diff --git a/CMakeLists.txt b/CMakeLists.txt index e6c95c8..6b51ac6 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,4 +1,5 @@ -# Copyright (c) 2014, 2015 Alexander Lamaison +# Copyright (C) Alexander Lamaison +# Copyright (C) Viktor Szakats # # Redistribution and use in source and binary forms, # with or without modification, are permitted provided @@ -32,67 +33,424 @@ # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE # USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY # OF SUCH DAMAGE. +# +# SPDX-License-Identifier: BSD-3-Clause + +cmake_minimum_required(VERSION 3.7) +message(STATUS "Using CMake version ${CMAKE_VERSION}") -cmake_minimum_required(VERSION 2.8.11) +set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake" ${CMAKE_MODULE_PATH}) + +include(CheckFunctionExists) +include(CheckSymbolExists) +include(CheckIncludeFiles) +include(CMakePushCheckState) +include(FeatureSummary) -set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake) +include(CheckFunctionExistsMayNeedLibrary) +include(CheckNonblockingSocketSupport) project(libssh2 C) -set(PROJECT_URL "https://www.libssh2.org/") -set(PROJECT_DESCRIPTION "The SSH library") -if (CMAKE_VERSION VERSION_LESS "3.1") - if (CMAKE_C_COMPILER_ID STREQUAL "GNU") - set (CMAKE_C_FLAGS "--std=gnu90 ${CMAKE_C_FLAGS}") - endif() -else() - set (CMAKE_C_STANDARD 90) +function(libssh2_dumpvars) # Dump all defined variables with their values + message("::group::CMake Variable Dump") + get_cmake_property(_vars VARIABLES) + foreach(_var ${_vars}) + message("${_var} = ${${_var}}") + endforeach() + message("::endgroup::") +endfunction() + +if(NOT DEFINED CMAKE_UNITY_BUILD_BATCH_SIZE) + set(CMAKE_UNITY_BUILD_BATCH_SIZE 0) endif() -option(BUILD_SHARED_LIBS "Build Shared Libraries" OFF) +option(BUILD_STATIC_LIBS "Build static libraries" ON) +add_feature_info("Static library" BUILD_STATIC_LIBS "creating libssh2 static library") + +option(BUILD_SHARED_LIBS "Build shared libraries" ON) +add_feature_info("Shared library" BUILD_SHARED_LIBS "creating libssh2 shared library (.so/.dll)") # Parse version -file(READ ${CMAKE_CURRENT_SOURCE_DIR}/include/libssh2.h _HEADER_CONTENTS) -string( - REGEX REPLACE ".*#define LIBSSH2_VERSION[ \t]+\"([^\"]+)\".*" "\\1" - LIBSSH2_VERSION "${_HEADER_CONTENTS}") -string( - REGEX REPLACE ".*#define LIBSSH2_VERSION_MAJOR[ \t]+([0-9]+).*" "\\1" - LIBSSH2_VERSION_MAJOR "${_HEADER_CONTENTS}") -string( - REGEX REPLACE ".*#define LIBSSH2_VERSION_MINOR[ \t]+([0-9]+).*" "\\1" - LIBSSH2_VERSION_MINOR "${_HEADER_CONTENTS}") -string( - REGEX REPLACE ".*#define LIBSSH2_VERSION_PATCH[ \t]+([0-9]+).*" "\\1" - LIBSSH2_VERSION_PATCH "${_HEADER_CONTENTS}") +file(READ "${PROJECT_SOURCE_DIR}/include/libssh2.h" _header_contents) +string(REGEX REPLACE ".*#define LIBSSH2_VERSION[ \t]+\"([^\"]+)\".*" "\\1" LIBSSH2_VERSION "${_header_contents}") +string(REGEX REPLACE ".*#define LIBSSH2_VERSION_MAJOR[ \t]+([0-9]+).*" "\\1" LIBSSH2_VERSION_MAJOR "${_header_contents}") +string(REGEX REPLACE ".*#define LIBSSH2_VERSION_MINOR[ \t]+([0-9]+).*" "\\1" LIBSSH2_VERSION_MINOR "${_header_contents}") +string(REGEX REPLACE ".*#define LIBSSH2_VERSION_PATCH[ \t]+([0-9]+).*" "\\1" LIBSSH2_VERSION_PATCH "${_header_contents}") +unset(_header_contents) if(NOT LIBSSH2_VERSION OR NOT LIBSSH2_VERSION_MAJOR MATCHES "^[0-9]+$" OR NOT LIBSSH2_VERSION_MINOR MATCHES "^[0-9]+$" OR NOT LIBSSH2_VERSION_PATCH MATCHES "^[0-9]+$") - message( - FATAL_ERROR - "Unable to parse version from" - "${CMAKE_CURRENT_SOURCE_DIR}/include/libssh2.h") + message(FATAL_ERROR "Unable to parse version from ${PROJECT_SOURCE_DIR}/include/libssh2.h") endif() include(GNUInstallDirs) install( - FILES docs/AUTHORS COPYING docs/HACKING README RELEASE-NOTES NEWS + FILES + COPYING NEWS README RELEASE-NOTES + docs/AUTHORS docs/BINDINGS.md docs/HACKING.md DESTINATION ${CMAKE_INSTALL_DOCDIR}) -include(max_warnings) -include(FeatureSummary) +include(PickyWarnings) -add_subdirectory(src) +set(LIBSSH2_LIBS_SOCKET "") +set(LIBSSH2_LIBS "") +set(LIBSSH2_LIBDIRS "") +set(LIBSSH2_PC_REQUIRES_PRIVATE "") + +# Add socket libraries +if(WIN32) + list(APPEND LIBSSH2_LIBS_SOCKET "ws2_32") +else() + check_function_exists_may_need_library("socket" HAVE_SOCKET "socket") + if(NEED_LIB_SOCKET) + list(APPEND LIBSSH2_LIBS_SOCKET "socket") + endif() + check_function_exists_may_need_library("inet_addr" HAVE_INET_ADDR "nsl") + if(NEED_LIB_NSL) + list(APPEND LIBSSH2_LIBS_SOCKET "nsl") + endif() +endif() option(BUILD_EXAMPLES "Build libssh2 examples" ON) +option(BUILD_TESTING "Build libssh2 test suite" ON) + +if(NOT BUILD_STATIC_LIBS AND NOT BUILD_SHARED_LIBS) + set(BUILD_STATIC_LIBS ON) +endif() + +set(LIB_NAME "libssh2") +set(LIB_STATIC "${LIB_NAME}_static") +set(LIB_SHARED "${LIB_NAME}_shared") + +# lib flavour selected for example and test programs. +if(BUILD_SHARED_LIBS) + set(LIB_SELECTED ${LIB_SHARED}) +else() + set(LIB_SELECTED ${LIB_STATIC}) +endif() + +# Symbol hiding + +option(HIDE_SYMBOLS "Hide all libssh2 symbols that are not officially external" ON) +mark_as_advanced(HIDE_SYMBOLS) +if(HIDE_SYMBOLS) + set(LIB_SHARED_DEFINITIONS "LIBSSH2_EXPORTS") + if(WIN32) + elseif((CMAKE_C_COMPILER_ID MATCHES "Clang") OR + (CMAKE_COMPILER_IS_GNUCC AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.0) OR + (CMAKE_C_COMPILER_ID MATCHES "Intel" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 9.1)) + set(LIB_SHARED_C_FLAGS "-fvisibility=hidden") + set(LIBSSH2_API "__attribute__ ((__visibility__ (\"default\")))") + elseif(CMAKE_C_COMPILER_ID MATCHES "SunPro" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 8.0) + set(LIB_SHARED_C_FLAGS "-xldscope=hidden") + set(LIBSSH2_API "__global") + endif() +endif() + +# Options + +# Enable debugging logging by default if the user configured a debug build +if(CMAKE_BUILD_TYPE STREQUAL "Debug") + set(DEBUG_LOGGING_DEFAULT ON) +else() + set(DEBUG_LOGGING_DEFAULT OFF) +endif() +option(ENABLE_DEBUG_LOGGING "Log execution with debug trace" ${DEBUG_LOGGING_DEFAULT}) +add_feature_info(Logging ENABLE_DEBUG_LOGGING "Logging of execution with debug trace") +if(ENABLE_DEBUG_LOGGING) + # Must be visible to the library and tests using internals + add_definitions("-DLIBSSH2DEBUG") +endif() + +option(LIBSSH2_NO_DEPRECATED "Build without deprecated APIs" OFF) +add_feature_info("Without deprecated APIs" LIBSSH2_NO_DEPRECATED "") +if(LIBSSH2_NO_DEPRECATED) + add_definitions("-DLIBSSH2_NO_DEPRECATED") +endif() + +# Auto-detection + +# Prefill values with known detection results +# Keep this synced with src/libssh2_setup.h +if(WIN32) + if(MINGW) + set(HAVE_SNPRINTF 1) + set(HAVE_UNISTD_H 1) + set(HAVE_INTTYPES_H 1) + set(HAVE_SYS_TIME_H 1) + set(HAVE_GETTIMEOFDAY 1) + set(HAVE_STRTOLL 1) + elseif(MSVC) + set(HAVE_GETTIMEOFDAY 0) + if(NOT MSVC_VERSION LESS 1800) + set(HAVE_INTTYPES_H 1) + set(HAVE_STRTOLL 1) + else() + set(HAVE_INTTYPES_H 0) + set(HAVE_STRTOLL 0) + set(HAVE_STRTOI64 1) + endif() + if(NOT MSVC_VERSION LESS 1900) + set(HAVE_SNPRINTF 1) + else() + set(HAVE_SNPRINTF 0) + endif() + endif() +endif() + +## Platform checks +check_include_files("inttypes.h" HAVE_INTTYPES_H) +if(NOT MSVC) + check_include_files("unistd.h" HAVE_UNISTD_H) + check_include_files("sys/time.h" HAVE_SYS_TIME_H) +endif() +if(NOT WIN32) + check_include_files("sys/select.h" HAVE_SYS_SELECT_H) + check_include_files("sys/uio.h" HAVE_SYS_UIO_H) + check_include_files("sys/socket.h" HAVE_SYS_SOCKET_H) + check_include_files("sys/ioctl.h" HAVE_SYS_IOCTL_H) + check_include_files("sys/un.h" HAVE_SYS_UN_H) + check_include_files("arpa/inet.h" HAVE_ARPA_INET_H) # example and tests + check_include_files("netinet/in.h" HAVE_NETINET_IN_H) # example and tests +endif() + +# CMake uses C syntax in check_symbol_exists() that generates a warning with +# MSVC. To not break detection with ENABLE_WERRROR, we disable it for the +# duration of these tests. +if(MSVC AND ENABLE_WERROR) + cmake_push_check_state() + set(CMAKE_REQUIRED_FLAGS "/WX-") +endif() + +if(HAVE_SYS_TIME_H) + check_symbol_exists("gettimeofday" "sys/time.h" HAVE_GETTIMEOFDAY) +else() + check_function_exists("gettimeofday" HAVE_GETTIMEOFDAY) +endif() +check_symbol_exists("strtoll" "stdlib.h" HAVE_STRTOLL) +if(NOT HAVE_STRTOLL) + # Try _strtoi64() if strtoll() is not available + check_symbol_exists("_strtoi64" "stdlib.h" HAVE_STRTOI64) +endif() +check_symbol_exists("snprintf" "stdio.h" HAVE_SNPRINTF) +if(NOT WIN32) + check_symbol_exists("explicit_bzero" "string.h" HAVE_EXPLICIT_BZERO) + check_symbol_exists("explicit_memset" "string.h" HAVE_EXPLICIT_MEMSET) + check_symbol_exists("memset_s" "string.h" HAVE_MEMSET_S) +endif() + +if(MSVC AND ENABLE_WERROR) + cmake_pop_check_state() +endif() + +if(CMAKE_SYSTEM_NAME STREQUAL "Darwin" OR + CMAKE_SYSTEM_NAME STREQUAL "Interix") + # poll() does not work on these platforms + # + # Interix: "does provide poll(), but the implementing developer must + # have been in a bad mood, because poll() only works on the /proc + # filesystem here" + # + # macOS poll() has funny behaviors, like: + # not being able to do poll on no filedescriptors (10.3?) + # not being able to poll on some files (like anything in /dev) + # not having reliable timeout support + # inconsistent return of POLLHUP where other implementations give POLLIN + message(STATUS "poll use is disabled on this platform") +elseif(NOT WIN32) + check_function_exists("poll" HAVE_POLL) +endif() +if(WIN32) + set(HAVE_SELECT 1) +else() + check_function_exists("select" HAVE_SELECT) +endif() + +# Non-blocking socket support tests. Use a separate, yet unset variable +# for the socket libraries to not link against the other configured +# dependencies which might not have been built yet. +if(NOT WIN32) + cmake_push_check_state() + set(CMAKE_REQUIRED_LIBRARIES ${LIBSSH2_LIBS_SOCKET}) + check_nonblocking_socket_support() + cmake_pop_check_state() +endif() + +# Config file + +add_definitions("-DHAVE_CONFIG_H") + +configure_file("src/libssh2_config_cmake.h.in" + "${CMAKE_CURRENT_BINARY_DIR}/src/libssh2_config.h") + +## Cryptography backend choice + +set(CRYPTO_BACKEND "" CACHE + STRING "The backend to use for cryptography: OpenSSL, wolfSSL, Libgcrypt, WinCNG, mbedTLS, or empty to try any available") + +# If the crypto backend was given, rather than searching for the first +# we are able to find, the find_package commands must abort configuration +# and report to the user. +if(CRYPTO_BACKEND) + set(_specific_crypto_requirement "REQUIRED") +endif() + +if(CRYPTO_BACKEND STREQUAL "OpenSSL" OR NOT CRYPTO_BACKEND) + + find_package(OpenSSL ${_specific_crypto_requirement}) + + if(OPENSSL_FOUND) + set(CRYPTO_BACKEND "OpenSSL") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_OPENSSL") + set(CRYPTO_BACKEND_INCLUDE_DIR ${OPENSSL_INCLUDE_DIR}) + list(APPEND LIBSSH2_LIBS