY); - - addr = nvlist_get_binary(nvlin, "addr", &addrsize); - hp = gethostbyaddr(addr, (socklen_t)addrsize, family); - if (hp == NULL) - return (h_errno); - hostent_pack(hp, nvlout); - return (0); -} - -static int -dns_getnameinfo(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - struct sockaddr_storage sast; - const void *sabin; - char *host, *serv; - size_t sabinsize, hostlen, servlen; - socklen_t salen; - int error, flags; - - if (!dns_allowed_type(limits, "NAME")) - return (NO_RECOVERY); - - error = 0; - host = serv = NULL; - memset(&sast, 0, sizeof(sast)); - - hostlen = (size_t)nvlist_get_number(nvlin, "hostlen"); - servlen = (size_t)nvlist_get_number(nvlin, "servlen"); - - if (hostlen > 0) { - host = calloc(1, hostlen + 1); - if (host == NULL) { - error = EAI_MEMORY; - goto out; - } - } - if (servlen > 0) { - serv = calloc(1, servlen + 1); - if (serv == NULL) { - error = EAI_MEMORY; - goto out; - } - } - - sabin = nvlist_get_binary(nvlin, "sa", &sabinsize); - if (sabinsize > sizeof(sast)) { - error = EAI_FAIL; - goto out; - } - - memcpy(&sast, sabin, sabinsize); - salen = (socklen_t)sabinsize; - - if ((sast.ss_family != AF_INET || - salen != sizeof(struct sockaddr_in)) && - (sast.ss_family != AF_INET6 || - salen != sizeof(struct sockaddr_in6))) { - error = EAI_FAIL; - goto out; - } - - if (!dns_allowed_family(limits, (int)sast.ss_family)) { - error = NO_RECOVERY; - goto out; - } - - flags = (int)nvlist_get_number(nvlin, "flags"); - - error = getnameinfo((struct sockaddr *)&sast, salen, host, hostlen, - serv, servlen, flags); - if (error != 0) - goto out; - - nvlist_move_string(nvlout, "host", host); - nvlist_move_string(nvlout, "serv", serv); -out: - if (error != 0) { - free(host); - free(serv); - } - return (error); -} - -static nvlist_t * -addrinfo_pack(const struct addrinfo *ai) -{ - nvlist_t *nvl; - - nvl = nvlist_create(0); - nvlist_add_number(nvl, "ai_flags", (uint64_t)ai->ai_flags); - nvlist_add_number(nvl, "ai_family", (uint64_t)ai->ai_family); - nvlist_add_number(nvl, "ai_socktype", (uint64_t)ai->ai_socktype); - nvlist_add_number(nvl, "ai_protocol", (uint64_t)ai->ai_protocol); - nvlist_add_binary(nvl, "ai_addr", ai->ai_addr, (size_t)ai->ai_addrlen); - nvlist_add_string(nvl, "ai_canonname", ai->ai_canonname); - - return (nvl); -} - -static int -dns_getaddrinfo(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - struct addrinfo hints, *hintsp, *res, *cur; - const char *hostname, *servname; - char nvlname[64]; - nvlist_t *elem; - unsigned int ii; - int error, family, n; - - if (!dns_allowed_type(limits, "ADDR")) - return (NO_RECOVERY); - - hostname = nvlist_get_string(nvlin, "hostname"); - servname = nvlist_get_string(nvlin, "servname"); - if (nvlist_exists_number(nvlin, "hints.ai_flags")) { - size_t addrlen; - - hints.ai_flags = (int)nvlist_get_number(nvlin, - "hints.ai_flags"); - hints.ai_family = (int)nvlist_get_number(nvlin, - "hints.ai_family"); - hints.ai_socktype = (int)nvlist_get_number(nvlin, - "hints.ai_socktype"); - hints.ai_protocol = (int)nvlist_get_number(nvlin, - "hints.ai_protocol"); - hints.ai_addrlen = 0; - hints.ai_addr = NULL; - hints.ai_canonname = NULL; - hintsp = &hints; - family = hints.ai_family; - } else { - hintsp = NULL; - family = AF_UNSPEC; - } - - if (!dns_allowed_family(limits, family)) - return (NO_RECOVERY); - - error = getaddrinfo(hostname, servname, hintsp, &res); - if (error != 0) - goto out; - - for (cur = res, ii = 0; cur != NULL; cur = cur->ai_next, ii++) { - elem = addrinfo_pack(cur); - n = snprintf(nvlname, sizeof(nvlname), "res%u", ii); - assert(n > 0 && n < (int)sizeof(nvlname)); - nvlist_move_nvlist(nvlout, nvlname, elem); - } - - freeaddrinfo(res); - error = 0; -out: - return (error); -} - -static bool -limit_has_entry(const nvlist_t *limits, const char *prefix) -{ - const char *name; - size_t prefixlen; - void *cookie; - - if (limits == NULL) - return (false); - - prefixlen = strlen(prefix); - - cookie = NULL; - while ((name = nvlist_next(limits, NULL, &cookie)) != NULL) { - if (strncmp(name, prefix, prefixlen) == 0) - return (true); - } - - return (false); -} - -static int -dns_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const char *name; - void *cookie; - int nvtype; - bool hastype, hasfamily; - - hastype = false; - hasfamily = false; - - cookie = NULL; - while ((name = nvlist_next(newlimits, &nvtype, &cookie)) != NULL) { - if (nvtype == NV_TYPE_STRING) { - const char *type; - - if (strncmp(name, "type", sizeof("type") - 1) != 0) - return (EINVAL); - type = nvlist_get_string(newlimits, name); - if (strcmp(type, "ADDR") != 0 && - strcmp(type, "NAME") != 0) { - return (EINVAL); - } - if (!dns_allowed_type(oldlimits, type)) - return (ENOTCAPABLE); - hastype = true; - } else if (nvtype == NV_TYPE_NUMBER) { - int family; - - if (strncmp(name, "family", sizeof("family") - 1) != 0) - return (EINVAL); - family = (int)nvlist_get_number(newlimits, name); - if (!dns_allowed_family(oldlimits, family)) - return (ENOTCAPABLE); - hasfamily = true; - } else { - return (EINVAL); - } - } - - /* - * If the new limit doesn't mention type or family we have to - * check if the current limit does have those. Missing type or - * family in the limit means that all types or families are - * allowed. - */ - if (!hastype) { - if (limit_has_entry(oldlimits, "type")) - return (ENOTCAPABLE); - } - if (!hasfamily) { - if (limit_has_entry(oldlimits, "family")) - return (ENOTCAPABLE); - } - - return (0); -} - -static int -dns_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, - nvlist_t *nvlout) -{ - int error; - - if (strcmp(cmd, "gethostbyname") == 0) - error = dns_gethostbyname(limits, nvlin, nvlout); - else if (strcmp(cmd, "gethostbyaddr") == 0) - error = dns_gethostbyaddr(limits, nvlin, nvlout); - else if (strcmp(cmd, "getnameinfo") == 0) - error = dns_getnameinfo(limits, nvlin, nvlout); - else if (strcmp(cmd, "getaddrinfo") == 0) - error = dns_getaddrinfo(limits, nvlin, nvlout); - else - error = NO_RECOVERY; - - return (error); -} - -int -main(int argc, char *argv[]) -{ - - return (service_start("system.dns", PARENT_FILENO, dns_limit, - dns_command, argc, argv)); -} Property changes on: head/libexec/casper/dns/dns.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/dns/Makefile =================================================================== --- head/libexec/casper/dns/Makefile (revision 296046) +++ head/libexec/casper/dns/Makefile (nonexistent) @@ -1,21 +0,0 @@ -# $FreeBSD$ - -.PATH: ${.CURDIR} ${.CURDIR}/../../../sbin/casper - -PROG= dns - -SRCS= dns.c - -LIBADD= casper nv - -BINDIR= /libexec/casper - -CFLAGS+=-I${.CURDIR} -CFLAGS+=-I${.CURDIR}/../../../lib/libcapsicum -CFLAGS+=-I${.CURDIR}/../../../lib/libcasper -CFLAGS+=-I${.CURDIR}/../../../lib/libpjdlog -CFLAGS+=-I${.CURDIR}/../../../sbin/casper - -MAN= - -.include Property changes on: head/libexec/casper/dns/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/grp/grp.c =================================================================== --- head/libexec/casper/grp/grp.c (revision 296046) +++ head/libexec/casper/grp/grp.c (nonexistent) @@ -1,390 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include -#include -#include - -#include -#include -#include - -static bool -grp_allowed_cmd(const nvlist_t *limits, const char *cmd) -{ - - if (limits == NULL) - return (true); - - /* - * If no limit was set on allowed commands, then all commands - * are allowed. - */ - if (!nvlist_exists_nvlist(limits, "cmds")) - return (true); - - limits = nvlist_get_nvlist(limits, "cmds"); - return (nvlist_exists_null(limits, cmd)); -} - -static int -grp_allowed_cmds(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const char *name; - void *cookie; - int type; - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - if (type != NV_TYPE_NULL) - return (EINVAL); - if (!grp_allowed_cmd(oldlimits, name)) - return (ENOTCAPABLE); - } - - return (0); -} - -static bool -grp_allowed_group(const nvlist_t *limits, const char *gname, gid_t gid) -{ - const char *name; - void *cookie; - int type; - - if (limits == NULL) - return (true); - - /* - * If no limit was set on allowed groups, then all groups are allowed. - */ - if (!nvlist_exists_nvlist(limits, "groups")) - return (true); - - limits = nvlist_get_nvlist(limits, "groups"); - cookie = NULL; - while ((name = nvlist_next(limits, &type, &cookie)) != NULL) { - switch (type) { - case NV_TYPE_NUMBER: - if (gid != (gid_t)-1 && - nvlist_get_number(limits, name) == (uint64_t)gid) { - return (true); - } - break; - case NV_TYPE_STRING: - if (gname != NULL && - strcmp(nvlist_get_string(limits, name), - gname) == 0) { - return (true); - } - break; - default: - PJDLOG_ABORT("Unexpected type %d.", type); - } - } - - return (false); -} - -static int -grp_allowed_groups(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const char *name, *gname; - void *cookie; - gid_t gid; - int type; - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - switch (type) { - case NV_TYPE_NUMBER: - gid = (gid_t)nvlist_get_number(newlimits, name); - gname = NULL; - break; - case NV_TYPE_STRING: - gid = (gid_t)-1; - gname = nvlist_get_string(newlimits, name); - break; - default: - return (EINVAL); - } - if (!grp_allowed_group(oldlimits, gname, gid)) - return (ENOTCAPABLE); - } - - return (0); -} - -static bool -grp_allowed_field(const nvlist_t *limits, const char *field) -{ - - if (limits == NULL) - return (true); - - /* - * If no limit was set on allowed fields, then all fields are allowed. - */ - if (!nvlist_exists_nvlist(limits, "fields")) - return (true); - - limits = nvlist_get_nvlist(limits, "fields"); - return (nvlist_exists_null(limits, field)); -} - -static int -grp_allowed_fields(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const char *name; - void *cookie; - int type; - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - if (type != NV_TYPE_NULL) - return (EINVAL); - if (!grp_allowed_field(oldlimits, name)) - return (ENOTCAPABLE); - } - - return (0); -} - -static bool -grp_pack(const nvlist_t *limits, const struct group *grp, nvlist_t *nvl) -{ - char nvlname[64]; - int n; - - if (grp == NULL) - return (true); - - /* - * If either name or GID is allowed, we allow it. - */ - if (!grp_allowed_group(limits, grp->gr_name, grp->gr_gid)) - return (false); - - if (grp_allowed_field(limits, "gr_name")) - nvlist_add_string(nvl, "gr_name", grp->gr_name); - else - nvlist_add_string(nvl, "gr_name", ""); - if (grp_allowed_field(limits, "gr_passwd")) - nvlist_add_string(nvl, "gr_passwd", grp->gr_passwd); - else - nvlist_add_string(nvl, "gr_passwd", ""); - if (grp_allowed_field(limits, "gr_gid")) - nvlist_add_number(nvl, "gr_gid", (uint64_t)grp->gr_gid); - else - nvlist_add_number(nvl, "gr_gid", (uint64_t)-1); - if (grp_allowed_field(limits, "gr_mem") && grp->gr_mem[0] != NULL) { - unsigned int ngroups; - - for (ngroups = 0; grp->gr_mem[ngroups] != NULL; ngroups++) { - n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", - ngroups); - assert(n > 0 && n < sizeof(nvlname)); - nvlist_add_string(nvl, nvlname, grp->gr_mem[ngroups]); - } - nvlist_add_number(nvl, "gr_nmem", (uint64_t)ngroups); - } - - return (true); -} - -static int -grp_getgrent(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - struct group *grp; - - for (;;) { - errno = 0; - grp = getgrent(); - if (errno != 0) - return (errno); - if (grp_pack(limits, grp, nvlout)) - return (0); - } - - /* NOTREACHED */ -} - -static int -grp_getgrnam(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - struct group *grp; - const char *name; - - if (!nvlist_exists_string(nvlin, "name")) - return (EINVAL); - name = nvlist_get_string(nvlin, "name"); - PJDLOG_ASSERT(name != NULL); - - errno = 0; - grp = getgrnam(name); - if (errno != 0) - return (errno); - - (void)grp_pack(limits, grp, nvlout); - - return (0); -} - -static int -grp_getgrgid(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - struct group *grp; - gid_t gid; - - if (!nvlist_exists_number(nvlin, "gid")) - return (EINVAL); - - gid = (gid_t)nvlist_get_number(nvlin, "gid"); - - errno = 0; - grp = getgrgid(gid); - if (errno != 0) - return (errno); - - (void)grp_pack(limits, grp, nvlout); - - return (0); -} - -static int -grp_setgroupent(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - int stayopen; - - if (!nvlist_exists_bool(nvlin, "stayopen")) - return (EINVAL); - - stayopen = nvlist_get_bool(nvlin, "stayopen") ? 1 : 0; - - return (setgroupent(stayopen) == 0 ? EFAULT : 0); -} - -static int -grp_setgrent(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - - return (setgrent() == 0 ? EFAULT : 0); -} - -static int -grp_endgrent(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - - endgrent(); - - return (0); -} - -static int -grp_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const nvlist_t *limits; - const char *name; - void *cookie; - int error, type; - - if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "cmds") && - !nvlist_exists_nvlist(newlimits, "cmds")) { - return (ENOTCAPABLE); - } - if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "fields") && - !nvlist_exists_nvlist(newlimits, "fields")) { - return (ENOTCAPABLE); - } - if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "groups") && - !nvlist_exists_nvlist(newlimits, "groups")) { - return (ENOTCAPABLE); - } - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - if (type != NV_TYPE_NVLIST) - return (EINVAL); - limits = nvlist_get_nvlist(newlimits, name); - if (strcmp(name, "cmds") == 0) - error = grp_allowed_cmds(oldlimits, limits); - else if (strcmp(name, "fields") == 0) - error = grp_allowed_fields(oldlimits, limits); - else if (strcmp(name, "groups") == 0) - error = grp_allowed_groups(oldlimits, limits); - else - error = EINVAL; - if (error != 0) - return (error); - } - - return (0); -} - -static int -grp_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, - nvlist_t *nvlout) -{ - int error; - - if (!grp_allowed_cmd(limits, cmd)) - return (ENOTCAPABLE); - - if (strcmp(cmd, "getgrent") == 0 || strcmp(cmd, "getgrent_r") == 0) - error = grp_getgrent(limits, nvlin, nvlout); - else if (strcmp(cmd, "getgrnam") == 0 || strcmp(cmd, "getgrnam_r") == 0) - error = grp_getgrnam(limits, nvlin, nvlout); - else if (strcmp(cmd, "getgrgid") == 0 || strcmp(cmd, "getgrgid_r") == 0) - error = grp_getgrgid(limits, nvlin, nvlout); - else if (strcmp(cmd, "setgroupent") == 0) - error = grp_setgroupent(limits, nvlin, nvlout); - else if (strcmp(cmd, "setgrent") == 0) - error = grp_setgrent(limits, nvlin, nvlout); - else if (strcmp(cmd, "endgrent") == 0) - error = grp_endgrent(limits, nvlin, nvlout); - else - error = EINVAL; - - return (error); -} - -int -main(int argc, char *argv[]) -{ - - return (service_start("system.grp", PARENT_FILENO, grp_limit, - grp_command, argc, argv)); -} Property changes on: head/libexec/casper/grp/grp.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/grp/Makefile =================================================================== --- head/libexec/casper/grp/Makefile (revision 296046) +++ head/libexec/casper/grp/Makefile (nonexistent) @@ -1,21 +0,0 @@ -# $FreeBSD$ - -.PATH: ${.CURDIR} ${.CURDIR}/../../../sbin/casper - -PROG= grp - -SRCS= grp.c - -LIBADD= casper nv pjdlog - -BINDIR= /libexec/casper - -CFLAGS+=-I${.CURDIR} -CFLAGS+=-I${.CURDIR}/../../../lib/libcapsicum -CFLAGS+=-I${.CURDIR}/../../../lib/libcasper -CFLAGS+=-I${.CURDIR}/../../../lib/libpjdlog -CFLAGS+=-I${.CURDIR}/../../../sbin/casper - -MAN= - -.include Property changes on: head/libexec/casper/grp/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/pwd/pwd.c =================================================================== --- head/libexec/casper/pwd/pwd.c (revision 296046) +++ head/libexec/casper/pwd/pwd.c (nonexistent) @@ -1,430 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include -#include - -#include -#include -#include - -static bool -pwd_allowed_cmd(const nvlist_t *limits, const char *cmd) -{ - - if (limits == NULL) - return (true); - - /* - * If no limit was set on allowed commands, then all commands - * are allowed. - */ - if (!nvlist_exists_nvlist(limits, "cmds")) - return (true); - - limits = nvlist_get_nvlist(limits, "cmds"); - return (nvlist_exists_null(limits, cmd)); -} - -static int -pwd_allowed_cmds(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const char *name; - void *cookie; - int type; - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - if (type != NV_TYPE_NULL) - return (EINVAL); - if (!pwd_allowed_cmd(oldlimits, name)) - return (ENOTCAPABLE); - } - - return (0); -} - -static bool -pwd_allowed_user(const nvlist_t *limits, const char *uname, uid_t uid) -{ - const char *name; - void *cookie; - int type; - - if (limits == NULL) - return (true); - - /* - * If no limit was set on allowed users, then all users are allowed. - */ - if (!nvlist_exists_nvlist(limits, "users")) - return (true); - - limits = nvlist_get_nvlist(limits, "users"); - cookie = NULL; - while ((name = nvlist_next(limits, &type, &cookie)) != NULL) { - switch (type) { - case NV_TYPE_NUMBER: - if (uid != (uid_t)-1 && - nvlist_get_number(limits, name) == (uint64_t)uid) { - return (true); - } - break; - case NV_TYPE_STRING: - if (uname != NULL && - strcmp(nvlist_get_string(limits, name), - uname) == 0) { - return (true); - } - break; - default: - PJDLOG_ABORT("Unexpected type %d.", type); - } - } - - return (false); -} - -static int -pwd_allowed_users(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const char *name, *uname; - void *cookie; - uid_t uid; - int type; - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - switch (type) { - case NV_TYPE_NUMBER: - uid = (uid_t)nvlist_get_number(newlimits, name); - uname = NULL; - break; - case NV_TYPE_STRING: - uid = (uid_t)-1; - uname = nvlist_get_string(newlimits, name); - break; - default: - return (EINVAL); - } - if (!pwd_allowed_user(oldlimits, uname, uid)) - return (ENOTCAPABLE); - } - - return (0); -} - -static bool -pwd_allowed_field(const nvlist_t *limits, const char *field) -{ - - if (limits == NULL) - return (true); - - /* - * If no limit was set on allowed fields, then all fields are allowed. - */ - if (!nvlist_exists_nvlist(limits, "fields")) - return (true); - - limits = nvlist_get_nvlist(limits, "fields"); - return (nvlist_exists_null(limits, field)); -} - -static int -pwd_allowed_fields(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const char *name; - void *cookie; - int type; - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - if (type != NV_TYPE_NULL) - return (EINVAL); - if (!pwd_allowed_field(oldlimits, name)) - return (ENOTCAPABLE); - } - - return (0); -} - -static bool -pwd_pack(const nvlist_t *limits, const struct passwd *pwd, nvlist_t *nvl) -{ - int fields; - - if (pwd == NULL) - return (true); - - /* - * If either name or UID is allowed, we allow it. - */ - if (!pwd_allowed_user(limits, pwd->pw_name, pwd->pw_uid)) - return (false); - - fields = pwd->pw_fields; - - if (pwd_allowed_field(limits, "pw_name")) { - nvlist_add_string(nvl, "pw_name", pwd->pw_name); - } else { - nvlist_add_string(nvl, "pw_name", ""); - fields &= ~_PWF_NAME; - } - if (pwd_allowed_field(limits, "pw_uid")) { - nvlist_add_number(nvl, "pw_uid", (uint64_t)pwd->pw_uid); - } else { - nvlist_add_number(nvl, "pw_uid", (uint64_t)-1); - fields &= ~_PWF_UID; - } - if (pwd_allowed_field(limits, "pw_gid")) { - nvlist_add_number(nvl, "pw_gid", (uint64_t)pwd->pw_gid); - } else { - nvlist_add_number(nvl, "pw_gid", (uint64_t)-1); - fields &= ~_PWF_GID; - } - if (pwd_allowed_field(limits, "pw_change")) { - nvlist_add_number(nvl, "pw_change", (uint64_t)pwd->pw_change); - } else { - nvlist_add_number(nvl, "pw_change", (uint64_t)0); - fields &= ~_PWF_CHANGE; - } - if (pwd_allowed_field(limits, "pw_passwd")) { - nvlist_add_string(nvl, "pw_passwd", pwd->pw_passwd); - } else { - nvlist_add_string(nvl, "pw_passwd", ""); - fields &= ~_PWF_PASSWD; - } - if (pwd_allowed_field(limits, "pw_class")) { - nvlist_add_string(nvl, "pw_class", pwd->pw_class); - } else { - nvlist_add_string(nvl, "pw_class", ""); - fields &= ~_PWF_CLASS; - } - if (pwd_allowed_field(limits, "pw_gecos")) { - nvlist_add_string(nvl, "pw_gecos", pwd->pw_gecos); - } else { - nvlist_add_string(nvl, "pw_gecos", ""); - fields &= ~_PWF_GECOS; - } - if (pwd_allowed_field(limits, "pw_dir")) { - nvlist_add_string(nvl, "pw_dir", pwd->pw_dir); - } else { - nvlist_add_string(nvl, "pw_dir", ""); - fields &= ~_PWF_DIR; - } - if (pwd_allowed_field(limits, "pw_shell")) { - nvlist_add_string(nvl, "pw_shell", pwd->pw_shell); - } else { - nvlist_add_string(nvl, "pw_shell", ""); - fields &= ~_PWF_SHELL; - } - if (pwd_allowed_field(limits, "pw_expire")) { - nvlist_add_number(nvl, "pw_expire", (uint64_t)pwd->pw_expire); - } else { - nvlist_add_number(nvl, "pw_expire", (uint64_t)0); - fields &= ~_PWF_EXPIRE; - } - nvlist_add_number(nvl, "pw_fields", (uint64_t)fields); - - return (true); -} - -static int -pwd_getpwent(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - struct passwd *pwd; - - for (;;) { - errno = 0; - pwd = getpwent(); - if (errno != 0) - return (errno); - if (pwd_pack(limits, pwd, nvlout)) - return (0); - } - - /* NOTREACHED */ -} - -static int -pwd_getpwnam(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - struct passwd *pwd; - const char *name; - - if (!nvlist_exists_string(nvlin, "name")) - return (EINVAL); - name = nvlist_get_string(nvlin, "name"); - PJDLOG_ASSERT(name != NULL); - - errno = 0; - pwd = getpwnam(name); - if (errno != 0) - return (errno); - - (void)pwd_pack(limits, pwd, nvlout); - - return (0); -} - -static int -pwd_getpwuid(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - struct passwd *pwd; - uid_t uid; - - if (!nvlist_exists_number(nvlin, "uid")) - return (EINVAL); - - uid = (uid_t)nvlist_get_number(nvlin, "uid"); - - errno = 0; - pwd = getpwuid(uid); - if (errno != 0) - return (errno); - - (void)pwd_pack(limits, pwd, nvlout); - - return (0); -} - -static int -pwd_setpassent(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - int stayopen; - - if (!nvlist_exists_bool(nvlin, "stayopen")) - return (EINVAL); - - stayopen = nvlist_get_bool(nvlin, "stayopen") ? 1 : 0; - - return (setpassent(stayopen) == 0 ? EFAULT : 0); -} - -static int -pwd_setpwent(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - - setpwent(); - - return (0); -} - -static int -pwd_endpwent(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout) -{ - - endpwent(); - - return (0); -} - -static int -pwd_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const nvlist_t *limits; - const char *name; - void *cookie; - int error, type; - - if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "cmds") && - !nvlist_exists_nvlist(newlimits, "cmds")) { - return (ENOTCAPABLE); - } - if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "fields") && - !nvlist_exists_nvlist(newlimits, "fields")) { - return (ENOTCAPABLE); - } - if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "users") && - !nvlist_exists_nvlist(newlimits, "users")) { - return (ENOTCAPABLE); - } - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - if (type != NV_TYPE_NVLIST) - return (EINVAL); - limits = nvlist_get_nvlist(newlimits, name); - if (strcmp(name, "cmds") == 0) - error = pwd_allowed_cmds(oldlimits, limits); - else if (strcmp(name, "fields") == 0) - error = pwd_allowed_fields(oldlimits, limits); - else if (strcmp(name, "users") == 0) - error = pwd_allowed_users(oldlimits, limits); - else - error = EINVAL; - if (error != 0) - return (error); - } - - return (0); -} - -static int -pwd_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, - nvlist_t *nvlout) -{ - int error; - - if (!pwd_allowed_cmd(limits, cmd)) - return (ENOTCAPABLE); - - if (strcmp(cmd, "getpwent") == 0 || strcmp(cmd, "getpwent_r") == 0) - error = pwd_getpwent(limits, nvlin, nvlout); - else if (strcmp(cmd, "getpwnam") == 0 || strcmp(cmd, "getpwnam_r") == 0) - error = pwd_getpwnam(limits, nvlin, nvlout); - else if (strcmp(cmd, "getpwuid") == 0 || strcmp(cmd, "getpwuid_r") == 0) - error = pwd_getpwuid(limits, nvlin, nvlout); - else if (strcmp(cmd, "setpassent") == 0) - error = pwd_setpassent(limits, nvlin, nvlout); - else if (strcmp(cmd, "setpwent") == 0) - error = pwd_setpwent(limits, nvlin, nvlout); - else if (strcmp(cmd, "endpwent") == 0) - error = pwd_endpwent(limits, nvlin, nvlout); - else - error = EINVAL; - - return (error); -} - -int -main(int argc, char *argv[]) -{ - - return (service_start("system.pwd", PARENT_FILENO, pwd_limit, - pwd_command, argc, argv)); -} Property changes on: head/libexec/casper/pwd/pwd.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/pwd/Makefile =================================================================== --- head/libexec/casper/pwd/Makefile (revision 296046) +++ head/libexec/casper/pwd/Makefile (nonexistent) @@ -1,21 +0,0 @@ -# $FreeBSD$ - -.PATH: ${.CURDIR} ${.CURDIR}/../../../sbin/casper - -PROG= pwd - -SRCS= pwd.c - -LIBADD= casper nv pjdlog - -BINDIR= /libexec/casper - -CFLAGS+=-I${.CURDIR} -CFLAGS+=-I${.CURDIR}/../../../lib/libcapsicum -CFLAGS+=-I${.CURDIR}/../../../lib/libcasper -CFLAGS+=-I${.CURDIR}/../../../lib/libpjdlog -CFLAGS+=-I${.CURDIR}/../../../sbin/casper - -MAN= - -.include Property changes on: head/libexec/casper/pwd/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/random/Makefile =================================================================== --- head/libexec/casper/random/Makefile (revision 296046) +++ head/libexec/casper/random/Makefile (nonexistent) @@ -1,21 +0,0 @@ -# $FreeBSD$ - -.PATH: ${.CURDIR} ${.CURDIR}/../../../sbin/casper - -PROG= random - -SRCS= random.c - -LIBADD= casper nv - -BINDIR= /libexec/casper - -CFLAGS+=-I${.CURDIR} -CFLAGS+=-I${.CURDIR}/../../../lib/libcapsicum -CFLAGS+=-I${.CURDIR}/../../../lib/libcasper -CFLAGS+=-I${.CURDIR}/../../../lib/libpjdlog -CFLAGS+=-I${.CURDIR}/../../../sbin/casper - -MAN= - -.include Property changes on: head/libexec/casper/random/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/random/random.c =================================================================== --- head/libexec/casper/random/random.c (revision 296046) +++ head/libexec/casper/random/random.c (nonexistent) @@ -1,82 +0,0 @@ -/*- - * Copyright (c) 2012-2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include - -#include -#include -#include - -#define MAXSIZE (1024 * 1024) - -static int -random_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, - nvlist_t *nvlout) -{ - void *data; - size_t size; - - if (strcmp(cmd, "generate") != 0) - return (EINVAL); - if (!nvlist_exists_number(nvlin, "size")) - return (EINVAL); - - size = (size_t)nvlist_get_number(nvlin, "size"); - if (size == 0 || size > MAXSIZE) - return (EINVAL); - - data = malloc(size); - if (data == NULL) - return (ENOMEM); - - arc4random_buf(data, size); - - nvlist_move_binary(nvlout, "data", data, size); - - return (0); -} - -int -main(int argc, char *argv[]) -{ - - /* - * TODO: Sandbox this. - */ - - return (service_start("system.random", PARENT_FILENO, NULL, - random_command, argc, argv)); -} Property changes on: head/libexec/casper/random/random.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/sysctl/sysctl.c =================================================================== --- head/libexec/casper/sysctl/sysctl.c (revision 296046) +++ head/libexec/casper/sysctl/sysctl.c (nonexistent) @@ -1,249 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include -#include - -#include -#include -#include - -#include -#include -#include -#include - -static int -sysctl_check_one(const nvlist_t *nvl, bool islimit) -{ - const char *name; - void *cookie; - int type; - unsigned int fields; - - /* NULL nvl is of course invalid. */ - if (nvl == NULL) - return (EINVAL); - if (nvlist_error(nvl) != 0) - return (nvlist_error(nvl)); - -#define HAS_NAME 0x01 -#define HAS_OPERATION 0x02 - - fields = 0; - cookie = NULL; - while ((name = nvlist_next(nvl, &type, &cookie)) != NULL) { - /* We accept only one 'name' and one 'operation' in nvl. */ - if (strcmp(name, "name") == 0) { - if (type != NV_TYPE_STRING) - return (EINVAL); - /* Only one 'name' can be present. */ - if ((fields & HAS_NAME) != 0) - return (EINVAL); - fields |= HAS_NAME; - } else if (strcmp(name, "operation") == 0) { - uint64_t operation; - - if (type != NV_TYPE_NUMBER) - return (EINVAL); - /* - * We accept only CAP_SYSCTL_READ and - * CAP_SYSCTL_WRITE flags. - */ - operation = nvlist_get_number(nvl, name); - if ((operation & ~(CAP_SYSCTL_RDWR)) != 0) - return (EINVAL); - /* ...but there has to be at least one of them. */ - if ((operation & (CAP_SYSCTL_RDWR)) == 0) - return (EINVAL); - /* Only one 'operation' can be present. */ - if ((fields & HAS_OPERATION) != 0) - return (EINVAL); - fields |= HAS_OPERATION; - } else if (islimit) { - /* If this is limit, there can be no other fields. */ - return (EINVAL); - } - } - - /* Both fields has to be there. */ - if (fields != (HAS_NAME | HAS_OPERATION)) - return (EINVAL); - -#undef HAS_OPERATION -#undef HAS_NAME - - return (0); -} - -static bool -sysctl_allowed(const nvlist_t *limits, const char *chname, uint64_t choperation) -{ - uint64_t operation; - const char *name; - void *cookie; - int type; - - if (limits == NULL) - return (true); - - cookie = NULL; - while ((name = nvlist_next(limits, &type, &cookie)) != NULL) { - PJDLOG_ASSERT(type == NV_TYPE_NUMBER); - - operation = nvlist_get_number(limits, name); - if ((operation & choperation) != choperation) - continue; - - if ((operation & CAP_SYSCTL_RECURSIVE) == 0) { - if (strcmp(name, chname) != 0) - continue; - } else { - size_t namelen; - - namelen = strlen(name); - if (strncmp(name, chname, namelen) != 0) - continue; - if (chname[namelen] != '.' && chname[namelen] != '\0') - continue; - } - - return (true); - } - - return (false); -} - -static int -sysctl_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const nvlist_t *nvl; - const char *name; - void *cookie; - uint64_t operation; - int error, type; - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - if (type != NV_TYPE_NUMBER) - return (EINVAL); - operation = nvlist_get_number(newlimits, name); - if ((operation & ~(CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE)) != 0) - return (EINVAL); - if ((operation & (CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE)) == 0) - return (EINVAL); - if (!sysctl_allowed(oldlimits, name, operation)) - return (ENOTCAPABLE); - } - - return (0); -} - -static int -sysctl_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, - nvlist_t *nvlout) -{ - const char *name; - const void *newp; - void *oldp; - uint64_t operation; - size_t oldlen, newlen; - size_t *oldlenp; - int error; - - if (strcmp(cmd, "sysctl") != 0) - return (EINVAL); - error = sysctl_check_one(nvlin, false); - if (error != 0) - return (error); - - name = nvlist_get_string(nvlin, "name"); - operation = nvlist_get_number(nvlin, "operation"); - if (!sysctl_allowed(limits, name, operation)) - return (ENOTCAPABLE); - - if ((operation & CAP_SYSCTL_WRITE) != 0) { - if (!nvlist_exists_binary(nvlin, "newp")) - return (EINVAL); - newp = nvlist_get_binary(nvlin, "newp", &newlen); - PJDLOG_ASSERT(newp != NULL && newlen > 0); - } else { - newp = NULL; - newlen = 0; - } - - if ((operation & CAP_SYSCTL_READ) != 0) { - if (nvlist_exists_null(nvlin, "justsize")) { - oldp = NULL; - oldlen = 0; - oldlenp = &oldlen; - } else { - if (!nvlist_exists_number(nvlin, "oldlen")) - return (EINVAL); - oldlen = (size_t)nvlist_get_number(nvlin, "oldlen"); - if (oldlen == 0) - return (EINVAL); - oldp = calloc(1, oldlen); - if (oldp == NULL) - return (ENOMEM); - oldlenp = &oldlen; - } - } else { - oldp = NULL; - oldlen = 0; - oldlenp = NULL; - } - - if (sysctlbyname(name, oldp, oldlenp, newp, newlen) == -1) { - error = errno; - free(oldp); - return (error); - } - - if ((operation & CAP_SYSCTL_READ) != 0) { - if (nvlist_exists_null(nvlin, "justsize")) - nvlist_add_number(nvlout, "oldlen", (uint64_t)oldlen); - else - nvlist_move_binary(nvlout, "oldp", oldp, oldlen); - } - - return (0); -} - -int -main(int argc, char *argv[]) -{ - - return (service_start("system.sysctl", PARENT_FILENO, sysctl_limit, - sysctl_command, argc, argv)); -} Property changes on: head/libexec/casper/sysctl/sysctl.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/casper/sysctl/Makefile =================================================================== --- head/libexec/casper/sysctl/Makefile (revision 296046) +++ head/libexec/casper/sysctl/Makefile (nonexistent) @@ -1,21 +0,0 @@ -# $FreeBSD$ - -.PATH: ${.CURDIR} ${.CURDIR}/../../../sbin/casper - -PROG= sysctl - -SRCS= sysctl.c - -LIBADD= casper nv pjdlog - -BINDIR= /libexec/casper - -CFLAGS+=-I${.CURDIR} -CFLAGS+=-I${.CURDIR}/../../../lib/libcapsicum -CFLAGS+=-I${.CURDIR}/../../../lib/libcasper -CFLAGS+=-I${.CURDIR}/../../../lib/libpjdlog -CFLAGS+=-I${.CURDIR}/../../../sbin/casper - -MAN= - -.include Property changes on: head/libexec/casper/sysctl/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/libexec/rtld-elf/paths.h =================================================================== --- head/libexec/rtld-elf/paths.h (revision 296046) +++ head/libexec/rtld-elf/paths.h (revision 296047) @@ -1,74 +1,74 @@ /*- * Copyright 1996, 1997, 1998, 1999, 2000 John D. Polstra. * Copyright 2003 Alexander Kabaev . * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * * $FreeBSD$ */ #ifndef PATHS_H #define PATHS_H #undef _PATH_ELF_HINTS #ifdef COMPAT_32BIT #define _PATH_ELF_HINTS "/var/run/ld-elf32.so.hints" #define _PATH_LIBMAP_CONF "/etc/libmap32.conf" #define _PATH_RTLD "/libexec/ld-elf32.so.1" #define STANDARD_LIBRARY_PATH "/lib32:/usr/lib32" #define LD_ "LD_32_" #endif #ifndef _PATH_ELF_HINTS #define _PATH_ELF_HINTS "/var/run/ld-elf.so.hints" #endif #ifndef _PATH_LIBMAP_CONF #define _PATH_LIBMAP_CONF "/etc/libmap.conf" #endif #ifndef _PATH_RTLD #define _PATH_RTLD "/libexec/ld-elf.so.1" #endif #ifndef STANDARD_LIBRARY_PATH -#define STANDARD_LIBRARY_PATH "/lib:/usr/lib" +#define STANDARD_LIBRARY_PATH "/lib/casper:/lib:/usr/lib" #endif #ifndef LD_ #define LD_ "LD_" #endif #define _PATH_SOFT_ELF_HINTS "/var/run/ld-elf-soft.so.hints" #define _PATH_SOFT_LIBMAP_CONF "/etc/libmap-soft.conf" #define _PATH_SOFT_RTLD "/libexec/ld-elf.so.1" #define SOFT_STANDARD_LIBRARY_PATH "/usr/libsoft" #define LD_SOFT_ "LD_SOFT_" extern char *ld_elf_hints_default; extern char *ld_path_libmap_conf; extern char *ld_path_rtld; extern char *ld_standard_library_path; extern char *ld_env_prefix; #endif /* PATHS_H */ Index: head/sbin/Makefile =================================================================== --- head/sbin/Makefile (revision 296046) +++ head/sbin/Makefile (revision 296047) @@ -1,100 +1,99 @@ # @(#)Makefile 8.5 (Berkeley) 3/31/94 # $FreeBSD$ .include # XXX MISSING: icheck ncheck SUBDIR=adjkerntz \ badsect \ camcontrol \ clri \ comcontrol \ conscontrol \ ddb \ devfs \ dhclient \ dmesg \ dump \ dumpfs \ dumpon \ etherswitchcfg \ ffsinfo \ fsck \ fsck_ffs \ fsck_msdosfs \ fsdb \ fsirand \ gbde \ geom \ ggate \ growfs \ gvinum \ ifconfig \ init \ kldconfig \ kldload \ kldstat \ kldunload \ ldconfig \ md5 \ mdconfig \ mdmfs \ mknod \ mksnap_ffs \ mount \ mount_cd9660 \ mount_fusefs \ mount_msdosfs \ mount_nfs \ mount_nullfs \ mount_udf \ mount_unionfs \ newfs \ newfs_msdos \ nfsiod \ nos-tun \ ping \ rcorder \ reboot \ recoverdisk \ resolvconf \ restore \ route \ savecore \ setkey \ shutdown \ spppcontrol \ swapon \ sysctl \ tunefs \ umount SUBDIR.${MK_ATM}+= atm -SUBDIR.${MK_CASPER}+= casperd SUBDIR.${MK_CCD}+= ccdconfig SUBDIR.${MK_CXX}+= devd SUBDIR.${MK_HAST}+= hastctl SUBDIR.${MK_HAST}+= hastd SUBDIR.${MK_INET6}+= ping6 SUBDIR.${MK_INET6}+= rtsol SUBDIR.${MK_IPFILTER}+= ipf SUBDIR.${MK_IPFW}+= ipfw SUBDIR.${MK_IPFW}+= natd SUBDIR.${MK_ISCSI}+= iscontrol SUBDIR.${MK_NAND}+= nandfs SUBDIR.${MK_NAND}+= newfs_nandfs SUBDIR.${MK_PF}+= pfctl SUBDIR.${MK_PF}+= pflogd SUBDIR.${MK_QUOTAS}+= quotacheck SUBDIR.${MK_ROUTED}+= routed SUBDIR.${MK_TESTS}+= tests .include SUBDIR:= ${SUBDIR:O} SUBDIR_PARALLEL= .include Index: head/sbin/casperd/casperd.c =================================================================== --- head/sbin/casperd/casperd.c (revision 296046) +++ head/sbin/casperd/casperd.c (nonexistent) @@ -1,721 +0,0 @@ -/*- - * Copyright (c) 2012 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include - -#include "msgio.h" - -#include "zygote.h" - -#define CASPERD_PIDFILE "/var/run/casperd.pid" -#define CASPERD_SERVCONFDIR "/etc/casper" -#define CASPERD_SOCKPATH "/var/run/casper" - -typedef void service_function_t(struct service_connection *, const nvlist_t *, - nvlist_t *); - -struct casper_service { - const char *cs_name; - const char *cs_execpath; - struct service *cs_service; - nvlist_t *cs_attrs; - TAILQ_ENTRY(casper_service) cs_next; -}; - -static TAILQ_HEAD(, casper_service) casper_services = - TAILQ_HEAD_INITIALIZER(casper_services); - -#define SERVICE_IS_CORE(service) ((service)->cs_execpath == NULL) - -static void service_external_execute(int chanfd); - -#define KEEP_ERRNO(work) do { \ - int _serrno; \ - \ - _serrno = errno; \ - work; \ - errno = _serrno; \ -} while (0) - -static struct casper_service * -service_find(const char *name) -{ - struct casper_service *casserv; - - TAILQ_FOREACH(casserv, &casper_services, cs_next) { - if (strcmp(casserv->cs_name, name) == 0) - break; - } - return (casserv); -} - -/* - * Function always consumes the given attrs. - */ -static void -service_register(nvlist_t *attrs) -{ - struct casper_service *casserv; - const char *name; - - PJDLOG_ASSERT(nvlist_exists_string(attrs, "name")); - PJDLOG_ASSERT(nvlist_exists_string(attrs, "execpath") || - (nvlist_exists_number(attrs, "commandfunc") && - nvlist_exists_number(attrs, "limitfunc"))); - - name = nvlist_get_string(attrs, "name"); - PJDLOG_ASSERT(name != NULL); - if (name[0] == '\0') { - pjdlog_error("Unable to register service with an empty name."); - nvlist_destroy(attrs); - return; - } - if (service_find(name) != NULL) { - pjdlog_error("Service \"%s\" is already registered.", name); - nvlist_destroy(attrs); - return; - } - - casserv = malloc(sizeof(*casserv)); - if (casserv == NULL) { - pjdlog_errno(LOG_ERR, "Unable to register service \"%s\"", - name); - nvlist_destroy(attrs); - return; - } - casserv->cs_name = name; - if (nvlist_exists_string(attrs, "execpath")) { - struct stat sb; - - PJDLOG_ASSERT(!nvlist_exists_number(attrs, "commandfunc")); - PJDLOG_ASSERT(!nvlist_exists_number(attrs, "limitfunc")); - - casserv->cs_service = NULL; - - casserv->cs_execpath = nvlist_get_string(attrs, "execpath"); - if (casserv->cs_execpath == NULL || - casserv->cs_execpath[0] == '\0') { - pjdlog_error("Unable to register service with an empty execpath."); - free(casserv); - nvlist_destroy(attrs); - return; - } - if (stat(casserv->cs_execpath, &sb) == -1) { - pjdlog_errno(LOG_ERR, - "Unable to register service \"%s\", problem with executable \"%s\"", - name, casserv->cs_execpath); - free(casserv); - nvlist_destroy(attrs); - return; - } - } else /* if (nvlist_exists_number(attrs, "commandfunc")) */ { - PJDLOG_ASSERT(!nvlist_exists_string(attrs, "execpath")); - - casserv->cs_execpath = NULL; - - casserv->cs_service = service_alloc(name, - (void *)(uintptr_t)nvlist_get_number(attrs, "limitfunc"), - (void *)(uintptr_t)nvlist_get_number(attrs, "commandfunc")); - if (casserv->cs_service == NULL) { - pjdlog_errno(LOG_ERR, - "Unable to register service \"%s\"", name); - free(casserv); - nvlist_destroy(attrs); - return; - } - } - casserv->cs_attrs = attrs; - TAILQ_INSERT_TAIL(&casper_services, casserv, cs_next); - pjdlog_debug(1, "Service %s successfully registered.", - casserv->cs_name); -} - -static bool -casper_allowed_service(const nvlist_t *limits, const char *service) -{ - - if (limits == NULL) - return (true); - - if (nvlist_exists_null(limits, service)) - return (true); - - return (false); -} - -static int -casper_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits) -{ - const char *name; - int type; - void *cookie; - - cookie = NULL; - while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) { - if (type != NV_TYPE_NULL) - return (EINVAL); - if (!casper_allowed_service(oldlimits, name)) - return (ENOTCAPABLE); - } - - return (0); -} - -static int -casper_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin, - nvlist_t *nvlout) -{ - struct casper_service *casserv; - const char *servname; - nvlist_t *nvl; - int chanfd, execfd, procfd, error; - - if (strcmp(cmd, "open") != 0) - return (EINVAL); - if (!nvlist_exists_string(nvlin, "service")) - return (EINVAL); - - servname = nvlist_get_string(nvlin, "service"); - - casserv = service_find(servname); - if (casserv == NULL) - return (ENOENT); - - if (!casper_allowed_service(limits, servname)) - return (ENOTCAPABLE); - -#ifdef O_EXEC_WORKING - execfd = open(casserv->cs_execpath, O_EXEC); -#else - execfd = open(casserv->cs_execpath, O_RDONLY); -#endif - if (execfd < -1) { - error = errno; - pjdlog_errno(LOG_ERR, - "Unable to open executable '%s' of service '%s'", - casserv->cs_execpath, casserv->cs_name); - return (error); - } - - if (zygote_clone(service_external_execute, &chanfd, &procfd) == -1) { - error = errno; - close(execfd); - return (error); - } - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "service", casserv->cs_name); - if (nvlist_exists_descriptor(nvlin, "stderrfd")) { - nvlist_move_descriptor(nvl, "stderrfd", - nvlist_take_descriptor(nvlin, "stderrfd")); - } - nvlist_move_descriptor(nvl, "execfd", execfd); - nvlist_move_descriptor(nvl, "procfd", procfd); - if (nvlist_send(chanfd, nvl) == -1) { - error = errno; - pjdlog_errno(LOG_ERR, "Unable to send nvlist"); - nvlist_destroy(nvl); - close(chanfd); - return (error); - } - nvlist_destroy(nvl); - - nvlist_move_descriptor(nvlout, "chanfd", chanfd); - - return (0); -} - -static void -fdswap(int *fd0, int *fd1) -{ - int tmpfd; - - PJDLOG_VERIFY((tmpfd = dup(*fd0)) != -1); - PJDLOG_VERIFY(dup2(*fd1, *fd0) != -1); - PJDLOG_VERIFY(dup2(tmpfd, *fd1) != -1); - close(tmpfd); - tmpfd = *fd0; - *fd0 = *fd1; - *fd1 = tmpfd; -} - -static void -fdmove(int *oldfdp, int newfd) -{ - - if (*oldfdp != newfd) { - PJDLOG_VERIFY(dup2(*oldfdp, newfd) != -1); - close(*oldfdp); - *oldfdp = newfd; - } -} - -static void -fdcloexec(int fd) -{ - int flags; - - flags = fcntl(fd, F_GETFD); - PJDLOG_ASSERT(flags != -1); - if ((flags & FD_CLOEXEC) != 0) - PJDLOG_VERIFY(fcntl(fd, F_SETFD, flags & ~FD_CLOEXEC) != -1); -} - -static void -service_register_core(void) -{ - nvlist_t *nvl; - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "name", "core.casper"); - nvlist_add_number(nvl, "limitfunc", (uint64_t)(uintptr_t)casper_limit); - nvlist_add_number(nvl, "commandfunc", - (uint64_t)(uintptr_t)casper_command); - service_register(nvl); -} - -static int -setup_creds(int sock) -{ - struct cmsgcred cred; - - if (cred_recv(sock, &cred) == -1) - return (-1); - - if (setgroups((int)cred.cmcred_ngroups, cred.cmcred_groups) == -1) - return (-1); - - if (setgid(cred.cmcred_groups[0]) == -1) - return (-1); - - if (setuid(cred.cmcred_euid) == -1) - return (-1); - - return (0); -} - -static void -service_external_execute(int chanfd) -{ - char *service, *argv[3]; - int stderrfd, execfd, procfd; - nvlist_t *nvl; - - nvl = nvlist_recv(chanfd, 0); - if (nvl == NULL) - pjdlog_exit(1, "Unable to receive nvlist"); - service = nvlist_take_string(nvl, "service"); - PJDLOG_ASSERT(service != NULL); - if (nvlist_exists_descriptor(nvl, "stderrfd")) { - stderrfd = nvlist_take_descriptor(nvl, "stderrfd"); - } else { - stderrfd = open(_PATH_DEVNULL, O_RDWR); - if (stderrfd < 0) - pjdlog_exit(1, "Unable to open %s", _PATH_DEVNULL); - } - execfd = nvlist_take_descriptor(nvl, "execfd"); - procfd = nvlist_take_descriptor(nvl, "procfd"); - nvlist_destroy(nvl); - - /* - * Move all descriptors into right slots. - */ - - if (stderrfd != STDERR_FILENO) { - if (chanfd == STDERR_FILENO) - fdswap(&stderrfd, &chanfd); - else if (execfd == STDERR_FILENO) - fdswap(&stderrfd, &execfd); - else if (procfd == STDERR_FILENO) - fdswap(&stderrfd, &procfd); - fdmove(&stderrfd, STDERR_FILENO); - } - fdcloexec(stderrfd); - - if (chanfd != PARENT_FILENO) { - if (execfd == PARENT_FILENO) - fdswap(&chanfd, &execfd); - else if (procfd == PARENT_FILENO) - fdswap(&chanfd, &procfd); - fdmove(&chanfd, PARENT_FILENO); - } - fdcloexec(chanfd); - - if (execfd != EXECUTABLE_FILENO) { - if (procfd == EXECUTABLE_FILENO) - fdswap(&execfd, &procfd); - fdmove(&execfd, EXECUTABLE_FILENO); - } - fdcloexec(execfd); - - if (procfd != PROC_FILENO) - fdmove(&procfd, PROC_FILENO); - fdcloexec(procfd); - - /* - * Use credentials of the caller process. - */ - setup_creds(chanfd); - - argv[0] = service; - asprintf(&argv[1], "%d", pjdlog_debug_get()); - argv[2] = NULL; - - fexecve(execfd, argv, NULL); - pjdlog_exit(1, "Unable to execute service %s", service); -} - -static void -service_register_external_one(const char *dirpath, int dfd, - const char *filename) -{ - char execpath[FILENAME_MAX]; - nvlist_t *nvl; - ssize_t done; - int fd; - - fd = openat(dfd, filename, O_RDONLY); - if (fd == -1) { - pjdlog_errno(LOG_ERR, "Unable to open \"%s/%s\"", dirpath, - filename); - return; - } - - done = read(fd, execpath, sizeof(execpath)); - if (done == -1) { - pjdlog_errno(LOG_ERR, "Unable to read content of \"%s/%s\"", - dirpath, filename); - close(fd); - return; - } - close(fd); - if (done == sizeof(execpath)) { - pjdlog_error("Executable path too long in \"%s/%s\".", dirpath, - filename); - return; - } - execpath[done] = '\0'; - while (done > 0) { - if (execpath[--done] == '\n') - execpath[done] = '\0'; - } - - nvl = nvlist_create(0); - nvlist_add_string(nvl, "name", filename); - nvlist_add_string(nvl, "execpath", execpath); - if (nvlist_error(nvl) != 0) { - pjdlog_common(LOG_ERR, 0, nvlist_error(nvl), - "Unable to allocate attributes for service \"%s/%s\"", - dirpath, filename); - nvlist_destroy(nvl); - return; - } - - service_register(nvl); - /* service_register() consumed nvl. */ -} - -static uint8_t -file_type(int dfd, const char *filename) -{ - struct stat sb; - - if (fstatat(dfd, filename, &sb, AT_SYMLINK_NOFOLLOW) == -1) { - pjdlog_errno(LOG_ERR, "Unable to stat \"%s\"", filename); - return (DT_UNKNOWN); - } - return (IFTODT(sb.st_mode)); -} - -static void -service_register_external(const char *dirpath) -{ - DIR *dirp; - struct dirent *dp; - int dfd; - - dirp = opendir(dirpath); - if (dirp == NULL) { - pjdlog_errno(LOG_WARNING, "Unable to open \"%s\"", dirpath); - return; - } - dfd = dirfd(dirp); - PJDLOG_ASSERT(dfd >= 0); - while ((dp = readdir(dirp)) != NULL) { - dp->d_type = file_type(dfd, dp->d_name); - /* We are only interested in regular files, skip the rest. */ - if (dp->d_type != DT_REG) { - pjdlog_debug(1, - "File \"%s/%s\" is not a regular file, skipping.", - dirpath, dp->d_name); - continue; - } - service_register_external_one(dirpath, dfd, dp->d_name); - } - closedir(dirp); -} - -static void -casper_accept(int lsock) -{ - struct casper_service *casserv; - struct service_connection *sconn; - int sock; - - sock = accept(lsock, NULL, NULL); - if (sock == -1) { - pjdlog_errno(LOG_ERR, "Unable to accept casper connection"); - return; - } - casserv = service_find("core.casper"); - PJDLOG_ASSERT(casserv != NULL); - - sconn = service_connection_add(casserv->cs_service, sock, NULL); - if (sconn == NULL) { - close(sock); - return; - } -} - -static void -main_loop(int lqlen, const char *sockpath, struct pidfh *pfh) -{ - fd_set fds; - struct sockaddr_un sun; - struct casper_service *casserv; - struct service_connection *sconn, *sconntmp; - int lsock, sock, maxfd, ret; - mode_t oldumask; - - lsock = socket(AF_UNIX, SOCK_STREAM, 0); - if (lsock == -1) - pjdlog_exit(1, "Unable to create socket"); - - (void)unlink(sockpath); - - bzero(&sun, sizeof(sun)); - sun.sun_family = AF_UNIX; - PJDLOG_VERIFY(strlcpy(sun.sun_path, sockpath, sizeof(sun.sun_path)) < - sizeof(sun.sun_path)); - sun.sun_len = SUN_LEN(&sun); - - oldumask = umask(S_IXUSR | S_IXGRP | S_IXOTH); - if (bind(lsock, (struct sockaddr *)&sun, sizeof(sun)) == -1) - pjdlog_exit(1, "Unable to bind to %s", sockpath); - (void)umask(oldumask); - if (listen(lsock, lqlen) == -1) - pjdlog_exit(1, "Unable to listen on %s", sockpath); - - for (;;) { - FD_ZERO(&fds); - FD_SET(lsock, &fds); - maxfd = lsock; - TAILQ_FOREACH(casserv, &casper_services, cs_next) { - /* We handle only core services. */ - if (!SERVICE_IS_CORE(casserv)) - continue; - for (sconn = service_connection_first(casserv->cs_service); - sconn != NULL; - sconn = service_connection_next(sconn)) { - sock = service_connection_get_sock(sconn); - FD_SET(sock, &fds); - maxfd = sock > maxfd ? sock : maxfd; - } - } - maxfd++; - - PJDLOG_ASSERT(maxfd <= (int)FD_SETSIZE); - ret = select(maxfd, &fds, NULL, NULL, NULL); - PJDLOG_ASSERT(ret == -1 || ret > 0); /* select() cannot timeout */ - if (ret == -1) { - if (errno == EINTR) - continue; - KEEP_ERRNO((void)pidfile_remove(pfh)); - pjdlog_exit(1, "select() failed"); - } - - if (FD_ISSET(lsock, &fds)) - casper_accept(lsock); - TAILQ_FOREACH(casserv, &casper_services, cs_next) { - /* We handle only core services. */ - if (!SERVICE_IS_CORE(casserv)) - continue; - for (sconn = service_connection_first(casserv->cs_service); - sconn != NULL; sconn = sconntmp) { - /* - * Prepare for connection to be removed from - * the list on failure. - */ - sconntmp = service_connection_next(sconn); - sock = service_connection_get_sock(sconn); - if (FD_ISSET(sock, &fds)) { - service_message(casserv->cs_service, - sconn); - } - } - } - } -} - -static void -usage(void) -{ - - pjdlog_exitx(1, - "usage: casperd [-Fhv] [-D servconfdir] [-P pidfile] [-S sockpath]"); -} - -int -main(int argc, char *argv[]) -{ - struct pidfh *pfh; - const char *pidfile, *servconfdir, *sockpath; - pid_t otherpid; - int ch, debug, lqlen; - bool foreground; - - pjdlog_init(PJDLOG_MODE_STD); - - debug = 0; - foreground = false; - lqlen = SOMAXCONN; - pidfile = CASPERD_PIDFILE; - servconfdir = CASPERD_SERVCONFDIR; - sockpath = CASPERD_SOCKPATH; - - while ((ch = getopt(argc, argv, "D:Fhl:P:S:v")) != -1) { - switch (ch) { - case 'D': - servconfdir = optarg; - break; - case 'F': - foreground = true; - break; - case 'l': - lqlen = strtol(optarg, NULL, 0); - if (lqlen < 1) - lqlen = SOMAXCONN; - break; - case 'P': - pidfile = optarg; - break; - case 'S': - sockpath = optarg; - break; - case 'v': - debug++; - break; - case 'h': - default: - usage(); - } - } - argc -= optind; - argv += optind; - - if (argc != 0) - usage(); - - if (!foreground) - pjdlog_mode_set(PJDLOG_MODE_SYSLOG); - pjdlog_prefix_set("(casperd) "); - pjdlog_debug_set(debug); - - if (zygote_init() < 0) - pjdlog_exit(1, "Unable to create zygote process"); - - pfh = pidfile_open(pidfile, 0600, &otherpid); - if (pfh == NULL) { - if (errno == EEXIST) { - pjdlog_exitx(1, "casperd already running, pid: %jd.", - (intmax_t)otherpid); - } - pjdlog_errno(LOG_WARNING, "Cannot open or create pidfile %s", - pidfile); - } - - if (!foreground) { - if (daemon(0, 0) == -1) { - KEEP_ERRNO((void)pidfile_remove(pfh)); - pjdlog_exit(1, "Unable to go into background"); - } - } - - /* Write PID to a file. */ - if (pidfile_write(pfh) == -1) { - pjdlog_errno(LOG_WARNING, "Unable to write to pidfile %s", - pidfile); - } else { - pjdlog_debug(1, "PID stored in %s.", pidfile); - } - - /* - * Register core services. - */ - service_register_core(); - /* - * Register external services. - */ - service_register_external(servconfdir); - - /* - * Wait for connections. - */ - main_loop(lqlen, sockpath, pfh); -} Property changes on: head/sbin/casperd/casperd.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sbin/casperd/zygote.c =================================================================== --- head/sbin/casperd/zygote.c (revision 296046) +++ head/sbin/casperd/zygote.c (nonexistent) @@ -1,227 +0,0 @@ -/*- - * Copyright (c) 2012 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -#include "zygote.h" - -/* Zygote info. */ -static int zygote_sock = -1; - -static void -stdnull(void) -{ - int fd; - - fd = open(_PATH_DEVNULL, O_RDWR); - if (fd == -1) - errx(1, "Unable to open %s", _PATH_DEVNULL); - - if (setsid() == -1) - errx(1, "Unable to detach from session"); - - if (dup2(fd, STDIN_FILENO) == -1) - errx(1, "Unable to cover stdin"); - if (dup2(fd, STDOUT_FILENO) == -1) - errx(1, "Unable to cover stdout"); - if (dup2(fd, STDERR_FILENO) == -1) - errx(1, "Unable to cover stderr"); - - close(fd); -} - -int -zygote_clone(zygote_func_t *func, int *chanfdp, int *procfdp) -{ - nvlist_t *nvl; - int error; - - if (zygote_sock == -1) { - /* Zygote didn't start. */ - errno = ENXIO; - return (-1); - } - - nvl = nvlist_create(0); - nvlist_add_number(nvl, "func", (uint64_t)(uintptr_t)func); - nvl = nvlist_xfer(zygote_sock, nvl, 0); - if (nvl == NULL) - return (-1); - if (nvlist_exists_number(nvl, "error")) { - error = (int)nvlist_get_number(nvl, "error"); - nvlist_destroy(nvl); - errno = error; - return (-1); - } - - *chanfdp = nvlist_take_descriptor(nvl, "chanfd"); - *procfdp = nvlist_take_descriptor(nvl, "procfd"); - - nvlist_destroy(nvl); - return (0); -} - -/* - * This function creates sandboxes on-demand whoever has access to it via - * 'sock' socket. Function sends two descriptors to the caller: process - * descriptor of the sandbox and socket pair descriptor for communication - * between sandbox and its owner. - */ -static void -zygote_main(int sock) -{ - int error, fd, procfd; - int chanfd[2]; - nvlist_t *nvlin, *nvlout; - zygote_func_t *func; - pid_t pid; - - assert(sock > STDERR_FILENO); - - setproctitle("zygote"); - - if (pjdlog_mode_get() != PJDLOG_MODE_STD) - stdnull(); - for (fd = STDERR_FILENO + 1; fd < sock; fd++) - close(fd); - closefrom(sock + 1); - - for (;;) { - nvlin = nvlist_recv(sock, 0); - if (nvlin == NULL) { - if (errno == ENOTCONN) { - /* Casperd exited. */ - exit(0); - } - continue; - } - func = (zygote_func_t *)(uintptr_t)nvlist_get_number(nvlin, - "func"); - nvlist_destroy(nvlin); - - /* - * Someone is requesting a new process, create one. - */ - procfd = -1; - chanfd[0] = -1; - chanfd[1] = -1; - error = 0; - if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, - chanfd) == -1) { - error = errno; - goto send; - } - pid = pdfork(&procfd, 0); - switch (pid) { - case -1: - /* Failure. */ - error = errno; - break; - case 0: - /* Child. */ - close(sock); - close(chanfd[0]); - func(chanfd[1]); - /* NOTREACHED */ - exit(1); - default: - /* Parent. */ - close(chanfd[1]); - break; - } -send: - nvlout = nvlist_create(0); - if (error != 0) { - nvlist_add_number(nvlout, "error", (uint64_t)error); - if (chanfd[0] >= 0) - close(chanfd[0]); - if (procfd >= 0) - close(procfd); - } else { - nvlist_move_descriptor(nvlout, "chanfd", chanfd[0]); - nvlist_move_descriptor(nvlout, "procfd", procfd); - } - (void)nvlist_send(sock, nvlout); - nvlist_destroy(nvlout); - } - /* NOTREACHED */ -} - -int -zygote_init(void) -{ - int serrno, sp[2]; - pid_t pid; - - if (socketpair(PF_UNIX, SOCK_STREAM | SOCK_NONBLOCK, 0, sp) == -1) - return (-1); - - pid = fork(); - switch (pid) { - case -1: - /* Failure. */ - serrno = errno; - close(sp[0]); - close(sp[1]); - errno = serrno; - return (-1); - case 0: - /* Child. */ - close(sp[0]); - zygote_main(sp[1]); - /* NOTREACHED */ - abort(); - default: - /* Parent. */ - zygote_sock = sp[0]; - close(sp[1]); - return (0); - } - /* NOTREACHED */ -} Property changes on: head/sbin/casperd/zygote.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sbin/casperd/zygote.h =================================================================== --- head/sbin/casperd/zygote.h (revision 296046) +++ head/sbin/casperd/zygote.h (nonexistent) @@ -1,40 +0,0 @@ -/*- - * Copyright (c) 2012 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _ZYGOTE_H_ -#define _ZYGOTE_H_ - -typedef void zygote_func_t(int); - -int zygote_init(void); -int zygote_clone(zygote_func_t *func, int *chanfdp, int *procfdp); - -#endif /* !_ZYGOTE_H_ */ Property changes on: head/sbin/casperd/zygote.h ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sbin/casperd/casperd.8 =================================================================== --- head/sbin/casperd/casperd.8 (revision 296046) +++ head/sbin/casperd/casperd.8 (nonexistent) @@ -1,132 +0,0 @@ -.\" Copyright (c) 2013 The FreeBSD Foundation -.\" All rights reserved. -.\" -.\" This documentation was written by Pawel Jakub Dawidek under sponsorship -.\" from the FreeBSD Foundation. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD$ -.\" -.Dd October 26, 2013 -.Dt CASPERD 8 -.Os -.Sh NAME -.Nm casperd -.Nd "Capability Services friendly daemon" -.Sh SYNOPSIS -.Nm -.Op Fl Fhv -.Op Fl l Ar listenqueue -.Op Fl D Ar servconfdir -.Op Fl P Ar pidfile -.Op Fl S Ar sockpath -.Sh DESCRIPTION -The -.Nm -daemon hosts various services that can be accessed through -libcapsicum's capabilities by programs running in sandboxes. -For example it is prohibited to send UDP packets to arbitrary destinations -when operating in capability mode, which makes DNS resolution impossible. -To make it possible the -.Nm -daemon provides the -.Nm system.dns -service that proxies DNS resolution requests through a dedicated, -non-sandboxed process provided by -.Nm . -.Pp -The -.Nm -daemon can be started with the following command line arguments: -.Bl -tag -width ".Fl D Ar servconfdir" -.It Fl D Ar servconfdir -Specify alternative location of the service configuration directory. -The default location is -.Pa /etc/casper/ . -.It Fl F -Start the -.Nm -daemon in the foreground. -By default -.Nm -starts in the background. -.It Fl h -Print the -.Nm -usage message. -.It Fl l Ar listenqueue -Specify depth of socket listen queue for the -.Nm -daemon. -The default queue length is -.Pa SOMAXCONN . -.It Fl P Ar pidfile -Specify alternative location of a file where main process PID will be -stored. -The default location is -.Pa /var/run/casperd.pid . -.It Fl S Ar sockpath -Specify alternative location of the -.Xr unix 4 -domain socket used to connect to the -.Nm -daemon. -The default location is -.Pa /var/run/casper . -.It Fl v -Print or log verbose/debugging information. -This option can be specified multiple times to raise the verbosity -level. -.El -.Sh FILES -.Bl -tag -width ".Pa /var/run/casperd.pid" -compact -.It Pa /etc/casper/ -The configuration directory for -.Nm -services. -.It Pa /var/run/casper -.Xr unix 4 -domain socket used to connect to the -.Nm -daemon. -.It Pa /var/run/casperd.pid -The default location of the -.Nm -PID file. -.El -.Sh EXIT STATUS -The -.Nm -daemon exits 0 on success, and >0 if an error occurs. -.Sh SEE ALSO -.Xr cap_enter 2 , -.Xr libcapsicum 3 , -.Xr pidfile 3 , -.Xr capsicum 4 , -.Xr unix 4 -.Sh AUTHORS -The -.Nm -was implemented by -.An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net -under sponsorship from the FreeBSD Foundation. Property changes on: head/sbin/casperd/casperd.8 ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sbin/casperd/Makefile =================================================================== --- head/sbin/casperd/Makefile (revision 296046) +++ head/sbin/casperd/Makefile (nonexistent) @@ -1,17 +0,0 @@ -# $FreeBSD$ - -PROG= casperd - -SRCS= casperd.c zygote.c - -LIBADD= casper nv pjdlog util - -MAN= casperd.8 - -CFLAGS+=-I${.CURDIR} -CFLAGS+=-I${.CURDIR}/../../lib/libcapsicum -CFLAGS+=-I${.CURDIR}/../../lib/libcasper -CFLAGS+=-I${.CURDIR}/../../lib/libnv -CFLAGS+=-I${.CURDIR}/../../lib/libpjdlog - -.include Property changes on: head/sbin/casperd/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/sbin/ping/Makefile =================================================================== --- head/sbin/ping/Makefile (revision 296046) +++ head/sbin/ping/Makefile (revision 296047) @@ -1,23 +1,24 @@ # @(#)Makefile 8.1 (Berkeley) 6/5/93 # $FreeBSD$ .include PROG= ping MAN= ping.8 BINOWN= root BINMODE=4555 WARNS?= 3 LIBADD= m .if ${MK_CASPER} != "no" && !defined(RESCUE) -LIBADD+= capsicum -CFLAGS+=-DHAVE_LIBCAPSICUM +LIBADD+= casper +LIBADD+= cap_dns +CFLAGS+=-DHAVE_LIBCASPER .endif .if !defined(RELEASE_CRUNCH) CFLAGS+=-DIPSEC LIBADD+= ipsec .endif .include Index: head/sbin/ping/Makefile.depend =================================================================== --- head/sbin/ping/Makefile.depend (revision 296046) +++ head/sbin/ping/Makefile.depend (revision 296047) @@ -1,23 +1,24 @@ # $FreeBSD$ # Autogenerated - do NOT edit! DIRDEPS = \ gnu/lib/csu \ gnu/lib/libgcc \ include \ include/arpa \ include/xlocale \ lib/${CSU_DIR} \ lib/libc \ - lib/libcapsicum \ + lib/libcasper/libcasper \ + lib/libcasper/services \ lib/libcompiler_rt \ lib/libipsec \ lib/libnv \ lib/msun \ .include .if ${DEP_RELDIR} == ${_DEP_RELDIR} # local dependencies - needed for -jN in clean tree .endif Index: head/sbin/ping/ping.c =================================================================== --- head/sbin/ping/ping.c (revision 296046) +++ head/sbin/ping/ping.c (revision 296047) @@ -1,1840 +1,1838 @@ /* * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Mike Muuss. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; #endif /* not lint */ #endif #include __FBSDID("$FreeBSD$"); /* * P I N G . C * * Using the Internet Control Message Protocol (ICMP) "ECHO" facility, * measure round-trip-delays and packet loss across network paths. * * Author - * Mike Muuss * U. S. Army Ballistic Research Laboratory * December, 1983 * * Status - * Public Domain. Distribution Unlimited. * Bugs - * More statistics could always be gathered. * This program has to run SUID to ROOT to access the ICMP socket. */ #include /* NB: we rely on this for */ #include #include #include #include #include #include #include #include #include #include #include -#ifdef HAVE_LIBCAPSICUM -#include -#include -#include + +#ifdef HAVE_LIBCASPER +#include +#include #endif #ifdef IPSEC #include #endif /*IPSEC*/ #include #include #include #include #include #include #include #include #include #include #include #define INADDR_LEN ((int)sizeof(in_addr_t)) #define TIMEVAL_LEN ((int)sizeof(struct tv32)) #define MASK_LEN (ICMP_MASKLEN - ICMP_MINLEN) #define TS_LEN (ICMP_TSLEN - ICMP_MINLEN) #define DEFDATALEN 56 /* default data length */ #define FLOOD_BACKOFF 20000 /* usecs to back off if F_FLOOD mode */ /* runs out of buffer space */ #define MAXIPLEN (sizeof(struct ip) + MAX_IPOPTLEN) #define MAXICMPLEN (ICMP_ADVLENMIN + MAX_IPOPTLEN) #define MAXWAIT 10000 /* max ms to wait for response */ #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ #define MAXTOS 255 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */ #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */ #define SET(bit) (A(bit) |= B(bit)) #define CLR(bit) (A(bit) &= (~B(bit))) #define TST(bit) (A(bit) & B(bit)) struct tv32 { int32_t tv32_sec; int32_t tv32_usec; }; /* various options */ static int options; #define F_FLOOD 0x0001 #define F_INTERVAL 0x0002 #define F_NUMERIC 0x0004 #define F_PINGFILLED 0x0008 #define F_QUIET 0x0010 #define F_RROUTE 0x0020 #define F_SO_DEBUG 0x0040 #define F_SO_DONTROUTE 0x0080 #define F_VERBOSE 0x0100 #define F_QUIET2 0x0200 #define F_NOLOOP 0x0400 #define F_MTTL 0x0800 #define F_MIF 0x1000 #define F_AUDIBLE 0x2000 #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC #define F_POLICY 0x4000 #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ #define F_TTL 0x8000 #define F_MISSED 0x10000 #define F_ONCE 0x20000 #define F_HDRINCL 0x40000 #define F_MASK 0x80000 #define F_TIME 0x100000 #define F_SWEEP 0x200000 #define F_WAITTIME 0x400000 /* * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum * number of received sequence numbers we can keep track of. Change 128 * to 8192 for complete accuracy... */ #define MAX_DUP_CHK (8 * 128) static int mx_dup_ck = MAX_DUP_CHK; static char rcvd_tbl[MAX_DUP_CHK / 8]; static struct sockaddr_in whereto; /* who to ping */ static int datalen = DEFDATALEN; static int maxpayload; static int ssend; /* send socket file descriptor */ static int srecv; /* receive socket file descriptor */ static u_char outpackhdr[IP_MAXPACKET], *outpack; static char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */ static char BSPACE = '\b'; /* characters written for flood */ static char DOT = '.'; static char *hostname; static char *shostname; static int ident; /* process id to identify our packets */ static int uid; /* cached uid for micro-optimization */ static u_char icmp_type = ICMP_ECHO; static u_char icmp_type_rsp = ICMP_ECHOREPLY; static int phdr_len = 0; static int send_len; /* counters */ static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */ static long npackets; /* max packets to transmit */ static long nreceived; /* # of packets we got back */ static long nrepeats; /* number of duplicates */ static long ntransmitted; /* sequence # for outbound packets = #sent */ static long snpackets; /* max packets to transmit in one sweep */ static long sntransmitted; /* # of packets we sent in this sweep */ static int sweepmax; /* max value of payload in sweep */ static int sweepmin = 0; /* start value of payload in sweep */ static int sweepincr = 1; /* payload increment in sweep */ static int interval = 1000; /* interval between packets, ms */ static int waittime = MAXWAIT; /* timeout for each packet */ static long nrcvtimeout = 0; /* # of packets we got back after waittime */ /* timing */ static int timing; /* flag to do timing */ static double tmin = 999999999.0; /* minimum round trip time */ static double tmax = 0.0; /* maximum round trip time */ static double tsum = 0.0; /* sum of all times, for doing average */ static double tsumsq = 0.0; /* sum of all times squared, for std. dev. */ /* nonzero if we've been told to finish up */ static volatile sig_atomic_t finish_up; static volatile sig_atomic_t siginfo_p; -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER static cap_channel_t *capdns; #endif static void fill(char *, char *); static u_short in_cksum(u_short *, int); -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER static cap_channel_t *capdns_setup(void); #endif static void check_status(void); static void finish(void) __dead2; static void pinger(void); static char *pr_addr(struct in_addr); static char *pr_ntime(n_time); static void pr_icmph(struct icmp *); static void pr_iph(struct ip *); static void pr_pack(char *, int, struct sockaddr_in *, struct timeval *); static void pr_retip(struct ip *); static void status(int); static void stopit(int); static void tvsub(struct timeval *, const struct timeval *); static void usage(void) __dead2; int main(int argc, char *const *argv) { struct sockaddr_in from, sock_in; struct in_addr ifaddr; struct timeval last, intvl; struct iovec iov; struct ip *ip; struct msghdr msg; struct sigaction si_sa; size_t sz; u_char *datap, packet[IP_MAXPACKET] __aligned(4); char *ep, *source, *target, *payload; struct hostent *hp; #ifdef IPSEC_POLICY_IPSEC char *policy_in, *policy_out; #endif struct sockaddr_in *to; double t; u_long alarmtimeout, ultmp; int almost_done, ch, df, hold, i, icmp_len, mib[4], preload; int ssend_errno, srecv_errno, tos, ttl; char ctrl[CMSG_SPACE(sizeof(struct timeval))]; char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN]; #ifdef IP_OPTIONS char rspace[MAX_IPOPTLEN]; /* record route space */ #endif unsigned char loop, mttl; payload = source = NULL; #ifdef IPSEC_POLICY_IPSEC policy_in = policy_out = NULL; #endif cap_rights_t rights; bool cansandbox; /* * Do the stuff that we need root priv's for *first*, and * then drop our setuid bit. Save error reporting for * after arg parsing. * * Historicaly ping was using one socket 's' for sending and for * receiving. After capsicum(4) related changes we use two * sockets. It was done for special ping use case - when user * issue ping on multicast or broadcast address replies come * from different addresses, not from the address we * connect(2)'ed to, and send socket do not receive those * packets. */ ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); ssend_errno = errno; srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); srecv_errno = errno; if (setuid(getuid()) != 0) err(EX_NOPERM, "setuid() failed"); uid = getuid(); alarmtimeout = df = preload = tos = 0; outpack = outpackhdr + sizeof(struct ip); while ((ch = getopt(argc, argv, "Aac:DdfG:g:h:I:i:Ll:M:m:nop:QqRrS:s:T:t:vW:z:" #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC "P:" #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ )) != -1) { switch(ch) { case 'A': options |= F_MISSED; break; case 'a': options |= F_AUDIBLE; break; case 'c': ultmp = strtoul(optarg, &ep, 0); if (*ep || ep == optarg || ultmp > LONG_MAX || !ultmp) errx(EX_USAGE, "invalid count of packets to transmit: `%s'", optarg); npackets = ultmp; break; case 'D': options |= F_HDRINCL; df = 1; break; case 'd': options |= F_SO_DEBUG; break; case 'f': if (uid) { errno = EPERM; err(EX_NOPERM, "-f flag"); } options |= F_FLOOD; setbuf(stdout, (char *)NULL); break; case 'G': /* Maximum packet size for ping sweep */ ultmp = strtoul(optarg, &ep, 0); if (*ep || ep == optarg) errx(EX_USAGE, "invalid packet size: `%s'", optarg); if (uid != 0 && ultmp > DEFDATALEN) { errno = EPERM; err(EX_NOPERM, "packet size too large: %lu > %u", ultmp, DEFDATALEN); } options |= F_SWEEP; sweepmax = ultmp; break; case 'g': /* Minimum packet size for ping sweep */ ultmp = strtoul(optarg, &ep, 0); if (*ep || ep == optarg) errx(EX_USAGE, "invalid packet size: `%s'", optarg); if (uid != 0 && ultmp > DEFDATALEN) { errno = EPERM; err(EX_NOPERM, "packet size too large: %lu > %u", ultmp, DEFDATALEN); } options |= F_SWEEP; sweepmin = ultmp; break; case 'h': /* Packet size increment for ping sweep */ ultmp = strtoul(optarg, &ep, 0); if (*ep || ep == optarg || ultmp < 1) errx(EX_USAGE, "invalid increment size: `%s'", optarg); if (uid != 0 && ultmp > DEFDATALEN) { errno = EPERM; err(EX_NOPERM, "packet size too large: %lu > %u", ultmp, DEFDATALEN); } options |= F_SWEEP; sweepincr = ultmp; break; case 'I': /* multicast interface */ if (inet_aton(optarg, &ifaddr) == 0) errx(EX_USAGE, "invalid multicast interface: `%s'", optarg); options |= F_MIF; break; case 'i': /* wait between sending packets */ t = strtod(optarg, &ep) * 1000.0; if (*ep || ep == optarg || t > (double)INT_MAX) errx(EX_USAGE, "invalid timing interval: `%s'", optarg); options |= F_INTERVAL; interval = (int)t; if (uid && interval < 1000) { errno = EPERM; err(EX_NOPERM, "-i interval too short"); } break; case 'L': options |= F_NOLOOP; loop = 0; break; case 'l': ultmp = strtoul(optarg, &ep, 0); if (*ep || ep == optarg || ultmp > INT_MAX) errx(EX_USAGE, "invalid preload value: `%s'", optarg); if (uid) { errno = EPERM; err(EX_NOPERM, "-l flag"); } preload = ultmp; break; case 'M': switch(optarg[0]) { case 'M': case 'm': options |= F_MASK; break; case 'T': case 't': options |= F_TIME; break; default: errx(EX_USAGE, "invalid message: `%c'", optarg[0]); break; } break; case 'm': /* TTL */ ultmp = strtoul(optarg, &ep, 0); if (*ep || ep == optarg || ultmp > MAXTTL) errx(EX_USAGE, "invalid TTL: `%s'", optarg); ttl = ultmp; options |= F_TTL; break; case 'n': options |= F_NUMERIC; break; case 'o': options |= F_ONCE; break; #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC case 'P': options |= F_POLICY; if (!strncmp("in", optarg, 2)) policy_in = strdup(optarg); else if (!strncmp("out", optarg, 3)) policy_out = strdup(optarg); else errx(1, "invalid security policy"); break; #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ case 'p': /* fill buffer with user pattern */ options |= F_PINGFILLED; payload = optarg; break; case 'Q': options |= F_QUIET2; break; case 'q': options |= F_QUIET; break; case 'R': options |= F_RROUTE; break; case 'r': options |= F_SO_DONTROUTE; break; case 'S': source = optarg; break; case 's': /* size of packet to send */ ultmp = strtoul(optarg, &ep, 0); if (*ep || ep == optarg) errx(EX_USAGE, "invalid packet size: `%s'", optarg); if (uid != 0 && ultmp > DEFDATALEN) { errno = EPERM; err(EX_NOPERM, "packet size too large: %lu > %u", ultmp, DEFDATALEN); } datalen = ultmp; break; case 'T': /* multicast TTL */ ultmp = strtoul(optarg, &ep, 0); if (*ep || ep == optarg || ultmp > MAXTTL) errx(EX_USAGE, "invalid multicast TTL: `%s'", optarg); mttl = ultmp; options |= F_MTTL; break; case 't': alarmtimeout = strtoul(optarg, &ep, 0); if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX)) errx(EX_USAGE, "invalid timeout: `%s'", optarg); if (alarmtimeout > MAXALARM) errx(EX_USAGE, "invalid timeout: `%s' > %d", optarg, MAXALARM); alarm((int)alarmtimeout); break; case 'v': options |= F_VERBOSE; break; case 'W': /* wait ms for answer */ t = strtod(optarg, &ep); if (*ep || ep == optarg || t > (double)INT_MAX) errx(EX_USAGE, "invalid timing interval: `%s'", optarg); options |= F_WAITTIME; waittime = (int)t; break; case 'z': options |= F_HDRINCL; ultmp = strtoul(optarg, &ep, 0); if (*ep || ep == optarg || ultmp > MAXTOS) errx(EX_USAGE, "invalid TOS: `%s'", optarg); tos = ultmp; break; default: usage(); } } if (argc - optind != 1) usage(); target = argv[optind]; switch (options & (F_MASK|F_TIME)) { case 0: break; case F_MASK: icmp_type = ICMP_MASKREQ; icmp_type_rsp = ICMP_MASKREPLY; phdr_len = MASK_LEN; if (!(options & F_QUIET)) (void)printf("ICMP_MASKREQ\n"); break; case F_TIME: icmp_type = ICMP_TSTAMP; icmp_type_rsp = ICMP_TSTAMPREPLY; phdr_len = TS_LEN; if (!(options & F_QUIET)) (void)printf("ICMP_TSTAMP\n"); break; default: errx(EX_USAGE, "ICMP_TSTAMP and ICMP_MASKREQ are exclusive."); break; } icmp_len = sizeof(struct ip) + ICMP_MINLEN + phdr_len; if (options & F_RROUTE) icmp_len += MAX_IPOPTLEN; maxpayload = IP_MAXPACKET - icmp_len; if (datalen > maxpayload) errx(EX_USAGE, "packet size too large: %d > %d", datalen, maxpayload); send_len = icmp_len + datalen; datap = &outpack[ICMP_MINLEN + phdr_len + TIMEVAL_LEN]; if (options & F_PINGFILLED) { fill((char *)datap, payload); } -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER capdns = capdns_setup(); #endif if (source) { bzero((char *)&sock_in, sizeof(sock_in)); sock_in.sin_family = AF_INET; if (inet_aton(source, &sock_in.sin_addr) != 0) { shostname = source; } else { -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER if (capdns != NULL) hp = cap_gethostbyname2(capdns, source, AF_INET); else #endif hp = gethostbyname2(source, AF_INET); if (!hp) errx(EX_NOHOST, "cannot resolve %s: %s", source, hstrerror(h_errno)); sock_in.sin_len = sizeof sock_in; if ((unsigned)hp->h_length > sizeof(sock_in.sin_addr) || hp->h_length < 0) errx(1, "gethostbyname2: illegal address"); memcpy(&sock_in.sin_addr, hp->h_addr_list[0], sizeof(sock_in.sin_addr)); (void)strncpy(snamebuf, hp->h_name, sizeof(snamebuf) - 1); snamebuf[sizeof(snamebuf) - 1] = '\0'; shostname = snamebuf; } if (bind(ssend, (struct sockaddr *)&sock_in, sizeof sock_in) == -1) err(1, "bind"); } bzero(&whereto, sizeof(whereto)); to = &whereto; to->sin_family = AF_INET; to->sin_len = sizeof *to; if (inet_aton(target, &to->sin_addr) != 0) { hostname = target; } else { -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER if (capdns != NULL) hp = cap_gethostbyname2(capdns, target, AF_INET); else #endif hp = gethostbyname2(target, AF_INET); if (!hp) errx(EX_NOHOST, "cannot resolve %s: %s", target, hstrerror(h_errno)); if ((unsigned)hp->h_length > sizeof(to->sin_addr)) errx(1, "gethostbyname2 returned an illegal address"); memcpy(&to->sin_addr, hp->h_addr_list[0], sizeof to->sin_addr); (void)strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1); hnamebuf[sizeof(hnamebuf) - 1] = '\0'; hostname = hnamebuf; } -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER /* From now on we will use only reverse DNS lookups. */ if (capdns != NULL) { const char *types[1]; types[0] = "ADDR"; if (cap_dns_type_limit(capdns, types, 1) < 0) err(1, "unable to limit access to system.dns service"); } #endif if (ssend < 0) { errno = ssend_errno; err(EX_OSERR, "ssend socket"); } if (srecv < 0) { errno = srecv_errno; err(EX_OSERR, "srecv socket"); } if (connect(ssend, (struct sockaddr *)&whereto, sizeof(whereto)) != 0) err(1, "connect"); if (options & F_FLOOD && options & F_INTERVAL) errx(EX_USAGE, "-f and -i: incompatible options"); if (options & F_FLOOD && IN_MULTICAST(ntohl(to->sin_addr.s_addr))) errx(EX_USAGE, "-f flag cannot be used with multicast destination"); if (options & (F_MIF | F_NOLOOP | F_MTTL) && !IN_MULTICAST(ntohl(to->sin_addr.s_addr))) errx(EX_USAGE, "-I, -L, -T flags cannot be used with unicast destination"); if (datalen >= TIMEVAL_LEN) /* can we time transfer */ timing = 1; if (!(options & F_PINGFILLED)) for (i = TIMEVAL_LEN; i < datalen; ++i) *datap++ = i; ident = getpid() & 0xFFFF; hold = 1; if (options & F_SO_DEBUG) { (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); } if (options & F_SO_DONTROUTE) (void)setsockopt(ssend, SOL_SOCKET, SO_DONTROUTE, (char *)&hold, sizeof(hold)); #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC if (options & F_POLICY) { char *buf; if (policy_in != NULL) { buf = ipsec_set_policy(policy_in, strlen(policy_in)); if (buf == NULL) errx(EX_CONFIG, "%s", ipsec_strerror()); if (setsockopt(srecv, IPPROTO_IP, IP_IPSEC_POLICY, buf, ipsec_get_policylen(buf)) < 0) err(EX_CONFIG, "ipsec policy cannot be configured"); free(buf); } if (policy_out != NULL) { buf = ipsec_set_policy(policy_out, strlen(policy_out)); if (buf == NULL) errx(EX_CONFIG, "%s", ipsec_strerror()); if (setsockopt(ssend, IPPROTO_IP, IP_IPSEC_POLICY, buf, ipsec_get_policylen(buf)) < 0) err(EX_CONFIG, "ipsec policy cannot be configured"); free(buf); } } #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ if (options & F_HDRINCL) { ip = (struct ip*)outpackhdr; if (!(options & (F_TTL | F_MTTL))) { mib[0] = CTL_NET; mib[1] = PF_INET; mib[2] = IPPROTO_IP; mib[3] = IPCTL_DEFTTL; sz = sizeof(ttl); if (sysctl(mib, 4, &ttl, &sz, NULL, 0) == -1) err(1, "sysctl(net.inet.ip.ttl)"); } setsockopt(ssend, IPPROTO_IP, IP_HDRINCL, &hold, sizeof(hold)); ip->ip_v = IPVERSION; ip->ip_hl = sizeof(struct ip) >> 2; ip->ip_tos = tos; ip->ip_id = 0; ip->ip_off = htons(df ? IP_DF : 0); ip->ip_ttl = ttl; ip->ip_p = IPPROTO_ICMP; ip->ip_src.s_addr = source ? sock_in.sin_addr.s_addr : INADDR_ANY; ip->ip_dst = to->sin_addr; } if (options & F_NUMERIC) cansandbox = true; -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER else if (capdns != NULL) cansandbox = true; #endif else cansandbox = false; /* * Here we enter capability mode. Further down access to global * namespaces (e.g filesystem) is restricted (see capsicum(4)). * We must connect(2) our socket before this point. */ if (cansandbox && cap_enter() < 0 && errno != ENOSYS) err(1, "cap_enter"); cap_rights_init(&rights, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT); if (cap_rights_limit(srecv, &rights) < 0 && errno != ENOSYS) err(1, "cap_rights_limit srecv"); cap_rights_init(&rights, CAP_SEND, CAP_SETSOCKOPT); if (cap_rights_limit(ssend, &rights) < 0 && errno != ENOSYS) err(1, "cap_rights_limit ssend"); /* record route option */ if (options & F_RROUTE) { #ifdef IP_OPTIONS bzero(rspace, sizeof(rspace)); rspace[IPOPT_OPTVAL] = IPOPT_RR; rspace[IPOPT_OLEN] = sizeof(rspace) - 1; rspace[IPOPT_OFFSET] = IPOPT_MINOFF; rspace[sizeof(rspace) - 1] = IPOPT_EOL; if (setsockopt(ssend, IPPROTO_IP, IP_OPTIONS, rspace, sizeof(rspace)) < 0) err(EX_OSERR, "setsockopt IP_OPTIONS"); #else errx(EX_UNAVAILABLE, "record route not available in this implementation"); #endif /* IP_OPTIONS */ } if (options & F_TTL) { if (setsockopt(ssend, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl)) < 0) { err(EX_OSERR, "setsockopt IP_TTL"); } } if (options & F_NOLOOP) { if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, sizeof(loop)) < 0) { err(EX_OSERR, "setsockopt IP_MULTICAST_LOOP"); } } if (options & F_MTTL) { if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_TTL, &mttl, sizeof(mttl)) < 0) { err(EX_OSERR, "setsockopt IP_MULTICAST_TTL"); } } if (options & F_MIF) { if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_IF, &ifaddr, sizeof(ifaddr)) < 0) { err(EX_OSERR, "setsockopt IP_MULTICAST_IF"); } } #ifdef SO_TIMESTAMP { int on = 1; if (setsockopt(srecv, SOL_SOCKET, SO_TIMESTAMP, &on, sizeof(on)) < 0) err(EX_OSERR, "setsockopt SO_TIMESTAMP"); } #endif if (sweepmax) { if (sweepmin >= sweepmax) errx(EX_USAGE, "Maximum packet size must be greater than the minimum packet size"); if (datalen != DEFDATALEN) errx(EX_USAGE, "Packet size and ping sweep are mutually exclusive"); if (npackets > 0) { snpackets = npackets; npackets = 0; } else snpackets = 1; datalen = sweepmin; send_len = icmp_len + sweepmin; } if (options & F_SWEEP && !sweepmax) errx(EX_USAGE, "Maximum sweep size must be specified"); /* * When pinging the broadcast address, you can get a lot of answers. * Doing something so evil is useful if you are trying to stress the * ethernet, or just want to fill the arp cache to get some stuff for * /etc/ethers. But beware: RFC 1122 allows hosts to ignore broadcast * or multicast pings if they wish. */ /* * XXX receive buffer needs undetermined space for mbuf overhead * as well. */ hold = IP_MAXPACKET + 128; (void)setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold, sizeof(hold)); /* CAP_SETSOCKOPT removed */ cap_rights_init(&rights, CAP_RECV, CAP_EVENT); if (cap_rights_limit(srecv, &rights) < 0 && errno != ENOSYS) err(1, "cap_rights_limit srecv setsockopt"); if (uid == 0) (void)setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, (char *)&hold, sizeof(hold)); /* CAP_SETSOCKOPT removed */ cap_rights_init(&rights, CAP_SEND); if (cap_rights_limit(ssend, &rights) < 0 && errno != ENOSYS) err(1, "cap_rights_limit ssend setsockopt"); if (to->sin_family == AF_INET) { (void)printf("PING %s (%s)", hostname, inet_ntoa(to->sin_addr)); if (source) (void)printf(" from %s", shostname); if (sweepmax) (void)printf(": (%d ... %d) data bytes\n", sweepmin, sweepmax); else (void)printf(": %d data bytes\n", datalen); } else { if (sweepmax) (void)printf("PING %s: (%d ... %d) data bytes\n", hostname, sweepmin, sweepmax); else (void)printf("PING %s: %d data bytes\n", hostname, datalen); } /* * Use sigaction() instead of signal() to get unambiguous semantics, * in particular with SA_RESTART not set. */ sigemptyset(&si_sa.sa_mask); si_sa.sa_flags = 0; si_sa.sa_handler = stopit; if (sigaction(SIGINT, &si_sa, 0) == -1) { err(EX_OSERR, "sigaction SIGINT"); } si_sa.sa_handler = status; if (sigaction(SIGINFO, &si_sa, 0) == -1) { err(EX_OSERR, "sigaction"); } if (alarmtimeout > 0) { si_sa.sa_handler = stopit; if (sigaction(SIGALRM, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGALRM"); } bzero(&msg, sizeof(msg)); msg.msg_name = (caddr_t)&from; msg.msg_iov = &iov; msg.msg_iovlen = 1; #ifdef SO_TIMESTAMP msg.msg_control = (caddr_t)ctrl; #endif iov.iov_base = packet; iov.iov_len = IP_MAXPACKET; if (preload == 0) pinger(); /* send the first ping */ else { if (npackets != 0 && preload > npackets) preload = npackets; while (preload--) /* fire off them quickies */ pinger(); } (void)gettimeofday(&last, NULL); if (options & F_FLOOD) { intvl.tv_sec = 0; intvl.tv_usec = 10000; } else { intvl.tv_sec = interval / 1000; intvl.tv_usec = interval % 1000 * 1000; } almost_done = 0; while (!finish_up) { struct timeval now, timeout; fd_set rfds; int cc, n; check_status(); if ((unsigned)srecv >= FD_SETSIZE) errx(EX_OSERR, "descriptor too large"); FD_ZERO(&rfds); FD_SET(srecv, &rfds); (void)gettimeofday(&now, NULL); timeout.tv_sec = last.tv_sec + intvl.tv_sec - now.tv_sec; timeout.tv_usec = last.tv_usec + intvl.tv_usec - now.tv_usec; while (timeout.tv_usec < 0) { timeout.tv_usec += 1000000; timeout.tv_sec--; } while (timeout.tv_usec >= 1000000) { timeout.tv_usec -= 1000000; timeout.tv_sec++; } if (timeout.tv_sec < 0) timerclear(&timeout); n = select(srecv + 1, &rfds, NULL, NULL, &timeout); if (n < 0) continue; /* Must be EINTR. */ if (n == 1) { struct timeval *tv = NULL; #ifdef SO_TIMESTAMP struct cmsghdr *cmsg = (struct cmsghdr *)&ctrl; msg.msg_controllen = sizeof(ctrl); #endif msg.msg_namelen = sizeof(from); if ((cc = recvmsg(srecv, &msg, 0)) < 0) { if (errno == EINTR) continue; warn("recvmsg"); continue; } #ifdef SO_TIMESTAMP if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_TIMESTAMP && cmsg->cmsg_len == CMSG_LEN(sizeof *tv)) { /* Copy to avoid alignment problems: */ memcpy(&now, CMSG_DATA(cmsg), sizeof(now)); tv = &now; } #endif if (tv == NULL) { (void)gettimeofday(&now, NULL); tv = &now; } pr_pack((char *)packet, cc, &from, tv); if ((options & F_ONCE && nreceived) || (npackets && nreceived >= npackets)) break; } if (n == 0 || options & F_FLOOD) { if (sweepmax && sntransmitted == snpackets) { for (i = 0; i < sweepincr ; ++i) *datap++ = i; datalen += sweepincr; if (datalen > sweepmax) break; send_len = icmp_len + datalen; sntransmitted = 0; } if (!npackets || ntransmitted < npackets) pinger(); else { if (almost_done) break; almost_done = 1; intvl.tv_usec = 0; if (nreceived) { intvl.tv_sec = 2 * tmax / 1000; if (!intvl.tv_sec) intvl.tv_sec = 1; } else { intvl.tv_sec = waittime / 1000; intvl.tv_usec = waittime % 1000 * 1000; } } (void)gettimeofday(&last, NULL); if (ntransmitted - nreceived - 1 > nmissedmax) { nmissedmax = ntransmitted - nreceived - 1; if (options & F_MISSED) (void)write(STDOUT_FILENO, &BBELL, 1); } } } finish(); /* NOTREACHED */ exit(0); /* Make the compiler happy */ } /* * stopit -- * Set the global bit that causes the main loop to quit. * Do NOT call finish() from here, since finish() does far too much * to be called from a signal handler. */ void stopit(int sig __unused) { /* * When doing reverse DNS lookups, the finish_up flag might not * be noticed for a while. Just exit if we get a second SIGINT. */ if (!(options & F_NUMERIC) && finish_up) _exit(nreceived ? 