From owner-svn-src-all@FreeBSD.ORG Thu Oct 1 15:19:38 2009 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3E3631065679; Thu, 1 Oct 2009 15:19:38 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 2A37B8FC18; Thu, 1 Oct 2009 15:19:38 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n91FJc7x055342; Thu, 1 Oct 2009 15:19:38 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n91FJbKT055320; Thu, 1 Oct 2009 15:19:37 GMT (envelope-from des@svn.freebsd.org) Message-Id: <200910011519.n91FJbKT055320@svn.freebsd.org> From: Dag-Erling Smorgrav Date: Thu, 1 Oct 2009 15:19:37 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org X-SVN-Group: vendor-crypto MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r197670 - in vendor-crypto/openssh/dist: . contrib/aix contrib/caldera contrib/cygwin contrib/redhat contrib/suse openbsd-compat X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Oct 2009 15:19:38 -0000 Author: des Date: Thu Oct 1 15:19:37 2009 New Revision: 197670 URL: http://svn.freebsd.org/changeset/base/197670 Log: Vendor import of OpenSSH 5.3p1 Added: vendor-crypto/openssh/dist/roaming.h (contents, props changed) vendor-crypto/openssh/dist/roaming_common.c (contents, props changed) vendor-crypto/openssh/dist/roaming_dummy.c (contents, props changed) vendor-crypto/openssh/dist/schnorr.h (contents, props changed) Modified: vendor-crypto/openssh/dist/ChangeLog vendor-crypto/openssh/dist/Makefile.in vendor-crypto/openssh/dist/README vendor-crypto/openssh/dist/README.platform vendor-crypto/openssh/dist/auth-pam.c vendor-crypto/openssh/dist/auth-passwd.c vendor-crypto/openssh/dist/auth-sia.c vendor-crypto/openssh/dist/auth1.c vendor-crypto/openssh/dist/auth2-jpake.c vendor-crypto/openssh/dist/auth2-kbdint.c vendor-crypto/openssh/dist/auth2-none.c vendor-crypto/openssh/dist/auth2-passwd.c vendor-crypto/openssh/dist/auth2-pubkey.c vendor-crypto/openssh/dist/auth2.c vendor-crypto/openssh/dist/canohost.c vendor-crypto/openssh/dist/canohost.h vendor-crypto/openssh/dist/channels.c vendor-crypto/openssh/dist/clientloop.c vendor-crypto/openssh/dist/config.h.in vendor-crypto/openssh/dist/configure (contents, props changed) vendor-crypto/openssh/dist/configure.ac vendor-crypto/openssh/dist/contrib/aix/buildbff.sh vendor-crypto/openssh/dist/contrib/caldera/openssh.spec vendor-crypto/openssh/dist/contrib/cygwin/ssh-host-config vendor-crypto/openssh/dist/contrib/cygwin/ssh-user-config vendor-crypto/openssh/dist/contrib/redhat/openssh.spec vendor-crypto/openssh/dist/contrib/suse/openssh.spec vendor-crypto/openssh/dist/defines.h vendor-crypto/openssh/dist/gss-genr.c vendor-crypto/openssh/dist/includes.h vendor-crypto/openssh/dist/jpake.c vendor-crypto/openssh/dist/jpake.h vendor-crypto/openssh/dist/kex.c vendor-crypto/openssh/dist/kex.h vendor-crypto/openssh/dist/kexdhs.c vendor-crypto/openssh/dist/kexgexs.c vendor-crypto/openssh/dist/moduli.0 vendor-crypto/openssh/dist/monitor.c vendor-crypto/openssh/dist/monitor_mm.c vendor-crypto/openssh/dist/monitor_wrap.c vendor-crypto/openssh/dist/monitor_wrap.h vendor-crypto/openssh/dist/openbsd-compat/bsd-cygwin_util.c vendor-crypto/openssh/dist/openbsd-compat/bsd-cygwin_util.h vendor-crypto/openssh/dist/openbsd-compat/daemon.c vendor-crypto/openssh/dist/openbsd-compat/getrrsetbyname.c vendor-crypto/openssh/dist/openbsd-compat/openssl-compat.c vendor-crypto/openssh/dist/openbsd-compat/openssl-compat.h vendor-crypto/openssh/dist/openbsd-compat/port-aix.c vendor-crypto/openssh/dist/openbsd-compat/port-aix.h vendor-crypto/openssh/dist/packet.c vendor-crypto/openssh/dist/packet.h vendor-crypto/openssh/dist/readconf.c vendor-crypto/openssh/dist/readconf.h vendor-crypto/openssh/dist/schnorr.c vendor-crypto/openssh/dist/scp.0 vendor-crypto/openssh/dist/servconf.c vendor-crypto/openssh/dist/serverloop.c vendor-crypto/openssh/dist/session.c vendor-crypto/openssh/dist/sftp-client.c vendor-crypto/openssh/dist/sftp-server.0 vendor-crypto/openssh/dist/sftp-server.8 vendor-crypto/openssh/dist/sftp-server.c vendor-crypto/openssh/dist/sftp.0 vendor-crypto/openssh/dist/ssh-add.0 vendor-crypto/openssh/dist/ssh-agent.0 vendor-crypto/openssh/dist/ssh-agent.1 vendor-crypto/openssh/dist/ssh-agent.c vendor-crypto/openssh/dist/ssh-keygen.0 vendor-crypto/openssh/dist/ssh-keygen.c vendor-crypto/openssh/dist/ssh-keyscan.0 vendor-crypto/openssh/dist/ssh-keysign.0 vendor-crypto/openssh/dist/ssh-rand-helper.0 vendor-crypto/openssh/dist/ssh.0 vendor-crypto/openssh/dist/ssh.1 vendor-crypto/openssh/dist/ssh.c vendor-crypto/openssh/dist/ssh_config.0 vendor-crypto/openssh/dist/sshconnect.c vendor-crypto/openssh/dist/sshconnect.h vendor-crypto/openssh/dist/sshconnect2.c vendor-crypto/openssh/dist/sshd.0 vendor-crypto/openssh/dist/sshd.8 