OpenSSL::Crypto) + list(APPEND LIBSSH2_PC_REQUIRES_PRIVATE "libcrypto") + + if(WIN32) + # Statically linking to OpenSSL requires crypt32 for some Windows APIs. + # This should really be handled by FindOpenSSL.cmake. + list(APPEND LIBSSH2_LIBS "crypt32" "bcrypt") + + #set(CMAKE_FIND_DEBUG_MODE ON) + + find_file(DLL_LIBCRYPTO + NAMES "crypto.dll" + "libcrypto-1_1.dll" "libcrypto-1_1-x64.dll" + "libcrypto-3.dll" "libcrypto-3-x64.dll" + HINTS ${_OPENSSL_ROOT_HINTS} PATHS ${_OPENSSL_ROOT_PATHS} + PATH_SUFFIXES "bin" NO_DEFAULT_PATH) + if(DLL_LIBCRYPTO) + list(APPEND _RUNTIME_DEPENDENCIES ${DLL_LIBCRYPTO}) + message(STATUS "Found libcrypto DLL: ${DLL_LIBCRYPTO}") + else() + message(WARNING "Unable to find OpenSSL libcrypto DLL, executables may not run") + endif() + + #set(CMAKE_FIND_DEBUG_MODE OFF) + endif() + + find_package(ZLIB) + + if(ZLIB_FOUND) + list(APPEND LIBSSH2_LIBS ${ZLIB_LIBRARIES}) + endif() + endif() +endif() + +if(CRYPTO_BACKEND STREQUAL "wolfSSL" OR NOT CRYPTO_BACKEND) + + find_package(WolfSSL ${_specific_crypto_requirement}) + + if(WOLFSSL_FOUND) + set(CRYPTO_BACKEND "wolfSSL") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_WOLFSSL") + set(CRYPTO_BACKEND_INCLUDE_DIR ${WOLFSSL_INCLUDE_DIRS}) + list(APPEND LIBSSH2_LIBS ${WOLFSSL_LIBRARIES}) + list(APPEND LIBSSH2_LIBDIRS ${WOLFSSL_LIBRARY_DIRS}) + list(APPEND LIBSSH2_PC_REQUIRES_PRIVATE "wolfssl") + link_directories(${WOLFSSL_LIBRARY_DIRS}) + if(WOLFSSL_CFLAGS) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${WOLFSSL_CFLAGS}") + endif() + + if(WIN32) + list(APPEND LIBSSH2_LIBS "crypt32") + endif() + + find_package(ZLIB) + + if(ZLIB_FOUND) + list(APPEND CRYPTO_BACKEND_INCLUDE_DIR ${ZLIB_INCLUDE_DIR}) # Public wolfSSL headers require zlib headers + list(APPEND LIBSSH2_LIBS ${ZLIB_LIBRARIES}) + endif() + endif() +endif() + +if(CRYPTO_BACKEND STREQUAL "Libgcrypt" OR NOT CRYPTO_BACKEND) + + find_package(Libgcrypt ${_specific_crypto_requirement}) + + if(LIBGCRYPT_FOUND) + set(CRYPTO_BACKEND "Libgcrypt") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_LIBGCRYPT") + set(CRYPTO_BACKEND_INCLUDE_DIR ${LIBGCRYPT_INCLUDE_DIRS}) + list(APPEND LIBSSH2_LIBS ${LIBGCRYPT_LIBRARIES}) + list(APPEND LIBSSH2_LIBDIRS ${LIBGCRYPT_LIBRARY_DIRS}) + list(APPEND LIBSSH2_PC_REQUIRES_PRIVATE "libgcrypt") + link_directories(${LIBGCRYPT_LIBRARY_DIRS}) + if(LIBGCRYPT_CFLAGS) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${LIBGCRYPT_CFLAGS}") + endif() + endif() +endif() + +if(CRYPTO_BACKEND STREQUAL "mbedTLS" OR NOT CRYPTO_BACKEND) + + find_package(MbedTLS ${_specific_crypto_requirement}) + + if(MBEDTLS_FOUND) + set(CRYPTO_BACKEND "mbedTLS") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_MBEDTLS") + set(CRYPTO_BACKEND_INCLUDE_DIR ${MBEDTLS_INCLUDE_DIRS}) + list(APPEND LIBSSH2_LIBS ${MBEDTLS_LIBRARIES}) + list(APPEND LIBSSH2_LIBDIRS ${MBEDTLS_LIBRARY_DIRS}) + list(APPEND LIBSSH2_PC_REQUIRES_PRIVATE "mbedcrypto") + link_directories(${MBEDTLS_LIBRARY_DIRS}) + if(MBEDTLS_CFLAGS) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${MBEDTLS_CFLAGS}") + endif() + endif() +endif() + +# Detect platform-specific crypto-backends last: + +if(CRYPTO_BACKEND STREQUAL "WinCNG" OR NOT CRYPTO_BACKEND) + if(WIN32) + set(CRYPTO_BACKEND "WinCNG") + set(CRYPTO_BACKEND_DEFINE "LIBSSH2_WINCNG") + set(CRYPTO_BACKEND_INCLUDE_DIR "") + list(APPEND LIBSSH2_LIBS "crypt32" "bcrypt") + + option(ENABLE_ECDSA_WINCNG "Enable WinCNG ECDSA support (requires Windows 10 or later)" OFF) + add_feature_info(WinCNG ENABLE_ECDSA_WINCNG "WinCNG ECDSA support") + if(ENABLE_ECDSA_WINCNG) + add_definitions("-DLIBSSH2_ECDSA_WINCNG") + if(MSVC) + set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} /SUBSYSTEM:WINDOWS,10") + elseif(MINGW) + set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,--subsystem,windows:10") + endif() + endif() + elseif(_specific_crypto_requirement STREQUAL "REQUIRED") + message(FATAL_ERROR "WinCNG not available") + endif() +endif() + +# Global functions + +# Convert GNU Make assignments into CMake ones. +function(transform_makefile_inc _input_file _output_file) + file(READ ${_input_file} _makefile_inc_cmake) + + string(REGEX REPLACE "\\\\\n" "" _makefile_inc_cmake ${_makefile_inc_cmake}) + string(REGEX REPLACE "([A-Za-z_]+) *= *([^\n]*)" "set(\\1 \\2)" _makefile_inc_cmake ${_makefile_inc_cmake}) + + file(WRITE ${_output_file} ${_makefile_inc_cmake}) + set_property(DIRECTORY APPEND PROPERTY CMAKE_CONFIGURE_DEPENDS "${_input_file}") +endfunction() + +# + +add_subdirectory(src) + if(BUILD_EXAMPLES) add_subdirectory(example) endif() -option(BUILD_TESTING "Build libssh2 test suite" ON) if(BUILD_TESTING) enable_testing() add_subdirectory(tests) @@ -100,10 +458,12 @@ endif() option(LINT "Check style while building" OFF) if(LINT) - add_custom_target(lint ALL - ./ci/checksrc.sh - WORKING_DIRECTORY ${libssh2_SOURCE_DIR}) - add_dependencies(libssh2 lint) + add_custom_target(lint ALL "./ci/checksrc.sh" WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}) + if(BUILD_STATIC_LIBS) + add_dependencies(${LIB_STATIC} lint) + else() + add_dependencies(${LIB_SHARED} lint) + endif() endif() add_subdirectory(docs) diff --git a/COPYING b/COPYING index 937ed32..6eb5146 100644 --- a/COPYING +++ b/COPYING @@ -1,11 +1,11 @@ -/* Copyright (c) 2004-2007 Sara Golemon - * Copyright (c) 2005,2006 Mikhail Gusarov - * Copyright (c) 2006-2007 The Written Word, Inc. - * Copyright (c) 2007 Eli Fant - * Copyright (c) 2009-2021 Daniel Stenberg +/* Copyright (C) 2004-2007 Sara Golemon + * Copyright (C) 2005,2006 Mikhail Gusarov + * Copyright (C) 2006-2007 The Written Word, Inc. + * Copyright (C) 2007 Eli Fant + * Copyright (C) 2009-2023 Daniel Stenberg * Copyright (C) 2008, 2009 Simon Josefsson - * Copyright (c) 2000 Markus Friedl - * Copyright (c) 2015 Microsoft Corp. + * Copyright (C) 2000 Markus Friedl + * Copyright (C) 2015 Microsoft Corp. * All rights reserved. * * Redistribution and use in source and binary forms, @@ -41,4 +41,3 @@ * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY * OF SUCH DAMAGE. */ - diff --git a/Makefile.OpenSSL.inc b/Makefile.OpenSSL.inc deleted file mode 100644 index 1e4e8f0..0000000 --- a/Makefile.OpenSSL.inc +++ /dev/null @@ -1,3 +0,0 @@ -CRYPTO_CSOURCES = openssl.c -CRYPTO_HHEADERS = openssl.h -CRYPTO_LTLIBS = $(LTLIBSSL) diff --git a/Makefile.WinCNG.inc b/Makefile.WinCNG.inc deleted file mode 100644 index bbcb82b..0000000 --- a/Makefile.WinCNG.inc +++ /dev/null @@ -1,3 +0,0 @@ -CRYPTO_CSOURCES = wincng.c -CRYPTO_HHEADERS = wincng.h -CRYPTO_LTLIBS = $(LTLIBBCRYPT) $(LTLIBCRYPT32) diff --git a/Makefile.am b/Makefile.am index 986441b..dfb03e6 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,6 +1,9 @@ +# Copyright (C) The libssh2 project and its contributors. +# SPDX-License-Identifier: BSD-3-Clause AUTOMAKE_OPTIONS = foreign nostdinc -SUBDIRS = src tests docs +SUBDIRS = src docs +SUBDIRS += tests if BUILD_EXAMPLES SUBDIRS += example endif @@ -8,44 +11,35 @@ endif pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libssh2.pc -include_HEADERS = \ - include/libssh2.h \ - include/libssh2_publickey.h \ - include/libssh2_sftp.h - -NETWAREFILES = nw/keepscreen.c \ - nw/nwlib.c \ - nw/GNUmakefile \ - nw/test/GNUmakefile - -DSP = win32/libssh2.dsp -VCPROJ = win32/libssh2.vcproj - -DISTCLEANFILES = $(DSP) - -VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \ -vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \ -vms/readme.vms vms/libssh2_config.h - -WIN32FILES = win32/GNUmakefile win32/test/GNUmakefile \ -win32/libssh2_config.h win32/config.mk win32/rules.mk \ -win32/Makefile.Watcom win32/libssh2.dsw win32/tests.dsp $(DSP) \ -win32/msvcproj.head win32/msvcproj.foot win32/libssh2.rc - -OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ -os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \ -os400/os400sys.c os400/ccsid.c \ -os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \ -os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \ -os400/libssh2rpg/libssh2.rpgle.in \ -os400/libssh2rpg/libssh2_ccsid.rpgle.in \ -os400/libssh2rpg/libssh2_publickey.rpgle \ -os400/libssh2rpg/libssh2_sftp.rpgle \ -Makefile.os400qc3.inc - -EXTRA_DIST = $(WIN32FILES) $(NETWAREFILES) get_ver.awk \ - maketgz NMakefile RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ - CMakeLists.txt cmake $(OS400FILES) +include_HEADERS = \ + include/libssh2.h \ + include/libssh2_publickey.h \ + include/libssh2_sftp.h + +DISTCLEANFILES = + +VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \ + vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \ + vms/readme.vms vms/libssh2_config.h + +WIN32FILES = src/libssh2.rc + +OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ + os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \ + os400/config400.default \ + os400/os400sys.c os400/ccsid.c \ + os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \ + os400/include/alloca.h os400/include/sys/socket.h \ + os400/include/assert.h \ + os400/libssh2rpg/libssh2.rpgle.in \ + os400/libssh2rpg/libssh2_ccsid.rpgle.in \ + os400/libssh2rpg/libssh2_publickey.rpgle \ + os400/libssh2rpg/libssh2_sftp.rpgle \ + os400/rpg-examples/SFTPXMPLE + +EXTRA_DIST = $(WIN32FILES) get_ver.awk \ + maketgz RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ + CMakeLists.txt cmake git2news.pl libssh2-style.el README.md $(OS400FILES) ACLOCAL_AMFLAGS = -I m4 @@ -60,7 +54,7 @@ dist-hook: (distit=`find $(srcdir) -name "*.dist"`; \ for file in $$distit; do \ strip=`echo $$file | sed -e s/^$(srcdir)// -e s/\.dist//`; \ - cp $$file $(distdir)$$strip; \ + cp -p $$file $(distdir)$$strip; \ done) # Code Coverage @@ -69,86 +63,22 @@ init-coverage: make clean lcov --directory . --zerocounters -COVERAGE_CCOPTS ?= "-g --coverage" -COVERAGE_OUT ?= docs/coverage +COVERAGE_CCOPTS := "-g --coverage" +COVERAGE_OUT := docs/coverage build-coverage: make CFLAGS=$(COVERAGE_CCOPTS) check mkdir -p $(COVERAGE_OUT) lcov --directory . --output-file $(COVERAGE_OUT)/$(PACKAGE).info \ - --capture + --capture gen-coverage: genhtml --output-directory $(COVERAGE_OUT) \ - $(COVERAGE_OUT)/$(PACKAGE).info \ - --highlight --frames --legend \ - --title "$(PACKAGE_NAME)" + $(COVERAGE_OUT)/$(PACKAGE).info \ + --highlight --frames --legend \ + --title "$(PACKAGE_NAME)" coverage: init-coverage build-coverage gen-coverage -# DSP/VCPROJ generation adapted from libcurl -# only OpenSSL and WinCNG are supported with this build system -CRYPTO_CSOURCES = openssl.c wincng.c mbedtls.c -CRYPTO_HHEADERS = openssl.h wincng.h mbedtls.h -# Makefile.inc provides the CSOURCES and HHEADERS defines -include Makefile.inc - -WIN32SOURCES = $(CSOURCES) -WIN32HEADERS = $(HHEADERS) libssh2_config.h - -$(DSP): win32/msvcproj.head win32/msvcproj.foot Makefile.am - echo "creating $(DSP)" - @( (cat $(srcdir)/win32/msvcproj.head; \ - echo "# Begin Group \"Source Files\""; \ - echo ""; \ - echo "# PROP Default_Filter \"cpp;c;cxx\""; \ - win32_srcs='$(WIN32SOURCES)'; \ - sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ - for file in $$sorted_srcs; do \ - echo "# Begin Source File"; \ - echo ""; \ - echo "SOURCE=..