0 : 2); finish_up = 1; } /* * pinger -- * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet * will be added on by the kernel. The ID field is our UNIX process ID, * and the sequence number is an ascending integer. The first TIMEVAL_LEN * bytes of the data portion are used to hold a UNIX "timeval" struct in * host byte-order, to compute the round-trip time. */ static void pinger(void) { struct timeval now; struct tv32 tv32; struct ip *ip; struct icmp *icp; int cc, i; u_char *packet; packet = outpack; icp = (struct icmp *)outpack; icp->icmp_type = icmp_type; icp->icmp_code = 0; icp->icmp_cksum = 0; icp->icmp_seq = htons(ntransmitted); icp->icmp_id = ident; /* ID */ CLR(ntransmitted % mx_dup_ck); if ((options & F_TIME) || timing) { (void)gettimeofday(&now, NULL); tv32.tv32_sec = htonl(now.tv_sec); tv32.tv32_usec = htonl(now.tv_usec); if (options & F_TIME) icp->icmp_otime = htonl((now.tv_sec % (24*60*60)) * 1000 + now.tv_usec / 1000); if (timing) bcopy((void *)&tv32, (void *)&outpack[ICMP_MINLEN + phdr_len], sizeof(tv32)); } cc = ICMP_MINLEN + phdr_len + datalen; /* compute ICMP checksum here */ icp->icmp_cksum = in_cksum((u_short *)icp, cc); if (options & F_HDRINCL) { cc += sizeof(struct ip); ip = (struct ip *)outpackhdr; ip->ip_len = htons(cc); ip->ip_sum = in_cksum((u_short *)outpackhdr, cc); packet = outpackhdr; } i = send(ssend, (char *)packet, cc, 0); if (i < 0 || i != cc) { if (i < 0) { if (options & F_FLOOD && errno == ENOBUFS) { usleep(FLOOD_BACKOFF); return; } warn("sendto"); } else { warn("%s: partial write: %d of %d bytes", hostname, i, cc); } } ntransmitted++; sntransmitted++; if (!(options & F_QUIET) && options & F_FLOOD) (void)write(STDOUT_FILENO, &DOT, 1); } /* * pr_pack -- * Print out the packet, if it came from us. This logic is necessary * because ALL readers of the ICMP socket get a copy of ALL ICMP packets * which arrive ('tis only fair). This permits multiple copies of this * program to be run without having intermingled output (or statistics!). */ static void pr_pack(char *buf, int cc, struct sockaddr_in *from, struct timeval *tv) { struct in_addr ina; u_char *cp, *dp; struct icmp *icp; struct ip *ip; const void *tp; double triptime; int dupflag, hlen, i, j, recv_len, seq; static int old_rrlen; static char old_rr[MAX_IPOPTLEN]; /* Check the IP header */ ip = (struct ip *)buf; hlen = ip->ip_hl << 2; recv_len = cc; if (cc < hlen + ICMP_MINLEN) { if (options & F_VERBOSE) warn("packet too short (%d bytes) from %s", cc, inet_ntoa(from->sin_addr)); return; } /* Now the ICMP part */ cc -= hlen; icp = (struct icmp *)(buf + hlen); if (icp->icmp_type == icmp_type_rsp) { if (icp->icmp_id != ident) return; /* 'Twas not our ECHO */ ++nreceived; triptime = 0.0; if (timing) { struct timeval tv1; struct tv32 tv32; #ifndef icmp_data tp = &icp->icmp_ip; #else tp = icp->icmp_data; #endif tp = (const char *)tp + phdr_len; if ((size_t)(cc - ICMP_MINLEN - phdr_len) >= sizeof(tv1)) { /* Copy to avoid alignment problems: */ memcpy(&tv32, tp, sizeof(tv32)); tv1.tv_sec = ntohl(tv32.tv32_sec); tv1.tv_usec = ntohl(tv32.tv32_usec); tvsub(tv, &tv1); triptime = ((double)tv->tv_sec) * 1000.0 + ((double)tv->tv_usec) / 1000.0; tsum += triptime; tsumsq += triptime * triptime; if (triptime < tmin) tmin = triptime; if (triptime > tmax) tmax = triptime; } else timing = 0; } seq = ntohs(icp->icmp_seq); if (TST(seq % mx_dup_ck)) { ++nrepeats; --nreceived; dupflag = 1; } else { SET(seq % mx_dup_ck); dupflag = 0; } if (options & F_QUIET) return; if (options & F_WAITTIME && triptime > waittime) { ++nrcvtimeout; return; } if (options & F_FLOOD) (void)write(STDOUT_FILENO, &BSPACE, 1); else { (void)printf("%d bytes from %s: icmp_seq=%u", cc, inet_ntoa(*(struct in_addr *)&from->sin_addr.s_addr), seq); (void)printf(" ttl=%d", ip->ip_ttl); if (timing) (void)printf(" time=%.3f ms", triptime); if (dupflag) (void)printf(" (DUP!)"); if (options & F_AUDIBLE) (void)write(STDOUT_FILENO, &BBELL, 1); if (options & F_MASK) { /* Just prentend this cast isn't ugly */ (void)printf(" mask=%s", pr_addr(*(struct in_addr *)&(icp->icmp_mask))); } if (options & F_TIME) { (void)printf(" tso=%s", pr_ntime(icp->icmp_otime)); (void)printf(" tsr=%s", pr_ntime(icp->icmp_rtime)); (void)printf(" tst=%s", pr_ntime(icp->icmp_ttime)); } if (recv_len != send_len) { (void)printf( "\nwrong total length %d instead of %d", recv_len, send_len); } /* check the data */ cp = (u_char*)&icp->icmp_data[phdr_len]; dp = &outpack[ICMP_MINLEN + phdr_len]; cc -= ICMP_MINLEN + phdr_len; i = 0; if (timing) { /* don't check variable timestamp */ cp += TIMEVAL_LEN; dp += TIMEVAL_LEN; cc -= TIMEVAL_LEN; i += TIMEVAL_LEN; } for (; i < datalen && cc > 0; ++i, ++cp, ++dp, --cc) { if (*cp != *dp) { (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", i, *dp, *cp); (void)printf("\ncp:"); cp = (u_char*)&icp->icmp_data[0]; for (i = 0; i < datalen; ++i, ++cp) { if ((i % 16) == 8) (void)printf("\n\t"); (void)printf("%2x ", *cp); } (void)printf("\ndp:"); cp = &outpack[ICMP_MINLEN]; for (i = 0; i < datalen; ++i, ++cp) { if ((i % 16) == 8) (void)printf("\n\t"); (void)printf("%2x ", *cp); } break; } } } } else { /* * We've got something other than an ECHOREPLY. * See if it's a reply to something that we sent. * We can compare IP destination, protocol, * and ICMP type and ID. * * Only print all the error messages if we are running * as root to avoid leaking information not normally * available to those not running as root. */ #ifndef icmp_data struct ip *oip = &icp->icmp_ip; #else struct ip *oip = (struct ip *)icp->icmp_data; #endif struct icmp *oicmp = (struct icmp *)(oip + 1); if (((options & F_VERBOSE) && uid == 0) || (!(options & F_QUIET2) && (oip->ip_dst.s_addr == whereto.sin_addr.s_addr) && (oip->ip_p == IPPROTO_ICMP) && (oicmp->icmp_type == ICMP_ECHO) && (oicmp->icmp_id == ident))) { (void)printf("%d bytes from %s: ", cc, pr_addr(from->sin_addr)); pr_icmph(icp); } else return; } /* Display any IP options */ cp = (u_char *)buf + sizeof(struct ip); for (; hlen > (int)sizeof(struct ip); --hlen, ++cp) switch (*cp) { case IPOPT_EOL: hlen = 0; break; case IPOPT_LSRR: case IPOPT_SSRR: (void)printf(*cp == IPOPT_LSRR ? "\nLSRR: " : "\nSSRR: "); j = cp[IPOPT_OLEN] - IPOPT_MINOFF + 1; hlen -= 2; cp += 2; if (j >= INADDR_LEN && j <= hlen - (int)sizeof(struct ip)) { for (;;) { bcopy(++cp, &ina.s_addr, INADDR_LEN); if (ina.s_addr == 0) (void)printf("\t0.0.0.0"); else (void)printf("\t%s", pr_addr(ina)); hlen -= INADDR_LEN; cp += INADDR_LEN - 1; j -= INADDR_LEN; if (j < INADDR_LEN) break; (void)putchar('\n'); } } else (void)printf("\t(truncated route)\n"); break; case IPOPT_RR: j = cp[IPOPT_OLEN]; /* get length */ i = cp[IPOPT_OFFSET]; /* and pointer */ hlen -= 2; cp += 2; if (i > j) i = j; i = i - IPOPT_MINOFF + 1; if (i < 0 || i > (hlen - (int)sizeof(struct ip))) { old_rrlen = 0; continue; } if (i == old_rrlen && !bcmp((char *)cp, old_rr, i) && !(options & F_FLOOD)) { (void)printf("\t(same route)"); hlen -= i; cp += i; break; } old_rrlen = i; bcopy((char *)cp, old_rr, i); (void)printf("\nRR: "); if (i >= INADDR_LEN && i <= hlen - (int)sizeof(struct ip)) { for (;;) { bcopy(++cp, &ina.s_addr, INADDR_LEN); if (ina.s_addr == 0) (void)printf("\t0.0.0.0"); else (void)printf("\t%s", pr_addr(ina)); hlen -= INADDR_LEN; cp += INADDR_LEN - 1; i -= INADDR_LEN; if (i < INADDR_LEN) break; (void)putchar('\n'); } } else (void)printf("\t(truncated route)"); break; case IPOPT_NOP: (void)printf("\nNOP"); break; default: (void)printf("\nunknown option %x", *cp); break; } if (!(options & F_FLOOD)) { (void)putchar('\n'); (void)fflush(stdout); } } /* * in_cksum -- * Checksum routine for Internet Protocol family headers (C Version) */ u_short in_cksum(u_short *addr, int len) { int nleft, sum; u_short *w; union { u_short us; u_char uc[2]; } last; u_short answer; nleft = len; sum = 0; w = addr; /* * Our algorithm is simple, using a 32 bit accumulator (sum), we add * sequential 16 bit words to it, and at the end, fold back all the * carry bits from the top 16 bits into the lower 16 bits. */ while (nleft > 1) { sum += *w++; nleft -= 2; } /* mop up an odd byte, if necessary */ if (nleft == 1) { last.uc[0] = *(u_char *)w; last.uc[1] = 0; sum += last.us; } /* add back carry outs from top 16 bits to low 16 bits */ sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */ sum += (sum >> 16); /* add carry */ answer = ~sum; /* truncate to 16 bits */ return(answer); } /* * tvsub -- * Subtract 2 timeval structs: out = out - in. Out is assumed to * be >= in. */ static void tvsub(struct timeval *out, const struct timeval *in) { if ((out->tv_usec -= in->tv_usec) < 0) { --out->tv_sec; out->tv_usec += 1000000; } out->tv_sec -= in->tv_sec; } /* * status -- * Print out statistics when SIGINFO is received. */ static void status(int sig __unused) { siginfo_p = 1; } static void check_status(void) { if (siginfo_p) { siginfo_p = 0; (void)fprintf(stderr, "\r%ld/%ld packets received (%.1f%%)", nreceived, ntransmitted, ntransmitted ? nreceived * 100.0 / ntransmitted : 0.0); if (nreceived && timing) (void)fprintf(stderr, " %.3f min / %.3f avg / %.3f max", tmin, tsum / (nreceived + nrepeats), tmax); (void)fprintf(stderr, "\n"); } } /* * finish -- * Print out statistics, and give up. */ static void finish(void) { (void)signal(SIGINT, SIG_IGN); (void)signal(SIGALRM, SIG_IGN); (void)putchar('\n'); (void)fflush(stdout); (void)printf("--- %s ping statistics ---\n", hostname); (void)printf("%ld packets transmitted, ", ntransmitted); (void)printf("%ld packets received, ", nreceived); if (nrepeats) (void)printf("+%ld duplicates, ", nrepeats); if (ntransmitted) { if (nreceived > ntransmitted) (void)printf("-- somebody's printing up packets!"); else (void)printf("%.1f%% packet loss", ((ntransmitted - nreceived) * 100.0) / ntransmitted); } if (nrcvtimeout) (void)printf(", %ld packets out of wait time", nrcvtimeout); (void)putchar('\n'); if (nreceived && timing) { double n = nreceived + nrepeats; double avg = tsum / n; double vari = tsumsq / n - avg * avg; (void)printf( "round-trip min/avg/max/stddev = %.3f/%.3f/%.3f/%.3f ms\n", tmin, avg, tmax, sqrt(vari)); } if (nreceived) exit(0); else exit(2); } #ifdef notdef static char *ttab[] = { "Echo Reply", /* ip + seq + udata */ "Dest Unreachable", /* net, host, proto, port, frag, sr + IP */ "Source Quench", /* IP */ "Redirect", /* redirect type, gateway, + IP */ "Echo", "Time Exceeded", /* transit, frag reassem + IP */ "Parameter Problem", /* pointer + IP */ "Timestamp", /* id + seq + three timestamps */ "Timestamp Reply", /* " */ "Info Request", /* id + sq */ "Info Reply" /* " */ }; #endif /* * pr_icmph -- * Print a descriptive string about an ICMP header. */ static void pr_icmph(struct icmp *icp) { switch(icp->icmp_type) { case ICMP_ECHOREPLY: (void)printf("Echo Reply\n"); /* XXX ID + Seq + Data */ break; case ICMP_UNREACH: switch(icp->icmp_code) { case ICMP_UNREACH_NET: (void)printf("Destination Net Unreachable\n"); break; case ICMP_UNREACH_HOST: (void)printf("Destination Host Unreachable\n"); break; case ICMP_UNREACH_PROTOCOL: (void)printf("Destination Protocol Unreachable\n"); break; case ICMP_UNREACH_PORT: (void)printf("Destination Port Unreachable\n"); break; case ICMP_UNREACH_NEEDFRAG: (void)printf("frag needed and DF set (MTU %d)\n", ntohs(icp->icmp_nextmtu)); break; case ICMP_UNREACH_SRCFAIL: (void)printf("Source Route Failed\n"); break; case ICMP_UNREACH_FILTER_PROHIB: (void)printf("Communication prohibited by filter\n"); break; default: (void)printf("Dest Unreachable, Bad Code: %d\n", icp->icmp_code); break; } /* Print returned IP header information */ #ifndef icmp_data pr_retip(&icp->icmp_ip); #else pr_retip((struct ip *)icp->icmp_data); #endif break; case ICMP_SOURCEQUENCH: (void)printf("Source Quench\n"); #ifndef icmp_data pr_retip(&icp->icmp_ip); #else pr_retip((struct ip *)icp->icmp_data); #endif break; case ICMP_REDIRECT: switch(icp->icmp_code) { case ICMP_REDIRECT_NET: (void)printf("Redirect Network"); break; case ICMP_REDIRECT_HOST: (void)printf("Redirect Host"); break; case ICMP_REDIRECT_TOSNET: (void)printf("Redirect Type of Service and Network"); break; case ICMP_REDIRECT_TOSHOST: (void)printf("Redirect Type of Service and Host"); break; default: (void)printf("Redirect, Bad Code: %d", icp->icmp_code); break; } (void)printf("(New addr: %s)\n", inet_ntoa(icp->icmp_gwaddr)); #ifndef icmp_data pr_retip(&icp->icmp_ip); #else pr_retip((struct ip *)icp->icmp_data); #endif break; case ICMP_ECHO: (void)printf("Echo Request\n"); /* XXX ID + Seq + Data */ break; case ICMP_TIMXCEED: switch(icp->icmp_code) { case ICMP_TIMXCEED_INTRANS: (void)printf("Time to live exceeded\n"); break; case ICMP_TIMXCEED_REASS: (void)printf("Frag reassembly time exceeded\n"); break; default: (void)printf("Time exceeded, Bad Code: %d\n", icp->icmp_code); break; } #ifndef icmp_data pr_retip(&icp->icmp_ip); #else pr_retip((struct ip *)icp->icmp_data); #endif break; case ICMP_PARAMPROB: (void)printf("Parameter problem: pointer = 0x%02x\n", icp->icmp_hun.ih_pptr); #ifndef icmp_data pr_retip(&icp->icmp_ip); #else pr_retip((struct ip *)icp->icmp_data); #endif break; case ICMP_TSTAMP: (void)printf("Timestamp\n"); /* XXX ID + Seq + 3 timestamps */ break; case ICMP_TSTAMPREPLY: (void)printf("Timestamp Reply\n"); /* XXX ID + Seq + 3 timestamps */ break; case ICMP_IREQ: (void)printf("Information Request\n"); /* XXX ID + Seq */ break; case ICMP_IREQREPLY: (void)printf("Information Reply\n"); /* XXX ID + Seq */ break; case ICMP_MASKREQ: (void)printf("Address Mask Request\n"); break; case ICMP_MASKREPLY: (void)printf("Address Mask Reply\n"); break; case ICMP_ROUTERADVERT: (void)printf("Router Advertisement\n"); break; case ICMP_ROUTERSOLICIT: (void)printf("Router Solicitation\n"); break; default: (void)printf("Bad ICMP type: %d\n", icp->icmp_type); } } /* * pr_iph -- * Print an IP header with options. */ static void pr_iph(struct ip *ip) { u_char *cp; int hlen; hlen = ip->ip_hl << 2; cp = (u_char *)ip + 20; /* point to options */ (void)printf("Vr HL TOS Len ID Flg off TTL Pro cks Src Dst\n"); (void)printf(" %1x %1x %02x %04x %04x", ip->ip_v, ip->ip_hl, ip->ip_tos, ntohs(ip->ip_len), ntohs(ip->ip_id)); (void)printf(" %1lx %04lx", (u_long) (ntohl(ip->ip_off) & 0xe000) >> 13, (u_long) ntohl(ip->ip_off) & 0x1fff); (void)printf(" %02x %02x %04x", ip->ip_ttl, ip->ip_p, ntohs(ip->ip_sum)); (void)printf(" %s ", inet_ntoa(*(struct in_addr *)&ip->ip_src.s_addr)); (void)printf(" %s ", inet_ntoa(*(struct in_addr *)&ip->ip_dst.s_addr)); /* dump any option bytes */ while (hlen-- > 20) { (void)printf("%02x", *cp++); } (void)putchar('\n'); } /* * pr_addr -- * Return an ascii host address as a dotted quad and optionally with * a hostname. */ static char * pr_addr(struct in_addr ina) { struct hostent *hp; static char buf[16 + 3 + MAXHOSTNAMELEN]; if (options & F_NUMERIC) return inet_ntoa(ina); -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER if (capdns != NULL) hp = cap_gethostbyaddr(capdns, (char *)&ina, 4, AF_INET); else #endif hp = gethostbyaddr((char *)&ina, 4, AF_INET); if (hp == NULL) return inet_ntoa(ina); (void)snprintf(buf, sizeof(buf), "%s (%s)", hp->h_name, inet_ntoa(ina)); return(buf); } /* * pr_retip -- * Dump some info on a returned (via ICMP) IP packet. */ static void pr_retip(struct ip *ip) { u_char *cp; int hlen; pr_iph(ip); hlen = ip->ip_hl << 2; cp = (u_char *)ip + hlen; if (ip->ip_p == 6) (void)printf("TCP: from port %u, to port %u (decimal)\n", (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3))); else if (ip->ip_p == 17) (void)printf("UDP: from port %u, to port %u (decimal)\n", (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3))); } static char * pr_ntime(n_time timestamp) { static char buf[10]; int hour, min, sec; sec = ntohl(timestamp) / 1000; hour = sec / 60 / 60; min = (sec % (60 * 60)) / 60; sec = (sec % (60 * 60)) % 60; (void)snprintf(buf, sizeof(buf), "%02d:%02d:%02d", hour, min, sec); return (buf); } static void fill(char *bp, char *patp) { char *cp; int pat[16]; u_int ii, jj, kk; for (cp = patp; *cp; cp++) { if (!isxdigit(*cp)) errx(EX_USAGE, "patterns must be specified as hex digits"); } ii = sscanf(patp, "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x", &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6], &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12], &pat[13], &pat[14], &pat[15]); if (ii > 0) for (kk = 0; kk <= maxpayload - (TIMEVAL_LEN + ii); kk += ii) for (jj = 0; jj < ii; ++jj) bp[jj + kk] = pat[jj]; if (!(options & F_QUIET)) { (void)printf("PATTERN: 0x"); for (jj = 0; jj < ii; ++jj) (void)printf("%02x", bp[jj] & 0xFF); (void)printf("\n"); } } -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER static cap_channel_t * capdns_setup(void) { cap_channel_t *capcas, *capdnsloc; const char *types[2]; int families[1]; capcas = cap_init(); - if (capcas == NULL) { - warn("unable to contact casperd"); - return (NULL); - } + if (capcas == NULL) + err(1, "unable to create casper process"); capdnsloc = cap_service_open(capcas, "system.dns"); /* Casper capability no longer needed. */ cap_close(capcas); if (capdnsloc == NULL) err(1, "unable to open system.dns service"); types[0] = "NAME"; types[1] = "ADDR"; if (cap_dns_type_limit(capdnsloc, types, 2) < 0) err(1, "unable to limit access to system.dns service"); families[0] = AF_INET; if (cap_dns_family_limit(capdnsloc, families, 1) < 0) err(1, "unable to limit access to system.dns service"); return (capdnsloc); } -#endif /* HAVE_LIBCAPSICUM */ +#endif /* HAVE_LIBCASPER */ #if defined(IPSEC) && defined(IPSEC_POLICY_IPSEC) #define SECOPT " [-P policy]" #else #define SECOPT "" #endif static void usage(void) { (void)fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n", "usage: ping [-AaDdfnoQqRrv] [-c count] [-G sweepmaxsize] [-g sweepminsize]", " [-h sweepincrsize] [-i wait] [-l preload] [-M mask | time] [-m ttl]", " " SECOPT " [-p pattern] [-S src_addr] [-s packetsize] [-t timeout]", " [-W waittime] [-z tos] host", " ping [-AaDdfLnoQqRrv] [-c count] [-I iface] [-i wait] [-l preload]", " [-M mask | time] [-m ttl]" SECOPT " [-p pattern] [-S src_addr]", " [-s packetsize] [-T ttl] [-t timeout] [-W waittime]", " [-z tos] mcast-group"); exit(EX_USAGE); } Index: head/share/man/man4/capsicum.4 =================================================================== --- head/share/man/man4/capsicum.4 (revision 296046) +++ head/share/man/man4/capsicum.4 (revision 296047) @@ -1,127 +1,126 @@ .\" .\" Copyright (c) 2011, 2013 Robert N. M. Watson .\" Copyright (c) 2011 Jonathan Anderson .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" -.Dd July 25, 2015 +.Dd February 25, 2016 .Dt CAPSICUM 4 .Os .Sh NAME .Nm Capsicum .Nd lightweight OS capability and sandbox framework .Sh SYNOPSIS .Cd "options CAPABILITY_MODE" .Cd "options CAPABILITIES" .Sh DESCRIPTION .Nm is a lightweight OS capability and sandbox framework implementing a hybrid capability system model. .Nm can be used for application and library compartmentalisation, the decomposition of larger bodies of software into isolated (sandboxed) components in order to implement security policies and limit the impact of software vulnerabilities. .Pp .Nm provides two core kernel primitives: .Bl -tag -width indent .It capability mode A process mode, entered by invoking .Xr cap_enter 2 , in which access to global OS namespaces (such as the file system and PID namespaces) is restricted; only explicitly delegated rights, referenced by memory mappings or file descriptors, may be used. Once set, the flag is inherited by future children processes, and may not be cleared. .It capabilities Limit operations that can be called on file descriptors. For example, a file descriptor returned by .Xr open 2 may be refined using .Xr cap_rights_limit 2 so that only .Xr read 2 and .Xr write 2 can be called, but not .Xr fchmod 2 . The complete list of the capability rights can be found in the .Xr rights 4 manual page. .El .Pp In some cases, .Nm requires use of alternatives to traditional POSIX APIs in order to name objects using capabilities rather than global namespaces: .Bl -tag -width indent .It process descriptors File descriptors representing processes, allowing parent processes to manage child processes without requiring access to the PID namespace; described in greater detail in .Xr procdesc 4 . .It anonymous shared memory An extension to the POSIX shared memory API to support anonymous swap objects associated with file descriptors; described in greater detail in .Xr shm_open 2 . .El .Sh SEE ALSO .Xr cap_enter 2 , .Xr cap_fcntls_limit 2 , .Xr cap_getmode 2 , .Xr cap_ioctls_limit 2 , .Xr cap_rights_limit 2 , .Xr fchmod 2 , .Xr open 2 , .Xr pdfork 2 , .Xr pdgetpid 2 , .Xr pdkill 2 , .Xr pdwait4 2 , .Xr read 2 , .Xr shm_open 2 , .Xr write 2 , .Xr cap_rights_get 3 , -.Xr libcapsicum 3 , +.Xr casper 3 , .Xr procdesc 4 , -.Xr casperd 8 .Sh HISTORY .Nm first appeared in .Fx 9.0 , and was developed at the University of Cambridge. .Sh AUTHORS .Nm was developed by .An -nosplit .An Robert Watson Aq Mt rwatson@FreeBSD.org and .An Jonathan Anderson Aq Mt jonathan@FreeBSD.org at the University of Cambridge, and .An Ben Laurie Aq Mt benl@FreeBSD.org and .An Kris Kennaway Aq Mt kris@FreeBSD.org at Google, Inc., and .An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net . Index: head/share/mk/bsd.libnames.mk =================================================================== --- head/share/mk/bsd.libnames.mk (revision 296046) +++ head/share/mk/bsd.libnames.mk (revision 296047) @@ -1,187 +1,186 @@ # $FreeBSD$ # The include file define library names. # Other include files (e.g. bsd.prog.mk, bsd.lib.mk) include this # file where necessary. .if !target(____) .error bsd.libnames.mk cannot be included directly. .endif .sinclude # Src directory locations are also defined in src.libnames.mk. LIBCRT0?= ${DESTDIR}${LIBDIR}/crt0.o LIB80211?= ${DESTDIR}${LIBDIR}/lib80211.a LIBALIAS?= ${DESTDIR}${LIBDIR}/libalias.a LIBARCHIVE?= ${DESTDIR}${LIBDIR}/libarchive.a LIBASN1?= ${DESTDIR}${LIBDIR}/libasn1.a LIBATM?= ${DESTDIR}${LIBDIR}/libatm.a LIBAUDITD?= ${DESTDIR}${LIBDIR}/libauditd.a LIBAVL?= ${DESTDIR}${LIBDIR}/libavl.a LIBBEGEMOT?= ${DESTDIR}${LIBDIR}/libbegemot.a LIBBLUETOOTH?= ${DESTDIR}${LIBDIR}/libbluetooth.a LIBBSDXML?= ${DESTDIR}${LIBDIR}/libbsdxml.a LIBBSM?= ${DESTDIR}${LIBDIR}/libbsm.a LIBBSNMP?= ${DESTDIR}${LIBDIR}/libbsnmp.a LIBBZ2?= ${DESTDIR}${LIBDIR}/libbz2.a LIBC?= ${DESTDIR}${LIBDIR}/libc.a LIBCALENDAR?= ${DESTDIR}${LIBDIR}/libcalendar.a LIBCAM?= ${DESTDIR}${LIBDIR}/libcam.a -LIBCAPSICUM?= ${DESTDIR}${LIBDIR}/libcapsicum.a LIBCASPER?= ${DESTDIR}${LIBDIR}/libcasper.a LIBCOMPAT?= ${DESTDIR}${LIBDIR}/libcompat.a LIBCOMPILER_RT?=${DESTDIR}${LIBDIR}/libcompiler_rt.a LIBCOM_ERR?= ${DESTDIR}${LIBDIR}/libcom_err.a LIBCPLUSPLUS?= ${DESTDIR}${LIBDIR}/libc++.a LIBCRYPT?= ${DESTDIR}${LIBDIR}/libcrypt.a LIBCRYPTO?= ${DESTDIR}${LIBDIR}/libcrypto.a LIBCTF?= ${DESTDIR}${LIBDIR}/libctf.a LIBCURSES?= ${DESTDIR}${LIBDIR}/libcurses.a LIBCUSE?= ${DESTDIR}${LIBDIR}/libcuse.a LIBCXGB4?= ${DESTDIR}${LIBDIR}/libcxgb4.a LIBCXXRT?= ${DESTDIR}${LIBDIR}/libcxxrt.a LIBC_PIC?= ${DESTDIR}${LIBDIR}/libc_pic.a LIBDEVCTL?= ${DESTDIR}${LIBDIR}/libdevctl.a LIBDEVINFO?= ${DESTDIR}${LIBDIR}/libdevinfo.a LIBDEVSTAT?= ${DESTDIR}${LIBDIR}/libdevstat.a LIBDIALOG?= ${DESTDIR}${LIBDIR}/libdialog.a LIBDNS?= ${DESTDIR}${LIBDIR}/libdns.a LIBDPV?= ${DESTDIR}${LIBDIR}/libdpv.a LIBDTRACE?= ${DESTDIR}${LIBDIR}/libdtrace.a LIBDWARF?= ${DESTDIR}${LIBDIR}/libdwarf.a LIBEDIT?= ${DESTDIR}${LIBDIR}/libedit.a LIBELF?= ${DESTDIR}${LIBDIR}/libelf.a LIBEXECINFO?= ${DESTDIR}${LIBDIR}/libexecinfo.a LIBFETCH?= ${DESTDIR}${LIBDIR}/libfetch.a LIBFIGPAR?= ${DESTDIR}${LIBDIR}/libfigpar.a LIBFL?= "don't use LIBFL, use LIBL" LIBFORM?= ${DESTDIR}${LIBDIR}/libform.a LIBG2C?= ${DESTDIR}${LIBDIR}/libg2c.a LIBGEOM?= ${DESTDIR}${LIBDIR}/libgeom.a LIBGNUREGEX?= ${DESTDIR}${LIBDIR}/libgnuregex.a LIBGPIO?= ${DESTDIR}${LIBDIR}/libgpio.a LIBGSSAPI?= ${DESTDIR}${LIBDIR}/libgssapi.a LIBGSSAPI_KRB5?= ${DESTDIR}${LIBDIR}/libgssapi_krb5.a LIBHDB?= ${DESTDIR}${LIBDIR}/libhdb.a LIBHEIMBASE?= ${DESTDIR}${LIBDIR}/libheimbase.a LIBHEIMNTLM?= ${DESTDIR}${LIBDIR}/libheimntlm.a LIBHEIMSQLITE?= ${DESTDIR}${LIBDIR}/libheimsqlite.a LIBHX509?= ${DESTDIR}${LIBDIR}/libhx509.a LIBIBCM?= ${DESTDIR}${LIBDIR}/libibcm.a LIBIBCOMMON?= ${DESTDIR}${LIBDIR}/libibcommon.a LIBIBMAD?= ${DESTDIR}${LIBDIR}/libibmad.a LIBIBSDP?= ${DESTDIR}${LIBDIR}/libibsdp.a LIBIBUMAD?= ${DESTDIR}${LIBDIR}/libibumad.a LIBIBVERBS?= ${DESTDIR}${LIBDIR}/libibverbs.a LIBIPSEC?= ${DESTDIR}${LIBDIR}/libipsec.a LIBJAIL?= ${DESTDIR}${LIBDIR}/libjail.a LIBKADM5CLNT?= ${DESTDIR}${LIBDIR}/libkadm5clnt.a LIBKADM5SRV?= ${DESTDIR}${LIBDIR}/libkadm5srv.a LIBKAFS5?= ${DESTDIR}${LIBDIR}/libkafs5.a LIBKDC?= ${DESTDIR}${LIBDIR}/libkdc.a LIBKEYCAP?= ${DESTDIR}${LIBDIR}/libkeycap.a LIBKICONV?= ${DESTDIR}${LIBDIR}/libkiconv.a LIBKRB5?= ${DESTDIR}${LIBDIR}/libkrb5.a LIBKVM?= ${DESTDIR}${LIBDIR}/libkvm.a LIBL?= ${DESTDIR}${LIBDIR}/libl.a LIBLN?= "don't use LIBLN, use LIBL" LIBLZMA?= ${DESTDIR}${LIBDIR}/liblzma.a LIBM?= ${DESTDIR}${LIBDIR}/libm.a LIBMAGIC?= ${DESTDIR}${LIBDIR}/libmagic.a LIBMD?= ${DESTDIR}${LIBDIR}/libmd.a LIBMEMSTAT?= ${DESTDIR}${LIBDIR}/libmemstat.a LIBMENU?= ${DESTDIR}${LIBDIR}/libmenu.a LIBMILTER?= ${DESTDIR}${LIBDIR}/libmilter.a LIBMLX4?= ${DESTDIR}${LIBDIR}/libmlx4.a LIBMP?= ${DESTDIR}${LIBDIR}/libmp.a LIBMT?= ${DESTDIR}${LIBDIR}/libmt.a LIBMTHCA?= ${DESTDIR}${LIBDIR}/libmthca.a LIBNANDFS?= ${DESTDIR}${LIBDIR}/libnandfs.a LIBNCURSES?= ${DESTDIR}${LIBDIR}/libncurses.a LIBNCURSESW?= ${DESTDIR}${LIBDIR}/libncursesw.a LIBNETGRAPH?= ${DESTDIR}${LIBDIR}/libnetgraph.a LIBNGATM?= ${DESTDIR}${LIBDIR}/libngatm.a LIBNV?= ${DESTDIR}${LIBDIR}/libnv.a LIBNVPAIR?= ${DESTDIR}${LIBDIR}/libnvpair.a LIBOPENSM?= ${DESTDIR}${LIBDIR}/libopensm.a LIBOPIE?= ${DESTDIR}${LIBDIR}/libopie.a LIBOSMCOMP?= ${DESTDIR}${LIBDIR}/libosmcomp.a LIBOSMVENDOR?= ${DESTDIR}${LIBDIR}/libosmvendor.a LIBPAM?= ${DESTDIR}${LIBDIR}/libpam.a LIBPANEL?= ${DESTDIR}${LIBDIR}/libpanel.a LIBPANELW?= ${DESTDIR}${LIBDIR}/libpanelw.a LIBPCAP?= ${DESTDIR}${LIBDIR}/libpcap.a LIBPJDLOG?= ${DESTDIR}${LIBDIR}/libpjdlog.a LIBPMC?= ${DESTDIR}${LIBDIR}/libpmc.a LIBPROC?= ${DESTDIR}${LIBDIR}/libproc.a LIBPROCSTAT?= ${DESTDIR}${LIBDIR}/libprocstat.a LIBPTHREAD?= ${DESTDIR}${LIBDIR}/libpthread.a LIBRADIUS?= ${DESTDIR}${LIBDIR}/libradius.a LIBRDMACM?= ${DESTDIR}${LIBDIR}/librdmacm.a LIBROKEN?= ${DESTDIR}${LIBDIR}/libroken.a LIBRPCSEC_GSS?= ${DESTDIR}${LIBDIR}/librpcsec_gss.a LIBRPCSVC?= ${DESTDIR}${LIBDIR}/librpcsvc.a LIBRT?= ${DESTDIR}${LIBDIR}/librt.a LIBRTLD_DB?= ${DESTDIR}${LIBDIR}/librtld_db.a LIBSBUF?= ${DESTDIR}${LIBDIR}/libsbuf.a LIBSDP?= ${DESTDIR}${LIBDIR}/libsdp.a LIBSMB?= ${DESTDIR}${LIBDIR}/libsmb.a LIBSSL?= ${DESTDIR}${LIBDIR}/libssl.a LIBSSP_NONSHARED?= ${DESTDIR}${LIBDIR}/libssp_nonshared.a LIBSTAND?= ${DESTDIR}${LIBDIR}/libstand.a LIBSTDCPLUSPLUS?= ${DESTDIR}${LIBDIR}/libstdc++.a LIBSTDTHREADS?= ${DESTDIR}${LIBDIR}/libstdthreads.a LIBSYSDECODE?= ${DESTDIR}${LIBDIR}/libsysdecode.a LIBTACPLUS?= ${DESTDIR}${LIBDIR}/libtacplus.a LIBTERMCAP?= ${DESTDIR}${LIBDIR}/libtermcap.a LIBTERMCAPW?= ${DESTDIR}${LIBDIR}/libtermcapw.a LIBTERMLIB?= "don't use LIBTERMLIB, use LIBTERMCAP" LIBTINFO?= "don't use LIBTINFO, use LIBNCURSES" LIBUFS?= ${DESTDIR}${LIBDIR}/libufs.a LIBUGIDFW?= ${DESTDIR}${LIBDIR}/libugidfw.a LIBULOG?= ${DESTDIR}${LIBDIR}/libulog.a LIBUMEM?= ${DESTDIR}${LIBDIR}/libumem.a LIBUSB?= ${DESTDIR}${LIBDIR}/libusb.a LIBUSBHID?= ${DESTDIR}${LIBDIR}/libusbhid.a LIBUTIL?= ${DESTDIR}${LIBDIR}/libutil.a LIBUUTIL?= ${DESTDIR}${LIBDIR}/libuutil.a LIBVGL?= ${DESTDIR}${LIBDIR}/libvgl.a LIBVMMAPI?= ${DESTDIR}${LIBDIR}/libvmmapi.a LIBWIND?= ${DESTDIR}${LIBDIR}/libwind.a LIBWRAP?= ${DESTDIR}${LIBDIR}/libwrap.a LIBXO?= ${DESTDIR}${LIBDIR}/libxo.a LIBXPG4?= ${DESTDIR}${LIBDIR}/libxpg4.a LIBY?= ${DESTDIR}${LIBDIR}/liby.a LIBYPCLNT?= ${DESTDIR}${LIBDIR}/libypclnt.a LIBZ?= ${DESTDIR}${LIBDIR}/libz.a LIBZFS?= ${DESTDIR}${LIBDIR}/libzfs.a LIBZFS_CORE?= ${DESTDIR}${LIBDIR}/libzfs_core.a LIBZPOOL?= ${DESTDIR}${LIBDIR}/libzpool.a # enforce the 2 -lpthread and -lc to always be the last in that exact order .if defined(LDADD) .if ${LDADD:M-lpthread} LDADD:= ${LDADD:N-lpthread} -lpthread .endif .if ${LDADD:M-lc} LDADD:= ${LDADD:N-lc} -lc .endif .endif # Only do this for src builds. .if defined(SRCTOP) .if defined(_LIBRARIES) && defined(LIB) && \ ${_LIBRARIES:M${LIB}} != "" .if !defined(LIB${LIB:tu}) .error ${.CURDIR}: Missing value for LIB${LIB:tu} in ${_this:T}. Likely should be: LIB${LIB:tu}?= $${DESTDIR}$${LIBDIR}/lib${LIB}.a .endif .endif # Derive LIB*SRCDIR from LIB*DIR .for lib in ${_LIBRARIES} LIB${lib:tu}SRCDIR?= ${SRCTOP}/${LIB${lib:tu}DIR:S,^${OBJTOP}/,,} .endfor .endif Index: head/share/mk/src.libnames.mk =================================================================== --- head/share/mk/src.libnames.mk (revision 296046) +++ head/share/mk/src.libnames.mk (revision 296047) @@ -1,536 +1,563 @@ # $FreeBSD$ # # The include file define library names suitable # for INTERNALLIB and PRIVATELIB definition .if !target(____) .error src.libnames.mk cannot be included directly. .endif .if !target(____) ____: .include _PRIVATELIBS= \ atf_c \ atf_cxx \ bsdstat \ event \ heimipcc \ heimipcs \ ldns \ sqlite3 \ ssh \ ucl \ unbound _INTERNALLIBS= \ amu \ bsnmptools \ cron \ elftc \ fifolog \ ipf \ lpr \ netbsd \ ntp \ ntpevent \ openbsd \ opts \ parse \ pe \ readline \ sl \ sm \ smdb \ smutil \ telnet \ vers _LIBRARIES= \ ${_PRIVATELIBS} \ ${_INTERNALLIBS} \ ${LOCAL_LIBRARIES} \ 80211 \ alias \ archive \ asn1 \ auditd \ avl \ begemot \ bluetooth \ bsdxml \ bsm \ bsnmp \ bz2 \ c \ c_pic \ calendar \ cam \ - capsicum \ casper \ + cap_dns \ + cap_grp \ + cap_pwd \ + cap_random \ + cap_sysctl \ com_err \ compiler_rt \ crypt \ crypto \ ctf \ cuse \ cxxrt \ devctl \ devinfo \ devstat \ dialog \ dpv \ dtrace \ dwarf \ edit \ elf \ execinfo \ fetch \ figpar \ geom \ gnuregex \ gpio \ gssapi \ gssapi_krb5 \ hdb \ heimbase \ heimntlm \ heimsqlite \ hx509 \ ipsec \ jail \ kadm5clnt \ kadm5srv \ kafs5 \ kdc \ kiconv \ krb5 \ kvm \ l \ lzma \ m \ magic \ md \ memstat \ mp \ mt \ nandfs \ ncurses \ ncursesw \ netgraph \ ngatm \ nv \ nvpair \ opie \ pam \ panel \ panelw \ pcap \ pcsclite \ pjdlog \ pmc \ proc \ procstat \ pthread \ radius \ readline \ roken \ rpcsec_gss \ rpcsvc \ rt \ rtld_db \ sbuf \ sdp \ sm \ smb \ ssl \ ssp_nonshared \ stdthreads \ supcplusplus \ sysdecode \ tacplus \ termcap \ termcapw \ ufs \ ugidfw \ ulog \ umem \ usb \ usbhid \ util \ uutil \ vmmapi \ wind \ wrap \ xo \ y \ ypclnt \ z \ zfs_core \ zfs \ zpool \ .if ${MK_OFED} != "no" _LIBRARIES+= \ cxgb4 \ ibcm \ ibcommon \ ibmad \ ibsdp \ ibumad \ ibverbs \ mlx4 \ mthca \ opensm \ osmcomp \ osmvendor \ rdmacm \ .endif # Each library's LIBADD needs to be duplicated here for static linkage of # 2nd+ order consumers. Auto-generating this would be better. _DP_80211= sbuf bsdxml _DP_archive= z bz2 lzma bsdxml .if ${MK_OPENSSL} != "no" _DP_archive+= crypto .else _DP_archive+= md .endif _DP_sqlite3= pthread _DP_ssl= crypto _DP_ssh= crypto crypt z .if ${MK_LDNS} != "no" _DP_ssh+= ldns .endif _DP_edit= ncursesw .if ${MK_OPENSSL} != "no" _DP_bsnmp= crypto .endif _DP_geom= bsdxml sbuf _DP_cam= sbuf -_DP_casper= capsicum nv pjdlog -_DP_capsicum= nv _DP_kvm= elf +_DP_casper= nv +_DP_cap_dns= nv +_DP_cap_grp= nv +_DP_cap_pwd= nv +_DP_cap_random= nv +_DP_cap_sysctl= nv _DP_pjdlog= util _DP_opie= md _DP_usb= pthread _DP_unbound= ssl crypto pthread _DP_rt= pthread .if ${MK_OPENSSL} == "no" _DP_radius= md .else _DP_radius= crypto .endif _DP_procstat= kvm util elf .if ${MK_CXX} == "yes" .if ${MK_LIBCPLUSPLUS} != "no" _DP_proc= cxxrt .else _DP_proc= supcplusplus .endif .endif .if ${MK_CDDL} != "no" _DP_proc+= ctf .endif _DP_proc+= elf rtld_db util _DP_mp= crypto _DP_memstat= kvm _DP_magic= z _DP_mt= sbuf bsdxml _DP_ldns= crypto .if ${MK_OPENSSL} != "no" _DP_fetch= ssl crypto .else _DP_fetch= md .endif _DP_execinfo= elf _DP_dwarf= elf _DP_dpv= dialog figpar util ncursesw _DP_dialog= ncursesw m _DP_cuse= pthread _DP_atf_cxx= atf_c _DP_devstat= kvm _DP_pam= radius tacplus opie md util .if ${MK_KERBEROS} != "no" _DP_pam+= krb5 .endif .if ${MK_OPENSSH} != "no" _DP_pam+= ssh .endif .if ${MK_NIS} != "no" _DP_pam+= ypclnt .endif _DP_readline= ncursesw _DP_roken= crypt _DP_kadm5clnt= com_err krb5 roken _DP_kadm5srv= com_err hdb krb5 roken _DP_heimntlm= crypto com_err krb5 roken _DP_hx509= asn1 com_err crypto roken wind _DP_hdb= asn1 com_err krb5 roken sqlite3 _DP_asn1= com_err roken _DP_kdc= roken hdb hx509 krb5 heimntlm asn1 crypto _DP_wind= com_err roken _DP_heimbase= pthread _DP_heimipcc= heimbase roken pthread _DP_heimipcs= heimbase roken pthread _DP_kafs5= asn1 krb5 roken _DP_krb5+= asn1 com_err crypt crypto hx509 roken wind heimbase heimipcc _DP_gssapi_krb5+= gssapi krb5 crypto roken asn1 com_err _DP_lzma= pthread _DP_ucl= m _DP_vmmapi= util _DP_ctf= z _DP_dtrace= ctf elf proc pthread rtld_db _DP_xo= util # The libc dependencies are not strictly needed but are defined to make the # assert happy. _DP_c= compiler_rt .if ${MK_SSP} != "no" _DP_c+= ssp_nonshared .endif _DP_stdthreads= pthread _DP_tacplus= md _DP_panel= ncurses _DP_panelw= ncursesw _DP_rpcsec_gss= gssapi _DP_smb= kiconv _DP_ulog= md _DP_fifolog= z _DP_ipf= kvm _DP_zfs= md pthread umem util uutil m nvpair avl bsdxml geom nvpair z \ zfs_core _DP_zfs_core= nvpair _DP_zpool= md pthread z nvpair avl umem # Define special cases LDADD_supcplusplus= -lsupc++ LIBATF_C= ${DESTDIR}${LIBDIR}/libprivateatf-c.a LIBATF_CXX= ${DESTDIR}${LIBDIR}/libprivateatf-c++.a LDADD_atf_c= -lprivateatf-c LDADD_atf_cxx= -lprivateatf-c++ .for _l in ${_PRIVATELIBS} LIB${_l:tu}?= ${DESTDIR}${LIBDIR}/libprivate${_l}.a .endfor .for _l in ${_LIBRARIES} .if ${_INTERNALLIBS:M${_l}} LDADD_${_l}_L+= -L${LIB${_l:tu}DIR} .endif DPADD_${_l}?= ${LIB${_l:tu}} .if ${_PRIVATELIBS:M${_l}} LDADD_${_l}?= -lprivate${_l} .else LDADD_${_l}?= ${LDADD_${_l}_L} -l${_l} .endif # Add in all dependencies for static linkage. .if defined(_DP_${_l}) && (${_INTERNALLIBS:M${_l}} || \ (defined(NO_SHARED) && (${NO_SHARED} != "no" && ${NO_SHARED} != "NO"))) .for _d in ${_DP_${_l}} DPADD_${_l}+= ${DPADD_${_d}} LDADD_${_l}+= ${LDADD_${_d}} .endfor .endif .endfor # These are special cases where the library is broken and anything that uses # it needs to add more dependencies. Broken usually means that it has a # cyclic dependency and cannot link its own dependencies. This is bad, please # fix the library instead. # Unless the library itself is broken then the proper place to define # dependencies is _DP_* above. # libatf-c++ exposes libatf-c abi hence we need to explicit link to atf_c for # atf_cxx DPADD_atf_cxx+= ${DPADD_atf_c} LDADD_atf_cxx+= ${LDADD_atf_c} # Detect LDADD/DPADD that should be LIBADD, before modifying LDADD here. _BADLDADD= .for _l in ${LDADD:M-l*:N-l*/*:C,^-l,,} .if ${_LIBRARIES:M${_l}} && !${_PRIVATELIBS:M${_l}} _BADLDADD+= ${_l} .endif .endfor .if !empty(_BADLDADD) .error ${.CURDIR}: These libraries should be LIBADD+=foo rather than DPADD/LDADD+=-lfoo: ${_BADLDADD} .endif .for _l in ${LIBADD} DPADD+= ${DPADD_${_l}} LDADD+= ${LDADD_${_l}} .endfor # INTERNALLIB definitions. LIBELFTCDIR= ${OBJTOP}/lib/libelftc LIBELFTC?= ${LIBELFTCDIR}/libelftc.a LIBPEDIR= ${OBJTOP}/lib/libpe LIBPE?= ${LIBPEDIR}/libpe.a LIBREADLINEDIR= ${OBJTOP}/gnu/lib/libreadline/readline LIBREADLINE?= ${LIBREADLINEDIR}/libreadline.a LIBOPENBSDDIR= ${OBJTOP}/lib/libopenbsd LIBOPENBSD?= ${LIBOPENBSDDIR}/libopenbsd.a LIBSMDIR= ${OBJTOP}/lib/libsm LIBSM?= ${LIBSMDIR}/libsm.a LIBSMDBDIR= ${OBJTOP}/lib/libsmdb LIBSMDB?= ${LIBSMDBDIR}/libsmdb.a LIBSMUTILDIR= ${OBJTOP}/lib/libsmutil LIBSMUTIL?= ${LIBSMDBDIR}/libsmutil.a LIBNETBSDDIR?= ${OBJTOP}/lib/libnetbsd LIBNETBSD?= ${LIBNETBSDDIR}/libnetbsd.a LIBVERSDIR?= ${OBJTOP}/kerberos5/lib/libvers LIBVERS?= ${LIBVERSDIR}/libvers.a LIBSLDIR= ${OBJTOP}/kerberos5/lib/libsl LIBSL?= ${LIBSLDIR}/libsl.a LIBIPFDIR= ${OBJTOP}/sbin/ipf/libipf LIBIPF?= ${LIBIPFDIR}/libipf.a LIBTELNETDIR= ${OBJTOP}/lib/libtelnet LIBTELNET?= ${LIBTELNETDIR}/libtelnet.a LIBCRONDIR= ${OBJTOP}/usr.sbin/cron/lib LIBCRON?= ${LIBCRONDIR}/libcron.a LIBNTPDIR= ${OBJTOP}/usr.sbin/ntp/libntp LIBNTP?= ${LIBNTPDIR}/libntp.a LIBNTPEVENTDIR= ${OBJTOP}/usr.sbin/ntp/libntpevent LIBNTPEVENT?= ${LIBNTPEVENTDIR}/libntpevent.a LIBOPTSDIR= ${OBJTOP}/usr.sbin/ntp/libopts LIBOPTS?= ${LIBOPTSDIR}/libopts.a LIBPARSEDIR= ${OBJTOP}/usr.sbin/ntp/libparse LIBPARSE?= ${LIBPARSEDIR}/libparse.a LIBLPRDIR= ${OBJTOP}/usr.sbin/lpr/common_source LIBLPR?= ${LIBOPTSDIR}/liblpr.a LIBFIFOLOGDIR= ${OBJTOP}/usr.sbin/fifolog/lib LIBFIFOLOG?= ${LIBOPTSDIR}/libfifolog.a LIBBSNMPTOOLSDIR= ${OBJTOP}/usr.sbin/bsnmpd/tools/libbsnmptools LIBBSNMPTOOLS?= ${LIBBSNMPTOOLSDIR}/libbsnmptools.a LIBAMUDIR= ${OBJTOP}/usr.sbin/amd/libamu LIBAMU?= ${LIBAMUDIR}/libamu/libamu.a # Define a directory for each library. This is useful for adding -L in when # not using a --sysroot or for meta mode bootstrapping when there is no # Makefile.depend. These are sorted by directory. LIBAVLDIR= ${OBJTOP}/cddl/lib/libavl LIBCTFDIR= ${OBJTOP}/cddl/lib/libctf LIBDTRACEDIR= ${OBJTOP}/cddl/lib/libdtrace LIBNVPAIRDIR= ${OBJTOP}/cddl/lib/libnvpair LIBUMEMDIR= ${OBJTOP}/cddl/lib/libumem LIBUUTILDIR= ${OBJTOP}/cddl/lib/libuutil LIBZFSDIR= ${OBJTOP}/cddl/lib/libzfs LIBZFS_COREDIR= ${OBJTOP}/cddl/lib/libzfs_core LIBZPOOLDIR= ${OBJTOP}/cddl/lib/libzpool LIBCXGB4DIR= ${OBJTOP}/contrib/ofed/usr.lib/libcxgb4 LIBIBCMDIR= ${OBJTOP}/contrib/ofed/usr.lib/libibcm LIBIBCOMMONDIR= ${OBJTOP}/contrib/ofed/usr.lib/libibcommon LIBIBMADDIR= ${OBJTOP}/contrib/ofed/usr.lib/libibmad LIBIBUMADDIR= ${OBJTOP}/contrib/ofed/usr.lib/libibumad LIBIBVERBSDIR= ${OBJTOP}/contrib/ofed/usr.lib/libibverbs LIBMLX4DIR= ${OBJTOP}/contrib/ofed/usr.lib/libmlx4 LIBMTHCADIR= ${OBJTOP}/contrib/ofed/usr.lib/libmthca LIBOPENSMDIR= ${OBJTOP}/contrib/ofed/usr.lib/libopensm LIBOSMCOMPDIR= ${OBJTOP}/contrib/ofed/usr.lib/libosmcomp LIBOSMVENDORDIR= ${OBJTOP}/contrib/ofed/usr.lib/libosmvendor LIBRDMACMDIR= ${OBJTOP}/contrib/ofed/usr.lib/librdmacm LIBIBSDPDIR= ${OBJTOP}/contrib/ofed/usr.lib/libsdp LIBDIALOGDIR= ${OBJTOP}/gnu/lib/libdialog LIBGCOVDIR= ${OBJTOP}/gnu/lib/libgcov LIBGOMPDIR= ${OBJTOP}/gnu/lib/libgomp LIBGNUREGEXDIR= ${OBJTOP}/gnu/lib/libregex LIBSSPDIR= ${OBJTOP}/gnu/lib/libssp LIBSSP_NONSHAREDDIR= ${OBJTOP}/gnu/lib/libssp/libssp_nonshared LIBSUPCPLUSPLUSDIR= ${OBJTOP}/gnu/lib/libsupc++ LIBASN1DIR= ${OBJTOP}/kerberos5/lib/libasn1 LIBGSSAPI_KRB5DIR= ${OBJTOP}/kerberos5/lib/libgssapi_krb5 LIBGSSAPI_NTLMDIR= ${OBJTOP}/kerberos5/lib/libgssapi_ntlm LIBGSSAPI_SPNEGODIR= ${OBJTOP}/kerberos5/lib/libgssapi_spnego LIBHDBDIR= ${OBJTOP}/kerberos5/lib/libhdb LIBHEIMBASEDIR= ${OBJTOP}/kerberos5/lib/libheimbase LIBHEIMIPCCDIR= ${OBJTOP}/kerberos5/lib/libheimipcc LIBHEIMIPCSDIR= ${OBJTOP}/kerberos5/lib/libheimipcs LIBHEIMNTLMDIR= ${OBJTOP}/kerberos5/lib/libheimntlm LIBHX509DIR= ${OBJTOP}/kerberos5/lib/libhx509 LIBKADM5CLNTDIR= ${OBJTOP}/kerberos5/lib/libkadm5clnt LIBKADM5SRVDIR= ${OBJTOP}/kerberos5/lib/libkadm5srv LIBKAFS5DIR= ${OBJTOP}/kerberos5/lib/libkafs5 LIBKDCDIR= ${OBJTOP}/kerberos5/lib/libkdc LIBKRB5DIR= ${OBJTOP}/kerberos5/lib/libkrb5 LIBROKENDIR= ${OBJTOP}/kerberos5/lib/libroken LIBWINDDIR= ${OBJTOP}/kerberos5/lib/libwind LIBALIASDIR= ${OBJTOP}/lib/libalias/libalias LIBBLOCKSRUNTIMEDIR= ${OBJTOP}/lib/libblocksruntime LIBBSNMPDIR= ${OBJTOP}/lib/libbsnmp/libbsnmp LIBBSDXMLDIR= ${OBJTOP}/lib/libexpat LIBKVMDIR= ${OBJTOP}/lib/libkvm LIBPTHREADDIR= ${OBJTOP}/lib/libthr LIBMDIR= ${OBJTOP}/lib/msun LIBFORMDIR= ${OBJTOP}/lib/ncurses/form LIBFORMLIBWDIR= ${OBJTOP}/lib/ncurses/formw LIBMENUDIR= ${OBJTOP}/lib/ncurses/menu LIBMENULIBWDIR= ${OBJTOP}/lib/ncurses/menuw LIBNCURSESDIR= ${OBJTOP}/lib/ncurses/ncurses LIBNCURSESWDIR= ${OBJTOP}/lib/ncurses/ncursesw LIBPANELDIR= ${OBJTOP}/lib/ncurses/panel LIBPANELWDIR= ${OBJTOP}/lib/ncurses/panelw LIBCRYPTODIR= ${OBJTOP}/secure/lib/libcrypto LIBSSHDIR= ${OBJTOP}/secure/lib/libssh LIBSSLDIR= ${OBJTOP}/secure/lib/libssl LIBTEKENDIR= ${OBJTOP}/sys/teken/libteken LIBEGACYDIR= ${OBJTOP}/tools/build LIBLNDIR= ${OBJTOP}/usr.bin/lex/lib LIBTERMCAPDIR= ${LIBNCURSESDIR} LIBTERMCAPWDIR= ${LIBNCURSESWDIR} # Default other library directories to lib/libNAME. .for lib in ${_LIBRARIES} LIB${lib:tu}DIR?= ${OBJTOP}/lib/lib${lib} .endfor + +# Casper exception. +LIBCAP_CASPERDIR= ${OBJTOP}/lib/libcasper/libcasper +LIBCAP_CASPER= ${DESTDIR}${LIBDIR}/libcasper.a + +LIBCAP_DNSDIR= ${OBJTOP}/lib/libcasper/services/cap_dns +LIBCAP_DNS?= ${DESTDIR}${LIBDIR}/libcap_dns.a + +LIBCAP_GRPDIR= ${OBJTOP}/lib/libcasper/services/cap_grp +LIBCAP_GRP?= ${DESTDIR}${LIBDIR}/libcap_grp.a + +LIBCAP_PWDDIR= ${OBJTOP}/lib/libcasper/services/cap_pwd +LIBCAP_PWD?= ${DESTDIR}${LIBDIR}/libcap_pwd.a + +LIBCAP_RANDOMDIR= ${OBJTOP}/lib/libcasper/services/cap_random +LIBCAP_RANDOM?= ${DESTDIR}${LIBDIR}/libcap_random.a + +LIBCAP_SYSCTLDIR= ${OBJTOP}/lib/libcasper/services/cap_sysctl +LIBCAP_SYSCTL?= ${DESTDIR}${LIBDIR}/libcap_sysctl.a # Validate that listed LIBADD are valid. .for _l in ${LIBADD} .if empty(_LIBRARIES:M${_l}) _BADLIBADD+= ${_l} .endif .endfor .if !empty(_BADLIBADD) .error ${.CURDIR}: Invalid LIBADD used which may need to be added to ${_this:T}: ${_BADLIBADD} .endif # Sanity check that libraries are defined here properly when building them. .if defined(LIB) && ${_LIBRARIES:M${LIB}} != "" .if !empty(LIBADD) && \ (!defined(_DP_${LIB}) || ${LIBADD:O:u} != ${_DP_${LIB}:O:u}) .error ${.CURDIR}: Missing or incorrect _DP_${LIB} entry in ${_this:T}. Should match LIBADD for ${LIB} ('${LIBADD}' vs '${_DP_${LIB}}') .endif # Note that OBJTOP is not yet defined here but for the purpose of the check # it is fine as it resolves to the SRC directory. .if !defined(LIB${LIB:tu}DIR) || !exists(${SRCTOP}/${LIB${LIB:tu}DIR:S,^${OBJTOP}/,,}) .error ${.CURDIR}: Missing or incorrect value for LIB${LIB:tu}DIR in ${_this:T}: ${LIB${LIB:tu}DIR:S,^${OBJTOP}/,,} .endif .if ${_INTERNALLIBS:M${LIB}} != "" && !defined(LIB${LIB:tu}) .error ${.CURDIR}: Missing value for LIB${LIB:tu} in ${_this:T}. Likely should be: LIB${LIB:tu}?