vendor-crypto/openssh/dist/sshd.c vendor-crypto/openssh/dist/sshd_config.0 vendor-crypto/openssh/dist/sshd_config.5 vendor-crypto/openssh/dist/sshlogin.c vendor-crypto/openssh/dist/uuencode.c vendor-crypto/openssh/dist/version.h Modified: vendor-crypto/openssh/dist/ChangeLog ============================================================================== --- vendor-crypto/openssh/dist/ChangeLog Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/ChangeLog Thu Oct 1 15:19:37 2009 (r197670) @@ -1,3 +1,282 @@ +20090926 + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update for release + - (djm) [README] update relnotes URL + - (djm) [packet.c] Restore EWOULDBLOCK handling that got lost somewhere + - (djm) Release 5.3p1 + +20090911 + - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X + 10.6 (which doesn't have BIND8_COMPAT and thus uses res_9_query). Patch + from jbasney at ncsa uiuc edu. + +20090908 + - (djm) [serverloop.c] Fix test for server-assigned remote forwarding port + (-R 0:...); bz#1578, spotted and fix by gavin AT emf.net; ok dtucker@ + +20090901 + - (dtucker) [configure.ac] Bug #1639: use AC_PATH_PROG to search the path for + krb5-config if it's not in the location specified by --with-kerberos5. + Patch from jchadima at redhat. + +20090829 + - (dtucker) [README.platform] Add text about development packages, based on + text from Chris Pepper in bug #1631. + +20090828 + - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently + causes problems in some Tru64 configurations. + - (djm) [sshd_config.5] downgrade mention of login.conf to be an example + and mention PAM as another provider for ChallengeResponseAuthentication; + bz#1408; ok dtucker@ + - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when + attempting atomic rename(); ok dtucker@ + - (djm) [Makefile.in] bz#1505: Solaris make(1) doesn't accept make variables + in argv, so pass them in the environment; ok dtucker@ + - (dtucker) [channels.c configure.ac] Bug #1528: skip the tcgetattr call on + the pty master on Solaris, since it never succeeds and can hang if large + amounts of data is sent to the slave (eg a copy-paste). Based on a patch + originally from Doke Scott, ok djm@ + - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer + size a compile-time option and set it to 64k on Cygwin, since Corinna + reports that it makes a significant difference to performance. ok djm@ + - (dtucker) [configure.ac] Fix the syntax of the Solaris tcgetattr entry. + +20090820 + - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not + using it since the type conflicts can cause problems on FreeBSD. Patch + from Jonathan Chen. + - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: move + the setpcred call on AIX to immediately before the permanently_set_uid(). + Ensures that we still have privileges when we call chroot and + pam_open_sesson. Based on a patch from David Leonard. + +20090817 + - (dtucker) [configure.ac] Check for headers before libraries for openssl an + zlib, which should make the errors slightly more meaningful on platforms + where there's separate "-devel" packages for those. + - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: make + PrintLastLog work on AIX. Based in part on a patch from Miguel Sanders. + +20090729 + - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error + function. Patch from Corinna Vinschen. + +20090713 + - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it + fits into 16 bits to work around a bug in glibc's resolver where it masks + off the buffer size at 16 bits. Patch from Hauke Lampe, ok djm jakob. + +20090712 + - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test, + prevents configure complaining on older BSDs. + - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch + from Corinna Vinschen. + - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on + logout to after the session close. Patch from Anicka Bernathova, + originally from Andreas Schwab via Novelll ok djm. + +20090707 + - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated + scripts and fix usage of eval. Patch from Corinna Vinschen. + +20090705 + - (dtucker) OpenBSD CVS Sync + - andreas@cvs.openbsd.org 2009/06/27 09:29:06 + [packet.h packet.c] + packet_bacup_state() and packet_restore_state() will be used to + temporarily save the current state ren resuming a suspended connection. + ok markus@ + - andreas@cvs.openbsd.org 2009/06/27 09:32:43 + [roaming_common.c roaming.h] + It may be necessary to retransmit some data when resuming, so add it + to a buffer when roaming is enabled. + Most of this code was written by Martin Forssen, maf at appgate dot com. + ok markus@ + - andreas@cvs.openbsd.org 2009/06/27 09:35:06 + [readconf.h readconf.c] + Add client option