\\src\\"$$file; \ - echo "# End Source File"; \ - done; \ - echo "# End Group"; \ - echo "# Begin Group \"Header Files\""; \ - echo ""; \ - echo "# PROP Default_Filter \"h;hpp;hxx\""; \ - win32_hdrs='$(WIN32HEADERS)'; \ - sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ - for file in $$sorted_hdrs; do \ - echo "# Begin Source File"; \ - echo ""; \ - if [ "$$file" = "libssh2_config.h" ]; \ - then \ - echo "SOURCE=.\\"$$file; \ - else \ - echo "SOURCE=..\\src\\"$$file; \ - fi; \ - echo "# End Source File"; \ - done; \ - echo "# End Group"; \ - cat $(srcdir)/win32/msvcproj.foot) | \ - awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) - -$(VCPROJ): win32/vc8proj.head win32/vc8proj.foot Makefile.am - echo "creating $(VCPROJ)" - @( (cat $(srcdir)/vc8proj.head; \ - win32_srcs='$(WIN32SOURCES)'; \ - sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ - for file in $$sorted_srcs; do \ - echo ""; \ - done; \ - echo ""; \ - win32_hdrs='$(WIN32HEADERS)'; \ - sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ - for file in $$sorted_hdrs; do \ - echo ""; \ - done; \ - cat $(srcdir)/vc8proj.foot) | \ - awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) - checksrc: - perl src/checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF -ACOPYRIGHT \ - -AFOPENMODE -Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \ - tests/*.[ch] + ci/checksrc.sh diff --git a/Makefile.in b/Makefile.in index c60873a..7776ff1 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.16.4 from Makefile.am. +# Makefile.in generated by automake 1.16.5 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2021 Free Software Foundation, Inc. @@ -92,12 +92,12 @@ host_triplet = @host@ @BUILD_EXAMPLES_TRUE@am__append_1 = example subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/autobuild.m4 \ - $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ - $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \ - $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ - $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac +am__aclocal_m4_deps = $(top_srcdir)/m4/lib-ld.m4 \ + $(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \ + $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ + $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ + $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/acinclude.m4 \ + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(top_srcdir)/configure \ @@ -191,11 +191,11 @@ am__define_uniq_tagged_files = \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` -DIST_SUBDIRS = src tests docs example -am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.inc \ - $(srcdir)/libssh2.pc.in COPYING ChangeLog NEWS README compile \ - config.guess config.rpath config.sub depcomp install-sh \ - ltmain.sh missing +DIST_SUBDIRS = src docs tests example +am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/libssh2.pc.in \ + COPYING ChangeLog NEWS README compile config.guess \ + config.rpath config.sub depcomp install-sh ltmain.sh missing \ + tap-driver.sh DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) @@ -274,12 +274,13 @@ EGREP = @EGREP@ ETAGS = @ETAGS@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ +FILECMD = @FILECMD@ GREP = @GREP@ HAVE_LIBBCRYPT = @HAVE_LIBBCRYPT@ -HAVE_LIBCRYPT32 = @HAVE_LIBCRYPT32@ HAVE_LIBGCRYPT = @HAVE_LIBGCRYPT@ HAVE_LIBMBEDCRYPTO = @HAVE_LIBMBEDCRYPTO@ HAVE_LIBSSL = @HAVE_LIBSSL@ +HAVE_LIBWOLFSSL = @HAVE_LIBWOLFSSL@ HAVE_LIBZ = @HAVE_LIBZ@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ @@ -290,30 +291,34 @@ LD = @LD@ LDFLAGS = @LDFLAGS@ LIBBCRYPT = @LIBBCRYPT@ LIBBCRYPT_PREFIX = @LIBBCRYPT_PREFIX@ -LIBCRYPT32 = @LIBCRYPT32@ -LIBCRYPT32_PREFIX = @LIBCRYPT32_PREFIX@ LIBGCRYPT = @LIBGCRYPT@ LIBGCRYPT_PREFIX = @LIBGCRYPT_PREFIX@ LIBMBEDCRYPTO = @LIBMBEDCRYPTO@ LIBMBEDCRYPTO_PREFIX = @LIBMBEDCRYPTO_PREFIX@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ -LIBSREQUIRED = @LIBSREQUIRED@ -LIBSSH2VER = @LIBSSH2VER@ +LIBSSH2_CFLAG_EXTRAS = @LIBSSH2_CFLAG_EXTRAS@ +LIBSSH2_PC_LIBS = @LIBSSH2_PC_LIBS@ +LIBSSH2_PC_LIBS_PRIVATE = @LIBSSH2_PC_LIBS_PRIVATE@ +LIBSSH2_PC_REQUIRES = @LIBSSH2_PC_REQUIRES@ +LIBSSH2_PC_REQUIRES_PRIVATE = @LIBSSH2_PC_REQUIRES_PRIVATE@ +LIBSSH2_VERSION = @LIBSSH2_VERSION@ LIBSSL = @LIBSSL@ LIBSSL_PREFIX = @LIBSSL_PREFIX@ LIBTOOL = @LIBTOOL@ +LIBWOLFSSL = @LIBWOLFSSL@ +LIBWOLFSSL_PREFIX = @LIBWOLFSSL_PREFIX@ LIBZ = @LIBZ@ LIBZ_PREFIX = @LIBZ_PREFIX@ LIB_FUZZING_ENGINE = @LIB_FUZZING_ENGINE@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBBCRYPT = @LTLIBBCRYPT@ -LTLIBCRYPT32 = @LTLIBCRYPT32@ LTLIBGCRYPT = @LTLIBGCRYPT@ LTLIBMBEDCRYPTO = @LTLIBMBEDCRYPTO@ LTLIBOBJS = @LTLIBOBJS@ LTLIBSSL = @LTLIBSSL@ +LTLIBWOLFSSL = @LTLIBWOLFSSL@ LTLIBZ = @LTLIBZ@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAINT = @MAINT@ @@ -335,6 +340,7 @@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ RANLIB = @RANLIB@ +RC = @RC@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -395,70 +401,50 @@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ + +# Copyright (C) The libssh2 project and its contributors. +# SPDX-License-Identifier: BSD-3-Clause AUTOMAKE_OPTIONS = foreign nostdinc -SUBDIRS = src tests docs $(am__append_1) +SUBDIRS = src docs tests $(am__append_1) pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = libssh2.pc include_HEADERS = \ - include/libssh2.h \ - include/libssh2_publickey.h \ - include/libssh2_sftp.h - -NETWAREFILES = nw/keepscreen.c \ - nw/nwlib.c \ - nw/GNUmakefile \ - nw/test/GNUmakefile - -DSP = win32/libssh2.dsp -VCPROJ = win32/libssh2.vcproj -DISTCLEANFILES = $(DSP) ChangeLog -VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \ -vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \ -vms/readme.vms vms/libssh2_config.h - -WIN32FILES = win32/GNUmakefile win32/test/GNUmakefile \ -win32/libssh2_config.h win32/config.mk win32/rules.mk \ -win32/Makefile.Watcom win32/libssh2.dsw win32/tests.dsp $(DSP) \ -win32/msvcproj.head win32/msvcproj.foot win32/libssh2.rc - -OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ -os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \ -os400/os400sys.c os400/ccsid.c \ -os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \ -os400/include/alloca.h os400/include/sys/socket.h os400/include/stdio.h \ -os400/libssh2rpg/libssh2.rpgle.in \ -os400/libssh2rpg/libssh2_ccsid.rpgle.in \ -os400/libssh2rpg/libssh2_publickey.rpgle \ -os400/libssh2rpg/libssh2_sftp.rpgle \ -Makefile.os400qc3.inc - -EXTRA_DIST = $(WIN32FILES) $(NETWAREFILES) get_ver.awk \ - maketgz NMakefile RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ - CMakeLists.txt cmake $(OS400FILES) + include/libssh2.h \ + include/libssh2_publickey.h \ + include/libssh2_sftp.h + +DISTCLEANFILES = ChangeLog +VMSFILES = vms/libssh2_make_example.dcl vms/libssh2_make_help.dcl \ + vms/libssh2_make_kit.dcl vms/libssh2_make_lib.dcl vms/man2help.c \ + vms/readme.vms vms/libssh2_config.h + +WIN32FILES = src/libssh2.rc +OS400FILES = os400/README400 os400/initscript.sh os400/make.sh \ + os400/make-src.sh os400/make-rpg.sh os400/make-include.sh \ + os400/config400.default \ + os400/os400sys.c os400/ccsid.c \ + os400/libssh2_config.h os400/macros.h os400/libssh2_ccsid.h \ + os400/include/alloca.h os400/include/sys/socket.h \ + os400/include/assert.h \ + os400/libssh2rpg/libssh2.rpgle.in \ + os400/libssh2rpg/libssh2_ccsid.rpgle.in \ + os400/libssh2rpg/libssh2_publickey.rpgle \ + os400/libssh2rpg/libssh2_sftp.rpgle \ + os400/rpg-examples/SFTPXMPLE + +EXTRA_DIST = $(WIN32FILES) get_ver.awk \ + maketgz RELEASE-NOTES libssh2.pc.in $(VMSFILES) config.rpath \ + CMakeLists.txt cmake git2news.pl libssh2-style.el README.md $(OS400FILES) ACLOCAL_AMFLAGS = -I m4 - -# DSP/VCPROJ generation adapted from libcurl -# only OpenSSL and WinCNG are supported with this build system -CRYPTO_CSOURCES = openssl.c wincng.c mbedtls.c -CRYPTO_HHEADERS = openssl.h wincng.h mbedtls.h -CSOURCES = channel.c comp.c crypt.c hostkey.c kex.c mac.c misc.c \ - packet.c publickey.c scp.c session.c sftp.c userauth.c transport.c \ - version.c knownhost.c agent.c $(CRYPTO_CSOURCES) pem.c keepalive.c global.c \ - blowfish.c bcrypt_pbkdf.c agent_win.c - -HHEADERS = libssh2_priv.h $(CRYPTO_HHEADERS) transport.h channel.h comp.h \ - mac.h misc.h packet.h userauth.h session.h sftp.h crypto.h blf.h agent.h - -# Makefile.inc provides the CSOURCES and HHEADERS defines -WIN32SOURCES = $(CSOURCES) -WIN32HEADERS = $(HHEADERS) libssh2_config.h +COVERAGE_CCOPTS := "-g --coverage" +COVERAGE_OUT := docs/coverage all: all-recursive .SUFFIXES: am--refresh: Makefile @: -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/Makefile.inc $(am__configure_deps) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -480,7 +466,6 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__maybe_remake_depfiles);; \ esac; -$(srcdir)/Makefile.inc $(am__empty): $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) $(SHELL) ./config.status --recheck @@ -991,7 +976,7 @@ dist-hook: (distit=`find $(srcdir) -name "*.dist"`; \ for file in $$distit; do \ strip=`echo $$file | sed -e s/^$(srcdir)// -e s/\.dist//`; \ - cp $$file $(distdir)$$strip; \ + cp -p $$file $(distdir)$$strip; \ done) # Code Coverage @@ -1000,79 +985,22 @@ init-coverage: make clean lcov --directory . --zerocounters -COVERAGE_CCOPTS ?= "-g --coverage" -COVERAGE_OUT ?= docs/coverage - build-coverage: make CFLAGS=$(COVERAGE_CCOPTS) check mkdir -p $(COVERAGE_OUT) lcov --directory . --output-file $(COVERAGE_OUT)/$(PACKAGE).info \ - --capture + --capture gen-coverage: genhtml --output-directory $(COVERAGE_OUT) \ - $(COVERAGE_OUT)/$(PACKAGE).info \ - --highlight --frames --legend \ - --title "$(PACKAGE_NAME)" + $(COVERAGE_OUT)/$(PACKAGE).info \ + --highlight --frames --legend \ + --title "$(PACKAGE_NAME)" coverage: init-coverage build-coverage gen-coverage -$(DSP): win32/msvcproj.head win32/msvcproj.foot Makefile.am - echo "creating $(DSP)" - @( (cat $(srcdir)/win32/msvcproj.head; \ - echo "# Begin Group \"Source Files\""; \ - echo ""; \ - echo "# PROP Default_Filter \"cpp;c;cxx\""; \ - win32_srcs='$(WIN32SOURCES)'; \ - sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ - for file in $$sorted_srcs; do \ - echo "# Begin Source File"; \ - echo ""; \ - echo "SOURCE=..\\src\\"$$file; \ - echo "# End Source File"; \ - done; \ - echo "# End Group"; \ - echo "# Begin Group \"Header Files\""; \ - echo ""; \ - echo "# PROP Default_Filter \"h;hpp;hxx\""; \ - win32_hdrs='$(WIN32HEADERS)'; \ - sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ - for file in $$sorted_hdrs; do \ - echo "# Begin Source File"; \ - echo ""; \ - if [ "$$file" = "libssh2_config.h" ]; \ - then \ - echo "SOURCE=.