= $${LIB${LIB:tu}DIR}/lib${LIB}.a .endif .endif .endif # !target(____) Index: head/targets/pseudo/userland/Makefile.depend =================================================================== --- head/targets/pseudo/userland/Makefile.depend (revision 296046) +++ head/targets/pseudo/userland/Makefile.depend (revision 296047) @@ -1,904 +1,900 @@ # $FreeBSD$ # This file is not autogenerated - take care! .if !defined(MK_MANDOCDB) .include .endif DIRDEPS= .if ${MK_MANDOCDB} == "no" DIRDEPS+= usr.bin/makewhatis .endif DIRDEPS+= \ bin/cat \ bin/chflags \ bin/chio \ bin/chmod \ bin/cp \ bin/csh \ bin/date \ bin/dd \ bin/df \ bin/domainname \ bin/echo \ bin/ed \ bin/expr \ bin/freebsd-version \ bin/getfacl \ bin/hostname \ bin/kenv \ bin/kill \ bin/ln \ bin/ls \ bin/mkdir \ bin/mv \ bin/pax \ bin/pkill \ bin/ps \ bin/pwait \ bin/pwd \ bin/rcp \ bin/realpath \ bin/rm \ bin/rmail \ bin/rmdir \ bin/setfacl \ bin/sh \ bin/sleep \ bin/stty \ bin/sync \ bin/test \ bin/uuidgen \ sbin/adjkerntz \ sbin/atacontrol \ sbin/atm/atmconfig \ sbin/badsect \ sbin/camcontrol \ sbin/ccdconfig \ sbin/clri \ sbin/comcontrol \ sbin/conscontrol \ sbin/ddb \ sbin/devd \ sbin/devfs \ sbin/dhclient \ sbin/dmesg \ sbin/dump \ sbin/dumpfs \ sbin/dumpon \ sbin/etherswitchcfg \ sbin/ffsinfo \ sbin/fsck \ sbin/fsck_ffs \ sbin/fsck_msdosfs \ sbin/fsdb \ sbin/fsirand \ sbin/gbde \ sbin/geom/class/cache \ sbin/geom/class/concat \ sbin/geom/class/eli \ sbin/geom/class/journal \ sbin/geom/class/label \ sbin/geom/class/mirror \ sbin/geom/class/mountver \ sbin/geom/class/multipath \ sbin/geom/class/nop \ sbin/geom/class/part \ sbin/geom/class/raid \ sbin/geom/class/raid3 \ sbin/geom/class/sched \ sbin/geom/class/shsec \ sbin/geom/class/stripe \ sbin/geom/class/virstor \ sbin/geom/core \ sbin/ggate/ggatec \ sbin/ggate/ggated \ sbin/ggate/ggatel \ sbin/growfs \ sbin/gvinum \ sbin/hastctl \ sbin/hastd \ sbin/ifconfig \ sbin/init \ sbin/ipf/ipf \ sbin/ipf/ipfs \ sbin/ipf/ipfstat \ sbin/ipf/ipftest \ sbin/ipf/ipmon \ sbin/ipf/ipnat \ sbin/ipf/ippool \ sbin/ipf/ipresend \ sbin/ipf/libipf \ sbin/ipfw \ sbin/iscontrol \ sbin/kldconfig \ sbin/kldload \ sbin/kldstat \ sbin/kldunload \ sbin/ldconfig \ sbin/md5 \ sbin/mdconfig \ sbin/mdmfs \ sbin/mknod \ sbin/mksnap_ffs \ sbin/mount \ sbin/mount_cd9660 \ sbin/mount_fusefs \ sbin/mount_msdosfs \ sbin/mount_nfs \ sbin/mount_nullfs \ sbin/mount_udf \ sbin/mount_unionfs \ sbin/natd \ sbin/newfs \ sbin/newfs_msdos \ sbin/nfsiod \ sbin/nos-tun \ sbin/pfctl \ sbin/pflogd \ sbin/ping \ sbin/ping6 \ sbin/quotacheck \ sbin/rcorder \ sbin/reboot \ sbin/recoverdisk \ sbin/resolvconf \ sbin/restore \ sbin/route \ sbin/routed \ sbin/routed/rtquery \ sbin/rtsol \ sbin/savecore \ sbin/setkey \ sbin/shutdown \ sbin/spppcontrol \ sbin/swapon \ sbin/sysctl \ sbin/tunefs \ sbin/umount \ usr.bin/alias \ usr.bin/apply \ usr.bin/ar \ usr.bin/asa \ usr.bin/at \ usr.bin/atf/atf-config \ usr.bin/atf/atf-report \ usr.bin/atf/atf-run \ usr.bin/atf/atf-version \ usr.bin/atm/sscop \ usr.bin/awk \ usr.bin/banner \ usr.bin/basename \ usr.bin/bc \ usr.bin/biff \ usr.bin/bluetooth/bthost \ usr.bin/bluetooth/btsockstat \ usr.bin/bluetooth/rfcomm_sppd \ usr.bin/bmake \ usr.bin/brandelf \ usr.bin/bsdiff/bsdiff \ usr.bin/bsdiff/bspatch \ usr.bin/bzip2 \ usr.bin/bzip2recover \ usr.bin/c89 \ usr.bin/c99 \ usr.bin/calendar \ usr.bin/cap_mkdb \ usr.bin/catman \ usr.bin/chat \ usr.bin/checknr \ usr.bin/chkey \ usr.bin/chpass \ usr.bin/cksum \ usr.bin/cmp \ usr.bin/col \ usr.bin/colcrt \ usr.bin/colldef \ usr.bin/colrm \ usr.bin/column \ usr.bin/comm \ usr.bin/compile_et \ usr.bin/compress \ usr.bin/cpio \ usr.bin/cpuset \ usr.bin/csplit \ usr.bin/csup \ usr.bin/ctags \ usr.bin/ctlstat \ usr.bin/cut \ usr.bin/dc \ usr.bin/dig \ usr.bin/dirname \ usr.bin/dpv \ usr.bin/drill \ usr.bin/du \ usr.bin/ee \ usr.bin/elf2aout \ usr.bin/elfdump \ usr.bin/enigma \ usr.bin/env \ usr.bin/expand \ usr.bin/false \ usr.bin/fetch \ usr.bin/file \ usr.bin/file2c \ usr.bin/find \ usr.bin/finger \ usr.bin/fmt \ usr.bin/fold \ usr.bin/from \ usr.bin/fstat \ usr.bin/fsync \ usr.bin/ftp \ usr.bin/gcore \ usr.bin/gencat \ usr.bin/getconf \ usr.bin/getent \ usr.bin/getopt \ usr.bin/gprof \ usr.bin/grep \ usr.bin/gzip \ usr.bin/head \ usr.bin/hexdump \ usr.bin/host \ usr.bin/iconv \ usr.bin/id \ usr.bin/ident \ usr.bin/indent \ usr.bin/ipcrm \ usr.bin/ipcs \ usr.bin/iscsictl \ usr.bin/join \ usr.bin/jot \ usr.bin/kdump \ usr.bin/keylogin \ usr.bin/keylogout \ usr.bin/killall \ usr.bin/ktrace \ usr.bin/ktrdump \ usr.bin/lam \ usr.bin/last \ usr.bin/lastcomm \ usr.bin/lex \ usr.bin/ldd \ usr.bin/leave \ usr.bin/less \ usr.bin/lessecho \ usr.bin/lesskey \ usr.bin/lex/lib \ usr.bin/limits \ usr.bin/locale \ usr.bin/locate/bigram \ usr.bin/locate/code \ usr.bin/locate/locate \ usr.bin/lock \ usr.bin/lockf \ usr.bin/logger \ usr.bin/login \ usr.bin/logins \ usr.bin/logname \ usr.bin/look \ usr.bin/lorder \ usr.bin/lsvfs \ usr.bin/lzmainfo \ usr.bin/m4 \ usr.bin/mail \ usr.bin/man \ usr.bin/mandoc \ usr.bin/mesg \ usr.bin/minigzip \ usr.bin/ministat \ usr.bin/mkcsmapper \ usr.bin/mkdep \ usr.bin/mkesdb \ usr.bin/mkfifo \ usr.bin/mkimg \ usr.bin/mklocale \ usr.bin/mkstr \ usr.bin/mktemp \ usr.bin/mkuzip \ usr.bin/msgs \ usr.bin/mt \ usr.bin/nc \ usr.bin/ncal \ usr.bin/netstat \ usr.bin/newgrp \ usr.bin/newkey \ usr.bin/nfsstat \ usr.bin/nice \ usr.bin/nl \ usr.bin/nohup \ usr.bin/nslookup \ usr.bin/nsupdate \ usr.bin/numactl \ usr.bin/opieinfo \ usr.bin/opiekey \ usr.bin/opiepasswd \ usr.bin/pagesize \ usr.bin/passwd \ usr.bin/paste \ usr.bin/patch \ usr.bin/pathchk \ usr.bin/perror \ usr.bin/pr \ usr.bin/printenv \ usr.bin/printf \ usr.bin/procstat \ usr.bin/protect \ usr.bin/quota \ usr.bin/rctl \ usr.bin/renice \ usr.bin/rev \ usr.bin/revoke \ usr.bin/rlogin \ usr.bin/rpcgen \ usr.bin/rpcinfo \ usr.bin/rs \ usr.bin/rsh \ usr.bin/rup \ usr.bin/ruptime \ usr.bin/rusers \ usr.bin/rwall \ usr.bin/rwho \ usr.bin/script \ usr.bin/sed \ usr.bin/send-pr \ usr.bin/seq \ usr.bin/shar \ usr.bin/showmount \ usr.bin/smbutil \ usr.bin/sockstat \ usr.bin/soelim \ usr.bin/sort \ usr.bin/split \ usr.bin/ssh-copy-id \ usr.bin/stat \ usr.bin/stdbuf \ usr.bin/su \ usr.bin/svn/svn \ usr.bin/svn/svnadmin \ usr.bin/svn/svnbench \ usr.bin/svn/svndumpfilter \ usr.bin/svn/svnfsfs \ usr.bin/svn/svnlook \ usr.bin/svn/svnmucc \ usr.bin/svn/svnrdump \ usr.bin/svn/svnserve \ usr.bin/svn/svnsync \ usr.bin/svn/svnversion \ usr.bin/systat \ usr.bin/tabs \ usr.bin/tail \ usr.bin/talk \ usr.bin/tar \ usr.bin/tcopy \ usr.bin/tee \ usr.bin/telnet \ usr.bin/tftp \ usr.bin/time \ usr.bin/timeout \ usr.bin/tip/tip \ usr.bin/top \ usr.bin/touch \ usr.bin/tput \ usr.bin/tr \ usr.bin/true \ usr.bin/truncate \ usr.bin/truss \ usr.bin/tset \ usr.bin/tsort \ usr.bin/tty \ usr.bin/ul \ usr.bin/uname \ usr.bin/unexpand \ usr.bin/unifdef \ usr.bin/uniq \ usr.bin/units \ usr.bin/unvis \ usr.bin/unzip \ usr.bin/usbhidaction \ usr.bin/usbhidctl \ usr.bin/users \ usr.bin/uudecode \ usr.bin/uuencode \ usr.bin/vacation \ usr.bin/vgrind \ usr.bin/vi \ usr.bin/vi/catalog \ usr.bin/vis \ usr.bin/vmstat \ usr.bin/vtfontcvt \ usr.bin/w \ usr.bin/wall \ usr.bin/wc \ usr.bin/what \ usr.bin/whereis \ usr.bin/which \ usr.bin/who \ usr.bin/whois \ usr.bin/write \ usr.bin/xargs \ usr.bin/xinstall \ usr.bin/xlint/lint1 \ usr.bin/xlint/lint2 \ usr.bin/xlint/llib \ usr.bin/xlint/xlint \ usr.bin/xo \ usr.bin/xstr \ usr.bin/xz \ usr.bin/xzdec \ usr.bin/yacc \ usr.bin/yes \ usr.bin/ypcat \ usr.bin/ypmatch \ usr.bin/ypwhich \ usr.sbin/IPXrouted \ usr.sbin/ac \ usr.sbin/accton \ usr.sbin/adduser \ usr.sbin/amd/amd \ usr.sbin/amd/amq \ usr.sbin/amd/doc \ usr.sbin/amd/fixmount \ usr.sbin/amd/fsinfo \ usr.sbin/amd/hlfsd \ usr.sbin/amd/include \ usr.sbin/amd/libamu \ usr.sbin/amd/mk-amd-map \ usr.sbin/amd/pawd \ usr.sbin/amd/scripts \ usr.sbin/amd/wire-test \ usr.sbin/ancontrol \ usr.sbin/apm \ usr.sbin/arp \ usr.sbin/arpaname \ usr.sbin/audit \ usr.sbin/auditd \ usr.sbin/auditdistd \ usr.sbin/auditreduce \ usr.sbin/authpf \ usr.sbin/autofs \ usr.sbin/binmiscctl \ usr.sbin/bluetooth/ath3kfw \ usr.sbin/bluetooth/bcmfw \ usr.sbin/bluetooth/bt3cfw \ usr.sbin/bluetooth/bthidcontrol \ usr.sbin/bluetooth/bthidd \ usr.sbin/bluetooth/btpand \ usr.sbin/bluetooth/hccontrol \ usr.sbin/bluetooth/hcsecd \ usr.sbin/bluetooth/hcseriald \ usr.sbin/bluetooth/l2control \ usr.sbin/bluetooth/l2ping \ usr.sbin/bluetooth/rfcomm_pppd \ usr.sbin/bluetooth/sdpcontrol \ usr.sbin/bluetooth/sdpd \ usr.sbin/bootparamd/bootparamd \ usr.sbin/bootparamd/callbootd \ usr.sbin/bsdconfig \ usr.sbin/bsdconfig/console \ usr.sbin/bsdconfig/console/include \ usr.sbin/bsdconfig/diskmgmt \ usr.sbin/bsdconfig/diskmgmt/include \ usr.sbin/bsdconfig/docsinstall \ usr.sbin/bsdconfig/docsinstall/include \ usr.sbin/bsdconfig/dot \ usr.sbin/bsdconfig/dot/include \ usr.sbin/bsdconfig/examples \ usr.sbin/bsdconfig/include \ usr.sbin/bsdconfig/includes \ usr.sbin/bsdconfig/includes/include \ usr.sbin/bsdconfig/mouse \ usr.sbin/bsdconfig/mouse/include \ usr.sbin/bsdconfig/networking \ usr.sbin/bsdconfig/networking/include \ usr.sbin/bsdconfig/networking/share \ usr.sbin/bsdconfig/packages \ usr.sbin/bsdconfig/packages/include \ usr.sbin/bsdconfig/password \ usr.sbin/bsdconfig/password/include \ usr.sbin/bsdconfig/password/share \ usr.sbin/bsdconfig/security \ usr.sbin/bsdconfig/security/include \ usr.sbin/bsdconfig/share \ usr.sbin/bsdconfig/share/media \ usr.sbin/bsdconfig/share/packages \ usr.sbin/bsdconfig/startup \ usr.sbin/bsdconfig/startup/include \ usr.sbin/bsdconfig/startup/share \ usr.sbin/bsdconfig/timezone \ usr.sbin/bsdconfig/timezone/include \ usr.sbin/bsdconfig/timezone/share \ usr.sbin/bsdconfig/ttys \ usr.sbin/bsdconfig/ttys/include \ usr.sbin/bsdconfig/usermgmt \ usr.sbin/bsdconfig/usermgmt/include \ usr.sbin/bsdconfig/usermgmt/share \ usr.sbin/bsdinstall/distextract \ usr.sbin/bsdinstall/distfetch \ usr.sbin/bsdinstall/partedit \ usr.sbin/bsdinstall/scripts \ usr.sbin/bsnmpd/bsnmpd \ usr.sbin/bsnmpd/gensnmptree \ usr.sbin/bsnmpd/modules/snmp_atm \ usr.sbin/bsnmpd/modules/snmp_bridge \ usr.sbin/bsnmpd/modules/snmp_hast \ usr.sbin/bsnmpd/modules/snmp_hostres \ usr.sbin/bsnmpd/modules/snmp_lm75 \ usr.sbin/bsnmpd/modules/snmp_mibII \ usr.sbin/bsnmpd/modules/snmp_netgraph \ usr.sbin/bsnmpd/modules/snmp_pf \ usr.sbin/bsnmpd/modules/snmp_target \ usr.sbin/bsnmpd/modules/snmp_usm \ usr.sbin/bsnmpd/modules/snmp_vacm \ usr.sbin/bsnmpd/modules/snmp_wlan \ usr.sbin/bsnmpd/tools/bsnmptools \ usr.sbin/bsnmpd/tools/libbsnmptools \ usr.sbin/burncd \ usr.sbin/cdcontrol \ usr.sbin/chkgrp \ usr.sbin/chown \ usr.sbin/chroot \ usr.sbin/ckdist \ usr.sbin/clear_locks \ usr.sbin/config \ usr.sbin/crashinfo \ usr.sbin/cron/cron \ usr.sbin/cron/crontab \ usr.sbin/cron/lib \ usr.sbin/crunch/crunchgen \ usr.sbin/crunch/crunchide \ usr.sbin/ctladm \ usr.sbin/ctld \ usr.sbin/ctm/ctm \ usr.sbin/ctm/ctm_dequeue \ usr.sbin/ctm/ctm_rmail \ usr.sbin/ctm/ctm_smail \ usr.sbin/daemon \ usr.sbin/dconschat \ usr.sbin/ddns-confgen \ usr.sbin/devctl \ usr.sbin/devinfo \ usr.sbin/digictl \ usr.sbin/diskinfo \ usr.sbin/dnssec-dsfromkey \ usr.sbin/dnssec-keyfromlabel \ usr.sbin/dnssec-keygen \ usr.sbin/dnssec-revoke \ usr.sbin/dnssec-settime \ usr.sbin/dnssec-signzone \ usr.sbin/dumpcis \ usr.sbin/editmap \ usr.sbin/edquota \ usr.sbin/etcupdate \ usr.sbin/extattr \ usr.sbin/extattrctl \ usr.sbin/fdcontrol \ usr.sbin/fdformat \ usr.sbin/fdread \ usr.sbin/fdwrite \ usr.sbin/fifolog/fifolog_create \ usr.sbin/fifolog/fifolog_reader \ usr.sbin/fifolog/fifolog_writer \ usr.sbin/fifolog/lib \ usr.sbin/flowctl \ usr.sbin/fmtree \ usr.sbin/freebsd-update \ usr.sbin/fstyp \ usr.sbin/ftp-proxy \ usr.sbin/fwcontrol \ usr.sbin/genrandom \ usr.sbin/getfmac \ usr.sbin/getpmac \ usr.sbin/gpioctl \ usr.sbin/gssd \ usr.sbin/gstat \ usr.sbin/i2c \ usr.sbin/ifmcstat \ usr.sbin/inetd \ usr.sbin/iostat \ usr.sbin/iovctl \ usr.sbin/ip6addrctl \ usr.sbin/ipfwpcap \ usr.sbin/isc-hmac-fixup \ usr.sbin/iscsid \ usr.sbin/isfctl \ usr.sbin/jail \ usr.sbin/jexec \ usr.sbin/jls \ usr.sbin/kbdcontrol \ usr.sbin/kbdmap \ usr.sbin/keyserv \ usr.sbin/kldxref \ usr.sbin/lastlogin \ usr.sbin/lmcconfig \ usr.sbin/lpr/chkprintcap \ usr.sbin/lpr/common_source \ usr.sbin/lpr/filters \ usr.sbin/lpr/filters.ru/koi2855 \ usr.sbin/lpr/filters.ru/koi2alt \ usr.sbin/lpr/lp \ usr.sbin/lpr/lpc \ usr.sbin/lpr/lpd \ usr.sbin/lpr/lpq \ usr.sbin/lpr/lpr \ usr.sbin/lpr/lprm \ usr.sbin/lpr/lptest \ usr.sbin/lpr/pac \ usr.sbin/mailstats \ usr.sbin/mailwrapper \ usr.sbin/makefs \ usr.sbin/makemap \ usr.sbin/manctl \ usr.sbin/memcontrol \ usr.sbin/mergemaster \ usr.sbin/mfiutil \ usr.sbin/mixer \ usr.sbin/mld6query \ usr.sbin/mlxcontrol \ usr.sbin/mount_smbfs \ usr.sbin/mountd \ usr.sbin/moused \ usr.sbin/mpsutil \ usr.sbin/mptutil \ usr.sbin/mtest \ usr.sbin/named \ usr.sbin/named-checkconf \ usr.sbin/named-checkzone \ usr.sbin/named-journalprint \ usr.sbin/ndp \ usr.sbin/newsyslog \ usr.sbin/nfscbd \ usr.sbin/nfsd \ usr.sbin/nfsdumpstate \ usr.sbin/nfsrevoke \ usr.sbin/nfsuserd \ usr.sbin/ngctl \ usr.sbin/nghook \ usr.sbin/nmtree \ usr.sbin/nologin \ usr.sbin/nscd \ usr.sbin/nsec3hash \ usr.sbin/ntp/doc \ usr.sbin/ntp/doc/drivers/icons \ usr.sbin/ntp/doc/drivers/scripts \ usr.sbin/ntp/doc/drivers \ usr.sbin/ntp/doc/hints \ usr.sbin/ntp/doc/icons \ usr.sbin/ntp/doc/pic \ usr.sbin/ntp/doc/scripts \ usr.sbin/ntp/libntp \ usr.sbin/ntp/libopts \ usr.sbin/ntp/libparse \ usr.sbin/ntp/ntp-keygen \ usr.sbin/ntp/ntpd \ usr.sbin/ntp/ntpdate \ usr.sbin/ntp/ntpdc \ usr.sbin/ntp/ntpq \ usr.sbin/ntp/ntptime \ usr.sbin/ntp/sntp \ usr.sbin/pc-sysinstall/backend \ usr.sbin/pc-sysinstall/backend-partmanager \ usr.sbin/pc-sysinstall/backend-query \ usr.sbin/pc-sysinstall/conf \ usr.sbin/pc-sysinstall/doc \ usr.sbin/pc-sysinstall/examples \ usr.sbin/pc-sysinstall/pc-sysinstall \ usr.sbin/pciconf \ usr.sbin/periodic \ usr.sbin/pkg \ usr.sbin/pkg_install/add \ usr.sbin/pkg_install/create \ usr.sbin/pkg_install/delete \ usr.sbin/pkg_install/info \ usr.sbin/pkg_install/lib \ usr.sbin/pkg_install/updating \ usr.sbin/pkg_install/version \ usr.sbin/pmcannotate \ usr.sbin/pmccontrol \ usr.sbin/pmcstat \ usr.sbin/portsnap/make_index \ usr.sbin/portsnap/phttpget \ usr.sbin/portsnap/portsnap \ usr.sbin/powerd \ usr.sbin/ppp \ usr.sbin/pppctl \ usr.sbin/praliases \ usr.sbin/praudit \ usr.sbin/procctl \ usr.sbin/pstat \ usr.sbin/pw \ usr.sbin/pwd_mkdb \ usr.sbin/quot \ usr.sbin/quotaon \ usr.sbin/rarpd \ usr.sbin/repquota \ usr.sbin/rip6query \ usr.sbin/rmt \ usr.sbin/rndc \ usr.sbin/rndc-confgen \ usr.sbin/route6d \ usr.sbin/rpc.lockd \ usr.sbin/rpc.statd \ usr.sbin/rpc.umntall \ usr.sbin/rpc.yppasswdd \ usr.sbin/rpc.ypupdated \ usr.sbin/rpc.ypxfrd \ usr.sbin/rpcbind \ usr.sbin/rrenumd \ usr.sbin/rtadvctl \ usr.sbin/rtadvd \ usr.sbin/rtprio \ usr.sbin/rtsold \ usr.sbin/rwhod \ usr.sbin/sa \ usr.sbin/sendmail \ usr.sbin/service \ usr.sbin/services_mkdb \ usr.sbin/sesutil \ usr.sbin/setfib \ usr.sbin/setfmac \ usr.sbin/setpmac \ usr.sbin/smbmsg \ usr.sbin/snapinfo \ usr.sbin/spray \ usr.sbin/syslogd \ usr.sbin/sysrc \ usr.sbin/tcpdchk \ usr.sbin/tcpdmatch \ usr.sbin/tcpdrop \ usr.sbin/tcpdump/tcpdump \ usr.sbin/timed/timed \ usr.sbin/timed/timedc \ usr.sbin/traceroute \ usr.sbin/traceroute6 \ usr.sbin/trpt \ usr.sbin/tzsetup \ usr.sbin/uathload \ usr.sbin/uefisign \ usr.sbin/ugidfw \ usr.sbin/uhsoctl \ usr.sbin/unbound/anchor \ usr.sbin/unbound/checkconf \ usr.sbin/unbound/control \ usr.sbin/unbound/daemon \ usr.sbin/unbound/local-setup \ usr.sbin/usbconfig \ usr.sbin/usbdump \ usr.sbin/utx \ usr.sbin/vidcontrol \ usr.sbin/vigr \ usr.sbin/vipw \ usr.sbin/wake \ usr.sbin/watch \ usr.sbin/watchdogd \ usr.sbin/wlandebug \ usr.sbin/wpa/hostapd \ usr.sbin/wpa/hostapd_cli \ usr.sbin/wpa/ndis_events \ usr.sbin/wpa/wpa_cli \ usr.sbin/wpa/wpa_passphrase \ usr.sbin/wpa/wpa_supplicant \ usr.sbin/yp_mkdb \ usr.sbin/ypbind \ usr.sbin/yppoll \ usr.sbin/yppush \ usr.sbin/ypserv \ usr.sbin/ypset \ usr.sbin/zic/zdump \ usr.sbin/zic/zic \ ${DEP_RELDIR}/cddl \ ${DEP_RELDIR}/games \ ${DEP_RELDIR}/gnu \ ${DEP_RELDIR}/include \ ${DEP_RELDIR}/kerberos5 \ ${DEP_RELDIR}/lib \ ${DEP_RELDIR}/libexec \ ${DEP_RELDIR}/misc \ ${DEP_RELDIR}/secure \ ${DEP_RELDIR}/share \ .if ${MK_NAND} != "no" DIRDEPS+= \ sbin/nandfs \ sbin/newfs_nandfs \ usr.sbin/nandsim \ usr.sbin/nandtool \ .endif DIRDEPS.amd64= \ sbin/bsdlabel \ sbin/fdisk \ sbin/nvmecontrol \ usr.sbin/acpi/acpiconf \ usr.sbin/acpi/acpidb \ usr.sbin/acpi/acpidump \ usr.sbin/acpi/iasl \ usr.sbin/apm \ usr.sbin/asf \ usr.sbin/bhyve \ usr.sbin/bhyvectl \ usr.sbin/bhyveload \ usr.sbin/boot0cfg \ usr.sbin/btxld \ usr.sbin/camdd \ usr.sbin/cpucontrol \ usr.sbin/hyperv/tools \ usr.sbin/kgmon \ usr.sbin/lptcontrol \ usr.sbin/mptable \ usr.sbin/ndiscvt \ usr.sbin/sicontrol \ usr.sbin/spkrtest \ usr.sbin/sade \ usr.sbin/zzz DIRDEPS.arm= \ sbin/bsdlabel \ sbin/fdisk \ usr.sbin/ofwdump \ usr.sbin/kgmon DIRDEPS.i386= \ sbin/bsdlabel \ sbin/fdisk \ sbin/nvmecontrol \ sbin/sconfig \ usr.sbin/apm \ usr.sbin/apmd \ usr.sbin/asf \ usr.sbin/btxld \ usr.sbin/cpucontrol \ usr.sbin/hyperv/tools \ usr.sbin/kgmon \ usr.sbin/kgzip \ usr.sbin/lptcontrol \ usr.sbin/mptable \ usr.sbin/ndiscvt \ usr.sbin/pnpinfo \ usr.sbin/sade \ usr.sbin/sicontrol \ usr.sbin/spkrtest \ usr.sbin/zzz \ usr.sbin/acpi \ usr.sbin/boot0cfg \ usr.sbin/wlconfig DIRDEPS.arm64= \ usr.sbin/acpi \ usr.sbin/ofwdump DIRDEPS.mips= \ sbin/bsdlabel \ sbin/fdisk DIRDEPS.pc98= \ sbin/bsdlabel \ sbin/fdisk_pc98 \ sbin/sconfig DIRDEPS.sparc64= \ sbin/bsdlabel \ sbin/sunlabel \ usr.sbin/eeprom \ usr.sbin/ofwdump \ usr.sbin/sade DIRDEPS.powerpc= \ usr.sbin/nvram \ usr.sbin/ofwdump .if ${MK_GPL_DTC} != "yes" DIRDEPS+= usr.bin/dtc .endif -.if ${MK_CASPER} == "yes" -DIRDEPS+= sbin/casperd -.endif - DIRDEPS+= ${DIRDEPS.${MACHINE}:U} .include Index: head/targets/pseudo/userland/lib/Makefile.depend =================================================================== --- head/targets/pseudo/userland/lib/Makefile.depend (revision 296046) +++ head/targets/pseudo/userland/lib/Makefile.depend (revision 296047) @@ -1,190 +1,200 @@ # $FreeBSD$ # This file is not autogenerated - take care! .if !defined(MK_CLANG) .include .endif DIRDEPS = \ lib/${CSU_DIR} \ lib/atf/libatf-c \ lib/atf/libatf-c++ \ lib/lib80211 \ lib/libalias/libalias \ lib/libalias/modules/cuseeme \ lib/libalias/modules/dummy \ lib/libalias/modules/ftp \ lib/libalias/modules/irc \ lib/libalias/modules/nbt \ lib/libalias/modules/pptp \ lib/libalias/modules/skinny \ lib/libalias/modules/smedia \ lib/libarchive \ lib/libauditd \ lib/libbegemot \ lib/libblocksruntime \ lib/libbluetooth \ lib/libbsdstat \ lib/libbsm \ lib/libbsnmp/libbsnmp \ lib/libbz2 \ lib/libc \ lib/libc++ \ lib/libcalendar \ lib/libcam \ - lib/libcasper \ lib/libcom_err/doc \ lib/libcompat \ lib/libcompiler_rt \ lib/libcrypt \ lib/libcuse \ lib/libcxxrt \ lib/libdevctl \ lib/libdevinfo \ lib/libdevstat \ lib/libdwarf \ lib/libedit/edit/readline \ lib/libelf \ lib/libelftc \ lib/libevent \ lib/libexecinfo \ lib/libexpat \ lib/libfetch \ lib/libgeom \ lib/libgssapi \ lib/libiconv_modules/BIG5 \ lib/libiconv_modules/DECHanyu \ lib/libiconv_modules/EUC \ lib/libiconv_modules/EUCTW \ lib/libiconv_modules/GBK2K \ lib/libiconv_modules/HZ \ lib/libiconv_modules/ISO2022 \ lib/libiconv_modules/JOHAB \ lib/libiconv_modules/MSKanji \ lib/libiconv_modules/UES \ lib/libiconv_modules/UTF1632 \ lib/libiconv_modules/UTF7 \ lib/libiconv_modules/UTF8 \ lib/libiconv_modules/VIQR \ lib/libiconv_modules/ZW \ lib/libiconv_modules/iconv_none \ lib/libiconv_modules/iconv_std \ lib/libiconv_modules/mapper_646 \ lib/libiconv_modules/mapper_none \ lib/libiconv_modules/mapper_parallel \ lib/libiconv_modules/mapper_serial \ lib/libiconv_modules/mapper_std \ lib/libiconv_modules/mapper_zone \ lib/libipsec \ lib/libipx \ lib/libjail \ lib/libkiconv \ lib/libkvm \ lib/libldns \ lib/liblzma \ lib/libmagic \ lib/libmandoc \ lib/libmd \ lib/libmemstat \ lib/libmilter \ lib/libmp \ lib/libnetgraph \ lib/libngatm \ lib/libnv \ lib/libopie \ lib/libpam/libpam \ lib/libpam/modules/pam_chroot \ lib/libpam/modules/pam_deny \ lib/libpam/modules/pam_echo \ lib/libpam/modules/pam_exec \ lib/libpam/modules/pam_ftpusers \ lib/libpam/modules/pam_group \ lib/libpam/modules/pam_guest \ lib/libpam/modules/pam_krb5 \ lib/libpam/modules/pam_ksu \ lib/libpam/modules/pam_lastlog \ lib/libpam/modules/pam_login_access \ lib/libpam/modules/pam_nologin \ lib/libpam/modules/pam_opie \ lib/libpam/modules/pam_opieaccess \ lib/libpam/modules/pam_passwdqc \ lib/libpam/modules/pam_permit \ lib/libpam/modules/pam_radius \ lib/libpam/modules/pam_rhosts \ lib/libpam/modules/pam_rootok \ lib/libpam/modules/pam_securetty \ lib/libpam/modules/pam_self \ lib/libpam/modules/pam_ssh \ lib/libpam/modules/pam_tacplus \ lib/libpam/modules/pam_unix \ lib/libpcap \ lib/libpe \ lib/libpjdlog \ lib/libpmc \ lib/libproc \ lib/libprocstat \ lib/libradius \ lib/librpcsec_gss \ lib/librpcsvc \ lib/librt \ lib/librtld_db \ lib/libsbuf \ lib/libsdp \ lib/libsm \ lib/libsmb \ lib/libsmdb \ lib/libsmutil \ lib/libstand \ lib/libstdbuf \ lib/libstdthreads \ lib/libsysdecode \ lib/libtacplus \ lib/libtelnet \ lib/libthr \ lib/libthread_db \ lib/libufs \ lib/libugidfw \ lib/libulog \ lib/libunbound \ lib/libusb \ lib/libusbhid \ lib/libutil \ lib/libvgl \ lib/libvmmapi \ lib/libwrap \ lib/liby \ lib/libyaml \ lib/libypclnt \ lib/libz \ lib/msun \ lib/ncurses/form \ lib/ncurses/formw \ lib/ncurses/menu \ lib/ncurses/menuw \ lib/ncurses/ncurses \ lib/ncurses/ncursesw \ lib/ncurses/panel \ lib/ncurses/panelw \ .if ${MK_CLANG} != "no" && \ (${MACHINE_CPUARCH} == "aarch64" || ${MACHINE_CPUARCH} == "amd64" || \ (${MACHINE_CPUARCH} == "arm" && ${MACHINE_ARCH} != "armeb") || \ (${MACHINE_CPUARCH} == "i386")) DIRDEPS+= \ lib/libclang_rt/asan-preinit \ lib/libclang_rt/asan \ lib/libclang_rt/asan_cxx \ lib/libclang_rt/include \ lib/libclang_rt/profile \ lib/libclang_rt/safestack \ lib/libclang_rt/ubsan_standalone \ lib/libclang_rt/ubsan_standalone_cxx \ .endif .if ${MK_NAND} != "no" DIRDEPS+= lib/libnandfs +.endif + +.if ${MK_CASPER} != "no" +DIRDEPS+= \ + lib/libcasper \ + lib/libcasper/services/cap_dns \ + lib/libcasper/services/cap_grp \ + lib/libcasper/services/cap_pwd \ + lib/libcasper/services/cap_random \ + lib/libcasper/services/cap_sysctl \ + .endif .include Index: head/targets/pseudo/userland/libexec/Makefile.depend =================================================================== --- head/targets/pseudo/userland/libexec/Makefile.depend (revision 296046) +++ head/targets/pseudo/userland/libexec/Makefile.depend (revision 296047) @@ -1,47 +1,42 @@ # $FreeBSD$ # This file is not autogenerated - take care! DIRDEPS = \ libexec/atf/atf-check \ libexec/atf/atf-sh \ libexec/atrun \ libexec/bootpd \ libexec/bootpd/bootpgw \ libexec/bootpd/tools/bootpef \ libexec/bootpd/tools/bootptest \ - libexec/casper/dns \ - libexec/casper/grp \ - libexec/casper/pwd \ - libexec/casper/random \ - libexec/casper/sysctl \ libexec/comsat \ libexec/fingerd \ libexec/ftpd \ libexec/getty \ libexec/hyperv \ libexec/mail.local \ libexec/mknetid \ libexec/pppoed \ libexec/rbootd \ libexec/revnetgroup \ libexec/rlogind \ libexec/rpc.rquotad \ libexec/rpc.rstatd \ libexec/rpc.rusersd \ libexec/rpc.rwalld \ libexec/rpc.sprayd \ libexec/rshd \ libexec/rtld-elf \ libexec/save-entropy \ libexec/smrsh \ libexec/talkd \ libexec/tcpd \ libexec/telnetd \ libexec/tftp-proxy \ libexec/tftpd \ libexec/ulog-helper \ libexec/ypxfr \ .include Index: head/tools/regression/capsicum/libcapsicum/dns.c =================================================================== --- head/tools/regression/capsicum/libcapsicum/dns.c (revision 296046) +++ head/tools/regression/capsicum/libcapsicum/dns.c (nonexistent) @@ -1,588 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -static int ntest = 1; - -#define CHECK(expr) do { \ - if ((expr)) \ - printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - else \ - printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - ntest++; \ -} while (0) -#define CHECKX(expr) do { \ - if ((expr)) { \ - printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - } else { \ - printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - exit(1); \ - } \ - ntest++; \ -} while (0) - -#define GETHOSTBYNAME 0x01 -#define GETHOSTBYNAME2_AF_INET 0x02 -#define GETHOSTBYNAME2_AF_INET6 0x04 -#define GETHOSTBYADDR_AF_INET 0x08 -#define GETHOSTBYADDR_AF_INET6 0x10 - -static bool -hostent_aliases_compare(char **aliases0, char **aliases1) -{ - int i0, i1; - - if (aliases0 == NULL && aliases1 == NULL) - return (true); - if (aliases0 == NULL || aliases1 == NULL) - return (false); - - for (i0 = 0; aliases0[i0] != NULL; i0++) { - for (i1 = 0; aliases1[i1] != NULL; i1++) { - if (strcmp(aliases0[i0], aliases1[i1]) == 0) - break; - } - if (aliases1[i1] == NULL) - return (false); - } - - return (true); -} - -static bool -hostent_addr_list_compare(char **addr_list0, char **addr_list1, int length) -{ - int i0, i1; - - if (addr_list0 == NULL && addr_list1 == NULL) - return (true); - if (addr_list0 == NULL || addr_list1 == NULL) - return (false); - - for (i0 = 0; addr_list0[i0] != NULL; i0++) { - for (i1 = 0; addr_list1[i1] != NULL; i1++) { - if (memcmp(addr_list0[i0], addr_list1[i1], length) == 0) - break; - } - if (addr_list1[i1] == NULL) - return (false); - } - - return (true); -} - -static bool -hostent_compare(const struct hostent *hp0, const struct hostent *hp1) -{ - - if (hp0 == NULL && hp1 != NULL) - return (true); - - if (hp0 == NULL || hp1 == NULL) - return (false); - - if (hp0->h_name != NULL || hp1->h_name != NULL) { - if (hp0->h_name == NULL || hp1->h_name == NULL) - return (false); - if (strcmp(hp0->h_name, hp1->h_name) != 0) - return (false); - } - - if (!hostent_aliases_compare(hp0->h_aliases, hp1->h_aliases)) - return (false); - if (!hostent_aliases_compare(hp1->h_aliases, hp0->h_aliases)) - return (false); - - if (hp0->h_addrtype != hp1->h_addrtype) - return (false); - - if (hp0->h_length != hp1->h_length) - return (false); - - if (!hostent_addr_list_compare(hp0->h_addr_list, hp1->h_addr_list, - hp0->h_length)) { - return (false); - } - if (!hostent_addr_list_compare(hp1->h_addr_list, hp0->h_addr_list, - hp0->h_length)) { - return (false); - } - - return (true); -} - -static unsigned int -runtest(cap_channel_t *capdns) -{ - unsigned int result; - struct hostent *hps, *hpc; - struct in_addr ip4; - struct in6_addr ip6; - - result = 0; - - hps = gethostbyname("example.com"); - if (hps == NULL) - fprintf(stderr, "Unable to resolve %s IPv4.\n", "example.com"); - hpc = cap_gethostbyname(capdns, "example.com"); - if (hostent_compare(hps, hpc)) - result |= GETHOSTBYNAME; - - hps = gethostbyname2("example.com", AF_INET); - if (hps == NULL) - fprintf(stderr, "Unable to resolve %s IPv4.\n", "example.com"); - hpc = cap_gethostbyname2(capdns, "example.com", AF_INET); - if (hostent_compare(hps, hpc)) - result |= GETHOSTBYNAME2_AF_INET; - - hps = gethostbyname2("example.com", AF_INET6); - if (hps == NULL) - fprintf(stderr, "Unable to resolve %s IPv6.\n", "example.com"); - hpc = cap_gethostbyname2(capdns, "example.com", AF_INET6); - if (hostent_compare(hps, hpc)) - result |= GETHOSTBYNAME2_AF_INET6; - - /* - * 8.8.178.135 is IPv4 address of freefall.freebsd.org - * as of 27 October 2013. - */ - inet_pton(AF_INET, "8.8.178.135", &ip4); - hps = gethostbyaddr(&ip4, sizeof(ip4), AF_INET); - if (hps == NULL) - fprintf(stderr, "Unable to resolve %s.\n", "8.8.178.135"); - hpc = cap_gethostbyaddr(capdns, &ip4, sizeof(ip4), AF_INET); - if (hostent_compare(hps, hpc)) - result |= GETHOSTBYADDR_AF_INET; - - /* - * 2001:1900:2254:206c::16:87 is IPv6 address of freefall.freebsd.org - * as of 27 October 2013. - */ - inet_pton(AF_INET6, "2001:1900:2254:206c::16:87", &ip6); - hps = gethostbyaddr(&ip6, sizeof(ip6), AF_INET6); - if (hps == NULL) { - fprintf(stderr, "Unable to resolve %s.\n", - "2001:1900:2254:206c::16:87"); - } - hpc = cap_gethostbyaddr(capdns, &ip6, sizeof(ip6), AF_INET6); - if (hostent_compare(hps, hpc)) - result |= GETHOSTBYADDR_AF_INET6; - - return (result); -} - -int -main(void) -{ - cap_channel_t *capcas, *capdns, *origcapdns; - const char *types[2]; - int families[2]; - - printf("1..91\n"); - - capcas = cap_init(); - CHECKX(capcas != NULL); - - origcapdns = capdns = cap_service_open(capcas, "system.dns"); - CHECKX(capdns != NULL); - - cap_close(capcas); - - /* No limits set. */ - - CHECK(runtest(capdns) == - (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET | GETHOSTBYNAME2_AF_INET6 | - GETHOSTBYADDR_AF_INET | GETHOSTBYADDR_AF_INET6)); - - /* - * Allow: - * type: NAME, ADDR - * family: AF_INET, AF_INET6 - */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "NAME"; - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == 0); - families[0] = AF_INET; - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == 0); - - CHECK(runtest(capdns) == - (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET | GETHOSTBYNAME2_AF_INET6 | - GETHOSTBYADDR_AF_INET | GETHOSTBYADDR_AF_INET6)); - - cap_close(capdns); - - /* - * Allow: - * type: NAME - * family: AF_INET, AF_INET6 - */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 1) == 0); - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && - errno == ENOTCAPABLE); - types[0] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == 0); - - CHECK(runtest(capdns) == - (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET | GETHOSTBYNAME2_AF_INET6)); - - cap_close(capdns); - - /* - * Allow: - * type: ADDR - * family: AF_INET, AF_INET6 - */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 1) == 0); - types[1] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && - errno == ENOTCAPABLE); - types[0] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == 0); - - CHECK(runtest(capdns) == - (GETHOSTBYADDR_AF_INET | GETHOSTBYADDR_AF_INET6)); - - cap_close(capdns); - - /* - * Allow: - * type: NAME, ADDR - * family: AF_INET - */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "NAME"; - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == 0); - families[0] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 1) == 0); - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest(capdns) == - (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET | GETHOSTBYADDR_AF_INET)); - - cap_close(capdns); - - /* - * Allow: - * type: NAME, ADDR - * family: AF_INET6 - */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "NAME"; - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == 0); - families[0] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 1) == 0); - families[1] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest(capdns) == - (GETHOSTBYNAME2_AF_INET6 | GETHOSTBYADDR_AF_INET6)); - - cap_close(capdns); - - /* Below we also test further limiting capability. */ - - /* - * Allow: - * type: NAME - * family: AF_INET - */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "NAME"; - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == 0); - families[0] = AF_INET; - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == 0); - types[0] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 1) == 0); - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && - errno == ENOTCAPABLE); - types[0] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 1) == 0); - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest(capdns) == (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET)); - - cap_close(capdns); - - /* - * Allow: - * type: NAME - * family: AF_INET6 - */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "NAME"; - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == 0); - families[0] = AF_INET; - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == 0); - types[0] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 1) == 0); - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && - errno == ENOTCAPABLE); - types[0] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 1) == 0); - families[1] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest(capdns) == GETHOSTBYNAME2_AF_INET6); - - cap_close(capdns); - - /* - * Allow: - * type: ADDR - * family: AF_INET - */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "NAME"; - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == 0); - families[0] = AF_INET; - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == 0); - types[0] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 1) == 0); - types[1] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && - errno == ENOTCAPABLE); - types[0] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 1) == 0); - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest(capdns) == GETHOSTBYADDR_AF_INET); - - cap_close(capdns); - - /* - * Allow: - * type: ADDR - * family: AF_INET6 - */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "NAME"; - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == 0); - families[0] = AF_INET; - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == 0); - types[0] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 1) == 0); - types[1] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && - errno == ENOTCAPABLE); - types[0] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 1) == 0); - families[1] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest(capdns) == GETHOSTBYADDR_AF_INET6); - - cap_close(capdns); - - /* Trying to rise the limits. */ - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 1) == 0); - families[0] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 1) == 0); - - types[0] = "NAME"; - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && - errno == ENOTCAPABLE); - - types[0] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(cap_dns_type_limit(capdns, NULL, 0) == -1 && - errno == ENOTCAPABLE); - CHECK(cap_dns_family_limit(capdns, NULL, 0) == -1 && - errno == ENOTCAPABLE); - - /* Do the limits still hold? */ - CHECK(runtest(capdns) == (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET)); - - cap_close(capdns); - - capdns = cap_clone(origcapdns); - CHECK(capdns != NULL); - - types[0] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 1) == 0); - families[0] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 1) == 0); - - types[0] = "NAME"; - types[1] = "ADDR"; - CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - families[1] = AF_INET6; - CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && - errno == ENOTCAPABLE); - - types[0] = "NAME"; - CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && - errno == ENOTCAPABLE); - families[0] = AF_INET; - CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(cap_dns_type_limit(capdns, NULL, 0) == -1 && - errno == ENOTCAPABLE); - CHECK(cap_dns_family_limit(capdns, NULL, 0) == -1 && - errno == ENOTCAPABLE); - - /* Do the limits still hold? */ - CHECK(runtest(capdns) == GETHOSTBYADDR_AF_INET6); - - cap_close(capdns); - - cap_close(origcapdns); - - exit(0); -} Property changes on: head/tools/regression/capsicum/libcapsicum/dns.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/tools/regression/capsicum/libcapsicum/grp.c =================================================================== --- head/tools/regression/capsicum/libcapsicum/grp.c (revision 296046) +++ head/tools/regression/capsicum/libcapsicum/grp.c (nonexistent) @@ -1,1550 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -static int ntest = 1; - -#define CHECK(expr) do { \ - if ((expr)) \ - printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - else \ - printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - ntest++; \ -} while (0) -#define CHECKX(expr) do { \ - if ((expr)) { \ - printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - } else { \ - printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - exit(1); \ - } \ - ntest++; \ -} while (0) - -#define GID_WHEEL 0 -#define GID_OPERATOR 5 - -#define GETGRENT0 0x0001 -#define GETGRENT1 0x0002 -#define GETGRENT2 0x0004 -#define GETGRENT (GETGRENT0 | GETGRENT1 | GETGRENT2) -#define GETGRENT_R0 0x0008 -#define GETGRENT_R1 0x0010 -#define GETGRENT_R2 0x0020 -#define GETGRENT_R (GETGRENT_R0 | GETGRENT_R1 | GETGRENT_R2) -#define GETGRNAM 0x0040 -#define GETGRNAM_R 0x0080 -#define GETGRGID 0x0100 -#define GETGRGID_R 0x0200 -#define SETGRENT 0x0400 - -static bool -group_mem_compare(char **mem0, char **mem1) -{ - int i0, i1; - - if (mem0 == NULL && mem1 == NULL) - return (true); - if (mem0 == NULL || mem1 == NULL) - return (false); - - for (i0 = 0; mem0[i0] != NULL; i0++) { - for (i1 = 0; mem1[i1] != NULL; i1++) { - if (strcmp(mem0[i0], mem1[i1]) == 0) - break; - } - if (mem1[i1] == NULL) - return (false); - } - - return (true); -} - -static bool -group_compare(const struct group *grp0, const struct group *grp1) -{ - - if (grp0 == NULL && grp1 == NULL) - return (true); - if (grp0 == NULL || grp1 == NULL) - return (false); - - if (strcmp(grp0->gr_name, grp1->gr_name) != 0) - return (false); - - if (grp0->gr_passwd != NULL || grp1->gr_passwd != NULL) { - if (grp0->gr_passwd == NULL || grp1->gr_passwd == NULL) - return (false); - if (strcmp(grp0->gr_passwd, grp1->gr_passwd) != 0) - return (false); - } - - if (grp0->gr_gid != grp1->gr_gid) - return (false); - - if (!group_mem_compare(grp0->gr_mem, grp1->gr_mem)) - return (false); - - return (true); -} - -static unsigned int -runtest_cmds(cap_channel_t *capgrp) -{ - char bufs[1024], bufc[1024]; - unsigned int result; - struct group *grps, *grpc; - struct group sts, stc; - - result = 0; - - (void)setgrent(); - if (cap_setgrent(capgrp) == 1) - result |= SETGRENT; - - grps = getgrent(); - grpc = cap_getgrent(capgrp); - if (group_compare(grps, grpc)) { - result |= GETGRENT0; - grps = getgrent(); - grpc = cap_getgrent(capgrp); - if (group_compare(grps, grpc)) - result |= GETGRENT1; - } - - getgrent_r(&sts, bufs, sizeof(bufs), &grps); - cap_getgrent_r(capgrp, &stc, bufc, sizeof(bufc), &grpc); - if (group_compare(grps, grpc)) { - result |= GETGRENT_R0; - getgrent_r(&sts, bufs, sizeof(bufs), &grps); - cap_getgrent_r(capgrp, &stc, bufc, sizeof(bufc), &grpc); - if (group_compare(grps, grpc)) - result |= GETGRENT_R1; - } - - (void)setgrent(); - if (cap_setgrent(capgrp) == 1) - result |= SETGRENT; - - getgrent_r(&sts, bufs, sizeof(bufs), &grps); - cap_getgrent_r(capgrp, &stc, bufc, sizeof(bufc), &grpc); - if (group_compare(grps, grpc)) - result |= GETGRENT_R2; - - grps = getgrent(); - grpc = cap_getgrent(capgrp); - if (group_compare(grps, grpc)) - result |= GETGRENT2; - - grps = getgrnam("wheel"); - grpc = cap_getgrnam(capgrp, "wheel"); - if (group_compare(grps, grpc)) { - grps = getgrnam("operator"); - grpc = cap_getgrnam(capgrp, "operator"); - if (group_compare(grps, grpc)) - result |= GETGRNAM; - } - - getgrnam_r("wheel", &sts, bufs, sizeof(bufs), &grps); - cap_getgrnam_r(capgrp, "wheel", &stc, bufc, sizeof(bufc), &grpc); - if (group_compare(grps, grpc)) { - getgrnam_r("operator", &sts, bufs, sizeof(bufs), &grps); - cap_getgrnam_r(capgrp, "operator", &stc, bufc, sizeof(bufc), - &grpc); - if (group_compare(grps, grpc)) - result |= GETGRNAM_R; - } - - grps = getgrgid(GID_WHEEL); - grpc = cap_getgrgid(capgrp, GID_WHEEL); - if (group_compare(grps, grpc)) { - grps = getgrgid(GID_OPERATOR); - grpc = cap_getgrgid(capgrp, GID_OPERATOR); - if (group_compare(grps, grpc)) - result |= GETGRGID; - } - - getgrgid_r(GID_WHEEL, &sts, bufs, sizeof(bufs), &grps); - cap_getgrgid_r(capgrp, GID_WHEEL, &stc, bufc, sizeof(bufc), &grpc); - if (group_compare(grps, grpc)) { - getgrgid_r(GID_OPERATOR, &sts, bufs, sizeof(bufs), &grps); - cap_getgrgid_r(capgrp, GID_OPERATOR, &stc, bufc, sizeof(bufc), - &grpc); - if (group_compare(grps, grpc)) - result |= GETGRGID_R; - } - - return (result); -} - -static void -test_cmds(cap_channel_t *origcapgrp) -{ - cap_channel_t *capgrp; - const char *cmds[7], *fields[4], *names[5]; - gid_t gids[5]; - - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - - names[0] = "wheel"; - names[1] = "daemon"; - names[2] = "kmem"; - names[3] = "sys"; - names[4] = "operator"; - - gids[0] = 0; - gids[1] = 1; - gids[2] = 2; - gids[3] = 3; - gids[4] = 5; - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: wheel, daemon, kmem, sys, operator - * gids: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == 0); - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); - CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: - * gids: 0, 1, 2, 3, 5 - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == 0); - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: getgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: wheel, daemon, kmem, sys, operator - * gids: - * Disallow: - * cmds: setgrent - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "getgrent"; - cmds[1] = "getgrent_r"; - cmds[2] = "getgrnam"; - cmds[3] = "getgrnam_r"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "setgrent"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); - - CHECK(runtest_cmds(capgrp) == (GETGRENT0 | GETGRENT1 | GETGRENT_R0 | - GETGRENT_R1 | GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: getgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: - * gids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: setgrent - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "getgrent"; - cmds[1] = "getgrent_r"; - cmds[2] = "getgrnam"; - cmds[3] = "getgrnam_r"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "setgrent"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); - - CHECK(runtest_cmds(capgrp) == (GETGRENT0 | GETGRENT1 | GETGRENT_R0 | - GETGRENT_R1 | GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: wheel, daemon, kmem, sys, operator - * gids: - * Disallow: - * cmds: getgrent - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent_r"; - cmds[2] = "getgrnam"; - cmds[3] = "getgrnam_r"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrent"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); - CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT_R2 | - GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: - * gids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getgrent - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent_r"; - cmds[2] = "getgrnam"; - cmds[3] = "getgrnam_r"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrent"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT_R2 | - GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrnam, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: wheel, daemon, kmem, sys, operator - * gids: - * Disallow: - * cmds: getgrent_r - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrnam"; - cmds[3] = "getgrnam_r"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrent_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT0 | GETGRENT1 | - GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrnam, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: - * gids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getgrent_r - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrnam"; - cmds[3] = "getgrnam_r"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrent_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT0 | GETGRENT1 | - GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: wheel, daemon, kmem, sys, operator - * gids: - * Disallow: - * cmds: getgrnam - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam_r"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrnam"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); - CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam_r, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: - * gids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getgrnam - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam_r"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrnam"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM_R | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: wheel, daemon, kmem, sys, operator - * gids: - * Disallow: - * cmds: getgrnam_r - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrnam_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam, - * getgrgid, getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: - * gids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getgrnam_r - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrgid"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrnam_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM | GETGRGID | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: wheel, daemon, kmem, sys, operator - * gids: - * Disallow: - * cmds: getgrgid - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrgid"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); - CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM | GETGRNAM_R | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid_r - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: - * gids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getgrgid - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrgid"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM | GETGRNAM_R | GETGRGID_R)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: wheel, daemon, kmem, sys, operator - * gids: - * Disallow: - * cmds: getgrgid_r - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM | GETGRNAM_R | GETGRGID)); - - cap_close(capgrp); - - /* - * Allow: - * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, - * getgrgid - * fields: gr_name, gr_passwd, gr_gid, gr_mem - * groups: - * names: - * gids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getgrgid_r - * fields: - * groups: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); - cmds[0] = "setgrent"; - cmds[1] = "getgrent"; - cmds[2] = "getgrent_r"; - cmds[3] = "getgrnam"; - cmds[4] = "getgrnam_r"; - cmds[5] = "getgrgid"; - cmds[6] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getgrgid_r"; - CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM | GETGRNAM_R | GETGRGID)); - - cap_close(capgrp); -} - -#define GR_NAME 0x01 -#define GR_PASSWD 0x02 -#define GR_GID 0x04 -#define GR_MEM 0x08 - -static unsigned int -group_fields(const struct group *grp) -{ - unsigned int result; - - result = 0; - - if (grp->gr_name != NULL && grp->gr_name[0] != '\0') - result |= GR_NAME; - - if (grp->gr_passwd != NULL && grp->gr_passwd[0] != '\0') - result |= GR_PASSWD; - - if (grp->gr_gid != (gid_t)-1) - result |= GR_GID; - - if (grp->gr_mem != NULL && grp->gr_mem[0] != NULL) - result |= GR_MEM; - - return (result); -} - -static bool -runtest_fields(cap_channel_t *capgrp, unsigned int expected) -{ - char buf[1024]; - struct group *grp; - struct group st; - - (void)cap_setgrent(capgrp); - grp = cap_getgrent(capgrp); - if (group_fields(grp) != expected) - return (false); - - (void)cap_setgrent(capgrp); - cap_getgrent_r(capgrp, &st, buf, sizeof(buf), &grp); - if (group_fields(grp) != expected) - return (false); - - grp = cap_getgrnam(capgrp, "wheel"); - if (group_fields(grp) != expected) - return (false); - - cap_getgrnam_r(capgrp, "wheel", &st, buf, sizeof(buf), &grp); - if (group_fields(grp) != expected) - return (false); - - grp = cap_getgrgid(capgrp, GID_WHEEL); - if (group_fields(grp) != expected) - return (false); - - cap_getgrgid_r(capgrp, GID_WHEEL, &st, buf, sizeof(buf), &grp); - if (group_fields(grp) != expected) - return (false); - - return (true); -} - -static void -test_fields(cap_channel_t *origcapgrp) -{ - cap_channel_t *capgrp; - const char *fields[4]; - - /* No limits. */ - - CHECK(runtest_fields(origcapgrp, GR_NAME | GR_PASSWD | GR_GID | GR_MEM)); - - /* - * Allow: - * fields: gr_name, gr_passwd, gr_gid, gr_mem - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); - - CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD | GR_GID | GR_MEM)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_passwd, gr_gid, gr_mem - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_passwd"; - fields[1] = "gr_gid"; - fields[2] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_PASSWD | GR_GID | GR_MEM)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_name, gr_gid, gr_mem - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_name"; - fields[1] = "gr_gid"; - fields[2] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "gr_passwd"; - CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_NAME | GR_GID | GR_MEM)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_name, gr_passwd, gr_mem - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "gr_gid"; - CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD | GR_MEM)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_name, gr_passwd, gr_gid - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD | GR_GID)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_name, gr_passwd - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "gr_gid"; - CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_name, gr_gid - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_name"; - fields[1] = "gr_gid"; - CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_NAME | GR_GID)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_name, gr_mem - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_name"; - fields[1] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "gr_passwd"; - CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_NAME | GR_MEM)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_passwd, gr_gid - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_passwd"; - fields[1] = "gr_gid"; - CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_PASSWD | GR_GID)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_passwd, gr_mem - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_passwd"; - fields[1] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "gr_gid"; - CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_PASSWD | GR_MEM)); - - cap_close(capgrp); - - /* - * Allow: - * fields: gr_gid, gr_mem - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - fields[0] = "gr_gid"; - fields[1] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); - fields[0] = "gr_name"; - fields[1] = "gr_passwd"; - fields[2] = "gr_gid"; - fields[3] = "gr_mem"; - CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "gr_passwd"; - CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(capgrp, GR_GID | GR_MEM)); - - cap_close(capgrp); -} - -static bool -runtest_groups(cap_channel_t *capgrp, const char **names, const gid_t *gids, - size_t ngroups) -{ - char buf[1024]; - struct group *grp; - struct group st; - unsigned int i, got; - - (void)cap_setgrent(capgrp); - got = 0; - for (;;) { - grp = cap_getgrent(capgrp); - if (grp == NULL) - break; - got++; - for (i = 0; i < ngroups; i++) { - if (strcmp(names[i], grp->gr_name) == 0 && - gids[i] == grp->gr_gid) { - break; - } - } - if (i == ngroups) - return (false); - } - if (got != ngroups) - return (false); - - (void)cap_setgrent(capgrp); - got = 0; - for (;;) { - cap_getgrent_r(capgrp, &st, buf, sizeof(buf), &grp); - if (grp == NULL) - break; - got++; - for (i = 0; i < ngroups; i++) { - if (strcmp(names[i], grp->gr_name) == 0 && - gids[i] == grp->gr_gid) { - break; - } - } - if (i == ngroups) - return (false); - } - if (got != ngroups) - return (false); - - for (i = 0; i < ngroups; i++) { - grp = cap_getgrnam(capgrp, names[i]); - if (grp == NULL) - return (false); - } - - for (i = 0; i < ngroups; i++) { - cap_getgrnam_r(capgrp, names[i], &st, buf, sizeof(buf), &grp); - if (grp == NULL) - return (false); - } - - for (i = 0; i < ngroups; i++) { - grp = cap_getgrgid(capgrp, gids[i]); - if (grp == NULL) - return (false); - } - - for (i = 0; i < ngroups; i++) { - cap_getgrgid_r(capgrp, gids[i], &st, buf, sizeof(buf), &grp); - if (grp == NULL) - return (false); - } - - return (true); -} - -static void -test_groups(cap_channel_t *origcapgrp) -{ - cap_channel_t *capgrp; - const char *names[5]; - gid_t gids[5]; - - /* - * Allow: - * groups: - * names: wheel, daemon, kmem, sys, tty - * gids: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - names[0] = "wheel"; - names[1] = "daemon"; - names[2] = "kmem"; - names[3] = "sys"; - names[4] = "tty"; - CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); - gids[0] = 0; - gids[1] = 1; - gids[2] = 2; - gids[3] = 3; - gids[4] = 4; - - CHECK(runtest_groups(capgrp, names, gids, 5)); - - cap_close(capgrp); - - /* - * Allow: - * groups: - * names: kmem, sys, tty - * gids: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - names[0] = "kmem"; - names[1] = "sys"; - names[2] = "tty"; - CHECK(cap_grp_limit_groups(capgrp, names, 3, NULL, 0) == 0); - names[3] = "daemon"; - CHECK(cap_grp_limit_groups(capgrp, names, 4, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "daemon"; - CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "kmem"; - gids[0] = 2; - gids[1] = 3; - gids[2] = 4; - - CHECK(runtest_groups(capgrp, names, gids, 3)); - - cap_close(capgrp); - - /* - * Allow: - * groups: - * names: wheel, kmem, tty - * gids: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - names[0] = "wheel"; - names[1] = "kmem"; - names[2] = "tty"; - CHECK(cap_grp_limit_groups(capgrp, names, 3, NULL, 0) == 0); - names[3] = "daemon"; - CHECK(cap_grp_limit_groups(capgrp, names, 4, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "daemon"; - CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "wheel"; - gids[0] = 0; - gids[1] = 2; - gids[2] = 4; - - CHECK(runtest_groups(capgrp, names, gids, 3)); - - cap_close(capgrp); - - /* - * Allow: - * groups: - * names: - * gids: 2, 3, 4 - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - names[0] = "kmem"; - names[1] = "sys"; - names[2] = "tty"; - gids[0] = 2; - gids[1] = 3; - gids[2] = 4; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 3) == 0); - gids[3] = 0; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 4) == -1 && - errno == ENOTCAPABLE); - gids[0] = 0; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 && - errno == ENOTCAPABLE); - gids[0] = 2; - - CHECK(runtest_groups(capgrp, names, gids, 3)); - - cap_close(capgrp); - - /* - * Allow: - * groups: - * names: - * gids: 0, 2, 4 - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - names[0] = "wheel"; - names[1] = "kmem"; - names[2] = "tty"; - gids[0] = 0; - gids[1] = 2; - gids[2] = 4; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 3) == 0); - gids[3] = 1; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 4) == -1 && - errno == ENOTCAPABLE); - gids[0] = 1; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 && - errno == ENOTCAPABLE); - gids[0] = 0; - - CHECK(runtest_groups(capgrp, names, gids, 3)); - - cap_close(capgrp); - - /* - * Allow: - * groups: - * names: kmem - * gids: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - names[0] = "kmem"; - CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == 0); - names[1] = "daemon"; - CHECK(cap_grp_limit_groups(capgrp, names, 2, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "daemon"; - CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "kmem"; - gids[0] = 2; - - CHECK(runtest_groups(capgrp, names, gids, 1)); - - cap_close(capgrp); - - /* - * Allow: - * groups: - * names: wheel, tty - * gids: - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - names[0] = "wheel"; - names[1] = "tty"; - CHECK(cap_grp_limit_groups(capgrp, names, 2, NULL, 0) == 0); - names[2] = "daemon"; - CHECK(cap_grp_limit_groups(capgrp, names, 3, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "daemon"; - CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "wheel"; - gids[0] = 0; - gids[1] = 4; - - CHECK(runtest_groups(capgrp, names, gids, 2)); - - cap_close(capgrp); - - /* - * Allow: - * groups: - * names: - * gids: 2 - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - names[0] = "kmem"; - gids[0] = 2; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == 0); - gids[1] = 1; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 2) == -1 && - errno == ENOTCAPABLE); - gids[0] = 1; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 && - errno == ENOTCAPABLE); - gids[0] = 2; - - CHECK(runtest_groups(capgrp, names, gids, 1)); - - cap_close(capgrp); - - /* - * Allow: - * groups: - * names: - * gids: 0, 4 - */ - capgrp = cap_clone(origcapgrp); - CHECK(capgrp != NULL); - - names[0] = "wheel"; - names[1] = "tty"; - gids[0] = 0; - gids[1] = 4; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 2) == 0); - gids[2] = 1; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 3) == -1 && - errno == ENOTCAPABLE); - gids[0] = 1; - CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 && - errno == ENOTCAPABLE); - gids[0] = 0; - - CHECK(runtest_groups(capgrp, names, gids, 2)); - - cap_close(capgrp); -} - -int -main(void) -{ - cap_channel_t *capcas, *capgrp; - - printf("1..199\n"); - - capcas = cap_init(); - CHECKX(capcas != NULL); - - capgrp = cap_service_open(capcas, "system.grp"); - CHECKX(capgrp != NULL); - - cap_close(capcas); - - /* No limits. */ - - CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | - GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); - - test_cmds(capgrp); - - test_fields(capgrp); - - test_groups(capgrp); - - cap_close(capgrp); - - exit(0); -} Property changes on: head/tools/regression/capsicum/libcapsicum/grp.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/tools/regression/capsicum/libcapsicum/pwd.c =================================================================== --- head/tools/regression/capsicum/libcapsicum/pwd.c (revision 296046) +++ head/tools/regression/capsicum/libcapsicum/pwd.c (nonexistent) @@ -1,1536 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -static int ntest = 1; - -#define CHECK(expr) do { \ - if ((expr)) \ - printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - else \ - printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__);\ - ntest++; \ -} while (0) -#define CHECKX(expr) do { \ - if ((expr)) { \ - printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - } else { \ - printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__);\ - exit(1); \ - } \ - ntest++; \ -} while (0) - -#define UID_ROOT 0 -#define UID_OPERATOR 2 - -#define GETPWENT0 0x0001 -#define GETPWENT1 0x0002 -#define GETPWENT2 0x0004 -#define GETPWENT (GETPWENT0 | GETPWENT1 | GETPWENT2) -#define GETPWENT_R0 0x0008 -#define GETPWENT_R1 0x0010 -#define GETPWENT_R2 0x0020 -#define GETPWENT_R (GETPWENT_R0 | GETPWENT_R1 | GETPWENT_R2) -#define GETPWNAM 0x0040 -#define GETPWNAM_R 0x0080 -#define GETPWUID 0x0100 -#define GETPWUID_R 0x0200 - -static bool -passwd_compare(const struct passwd *pwd0, const struct passwd *pwd1) -{ - - if (pwd0 == NULL && pwd1 == NULL) - return (true); - if (pwd0 == NULL || pwd1 == NULL) - return (false); - - if (strcmp(pwd0->pw_name, pwd1->pw_name) != 0) - return (false); - - if (pwd0->pw_passwd != NULL || pwd1->pw_passwd != NULL) { - if (pwd0->pw_passwd == NULL || pwd1->pw_passwd == NULL) - return (false); - if (strcmp(pwd0->pw_passwd, pwd1->pw_passwd) != 0) - return (false); - } - - if (pwd0->pw_uid != pwd1->pw_uid) - return (false); - - if (pwd0->pw_gid != pwd1->pw_gid) - return (false); - - if (pwd0->pw_change != pwd1->pw_change) - return (false); - - if (pwd0->pw_class != NULL || pwd1->pw_class != NULL) { - if (pwd0->pw_class == NULL || pwd1->pw_class == NULL) - return (false); - if (strcmp(pwd0->pw_class, pwd1->pw_class) != 0) - return (false); - } - - if (pwd0->pw_gecos != NULL || pwd1->pw_gecos != NULL) { - if (pwd0->pw_gecos == NULL || pwd1->pw_gecos == NULL) - return (false); - if (strcmp(pwd0->pw_gecos, pwd1->pw_gecos) != 0) - return (false); - } - - if (pwd0->pw_dir != NULL || pwd1->pw_dir != NULL) { - if (pwd0->pw_dir == NULL || pwd1->pw_dir == NULL) - return (false); - if (strcmp(pwd0->pw_dir, pwd1->pw_dir) != 0) - return (false); - } - - if (pwd0->pw_shell != NULL || pwd1->pw_shell != NULL) { - if (pwd0->pw_shell == NULL || pwd1->pw_shell == NULL) - return (false); - if (strcmp(pwd0->pw_shell, pwd1->pw_shell) != 0) - return (false); - } - - if (pwd0->pw_expire != pwd1->pw_expire) - return (false); - - if (pwd0->pw_fields != pwd1->pw_fields) - return (false); - - return (true); -} - -static unsigned int -runtest_cmds(cap_channel_t *cappwd) -{ - char bufs[1024], bufc[1024]; - unsigned int result; - struct passwd *pwds, *pwdc; - struct passwd sts, stc; - - result = 0; - - setpwent(); - cap_setpwent(cappwd); - - pwds = getpwent(); - pwdc = cap_getpwent(cappwd); - if (passwd_compare(pwds, pwdc)) { - result |= GETPWENT0; - pwds = getpwent(); - pwdc = cap_getpwent(cappwd); - if (passwd_compare(pwds, pwdc)) - result |= GETPWENT1; - } - - getpwent_r(&sts, bufs, sizeof(bufs), &pwds); - cap_getpwent_r(cappwd, &stc, bufc, sizeof(bufc), &pwdc); - if (passwd_compare(pwds, pwdc)) { - result |= GETPWENT_R0; - getpwent_r(&sts, bufs, sizeof(bufs), &pwds); - cap_getpwent_r(cappwd, &stc, bufc, sizeof(bufc), &pwdc); - if (passwd_compare(pwds, pwdc)) - result |= GETPWENT_R1; - } - - setpwent(); - cap_setpwent(cappwd); - - getpwent_r(&sts, bufs, sizeof(bufs), &pwds); - cap_getpwent_r(cappwd, &stc, bufc, sizeof(bufc), &pwdc); - if (passwd_compare(pwds, pwdc)) - result |= GETPWENT_R2; - - pwds = getpwent(); - pwdc = cap_getpwent(cappwd); - if (passwd_compare(pwds, pwdc)) - result |= GETPWENT2; - - pwds = getpwnam("root"); - pwdc = cap_getpwnam(cappwd, "root"); - if (passwd_compare(pwds, pwdc)) { - pwds = getpwnam("operator"); - pwdc = cap_getpwnam(cappwd, "operator"); - if (passwd_compare(pwds, pwdc)) - result |= GETPWNAM; - } - - getpwnam_r("root", &sts, bufs, sizeof(bufs), &pwds); - cap_getpwnam_r(cappwd, "root", &stc, bufc, sizeof(bufc), &pwdc); - if (passwd_compare(pwds, pwdc)) { - getpwnam_r("operator", &sts, bufs, sizeof(bufs), &pwds); - cap_getpwnam_r(cappwd, "operator", &stc, bufc, sizeof(bufc), - &pwdc); - if (passwd_compare(pwds, pwdc)) - result |= GETPWNAM_R; - } - - pwds = getpwuid(UID_ROOT); - pwdc = cap_getpwuid(cappwd, UID_ROOT); - if (passwd_compare(pwds, pwdc)) { - pwds = getpwuid(UID_OPERATOR); - pwdc = cap_getpwuid(cappwd, UID_OPERATOR); - if (passwd_compare(pwds, pwdc)) - result |= GETPWUID; - } - - getpwuid_r(UID_ROOT, &sts, bufs, sizeof(bufs), &pwds); - cap_getpwuid_r(cappwd, UID_ROOT, &stc, bufc, sizeof(bufc), &pwdc); - if (passwd_compare(pwds, pwdc)) { - getpwuid_r(UID_OPERATOR, &sts, bufs, sizeof(bufs), &pwds); - cap_getpwuid_r(cappwd, UID_OPERATOR, &stc, bufc, sizeof(bufc), - &pwdc); - if (passwd_compare(pwds, pwdc)) - result |= GETPWUID_R; - } - - return (result); -} - -static void -test_cmds(cap_channel_t *origcappwd) -{ - cap_channel_t *cappwd; - const char *cmds[7], *fields[10], *names[6]; - uid_t uids[5]; - - fields[0] = "pw_name"; - fields[1] = "pw_passwd"; - fields[2] = "pw_uid"; - fields[3] = "pw_gid"; - fields[4] = "pw_change"; - fields[5] = "pw_class"; - fields[6] = "pw_gecos"; - fields[7] = "pw_dir"; - fields[8] = "pw_shell"; - fields[9] = "pw_expire"; - - names[0] = "root"; - names[1] = "toor"; - names[2] = "daemon"; - names[3] = "operator"; - names[4] = "bin"; - names[5] = "kmem"; - - uids[0] = 0; - uids[1] = 1; - uids[2] = 2; - uids[3] = 3; - uids[4] = 5; - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: root, toor, daemon, operator, bin, kmem - * uids: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == 0); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: - * uids: 0, 1, 2, 3, 5 - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == 0); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: getpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: root, toor, daemon, operator, bin, kmem - * uids: - * Disallow: - * cmds: setpwent - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cap_setpwent(cappwd); - - cmds[0] = "getpwent"; - cmds[1] = "getpwent_r"; - cmds[2] = "getpwnam"; - cmds[3] = "getpwnam_r"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "setpwent"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT0 | GETPWENT1 | GETPWENT_R0 | - GETPWENT_R1 | GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: getpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: - * uids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: setpwent - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cap_setpwent(cappwd); - - cmds[0] = "getpwent"; - cmds[1] = "getpwent_r"; - cmds[2] = "getpwnam"; - cmds[3] = "getpwnam_r"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "setpwent"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT0 | GETPWENT1 | GETPWENT_R0 | - GETPWENT_R1 | GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: root, toor, daemon, operator, bin, kmem - * uids: - * Disallow: - * cmds: getpwent - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent_r"; - cmds[2] = "getpwnam"; - cmds[3] = "getpwnam_r"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwent"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT_R2 | - GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: - * uids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getpwent - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent_r"; - cmds[2] = "getpwnam"; - cmds[3] = "getpwnam_r"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwent"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT_R2 | - GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwnam, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: root, toor, daemon, operator, bin, kmem - * uids: - * Disallow: - * cmds: getpwent_r - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwnam"; - cmds[3] = "getpwnam_r"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwent_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT0 | GETPWENT1 | - GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwnam, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: - * uids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getpwent_r - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwnam"; - cmds[3] = "getpwnam_r"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwent_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT0 | GETPWENT1 | - GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: root, toor, daemon, operator, bin, kmem - * uids: - * Disallow: - * cmds: getpwnam - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam_r"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwnam"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam_r, - * getpwuid, getpwuid_r - * users: - * names: - * uids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getpwnam - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam_r"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwnam"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM_R | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam, - * getpwuid, getpwuid_r - * users: - * names: root, toor, daemon, operator, bin, kmem - * uids: - * Disallow: - * cmds: getpwnam_r - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwnam_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam, - * getpwuid, getpwuid_r - * users: - * names: - * uids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getpwnam_r - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwuid"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwnam_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM | GETPWUID | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid_r - * users: - * names: root, toor, daemon, operator, bin, kmem - * uids: - * Disallow: - * cmds: getpwuid - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwuid"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM | GETPWNAM_R | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid_r - * users: - * names: - * uids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getpwuid - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwuid"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM | GETPWNAM_R | GETPWUID_R)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid - * users: - * names: root, toor, daemon, operator, bin, kmem - * uids: - * Disallow: - * cmds: getpwuid_r - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM | GETPWNAM_R | GETPWUID)); - - cap_close(cappwd); - - /* - * Allow: - * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, - * getpwuid - * users: - * names: - * uids: 0, 1, 2, 3, 5 - * Disallow: - * cmds: getpwuid_r - * users: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); - cmds[0] = "setpwent"; - cmds[1] = "getpwent"; - cmds[2] = "getpwent_r"; - cmds[3] = "getpwnam"; - cmds[4] = "getpwnam_r"; - cmds[5] = "getpwuid"; - cmds[6] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); - cmds[0] = "getpwuid_r"; - CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | - GETPWNAM | GETPWNAM_R | GETPWUID)); - - cap_close(cappwd); -} - -#define PW_NAME _PWF_NAME -#define PW_PASSWD _PWF_PASSWD -#define PW_UID _PWF_UID -#define PW_GID _PWF_GID -#define PW_CHANGE _PWF_CHANGE -#define PW_CLASS _PWF_CLASS -#define PW_GECOS _PWF_GECOS -#define PW_DIR _PWF_DIR -#define PW_SHELL _PWF_SHELL -#define PW_EXPIRE _PWF_EXPIRE - -static unsigned int -passwd_fields(const struct passwd *pwd) -{ - unsigned int result; - - result = 0; - - if (pwd->pw_name != NULL && pwd->pw_name[0] != '\0') - result |= PW_NAME; -// else -// printf("No pw_name\n"); - - if (pwd->pw_passwd != NULL && pwd->pw_passwd[0] != '\0') - result |= PW_PASSWD; - else if ((pwd->pw_fields & _PWF_PASSWD) != 0) - result |= PW_PASSWD; -// else -// printf("No pw_passwd\n"); - - if (pwd->pw_uid != (uid_t)-1) - result |= PW_UID; -// else -// printf("No pw_uid\n"); - - if (pwd->pw_gid != (gid_t)-1) - result |= PW_GID; -// else -// printf("No pw_gid\n"); - - if (pwd->pw_change != 0 || (pwd->pw_fields & _PWF_CHANGE) != 0) - result |= PW_CHANGE; -// else -// printf("No pw_change\n"); - - if (pwd->pw_class != NULL && pwd->pw_class[0] != '\0') - result |= PW_CLASS; - else if ((pwd->pw_fields & _PWF_CLASS) != 0) - result |= PW_CLASS; -// else -// printf("No pw_class\n"); - - if (pwd->pw_gecos != NULL && pwd->pw_gecos[0] != '\0') - result |= PW_GECOS; - else if ((pwd->pw_fields & _PWF_GECOS) != 0) - result |= PW_GECOS; -// else -// printf("No pw_gecos\n"); - - if (pwd->pw_dir != NULL && pwd->pw_dir[0] != '\0') - result |= PW_DIR; - else if ((pwd->pw_fields & _PWF_DIR) != 0) - result |= PW_DIR; -// else -// printf("No pw_dir\n"); - - if (pwd->pw_shell != NULL && pwd->pw_shell[0] != '\0') - result |= PW_SHELL; - else if ((pwd->pw_fields & _PWF_SHELL) != 0) - result |= PW_SHELL; -// else -// printf("No pw_shell\n"); - - if (pwd->pw_expire != 0 || (pwd->pw_fields & _PWF_EXPIRE) != 0) - result |= PW_EXPIRE; -// else -// printf("No pw_expire\n"); - -if (false && pwd->pw_fields != (int)result) { -printf("fields=0x%x != result=0x%x\n", (const unsigned int)pwd->pw_fields, result); -printf(" fields result\n"); -printf("PW_NAME %d %d\n", (pwd->pw_fields & PW_NAME) != 0, (result & PW_NAME) != 0); -printf("PW_PASSWD %d %d\n", (pwd->pw_fields & PW_PASSWD) != 0, (result & PW_PASSWD) != 0); -printf("PW_UID %d %d\n", (pwd->pw_fields & PW_UID) != 0, (result & PW_UID) != 0); -printf("PW_GID %d %d\n", (pwd->pw_fields & PW_GID) != 0, (result & PW_GID) != 0); -printf("PW_CHANGE %d %d\n", (pwd->pw_fields & PW_CHANGE) != 0, (result & PW_CHANGE) != 0); -printf("PW_CLASS %d %d\n", (pwd->pw_fields & PW_CLASS) != 0, (result & PW_CLASS) != 0); -printf("PW_GECOS %d %d\n", (pwd->pw_fields & PW_GECOS) != 0, (result & PW_GECOS) != 0); -printf("PW_DIR %d %d\n", (pwd->pw_fields & PW_DIR) != 0, (result & PW_DIR) != 0); -printf("PW_SHELL %d %d\n", (pwd->pw_fields & PW_SHELL) != 0, (result & PW_SHELL) != 0); -printf("PW_EXPIRE %d %d\n", (pwd->pw_fields & PW_EXPIRE) != 0, (result & PW_EXPIRE) != 0); -} - -//printf("result=0x%x\n", result); - return (result); -} - -static bool -runtest_fields(cap_channel_t *cappwd, unsigned int expected) -{ - char buf[1024]; - struct passwd *pwd; - struct passwd st; - -//printf("expected=0x%x\n", expected); - cap_setpwent(cappwd); - pwd = cap_getpwent(cappwd); - if ((passwd_fields(pwd) & ~expected) != 0) - return (false); - - cap_setpwent(cappwd); - cap_getpwent_r(cappwd, &st, buf, sizeof(buf), &pwd); - if ((passwd_fields(pwd) & ~expected) != 0) - return (false); - - pwd = cap_getpwnam(cappwd, "root"); - if ((passwd_fields(pwd) & ~expected) != 0) - return (false); - - cap_getpwnam_r(cappwd, "root", &st, buf, sizeof(buf), &pwd); - if ((passwd_fields(pwd) & ~expected) != 0) - return (false); - - pwd = cap_getpwuid(cappwd, UID_ROOT); - if ((passwd_fields(pwd) & ~expected) != 0) - return (false); - - cap_getpwuid_r(cappwd, UID_ROOT, &st, buf, sizeof(buf), &pwd); - if ((passwd_fields(pwd) & ~expected) != 0) - return (false); - - return (true); -} - -static void -test_fields(cap_channel_t *origcappwd) -{ - cap_channel_t *cappwd; - const char *fields[10]; - - /* No limits. */ - - CHECK(runtest_fields(origcappwd, PW_NAME | PW_PASSWD | PW_UID | - PW_GID | PW_CHANGE | PW_CLASS | PW_GECOS | PW_DIR | PW_SHELL | - PW_EXPIRE)); - - /* - * Allow: - * fields: pw_name, pw_passwd, pw_uid, pw_gid, pw_change, pw_class, - * pw_gecos, pw_dir, pw_shell, pw_expire - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - fields[0] = "pw_name"; - fields[1] = "pw_passwd"; - fields[2] = "pw_uid"; - fields[3] = "pw_gid"; - fields[4] = "pw_change"; - fields[5] = "pw_class"; - fields[6] = "pw_gecos"; - fields[7] = "pw_dir"; - fields[8] = "pw_shell"; - fields[9] = "pw_expire"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); - - CHECK(runtest_fields(origcappwd, PW_NAME | PW_PASSWD | PW_UID | - PW_GID | PW_CHANGE | PW_CLASS | PW_GECOS | PW_DIR | PW_SHELL | - PW_EXPIRE)); - - cap_close(cappwd); - - /* - * Allow: - * fields: pw_name, pw_passwd, pw_uid, pw_gid, pw_change - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - fields[0] = "pw_name"; - fields[1] = "pw_passwd"; - fields[2] = "pw_uid"; - fields[3] = "pw_gid"; - fields[4] = "pw_change"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 5) == 0); - fields[5] = "pw_class"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 6) == -1 && - errno == ENOTCAPABLE); - fields[0] = "pw_class"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(cappwd, PW_NAME | PW_PASSWD | PW_UID | - PW_GID | PW_CHANGE)); - - cap_close(cappwd); - - /* - * Allow: - * fields: pw_class, pw_gecos, pw_dir, pw_shell, pw_expire - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - fields[0] = "pw_class"; - fields[1] = "pw_gecos"; - fields[2] = "pw_dir"; - fields[3] = "pw_shell"; - fields[4] = "pw_expire"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 5) == 0); - fields[5] = "pw_uid"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 6) == -1 && - errno == ENOTCAPABLE); - fields[0] = "pw_uid"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(cappwd, PW_CLASS | PW_GECOS | PW_DIR | - PW_SHELL | PW_EXPIRE)); - - cap_close(cappwd); - - /* - * Allow: - * fields: pw_name, pw_uid, pw_change, pw_gecos, pw_shell - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - fields[0] = "pw_name"; - fields[1] = "pw_uid"; - fields[2] = "pw_change"; - fields[3] = "pw_gecos"; - fields[4] = "pw_shell"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 5) == 0); - fields[5] = "pw_class"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 6) == -1 && - errno == ENOTCAPABLE); - fields[0] = "pw_class"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(cappwd, PW_NAME | PW_UID | PW_CHANGE | - PW_GECOS | PW_SHELL)); - - cap_close(cappwd); - - /* - * Allow: - * fields: pw_passwd, pw_gid, pw_class, pw_dir, pw_expire - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - fields[0] = "pw_passwd"; - fields[1] = "pw_gid"; - fields[2] = "pw_class"; - fields[3] = "pw_dir"; - fields[4] = "pw_expire"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 5) == 0); - fields[5] = "pw_uid"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 6) == -1 && - errno == ENOTCAPABLE); - fields[0] = "pw_uid"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(cappwd, PW_PASSWD | PW_GID | PW_CLASS | - PW_DIR | PW_EXPIRE)); - - cap_close(cappwd); - - /* - * Allow: - * fields: pw_uid, pw_class, pw_shell - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - fields[0] = "pw_uid"; - fields[1] = "pw_class"; - fields[2] = "pw_shell"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 3) == 0); - fields[3] = "pw_change"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 4) == -1 && - errno == ENOTCAPABLE); - fields[0] = "pw_change"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(cappwd, PW_UID | PW_CLASS | PW_SHELL)); - - cap_close(cappwd); - - /* - * Allow: - * fields: pw_change - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - fields[0] = "pw_change"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == 0); - fields[1] = "pw_uid"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 2) == -1 && - errno == ENOTCAPABLE); - fields[0] = "pw_uid"; - CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && - errno == ENOTCAPABLE); - - CHECK(runtest_fields(cappwd, PW_CHANGE)); - - cap_close(cappwd); -} - -static bool -runtest_users(cap_channel_t *cappwd, const char **names, const uid_t *uids, - size_t nusers) -{ - char buf[1024]; - struct passwd *pwd; - struct passwd st; - unsigned int i, got; - - cap_setpwent(cappwd); - got = 0; - for (;;) { - pwd = cap_getpwent(cappwd); - if (pwd == NULL) - break; - got++; - for (i = 0; i < nusers; i++) { - if (strcmp(names[i], pwd->pw_name) == 0 && - uids[i] == pwd->pw_uid) { - break; - } - } - if (i == nusers) - return (false); - } - if (got != nusers) - return (false); - - cap_setpwent(cappwd); - got = 0; - for (;;) { - cap_getpwent_r(cappwd, &st, buf, sizeof(buf), &pwd); - if (pwd == NULL) - break; - got++; - for (i = 0; i < nusers; i++) { - if (strcmp(names[i], pwd->pw_name) == 0 && - uids[i] == pwd->pw_uid) { - break; - } - } - if (i == nusers) - return (false); - } - if (got != nusers) - return (false); - - for (i = 0; i < nusers; i++) { - pwd = cap_getpwnam(cappwd, names[i]); - if (pwd == NULL) - return (false); - } - - for (i = 0; i < nusers; i++) { - cap_getpwnam_r(cappwd, names[i], &st, buf, sizeof(buf), &pwd); - if (pwd == NULL) - return (false); - } - - for (i = 0; i < nusers; i++) { - pwd = cap_getpwuid(cappwd, uids[i]); - if (pwd == NULL) - return (false); - } - - for (i = 0; i < nusers; i++) { - cap_getpwuid_r(cappwd, uids[i], &st, buf, sizeof(buf), &pwd); - if (pwd == NULL) - return (false); - } - - return (true); -} - -static void -test_users(cap_channel_t *origcappwd) -{ - cap_channel_t *cappwd; - const char *names[6]; - uid_t uids[6]; - - /* - * Allow: - * users: - * names: root, toor, daemon, operator, bin, tty - * uids: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - names[0] = "root"; - names[1] = "toor"; - names[2] = "daemon"; - names[3] = "operator"; - names[4] = "bin"; - names[5] = "tty"; - CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); - uids[0] = 0; - uids[1] = 0; - uids[2] = 1; - uids[3] = 2; - uids[4] = 3; - uids[5] = 4; - - CHECK(runtest_users(cappwd, names, uids, 6)); - - cap_close(cappwd); - - /* - * Allow: - * users: - * names: daemon, operator, bin - * uids: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - names[0] = "daemon"; - names[1] = "operator"; - names[2] = "bin"; - CHECK(cap_pwd_limit_users(cappwd, names, 3, NULL, 0) == 0); - names[3] = "tty"; - CHECK(cap_pwd_limit_users(cappwd, names, 4, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "tty"; - CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "daemon"; - uids[0] = 1; - uids[1] = 2; - uids[2] = 3; - - CHECK(runtest_users(cappwd, names, uids, 3)); - - cap_close(cappwd); - - /* - * Allow: - * users: - * names: daemon, bin, tty - * uids: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - names[0] = "daemon"; - names[1] = "bin"; - names[2] = "tty"; - CHECK(cap_pwd_limit_users(cappwd, names, 3, NULL, 0) == 0); - names[3] = "operator"; - CHECK(cap_pwd_limit_users(cappwd, names, 4, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "operator"; - CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "daemon"; - uids[0] = 1; - uids[1] = 3; - uids[2] = 4; - - CHECK(runtest_users(cappwd, names, uids, 3)); - - cap_close(cappwd); - - /* - * Allow: - * users: - * names: - * uids: 1, 2, 3 - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - names[0] = "daemon"; - names[1] = "operator"; - names[2] = "bin"; - uids[0] = 1; - uids[1] = 2; - uids[2] = 3; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 3) == 0); - uids[3] = 4; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 4) == -1 && - errno == ENOTCAPABLE); - uids[0] = 4; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == -1 && - errno == ENOTCAPABLE); - uids[0] = 1; - - CHECK(runtest_users(cappwd, names, uids, 3)); - - cap_close(cappwd); - - /* - * Allow: - * users: - * names: - * uids: 1, 3, 4 - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - names[0] = "daemon"; - names[1] = "bin"; - names[2] = "tty"; - uids[0] = 1; - uids[1] = 3; - uids[2] = 4; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 3) == 0); - uids[3] = 5; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 4) == -1 && - errno == ENOTCAPABLE); - uids[0] = 5; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == -1 && - errno == ENOTCAPABLE); - uids[0] = 1; - - CHECK(runtest_users(cappwd, names, uids, 3)); - - cap_close(cappwd); - - /* - * Allow: - * users: - * names: bin - * uids: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - names[0] = "bin"; - CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == 0); - names[1] = "operator"; - CHECK(cap_pwd_limit_users(cappwd, names, 2, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "operator"; - CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "bin"; - uids[0] = 3; - - CHECK(runtest_users(cappwd, names, uids, 1)); - - cap_close(cappwd); - - /* - * Allow: - * users: - * names: daemon, tty - * uids: - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - names[0] = "daemon"; - names[1] = "tty"; - CHECK(cap_pwd_limit_users(cappwd, names, 2, NULL, 0) == 0); - names[2] = "operator"; - CHECK(cap_pwd_limit_users(cappwd, names, 3, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "operator"; - CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == -1 && - errno == ENOTCAPABLE); - names[0] = "daemon"; - uids[0] = 1; - uids[1] = 4; - - CHECK(runtest_users(cappwd, names, uids, 2)); - - cap_close(cappwd); - - /* - * Allow: - * users: - * names: - * uids: 3 - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - names[0] = "bin"; - uids[0] = 3; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == 0); - uids[1] = 4; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 2) == -1 && - errno == ENOTCAPABLE); - uids[0] = 4; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == -1 && - errno == ENOTCAPABLE); - uids[0] = 3; - - CHECK(runtest_users(cappwd, names, uids, 1)); - - cap_close(cappwd); - - /* - * Allow: - * users: - * names: - * uids: 1, 4 - */ - cappwd = cap_clone(origcappwd); - CHECK(cappwd != NULL); - - names[0] = "daemon"; - names[1] = "tty"; - uids[0] = 1; - uids[1] = 4; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 2) == 0); - uids[2] = 3; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 3) == -1 && - errno == ENOTCAPABLE); - uids[0] = 3; - CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == -1 && - errno == ENOTCAPABLE); - uids[0] = 1; - - CHECK(runtest_users(cappwd, names, uids, 2)); - - cap_close(cappwd); -} - -int -main(void) -{ - cap_channel_t *capcas, *cappwd; - - printf("1..188\n"); - - capcas = cap_init(); - CHECKX(capcas != NULL); - - cappwd = cap_service_open(capcas, "system.pwd"); - CHECKX(cappwd != NULL); - - cap_close(capcas); - - /* No limits. */ - - CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | GETPWNAM | - GETPWNAM_R | GETPWUID | GETPWUID_R)); - - test_cmds(cappwd); - - test_fields(cappwd); - - test_users(cappwd); - - cap_close(cappwd); - - exit(0); -} Property changes on: head/tools/regression/capsicum/libcapsicum/pwd.