UseRoaming. It doesn't do anything yet but will + control whether the client tries to use roaming if enabled on the + server. From Martin Forssen. + ok markus@ + - markus@cvs.openbsd.org 2009/06/30 14:54:40 + [version.h] + crank version; ok deraadt + - dtucker@cvs.openbsd.org 2009/07/02 02:11:47 + [ssh.c] + allow for long home dir paths (bz #1615). ok deraadt + (based in part on a patch from jchadima at redhat) + - stevesk@cvs.openbsd.org 2009/07/05 19:28:33 + [clientloop.c] + only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@ + ok deraadt@ markus@ + +20090622 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2009/06/22 05:39:28 + [monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c] + alphabetize includes; reduces diff vs portable and style(9). + ok stevesk djm + (Id sync only; these were already in order in -portable) + +20090621 + - (dtucker) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2009/03/17 21:37:00 + [ssh.c] + pass correct argv[0] to openlog(); ok djm@ + - jmc@cvs.openbsd.org 2009/03/19 15:15:09 + [ssh.1] + for "Ciphers", just point the reader to the keyword in ssh_config(5), just + as we do for "MACs": this stops us getting out of sync when the lists + change; + fixes documentation/6102, submitted by Peter J. Philipp + alternative fix proposed by djm + ok markus + - tobias@cvs.openbsd.org 2009/03/23 08:31:19 + [ssh-agent.c] + Fixed a possible out-of-bounds memory access if the environment variable + SHELL is shorter than 3 characters. + with input by and ok dtucker + - tobias@cvs.openbsd.org 2009/03/23 19:38:04 + [ssh-agent.c] + My previous commit didn't fix the problem at all, so stick at my first + version of the fix presented to dtucker. + Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de). + ok dtucker + - sobrado@cvs.openbsd.org 2009/03/26 08:38:39 + [sftp-server.8 sshd.8 ssh-agent.1] + fix a few typographical errors found by spell(1). + ok dtucker@, jmc@ + - stevesk@cvs.openbsd.org 2009/04/13 19:07:44 + [sshd_config.5] + fix possessive; ok djm@ + - stevesk@cvs.openbsd.org 2009/04/14 16:33:42 + [sftp-server.c] + remove unused option character from getopt() optstring; ok markus@ + - jj@cvs.openbsd.org 2009/04/14 21:10:54 + [servconf.c] + Fixed a few the-the misspellings in comments. Skipped a bunch in + binutils,gcc and so on. ok jmc@ + - stevesk@cvs.openbsd.org 2009/04/17 19:23:06 + [session.c] + use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server; + ok djm@ markus@ + - stevesk@cvs.openbsd.org 2009/04/17 19:40:17 + [sshd_config.5] + clarify that even internal-sftp needs /dev/log for logging to work; ok + markus@ + - jmc@cvs.openbsd.org 2009/04/18 18:39:10 + [sshd_config.5] + tweak previous; ok stevesk + - stevesk@cvs.openbsd.org 2009/04/21 15:13:17 + [sshd_config.5] + clarify we cd to user's home after chroot; ok markus@ on + earlier version; tweaks and ok jmc@ + - andreas@cvs.openbsd.org 2009/05/25 06:48:01 + [channels.c packet.c clientloop.c packet.h serverloop.c monitor_wrap.c + monitor.c] + Put the globals in packet.c into a struct and don't access it directly + from other files. No functional changes. + ok markus@ djm@ + - andreas@cvs.openbsd.org 2009/05/27 06:31:25 + [canohost.h canohost.c] + Add clear_cached_addr(), needed for upcoming changes allowing the peer + address to change. + ok markus@ + - andreas@cvs.openbsd.org 2009/05/27 06:33:39 + [clientloop.c] + Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger + change from Martin Forssen, maf at appgate dot com. + ok markus@ + - andreas@cvs.openbsd.org 2009/05/27 06:34:36 + [kex.c kex.h] + Move the KEX_COOKIE_LEN define to kex.h + ok markus@ + - andreas@cvs.openbsd.org 2009/05/27 06:36:07 + [packet.h packet.c] + Add packet_put_int64() and packet_get_int64(), part of a larger change + from Martin Forssen. + ok markus@ + - andreas@cvs.openbsd.org 2009/05/27 06:38:16 + [sshconnect.h sshconnect.c] + Un-static ssh_exchange_identification(), part of a larger change from + Martin Forssen and needed for upcoming changes. + ok markus@ + - andreas@cvs.openbsd.org 2009/05/28 16:50:16 + [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c + monitor.c Added roaming.h roaming_common.c roaming_dummy.c] + Keep track of number of bytes read and written. Needed for upcoming + changes. Most code from Martin Forssen, maf at appgate dot com. + ok markus@ + Also, applied appropriate changes to Makefile.in + - andreas@cvs.openbsd.org 2009/06/12 20:43:22 + [monitor.c packet.c] + Fix warnings found by chl@ and djm@ and change roaming_atomicio's + return type to match atomicio's + Diff from djm@, ok markus@ + - andreas@cvs.openbsd.org 2009/06/12 20:58:32 + [packet.c] + Move some more statics into session_state + ok markus@ djm@ + - dtucker@cvs.openbsd.org 