\\"$$file; \ - else \ - echo "SOURCE=..\\src\\"$$file; \ - fi; \ - echo "# End Source File"; \ - done; \ - echo "# End Group"; \ - cat $(srcdir)/win32/msvcproj.foot) | \ - awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) - -$(VCPROJ): win32/vc8proj.head win32/vc8proj.foot Makefile.am - echo "creating $(VCPROJ)" - @( (cat $(srcdir)/vc8proj.head; \ - win32_srcs='$(WIN32SOURCES)'; \ - sorted_srcs=`for file in $$win32_srcs; do echo $$file; done | sort`; \ - for file in $$sorted_srcs; do \ - echo ""; \ - done; \ - echo ""; \ - win32_hdrs='$(WIN32HEADERS)'; \ - sorted_hdrs=`for file in $$win32_hdrs; do echo $$file; done | sort`; \ - for file in $$sorted_hdrs; do \ - echo ""; \ - done; \ - cat $(srcdir)/vc8proj.foot) | \ - awk '{printf("%s\r\n", gensub("\r", "", "g"))}' > $@ ) - checksrc: - perl src/checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF -ACOPYRIGHT \ - -AFOPENMODE -Wsrc/libssh2_config.h src/*.[ch] include/*.h example/*.c \ - tests/*.[ch] + ci/checksrc.sh # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/Makefile.inc b/Makefile.inc deleted file mode 100644 index 20d2ebe..0000000 --- a/Makefile.inc +++ /dev/null @@ -1,7 +0,0 @@ -CSOURCES = channel.c comp.c crypt.c hostkey.c kex.c mac.c misc.c \ - packet.c publickey.c scp.c session.c sftp.c userauth.c transport.c \ - version.c knownhost.c agent.c $(CRYPTO_CSOURCES) pem.c keepalive.c global.c \ - blowfish.c bcrypt_pbkdf.c agent_win.c - -HHEADERS = libssh2_priv.h $(CRYPTO_HHEADERS) transport.h channel.h comp.h \ - mac.h misc.h packet.h userauth.h session.h sftp.h crypto.h blf.h agent.h diff --git a/Makefile.libgcrypt.inc b/Makefile.libgcrypt.inc deleted file mode 100644 index 0a3aae9..0000000 --- a/Makefile.libgcrypt.inc +++ /dev/null @@ -1,3 +0,0 @@ -CRYPTO_CSOURCES = libgcrypt.c -CRYPTO_HHEADERS = libgcrypt.h -CRYPTO_LTLIBS = $(LTLIBGCRYPT) diff --git a/Makefile.mbedTLS.inc b/Makefile.mbedTLS.inc deleted file mode 100644 index b9f19fc..0000000 --- a/Makefile.mbedTLS.inc +++ /dev/null @@ -1,3 +0,0 @@ -CRYPTO_CSOURCES = mbedtls.c -CRYPTO_HHEADERS = mbedtls.h -CRYPTO_LTLIBS = $(LTLIBMBEDCRYPTO) diff --git a/Makefile.os400qc3.inc b/Makefile.os400qc3.inc deleted file mode 100644 index e55094d..0000000 --- a/Makefile.os400qc3.inc +++ /dev/null @@ -1,2 +0,0 @@ -CRYPTO_CSOURCES = os400qc3.c -CRYPTO_HHEADERS = os400qc3.h diff --git a/NEWS b/NEWS index 7e22b3d..b3bd14c 100644 --- a/NEWS +++ b/NEWS @@ -1,6831 +1,10896 @@ Changelog for the libssh2 project. Generated with git2news.pl -Daniel Stenberg (29 Aug 2021) -- [Will Cosgrove brought this change] +Daniel Stenberg (16 Oct 2024) +- RELEASE-NOTES: 1.11.1 - updated docs for 1.10.0 release +Viktor Szakats (8 Oct 2024) +- RELEASE-NOTES: sync [ci skip] -Marc Hörsken (30 May 2021) -- [Laurent Stacul brought this change] +- [Anders Borum brought this change] - [tests] Try several times to connect the ssh server + session: support server banners up to 8192 bytes (was: 256) - Sometimes, as the OCI container is run in detached mode, it is possible - the actual server is not ready yet to handle SSH traffic. The goal of - this PR is to try several times (max 3). The mechanism is the same as - for the connection to the docker machine. + If server had banner exceeding 256 bytes there wasn't enough room in + `_LIBSSH2_SESSION.banner_TxRx_banner`. Only the first 256 bytes would be + read making the first packet read fail but also dooming key exchange as + `session->remote.banner` didn't include everything. + + This change bumps the banner buffer to 8KB to match OpenSSH. + + Fixes #1442 + Closes #1443 -- [Laurent Stacul brought this change] +- RELEASE-NOTES: sync [ci skip] - Remove openssh_server container on test exit +- cmake: sync and improve Find modules, add `pkg-config` native detection + + - sync code between Find modules. + - wolfssl: replace `pkg-config` hints with native detection. + - libgcrypt, mbedtls: add `pkg-config`-based native detection. + - libgcrypt: add version detection. + - limit `pkg-config` use for `UNIX`, vcpkg, and non-cross MinGW builds, + and builds with no manual customization via `*_INCLUDE_DIR` or + `*_LIBRARY`. + - replace and sync Find module header comments. + - ci: delete manual mbedTLS config that's now redundant. + + Based on similar work done in curl. + + Second attempt at #1420 + Closes #1445 -- [Laurent Stacul brought this change] +- cmake: initialize `LIBSSH2_LIBDIRS` [ci skip] + + Follow-up to c87f12963037b22e6b60411c9c2d6513c06e2f03 #1466 - Allow the tests to run inside a container +- ci/appveyor: fix and bump OpenSSL 3 path, add path check - The current tests suite starts SSH server as OCI container. This commit - add the possibility to run the tests in a container provided that: + Follow-up to b5e68bdc37c6afa0dc777794dda8307167919d04 #1461 + Closes #1468 + +- cmake: link to OpenSSL::Crypto, not OpenSSL::SSL - * the docker client is installed builder container - * the host docker daemon unix socket has been mounted in the builder - container (with, if needed, the DOCKER_HOST environment variable - accordingly set, and the permission to write on this socket) - * the builder container is run on the default bridge network, or the - host network. This PR does not handle the case where the builder - container is on another network. + Follow-up to 82b09f9b3aae97f641fbcc2d746d2a6383abe857 #1322 + Follow-up to c84745e34e53f863ffba997ceeee7d43d1c63a4b #1128 + Cherry-picked from #1445 + Closes #1467 -Marc Hoersken (28 May 2021) -- CI/appveyor: run SSH server for tests on GitHub Actions (#607) +- cmake: generate `LIBSSH2_PC_LIBS_PRIVATE` dynamically - No longer rely on DigitalOcean to host the Docker container. + Generate `LIBSSH2_PC_LIBS_PRIVATE` from `LIBSSH2_LIBS`. - Unfortunately we require a small dispatcher script that has - access to a GitHub access token with scope repo in order to - trigger the daemon workflow on GitHub Actions also for PRs. + Also add extra libdirs (`-L`) to `Libs` and `Libs.private`. - This script is hosted by myself for the time being until GitHub - provides a tighter scope to trigger the workflow_dispatch event. + Logic copied from curl. + + Closes #1466 -GitHub (26 May 2021) -- [Will Cosgrove brought this change] +- cmake: initialize `LIBSSH2_PC_REQUIRES_PRIVATE` [ci skip] + + Follow-up to 0fce9dcc2909ffff5f4a1a1bc3d359fc7f409299 #1464 - openssl.c: guards around calling FIPS_mode() #596 (#603) +- cmake: add comment about `ibssh2.pc.in` variables [ci skip] + +- cmake: support absolute `CMAKE_INSTALL_INCLUDEDIR`/`CMAKE_INSTALL_LIBDIR` - Notes: - FIPS_mode() is not implemented in LibreSSL and this API is removed in OpenSSL 3.0 and was introduced in 0.9.7. Added guards around making this call. + in `libssh2.pc`. - Credit: - Will Cosgrove + Also use `${exec_prefix}` (instead of `${prefix}`) as a base for `libdir`. + + Closes #1465 -- [Will Cosgrove brought this change] +- cmake: rename two variables and initialize them + + - `LIBRARIES` -> `LIBSSH2_LIBS` + - `SOCKET_LIBRARIES` -> `LIBSSH2_LIBS_SOCKET` + + Also initialize them before use. + + Cherry-picked from #1445 + Closes #1464 - configure.ac: don't undefine scoped variable (#594) +- ci/appveyor: reduce test runs (workaround for infrastructure permafails) - * configure.ac: don't undefine scoped variable + Jobs consistently fail to connect to the test server (run in GHA) since + 2024-Aug-29: + https://ci.appveyor.com/project/libssh2org/libssh2/builds/50498393 - To get this script to run with Autoconf 2.71 on macOS I had to remove the undefine of the backend for loop variable. It seems scoped to the for loop and also isn't referenced later in the script so it seems OK to remove it. + There was an earlier phase of failures one month before that, that got + fixed by increasing the wait for the server in + bf3af90b3f1bb14cf452df7a8eb55cc9088f3e7f. - * configure.ac: remove cygwin specific CFLAGS #598 + Thus, skip running tests in AppVeyor CI jobs, except: After some + experiments, it seems that running tests with the last OpenSSL job and + the last WinCrypt job _work_, which still leaves some coverage. + It remains to be seen how stable this is. - Notes: - Remove cygwin specific Win32 CFLAGS and treat the build like a posix build + This is meant as a temporary fix till there is a solution to make all + jobs run tests reliable like up until a few months ago. - Credit: - Will Cosgrove, Brian Inglis + Closes #1461 -- [Laurent Stacul brought this change] +- [Patrick Monnerat brought this change] - tests: Makefile.am: Add missing tests client keys in distribution tarball (#604) + os400: drop vsprintf() use - Notes: - Added missing test keys. + Follow-up to discussion in #1457 - Credit: - Laurent Stacul + Plus e-mail address update. + + Closes #1462 -- [Laurent Stacul brought this change] +- RELEASE-NOTES: sync [ci skip] - Makefile.am: Add missing test keys in the distribution tarball (#601) +Daniel Stenberg (30 Sep 2024) +- openssl: free allocated resources when using openssl3 - Notes: - Fix tests missing key to build the OCI image + Reproduces consistently with curl test case 638 - Credit: - Laurent Stacul + Closes #1459 -Daniel Stenberg (16 May 2021) -- dist: add src/agent.h +Viktor Szakats (28 Sep 2024) +- checksrc: update, check all sources, fix fallouts - Fixes #597 - Closes #599 - -GitHub (12 May 2021) -- [Will Cosgrove brought this change] + update from curl: + https://github.com/curl/curl/blob/cff75acfeca65738da8297aee0b30427b004b240/scripts/checksrc.pl + + Closes #1457 - packet.c: Reset read timeout after received a packet (#576) (#586) +- cmake: prefer `find_dependency()` in `libssh2-config.cmake` - File: - packet.c + CMake manual suggest using `find_dependency()` (over `find_package()`) + in `config.cmake` scripts. - Notes: - Attempt keyboard interactive login (Azure AD 2FA login) and use more than 60 seconds to complete the login, the connection fails. + Ref: https://cmake.org/cmake/help/latest/module/CMakeFindDependencyMacro.html - The _libssh2_packet_require function does almost the same as _libssh2_packet_requirev but this function sets state->start = 0 before returning. + Closes #1460 + +- ci: use Ninja with cmake - Credit: - teottin, Co-authored-by: Tor Erik Ottinsen + Closes #1458 -- [kkoenig brought this change] +GitHub (27 Sep 2024) +- [dksslq brought this change] - Support ECDSA certificate authentication (#570) + Fix memory leaks in _libssh2_ecdsa_curve_name_with_octal_new and _libssh2_ecdsa_verify (#1449) - Files: hostkey.c, userauth.c, test_public_key_auth_succeeds_with_correct_ecdsa_key.c + Better error handling in`_libssh2_ecdsa_curve_name_with_octal_new` and `_libssh2_ecdsa_verify` to