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/tools/regression/capsicum/libcapsicum/sysctl.c =================================================================== --- head/tools/regression/capsicum/libcapsicum/sysctl.c (revision 296046) +++ head/tools/regression/capsicum/libcapsicum/sysctl.c (nonexistent) @@ -1,1510 +0,0 @@ -/*- - * Copyright (c) 2013 The FreeBSD Foundation - * All rights reserved. - * - * This software was developed by Pawel Jakub Dawidek under sponsorship from - * the FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD$"); - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include - -/* - * We need some sysctls to perform the tests on. - * We remember their values and restore them afer the test is done. - */ -#define SYSCTL0_PARENT "kern" -#define SYSCTL0_NAME "kern.sync_on_panic" -#define SYSCTL1_PARENT "debug" -#define SYSCTL1_NAME "debug.minidump" - -static int ntest = 1; - -#define CHECK(expr) do { \ - if ((expr)) \ - printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - else \ - printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - ntest++; \ -} while (0) -#define CHECKX(expr) do { \ - if ((expr)) { \ - printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - } else { \ - printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ - exit(1); \ - } \ - ntest++; \ -} while (0) - -#define SYSCTL0_READ0 0x0001 -#define SYSCTL0_READ1 0x0002 -#define SYSCTL0_READ2 0x0004 -#define SYSCTL0_WRITE 0x0008 -#define SYSCTL0_READ_WRITE 0x0010 -#define SYSCTL1_READ0 0x0020 -#define SYSCTL1_READ1 0x0040 -#define SYSCTL1_READ2 0x0080 -#define SYSCTL1_WRITE 0x0100 -#define SYSCTL1_READ_WRITE 0x0200 - -static unsigned int -runtest(cap_channel_t *capsysctl) -{ - unsigned int result; - int oldvalue, newvalue; - size_t oldsize; - - result = 0; - - oldsize = sizeof(oldvalue); - if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, &oldsize, - NULL, 0) == 0) { - if (oldsize == sizeof(oldvalue)) - result |= SYSCTL0_READ0; - } - - newvalue = 123; - if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, NULL, NULL, &newvalue, - sizeof(newvalue)) == 0) { - result |= SYSCTL0_WRITE; - } - - if ((result & SYSCTL0_WRITE) != 0) { - oldsize = sizeof(oldvalue); - if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, - &oldsize, NULL, 0) == 0) { - if (oldsize == sizeof(oldvalue) && oldvalue == 123) - result |= SYSCTL0_READ1; - } - } - - oldsize = sizeof(oldvalue); - newvalue = 4567; - if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, &oldsize, - &newvalue, sizeof(newvalue)) == 0) { - if (oldsize == sizeof(oldvalue) && oldvalue == 123) - result |= SYSCTL0_READ_WRITE; - } - - if ((result & SYSCTL0_READ_WRITE) != 0) { - oldsize = sizeof(oldvalue); - if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, - &oldsize, NULL, 0) == 0) { - if (oldsize == sizeof(oldvalue) && oldvalue == 4567) - result |= SYSCTL0_READ2; - } - } - - oldsize = sizeof(oldvalue); - if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, &oldsize, - NULL, 0) == 0) { - if (oldsize == sizeof(oldvalue)) - result |= SYSCTL1_READ0; - } - - newvalue = 506; - if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, NULL, NULL, &newvalue, - sizeof(newvalue)) == 0) { - result |= SYSCTL1_WRITE; - } - - if ((result & SYSCTL1_WRITE) != 0) { - oldsize = sizeof(oldvalue); - if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, - &oldsize, NULL, 0) == 0) { - if (oldsize == sizeof(oldvalue) && oldvalue == 506) - result |= SYSCTL1_READ1; - } - } - - oldsize = sizeof(oldvalue); - newvalue = 7008; - if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, &oldsize, - &newvalue, sizeof(newvalue)) == 0) { - if (oldsize == sizeof(oldvalue) && oldvalue == 506) - result |= SYSCTL1_READ_WRITE; - } - - if ((result & SYSCTL1_READ_WRITE) != 0) { - oldsize = sizeof(oldvalue); - if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, - &oldsize, NULL, 0) == 0) { - if (oldsize == sizeof(oldvalue) && oldvalue == 7008) - result |= SYSCTL1_READ2; - } - } - - return (result); -} - -static void -test_operation(cap_channel_t *origcapsysctl) -{ - cap_channel_t *capsysctl; - nvlist_t *limits; - - /* - * Allow: - * SYSCTL0_PARENT/RDWR/RECURSIVE - * SYSCTL1_PARENT/RDWR/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, "foo.bar", - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, "foo.bar", - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | - SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | - SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | - SYSCTL1_READ_WRITE)); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | - SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | - SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | - SYSCTL1_READ_WRITE)); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == SYSCTL0_READ0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/RDWR/RECURSIVE - * SYSCTL1_NAME/RDWR/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | - SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | - SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | - SYSCTL1_READ_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/RDWR - * SYSCTL1_PARENT/RDWR - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == 0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/RDWR - * SYSCTL1_NAME/RDWR - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | - SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | - SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | - SYSCTL1_READ_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/RDWR - * SYSCTL1_PARENT/RDWR/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL1_READ0 | SYSCTL1_READ1 | - SYSCTL1_READ2 | SYSCTL1_WRITE | SYSCTL1_READ_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/RDWR - * SYSCTL1_NAME/RDWR/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | - SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | - SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | - SYSCTL1_READ_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/READ/RECURSIVE - * SYSCTL1_PARENT/READ/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/READ/RECURSIVE - * SYSCTL1_NAME/READ/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/READ - * SYSCTL1_PARENT/READ - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == 0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/READ - * SYSCTL1_NAME/READ - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/READ - * SYSCTL1_PARENT/READ/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == SYSCTL1_READ0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/READ - * SYSCTL1_NAME/READ/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/WRITE/RECURSIVE - * SYSCTL1_PARENT/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/WRITE/RECURSIVE - * SYSCTL1_NAME/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/WRITE - * SYSCTL1_PARENT/WRITE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == 0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/WRITE - * SYSCTL1_NAME/WRITE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/WRITE - * SYSCTL1_PARENT/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == SYSCTL1_WRITE); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/WRITE - * SYSCTL1_NAME/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/READ/RECURSIVE - * SYSCTL1_PARENT/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/READ/RECURSIVE - * SYSCTL1_NAME/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/READ - * SYSCTL1_PARENT/WRITE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == 0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/READ - * SYSCTL1_NAME/WRITE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/READ - * SYSCTL1_PARENT/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == SYSCTL1_WRITE); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_NAME/READ - * SYSCTL1_NAME/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); - - cap_close(capsysctl); -} - -static void -test_names(cap_channel_t *origcapsysctl) -{ - cap_channel_t *capsysctl; - nvlist_t *limits; - - /* - * Allow: - * SYSCTL0_PARENT/READ/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == SYSCTL0_READ0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL1_NAME/READ/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == SYSCTL1_READ0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == SYSCTL0_WRITE); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL1_NAME/WRITE/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == SYSCTL1_WRITE); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/RDWR/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | - SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL1_NAME/RDWR/RECURSIVE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - nvlist_add_number(limits, SYSCTL1_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, - CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL1_READ0 | SYSCTL1_READ1 | - SYSCTL1_READ2 | SYSCTL1_WRITE | SYSCTL1_READ_WRITE)); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/READ - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == 0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL1_NAME/READ - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == SYSCTL1_READ0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/WRITE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == 0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL1_NAME/WRITE - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == SYSCTL1_WRITE); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL0_PARENT/RDWR - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == 0); - - cap_close(capsysctl); - - /* - * Allow: - * SYSCTL1_NAME/RDWR - */ - - capsysctl = cap_clone(origcapsysctl); - CHECK(capsysctl != NULL); - - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == 0); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); - nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - limits = nvlist_create(0); - nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); - CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); - - CHECK(runtest(capsysctl) == (SYSCTL1_READ0 | SYSCTL1_READ1 | - SYSCTL1_READ2 | SYSCTL1_WRITE | SYSCTL1_READ_WRITE)); - - cap_close(capsysctl); -} - -int -main(void) -{ - cap_channel_t *capcas, *capsysctl; - int scvalue0, scvalue1; - size_t scsize; - - printf("1..256\n"); - - scsize = sizeof(scvalue0); - CHECKX(sysctlbyname(SYSCTL0_NAME, &scvalue0, &scsize, NULL, 0) == 0); - CHECKX(scsize == sizeof(scvalue0)); - scsize = sizeof(scvalue1); - CHECKX(sysctlbyname(SYSCTL1_NAME, &scvalue1, &scsize, NULL, 0) == 0); - CHECKX(scsize == sizeof(scvalue1)); - - capcas = cap_init(); - CHECKX(capcas != NULL); - - capsysctl = cap_service_open(capcas, "system.sysctl"); - CHECKX(capsysctl != NULL); - - cap_close(capcas); - - /* No limits set. */ - - CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | - SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | - SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | - SYSCTL1_READ_WRITE)); - - test_operation(capsysctl); - - test_names(capsysctl); - - cap_close(capsysctl); - - CHECK(sysctlbyname(SYSCTL0_NAME, NULL, NULL, &scvalue0, - sizeof(scvalue0)) == 0); - CHECK(sysctlbyname(SYSCTL1_NAME, NULL, NULL, &scvalue1, - sizeof(scvalue1)) == 0); - - exit(0); -} Property changes on: head/tools/regression/capsicum/libcapsicum/sysctl.c ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/tools/regression/capsicum/libcapsicum/Makefile =================================================================== --- head/tools/regression/capsicum/libcapsicum/Makefile (revision 296046) +++ head/tools/regression/capsicum/libcapsicum/Makefile (nonexistent) @@ -1,33 +0,0 @@ -# $FreeBSD$ - -SERVICES= dns -SERVICES+= grp -SERVICES+= pwd -SERVICES+= sysctl - -CFLAGS= -O2 -pipe -std=gnu99 -fstack-protector -CFLAGS+= -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -CFLAGS+= -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -CFLAGS+= -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wunused-parameter -CFLAGS+= -Wcast-align -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -CFLAGS+= -Wold-style-definition -Wno-pointer-sign - -CFLAGS+= -I${.CURDIR}/../../../../lib/libcapsicum -CFLAGS+= -ggdb - -SERVTEST= ${SERVICES:=.t} - -all: ${SERVTEST} - -.for SERVICE in ${SERVICES} - -${SERVICE}.t: ${SERVICE}.c - ${CC} ${CFLAGS} ${@:.t=.c} -o $@ -lcapsicum -lnv - -.endfor - -test: all - @prove -r ${.CURDIR} - -clean: - rm -f ${SERVTEST} Property changes on: head/tools/regression/capsicum/libcapsicum/Makefile ___________________________________________________________________ Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:keywords ## -1 +0,0 ## -FreeBSD=%H \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: head/tools/regression/capsicum/libcasper/Makefile =================================================================== --- head/tools/regression/capsicum/libcasper/Makefile (nonexistent) +++ head/tools/regression/capsicum/libcasper/Makefile (revision 296047) @@ -0,0 +1,32 @@ +# $FreeBSD$ + +SERVICES= dns +SERVICES+= grp +SERVICES+= pwd +SERVICES+= sysctl + +CFLAGS= -O2 -pipe -std=gnu99 -fstack-protector +CFLAGS+= -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter +CFLAGS+= -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type +CFLAGS+= -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wunused-parameter +CFLAGS+= -Wcast-align -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls +CFLAGS+= -Wold-style-definition -Wno-pointer-sign + +CFLAGS+= -ggdb + +SERVTEST= ${SERVICES:=.t} + +all: ${SERVTEST} + +.for SERVICE in ${SERVICES} + +${SERVICE}.t: ${SERVICE}.c + ${CC} ${CFLAGS} ${@:.t=.c} -o $@ -lnv -lcasper -lcap_${@:.t=} + +.endfor + +test: all + @prove -r ${.CURDIR} + +clean: + rm -f ${SERVTEST} Property changes on: head/tools/regression/capsicum/libcasper/Makefile ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/tools/regression/capsicum/libcasper/dns.c =================================================================== --- head/tools/regression/capsicum/libcasper/dns.c (nonexistent) +++ head/tools/regression/capsicum/libcasper/dns.c (revision 296047) @@ -0,0 +1,588 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include + +static int ntest = 1; + +#define CHECK(expr) do { \ + if ((expr)) \ + printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + else \ + printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + ntest++; \ +} while (0) +#define CHECKX(expr) do { \ + if ((expr)) { \ + printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + } else { \ + printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + exit(1); \ + } \ + ntest++; \ +} while (0) + +#define GETHOSTBYNAME 0x01 +#define GETHOSTBYNAME2_AF_INET 0x02 +#define GETHOSTBYNAME2_AF_INET6 0x04 +#define GETHOSTBYADDR_AF_INET 0x08 +#define GETHOSTBYADDR_AF_INET6 0x10 + +static bool +hostent_aliases_compare(char **aliases0, char **aliases1) +{ + int i0, i1; + + if (aliases0 == NULL && aliases1 == NULL) + return (true); + if (aliases0 == NULL || aliases1 == NULL) + return (false); + + for (i0 = 0; aliases0[i0] != NULL; i0++) { + for (i1 = 0; aliases1[i1] != NULL; i1++) { + if (strcmp(aliases0[i0], aliases1[i1]) == 0) + break; + } + if (aliases1[i1] == NULL) + return (false); + } + + return (true); +} + +static bool +hostent_addr_list_compare(char **addr_list0, char **addr_list1, int length) +{ + int i0, i1; + + if (addr_list0 == NULL && addr_list1 == NULL) + return (true); + if (addr_list0 == NULL || addr_list1 == NULL) + return (false); + + for (i0 = 0; addr_list0[i0] != NULL; i0++) { + for (i1 = 0; addr_list1[i1] != NULL; i1++) { + if (memcmp(addr_list0[i0], addr_list1[i1], length) == 0) + break; + } + if (addr_list1[i1] == NULL) + return (false); + } + + return (true); +} + +static bool +hostent_compare(const struct hostent *hp0, const struct hostent *hp1) +{ + + if (hp0 == NULL && hp1 != NULL) + return (true); + + if (hp0 == NULL || hp1 == NULL) + return (false); + + if (hp0->h_name != NULL || hp1->h_name != NULL) { + if (hp0->h_name == NULL || hp1->h_name == NULL) + return (false); + if (strcmp(hp0->h_name, hp1->h_name) != 0) + return (false); + } + + if (!hostent_aliases_compare(hp0->h_aliases, hp1->h_aliases)) + return (false); + if (!hostent_aliases_compare(hp1->h_aliases, hp0->h_aliases)) + return (false); + + if (hp0->h_addrtype != hp1->h_addrtype) + return (false); + + if (hp0->h_length != hp1->h_length) + return (false); + + if (!hostent_addr_list_compare(hp0->h_addr_list, hp1->h_addr_list, + hp0->h_length)) { + return (false); + } + if (!hostent_addr_list_compare(hp1->h_addr_list, hp0->h_addr_list, + hp0->h_length)) { + return (false); + } + + return (true); +} + +static unsigned int +runtest(cap_channel_t *capdns) +{ + unsigned int result; + struct hostent *hps, *hpc; + struct in_addr ip4; + struct in6_addr ip6; + + result = 0; + + hps = gethostbyname("example.com"); + if (hps == NULL) + fprintf(stderr, "Unable to resolve %s IPv4.\n", "example.com"); + hpc = cap_gethostbyname(capdns, "example.com"); + if (hostent_compare(hps, hpc)) + result |= GETHOSTBYNAME; + + hps = gethostbyname2("example.com", AF_INET); + if (hps == NULL) + fprintf(stderr, "Unable to resolve %s IPv4.\n", "example.com"); + hpc = cap_gethostbyname2(capdns, "example.com", AF_INET); + if (hostent_compare(hps, hpc)) + result |= GETHOSTBYNAME2_AF_INET; + + hps = gethostbyname2("example.com", AF_INET6); + if (hps == NULL) + fprintf(stderr, "Unable to resolve %s IPv6.\n", "example.com"); + hpc = cap_gethostbyname2(capdns, "example.com", AF_INET6); + if (hostent_compare(hps, hpc)) + result |= GETHOSTBYNAME2_AF_INET6; + + /* + * 8.8.178.135 is IPv4 address of freefall.freebsd.org + * as of 27 October 2013. + */ + inet_pton(AF_INET, "8.8.178.135", &ip4); + hps = gethostbyaddr(&ip4, sizeof(ip4), AF_INET); + if (hps == NULL) + fprintf(stderr, "Unable to resolve %s.\n", "8.8.178.135"); + hpc = cap_gethostbyaddr(capdns, &ip4, sizeof(ip4), AF_INET); + if (hostent_compare(hps, hpc)) + result |= GETHOSTBYADDR_AF_INET; + + /* + * 2001:1900:2254:206c::16:87 is IPv6 address of freefall.freebsd.org + * as of 27 October 2013. + */ + inet_pton(AF_INET6, "2001:1900:2254:206c::16:87", &ip6); + hps = gethostbyaddr(&ip6, sizeof(ip6), AF_INET6); + if (hps == NULL) { + fprintf(stderr, "Unable to resolve %s.\n", + "2001:1900:2254:206c::16:87"); + } + hpc = cap_gethostbyaddr(capdns, &ip6, sizeof(ip6), AF_INET6); + if (hostent_compare(hps, hpc)) + result |= GETHOSTBYADDR_AF_INET6; + + return (result); +} + +int +main(void) +{ + cap_channel_t *capcas, *capdns, *origcapdns; + const char *types[2]; + int families[2]; + + printf("1..91\n"); + + capcas = cap_init(); + CHECKX(capcas != NULL); + + origcapdns = capdns = cap_service_open(capcas, "system.dns"); + CHECKX(capdns != NULL); + + cap_close(capcas); + + /* No limits set. */ + + CHECK(runtest(capdns) == + (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET | GETHOSTBYNAME2_AF_INET6 | + GETHOSTBYADDR_AF_INET | GETHOSTBYADDR_AF_INET6)); + + /* + * Allow: + * type: NAME, ADDR + * family: AF_INET, AF_INET6 + */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "NAME"; + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == 0); + families[0] = AF_INET; + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == 0); + + CHECK(runtest(capdns) == + (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET | GETHOSTBYNAME2_AF_INET6 | + GETHOSTBYADDR_AF_INET | GETHOSTBYADDR_AF_INET6)); + + cap_close(capdns); + + /* + * Allow: + * type: NAME + * family: AF_INET, AF_INET6 + */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 1) == 0); + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && + errno == ENOTCAPABLE); + types[0] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == 0); + + CHECK(runtest(capdns) == + (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET | GETHOSTBYNAME2_AF_INET6)); + + cap_close(capdns); + + /* + * Allow: + * type: ADDR + * family: AF_INET, AF_INET6 + */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 1) == 0); + types[1] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && + errno == ENOTCAPABLE); + types[0] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == 0); + + CHECK(runtest(capdns) == + (GETHOSTBYADDR_AF_INET | GETHOSTBYADDR_AF_INET6)); + + cap_close(capdns); + + /* + * Allow: + * type: NAME, ADDR + * family: AF_INET + */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "NAME"; + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == 0); + families[0] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 1) == 0); + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest(capdns) == + (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET | GETHOSTBYADDR_AF_INET)); + + cap_close(capdns); + + /* + * Allow: + * type: NAME, ADDR + * family: AF_INET6 + */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "NAME"; + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == 0); + families[0] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 1) == 0); + families[1] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest(capdns) == + (GETHOSTBYNAME2_AF_INET6 | GETHOSTBYADDR_AF_INET6)); + + cap_close(capdns); + + /* Below we also test further limiting capability. */ + + /* + * Allow: + * type: NAME + * family: AF_INET + */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "NAME"; + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == 0); + families[0] = AF_INET; + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == 0); + types[0] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 1) == 0); + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && + errno == ENOTCAPABLE); + types[0] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 1) == 0); + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest(capdns) == (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET)); + + cap_close(capdns); + + /* + * Allow: + * type: NAME + * family: AF_INET6 + */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "NAME"; + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == 0); + families[0] = AF_INET; + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == 0); + types[0] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 1) == 0); + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && + errno == ENOTCAPABLE); + types[0] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 1) == 0); + families[1] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest(capdns) == GETHOSTBYNAME2_AF_INET6); + + cap_close(capdns); + + /* + * Allow: + * type: ADDR + * family: AF_INET + */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "NAME"; + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == 0); + families[0] = AF_INET; + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == 0); + types[0] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 1) == 0); + types[1] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && + errno == ENOTCAPABLE); + types[0] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 1) == 0); + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest(capdns) == GETHOSTBYADDR_AF_INET); + + cap_close(capdns); + + /* + * Allow: + * type: ADDR + * family: AF_INET6 + */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "NAME"; + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == 0); + families[0] = AF_INET; + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == 0); + types[0] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 1) == 0); + types[1] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && + errno == ENOTCAPABLE); + types[0] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 1) == 0); + families[1] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest(capdns) == GETHOSTBYADDR_AF_INET6); + + cap_close(capdns); + + /* Trying to rise the limits. */ + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 1) == 0); + families[0] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 1) == 0); + + types[0] = "NAME"; + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && + errno == ENOTCAPABLE); + + types[0] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(cap_dns_type_limit(capdns, NULL, 0) == -1 && + errno == ENOTCAPABLE); + CHECK(cap_dns_family_limit(capdns, NULL, 0) == -1 && + errno == ENOTCAPABLE); + + /* Do the limits still hold? */ + CHECK(runtest(capdns) == (GETHOSTBYNAME | GETHOSTBYNAME2_AF_INET)); + + cap_close(capdns); + + capdns = cap_clone(origcapdns); + CHECK(capdns != NULL); + + types[0] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 1) == 0); + families[0] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 1) == 0); + + types[0] = "NAME"; + types[1] = "ADDR"; + CHECK(cap_dns_type_limit(capdns, types, 2) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + families[1] = AF_INET6; + CHECK(cap_dns_family_limit(capdns, families, 2) == -1 && + errno == ENOTCAPABLE); + + types[0] = "NAME"; + CHECK(cap_dns_type_limit(capdns, types, 1) == -1 && + errno == ENOTCAPABLE); + families[0] = AF_INET; + CHECK(cap_dns_family_limit(capdns, families, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(cap_dns_type_limit(capdns, NULL, 0) == -1 && + errno == ENOTCAPABLE); + CHECK(cap_dns_family_limit(capdns, NULL, 0) == -1 && + errno == ENOTCAPABLE); + + /* Do the limits still hold? */ + CHECK(runtest(capdns) == GETHOSTBYADDR_AF_INET6); + + cap_close(capdns); + + cap_close(origcapdns); + + exit(0); +} Property changes on: head/tools/regression/capsicum/libcasper/dns.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/tools/regression/capsicum/libcasper/grp.c =================================================================== --- head/tools/regression/capsicum/libcasper/grp.c (nonexistent) +++ head/tools/regression/capsicum/libcasper/grp.c (revision 296047) @@ -0,0 +1,1550 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include + +static int ntest = 1; + +#define CHECK(expr) do { \ + if ((expr)) \ + printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + else \ + printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + ntest++; \ +} while (0) +#define CHECKX(expr) do { \ + if ((expr)) { \ + printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + } else { \ + printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + exit(1); \ + } \ + ntest++; \ +} while (0) + +#define GID_WHEEL 0 +#define GID_OPERATOR 5 + +#define GETGRENT0 0x0001 +#define GETGRENT1 0x0002 +#define GETGRENT2 0x0004 +#define GETGRENT (GETGRENT0 | GETGRENT1 | GETGRENT2) +#define GETGRENT_R0 0x0008 +#define GETGRENT_R1 0x0010 +#define GETGRENT_R2 0x0020 +#define GETGRENT_R (GETGRENT_R0 | GETGRENT_R1 | GETGRENT_R2) +#define GETGRNAM 0x0040 +#define GETGRNAM_R 0x0080 +#define GETGRGID 0x0100 +#define GETGRGID_R 0x0200 +#define SETGRENT 0x0400 + +static bool +group_mem_compare(char **mem0, char **mem1) +{ + int i0, i1; + + if (mem0 == NULL && mem1 == NULL) + return (true); + if (mem0 == NULL || mem1 == NULL) + return (false); + + for (i0 = 0; mem0[i0] != NULL; i0++) { + for (i1 = 0; mem1[i1] != NULL; i1++) { + if (strcmp(mem0[i0], mem1[i1]) == 0) + break; + } + if (mem1[i1] == NULL) + return (false); + } + + return (true); +} + +static bool +group_compare(const struct group *grp0, const struct group *grp1) +{ + + if (grp0 == NULL && grp1 == NULL) + return (true); + if (grp0 == NULL || grp1 == NULL) + return (false); + + if (strcmp(grp0->gr_name, grp1->gr_name) != 0) + return (false); + + if (grp0->gr_passwd != NULL || grp1->gr_passwd != NULL) { + if (grp0->gr_passwd == NULL || grp1->gr_passwd == NULL) + return (false); + if (strcmp(grp0->gr_passwd, grp1->gr_passwd) != 0) + return (false); + } + + if (grp0->gr_gid != grp1->gr_gid) + return (false); + + if (!group_mem_compare(grp0->gr_mem, grp1->gr_mem)) + return (false); + + return (true); +} + +static unsigned int +runtest_cmds(cap_channel_t *capgrp) +{ + char bufs[1024], bufc[1024]; + unsigned int result; + struct group *grps, *grpc; + struct group sts, stc; + + result = 0; + + (void)setgrent(); + if (cap_setgrent(capgrp) == 1) + result |= SETGRENT; + + grps = getgrent(); + grpc = cap_getgrent(capgrp); + if (group_compare(grps, grpc)) { + result |= GETGRENT0; + grps = getgrent(); + grpc = cap_getgrent(capgrp); + if (group_compare(grps, grpc)) + result |= GETGRENT1; + } + + getgrent_r(&sts, bufs, sizeof(bufs), &grps); + cap_getgrent_r(capgrp, &stc, bufc, sizeof(bufc), &grpc); + if (group_compare(grps, grpc)) { + result |= GETGRENT_R0; + getgrent_r(&sts, bufs, sizeof(bufs), &grps); + cap_getgrent_r(capgrp, &stc, bufc, sizeof(bufc), &grpc); + if (group_compare(grps, grpc)) + result |= GETGRENT_R1; + } + + (void)setgrent(); + if (cap_setgrent(capgrp) == 1) + result |= SETGRENT; + + getgrent_r(&sts, bufs, sizeof(bufs), &grps); + cap_getgrent_r(capgrp, &stc, bufc, sizeof(bufc), &grpc); + if (group_compare(grps, grpc)) + result |= GETGRENT_R2; + + grps = getgrent(); + grpc = cap_getgrent(capgrp); + if (group_compare(grps, grpc)) + result |= GETGRENT2; + + grps = getgrnam("wheel"); + grpc = cap_getgrnam(capgrp, "wheel"); + if (group_compare(grps, grpc)) { + grps = getgrnam("operator"); + grpc = cap_getgrnam(capgrp, "operator"); + if (group_compare(grps, grpc)) + result |= GETGRNAM; + } + + getgrnam_r("wheel", &sts, bufs, sizeof(bufs), &grps); + cap_getgrnam_r(capgrp, "wheel", &stc, bufc, sizeof(bufc), &grpc); + if (group_compare(grps, grpc)) { + getgrnam_r("operator", &sts, bufs, sizeof(bufs), &grps); + cap_getgrnam_r(capgrp, "operator", &stc, bufc, sizeof(bufc), + &grpc); + if (group_compare(grps, grpc)) + result |= GETGRNAM_R; + } + + grps = getgrgid(GID_WHEEL); + grpc = cap_getgrgid(capgrp, GID_WHEEL); + if (group_compare(grps, grpc)) { + grps = getgrgid(GID_OPERATOR); + grpc = cap_getgrgid(capgrp, GID_OPERATOR); + if (group_compare(grps, grpc)) + result |= GETGRGID; + } + + getgrgid_r(GID_WHEEL, &sts, bufs, sizeof(bufs), &grps); + cap_getgrgid_r(capgrp, GID_WHEEL, &stc, bufc, sizeof(bufc), &grpc); + if (group_compare(grps, grpc)) { + getgrgid_r(GID_OPERATOR, &sts, bufs, sizeof(bufs), &grps); + cap_getgrgid_r(capgrp, GID_OPERATOR, &stc, bufc, sizeof(bufc), + &grpc); + if (group_compare(grps, grpc)) + result |= GETGRGID_R; + } + + return (result); +} + +static void +test_cmds(cap_channel_t *origcapgrp) +{ + cap_channel_t *capgrp; + const char *cmds[7], *fields[4], *names[5]; + gid_t gids[5]; + + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + + names[0] = "wheel"; + names[1] = "daemon"; + names[2] = "kmem"; + names[3] = "sys"; + names[4] = "operator"; + + gids[0] = 0; + gids[1] = 1; + gids[2] = 2; + gids[3] = 3; + gids[4] = 5; + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: wheel, daemon, kmem, sys, operator + * gids: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == 0); + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); + CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: + * gids: 0, 1, 2, 3, 5 + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == 0); + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: getgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: wheel, daemon, kmem, sys, operator + * gids: + * Disallow: + * cmds: setgrent + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "getgrent"; + cmds[1] = "getgrent_r"; + cmds[2] = "getgrnam"; + cmds[3] = "getgrnam_r"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "setgrent"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); + + CHECK(runtest_cmds(capgrp) == (GETGRENT0 | GETGRENT1 | GETGRENT_R0 | + GETGRENT_R1 | GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: getgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: + * gids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: setgrent + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "getgrent"; + cmds[1] = "getgrent_r"; + cmds[2] = "getgrnam"; + cmds[3] = "getgrnam_r"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "setgrent"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); + + CHECK(runtest_cmds(capgrp) == (GETGRENT0 | GETGRENT1 | GETGRENT_R0 | + GETGRENT_R1 | GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: wheel, daemon, kmem, sys, operator + * gids: + * Disallow: + * cmds: getgrent + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent_r"; + cmds[2] = "getgrnam"; + cmds[3] = "getgrnam_r"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrent"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); + CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT_R2 | + GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: + * gids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getgrent + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent_r"; + cmds[2] = "getgrnam"; + cmds[3] = "getgrnam_r"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrent"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT_R2 | + GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrnam, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: wheel, daemon, kmem, sys, operator + * gids: + * Disallow: + * cmds: getgrent_r + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrnam"; + cmds[3] = "getgrnam_r"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrent_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT0 | GETGRENT1 | + GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrnam, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: + * gids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getgrent_r + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrnam"; + cmds[3] = "getgrnam_r"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrent_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT0 | GETGRENT1 | + GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: wheel, daemon, kmem, sys, operator + * gids: + * Disallow: + * cmds: getgrnam + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam_r"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrnam"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); + CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam_r, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: + * gids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getgrnam + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam_r"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrnam"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM_R | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: wheel, daemon, kmem, sys, operator + * gids: + * Disallow: + * cmds: getgrnam_r + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrnam_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam, + * getgrgid, getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: + * gids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getgrnam_r + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrgid"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrnam_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM | GETGRGID | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: wheel, daemon, kmem, sys, operator + * gids: + * Disallow: + * cmds: getgrgid + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrgid"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); + CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM | GETGRNAM_R | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid_r + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: + * gids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getgrgid + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrgid"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM | GETGRNAM_R | GETGRGID_R)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: wheel, daemon, kmem, sys, operator + * gids: + * Disallow: + * cmds: getgrgid_r + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM | GETGRNAM_R | GETGRGID)); + + cap_close(capgrp); + + /* + * Allow: + * cmds: setgrent, getgrent, getgrent_r, getgrnam, getgrnam_r, + * getgrgid + * fields: gr_name, gr_passwd, gr_gid, gr_mem + * groups: + * names: + * gids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getgrgid_r + * fields: + * groups: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 6) == 0); + cmds[0] = "setgrent"; + cmds[1] = "getgrent"; + cmds[2] = "getgrent_r"; + cmds[3] = "getgrnam"; + cmds[4] = "getgrnam_r"; + cmds[5] = "getgrgid"; + cmds[6] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getgrgid_r"; + CHECK(cap_grp_limit_cmds(capgrp, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 5) == 0); + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM | GETGRNAM_R | GETGRGID)); + + cap_close(capgrp); +} + +#define GR_NAME 0x01 +#define GR_PASSWD 0x02 +#define GR_GID 0x04 +#define GR_MEM 0x08 + +static unsigned int +group_fields(const struct group *grp) +{ + unsigned int result; + + result = 0; + + if (grp->gr_name != NULL && grp->gr_name[0] != '\0') + result |= GR_NAME; + + if (grp->gr_passwd != NULL && grp->gr_passwd[0] != '\0') + result |= GR_PASSWD; + + if (grp->gr_gid != (gid_t)-1) + result |= GR_GID; + + if (grp->gr_mem != NULL && grp->gr_mem[0] != NULL) + result |= GR_MEM; + + return (result); +} + +static bool +runtest_fields(cap_channel_t *capgrp, unsigned int expected) +{ + char buf[1024]; + struct group *grp; + struct group st; + + (void)cap_setgrent(capgrp); + grp = cap_getgrent(capgrp); + if (group_fields(grp) != expected) + return (false); + + (void)cap_setgrent(capgrp); + cap_getgrent_r(capgrp, &st, buf, sizeof(buf), &grp); + if (group_fields(grp) != expected) + return (false); + + grp = cap_getgrnam(capgrp, "wheel"); + if (group_fields(grp) != expected) + return (false); + + cap_getgrnam_r(capgrp, "wheel", &st, buf, sizeof(buf), &grp); + if (group_fields(grp) != expected) + return (false); + + grp = cap_getgrgid(capgrp, GID_WHEEL); + if (group_fields(grp) != expected) + return (false); + + cap_getgrgid_r(capgrp, GID_WHEEL, &st, buf, sizeof(buf), &grp); + if (group_fields(grp) != expected) + return (false); + + return (true); +} + +static void +test_fields(cap_channel_t *origcapgrp) +{ + cap_channel_t *capgrp; + const char *fields[4]; + + /* No limits. */ + + CHECK(runtest_fields(origcapgrp, GR_NAME | GR_PASSWD | GR_GID | GR_MEM)); + + /* + * Allow: + * fields: gr_name, gr_passwd, gr_gid, gr_mem + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == 0); + + CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD | GR_GID | GR_MEM)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_passwd, gr_gid, gr_mem + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_passwd"; + fields[1] = "gr_gid"; + fields[2] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_PASSWD | GR_GID | GR_MEM)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_name, gr_gid, gr_mem + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_name"; + fields[1] = "gr_gid"; + fields[2] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "gr_passwd"; + CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_NAME | GR_GID | GR_MEM)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_name, gr_passwd, gr_mem + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "gr_gid"; + CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD | GR_MEM)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_name, gr_passwd, gr_gid + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + CHECK(cap_grp_limit_fields(capgrp, fields, 3) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD | GR_GID)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_name, gr_passwd + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "gr_gid"; + CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_NAME | GR_PASSWD)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_name, gr_gid + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_name"; + fields[1] = "gr_gid"; + CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_NAME | GR_GID)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_name, gr_mem + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_name"; + fields[1] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "gr_passwd"; + CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_NAME | GR_MEM)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_passwd, gr_gid + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_passwd"; + fields[1] = "gr_gid"; + CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_PASSWD | GR_GID)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_passwd, gr_mem + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_passwd"; + fields[1] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "gr_gid"; + CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_PASSWD | GR_MEM)); + + cap_close(capgrp); + + /* + * Allow: + * fields: gr_gid, gr_mem + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + fields[0] = "gr_gid"; + fields[1] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 2) == 0); + fields[0] = "gr_name"; + fields[1] = "gr_passwd"; + fields[2] = "gr_gid"; + fields[3] = "gr_mem"; + CHECK(cap_grp_limit_fields(capgrp, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "gr_passwd"; + CHECK(cap_grp_limit_fields(capgrp, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(capgrp, GR_GID | GR_MEM)); + + cap_close(capgrp); +} + +static bool +runtest_groups(cap_channel_t *capgrp, const char **names, const gid_t *gids, + size_t ngroups) +{ + char buf[1024]; + struct group *grp; + struct group st; + unsigned int i, got; + + (void)cap_setgrent(capgrp); + got = 0; + for (;;) { + grp = cap_getgrent(capgrp); + if (grp == NULL) + break; + got++; + for (i = 0; i < ngroups; i++) { + if (strcmp(names[i], grp->gr_name) == 0 && + gids[i] == grp->gr_gid) { + break; + } + } + if (i == ngroups) + return (false); + } + if (got != ngroups) + return (false); + + (void)cap_setgrent(capgrp); + got = 0; + for (;;) { + cap_getgrent_r(capgrp, &st, buf, sizeof(buf), &grp); + if (grp == NULL) + break; + got++; + for (i = 0; i < ngroups; i++) { + if (strcmp(names[i], grp->gr_name) == 0 && + gids[i] == grp->gr_gid) { + break; + } + } + if (i == ngroups) + return (false); + } + if (got != ngroups) + return (false); + + for (i = 0; i < ngroups; i++) { + grp = cap_getgrnam(capgrp, names[i]); + if (grp == NULL) + return (false); + } + + for (i = 0; i < ngroups; i++) { + cap_getgrnam_r(capgrp, names[i], &st, buf, sizeof(buf), &grp); + if (grp == NULL) + return (false); + } + + for (i = 0; i < ngroups; i++) { + grp = cap_getgrgid(capgrp, gids[i]); + if (grp == NULL) + return (false); + } + + for (i = 0; i < ngroups; i++) { + cap_getgrgid_r(capgrp, gids[i], &st, buf, sizeof(buf), &grp); + if (grp == NULL) + return (false); + } + + return (true); +} + +static void +test_groups(cap_channel_t *origcapgrp) +{ + cap_channel_t *capgrp; + const char *names[5]; + gid_t gids[5]; + + /* + * Allow: + * groups: + * names: wheel, daemon, kmem, sys, tty + * gids: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + names[0] = "wheel"; + names[1] = "daemon"; + names[2] = "kmem"; + names[3] = "sys"; + names[4] = "tty"; + CHECK(cap_grp_limit_groups(capgrp, names, 5, NULL, 0) == 0); + gids[0] = 0; + gids[1] = 1; + gids[2] = 2; + gids[3] = 3; + gids[4] = 4; + + CHECK(runtest_groups(capgrp, names, gids, 5)); + + cap_close(capgrp); + + /* + * Allow: + * groups: + * names: kmem, sys, tty + * gids: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + names[0] = "kmem"; + names[1] = "sys"; + names[2] = "tty"; + CHECK(cap_grp_limit_groups(capgrp, names, 3, NULL, 0) == 0); + names[3] = "daemon"; + CHECK(cap_grp_limit_groups(capgrp, names, 4, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "daemon"; + CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "kmem"; + gids[0] = 2; + gids[1] = 3; + gids[2] = 4; + + CHECK(runtest_groups(capgrp, names, gids, 3)); + + cap_close(capgrp); + + /* + * Allow: + * groups: + * names: wheel, kmem, tty + * gids: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + names[0] = "wheel"; + names[1] = "kmem"; + names[2] = "tty"; + CHECK(cap_grp_limit_groups(capgrp, names, 3, NULL, 0) == 0); + names[3] = "daemon"; + CHECK(cap_grp_limit_groups(capgrp, names, 4, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "daemon"; + CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "wheel"; + gids[0] = 0; + gids[1] = 2; + gids[2] = 4; + + CHECK(runtest_groups(capgrp, names, gids, 3)); + + cap_close(capgrp); + + /* + * Allow: + * groups: + * names: + * gids: 2, 3, 4 + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + names[0] = "kmem"; + names[1] = "sys"; + names[2] = "tty"; + gids[0] = 2; + gids[1] = 3; + gids[2] = 4; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 3) == 0); + gids[3] = 0; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 4) == -1 && + errno == ENOTCAPABLE); + gids[0] = 0; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 && + errno == ENOTCAPABLE); + gids[0] = 2; + + CHECK(runtest_groups(capgrp, names, gids, 3)); + + cap_close(capgrp); + + /* + * Allow: + * groups: + * names: + * gids: 0, 2, 4 + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + names[0] = "wheel"; + names[1] = "kmem"; + names[2] = "tty"; + gids[0] = 0; + gids[1] = 2; + gids[2] = 4; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 3) == 0); + gids[3] = 1; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 4) == -1 && + errno == ENOTCAPABLE); + gids[0] = 1; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 && + errno == ENOTCAPABLE); + gids[0] = 0; + + CHECK(runtest_groups(capgrp, names, gids, 3)); + + cap_close(capgrp); + + /* + * Allow: + * groups: + * names: kmem + * gids: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + names[0] = "kmem"; + CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == 0); + names[1] = "daemon"; + CHECK(cap_grp_limit_groups(capgrp, names, 2, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "daemon"; + CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "kmem"; + gids[0] = 2; + + CHECK(runtest_groups(capgrp, names, gids, 1)); + + cap_close(capgrp); + + /* + * Allow: + * groups: + * names: wheel, tty + * gids: + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + names[0] = "wheel"; + names[1] = "tty"; + CHECK(cap_grp_limit_groups(capgrp, names, 2, NULL, 0) == 0); + names[2] = "daemon"; + CHECK(cap_grp_limit_groups(capgrp, names, 3, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "daemon"; + CHECK(cap_grp_limit_groups(capgrp, names, 1, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "wheel"; + gids[0] = 0; + gids[1] = 4; + + CHECK(runtest_groups(capgrp, names, gids, 2)); + + cap_close(capgrp); + + /* + * Allow: + * groups: + * names: + * gids: 2 + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + names[0] = "kmem"; + gids[0] = 2; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == 0); + gids[1] = 1; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 2) == -1 && + errno == ENOTCAPABLE); + gids[0] = 1; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 && + errno == ENOTCAPABLE); + gids[0] = 2; + + CHECK(runtest_groups(capgrp, names, gids, 1)); + + cap_close(capgrp); + + /* + * Allow: + * groups: + * names: + * gids: 0, 4 + */ + capgrp = cap_clone(origcapgrp); + CHECK(capgrp != NULL); + + names[0] = "wheel"; + names[1] = "tty"; + gids[0] = 0; + gids[1] = 4; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 2) == 0); + gids[2] = 1; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 3) == -1 && + errno == ENOTCAPABLE); + gids[0] = 1; + CHECK(cap_grp_limit_groups(capgrp, NULL, 0, gids, 1) == -1 && + errno == ENOTCAPABLE); + gids[0] = 0; + + CHECK(runtest_groups(capgrp, names, gids, 2)); + + cap_close(capgrp); +} + +int +main(void) +{ + cap_channel_t *capcas, *capgrp; + + printf("1..199\n"); + + capcas = cap_init(); + CHECKX(capcas != NULL); + + capgrp = cap_service_open(capcas, "system.grp"); + CHECKX(capgrp != NULL); + + cap_close(capcas); + + /* No limits. */ + + CHECK(runtest_cmds(capgrp) == (SETGRENT | GETGRENT | GETGRENT_R | + GETGRNAM | GETGRNAM_R | GETGRGID | GETGRGID_R)); + + test_cmds(capgrp); + + test_fields(capgrp); + + test_groups(capgrp); + + cap_close(capgrp); + + exit(0); +} Property changes on: head/tools/regression/capsicum/libcasper/grp.