2009/06/21 07:37:15 + [kexdhs.c kexgexs.c] + abort if key_sign fails, preventing possible null deref. Based on report + from Paolo Ganci, ok markus@ djm@ + - dtucker@cvs.openbsd.org 2009/06/21 09:04:03 + [roaming.h roaming_common.c roaming_dummy.c] + Add tags for the benefit of the sync scripts + Also: pull in the changes for 1.1->1.2 missed in the previous sync. + - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and + header-order changes to reduce diff vs OpenBSD. + - (dtucker) [servconf.c sshd.c] More whitespace sync. + - (dtucker) [roaming_common.c roaming_dummy.c] Wrap #include in + ifdef. + +20090616 + - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t + is a struct with a __val member. Fixes build on, eg, Redhat 6.2. + +20090504 + - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include + variable declarations. Should prevent unused warnings anywhere it's set + (only Crays as far as I can tell) and be a no-op everywhere else. + +20090318 + - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem + that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005. + Based on patch from vinschen at redhat com. + +20090308 + - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c + auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h} + openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old + version of Cygwin. Patch from vinschen at redhat com. + +20090307 + - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it + exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS + has a /dev/random). + - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add + EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c + to use them. Allows building with older OpenSSL versions. + - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed. + - (dtucker) [configure.ac] Missing comma in type list. + - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] + EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg + in openssl 0.9.6) so add an explicit test for it. + +20090306 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2009/03/05 07:18:19 + [auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c] + [sshconnect2.c] + refactor the (disabled) Schnorr proof code to make it a little more + generally useful + - djm@cvs.openbsd.org 2009/03/05 11:30:50 + [uuencode.c] + document what these functions do so I don't ever have to recuse into + b64_pton/ntop to remember their return values + 20090223 - (djm) OpenBSD CVS Sync - djm@cvs.openbsd.org 2009/02/22 23:50:57 Modified: vendor-crypto/openssh/dist/Makefile.in ============================================================================== --- vendor-crypto/openssh/dist/Makefile.in Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/Makefile.in Thu Oct 1 15:19:37 2009 (r197670) @@ -1,4 +1,4 @@ -# $Id: Makefile.in,v 1.298 2008/11/05 05:20:46 djm Exp $ +# $Id: Makefile.in,v 1.300 2009/08/28 00:47:38 djm Exp $ # uncomment if you run a non bourne compatable shell. Ie. csh #SHELL = @SH@ @@ -74,7 +74,8 @@ LIBSSH_OBJS=acss.o authfd.o authfile.o b entropy.o scard-opensc.o gss-genr.o umac.o jpake.o schnorr.o SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ - sshconnect.o sshconnect1.o sshconnect2.o mux.o + sshconnect.o sshconnect1.o sshconnect2.o mux.o \ + roaming_common.o SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ sshpty.o sshlogin.o servconf.o serverloop.o \ @@ -86,7 +87,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw auth-krb5.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ - audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o + audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o \ + roaming_common.o MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5 @@ -151,11 +153,11 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh. ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o - $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) +ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o roaming_dummy.o + $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o - $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) +ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o + $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) @@ -240,7 +242,7 @@ check-config: -$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config scard-install: - (cd scard && $(MAKE) DESTDIR=$(DESTDIR) install) + (cd scard && env DESTDIR=$(DESTDIR) $(MAKE) DESTDIR=$(DESTDIR) install) install-files: scard-install $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir) Modified: vendor-crypto/openssh/dist/README ============================================================================== --- vendor-crypto/openssh/dist/README Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/README