prevent leaks. - Notes: - Support ECDSA certificate authentication + Credit: dksslq + +- [rolag brought this change] + + Fix unstable connections over nonblocking sockets (#1454) - Add a test for: - - Existing ecdsa basic public key authentication - - ecdsa public key authentication with a signed public key + The `send_existing()` function allows partially sent packets to be sent + fully before any further packets are sent. Originally this returned + `LIBSSH2_ERROR_BAD_USE` when a different caller or thread tried to send + an existing packet created by a different caller or thread causing the + connection to disconnect. Commit 33dddd2f8ac3bc81 removed the return + allowing any caller to continue sending another caller's packet. This + caused connection instability as discussed in #1397 and confused the + client and server causing occasional duplicate packets to be sent and + giving the error `rcvd too much data` as discussed in #1431. We return + `LIBSSH2_ERROR_EAGAIN` instead to allow existing callers to finish + sending their own packets. - Credit: - kkoenig + Fixes #1397 + Fixes #1431 + Related #720 + + Credit: klux21, rolag -- [Gabriel Smith brought this change] +- [Will Cosgrove brought this change] - agent.c: Add support for Windows OpenSSH agent (#517) + Prevent possible double free of hostkey (#1452) - Files: agent.c, agent.h, agent_win.c + NULL server hostkey based on fuzzer failure case. + +Viktor Szakats (7 Sep 2024) +- cmake: tidy up syntax, minor improvements - Notes: - * agent: Add support for Windows OpenSSH agent + - make internal variables underscore-lowercase. + - unfold lines. + - fold lines setting header directories. + - fix indent. + - drop interim variable `EXAMPLES`. + - initialize some variables before populating them. + - clear a variable after use. + - add `libssh2_dumpvars()` function for debugging. + - allow to override default `CMAKE_UNITY_BUILD_BATCH_SIZE`. + - bump up default `CMAKE_UNITY_BUILD_BATCH_SIZE` to 0 (was 32). + - tidy up option descriptions. - The implementation was partially taken and modified from that found in - the Portable OpenSSH port to Win32 by the PowerShell team, but mostly - based on the existing Unix OpenSSH agent support. + Closes #1446 + +- cmake: rename mbedTLS and wolfSSL Find modules - https://github.com/PowerShell/openssh-portable + To match the curl ones. - Regarding the partial transfer support implementation: partial transfers - are easy to deal with, but you need to track additional state when - non-blocking IO enters the picture. A tracker of how many bytes have - been transfered has been placed in the transfer context struct as that's - where it makes most sense. This tracker isn't placed behind a WIN32 - #ifdef as it will probably be useful for other agent implementations. + Cherry-picked from #1445 + +- RELEASE-NOTES: sync [ci skip] + +- cmake: fixup version detection in mbedTLS find module - * agent: win32 openssh: Disable overlapped IO + - avoid warning with 2.x versions about missing header file while + extracting the version number. - Non-blocking IO is not currently supported by the surrounding agent - code, despite a lot of the code having everything set up to handle it. + - clear temp variables. - Credit: - Co-authored-by: Gabriel Smith + Closes #1444 -- [Zenju brought this change] +- buildconf: drop + + Use `autoreconf -fi` instead. + + Follow-up to fc5d77881eb6bb179f831e626d15f4f29179aad5 + Closes #1441 - Fix detailed _libssh2_error being overwritten (#473) +- [Michael Buckley brought this change] + + Implement chacha20-poly1305@openssh.com - Files: openssl.c, pem.c, userauth.c + Probably the biggest and potentially most controversial change we have + to upstream. - Notes: - * Fix detailed _libssh2_error being overwritten by generic errors - * Unified error handling + Because earlier versions of OpenSSL implemented the algorithm before + standardization, using an older version of OpenSSL can cause problems + connecting to OpenSSH servers. Because of this, we use the public domain + reference implementation instead of the crypto backends, just like + OpenSSH does. - Credit: - Zenju + We've been holding this one for a few years. We were about to upstream + it around the same time as aes128gcm landed upstream, and the two + changes were completely incompatible. Honestly, it took me weeks to + reconcile these two implementations, and it could be much better. + + Our original implementation changed every crypt method to decrypt the + entire message at once. the AESGCM implementation instead went with this + firstlast design, where a firstlast paramater indicates whether this is + the first or last call to the crypt method for each message. That added + a lot of bookkeeping overhead, and wasn't compatible with the chacha + public domain implementation. + + As far as I could tell, OpenSSH uses the technique of decrypting the + entire message in one go, and doesn't have anything like firstlast. + However, I could not get out aes128gcm implementation to work that way, + nor could I get the chacha implementation to work with firstlast, so I + split it down the middle and let each implementation work differently. + It's kind of a mess, and probably should be cleaned up, but I don't have + the time to spend on it anymore, and it's probably better to have + everything upstream. + + Fixes #584 + Closes #1426 -- [Paul Capron brought this change] +- tidy-up: do/while formatting + + Also fix an indentation and delete empty lines. + + Closes #1440 - Fix _libssh2_random() silently discarding errors (#520) +- wolfssl: drop header path hack - Notes: - * Make _libssh2_random return code consistent + The wolfSSL OpenSSL headers reside in `wolfssl/openssl/*.h`. - Previously, _libssh2_random was advertized in HACKING.CRYPTO as - returning `void` (and was implemented that way in os400qc3.c), but that - was in other crypto backends a lie; _libssh2_random is (a macro - expanding) to an int-value expression or function. + Before this patch the wolfSSL OpenSSL compatibilty header includes were + shared with the native OpenSSL codepath, and used `openssl/*h`. For + wolfSSL builds this required a hack to append the + `/wolfssl` directory to the header search path, to find + the headers. - Moreover, that returned code was: - — 0 or success, -1 on error for the MbedTLS & WinCNG crypto backends - But also: - — 1 on success, -1 or 0 on error for the OpenSSL backend! - – 1 on success, error cannot happen for libgcrypt! + This patch changes the source to use the correct header references, + allowing to drop the header path hack. - This commit makes explicit that _libssh2_random can fail (because most of - the underlying crypto functions can indeed fail!), and it makes its result - code consistent: 0 on success, -1 on error. + Also fix to use the correct variable to set up the header path in CMake: + `WOLFSSL_INCLUDE_DIRS` (was: `WOLFSSL_INCLUDE_DIR`, without the `S`) - This is related to issue #519 https://github.com/libssh2/libssh2/issues/519 - It fixes the first half of it. + Closes #1439 + +- cmake: mbedTLS detection tidy-ups - * Don't silent errors of _libssh2_random + - set and use `MBEDTLS_INCLUDE_DIRS`. + - stop marking `MBEDTLS_LIBRARIES` as advanced. - Make sure to check the returned code of _libssh2_random(), and - propagates any failure. + Closes #1438 + +- cmake: add quotes, delete ending dirseps - A new LIBSSH_ERROR_RANDGEN constant is added to libssh2.h - None of the existing error constants seemed fit. + Follow-up to 3fa5282d6284efba62dc591697e6a687152bdcb1 #1166 + Closes #1437 + +- CI/appveyor: increase wait for SSH server on GHA [ci skip] - This commit is related to d74285b68450c0e9ea6d5f8070450837fb1e74a7 - and to https://github.com/libssh2/libssh2/issues/519 (see the issue - for more info.) It closes #519. + Blind attempt to make AppVeyor CI tests work again. + +- disable DSA by default - Credit: - Paul Capron + Also: + - add `LIBSSH2_DSA_ENABLE` to enable it explicitly. + - test the above option in CI. + - say 'deprecated' in docs and public header. + - disable DSA in the CI server config. + (OpenSSH 9.8 no longer builds with it by default) + https://www.openssh.com/txt/release-9.8 + Patch-by: Jose Quaresma + - disable more DSA code when not enabled. + + Fixes #1433 + Closes #1435 + +GitHub (30 Jul 2024) +- [Viktor Szakats brought this change] -- [Gabriel Smith brought this change] + tidy-up: link updates (#1434) - ci: Remove caching of docker image layers (#589) +Marc Hoersken (27 Jul 2024) +- ci/GHA: revert concurrency and improve permissions - Notes: - continued ci reliability work. + Statuses are per AppVeyor event and commit, not pull-request. + Also align permissions approach with curl, least priviledge. - Credit: - Gabriel Smith + Partially reverts b08cfbc99fa4df3459db4e1ccf4263fd260e9b15. -- [Gabriel Smith brought this change] +GitHub (23 Jul 2024) +- [Will Cosgrove brought this change] - ci: Speed up docker builds for tests (#587) - - Notes: - The OpenSSH server docker image used for tests is pre-built to prevent - wasting time building it during a test, and unneeded rebuilds are - prevented by caching the image layers. + Always init mbedtls_pk_context (#1430) - Credit: - Gabriel Smith + In the failure case, mbedtls_pk_context could be free'd without first being initialized. + +- [Viktor Szakats brought this change] + + mbedtls: tidy-up (#1429) - [Will Cosgrove brought this change] - userauth.c: don't error if using keys without RSA (#555) + Correctly initialize values (#1428) - file: userauth.c + Fix regression with commit from #1421 + +Viktor Szakats (14 Jul 2024) +- RELEASE-NOTES: sync [ci skip] + +- [Seo Suchan brought this change] + + mbedtls: expose `mbedtls_pk_load_file()` for our use - notes: libssh2 now supports many other key types besides RSA, if the library is built without RSA support and a user attempts RSA auth it shouldn't be an automatic error + While it's moved to pk_internal, it won't removed in mbedTLS 3.6 LTS + so it's safe to redeclare it on our side to find it. - credit: - Will Cosgrove + This is implementing emergency fix suggested from + https://github.com/libssh2/libssh2/commit/2e4c5ec4627b3ecf4b6da16f365c011dec9a31b4#commitcomment-141379351 + + Follow-up to e973493f992313b3be73f51d3f7ca6d52e288558 #1393 + Follow-up to 2e4c5ec4627b3ecf4b6da16f365c011dec9a31b4 #1349 + Closes #1421 -- [Marc brought this change] +GitHub (13 Jul 2024) +- [Viktor Szakats brought this change] - openssl.c: Avoid OpenSSL latent error in FIPS mode (#528) + ci/GHA: simplify mbedTLS build hack for autotools (#1425) - File: - openssl.c - - Notes: - Avoid initing MD5 digest, which is not permitted in OpenSSL FIPS certified cryptography mode. + Follow-up to e973493f992313b3be73f51d3f7ca6d52e288558 #1393 + +- [Michael Buckley brought this change] + + Always check for null pointers before calling _libssh2_bn_set_word (#1423) + +- [Viktor Szakats brought this change] + + ci/GHA: FreeBSD 14.1, actions bump (#1424) + +- [Michael Buckley brought this change] + + Increase SFTP_HANDLE_MAXLEN back to 4092 (#1422) - Credit: - Marc + Match OpenSSH for compatibility. -- [Laurent Stacul brought this change] +Viktor Szakats (10 Jul 2024) +- ci/GHA: tidy up casing [ci skip] - openssl.c: Fix EVP_Cipher interface change in openssl 3 #463 +- REUSE: fix typo in comment + +- REUSE: shorten and improve - File: - openssl.c + Follow-up to 70b8bf314cf4566a7529c5d6eae63097a926abb0 #1419 + +- REUSE: upgrade to `REUSE.toml` - Notes: - Fixes building with OpenSSL 3, #463. + Closes #1419 + +- build: stop detecting `sys/param.h` header - The change is described there: - https://github.com/openssl/openssl/commit/f7397f0d58ce7ddf4c5366cd1846f16b341fbe43 + This header is no longer used. - Credit: - Laurent Stacul, reported by Sergei + Follow-up to 12427f4fb8e789adcee4a6e30974932883915e88 #1415 + Closes #1418 -- [Gabriel Smith brought this change] +- [Nicolas Mora brought this change] - openssh_fixture.c: Fix potential overwrite of buffer when reading stdout of command (#580) + tests: avoid using `MAXPATHLEN`, for portability - File: - openssh_fixture.c - Notes: - If reading the full output from the executed command took multiple - passes (such as when reading multiple lines) the old code would read - into the buffer starting at the some position (the start) every time. - The old code only works if fgets updated p or had an offset parameter, - both of which are not true. + `MAXPATHLEN` is not present in some systems, e.g. GNU Hurd. - Credit: - Gabriel Smith + Co-authored-by: Viktor Szakats + Ref: 54bef4c5dad868a9d45fdbfca9729b191c0abab5 #198 + Fixes #1414 + Closes #1415 -- [Gabriel Smith brought this change] +- cmake: sync formatting in `cmake/Find*` modules - ci: explicitly state the default branch (#585) - - Notes: - It looks like the $default-branch macro only works in templates, not - workflows. This is not explicitly stated anywhere except the linked PR - comment. +- [Michael Buckley brought this change] + + sftp: implement posix-rename@openssh.com - https://github.com/actions/starter-workflows/pull/590#issuecomment-672360634 + Add a new function `libssh2_sftp_posix_rename_ex()` and + `libssh2_sftp_posix_rename()`, which implement + the posix-rename@openssh.com extension. - credit: - Gabriel Smith - -- [Gabriel Smith brought this change] - - ci: Swap from Travis to Github Actions (#581) + If the server does not support this extension, the function returns + `LIBSSH2_FX_OP_UNSUPPORTED` and it's up to the user to recover, possibly + by calling `libssh2_sftp_rename()`. - Files: ci files + Co-authored-by: Viktor Szakats (bump to size_t) + Closes #1386 + +- src: use `UINT32_MAX` - Notes: - Move Linux CI using Github Actions + Needs to be defined for platforms missing it, e.g. VS2008. - Credit: - Gabriel Smith, Marc Hörsken + Closes #1413 -- [Mary brought this change] +GitHub (25 Jun 2024) +- [Michael Buckley brought this change] - libssh2_priv.h: add iovec on 3ds (#575) + Fix a memory leak in key exchange. (#1412) - file: libssh2_priv.h - note: include iovec for 3DS - credit: Mary Mstrodl + Original fix submitted as a patch by Trzik. + + Co-authored-by: Michael Buckley -- [Laurent Stacul brought this change] +Viktor Szakats (25 Jun 2024) +- RELEASE-NOTES: sync [ci skip] - Tests: Fix unused variables warning (#561) +- wolfssl: fix `EVP_Cipher()` use with v5.6.0 and older - file: test_public_key_auth_succeeds_with_correct_ed25519_key_from_mem.c + Add workaround for the wolfSSL `EVP_Cipher(*p, NULL, NULL, 0)` bug to + make libssh2 work with wolfSSL v5.6.0 and older. - notes: fixed unused vars + wolfSSL fixed this issue in v5.7.0: + https://github.com/wolfSSL/wolfssl/pull/7143 + https://github.com/wolfSSL/wolfssl/commit/b0de0a1c95119786cf5651dd76dd7d7bdfac5a04 - credit: - Laurent Stacul + Without our local workaround: + + - v5.3.0 and older fail most tests: + Ref: https://github.com/libssh2/libssh2/actions/runs/9646827522/job/26604211476#step:17:1263 + + - v5.4.0, v5.5.x, v5.6.0 fail these: + ``` + 29 - test_read-aes128-cbc (Failed) + 30 - test_read-aes128-ctr (Failed) + 32 - test_read-aes192-cbc (Failed) + 33 - test_read-aes192-ctr (Failed) + 34 - test_read-aes256-cbc (Failed) + 35 - test_read-aes256-ctr (Failed) + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/9646827522/job/26604233819#step:17:978 + + Oddly enough the workaround breaks OpenSSL tests, so only enable it for + the affected wolfSSL versions. + + Also add new build-from-source wolfSSL CI job to test the new codepath. + + wolfSSL has a build bug where `wolfssl/options.h` and + `wolfssl/version.h` are not copied to the `install` destination with + autotools. With CMake it has a different bug where `wolfcrypt/sp_int.h` + is not copied (with v5.4.0). And another with CMake where `FIPS_mode()` + remains missing (with v5.6.0 and earlier.) + + Therefore use CMake with v5.5.4 and a workaround for `FIPS_mode()`. + Another option is autotools with v5.4.0 and a workaround for `install`, + but CMake builds quicker. + + Regression-from 3c953c05d67eb1ebcfd3316f279f12c4b1d600b4 #797 + Fixes #1020 + Fixes #1299 + Assisted-by: Michael Buckley via #1394 + Closes #1394 (another attempt to fix the mentioned wolfSSL bug) + Closes #1407 -- [Viktor Szakats brought this change] +- wolfssl: bump version in upstream issue comment [ci skip] - bcrypt_pbkdf.c: fix clang10 false positive warning (#563) - - File: bcrypt_pbkdf.c +- wolfssl: require v5.4.0 for AES-GCM - Notes: - blf_enc() takes a number of 64-bit blocks to encrypt, but using - sizeof(uint64_t) in the calculation triggers a warning with - clang 10 because the actual data type is uint32_t. Pass - BCRYPT_BLOCKS / 2 for the number of blocks like libc bcrypt(3) - does. + Earlier versions crash while running tests. - Ref: https://github.com/openbsd/src/commit/04a2240bd8f465bcae6b595d912af3e2965856de + This patch is part of a series of fixes to make wolfSSL AES-GCM support + work together with libssh2. - Fixes #562 + Possibly related is this wolfSSL bugfix patch, released in v5.4.0: + https://github.com/wolfSSL/wolfssl/pull/5205 + https://github.com/wolfSSL/wolfssl/commit/fb3c611275dfe454c331baa0818445a0406c208a + "Fix another AES-GCM EVP control command issue" - Credit: - Viktor Szakats + Ref: #1020 + Ref: #1299 + Cherry-picked from #1407 + Closes #1411 -- [Will Cosgrove brought this change] +- tests: fix excluding AES-GCM tests + + Replace hard-coded crypto backends and rely on `LIBSSH2_GCM` macro + to decide whether to run AES-GCM tests. + + Without this, build attempted to run AES-GCM tests (and failed) + for crypto backends that have conditional support for this feature, e.g. + wolfSSL without the necessary features built-in + (as in before Homewbrew wolfssl 5.7.0_1, or OpenSSL v1.1.0 and older). + + This patch is part of a series of fixes to make wolfSSL AES-GCM support + work together with libssh2. + + Cherry-picked from #1407 + Closes #1410 - transport.c: release payload on error (#554) +- ci/GHA: fix wolfSSL-from-source AES-GCM tests - file: transport.c - notes: If the payload is invalid and there is an early return, we could leak the payload - credit: - Will Cosgrove + Turns out these tests: + ``` + 31 - test_read-aes128-gcm@openssh.com (Failed) + 36 - test_read-aes256-gcm@openssh.com (Failed) + ``` + were failing because AES-GCM wasn't enabled in libssh2. This in turn + happened because the `WOLFSSL_AESGCM_STREAM` macro wasn't enabled while + building wolfSSL. Which happened because this macro isn't enabled by + any CMake-level wolfSSL option. Passing it as `CPPFLAGS` fixes it. + + This allows enabling tests with wolfSSL 5.7.0. + + Follow-up to d4cea53f53c78febad14b4caa600e25d1aaf92fd #1408 + Closes #1409 -- [Will Cosgrove brought this change] +- ci/GHA: add Linux job with latest wolfSSL built from source + + After this patch it's possible to run tests with wolfSSL 5.7.0. + + wolfSSL 5.7.0 fixes this bug that affects open issues #1020 and #1299: + https://github.com/wolfSSL/wolfssl/pull/7143 + + `-DWOLFSSL_OPENSSLALL=ON` is necessary for `wolfSSL_FIPS_mode()` + + Closes #1408 - ssh2_client_fuzzer.cc: fixed building +- ci/GHA: tidy up build-from-source steps [ci skip] - The GitHub web editor did some funky things + - make curl downloads less verbose. + + - fix cmake warning: + ``` + CMake Warning: + No source or binary directory provided. Both will be assumed to be the + same as the current working directory, but note that this warning will + become a fatal error in future CMake releases. + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/9509866494/job/26213472410#step:5:32 -- [Will Cosgrove brought this change] +- [Adam brought this change] - ssh_client_fuzzer.cc: set blocking mode on (#553) + src: fix type warning in `libssh2_sftp_unlink` macro - file: ssh_client_fuzzer.cc + The `libssh2_sftp_unlink` macro was implicitly casting the `size_t` + returned by `strlen` to the `unsigned int` type expected by + `libssh2_sftp_unlink_ex`. - notes: the session needs blocking mode turned on to avoid EAGAIN being returned from libssh2_session_handshake() + This fix adds an explicit cast to match similar macro definitions in + the same file (e.g. `libssh2_sftp_rename`, `libssh2_sftp_mkdir`). - credit: - Will Cosgrove, reviewed by Michael Buckley - -- [Etienne Samson brought this change] + Closes #1406 - Add a LINT option to CMake (#372) +- libssh2.pc: reference mbedcrypto pkgconfig - * ci: make style-checking available locally + mbedtls 3.6.0 got pkgconfig support: + https://github.com/Mbed-TLS/mbedtls/commit/a4d17b34f354557838e05d2cb47200e8dcaaf59b - * cmake: add a linting target + Reference it from `libssh2.pc`. - * tests: check test suite syntax with checksrc.pl + Closes #1405 -- [Will Cosgrove brought this change] +- tidy-up: typo in comment [ci skip] - kex.c: kex_agree_instr() improve string reading (#552) +- RELEASE-NOTES: sync [ci skip] - * kex.c: kex_agree_instr() improve string reading + Also bump planned deprecation dates. + +- ci/GHA: show configure logs on failure and other tidy-ups - file: kex.c - notes: if haystack isn't null terminated we should use memchr() not strchar(). We should also make sure we don't walk off the end of the buffer. - credit: - Will Cosgrove, reviewed by Michael Buckley + - dump cmake error log on configure failure. (for cmake 3.26 and newer) + - dump `config.log` on autotools configure failure. + - convert specs filename to Windows format before passing to CMake. + - add missing quotes. + + Closes #1403 -- [Will Cosgrove brought this