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/tools/regression/capsicum/libcasper/pwd.c =================================================================== --- head/tools/regression/capsicum/libcasper/pwd.c (nonexistent) +++ head/tools/regression/capsicum/libcasper/pwd.c (revision 296047) @@ -0,0 +1,1536 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include + +static int ntest = 1; + +#define CHECK(expr) do { \ + if ((expr)) \ + printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + else \ + printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__);\ + ntest++; \ +} while (0) +#define CHECKX(expr) do { \ + if ((expr)) { \ + printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + } else { \ + printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__);\ + exit(1); \ + } \ + ntest++; \ +} while (0) + +#define UID_ROOT 0 +#define UID_OPERATOR 2 + +#define GETPWENT0 0x0001 +#define GETPWENT1 0x0002 +#define GETPWENT2 0x0004 +#define GETPWENT (GETPWENT0 | GETPWENT1 | GETPWENT2) +#define GETPWENT_R0 0x0008 +#define GETPWENT_R1 0x0010 +#define GETPWENT_R2 0x0020 +#define GETPWENT_R (GETPWENT_R0 | GETPWENT_R1 | GETPWENT_R2) +#define GETPWNAM 0x0040 +#define GETPWNAM_R 0x0080 +#define GETPWUID 0x0100 +#define GETPWUID_R 0x0200 + +static bool +passwd_compare(const struct passwd *pwd0, const struct passwd *pwd1) +{ + + if (pwd0 == NULL && pwd1 == NULL) + return (true); + if (pwd0 == NULL || pwd1 == NULL) + return (false); + + if (strcmp(pwd0->pw_name, pwd1->pw_name) != 0) + return (false); + + if (pwd0->pw_passwd != NULL || pwd1->pw_passwd != NULL) { + if (pwd0->pw_passwd == NULL || pwd1->pw_passwd == NULL) + return (false); + if (strcmp(pwd0->pw_passwd, pwd1->pw_passwd) != 0) + return (false); + } + + if (pwd0->pw_uid != pwd1->pw_uid) + return (false); + + if (pwd0->pw_gid != pwd1->pw_gid) + return (false); + + if (pwd0->pw_change != pwd1->pw_change) + return (false); + + if (pwd0->pw_class != NULL || pwd1->pw_class != NULL) { + if (pwd0->pw_class == NULL || pwd1->pw_class == NULL) + return (false); + if (strcmp(pwd0->pw_class, pwd1->pw_class) != 0) + return (false); + } + + if (pwd0->pw_gecos != NULL || pwd1->pw_gecos != NULL) { + if (pwd0->pw_gecos == NULL || pwd1->pw_gecos == NULL) + return (false); + if (strcmp(pwd0->pw_gecos, pwd1->pw_gecos) != 0) + return (false); + } + + if (pwd0->pw_dir != NULL || pwd1->pw_dir != NULL) { + if (pwd0->pw_dir == NULL || pwd1->pw_dir == NULL) + return (false); + if (strcmp(pwd0->pw_dir, pwd1->pw_dir) != 0) + return (false); + } + + if (pwd0->pw_shell != NULL || pwd1->pw_shell != NULL) { + if (pwd0->pw_shell == NULL || pwd1->pw_shell == NULL) + return (false); + if (strcmp(pwd0->pw_shell, pwd1->pw_shell) != 0) + return (false); + } + + if (pwd0->pw_expire != pwd1->pw_expire) + return (false); + + if (pwd0->pw_fields != pwd1->pw_fields) + return (false); + + return (true); +} + +static unsigned int +runtest_cmds(cap_channel_t *cappwd) +{ + char bufs[1024], bufc[1024]; + unsigned int result; + struct passwd *pwds, *pwdc; + struct passwd sts, stc; + + result = 0; + + setpwent(); + cap_setpwent(cappwd); + + pwds = getpwent(); + pwdc = cap_getpwent(cappwd); + if (passwd_compare(pwds, pwdc)) { + result |= GETPWENT0; + pwds = getpwent(); + pwdc = cap_getpwent(cappwd); + if (passwd_compare(pwds, pwdc)) + result |= GETPWENT1; + } + + getpwent_r(&sts, bufs, sizeof(bufs), &pwds); + cap_getpwent_r(cappwd, &stc, bufc, sizeof(bufc), &pwdc); + if (passwd_compare(pwds, pwdc)) { + result |= GETPWENT_R0; + getpwent_r(&sts, bufs, sizeof(bufs), &pwds); + cap_getpwent_r(cappwd, &stc, bufc, sizeof(bufc), &pwdc); + if (passwd_compare(pwds, pwdc)) + result |= GETPWENT_R1; + } + + setpwent(); + cap_setpwent(cappwd); + + getpwent_r(&sts, bufs, sizeof(bufs), &pwds); + cap_getpwent_r(cappwd, &stc, bufc, sizeof(bufc), &pwdc); + if (passwd_compare(pwds, pwdc)) + result |= GETPWENT_R2; + + pwds = getpwent(); + pwdc = cap_getpwent(cappwd); + if (passwd_compare(pwds, pwdc)) + result |= GETPWENT2; + + pwds = getpwnam("root"); + pwdc = cap_getpwnam(cappwd, "root"); + if (passwd_compare(pwds, pwdc)) { + pwds = getpwnam("operator"); + pwdc = cap_getpwnam(cappwd, "operator"); + if (passwd_compare(pwds, pwdc)) + result |= GETPWNAM; + } + + getpwnam_r("root", &sts, bufs, sizeof(bufs), &pwds); + cap_getpwnam_r(cappwd, "root", &stc, bufc, sizeof(bufc), &pwdc); + if (passwd_compare(pwds, pwdc)) { + getpwnam_r("operator", &sts, bufs, sizeof(bufs), &pwds); + cap_getpwnam_r(cappwd, "operator", &stc, bufc, sizeof(bufc), + &pwdc); + if (passwd_compare(pwds, pwdc)) + result |= GETPWNAM_R; + } + + pwds = getpwuid(UID_ROOT); + pwdc = cap_getpwuid(cappwd, UID_ROOT); + if (passwd_compare(pwds, pwdc)) { + pwds = getpwuid(UID_OPERATOR); + pwdc = cap_getpwuid(cappwd, UID_OPERATOR); + if (passwd_compare(pwds, pwdc)) + result |= GETPWUID; + } + + getpwuid_r(UID_ROOT, &sts, bufs, sizeof(bufs), &pwds); + cap_getpwuid_r(cappwd, UID_ROOT, &stc, bufc, sizeof(bufc), &pwdc); + if (passwd_compare(pwds, pwdc)) { + getpwuid_r(UID_OPERATOR, &sts, bufs, sizeof(bufs), &pwds); + cap_getpwuid_r(cappwd, UID_OPERATOR, &stc, bufc, sizeof(bufc), + &pwdc); + if (passwd_compare(pwds, pwdc)) + result |= GETPWUID_R; + } + + return (result); +} + +static void +test_cmds(cap_channel_t *origcappwd) +{ + cap_channel_t *cappwd; + const char *cmds[7], *fields[10], *names[6]; + uid_t uids[5]; + + fields[0] = "pw_name"; + fields[1] = "pw_passwd"; + fields[2] = "pw_uid"; + fields[3] = "pw_gid"; + fields[4] = "pw_change"; + fields[5] = "pw_class"; + fields[6] = "pw_gecos"; + fields[7] = "pw_dir"; + fields[8] = "pw_shell"; + fields[9] = "pw_expire"; + + names[0] = "root"; + names[1] = "toor"; + names[2] = "daemon"; + names[3] = "operator"; + names[4] = "bin"; + names[5] = "kmem"; + + uids[0] = 0; + uids[1] = 1; + uids[2] = 2; + uids[3] = 3; + uids[4] = 5; + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: root, toor, daemon, operator, bin, kmem + * uids: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == 0); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: + * uids: 0, 1, 2, 3, 5 + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == 0); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: getpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: root, toor, daemon, operator, bin, kmem + * uids: + * Disallow: + * cmds: setpwent + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cap_setpwent(cappwd); + + cmds[0] = "getpwent"; + cmds[1] = "getpwent_r"; + cmds[2] = "getpwnam"; + cmds[3] = "getpwnam_r"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "setpwent"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT0 | GETPWENT1 | GETPWENT_R0 | + GETPWENT_R1 | GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: getpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: + * uids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: setpwent + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cap_setpwent(cappwd); + + cmds[0] = "getpwent"; + cmds[1] = "getpwent_r"; + cmds[2] = "getpwnam"; + cmds[3] = "getpwnam_r"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "setpwent"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT0 | GETPWENT1 | GETPWENT_R0 | + GETPWENT_R1 | GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: root, toor, daemon, operator, bin, kmem + * uids: + * Disallow: + * cmds: getpwent + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent_r"; + cmds[2] = "getpwnam"; + cmds[3] = "getpwnam_r"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwent"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT_R2 | + GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: + * uids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getpwent + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent_r"; + cmds[2] = "getpwnam"; + cmds[3] = "getpwnam_r"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwent"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT_R2 | + GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwnam, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: root, toor, daemon, operator, bin, kmem + * uids: + * Disallow: + * cmds: getpwent_r + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwnam"; + cmds[3] = "getpwnam_r"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwent_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT0 | GETPWENT1 | + GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwnam, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: + * uids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getpwent_r + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwnam"; + cmds[3] = "getpwnam_r"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwent_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT0 | GETPWENT1 | + GETPWNAM | GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: root, toor, daemon, operator, bin, kmem + * uids: + * Disallow: + * cmds: getpwnam + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam_r"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwnam"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam_r, + * getpwuid, getpwuid_r + * users: + * names: + * uids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getpwnam + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam_r"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwnam"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM_R | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam, + * getpwuid, getpwuid_r + * users: + * names: root, toor, daemon, operator, bin, kmem + * uids: + * Disallow: + * cmds: getpwnam_r + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwnam_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam, + * getpwuid, getpwuid_r + * users: + * names: + * uids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getpwnam_r + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwuid"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwnam_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM | GETPWUID | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid_r + * users: + * names: root, toor, daemon, operator, bin, kmem + * uids: + * Disallow: + * cmds: getpwuid + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwuid"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM | GETPWNAM_R | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid_r + * users: + * names: + * uids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getpwuid + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwuid"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM | GETPWNAM_R | GETPWUID_R)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid + * users: + * names: root, toor, daemon, operator, bin, kmem + * uids: + * Disallow: + * cmds: getpwuid_r + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM | GETPWNAM_R | GETPWUID)); + + cap_close(cappwd); + + /* + * Allow: + * cmds: setpwent, getpwent, getpwent_r, getpwnam, getpwnam_r, + * getpwuid + * users: + * names: + * uids: 0, 1, 2, 3, 5 + * Disallow: + * cmds: getpwuid_r + * users: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 6) == 0); + cmds[0] = "setpwent"; + cmds[1] = "getpwent"; + cmds[2] = "getpwent_r"; + cmds[3] = "getpwnam"; + cmds[4] = "getpwnam_r"; + cmds[5] = "getpwuid"; + cmds[6] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 7) == -1 && errno == ENOTCAPABLE); + cmds[0] = "getpwuid_r"; + CHECK(cap_pwd_limit_cmds(cappwd, cmds, 1) == -1 && errno == ENOTCAPABLE); + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 5) == 0); + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | + GETPWNAM | GETPWNAM_R | GETPWUID)); + + cap_close(cappwd); +} + +#define PW_NAME _PWF_NAME +#define PW_PASSWD _PWF_PASSWD +#define PW_UID _PWF_UID +#define PW_GID _PWF_GID +#define PW_CHANGE _PWF_CHANGE +#define PW_CLASS _PWF_CLASS +#define PW_GECOS _PWF_GECOS +#define PW_DIR _PWF_DIR +#define PW_SHELL _PWF_SHELL +#define PW_EXPIRE _PWF_EXPIRE + +static unsigned int +passwd_fields(const struct passwd *pwd) +{ + unsigned int result; + + result = 0; + + if (pwd->pw_name != NULL && pwd->pw_name[0] != '\0') + result |= PW_NAME; +// else +// printf("No pw_name\n"); + + if (pwd->pw_passwd != NULL && pwd->pw_passwd[0] != '\0') + result |= PW_PASSWD; + else if ((pwd->pw_fields & _PWF_PASSWD) != 0) + result |= PW_PASSWD; +// else +// printf("No pw_passwd\n"); + + if (pwd->pw_uid != (uid_t)-1) + result |= PW_UID; +// else +// printf("No pw_uid\n"); + + if (pwd->pw_gid != (gid_t)-1) + result |= PW_GID; +// else +// printf("No pw_gid\n"); + + if (pwd->pw_change != 0 || (pwd->pw_fields & _PWF_CHANGE) != 0) + result |= PW_CHANGE; +// else +// printf("No pw_change\n"); + + if (pwd->pw_class != NULL && pwd->pw_class[0] != '\0') + result |= PW_CLASS; + else if ((pwd->pw_fields & _PWF_CLASS) != 0) + result |= PW_CLASS; +// else +// printf("No pw_class\n"); + + if (pwd->pw_gecos != NULL && pwd->pw_gecos[0] != '\0') + result |= PW_GECOS; + else if ((pwd->pw_fields & _PWF_GECOS) != 0) + result |= PW_GECOS; +// else +// printf("No pw_gecos\n"); + + if (pwd->pw_dir != NULL && pwd->pw_dir[0] != '\0') + result |= PW_DIR; + else if ((pwd->pw_fields & _PWF_DIR) != 0) + result |= PW_DIR; +// else +// printf("No pw_dir\n"); + + if (pwd->pw_shell != NULL && pwd->pw_shell[0] != '\0') + result |= PW_SHELL; + else if ((pwd->pw_fields & _PWF_SHELL) != 0) + result |= PW_SHELL; +// else +// printf("No pw_shell\n"); + + if (pwd->pw_expire != 0 || (pwd->pw_fields & _PWF_EXPIRE) != 0) + result |= PW_EXPIRE; +// else +// printf("No pw_expire\n"); + +if (false && pwd->pw_fields != (int)result) { +printf("fields=0x%x != result=0x%x\n", (const unsigned int)pwd->pw_fields, result); +printf(" fields result\n"); +printf("PW_NAME %d %d\n", (pwd->pw_fields & PW_NAME) != 0, (result & PW_NAME) != 0); +printf("PW_PASSWD %d %d\n", (pwd->pw_fields & PW_PASSWD) != 0, (result & PW_PASSWD) != 0); +printf("PW_UID %d %d\n", (pwd->pw_fields & PW_UID) != 0, (result & PW_UID) != 0); +printf("PW_GID %d %d\n", (pwd->pw_fields & PW_GID) != 0, (result & PW_GID) != 0); +printf("PW_CHANGE %d %d\n", (pwd->pw_fields & PW_CHANGE) != 0, (result & PW_CHANGE) != 0); +printf("PW_CLASS %d %d\n", (pwd->pw_fields & PW_CLASS) != 0, (result & PW_CLASS) != 0); +printf("PW_GECOS %d %d\n", (pwd->pw_fields & PW_GECOS) != 0, (result & PW_GECOS) != 0); +printf("PW_DIR %d %d\n", (pwd->pw_fields & PW_DIR) != 0, (result & PW_DIR) != 0); +printf("PW_SHELL %d %d\n", (pwd->pw_fields & PW_SHELL) != 0, (result & PW_SHELL) != 0); +printf("PW_EXPIRE %d %d\n", (pwd->pw_fields & PW_EXPIRE) != 0, (result & PW_EXPIRE) != 0); +} + +//printf("result=0x%x\n", result); + return (result); +} + +static bool +runtest_fields(cap_channel_t *cappwd, unsigned int expected) +{ + char buf[1024]; + struct passwd *pwd; + struct passwd st; + +//printf("expected=0x%x\n", expected); + cap_setpwent(cappwd); + pwd = cap_getpwent(cappwd); + if ((passwd_fields(pwd) & ~expected) != 0) + return (false); + + cap_setpwent(cappwd); + cap_getpwent_r(cappwd, &st, buf, sizeof(buf), &pwd); + if ((passwd_fields(pwd) & ~expected) != 0) + return (false); + + pwd = cap_getpwnam(cappwd, "root"); + if ((passwd_fields(pwd) & ~expected) != 0) + return (false); + + cap_getpwnam_r(cappwd, "root", &st, buf, sizeof(buf), &pwd); + if ((passwd_fields(pwd) & ~expected) != 0) + return (false); + + pwd = cap_getpwuid(cappwd, UID_ROOT); + if ((passwd_fields(pwd) & ~expected) != 0) + return (false); + + cap_getpwuid_r(cappwd, UID_ROOT, &st, buf, sizeof(buf), &pwd); + if ((passwd_fields(pwd) & ~expected) != 0) + return (false); + + return (true); +} + +static void +test_fields(cap_channel_t *origcappwd) +{ + cap_channel_t *cappwd; + const char *fields[10]; + + /* No limits. */ + + CHECK(runtest_fields(origcappwd, PW_NAME | PW_PASSWD | PW_UID | + PW_GID | PW_CHANGE | PW_CLASS | PW_GECOS | PW_DIR | PW_SHELL | + PW_EXPIRE)); + + /* + * Allow: + * fields: pw_name, pw_passwd, pw_uid, pw_gid, pw_change, pw_class, + * pw_gecos, pw_dir, pw_shell, pw_expire + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + fields[0] = "pw_name"; + fields[1] = "pw_passwd"; + fields[2] = "pw_uid"; + fields[3] = "pw_gid"; + fields[4] = "pw_change"; + fields[5] = "pw_class"; + fields[6] = "pw_gecos"; + fields[7] = "pw_dir"; + fields[8] = "pw_shell"; + fields[9] = "pw_expire"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 10) == 0); + + CHECK(runtest_fields(origcappwd, PW_NAME | PW_PASSWD | PW_UID | + PW_GID | PW_CHANGE | PW_CLASS | PW_GECOS | PW_DIR | PW_SHELL | + PW_EXPIRE)); + + cap_close(cappwd); + + /* + * Allow: + * fields: pw_name, pw_passwd, pw_uid, pw_gid, pw_change + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + fields[0] = "pw_name"; + fields[1] = "pw_passwd"; + fields[2] = "pw_uid"; + fields[3] = "pw_gid"; + fields[4] = "pw_change"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 5) == 0); + fields[5] = "pw_class"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 6) == -1 && + errno == ENOTCAPABLE); + fields[0] = "pw_class"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(cappwd, PW_NAME | PW_PASSWD | PW_UID | + PW_GID | PW_CHANGE)); + + cap_close(cappwd); + + /* + * Allow: + * fields: pw_class, pw_gecos, pw_dir, pw_shell, pw_expire + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + fields[0] = "pw_class"; + fields[1] = "pw_gecos"; + fields[2] = "pw_dir"; + fields[3] = "pw_shell"; + fields[4] = "pw_expire"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 5) == 0); + fields[5] = "pw_uid"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 6) == -1 && + errno == ENOTCAPABLE); + fields[0] = "pw_uid"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(cappwd, PW_CLASS | PW_GECOS | PW_DIR | + PW_SHELL | PW_EXPIRE)); + + cap_close(cappwd); + + /* + * Allow: + * fields: pw_name, pw_uid, pw_change, pw_gecos, pw_shell + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + fields[0] = "pw_name"; + fields[1] = "pw_uid"; + fields[2] = "pw_change"; + fields[3] = "pw_gecos"; + fields[4] = "pw_shell"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 5) == 0); + fields[5] = "pw_class"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 6) == -1 && + errno == ENOTCAPABLE); + fields[0] = "pw_class"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(cappwd, PW_NAME | PW_UID | PW_CHANGE | + PW_GECOS | PW_SHELL)); + + cap_close(cappwd); + + /* + * Allow: + * fields: pw_passwd, pw_gid, pw_class, pw_dir, pw_expire + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + fields[0] = "pw_passwd"; + fields[1] = "pw_gid"; + fields[2] = "pw_class"; + fields[3] = "pw_dir"; + fields[4] = "pw_expire"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 5) == 0); + fields[5] = "pw_uid"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 6) == -1 && + errno == ENOTCAPABLE); + fields[0] = "pw_uid"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(cappwd, PW_PASSWD | PW_GID | PW_CLASS | + PW_DIR | PW_EXPIRE)); + + cap_close(cappwd); + + /* + * Allow: + * fields: pw_uid, pw_class, pw_shell + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + fields[0] = "pw_uid"; + fields[1] = "pw_class"; + fields[2] = "pw_shell"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 3) == 0); + fields[3] = "pw_change"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 4) == -1 && + errno == ENOTCAPABLE); + fields[0] = "pw_change"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(cappwd, PW_UID | PW_CLASS | PW_SHELL)); + + cap_close(cappwd); + + /* + * Allow: + * fields: pw_change + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + fields[0] = "pw_change"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == 0); + fields[1] = "pw_uid"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 2) == -1 && + errno == ENOTCAPABLE); + fields[0] = "pw_uid"; + CHECK(cap_pwd_limit_fields(cappwd, fields, 1) == -1 && + errno == ENOTCAPABLE); + + CHECK(runtest_fields(cappwd, PW_CHANGE)); + + cap_close(cappwd); +} + +static bool +runtest_users(cap_channel_t *cappwd, const char **names, const uid_t *uids, + size_t nusers) +{ + char buf[1024]; + struct passwd *pwd; + struct passwd st; + unsigned int i, got; + + cap_setpwent(cappwd); + got = 0; + for (;;) { + pwd = cap_getpwent(cappwd); + if (pwd == NULL) + break; + got++; + for (i = 0; i < nusers; i++) { + if (strcmp(names[i], pwd->pw_name) == 0 && + uids[i] == pwd->pw_uid) { + break; + } + } + if (i == nusers) + return (false); + } + if (got != nusers) + return (false); + + cap_setpwent(cappwd); + got = 0; + for (;;) { + cap_getpwent_r(cappwd, &st, buf, sizeof(buf), &pwd); + if (pwd == NULL) + break; + got++; + for (i = 0; i < nusers; i++) { + if (strcmp(names[i], pwd->pw_name) == 0 && + uids[i] == pwd->pw_uid) { + break; + } + } + if (i == nusers) + return (false); + } + if (got != nusers) + return (false); + + for (i = 0; i < nusers; i++) { + pwd = cap_getpwnam(cappwd, names[i]); + if (pwd == NULL) + return (false); + } + + for (i = 0; i < nusers; i++) { + cap_getpwnam_r(cappwd, names[i], &st, buf, sizeof(buf), &pwd); + if (pwd == NULL) + return (false); + } + + for (i = 0; i < nusers; i++) { + pwd = cap_getpwuid(cappwd, uids[i]); + if (pwd == NULL) + return (false); + } + + for (i = 0; i < nusers; i++) { + cap_getpwuid_r(cappwd, uids[i], &st, buf, sizeof(buf), &pwd); + if (pwd == NULL) + return (false); + } + + return (true); +} + +static void +test_users(cap_channel_t *origcappwd) +{ + cap_channel_t *cappwd; + const char *names[6]; + uid_t uids[6]; + + /* + * Allow: + * users: + * names: root, toor, daemon, operator, bin, tty + * uids: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + names[0] = "root"; + names[1] = "toor"; + names[2] = "daemon"; + names[3] = "operator"; + names[4] = "bin"; + names[5] = "tty"; + CHECK(cap_pwd_limit_users(cappwd, names, 6, NULL, 0) == 0); + uids[0] = 0; + uids[1] = 0; + uids[2] = 1; + uids[3] = 2; + uids[4] = 3; + uids[5] = 4; + + CHECK(runtest_users(cappwd, names, uids, 6)); + + cap_close(cappwd); + + /* + * Allow: + * users: + * names: daemon, operator, bin + * uids: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + names[0] = "daemon"; + names[1] = "operator"; + names[2] = "bin"; + CHECK(cap_pwd_limit_users(cappwd, names, 3, NULL, 0) == 0); + names[3] = "tty"; + CHECK(cap_pwd_limit_users(cappwd, names, 4, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "tty"; + CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "daemon"; + uids[0] = 1; + uids[1] = 2; + uids[2] = 3; + + CHECK(runtest_users(cappwd, names, uids, 3)); + + cap_close(cappwd); + + /* + * Allow: + * users: + * names: daemon, bin, tty + * uids: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + names[0] = "daemon"; + names[1] = "bin"; + names[2] = "tty"; + CHECK(cap_pwd_limit_users(cappwd, names, 3, NULL, 0) == 0); + names[3] = "operator"; + CHECK(cap_pwd_limit_users(cappwd, names, 4, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "operator"; + CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "daemon"; + uids[0] = 1; + uids[1] = 3; + uids[2] = 4; + + CHECK(runtest_users(cappwd, names, uids, 3)); + + cap_close(cappwd); + + /* + * Allow: + * users: + * names: + * uids: 1, 2, 3 + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + names[0] = "daemon"; + names[1] = "operator"; + names[2] = "bin"; + uids[0] = 1; + uids[1] = 2; + uids[2] = 3; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 3) == 0); + uids[3] = 4; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 4) == -1 && + errno == ENOTCAPABLE); + uids[0] = 4; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == -1 && + errno == ENOTCAPABLE); + uids[0] = 1; + + CHECK(runtest_users(cappwd, names, uids, 3)); + + cap_close(cappwd); + + /* + * Allow: + * users: + * names: + * uids: 1, 3, 4 + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + names[0] = "daemon"; + names[1] = "bin"; + names[2] = "tty"; + uids[0] = 1; + uids[1] = 3; + uids[2] = 4; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 3) == 0); + uids[3] = 5; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 4) == -1 && + errno == ENOTCAPABLE); + uids[0] = 5; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == -1 && + errno == ENOTCAPABLE); + uids[0] = 1; + + CHECK(runtest_users(cappwd, names, uids, 3)); + + cap_close(cappwd); + + /* + * Allow: + * users: + * names: bin + * uids: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + names[0] = "bin"; + CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == 0); + names[1] = "operator"; + CHECK(cap_pwd_limit_users(cappwd, names, 2, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "operator"; + CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "bin"; + uids[0] = 3; + + CHECK(runtest_users(cappwd, names, uids, 1)); + + cap_close(cappwd); + + /* + * Allow: + * users: + * names: daemon, tty + * uids: + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + names[0] = "daemon"; + names[1] = "tty"; + CHECK(cap_pwd_limit_users(cappwd, names, 2, NULL, 0) == 0); + names[2] = "operator"; + CHECK(cap_pwd_limit_users(cappwd, names, 3, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "operator"; + CHECK(cap_pwd_limit_users(cappwd, names, 1, NULL, 0) == -1 && + errno == ENOTCAPABLE); + names[0] = "daemon"; + uids[0] = 1; + uids[1] = 4; + + CHECK(runtest_users(cappwd, names, uids, 2)); + + cap_close(cappwd); + + /* + * Allow: + * users: + * names: + * uids: 3 + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + names[0] = "bin"; + uids[0] = 3; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == 0); + uids[1] = 4; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 2) == -1 && + errno == ENOTCAPABLE); + uids[0] = 4; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == -1 && + errno == ENOTCAPABLE); + uids[0] = 3; + + CHECK(runtest_users(cappwd, names, uids, 1)); + + cap_close(cappwd); + + /* + * Allow: + * users: + * names: + * uids: 1, 4 + */ + cappwd = cap_clone(origcappwd); + CHECK(cappwd != NULL); + + names[0] = "daemon"; + names[1] = "tty"; + uids[0] = 1; + uids[1] = 4; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 2) == 0); + uids[2] = 3; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 3) == -1 && + errno == ENOTCAPABLE); + uids[0] = 3; + CHECK(cap_pwd_limit_users(cappwd, NULL, 0, uids, 1) == -1 && + errno == ENOTCAPABLE); + uids[0] = 1; + + CHECK(runtest_users(cappwd, names, uids, 2)); + + cap_close(cappwd); +} + +int +main(void) +{ + cap_channel_t *capcas, *cappwd; + + printf("1..188\n"); + + capcas = cap_init(); + CHECKX(capcas != NULL); + + cappwd = cap_service_open(capcas, "system.pwd"); + CHECKX(cappwd != NULL); + + cap_close(capcas); + + /* No limits. */ + + CHECK(runtest_cmds(cappwd) == (GETPWENT | GETPWENT_R | GETPWNAM | + GETPWNAM_R | GETPWUID | GETPWUID_R)); + + test_cmds(cappwd); + + test_fields(cappwd); + + test_users(cappwd); + + cap_close(cappwd); + + exit(0); +} Property changes on: head/tools/regression/capsicum/libcasper/pwd.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/tools/regression/capsicum/libcasper/sysctl.c =================================================================== --- head/tools/regression/capsicum/libcasper/sysctl.c (nonexistent) +++ head/tools/regression/capsicum/libcasper/sysctl.c (revision 296047) @@ -0,0 +1,1510 @@ +/*- + * Copyright (c) 2013 The FreeBSD Foundation + * All rights reserved. + * + * This software was developed by Pawel Jakub Dawidek under sponsorship from + * the FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include + +/* + * We need some sysctls to perform the tests on. + * We remember their values and restore them afer the test is done. + */ +#define SYSCTL0_PARENT "kern" +#define SYSCTL0_NAME "kern.sync_on_panic" +#define SYSCTL1_PARENT "debug" +#define SYSCTL1_NAME "debug.minidump" + +static int ntest = 1; + +#define CHECK(expr) do { \ + if ((expr)) \ + printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + else \ + printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + ntest++; \ +} while (0) +#define CHECKX(expr) do { \ + if ((expr)) { \ + printf("ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + } else { \ + printf("not ok %d %s:%u\n", ntest, __FILE__, __LINE__); \ + exit(1); \ + } \ + ntest++; \ +} while (0) + +#define SYSCTL0_READ0 0x0001 +#define SYSCTL0_READ1 0x0002 +#define SYSCTL0_READ2 0x0004 +#define SYSCTL0_WRITE 0x0008 +#define SYSCTL0_READ_WRITE 0x0010 +#define SYSCTL1_READ0 0x0020 +#define SYSCTL1_READ1 0x0040 +#define SYSCTL1_READ2 0x0080 +#define SYSCTL1_WRITE 0x0100 +#define SYSCTL1_READ_WRITE 0x0200 + +static unsigned int +runtest(cap_channel_t *capsysctl) +{ + unsigned int result; + int oldvalue, newvalue; + size_t oldsize; + + result = 0; + + oldsize = sizeof(oldvalue); + if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, &oldsize, + NULL, 0) == 0) { + if (oldsize == sizeof(oldvalue)) + result |= SYSCTL0_READ0; + } + + newvalue = 123; + if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, NULL, NULL, &newvalue, + sizeof(newvalue)) == 0) { + result |= SYSCTL0_WRITE; + } + + if ((result & SYSCTL0_WRITE) != 0) { + oldsize = sizeof(oldvalue); + if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, + &oldsize, NULL, 0) == 0) { + if (oldsize == sizeof(oldvalue) && oldvalue == 123) + result |= SYSCTL0_READ1; + } + } + + oldsize = sizeof(oldvalue); + newvalue = 4567; + if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, &oldsize, + &newvalue, sizeof(newvalue)) == 0) { + if (oldsize == sizeof(oldvalue) && oldvalue == 123) + result |= SYSCTL0_READ_WRITE; + } + + if ((result & SYSCTL0_READ_WRITE) != 0) { + oldsize = sizeof(oldvalue); + if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, + &oldsize, NULL, 0) == 0) { + if (oldsize == sizeof(oldvalue) && oldvalue == 4567) + result |= SYSCTL0_READ2; + } + } + + oldsize = sizeof(oldvalue); + if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, &oldsize, + NULL, 0) == 0) { + if (oldsize == sizeof(oldvalue)) + result |= SYSCTL1_READ0; + } + + newvalue = 506; + if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, NULL, NULL, &newvalue, + sizeof(newvalue)) == 0) { + result |= SYSCTL1_WRITE; + } + + if ((result & SYSCTL1_WRITE) != 0) { + oldsize = sizeof(oldvalue); + if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, + &oldsize, NULL, 0) == 0) { + if (oldsize == sizeof(oldvalue) && oldvalue == 506) + result |= SYSCTL1_READ1; + } + } + + oldsize = sizeof(oldvalue); + newvalue = 7008; + if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, &oldsize, + &newvalue, sizeof(newvalue)) == 0) { + if (oldsize == sizeof(oldvalue) && oldvalue == 506) + result |= SYSCTL1_READ_WRITE; + } + + if ((result & SYSCTL1_READ_WRITE) != 0) { + oldsize = sizeof(oldvalue); + if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, + &oldsize, NULL, 0) == 0) { + if (oldsize == sizeof(oldvalue) && oldvalue == 7008) + result |= SYSCTL1_READ2; + } + } + + return (result); +} + +static void +test_operation(cap_channel_t *origcapsysctl) +{ + cap_channel_t *capsysctl; + nvlist_t *limits; + + /* + * Allow: + * SYSCTL0_PARENT/RDWR/RECURSIVE + * SYSCTL1_PARENT/RDWR/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, "foo.bar", + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, "foo.bar", + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | + SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | + SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | + SYSCTL1_READ_WRITE)); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | + SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | + SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | + SYSCTL1_READ_WRITE)); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == SYSCTL0_READ0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/RDWR/RECURSIVE + * SYSCTL1_NAME/RDWR/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | + SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | + SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | + SYSCTL1_READ_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/RDWR + * SYSCTL1_PARENT/RDWR + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == 0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/RDWR + * SYSCTL1_NAME/RDWR + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | + SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | + SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | + SYSCTL1_READ_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/RDWR + * SYSCTL1_PARENT/RDWR/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL1_READ0 | SYSCTL1_READ1 | + SYSCTL1_READ2 | SYSCTL1_WRITE | SYSCTL1_READ_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/RDWR + * SYSCTL1_NAME/RDWR/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | + SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | + SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | + SYSCTL1_READ_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/READ/RECURSIVE + * SYSCTL1_PARENT/READ/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/READ/RECURSIVE + * SYSCTL1_NAME/READ/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/READ + * SYSCTL1_PARENT/READ + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == 0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/READ + * SYSCTL1_NAME/READ + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/READ + * SYSCTL1_PARENT/READ/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == SYSCTL1_READ0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/READ + * SYSCTL1_NAME/READ/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/WRITE/RECURSIVE + * SYSCTL1_PARENT/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/WRITE/RECURSIVE + * SYSCTL1_NAME/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/WRITE + * SYSCTL1_PARENT/WRITE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == 0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/WRITE + * SYSCTL1_NAME/WRITE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/WRITE + * SYSCTL1_PARENT/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == SYSCTL1_WRITE); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/WRITE + * SYSCTL1_NAME/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/READ/RECURSIVE + * SYSCTL1_PARENT/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/READ/RECURSIVE + * SYSCTL1_NAME/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/READ + * SYSCTL1_PARENT/WRITE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == 0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/READ + * SYSCTL1_NAME/WRITE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/READ + * SYSCTL1_PARENT/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == SYSCTL1_WRITE); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_NAME/READ + * SYSCTL1_NAME/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE)); + + cap_close(capsysctl); +} + +static void +test_names(cap_channel_t *origcapsysctl) +{ + cap_channel_t *capsysctl; + nvlist_t *limits; + + /* + * Allow: + * SYSCTL0_PARENT/READ/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == SYSCTL0_READ0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL1_NAME/READ/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == SYSCTL1_READ0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == SYSCTL0_WRITE); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL1_NAME/WRITE/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == SYSCTL1_WRITE); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/RDWR/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | + SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL1_NAME/RDWR/RECURSIVE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + nvlist_add_number(limits, SYSCTL1_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, + CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL1_READ0 | SYSCTL1_READ1 | + SYSCTL1_READ2 | SYSCTL1_WRITE | SYSCTL1_READ_WRITE)); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/READ + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == 0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL1_NAME/READ + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_READ); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == SYSCTL1_READ0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/WRITE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == 0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL1_NAME/WRITE + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_WRITE); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == SYSCTL1_WRITE); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL0_PARENT/RDWR + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_PARENT, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_PARENT, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == 0); + + cap_close(capsysctl); + + /* + * Allow: + * SYSCTL1_NAME/RDWR + */ + + capsysctl = cap_clone(origcapsysctl); + CHECK(capsysctl != NULL); + + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == 0); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); + nvlist_add_number(limits, SYSCTL1_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + limits = nvlist_create(0); + nvlist_add_number(limits, SYSCTL0_NAME, CAP_SYSCTL_RDWR); + CHECK(cap_limit_set(capsysctl, limits) == -1 && errno == ENOTCAPABLE); + + CHECK(runtest(capsysctl) == (SYSCTL1_READ0 | SYSCTL1_READ1 | + SYSCTL1_READ2 | SYSCTL1_WRITE | SYSCTL1_READ_WRITE)); + + cap_close(capsysctl); +} + +int +main(void) +{ + cap_channel_t *capcas, *capsysctl; + int scvalue0, scvalue1; + size_t scsize; + + printf("1..256\n"); + + scsize = sizeof(scvalue0); + CHECKX(sysctlbyname(SYSCTL0_NAME, &scvalue0, &scsize, NULL, 0) == 0); + CHECKX(scsize == sizeof(scvalue0)); + scsize = sizeof(scvalue1); + CHECKX(sysctlbyname(SYSCTL1_NAME, &scvalue1, &scsize, NULL, 0) == 0); + CHECKX(scsize == sizeof(scvalue1)); + + capcas = cap_init(); + CHECKX(capcas != NULL); + + capsysctl = cap_service_open(capcas, "system.sysctl"); + CHECKX(capsysctl != NULL); + + cap_close(capcas); + + /* No limits set. */ + + CHECK(runtest(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 | + SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE | + SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE | + SYSCTL1_READ_WRITE)); + + test_operation(capsysctl); + + test_names(capsysctl); + + cap_close(capsysctl); + + CHECK(sysctlbyname(SYSCTL0_NAME, NULL, NULL, &scvalue0, + sizeof(scvalue0)) == 0); + CHECK(sysctlbyname(SYSCTL1_NAME, NULL, NULL, &scvalue1, + sizeof(scvalue1)) == 0); + + exit(0); +} Property changes on: head/tools/regression/capsicum/libcasper/sysctl.c ___________________________________________________________________ Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:keywords ## -0,0 +1 ## +FreeBSD=%H \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/usr.bin/kdump/Makefile =================================================================== --- head/usr.bin/kdump/Makefile (revision 296046) +++ head/usr.bin/kdump/Makefile (revision 296047) @@ -1,29 +1,31 @@ # @(#)Makefile 8.1 (Berkeley) 6/6/93 # $FreeBSD$ .include .PATH: ${.CURDIR}/../ktrace PROG= kdump SRCS= kdump_subr.c kdump_subr.h kdump.c subr.c CFLAGS+= -I${.CURDIR}/../ktrace -I${.CURDIR} -I${.CURDIR}/../.. -I. LIBADD= sysdecode .if ${MK_CASPER} != "no" -LIBADD+= capsicum -CFLAGS+=-DHAVE_LIBCAPSICUM +LIBADD+= casper +LIBADD+= cap_grp +LIBADD+= cap_pwd +CFLAGS+=-DHAVE_LIBCASPER .endif NO_WERROR?= YES CLEANFILES= kdump_subr.c kdump_subr.h kdump_subr.h: mksubr sh ${.CURDIR}/mksubr ${DESTDIR}${INCLUDEDIR} | \ sed -n 's/^\([a-z].*)\)$$/void \1;/p' >${.TARGET} kdump_subr.c: mksubr kdump_subr.h sh ${.CURDIR}/mksubr ${DESTDIR}${INCLUDEDIR} >${.TARGET} .include Index: head/usr.bin/kdump/kdump.c =================================================================== --- head/usr.bin/kdump/kdump.c (revision 296046) +++ head/usr.bin/kdump/kdump.c (revision 296047) @@ -1,1841 +1,1842 @@ /*- * Copyright (c) 1988, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1988, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint #if 0 static char sccsid[] = "@(#)kdump.c 8.1 (Berkeley) 6/6/93"; #endif #endif /* not lint */ #include __FBSDID("$FreeBSD$"); #define _KERNEL extern int errno; #include #undef _KERNEL #include #include #include #define _KERNEL #include #undef _KERNEL #include #include #include #include #include #include #include #include #include #include -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER #include #endif #include #include #include #include #include #include -#ifdef HAVE_LIBCAPSICUM -#include -#include -#include -#include -#endif #include #include #include #include #include #include #include #include #include #include #include #include #include "ktrace.h" #include "kdump_subr.h" +#ifdef HAVE_LIBCASPER +#include + +#include +#include +#endif + u_int abidump(struct ktr_header *); int fetchprocinfo(struct ktr_header *, u_int *); int fread_tail(void *, int, int); void dumpheader(struct ktr_header *); void ktrsyscall(struct ktr_syscall *, u_int); void ktrsysret(struct ktr_sysret *, u_int); void ktrnamei(char *, int); void hexdump(char *, int, int); void visdump(char *, int, int); void ktrgenio(struct ktr_genio *, int); void ktrpsig(struct ktr_psig *); void ktrcsw(struct ktr_csw *); void ktrcsw_old(struct ktr_csw_old *); void ktruser_malloc(void *); void ktruser_rtld(int, void *); void ktruser(int, void *); void ktrcaprights(cap_rights_t *); void ktrsockaddr(struct sockaddr *); void ktrstat(struct stat *); void ktrstruct(char *, size_t); void ktrcapfail(struct ktr_cap_fail *); void ktrfault(struct ktr_fault *); void ktrfaultend(struct ktr_faultend *); void limitfd(int fd); void usage(void); #define TIMESTAMP_NONE 0x0 #define TIMESTAMP_ABSOLUTE 0x1 #define TIMESTAMP_ELAPSED 0x2 #define TIMESTAMP_RELATIVE 0x4 extern const char *signames[]; static int timestamp, decimal, fancy = 1, suppressdata, tail, threads, maxdata, resolv = 0, abiflag = 0, syscallno = 0; static const char *tracefile = DEF_TRACEFILE; static struct ktr_header ktr_header; #define TIME_FORMAT "%b %e %T %Y" #define eqs(s1, s2) (strcmp((s1), (s2)) == 0) #define print_number(i,n,c) do { \ if (decimal) \ printf("%c%jd", c, (intmax_t)*i); \ else \ printf("%c%#jx", c, (uintmax_t)(u_register_t)*i); \ i++; \ n--; \ c = ','; \ } while (0) struct proc_info { TAILQ_ENTRY(proc_info) info; u_int sv_flags; pid_t pid; }; static TAILQ_HEAD(trace_procs, proc_info) trace_procs; -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER static cap_channel_t *cappwd, *capgrp; #endif static void strerror_init(void) { /* * Cache NLS data before entering capability mode. * XXXPJD: There should be strerror_init() and strsignal_init() in libc. */ (void)catopen("libc", NL_CAT_LOCALE); } static void localtime_init(void) { time_t ltime; /* * Allow localtime(3) to cache /etc/localtime content before entering * capability mode. * XXXPJD: There should be localtime_init() in libc. */ (void)time(<ime); (void)localtime(<ime); } -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER static int cappwdgrp_setup(cap_channel_t **cappwdp, cap_channel_t **capgrpp) { cap_channel_t *capcas, *cappwdloc, *capgrploc; const char *cmds[1], *fields[1]; capcas = cap_init(); if (capcas == NULL) { - warn("unable to contact casperd"); - return (-1); + err(1, "unable to create casper process"); + exit(1); } cappwdloc = cap_service_open(capcas, "system.pwd"); capgrploc = cap_service_open(capcas, "system.grp"); /* Casper capability no longer needed. */ cap_close(capcas); if (cappwdloc == NULL || capgrploc == NULL) { if (cappwdloc == NULL) warn("unable to open system.pwd service"); if (capgrploc == NULL) warn("unable to open system.grp service"); exit(1); } /* Limit system.pwd to only getpwuid() function and pw_name field. */ cmds[0] = "getpwuid"; if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) < 0) err(1, "unable to limit system.pwd service"); fields[0] = "pw_name"; if (cap_pwd_limit_fields(cappwdloc, fields, 1) < 0) err(1, "unable to limit system.pwd service"); /* Limit system.grp to only getgrgid() function and gr_name field. */ cmds[0] = "getgrgid"; if (cap_grp_limit_cmds(capgrploc, cmds, 1) < 0) err(1, "unable to limit system.grp service"); fields[0] = "gr_name"; if (cap_grp_limit_fields(capgrploc, fields, 1) < 0) err(1, "unable to limit system.grp service"); *cappwdp = cappwdloc; *capgrpp = capgrploc; return (0); } -#endif /* HAVE_LIBCAPSICUM */ +#endif /* HAVE_LIBCASPER */ int main(int argc, char *argv[]) { int ch, ktrlen, size; void *m; int trpoints = ALL_POINTS; int drop_logged; pid_t pid = 0; u_int sv_flags; setlocale(LC_CTYPE, ""); timestamp = TIMESTAMP_NONE; while ((ch = getopt(argc,argv,"f:dElm:np:AHRrSsTt:")) != -1) switch (ch) { case 'A': abiflag = 1; break; case 'f': tracefile = optarg; break; case 'd': decimal = 1; break; case 'l': tail = 1; break; case 'm': maxdata = atoi(optarg); break; case 'n': fancy = 0; break; case 'p': pid = atoi(optarg); break; case 'r': resolv = 1; break; case 'S': syscallno = 1; break; case 's': suppressdata = 1; break; case 'E': timestamp |= TIMESTAMP_ELAPSED; break; case 'H': threads = 1; break; case 'R': timestamp |= TIMESTAMP_RELATIVE; break; case 'T': timestamp |= TIMESTAMP_ABSOLUTE; break; case 't': trpoints = getpoints(optarg); if (trpoints < 0) errx(1, "unknown trace point in %s", optarg); break; default: usage(); } if (argc > optind) usage(); m = malloc(size = 1025); if (m == NULL) errx(1, "%s", strerror(ENOMEM)); if (!freopen(tracefile, "r", stdin)) err(1, "%s", tracefile); strerror_init(); localtime_init(); -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER if (resolv != 0) { if (cappwdgrp_setup(&cappwd, &capgrp) < 0) { cappwd = NULL; capgrp = NULL; } } if (resolv == 0 || (cappwd != NULL && capgrp != NULL)) { if (cap_enter() < 0 && errno != ENOSYS) err(1, "unable to enter capability mode"); } #else if (resolv == 0) { if (cap_enter() < 0 && errno != ENOSYS) err(1, "unable to enter capability mode"); } #endif limitfd(STDIN_FILENO); limitfd(STDOUT_FILENO); limitfd(STDERR_FILENO); TAILQ_INIT(&trace_procs); drop_logged = 0; while (fread_tail(&ktr_header, sizeof(struct ktr_header), 1)) { if (ktr_header.ktr_type & KTR_DROP) { ktr_header.ktr_type &= ~KTR_DROP; if (!drop_logged && threads) { printf( "%6jd %6jd %-8.