Thu Oct 1 15:19:37 2009 (r197670) @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-5.2 for the release notes. +See http://www.openssh.com/txt/release-5.3 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.70 2009/02/23 00:11:57 djm Exp $ +$Id: README,v 1.70.4.1 2009/09/26 04:11:47 djm Exp $ Modified: vendor-crypto/openssh/dist/README.platform ============================================================================== --- vendor-crypto/openssh/dist/README.platform Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/README.platform Thu Oct 1 15:19:37 2009 (r197670) @@ -56,6 +56,18 @@ using a third party driver. More informa http://www-user.rhrk.uni-kl.de/~nissler/tuntap/ +Linux +----- + +Some Linux distributions (including Red Hat/Fedora/CentOS) include +headers and library links in the -devel RPMs rather than the main +binary RPMs. If you get an error about headers, or complaining about a +missing prerequisite then you may need to install the equivalent +development packages. On Redhat based distros these may be openssl-devel, +zlib-devel and pam-devel, on Debian based distros these may be +libssl-dev, libz-dev and libpam-dev. + + Solaris ------- If you enable BSM auditing on Solaris, you need to update audit_event(4) @@ -81,4 +93,4 @@ account stacks which will prevent authen return the output from pam_nologin to the client. -$Id: README.platform,v 1.9 2007/08/09 04:31:53 dtucker Exp $ +$Id: README.platform,v 1.10 2009/08/28 23:14:48 dtucker Exp $ Modified: vendor-crypto/openssh/dist/auth-pam.c ============================================================================== --- vendor-crypto/openssh/dist/auth-pam.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth-pam.c Thu Oct 1 15:19:37 2009 (r197670) @@ -602,16 +602,16 @@ sshpam_cleanup(void) return; debug("PAM: cleanup"); pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv); - if (sshpam_cred_established) { - debug("PAM: deleting credentials"); - pam_setcred(sshpam_handle, PAM_DELETE_CRED); - sshpam_cred_established = 0; - } if (sshpam_session_open) { debug("PAM: closing session"); pam_close_session(sshpam_handle, PAM_SILENT); sshpam_session_open = 0; } + if (sshpam_cred_established) { + debug("PAM: deleting credentials"); + pam_setcred(sshpam_handle, PAM_DELETE_CRED); + sshpam_cred_established = 0; + } sshpam_authenticated = 0; pam_end(sshpam_handle, sshpam_err); sshpam_handle = NULL; Modified: vendor-crypto/openssh/dist/auth-passwd.c ============================================================================== --- vendor-crypto/openssh/dist/auth-passwd.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth-passwd.c Thu Oct 1 15:19:37 2009 (r197670) @@ -102,7 +102,7 @@ auth_password(Authctxt *authctxt, const } #endif #ifdef HAVE_CYGWIN - if (is_winnt) { + { HANDLE hToken = cygwin_logon_user(pw, password); if (hToken == INVALID_HANDLE_VALUE) Modified: vendor-crypto/openssh/dist/auth-sia.c ============================================================================== --- vendor-crypto/openssh/dist/auth-sia.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth-sia.c Thu Oct 1 15:19:37 2009 (r197670) @@ -34,10 +34,6 @@ #include #include #include -#include -#include -#include -#include #include "ssh.h" #include "key.h" @@ -53,52 +49,6 @@ extern ServerOptions options; extern int saved_argc; extern char **saved_argv; -static int -sia_password_change_required(const char *user) -{ - struct es_passwd *acct; - time_t pw_life; - time_t pw_date; - - set_auth_parameters(saved_argc, saved_argv); - - if ((acct = getespwnam(user)) == NULL) { - error("Couldn't access protected database entry for %s", user); - endprpwent(); - return (0); - } - - /* If forced password change flag is set, honor it */ - if (acct->uflg->fg_psw_chg_reqd && acct->ufld->fd_psw_chg_reqd) { - endprpwent(); - return (1); - } - - /* Obtain password lifetime; if none, it can't have expired */ - if (acct->uflg->fg_expire) - pw_life = acct->ufld->fd_expire; - else if (acct->sflg->fg_expire) - pw_life = acct->sfld->fd_expire; - else { - endprpwent(); - return (0); - } - - /* Offset from last change; if none, it must be expired */ - if (acct->uflg->fg_schange) - pw_date = acct->ufld->fd_schange + pw_life; - else { - endprpwent(); - return (1); - } - - endprpwent(); - - /* If expiration date is prior to now, change password */ - - return (pw_date <= time((time_t *) NULL)); -} - int sys_auth_passwd(Authctxt *authctxt, const char *pass) { @@ -126,9 +76,6 @@ sys_auth_passwd(Authctxt *authctxt, cons sia_ses_release(&ent); - authctxt->force_pwchange = sia_password_change_required( - authctxt->user); - return (1); } Modified: vendor-crypto/openssh/dist/auth1.c ============================================================================== --- vendor-crypto/openssh/dist/auth1.