change] +- ci/GHA: bump parallel jobs to nproc+1 + + Ref: https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners#standard-github-hosted-runners-for-public-repositories + + Closes #1402 - kex.c: use string_buf in ecdh_sha2_nistp (#551) +- ci/GHA: show test logs on failure - * kex.c: use string_buf in ecdh_sha2_nistp + Closes #1401 + +- ci/GHA: fix `Dockerfile` failing after Ubuntu package update - file: kex.c + Likely due an upstream Ubuntu package update (requiring an apt-get + install call beforehand), tests run via autotools started failing with + no change in the libssh2 repo: + ``` + FAIL: test_aa_warmup + ==================== - notes: - use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data + Error running command 'docker build --quiet -t libssh2/openssh_server %s' (exit 256): Dockerfile:10 + -------------------- + 8 | && apt-get clean \ + 9 | && rm -rf /var/lib/apt/lists/* + 10 | >>> RUN mkdir /var/run/sshd + 11 | + 12 | # Chmodding because, when building on Windows, files are copied in with + -------------------- + ERROR: failed to solve: process "/bin/sh -c mkdir /var/run/sshd" did not complete successfully: exit code: 1 + + Failed to build docker image + Cannot stop session - none started + Cannot stop container - none started + Command: docker build --quiet -t libssh2/openssh_server ../../tests/openssh_server + FAIL test_aa_warmup (exit status: 1) + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/9322194756/job/25662748095#step:11:390 + + Fix it by skipping `mkdir` if `/var/run/sshd` already exists. + + (Why cmake-based jobs aren't affected, I don't know.) + + Ref: https://github.com/libssh2/libssh2/commit/50143d5867d35df76a6cf589ca8a13b22105aa64#commitcomment-142560875 + Closes #1400 -- [Will Cosgrove brought this change] +- ci/GHA: use ubuntu-latest with OmniOS job + + It's the same as ubuntu-22.04. + + Also update OmniOS package search link. - kex.c: move EC macro outside of if check #549 (#550) +- ci: disable dependency tracking in autotools builds - File: kex.c + For better build performance. Dependency tracking causes a build + overhead while compiling to help a subsequent build, but in CI there is + never one and the extra work is discarded. - Notes: - Moved the macro LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY outside of the LIBSSH2_ECDSA since it's also now used by the ED25519 code. + Closes #1396 + +- mbedtls: fail to compile with v3.6.0 outside CI - Sha 256, 384 and 512 need to be defined for all backends now even if they aren't used directly. I believe this is already the case, but just a heads up. + A compile-time failure is preferred over an unexpected one at + runtime. - Credit: - Stefan-Ghinea + The problem is silenced with a macro in CI and this macro will have + to be added to more platforms when mbedTLS v3.6.0 reaches them. + + Follow-up to 2e4c5ec4627b3ecf4b6da16f365c011dec9a31b4 #1349 + Closes #1393 -- [Tim Gates brought this change] +- tests: drop default cygpath option `-u` - kex.c: fix simple typo, niumber -> number (#545) +- tidy-up: fix typo found by codespell - File: kex.c + Ref: https://github.com/libssh2/libssh2/actions/runs/9224795055/job/25380857082?pr=1393#step:4:5 + +- ci/GHA: shell syntax tidy-up - Notes: - There is a small typo in src/kex.c. + Closes #1390 + +- RELEASE-NOTES: sync [ci skip] + +- ci/GHA: bump NetBSD/OpenBSD, add NetBSD arm64 job - Should read `number` rather than `niumber`. + OpenBSD arm64 jobs were very slow, so skipped that. - Credit: - Tim Gates + Closes #1388 -- [Tseng Jun brought this change] +- autotools: fix to update `LDFLAGS` for each detected dependency + + autotools lib detection routine failed to extend LDFLAGS for each + detection. This could cause successful detection of a dependency, but + later failing to use it. This did not cause an issue as long as all + dependencies lived under the same prefix, but started breaking on macOS + ARM + Homebrew where this was no longer true for mbedTLS and zlib in + particular. + + Follow-up to 844115393bffb4e92c6569204cbe4cd8e553480d #1381 + Follow-up to ae2770de25949bc7c74e60b4cc6a011bbe1d3d7c #1377 + Closes #1384 - session.c: Correct a typo which may lead to stack overflow (#533) +GitHub (8 May 2024) +- [Michael Buckley brought this change] + + OpenSSL 3: Fix calculating DSA public key (#1380) + +Viktor Szakats (8 May 2024) +- ci/GHA: tidy-up wolfSSL autotools config on macOS - File: session.c + Closes #1383 + +- ci/GHA: shorter mbedTLS autotools workaround - Notes: - Seems the author intend to terminate banner_dup buffer, later, print it to the debug console. + Follow-up to 844115393bffb4e92c6569204cbe4cd8e553480d #1381 + Closes #1382 + +GitHub (8 May 2024) +- [Michael Buckley brought this change] + + ci: fix mbedtls runners on macOS (#1381) - Author: - Tseng Jun + Sets LDFLAGS while configuring the autoconf mbedTLS build for macOS. -Marc Hoersken (10 Oct 2020) -- wincng: fix random big number generation to match openssl +Viktor Szakats (29 Apr 2024) +- RELEASE-NOTES: sync [ci skip] + +- [binary1248 brought this change] + + wincng: fix `DH_GEX_MAXGROUP` set higher than supported - The old function would set the least significant bits in - the most significant byte instead of the most significant bits. + In 1c3a03ebc3166cf69735111aba2b8cee57cdba51 #493, + `LIBSSH2_DH_GEX_MAXGROUP` was introduced to specify + crypto-backend-specific modulus sizes. Unfortunately, the max size for + the wincng DH modulus was defined to 8192, probably because this is the + value most other backends support. - The old function would also zero pad too much bits in the - most significant byte. This lead to a reduction of key space - in the most significant byte according to the following listing: - - 8 bits reduced to 0 bits => eg. 2048 bits to 2040 bits DH key - - 7 bits reduced to 1 bits => eg. 2047 bits to 2041 bits DH key - - 6 bits reduced to 2 bits => eg. 2046 bits to 2042 bits DH key - - 5 bits reduced to 3 bits => eg. 2045 bits to 2043 bits DH key + According to Microsoft documentation [1], `BCryptGenerateKeyPair` + currently only supports up to 4096-bit keys when the selected algorithm + is `BCRYPT_DH_ALGORITHM`. Requesting larger keys when calling + `BCryptGenerateKeyPair` in `_libssh2_dh_key_pair` always results in + `STATUS_INVALID_PARAMETER` being returned and ultimately key exchange + failing. - No change would occur for the case of 4 significant bits. - For 1 to 3 significant bits in the most significant byte - the DH key would actually be expanded instead of reduced: - - 3 bits expanded to 5 bits => eg. 2043 bits to 2045 bits DH key - - 2 bits expanded to 6 bits => eg. 2042 bits to 2046 bits DH key - - 1 bits expanded to 7 bits => eg. 2041 bits to 2047 bits DH key + When attempting to connect to any server that offers 8192 bit DH, this + causes key exchange to always fail when using the wincng backend. + Reducing `LIBSSH2_DH_GEX_MAXGROUP` to 4096 fixes the issue. - There is no case of 0 significant bits in the most significant byte - since this would be a case of 8 significant bits in the next byte. + [1] https://learn.microsoft.com/en-us/windows/win32/api/bcrypt/nf-bcrypt-bcryptgeneratekeypair - At the moment only the following case applies due to a fixed - DH key size value currently being used in libssh2: + Closes #1372 + +- build: silence warnings inside `FD_SET()`/`FD_ISSET()` macros - The DH group_order is fixed to 256 (bytes) which leads to a - 2047 bits DH key size by calculating (256 * 8) - 1. + Use an ugly workaround to silence `-Wsign-conversion` warnings triggered + by the internals of `FD_SET()`/`FD_ISSET()` macros. They've been showing + up in OmniOS CI builds when compiling `example` programs. They also have + been seen with older Cygwin and other envs and configurations. - This means the DH keyspace was previously reduced from 2047 bits - to 2041 bits (while the top and bottom bits are always set), so the - keyspace is actually always reduced from 2045 bits to 2039 bits. + Also scope two related variables in examples. - All of this is only relevant for Windows versions supporting the - WinCNG backend (Vista or newer) before Windows 10 version 1903. + E.g.: + ``` + ../../example/direct_tcpip.c:251:9: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion] + 251 | FD_SET(forwardsock, &fds); + | ^~~~~~ + ../../example/direct_tcpip.c:251:9: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion] + ../../example/direct_tcpip.c:251:9: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion] + ../../example/direct_tcpip.c:251:9: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion] + ../../example/direct_tcpip.c:259:18: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion] + 259 | if(rc && FD_ISSET(forwardsock, &fds)) { + | ^~~~~~~~ + ../../example/direct_tcpip.c:259:18: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion] + ../../example/direct_tcpip.c:259:18: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion] + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/8854199687/job/24316762831#step:3:2020 - Closes #521 + Closes #1379 -Daniel Stenberg (28 Sep 2020) -- libssh2_session_callback_set.3: explain the recv/send callbacks +- autotools: use `AM_CFLAGS` - Describe how to actually use these callbacks. + Use `AM_CFLAGS` to pass custom, per-target C flags. This replaces using + `CFLAGS` which triggered this warning when running `autoreconf -fi`: + ``` + tests/Makefile.am:8: warning: 'CFLAGS' is a user variable, you should not override it; + tests/Makefile.am:8: use 'AM_CFLAGS' instead + ``` + (Only for `tests`, even though `example` and `src` also used this + method. The warning is also missing from curl, that also uses + `CFLAGS`.) - Closes #518 + Follow-up to 3ec53f3ea26f61cbf2e0fbbeccb852fca7f9b156 #1286 + Closes #1378 -GitHub (23 Sep 2020) -- [Will Cosgrove brought this change] +GitHub (25 Apr 2024) +- [Viktor Szakats brought this change] - agent.c: formatting + ci/GHA: fix gcrypt with autotools/macOS/Homebrew/ARM64 (#1377) - Improved formatting of RECV_SEND_ALL macro. + mbedtls configure fails to detect anything due to this: + ``` + configure:23101: gcc -o conftest -g -O2 -I/opt/homebrew/include conftest.c -lmbedcrypto -lz >&5 + ld: library 'mbedcrypto' not found + clang: error: linker command failed with exit code 1 (use -v to see invocation) + ``` -- [Will Cosgrove brought this change] +Viktor Szakats (25 Apr 2024) +- autotools: delete bogus square bracket from help text [ci skip] + + Follow-up to 3f98bfb0900b5e68445a339cfebc60b307a24650 #1368 - CMakeLists.txt: respect install lib dir #405 (#515) +GitHub (25 Apr 2024) +- [Viktor Szakats brought this change] + + ci/GHA: fix verbose option for autotools jobs (#1376) - Files: - CMakeLists.txt + Also enable verbose for macOS `make` step. + +- [Viktor