*s Events dropped.\n", (intmax_t)ktr_header.ktr_pid, ktr_header.ktr_tid > 0 ? (intmax_t)ktr_header.ktr_tid : 0, MAXCOMLEN, ktr_header.ktr_comm); drop_logged = 1; } else if (!drop_logged) { printf("%6jd %-8.*s Events dropped.\n", (intmax_t)ktr_header.ktr_pid, MAXCOMLEN, ktr_header.ktr_comm); drop_logged = 1; } } if (trpoints & (1< size) { m = realloc(m, ktrlen+1); if (m == NULL) errx(1, "%s", strerror(ENOMEM)); size = ktrlen; } if (ktrlen && fread_tail(m, ktrlen, 1) == 0) errx(1, "data too short"); if (fetchprocinfo(&ktr_header, (u_int *)m) != 0) continue; sv_flags = abidump(&ktr_header); if (pid && ktr_header.ktr_pid != pid && ktr_header.ktr_tid != pid) continue; if ((trpoints & (1<ktr_type) { case KTR_PROCCTOR: TAILQ_FOREACH(pi, &trace_procs, info) { if (pi->pid == kth->ktr_pid) { TAILQ_REMOVE(&trace_procs, pi, info); break; } } pi = malloc(sizeof(struct proc_info)); if (pi == NULL) errx(1, "%s", strerror(ENOMEM)); pi->sv_flags = *flags; pi->pid = kth->ktr_pid; TAILQ_INSERT_TAIL(&trace_procs, pi, info); return (1); case KTR_PROCDTOR: TAILQ_FOREACH(pi, &trace_procs, info) { if (pi->pid == kth->ktr_pid) { TAILQ_REMOVE(&trace_procs, pi, info); free(pi); break; } } return (1); } return (0); } u_int abidump(struct ktr_header *kth) { struct proc_info *pi; const char *abi; const char *arch; u_int flags = 0; TAILQ_FOREACH(pi, &trace_procs, info) { if (pi->pid == kth->ktr_pid) { flags = pi->sv_flags; break; } } if (abiflag == 0) return (flags); switch (flags & SV_ABI_MASK) { case SV_ABI_LINUX: abi = "L"; break; case SV_ABI_FREEBSD: abi = "F"; break; case SV_ABI_CLOUDABI: abi = "C"; break; default: abi = "U"; break; } if (flags != 0) { if (flags & SV_LP64) arch = "64"; else arch = "32"; } else arch = "00"; printf("%s%s ", abi, arch); return (flags); } void dumpheader(struct ktr_header *kth) { static char unknown[64]; static struct timeval prevtime, prevtime_e, temp; const char *type; const char *sign; switch (kth->ktr_type) { case KTR_SYSCALL: type = "CALL"; break; case KTR_SYSRET: type = "RET "; break; case KTR_NAMEI: type = "NAMI"; break; case KTR_GENIO: type = "GIO "; break; case KTR_PSIG: type = "PSIG"; break; case KTR_CSW: type = "CSW "; break; case KTR_USER: type = "USER"; break; case KTR_STRUCT: type = "STRU"; break; case KTR_SYSCTL: type = "SCTL"; break; case KTR_PROCCTOR: /* FALLTHROUGH */ case KTR_PROCDTOR: return; case KTR_CAPFAIL: type = "CAP "; break; case KTR_FAULT: type = "PFLT"; break; case KTR_FAULTEND: type = "PRET"; break; default: sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type); type = unknown; } /* * The ktr_tid field was previously the ktr_buffer field, which held * the kernel pointer value for the buffer associated with data * following the record header. It now holds a threadid, but only * for trace files after the change. Older trace files still contain * kernel pointers. Detect this and suppress the results by printing * negative tid's as 0. */ if (threads) printf("%6jd %6jd %-8.*s ", (intmax_t)kth->ktr_pid, kth->ktr_tid > 0 ? (intmax_t)kth->ktr_tid : 0, MAXCOMLEN, kth->ktr_comm); else printf("%6jd %-8.*s ", (intmax_t)kth->ktr_pid, MAXCOMLEN, kth->ktr_comm); if (timestamp) { if (timestamp & TIMESTAMP_ABSOLUTE) { printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, kth->ktr_time.tv_usec); } if (timestamp & TIMESTAMP_ELAPSED) { if (prevtime_e.tv_sec == 0) prevtime_e = kth->ktr_time; timevalsub(&kth->ktr_time, &prevtime_e); printf("%jd.%06ld ", (intmax_t)kth->ktr_time.tv_sec, kth->ktr_time.tv_usec); timevaladd(&kth->ktr_time, &prevtime_e); } if (timestamp & TIMESTAMP_RELATIVE) { if (prevtime.tv_sec == 0) prevtime = kth->ktr_time; temp = kth->ktr_time; timevalsub(&kth->ktr_time, &prevtime); if ((intmax_t)kth->ktr_time.tv_sec < 0) { kth->ktr_time = prevtime; prevtime = temp; timevalsub(&kth->ktr_time, &prevtime); sign = "-"; } else { prevtime = temp; sign = ""; } printf("%s%jd.%06ld ", sign, (intmax_t)kth->ktr_time.tv_sec, kth->ktr_time.tv_usec); } } printf("%s ", type); } #include static void ioctlname(unsigned long val) { const char *str; str = sysdecode_ioctlname(val); if (str != NULL) printf("%s", str); else if (decimal) printf("%lu", val); else printf("%#lx", val); } static enum sysdecode_abi syscallabi(u_int sv_flags) { if (sv_flags == 0) return (SYSDECODE_ABI_FREEBSD); switch (sv_flags & SV_ABI_MASK) { case SV_ABI_FREEBSD: return (SYSDECODE_ABI_FREEBSD); #if defined(__amd64__) || defined(__i386__) case SV_ABI_LINUX: #ifdef __amd64__ if (sv_flags & SV_ILP32) return (SYSDECODE_ABI_LINUX32); #endif return (SYSDECODE_ABI_LINUX); #endif #if defined(__aarch64__) || defined(__amd64__) case SV_ABI_CLOUDABI: return (SYSDECODE_ABI_CLOUDABI64); #endif default: return (SYSDECODE_ABI_UNKNOWN); } } static void syscallname(u_int code, u_int sv_flags) { const char *name; name = sysdecode_syscallname(syscallabi(sv_flags), code); if (name == NULL) printf("[%d]", code); else { printf("%s", name); if (syscallno) printf("[%d]", code); } } void ktrsyscall(struct ktr_syscall *ktr, u_int sv_flags) { int narg = ktr->ktr_narg; register_t *ip; intmax_t arg; syscallname(ktr->ktr_code, sv_flags); ip = &ktr->ktr_args[0]; if (narg) { char c = '('; if (fancy && (sv_flags == 0 || (sv_flags & SV_ABI_MASK) == SV_ABI_FREEBSD)) { switch (ktr->ktr_code) { case SYS_bindat: case SYS_connectat: case SYS_faccessat: case SYS_fchmodat: case SYS_fchownat: case SYS_fstatat: case SYS_futimesat: case SYS_linkat: case SYS_mkdirat: case SYS_mkfifoat: case SYS_mknodat: case SYS_openat: case SYS_readlinkat: case SYS_renameat: case SYS_unlinkat: case SYS_utimensat: putchar('('); atfdname(*ip, decimal); c = ','; ip++; narg--; break; } switch (ktr->ktr_code) { case SYS_ioctl: { print_number(ip, narg, c); putchar(c); ioctlname(*ip); c = ','; ip++; narg--; break; } case SYS_ptrace: putchar('('); ptraceopname(*ip); c = ','; ip++; narg--; break; case SYS_access: case SYS_eaccess: case SYS_faccessat: print_number(ip, narg, c); putchar(','); accessmodename(*ip); ip++; narg--; break; case SYS_open: case SYS_openat: print_number(ip, narg, c); putchar(','); flagsandmodename(ip[0], ip[1], decimal); ip += 2; narg -= 2; break; case SYS_wait4: print_number(ip, narg, c); print_number(ip, narg, c); /* * A flags value of zero is valid for * wait4() but not for wait6(), so * handle zero special here. */ if (*ip == 0) { print_number(ip, narg, c); } else { putchar(','); wait6optname(*ip); ip++; narg--; } break; case SYS_wait6: putchar('('); idtypename(*ip, decimal); c = ','; ip++; narg--; print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); wait6optname(*ip); ip++; narg--; break; case SYS_chmod: case SYS_fchmod: case SYS_lchmod: print_number(ip, narg, c); putchar(','); modename(*ip); ip++; narg--; break; case SYS_mknod: case SYS_mknodat: print_number(ip, narg, c); putchar(','); modename(*ip); ip++; narg--; break; case SYS_getfsstat: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); getfsstatflagsname(*ip); ip++; narg--; break; case SYS_mount: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); mountflagsname(*ip); ip++; narg--; break; case SYS_unmount: print_number(ip, narg, c); putchar(','); mountflagsname(*ip); ip++; narg--; break; case SYS_recvmsg: case SYS_sendmsg: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); sendrecvflagsname(*ip); ip++; narg--; break; case SYS_recvfrom: case SYS_sendto: print_number(ip, narg, c); print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); sendrecvflagsname(*ip); ip++; narg--; break; case SYS_chflags: case SYS_fchflags: case SYS_lchflags: print_number(ip, narg, c); putchar(','); modename(*ip); ip++; narg--; break; case SYS_kill: print_number(ip, narg, c); putchar(','); signame(*ip); ip++; narg--; break; case SYS_reboot: putchar('('); rebootoptname(*ip); ip++; narg--; break; case SYS_umask: putchar('('); modename(*ip); ip++; narg--; break; case SYS_msync: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); msyncflagsname(*ip); ip++; narg--; break; #ifdef SYS_freebsd6_mmap case SYS_freebsd6_mmap: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); mmapprotname(*ip); putchar(','); ip++; narg--; mmapflagsname(*ip); ip++; narg--; break; #endif case SYS_mmap: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); mmapprotname(*ip); putchar(','); ip++; narg--; mmapflagsname(*ip); ip++; narg--; break; case SYS_mprotect: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); mmapprotname(*ip); ip++; narg--; break; case SYS_madvise: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); madvisebehavname(*ip); ip++; narg--; break; case SYS_setpriority: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); prioname(*ip); ip++; narg--; break; case SYS_fcntl: print_number(ip, narg, c); putchar(','); fcntlcmdname(ip[0], ip[1], decimal); ip += 2; narg -= 2; break; case SYS_socket: { int sockdomain; putchar('('); sockdomain = *ip; sockdomainname(sockdomain); ip++; narg--; putchar(','); socktypenamewithflags(*ip); ip++; narg--; if (sockdomain == PF_INET || sockdomain == PF_INET6) { putchar(','); sockipprotoname(*ip); ip++; narg--; } c = ','; break; } case SYS_setsockopt: case SYS_getsockopt: print_number(ip, narg, c); putchar(','); sockoptlevelname(*ip, decimal); if (*ip == SOL_SOCKET) { ip++; narg--; putchar(','); sockoptname(*ip); } ip++; narg--; break; #ifdef SYS_freebsd6_lseek case SYS_freebsd6_lseek: print_number(ip, narg, c); /* Hidden 'pad' argument, not in lseek(2) */ print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); whencename(*ip); ip++; narg--; break; #endif case SYS_lseek: print_number(ip, narg, c); /* Hidden 'pad' argument, not in lseek(2) */ print_number(ip, narg, c); putchar(','); whencename(*ip); ip++; narg--; break; case SYS_flock: print_number(ip, narg, c); putchar(','); flockname(*ip); ip++; narg--; break; case SYS_mkfifo: case SYS_mkfifoat: case SYS_mkdir: case SYS_mkdirat: print_number(ip, narg, c); putchar(','); modename(*ip); ip++; narg--; break; case SYS_shutdown: print_number(ip, narg, c); putchar(','); shutdownhowname(*ip); ip++; narg--; break; case SYS_socketpair: putchar('('); sockdomainname(*ip); ip++; narg--; putchar(','); socktypenamewithflags(*ip); ip++; narg--; c = ','; break; case SYS_getrlimit: case SYS_setrlimit: putchar('('); rlimitname(*ip); ip++; narg--; c = ','; break; case SYS_quotactl: print_number(ip, narg, c); putchar(','); quotactlname(*ip); ip++; narg--; c = ','; break; case SYS_nfssvc: putchar('('); nfssvcname(*ip); ip++; narg--; c = ','; break; case SYS_rtprio: putchar('('); rtprioname(*ip); ip++; narg--; c = ','; break; case SYS___semctl: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); semctlname(*ip); ip++; narg--; break; case SYS_semget: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); semgetname(*ip); ip++; narg--; break; case SYS_msgctl: print_number(ip, narg, c); putchar(','); shmctlname(*ip); ip++; narg--; break; case SYS_shmat: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); shmatname(*ip); ip++; narg--; break; case SYS_shmctl: print_number(ip, narg, c); putchar(','); shmctlname(*ip); ip++; narg--; break; case SYS_shm_open: print_number(ip, narg, c); putchar(','); flagsname(ip[0]); printf(",0%o", (unsigned int)ip[1]); ip += 3; narg -= 3; break; case SYS_minherit: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); minheritname(*ip); ip++; narg--; break; case SYS_rfork: putchar('('); rforkname(*ip); ip++; narg--; c = ','; break; case SYS_lio_listio: putchar('('); lio_listioname(*ip); ip++; narg--; c = ','; break; case SYS_mlockall: putchar('('); mlockallname(*ip); ip++; narg--; break; case SYS_sched_setscheduler: print_number(ip, narg, c); putchar(','); schedpolicyname(*ip); ip++; narg--; break; case SYS_sched_get_priority_max: case SYS_sched_get_priority_min: putchar('('); schedpolicyname(*ip); ip++; narg--; break; case SYS_sendfile: print_number(ip, narg, c); print_number(ip, narg, c); print_number(ip, narg, c); print_number(ip, narg, c); print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); sendfileflagsname(*(int *)ip); ip++; narg--; break; case SYS_kldsym: print_number(ip, narg, c); putchar(','); kldsymcmdname(*ip); ip++; narg--; break; case SYS_sigprocmask: putchar('('); sigprocmaskhowname(*ip); ip++; narg--; c = ','; break; case SYS___acl_get_file: case SYS___acl_set_file: case SYS___acl_get_fd: case SYS___acl_set_fd: case SYS___acl_delete_file: case SYS___acl_delete_fd: case SYS___acl_aclcheck_file: case SYS___acl_aclcheck_fd: case SYS___acl_get_link: case SYS___acl_set_link: case SYS___acl_delete_link: case SYS___acl_aclcheck_link: print_number(ip, narg, c); putchar(','); acltypename(*ip); ip++; narg--; break; case SYS_sigaction: putchar('('); signame(*ip); ip++; narg--; c = ','; break; case SYS_extattrctl: print_number(ip, narg, c); putchar(','); extattrctlname(*ip); ip++; narg--; break; case SYS_nmount: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); mountflagsname(*ip); ip++; narg--; break; case SYS_thr_create: print_number(ip, narg, c); print_number(ip, narg, c); putchar(','); thrcreateflagsname(*ip); ip++; narg--; break; case SYS_thr_kill: print_number(ip, narg, c); putchar(','); signame(*ip); ip++; narg--; break; case SYS_kldunloadf: print_number(ip, narg, c); putchar(','); kldunloadfflagsname(*ip); ip++; narg--; break; case SYS_linkat: case SYS_renameat: case SYS_symlinkat: print_number(ip, narg, c); putchar(','); atfdname(*ip, decimal); ip++; narg--; break; case SYS_cap_fcntls_limit: print_number(ip, narg, c); putchar(','); arg = *ip; ip++; narg--; capfcntlname(arg); break; case SYS_posix_fadvise: print_number(ip, narg, c); print_number(ip, narg, c); print_number(ip, narg, c); (void)putchar(','); fadvisebehavname((int)*ip); ip++; narg--; break; case SYS_procctl: putchar('('); idtypename(*ip, decimal); c = ','; ip++; narg--; print_number(ip, narg, c); putchar(','); procctlcmdname(*ip); ip++; narg--; break; case SYS__umtx_op: print_number(ip, narg, c); putchar(','); umtxopname(*ip); switch (*ip) { case UMTX_OP_CV_WAIT: ip++; narg--; putchar(','); umtxcvwaitflags(*ip); break; case UMTX_OP_RW_RDLOCK: ip++; narg--; putchar(','); umtxrwlockflags(*ip); break; } ip++; narg--; } } while (narg > 0) { print_number(ip, narg, c); } putchar(')'); } putchar('\n'); } void ktrsysret(struct ktr_sysret *ktr, u_int sv_flags) { register_t ret = ktr->ktr_retval; int error = ktr->ktr_error; syscallname(ktr->ktr_code, sv_flags); printf(" "); if (error == 0) { if (fancy) { printf("%ld", (long)ret); if (ret < 0 || ret > 9) printf("/%#lx", (unsigned long)ret); } else { if (decimal) printf("%ld", (long)ret); else printf("%#lx", (unsigned long)ret); } } else if (error == ERESTART) printf("RESTART"); else if (error == EJUSTRETURN) printf("JUSTRETURN"); else { printf("-1 errno %d", sysdecode_freebsd_to_abi_errno( syscallabi(sv_flags), error)); if (fancy) printf(" %s", strerror(ktr->ktr_error)); } putchar('\n'); } void ktrnamei(char *cp, int len) { printf("\"%.*s\"\n", len, cp); } void hexdump(char *p, int len, int screenwidth) { int n, i; int width; width = 0; do { width += 2; i = 13; /* base offset */ i += (width / 2) + 1; /* spaces every second byte */ i += (width * 2); /* width of bytes */ i += 3; /* " |" */ i += width; /* each byte */ i += 1; /* "|" */ } while (i < screenwidth); width -= 2; for (n = 0; n < len; n += width) { for (i = n; i < n + width; i++) { if ((i % width) == 0) { /* beginning of line */ printf(" 0x%04x", i); } if ((i % 2) == 0) { printf(" "); } if (i < len) printf("%02x", p[i] & 0xff); else printf(" "); } printf(" |"); for (i = n; i < n + width; i++) { if (i >= len) break; if (p[i] >= ' ' && p[i] <= '~') printf("%c", p[i]); else printf("."); } printf("|\n"); } if ((i % width) != 0) printf("\n"); } void visdump(char *dp, int datalen, int screenwidth) { int col = 0; char *cp; int width; char visbuf[5]; printf(" \""); col = 8; for (;datalen > 0; datalen--, dp++) { vis(visbuf, *dp, VIS_CSTYLE, *(dp+1)); cp = visbuf; /* * Keep track of printables and * space chars (like fold(1)). */ if (col == 0) { putchar('\t'); col = 8; } switch(*cp) { case '\n': col = 0; putchar('\n'); continue; case '\t': width = 8 - (col&07); break; default: width = strlen(cp); } if (col + width > (screenwidth-2)) { printf("\\\n\t"); col = 8; } col += width; do { putchar(*cp++); } while (*cp); } if (col == 0) printf(" "); printf("\"\n"); } void ktrgenio(struct ktr_genio *ktr, int len) { int datalen = len - sizeof (struct ktr_genio); char *dp = (char *)ktr + sizeof (struct ktr_genio); static int screenwidth = 0; int i, binary; printf("fd %d %s %d byte%s\n", ktr->ktr_fd, ktr->ktr_rw == UIO_READ ? "read" : "wrote", datalen, datalen == 1 ? "" : "s"); if (suppressdata) return; if (screenwidth == 0) { struct winsize ws; if (fancy && ioctl(fileno(stderr), TIOCGWINSZ, &ws) != -1 && ws.ws_col > 8) screenwidth = ws.ws_col; else screenwidth = 80; } if (maxdata && datalen > maxdata) datalen = maxdata; for (i = 0, binary = 0; i < datalen && binary == 0; i++) { if (dp[i] >= 32 && dp[i] < 127) continue; if (dp[i] == 10 || dp[i] == 13 || dp[i] == 0 || dp[i] == 9) continue; binary = 1; } if (binary) hexdump(dp, datalen, screenwidth); else visdump(dp, datalen, screenwidth); } const char *signames[] = { "NULL", "HUP", "INT", "QUIT", "ILL", "TRAP", "IOT", /* 1 - 6 */ "EMT", "FPE", "KILL", "BUS", "SEGV", "SYS", /* 7 - 12 */ "PIPE", "ALRM", "TERM", "URG", "STOP", "TSTP", /* 13 - 18 */ "CONT", "CHLD", "TTIN", "TTOU", "IO", "XCPU", /* 19 - 24 */ "XFSZ", "VTALRM", "PROF", "WINCH", "29", "USR1", /* 25 - 30 */ "USR2", NULL, /* 31 - 32 */ }; void ktrpsig(struct ktr_psig *psig) { if (psig->signo > 0 && psig->signo < NSIG) printf("SIG%s ", signames[psig->signo]); else printf("SIG %d ", psig->signo); if (psig->action == SIG_DFL) { printf("SIG_DFL code="); sigcodename(psig->signo, psig->code); putchar('\n'); } else { printf("caught handler=0x%lx mask=0x%x code=", (u_long)psig->action, psig->mask.__bits[0]); sigcodename(psig->signo, psig->code); putchar('\n'); } } void ktrcsw_old(struct ktr_csw_old *cs) { printf("%s %s\n", cs->out ? "stop" : "resume", cs->user ? "user" : "kernel"); } void ktrcsw(struct ktr_csw *cs) { printf("%s %s \"%s\"\n", cs->out ? "stop" : "resume", cs->user ? "user" : "kernel", cs->wmesg); } void ktruser(int len, void *p) { unsigned char *cp; if (sysdecode_utrace(stdout, p, len)) { printf("\n"); return; } printf("%d ", len); cp = p; while (len--) if (decimal) printf(" %d", *cp++); else printf(" %02x", *cp++); printf("\n"); } void ktrcaprights(cap_rights_t *rightsp) { printf("cap_rights_t "); capname(rightsp); printf("\n"); } void ktrsockaddr(struct sockaddr *sa) { /* TODO: Support additional address families #include struct sockaddr_natm *natm; #include struct sockaddr_nb *nb; */ char addr[64]; /* * note: ktrstruct() has already verified that sa points to a * buffer at least sizeof(struct sockaddr) bytes long and exactly * sa->sa_len bytes long. */ printf("struct sockaddr { "); sockfamilyname(sa->sa_family); printf(", "); #define check_sockaddr_len(n) \ if (sa_##n.s##n##_len < sizeof(struct sockaddr_##n)) { \ printf("invalid"); \ break; \ } switch(sa->sa_family) { case AF_INET: { struct sockaddr_in sa_in; memset(&sa_in, 0, sizeof(sa_in)); memcpy(&sa_in, sa, sa->sa_len); check_sockaddr_len(in); inet_ntop(AF_INET, &sa_in.sin_addr, addr, sizeof addr); printf("%s:%u", addr, ntohs(sa_in.sin_port)); break; } case AF_INET6: { struct sockaddr_in6 sa_in6; memset(&sa_in6, 0, sizeof(sa_in6)); memcpy(&sa_in6, sa, sa->sa_len); check_sockaddr_len(in6); getnameinfo((struct sockaddr *)&sa_in6, sizeof(sa_in6), addr, sizeof(addr), NULL, 0, NI_NUMERICHOST); printf("[%s]:%u", addr, htons(sa_in6.sin6_port)); break; } case AF_UNIX: { struct sockaddr_un sa_un; memset(&sa_un, 0, sizeof(sa_un)); memcpy(&sa_un, sa, sa->sa_len); printf("%.*s", (int)sizeof(sa_un.sun_path), sa_un.sun_path); break; } default: printf("unknown address family"); } printf(" }\n"); } void ktrstat(struct stat *statp) { char mode[12], timestr[PATH_MAX + 4]; struct passwd *pwd; struct group *grp; struct tm *tm; /* * note: ktrstruct() has already verified that statp points to a * buffer exactly sizeof(struct stat) bytes long. */ printf("struct stat {"); printf("dev=%ju, ino=%ju, ", (uintmax_t)statp->st_dev, (uintmax_t)statp->st_ino); if (resolv == 0) printf("mode=0%jo, ", (uintmax_t)statp->st_mode); else { strmode(statp->st_mode, mode); printf("mode=%s, ", mode); } printf("nlink=%ju, ", (uintmax_t)statp->st_nlink); if (resolv == 0) { pwd = NULL; } else { -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER if (cappwd != NULL) pwd = cap_getpwuid(cappwd, statp->st_uid); else #endif pwd = getpwuid(statp->st_uid); } if (pwd == NULL) printf("uid=%ju, ", (uintmax_t)statp->st_uid); else printf("uid=\"%s\", ", pwd->pw_name); if (resolv == 0) { grp = NULL; } else { -#ifdef HAVE_LIBCAPSICUM +#ifdef HAVE_LIBCASPER if (capgrp != NULL) grp = cap_getgrgid(capgrp, statp->st_gid); else #endif grp = getgrgid(statp->st_gid); } if (grp == NULL) printf("gid=%ju, ", (uintmax_t)statp->st_gid); else printf("gid=\"%s\", ", grp->gr_name); printf("rdev=%ju, ", (uintmax_t)statp->st_rdev); printf("atime="); if (resolv == 0) printf("%jd", (intmax_t)statp->st_atim.tv_sec); else { tm = localtime(&statp->st_atim.tv_sec); strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); printf("\"%s\"", timestr); } if (statp->st_atim.tv_nsec != 0) printf(".%09ld, ", statp->st_atim.tv_nsec); else printf(", "); printf("stime="); if (resolv == 0) printf("%jd", (intmax_t)statp->st_mtim.tv_sec); else { tm = localtime(&statp->st_mtim.tv_sec); strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); printf("\"%s\"", timestr); } if (statp->st_mtim.tv_nsec != 0) printf(".%09ld, ", statp->st_mtim.tv_nsec); else printf(", "); printf("ctime="); if (resolv == 0) printf("%jd", (intmax_t)statp->st_ctim.tv_sec); else { tm = localtime(&statp->st_ctim.tv_sec); strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); printf("\"%s\"", timestr); } if (statp->st_ctim.tv_nsec != 0) printf(".%09ld, ", statp->st_ctim.tv_nsec); else printf(", "); printf("birthtime="); if (resolv == 0) printf("%jd", (intmax_t)statp->st_birthtim.tv_sec); else { tm = localtime(&statp->st_birthtim.tv_sec); strftime(timestr, sizeof(timestr), TIME_FORMAT, tm); printf("\"%s\"", timestr); } if (statp->st_birthtim.tv_nsec != 0) printf(".%09ld, ", statp->st_birthtim.tv_nsec); else printf(", "); printf("size=%jd, blksize=%ju, blocks=%jd, flags=0x%x", (uintmax_t)statp->st_size, (uintmax_t)statp->st_blksize, (intmax_t)statp->st_blocks, statp->st_flags); printf(" }\n"); } void ktrstruct(char *buf, size_t buflen) { char *name, *data; size_t namelen, datalen; int i; cap_rights_t rights; struct stat sb; struct sockaddr_storage ss; for (name = buf, namelen = 0; namelen < buflen && name[namelen] != '\0'; ++namelen) /* nothing */; if (namelen == buflen) goto invalid; if (name[namelen] != '\0') goto invalid; data = buf + namelen + 1; datalen = buflen - namelen - 1; if (datalen == 0) goto invalid; /* sanity check */ for (i = 0; i < (int)namelen; ++i) if (!isalpha(name[i])) goto invalid; if (strcmp(name, "caprights") == 0) { if (datalen != sizeof(cap_rights_t)) goto invalid; memcpy(&rights, data, datalen); ktrcaprights(&rights); } else if (strcmp(name, "stat") == 0) { if (datalen != sizeof(struct stat)) goto invalid; memcpy(&sb, data, datalen); ktrstat(&sb); } else if (strcmp(name, "sockaddr") == 0) { if (datalen > sizeof(ss)) goto invalid; memcpy(&ss, data, datalen); if (datalen != ss.ss_len) goto invalid; ktrsockaddr((struct sockaddr *)&ss); } else { printf("unknown structure\n"); } return; invalid: printf("invalid record\n"); } void ktrcapfail(struct ktr_cap_fail *ktr) { switch (ktr->cap_type) { case CAPFAIL_NOTCAPABLE: /* operation on fd with insufficient capabilities */ printf("operation requires "); capname(&ktr->cap_needed); printf(", descriptor holds "); capname(&ktr->cap_held); break; case CAPFAIL_INCREASE: /* requested more capabilities than fd already has */ printf("attempt to increase capabilities from "); capname(&ktr->cap_held); printf(" to "); capname(&ktr->cap_needed); break; case CAPFAIL_SYSCALL: /* called restricted syscall */ printf("disallowed system call"); break; case CAPFAIL_LOOKUP: /* used ".." in strict-relative mode */ printf("restricted VFS lookup"); break; default: printf("unknown capability failure: "); capname(&ktr->cap_needed); printf(" "); capname(&ktr->cap_held); break; } printf("\n"); } void ktrfault(struct ktr_fault *ktr) { printf("0x%jx ", (uintmax_t)ktr->vaddr); vmprotname(ktr->type); printf("\n"); } void ktrfaultend(struct ktr_faultend *ktr) { vmresultname(ktr->result); printf("\n"); } void usage(void) { fprintf(stderr, "usage: kdump [-dEnlHRrSsTA] [-f trfile] " "[-m maxdata] [-p pid] [-t trstr]\n"); exit(1); } Index: head/usr.sbin/tcpdump/tcpdump/Makefile =================================================================== --- head/usr.sbin/tcpdump/tcpdump/Makefile (revision 296046) +++ head/usr.sbin/tcpdump/tcpdump/Makefile (revision 296047) @@ -1,200 +1,201 @@ # $FreeBSD$ .include TCPDUMP_DISTDIR?= ${.CURDIR}/../../../contrib/tcpdump .PATH: ${TCPDUMP_DISTDIR} PROG= tcpdump SRCS= addrtoname.c \ af.c \ checksum.c \ cpack.c \ gmpls.c \ gmt2local.c \ in_cksum.c \ ipproto.c \ l2vpn.c \ machdep.c \ nlpid.c \ oui.c \ parsenfsfh.c \ print-802_11.c \ print-802_15_4.c \ print-ah.c \ print-ahcp.c \ print-aodv.c \ print-aoe.c \ print-ap1394.c \ print-arcnet.c \ print-arp.c \ print-ascii.c \ print-atalk.c \ print-atm.c \ print-beep.c \ print-bfd.c \ print-bgp.c \ print-bootp.c \ print-bt.c \ print-calm-fast.c \ print-carp.c \ print-cdp.c \ print-cfm.c \ print-chdlc.c \ print-cip.c \ print-cnfp.c \ print-dccp.c \ print-decnet.c \ print-domain.c \ print-dtp.c \ print-dvmrp.c \ print-eap.c \ print-egp.c \ print-eigrp.c \ print-enc.c \ print-esp.c \ print-ether.c \ print-fddi.c \ print-forces.c \ print-fr.c \ print-ftp.c \ print-geneve.c \ print-geonet.c \ print-gre.c \ print-hsrp.c \ print-http.c \ print-icmp.c \ print-igmp.c \ print-igrp.c \ print-ip.c \ print-ip6.c \ print-ipcomp.c \ print-ipfc.c \ print-ipnet.c \ print-ipx.c \ print-isakmp.c \ print-isoclns.c \ print-juniper.c \ print-krb.c \ print-l2tp.c \ print-lane.c \ print-ldp.c \ print-llc.c \ print-lldp.c \ print-lmp.c \ print-loopback.c \ print-lspping.c \ print-lwapp.c \ print-lwres.c \ print-m3ua.c \ print-mobile.c \ print-mpcp.c \ print-mpls.c \ print-mptcp.c \ print-msdp.c \ print-msnlb.c \ print-nfs.c \ print-ntp.c \ print-null.c \ print-olsr.c \ print-openflow.c \ print-openflow-1.0.c \ print-ospf.c \ print-otv.c \ print-pgm.c \ print-pim.c \ print-pktap.c \ print-ppi.c \ print-ppp.c \ print-pppoe.c \ print-pptp.c \ print-radius.c \ print-raw.c \ print-rip.c \ print-rpki-rtr.c \ print-rrcp.c \ print-rsvp.c \ print-rtsp.c \ print-rx.c \ print-sctp.c \ print-sflow.c \ print-sip.c \ print-sl.c \ print-sll.c \ print-slow.c \ print-smb.c \ print-smtp.c \ print-snmp.c \ print-stp.c \ print-sunatm.c \ print-sunrpc.c \ print-symantec.c \ print-syslog.c \ print-tcp.c \ print-telnet.c \ print-tftp.c \ print-timed.c \ print-tipc.c \ print-token.c \ print-udld.c \ print-udp.c \ print-vjc.c \ print-vqp.c \ print-vrrp.c \ print-vtp.c \ print-vxlan.c \ print-wb.c \ print-zephyr.c \ print-zeromq.c \ setsignal.c \ signature.c \ smbutil.c \ tcpdump.c \ util.c \ version.c CLEANFILES+= version.c CFLAGS+= -I${.CURDIR} -I${TCPDUMP_DISTDIR} CFLAGS+= -DHAVE_CONFIG_H CFLAGS+= -D_U_="__attribute__((unused))" .if ${MK_INET6_SUPPORT} != "no" SRCS+= print-babel.c \ print-dhcp6.c \ print-frag6.c \ print-icmp6.c \ print-ip6opts.c \ print-mobility.c \ print-ospf6.c \ print-ripng.c \ print-rt6.c CFLAGS+= -DINET6 .endif .if ${MACHINE_CPUARCH} != "i386" CFLAGS+= -DLBL_ALIGN .endif LIBADD= l pcap .if ${MK_CASPER} != "no" -LIBADD+= capsicum -CFLAGS+=-DHAVE_CAPSICUM +LIBADD+= casper +LIBADD+= cap_dns +CFLAGS+=-DHAVE_CASPER .endif .if ${MK_OPENSSL} != "no" LIBADD+= crypto CFLAGS+= -I${DESTDIR}/usr/include/openssl CFLAGS+= -DHAVE_LIBCRYPTO -DHAVE_OPENSSL_EVP_H .endif .if ${MK_PF} != "no" SRCS+= print-pflog.c \ print-pfsync.c CFLAGS+= -DHAVE_NET_PFVAR_H .endif version.c: ${TCPDUMP_DISTDIR}/VERSION rm -f version.c ; \ sed 's/.*/char version[] = "&";/' ${TCPDUMP_DISTDIR}/VERSION \ > version.c .include Index: head/usr.sbin/tcpdump/tcpdump/config.h =================================================================== --- head/usr.sbin/tcpdump/tcpdump/config.h (revision 296046) +++ head/usr.sbin/tcpdump/tcpdump/config.h (revision 296047) @@ -1,406 +1,406 @@ /* $FreeBSD$ */ /* This is an edited copy of the config.h generated by configure. */ /* config.h. Generated from config.h.in by configure. */ /* config.h.in. Generated from configure.in by autoheader. */ /* define if you have the addrinfo function */ #define HAVE_ADDRINFO 1 /* Define to 1 if you have the `alarm' function. */ #define HAVE_ALARM 1 /* Define to 1 if you have the `bpf_dump' function. */ #define HAVE_BPF_DUMP 1 /* capsicum support available */ /* See Makefile */ -/* #undef HAVE_CAPSICUM */ +/* #undef HAVE_CAPSPER */ /* Define to 1 if you have the `cap_enter' function. */ #define HAVE_CAP_ENTER 1 /* Define to 1 if you have the `cap_ioctls_limit' function. */ #define HAVE_CAP_IOCTLS_LIMIT 1 /* Define to 1 if you have the header file. */ /* #undef HAVE_CAP_NG_H */ /* Define to 1 if you have the `cap_rights_limit' function. */ #define HAVE_CAP_RIGHTS_LIMIT 1 /* Define to 1 if you have the declaration of `ether_ntohost', and to 0 if you don't. */ #define HAVE_DECL_ETHER_NTOHOST 1 /* define if you have the dnet_htoa function */ /* #undef HAVE_DNET_HTOA */ /* Define to 1 if you have the `ether_ntohost' function. */ #define HAVE_ETHER_NTOHOST 1 /* Define to 1 if you have the header file. */ #define HAVE_FCNTL_H 1 /* Define to 1 if you have the `fork' function. */ #define HAVE_FORK 1 /* Define to 1 if you have the `getnameinfo' function. */ #define HAVE_GETNAMEINFO 1 /* Define to 1 if you have the `getopt_long' function. */ #define HAVE_GETOPT_LONG 1 /* define if you have getrpcbynumber() */ #define HAVE_GETRPCBYNUMBER 1 /* define if you have the h_errno variable */ #define HAVE_H_ERRNO 1 /* Define to 1 if you have the header file. */ #define HAVE_INTTYPES_H 1 /* Define to 1 if you have the `cap-ng' library (-lcap-ng). */ /* #undef HAVE_LIBCAP_NG */ /* Define to 1 if you have the `crypto' library (-lcrypto). */ /* See Makefile */ /* #undef HAVE_LIBCRYPTO */ /* Define to 1 if you have the `rpc' library (-lrpc). */ /* #undef HAVE_LIBRPC */ /* Define to 1 if you have the header file. */ #define HAVE_MEMORY_H 1 /* Define to 1 if you have the header file. */ /* #undef HAVE_NETDNET_DNETDB_H */ /* define if you have a dnet_htoa declaration in */ /* #undef HAVE_NETDNET_DNETDB_H_DNET_HTOA */ /* Define to 1 if you have the header file. */ /* #undef HAVE_NETINET_ETHER_H */ /* Define to 1 if you have the header file. */ #define HAVE_NETINET_IF_ETHER_H 1 /* Define to 1 if you have the header file. */ /* See Makefile */ /* #undef HAVE_NET_PFVAR_H */ /* Define to 1 if you have the `openat' function. */ #define HAVE_OPENAT 1 /* Define to 1 if you have the header file. */ /* See Makefile */ /* #undef HAVE_OPENSSL_EVP_H 1 */ /* if there's an os_proto.h for this platform, to use additional prototypes */ /* #undef HAVE_OS_PROTO_H */ /* Define to 1 if you have the header file. */ /* #undef HAVE_PCAP_BLUETOOTH_H */ /* Define to 1 if you have the `pcap_breakloop' function. */ #define HAVE_PCAP_BREAKLOOP 1 /* Define to 1 if you have the `pcap_create' function. */ #define HAVE_PCAP_CREATE 1 /* define if libpcap has pcap_datalink_name_to_val() */ #define HAVE_PCAP_DATALINK_NAME_TO_VAL 1 /* define if libpcap has pcap_datalink_val_to_description() */ #define HAVE_PCAP_DATALINK_VAL_TO_DESCRIPTION 1 /* define if libpcap has pcap_debug */ /* #undef HAVE_PCAP_DEBUG */ /* Define to 1 if you have the `pcap_dump_flush' function. */ #define HAVE_PCAP_DUMP_FLUSH 1 /* define if libpcap has pcap_dump_ftell() */ #define HAVE_PCAP_DUMP_FTELL 1 /* Define to 1 if you have the `pcap_findalldevs' function. */ #define HAVE_PCAP_FINDALLDEVS 1 /* Define to 1 if you have the `pcap_free_datalinks' function. */ #define HAVE_PCAP_FREE_DATALINKS 1 /* Define to 1 if the system has the type `pcap_if_t'. */ #define HAVE_PCAP_IF_T 1 /* Define to 1 if you have the `pcap_lib_version' function. */ #define HAVE_PCAP_LIB_VERSION 1 /* define if libpcap has pcap_list_datalinks() */ #define HAVE_PCAP_LIST_DATALINKS 1 /* Define to 1 if you have the header file. */ /* #undef HAVE_PCAP_NFLOG_H */ /* Define to 1 if you have the `pcap_setdirection' function. */ #define HAVE_PCAP_SETDIRECTION 1 /* Define to 1 if you have the `pcap_set_datalink' function. */ #define HAVE_PCAP_SET_DATALINK 1 /* Define to 1 if you have the `pcap_set_immediate_mode' function. */ #define HAVE_PCAP_SET_IMMEDIATE_MODE 1 /* Define to 1 if you have the `pcap_set_tstamp_precision' function. */ #define HAVE_PCAP_SET_TSTAMP_PRECISION 1 /* Define to 1 if you have the `pcap_set_tstamp_type' function. */ #define HAVE_PCAP_SET_TSTAMP_TYPE 1 /* Define to 1 if you have the header file. */ /* #undef HAVE_PCAP_USB_H */ /* define if libpcap has pcap_version */ /* #undef HAVE_PCAP_VERSION */ /* Define to 1 if you have the `pfopen' function. */ /* #undef HAVE_PFOPEN */ /* Define to 1 if you have the header file. */ #define HAVE_RPC_RPCENT_H 1 /* Define to 1 if you have the header file. */ #define HAVE_RPC_RPC_H 1 /* Define to 1 if you have the `setlinebuf' function. */ #define HAVE_SETLINEBUF 1 /* Define to 1 if you have the `sigaction' function. */ #define HAVE_SIGACTION 1 /* Define to 1 if you have the `sigset' function. */ /* #undef HAVE_SIGSET */ /* Define to 1 if you have the `snprintf' function. */ #define HAVE_SNPRINTF 1 /* if struct sockaddr has the sa_len member */ #define HAVE_SOCKADDR_SA_LEN 1 /* Define to 1 if you have the header file. */ #define HAVE_STDINT_H 1 /* Define to 1 if you have the header file. */ #define HAVE_STDLIB_H 1 /* Define to 1 if you have the `strcasecmp' function. */ #define HAVE_STRCASECMP 1 /* Define to 1 if you have the `strdup' function. */ #define HAVE_STRDUP 1 /* Define to 1 if you have the `strftime' function. */ #define HAVE_STRFTIME 1 /* Define to 1 if you have the header file. */ #define HAVE_STRINGS_H 1 /* Define to 1 if you have the header file. */ #define HAVE_STRING_H 1 /* Define to 1 if you have the `strlcat' function. */ #define HAVE_STRLCAT 1 /* Define to 1 if you have the `strlcpy' function. */ #define HAVE_STRLCPY 1 /* Define to 1 if you have the `strsep' function. */ #define HAVE_STRSEP 1 /* Define to 1 if the system has the type `struct ether_addr'. */ /* #undef HAVE_STRUCT_ETHER_ADDR */ /* Define to 1 if you have the header file. */ #define HAVE_SYS_STAT_H 1 /* Define to 1 if you have the header file. */ #define HAVE_SYS_TYPES_H 1 /* Define to 1 if the system has the type `uintptr_t'. */ #define HAVE_UINTPTR_T 1 /* Define to 1 if you have the header file. */ #define HAVE_UNISTD_H 1 /* Define to 1 if you have the `vfork' function. */ #define HAVE_VFORK 1 /* Define to 1 if you have the `vfprintf' function. */ #define HAVE_VFPRINTF 1 /* Define to 1 if you have the `vsnprintf' function. */ #define HAVE_VSNPRINTF 1 /* define if libpcap has yydebug */ /* #undef HAVE_YYDEBUG */ /* define if your compiler has __attribute__ */ #define HAVE___ATTRIBUTE__ 1 /* Define if you enable IPv6 support */ /* See Makefile */ /* #undef INET6 */ /* if unaligned access fails */ /* #undef LBL_ALIGN */ /* define if you need to include missing/addrinfo.h */ /* #undef NEED_ADDRINFO_H */ /* Define to 1 if netinet/ether.h declares `ether_ntohost' */ /* #undef NETINET_ETHER_H_DECLARES_ETHER_NTOHOST */ /* Define to 1 if netinet/if_ether.h declares `ether_ntohost' */ #define NETINET_IF_ETHER_H_DECLARES_ETHER_NTOHOST /**/ /* Define to the address where bug reports for this package should be sent. */ #define PACKAGE_BUGREPORT "" /* Define to the full name of this package. */ #define PACKAGE_NAME "" /* Define to the full name and version of this package. */ #define PACKAGE_STRING "" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "" /* Define to the home page for this package. */ #define PACKAGE_URL "" /* Define to the version of this package. */ #define PACKAGE_VERSION "" /* define if the platform doesn't define PRId64 */ /* #undef PRId64 */ /* define if the platform doesn't define PRIo64 */ /* #undef PRIo64 */ /* define if the platform doesn't define PRIx64 */ /* #undef PRIu64 */ /* define if the platform doesn't define PRIu64 */ /* #undef PRIx64 */ /* Define as the return type of signal handlers (`int' or `void'). */ #define RETSIGTYPE void /* return value of signal handlers */ #define RETSIGVAL /**/ /* Define to 1 if you have the ANSI C header files. */ #define STDC_HEADERS 1 /* define if you want to build the possibly-buggy SMB printer */ #define TCPDUMP_DO_SMB 1 /* Define to 1 if you can safely include both and . */ #define TIME_WITH_SYS_TIME 1 /* define if you have ether_ntohost() and it works */ #define USE_ETHER_NTOHOST 1 /* Define if you enable support for libsmi */ /* #undef USE_LIBSMI */ /* define if should chroot when dropping privileges */ /* #undef WITH_CHROOT */ /* define if should drop privileges by default */ /* #undef WITH_USER */ /* get BSD semantics on Irix */ /* #undef _BSD_SIGNALS */ /* define on AIX to get certain functions */ /* #undef _SUN */ /* Define for Solaris 2.5.1 so the uint32_t typedef from , , or is not used. If the typedef were allowed, the #define below would cause a syntax error. */ /* #undef _UINT32_T */ /* Define for Solaris 2.5.1 so the uint64_t typedef from , , or is not used. If the typedef were allowed, the #define below would cause a syntax error. */ /* #undef _UINT64_T */ /* Define for Solaris 2.5.1 so the uint8_t typedef from , , or is not used. If the typedef were allowed, the #define below would cause a syntax error. */ /* #undef _UINT8_T */ /* define if your compiler allows __attribute__((format)) without a warning */ #define __ATTRIBUTE___FORMAT_OK 1 /* define if your compiler allows __attribute__((format)) to be applied to function pointers */ #define __ATTRIBUTE___FORMAT_OK_FOR_FUNCTION_POINTERS 1 /* define if your compiler allows __attribute__((noreturn)) to be applied to function pointers */ #define __ATTRIBUTE___NORETURN_OK_FOR_FUNCTION_POINTERS 1 /* to handle Ultrix compilers that don't support const in prototypes */ /* #undef const */ /* Define as token for inline if inlining supported */ #define inline inline /* Define to the type of a signed integer type of width exactly 16 bits if such a type exists and the standard includes do not define it. */ /* #undef int16_t */ /* Define to the type of a signed integer type of width exactly 32 bits if such a type exists and the standard includes do not define it. */ /* #undef int32_t */ /* Define to the type of a signed integer type of width exactly 64 bits if such a type exists and the standard includes do not define it. */ /* #undef int64_t */ /* Define to the type of a signed integer type of width exactly 8 bits if such a type exists and the standard includes do not define it. */ /* #undef int8_t */ /* Define to `uint16_t' if u_int16_t not defined. */ /* #undef u_int16_t */ /* Define to `uint32_t' if u_int32_t not defined. */ /* #undef u_int32_t */ /* Define to `uint64_t' if u_int64_t not defined. */ /* #undef u_int64_t */ /* Define to `uint8_t' if u_int8_t not defined. */ /* #undef u_int8_t */ /* Define to the type of an unsigned integer type of width exactly 16 bits if such a type exists and the standard includes do not define it. */ /* #undef uint16_t */ /* Define to the type of an unsigned integer type of width exactly 32 bits if such a type exists and the standard includes do not define it. */ /* #undef uint32_t */ /* Define to the type of an unsigned integer type of width exactly 64 bits if such a type exists and the standard includes do not define it. */ /* #undef uint64_t */ /* Define to the type of an unsigned integer type of width exactly 8 bits if such a type exists and the standard includes do not define it. */ /* #undef uint8_t */ /* Define to the type of an unsigned integer type wide enough to hold a pointer, if such a type exists, and if the system does not define it. */ /* #undef uintptr_t */