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth1.c Thu Oct 1 15:19:37 2009 (r197670) @@ -318,15 +318,7 @@ do_authloop(Authctxt *authctxt) } #endif /* _UNICOS */ -#ifdef HAVE_CYGWIN - if (authenticated && - !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, - authctxt->pw)) { - packet_disconnect("Authentication rejected for uid %d.", - authctxt->pw == NULL ? -1 : authctxt->pw->pw_uid); - authenticated = 0; - } -#else +#ifndef HAVE_CYGWIN /* Special handling for root */ if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed(meth->name)) { Modified: vendor-crypto/openssh/dist/auth2-jpake.c ============================================================================== --- vendor-crypto/openssh/dist/auth2-jpake.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth2-jpake.c Thu Oct 1 15:19:37 2009 (r197670) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-jpake.c,v 1.2 2008/11/07 23:34:48 dtucker Exp $ */ +/* $OpenBSD: auth2-jpake.c,v 1.3 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright (c) 2008 Damien Miller. All rights reserved. * @@ -42,8 +42,8 @@ #include "ssh2.h" #include "key.h" #include "hostfile.h" -#include "buffer.h" #include "auth.h" +#include "buffer.h" #include "packet.h" #include "dispatch.h" #include "log.h" @@ -55,6 +55,7 @@ #endif #include "monitor_wrap.h" +#include "schnorr.h" #include "jpake.h" /* @@ -359,7 +360,7 @@ auth2_jpake_get_pwdata(Authctxt *authctx } /* - * Being authentication attempt. + * Begin authentication attempt. * Note, sets authctxt->postponed while in subprotocol */ static int Modified: vendor-crypto/openssh/dist/auth2-kbdint.c ============================================================================== --- vendor-crypto/openssh/dist/auth2-kbdint.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth2-kbdint.c Thu Oct 1 15:19:37 2009 (r197670) @@ -58,10 +58,6 @@ userauth_kbdint(Authctxt *authctxt) xfree(devs); xfree(lang); -#ifdef HAVE_CYGWIN - if (check_nt_auth(0, authctxt->pw) == 0) - authenticated = 0; -#endif return authenticated; } Modified: vendor-crypto/openssh/dist/auth2-none.c ============================================================================== --- vendor-crypto/openssh/dist/auth2-none.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth2-none.c Thu Oct 1 15:19:37 2009 (r197670) @@ -61,10 +61,6 @@ userauth_none(Authctxt *authctxt) { none_enabled = 0; packet_check_eom(); -#ifdef HAVE_CYGWIN - if (check_nt_auth(1, authctxt->pw) == 0) - return (0); -#endif if (options.password_authentication) return (PRIVSEP(auth_password(authctxt, ""))); return (0); Modified: vendor-crypto/openssh/dist/auth2-passwd.c ============================================================================== --- vendor-crypto/openssh/dist/auth2-passwd.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth2-passwd.c Thu Oct 1 15:19:37 2009 (r197670) @@ -68,10 +68,6 @@ userauth_passwd(Authctxt *authctxt) logit("password change not supported"); else if (PRIVSEP(auth_password(authctxt, password)) == 1) authenticated = 1; -#ifdef HAVE_CYGWIN - if (check_nt_auth(1, authctxt->pw) == 0) - authenticated = 0; -#endif memset(password, 0, len); xfree(password); return authenticated; Modified: vendor-crypto/openssh/dist/auth2-pubkey.c ============================================================================== --- vendor-crypto/openssh/dist/auth2-pubkey.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth2-pubkey.c Thu Oct 1 15:19:37 2009 (r197670) @@ -170,10 +170,6 @@ done: key_free(key); xfree(pkalg); xfree(pkblob); -#ifdef HAVE_CYGWIN - if (check_nt_auth(0, authctxt->pw) == 0) - authenticated = 0; -#endif return authenticated; } Modified: vendor-crypto/openssh/dist/auth2.c ============================================================================== --- vendor-crypto/openssh/dist/auth2.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/auth2.c Thu Oct 1 15:19:37 2009 (r197670) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.120 2008/11/04 08:22:12 djm Exp $ */ +/* $OpenBSD: auth2.c,v 1.121 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -35,8 +35,8 @@ #include #include -#include "xmalloc.h" #include "atomicio.h" +#include "xmalloc.h" #include "ssh2.h" #include "packet.h" #include "log.h" Modified: vendor-crypto/openssh/dist/canohost.c ============================================================================== --- vendor-crypto/openssh/dist/canohost.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/canohost.c Thu Oct 1 15:19:37 2009 (r197670) @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.c,v 1.64 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: canohost.c,v 1.65 2009/05/27 06:31:25 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,6 +35,8 @@ #include "misc.h" static void check_ip_options(int, char *); +static char *canonical_host_ip = NULL; +static int cached_port = -1; /* * Return the canonical name of the host at the other end of the socket. The @@ -304,6 +306,16 @@ get_local_name(int sock) return get_socket_address(sock, 0, NI_NAMEREQD); } +void +clear_cached_addr(void) +{ + if (canonical_host_ip != NULL) { + xfree(canonical_host_ip); + canonical_host_ip = NULL; + } + cached_port = -1; +} + /* * Returns the IP-address of the remote host as a string. The returned * string must not be freed. @@ -312,8 +324,6 @@ get_local_name(int sock) const char * get_remote_ipaddr(void) { - static char *canonical_host_ip = NULL; - /* Check whether we have cached the ipaddr. */ if (canonical_host_ip == NULL) { if (packet_connection_is_on_socket()) { @@ -402,13 +412,11 @@ get_peer_port(int sock) int get_remote_port(void) { - static int port = -1; - /* Cache to avoid getpeername() on a dead connection */ - if (port == -1) - port = get_port(0); + if (cached_port == -1) + cached_port = get_port(0); - return port; + return cached_port; } int Modified: vendor-crypto/openssh/dist/canohost.h ============================================================================== --- vendor-crypto/openssh/dist/canohost.h Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/canohost.h Thu Oct 1 15:19:37 2009 (r197670) @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.h,v 1.10 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: canohost.h,v 1.11 2009/05/27 06:31:25 andreas Exp $ */ /* * Author: Tatu Ylonen @@ -24,6 +24,6 @@ char *get_local_name(int); int get_remote_port(void); int get_local_port(void); int get_sock_port(int, int); - +void clear_cached_addr(void); void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); Modified: vendor-crypto/openssh/dist/channels.c ============================================================================== --- vendor-crypto/openssh/dist/channels.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/channels.c Thu Oct 1 15:19:37 2009 (r197670) @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.295 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.296 2009/05/25 06:48:00 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1653,6 +1653,7 @@ channel_handle_wfd(Channel *c, fd_set *r } return -1; } +#ifndef BROKEN_TCGETATTR_ICANON if (compat20 && c->isatty && dlen >= 1 && buf[0] != '\r') { if (tcgetattr(c->wfd, &tio) == 0 && !(tio.c_lflag & ECHO) && (tio.c_lflag & ICANON)) { @@ -1666,6 +1667,7 @@ channel_handle_wfd(Channel *c, fd_set *r packet_send(); } } +#endif buffer_consume(&c->output, len); if (compat20 && len > 0) { c->local_consumed += len; @@ -2431,7 +2433,7 @@ channel_input_status_confirm(int type, u int id; /* Reset keepalive timeout */ - keep_alive_timeouts = 0; + packet_set_alive_timeouts(0); id = packet_get_int(); packet_check_eom(); Modified: vendor-crypto/openssh/dist/clientloop.c ============================================================================== --- vendor-crypto/openssh/dist/clientloop.c Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/clientloop.c Thu Oct 1 15:19:37 2009 (r197670) @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.209 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.213 2009/07/05 19:28:33 stevesk Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -109,6 +109,7 @@ #include "misc.h" #include "match.h" #include "msg.h" +#include "roaming.h" /* import options */ extern Options options; @@ -491,13 +492,13 @@ client_global_request_reply(int type, u_ xfree(gc); } - keep_alive_timeouts = 0; + packet_set_alive_timeouts(0); } static void server_alive_check(void) { - if (++keep_alive_timeouts > options.server_alive_count_max) { + if (packet_inc_alive_timeouts() > options.server_alive_count_max) { logit("Timeout, server not responding."); cleanup_exit(255); } @@ -634,8 +635,8 @@ client_suspend_self(Buffer *bin, Buffer static void client_process_net_input(fd_set *readset) { - int len; - char buf[8192]; + int len, cont = 0; + char buf[SSH_IOBUFSZ]; /* * Read input from the server, and add any such data to the buffer of @@ -643,8 +644,8 @@ client_process_net_input(fd_set *readset */ if (FD_ISSET(connection_in, readset)) { /* Read as much as possible. */ - len = read(connection_in, buf, sizeof(buf)); - if (len == 0) { + len = roaming_read(connection_in, buf, sizeof(buf), &cont); + if (len == 0 && cont == 0) { /* * Received EOF. The remote host has closed the * connection. @@ -1128,7 +1129,7 @@ static void client_process_input(fd_set *readset) { int len; - char buf[8192]; + char buf[SSH_IOBUFSZ]; /* Read input from stdin. */ if (FD_ISSET(fileno(stdin), readset)) { @@ -1476,6 +1477,14 @@ client_loop(int have_pty, int escape_cha /* Stop watching for window change. */ signal(SIGWINCH, SIG_DFL); + if (compat20) { + packet_start(SSH2_MSG_DISCONNECT); + packet_put_int(SSH2_DISCONNECT_BY_APPLICATION); + packet_put_cstring("disconnected by user"); + packet_send(); + packet_write_wait(); + } + channel_free_all(); if (have_pty) Modified: vendor-crypto/openssh/dist/config.h.in ============================================================================== --- vendor-crypto/openssh/dist/config.h.in Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/config.h.in Thu Oct 1 15:19:37 2009 (r197670) @@ -1,5 +1,8 @@ /* config.h.in. Generated from configure.ac by autoheader. */ +/* Define if building universal (internal helper macro) */ +#undef AC_APPLE_UNIVERSAL_BUILD + /* Define if you have a getaddrinfo that fails for the all-zeros IPv6 address */ #undef AIX_GETNAMEINFO_HACK @@ -68,6 +71,9 @@ /* Define if your snprintf is busted */ #undef BROKEN_SNPRINTF +/* tcgetattr with ICANON may hang */ +#undef BROKEN_TCGETATTR_ICANON + /* updwtmpx is broken (if present) */ #undef BROKEN_UPDWTMPX @@ -122,9 +128,12 @@ /* Builtin PRNG command timeout */ #undef ENTROPY_TIMEOUT_MSEC -/* f_fsid has members */ +/* fsid_t has member val */ #undef FSID_HAS_VAL +/* fsid_t has member __val */ +#undef FSID_HAS___VAL + /* Define to 1 if the `getpgrp' function requires zero arguments. */ #undef GETPGRP_VOID @@ -518,6 +527,9 @@ /* Define to 1 if the system has the type `in_addr_t'. */ #undef HAVE_IN_ADDR_T +/* Define to 1 if the system has the type `in_port_t'. */ +#undef HAVE_IN_PORT_T + /* Define to 1 if you have the header file. */ #undef HAVE_LASTLOG_H @@ -1226,6 +1238,9 @@ /* Define if X11 doesn't support AF_UNIX sockets on that system */ #undef NO_X11_UNIX_SOCKETS +/* Define if EVP_DigestUpdate returns void */ +#undef OPENSSL_EVP_DIGESTUPDATE_VOID + /* libcrypto is missing AES 192 and 256 bit functions */ #undef OPENSSL_LOBOTOMISED_AES @@ -1309,6 +1324,9 @@ /* Use audit debugging module */ #undef SSH_AUDIT_EVENTS +/* Windows is sensitive to read buffer size */ +#undef SSH_IOBUFSZ + /* non-privileged user for privilege separation */ #undef SSH_PRIVSEP_USER @@ -1397,9 +1415,17 @@ /* Define if you want SELinux support. */ #undef WITH_SELINUX -/* Define to 1 if your processor stores words with the most significant byte - first (like Motorola and SPARC, unlike Intel and VAX). */ -#undef WORDS_BIGENDIAN +/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most + significant byte first (like Motorola and SPARC, unlike Intel). */ +#if defined AC_APPLE_UNIVERSAL_BUILD +# if defined __BIG_ENDIAN__ +# define WORDS_BIGENDIAN 1 +# endif +#else +# ifndef WORDS_BIGENDIAN +# undef WORDS_BIGENDIAN +# endif +#endif /* Define if xauth is found in your path */ #undef XAUTH_PATH Modified: vendor-crypto/openssh/dist/configure ============================================================================== --- vendor-crypto/openssh/dist/configure Thu Oct 1 14:42:55 2009 (r197669) +++ vendor-crypto/openssh/dist/configure Thu Oct 1 15:19:37 2009 (r197670) @@ -1,12 +1,12 @@ #! /bin/sh -# From configure.ac Revision: 1.415 . +# From configure.ac Revision: 1.427 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for OpenSSH Portable. +# Generated by GNU Autoconf 2.62 for OpenSSH Portable. # # Report bugs to . # # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# 2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## --------------------- ## @@ -18,7 +18,7 @@ DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST @@ -40,17 +40,45 @@ as_cr_Letters=$as_cr_letters$as_cr_LETTE as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conf$$.sh - echo "exit 0" >>conf$$.sh - chmod +x conf$$.sh - if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then - PATH_SEPARATOR=';' +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +if (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' else - PATH_SEPARATOR=: + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' fi - rm -f conf$$.sh + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } fi # Support unset when possible. @@ -66,8 +94,6 @@ fi # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) -as_nl=' -' IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. @@ -90,7 +116,7 @@ if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then - echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 { (exit 1); exit 1; } fi @@ -103,17 +129,10 @@ PS2='> ' PS4='+ ' # NLS nuisances. -for as_var in \ - LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ - LC_TELEPHONE LC_TIME -do - if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then - eval $as_var=C; export $as_var - else - ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***