Szakats brought this change] + + ci/GHA: dump `config.log` on failure for macOS autotools jobs (#1375) + +- [Viktor Szakats brought this change] + + ci/GHA: fix `autoreconf` failure on macOS/Homebrew (#1374) - Notes: - Use CMAKE_INSTALL_LIBDIR directory + By manually installing `libtool`. - Credit: Arfrever + ``` + autoreconf -fi + shell: /bin/bash -e {0} + configure.ac:75: error: possibly undefined macro: AC_LIBTOOL_WIN32_DLL + If this token and others are legitimate, please use m4_pattern_allow. + See the Autoconf documentation. + configure.ac:76: error: possibly undefined macro: AC_PROG_LIBTOOL + autoreconf: error: /opt/homebrew/Cellar/autoconf/2.72/bin/autoconf failed with exit status: 1 + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/8833608758/job/24253334557#step:4:1 -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - kex.c: group16-sha512 and group18-sha512 support #457 (#468) + ci/GHA: fixup Homebrew location (for ARM runners) (#1373) - Files: kex.c + GHA macOS runners became ARM64 machines. Make the Homebrew prefix + dynamic to adapt to these installations. + +Viktor Szakats (14 Apr 2024) +- RELEASE-NOTES: sync [ci skip] + +- [Patrick Monnerat brought this change] + + os400: Add two recent files to the distribution - Notes: - Added key exchange group16-sha512 and group18-sha512. As a result did the following: + Closes #1364 + +- wincng: add to ci/GHA, add `./configure` option `--enable-ecdsa-wincng` - Abstracted diffie_hellman_sha256() to diffie_hellman_sha_algo() which is now algorithm agnostic and takes the algorithm as a parameter since we needed sha512 support. Unfortunately it required some helper functions but they are simple. - Deleted diffie_hellman_sha1() - Deleted diffie_hellman_sha1 specific macro - Cleaned up some formatting - Defined sha384 in os400 and wincng backends - Defined LIBSSH2_DH_MAX_MODULUS_BITS to abort the connection if we receive too large of p from the server doing sha1 key exchange. - Reorder the default key exchange list to match OpenSSH and improve security + - add `./configure` option `--enable-ecdsa-wincng` - Credit: - Will Cosgrove + - add WinCNG autotools jobs to GHA. + + - enable WinCNG ECDSA in some GHA jobs (both CMake and autotools). + + Follow-up to 3e72343737e5b17ac98236c03d5591d429b119ae #1315 + Closes #1368 -- [Igor Klevanets brought this change] +GitHub (14 Apr 2024) +- [Johannes Passing brought this change] - agent.c: Recv and send all bytes via network in agent_transact_unix() (#510) + wincng: add ECDSA support for host and user authentication (#1315) - Files: agent.c + The WinCNG backend currently only supports DSA and RSA. This PR + adds ECDSA support for host and user authentication. - Notes: - Handle sending/receiving partial packet replies in agent.c API. + * Disable WinCNG ECDSA support by default to maintain backward + compatibility for projects that target versions below Windows 10. - Credit: Klevanets Igor + * Add cmake option `ENABLE_ECDSA_WINCNG` to guard ECDSA support. + + * Update AppVeyor job matrix to only enable ECDSA on Server 2016+ -- [Daniel Stenberg brought this change] +Viktor Szakats (14 Apr 2024) +- ci: enable Unity mode for most CMake builds + + Ref: 7129ea9ca8cca86dac80a6bac2d63937987efe9d #1034 + Closes #1367 - Makefile.am: include all test files in the dist #379 +- os400: fix shellcheck warnings in scripts (fixups) - File: - Makefile.am + - Build scripts must be executed by the os/400 shell (sh), not bash which + is a PASE program: The `-ot` non-POSIX test extension works in os/400 as + well. Ref: https://github.com/libssh2/libssh2/pull/1364#issue-2241646754 - Notes: - No longer conditionally include OpenSSL specific test files, they aren't run if we're not building against OpenSSL 1.1.x anyway. + - Drop/fixup mods trying to make some syntax highlighters happier. - Credit: - Daniel Stenberg + Follow-up to c6625707b94d9093f38f1a0a4d89c11b64f12ba8 #1358 + Assisted-by: Patrick Monnerat + Closes #1364 + Closes #1366 -- [Max Dymond brought this change] +- cmake: style tidy-up (more) + + Follow-up to 3fa5282d6284efba62dc591697e6a687152bdcb1 #1166 + Closes #1365 - Add support for an OSS Fuzzer fuzzing target (#392) +- RELEASE-NOTES: sync [ci skip] + +- os400: fix shellcheck warnings in scripts - Files: - .travis.yml, configure.ac, ossfuzz + - use `$()` instead of backticks, and re-arrange double-quotes inside. + - add missing `|| exit 1` to `cd` calls. (could be dropped by using `set -eu`.) + - add `-n` to a few `if`s. + - shorten redirections by using `{} >` (as shellcheck recommended). + - silence warnings where variables were detected as unused (SC2034). + - a couple misc updates to silence warnings. + - switch to bash shebang for `-ot` feature. + - split two lines to unbreak syntax highlighting in my editor. (`$(expr \`, `$(dirname \`) - Notes: - This adds support for an OSS-Fuzz fuzzing target in ssh2_client_fuzzer, - which is a cut down example of ssh2.c. Future enhancements can improve - coverage. + Also enable CI checks for OS/400 shell scripts. - Credit: - Max Dymond + Ref: d88b9bcdafe9d19aad2fb120d0a0acb3edab64f7 + Closes #1358 -- [Sebastián Katzer brought this change] +- RELEASE-NOTES: sync [ci skip] - mbedtls.c: ECDSA support for mbed TLS (#385) +- ci: add shellcheck job and script - Files: - mbedtls.c, mbedtls.h, .travis.yml + Add FIXME for OS/400 scripts. - Notes: - This PR adds support for ECDSA for both key exchange and host key algorithms. + Cherry-picked from #1358 + +- tests: fix shellcheck issues in `test_sshd.test` - The following elliptic curves are supported: + Cherry-picked from #1358 + +- RELEASE-NOTES: sync [ci skip] + +GitHub (9 Apr 2024) +- [Viktor Szakats brought this change] + + ci/appveyor: re-enable OpenSSL 3, also bump to 3.2.1 (#1363) - 256-bit curve defined by FIPS 186-4 and SEC1 - 384-bit curve defined by FIPS 186-4 and SEC1 - 521-bit curve defined by FIPS 186-4 and SEC1 + Ref: 104744f4a523de574ce3767c50948d9b8385be4c #1348 + +Viktor Szakats (9 Apr 2024) +- ci: use a better test timestamp [ci skip] - Credit: - Sebastián Katzer + Mar 27 2024 08:00:00 GMT+0000 + + Follow-up to 2d765e454d98b794a5e5bbc497b1fcba4a9b8c4b #1360 -Marc Hoersken (1 Sep 2020) -- buildconf: exec autoreconf to avoid additional process (#512) +GitHub (9 Apr 2024) +- [Viktor Szakats brought this change] + + ci: verify build and install from tarball (#1362) - Also make buildconf exit with the return code of autoreconf. + Install verification based on: + https://github.com/curl/curl/blob/28c5ddf13ac311d10bc4e8f9fc4ce0858a19b888/scripts/installcheck.sh + +Viktor Szakats (9 Apr 2024) +- tidy-up: dir names, command-line [ci skip] - Follow up to #224 + Follow-up to 2d765e454d98b794a5e5bbc497b1fcba4a9b8c4b #1360 -- scp.c: fix indentation in shell_quotearg documentation +- cmake: tidy up function name casing in `CopyRuntimeDependencies.cmake` + + Use lowercase to match callers. -- wincng: make more use of new helper functions (#496) +GitHub (9 Apr 2024) +- [Viktor Szakats brought this change] -- wincng: make sure algorithm providers are closed once (#496) + ci: add reproducibility test for `maketgz` (#1360) -GitHub (10 Jul 2020) -- [David Benjamin brought this change] +Viktor Szakats (9 Apr 2024) +- maketgz: add reproducible dir entries to tarballs + + In the initial implementation of reproducible tarballs, they were + missing directory entries, while .zip archives had them. It meant + that on extracting the tarball, on-disk directory entries got the + current timestamp. + + This patch fixes this by including directory entries in the tarball, + with reproducible timestamps. It also moves sorting inside tar, + to ensure reproducible directory entry timestamps on extract + (without the need of `--delay-directory-restore` option, when + extracting with GNU tar. BSD tar got that right by default.) + + GNU tar 1.28 (2014-07-28) introduced `--sort=`. + + Follow-up to d52fe1b4358fab891037d86b5c73c098079567db #1357 + Closes #1359 - openssl.c: clean up curve25519 code (#499) +- ci/GHA: improve version number in `maketgz` test - File: openssl.c, openssl.h, crypto.h, kex.c + Follow-up to cba7f97506c1b8e5ff131bbbc57b5796ac634c56 #1353 + +GitHub (8 Apr 2024) +- [Michael Buckley brought this change] + + src: check the return value from `_libssh2_bn_*()` functions (#1354) - Notes: - This cleans up a few things in the curve25519 implementation: + Found by oss-fuzz. In `diffie_hellman_sha_algo()`, we were calling + `_libssh2_bn_from_bin()` with data recieved by the server without + checking whether that data was zero-length or ridiculously long. + In the OpenSSL backend, this would cause `_libssh2_bn_from_bin()` + to fail an allocation, which would eventually lead to a NULL + dereference when the bignum was used. - - There is no need to create X509_PUBKEYs or PKCS8_PRIV_KEY_INFOs to - extract key material. EVP_PKEY_get_raw_private_key and - EVP_PKEY_get_raw_public_key work fine. + Add the same check for `_libssh2_bn_set_word()` and + `_libssh2_bn_to_bin()`. + +Viktor Szakats (8 Apr 2024) +- maketgz: reproducible tarballs/zip, display tarball hashes - - libssh2_x25519_ctx was never used (and occasionally mis-typedefed to - libssh2_ed25519_ctx). Remove it. The _libssh2_curve25519_new and - _libssh2_curve25519_gen_k interfaces use the bytes. Note, if it needs - to be added back, there is no need to roundtrip through - EVP_PKEY_new_raw_private_key. EVP_PKEY_keygen already generated an - EVP_PKEY. + - support `SOURCE_DATE_EPOCH` for reproducibility. + - make tarballs reproducible. + - make file timestamps in tarball/zip reproducible. + - make directory timestamps in zip reproducible. + - make timestamps of tarballs/zip reproducible. + - make file order in tarball/zip reproducible. + - use POSIX ustar tarball format to avoid supply chain vulnerability: https://seclists.org/oss-sec/2021/q4/0 + - make uid/gid in tarball reproducible. + - omit owner user/group names from tarball for reproducibility and privacy. + - omit current timestamp from .gz header for reproducibility. + - display SHA-256 hashes of produced tarballs/zip. (Requires `sha256sum`) + - re-sync formatting with curl's `maketgz`. - - Add some missing error checks. + Closes #1357 + +- maketgz: `set -eu`, reproducibility, improve zip, add CI test - Credit: - David Benjamin + - set bash `-eu`. + - fix bash `-eu` issues. + - apply `TZ=UTC` and `LC_ALL=C` for reproducibility. + - sort `.zip` entries for reproducibility. + - zip with `--no-extra` for reproducibliity. + - use maximum zip compression. + - add the gpg sign command-line. Copied from curl. + - add CI test for `maketgz`. + + Closes #1353 -- [Will Cosgrove brought this change] +- RELEASE-NOTES: sync and cleanups [ci skip] - transport.c: socket is disconnected, return error (#500) +GitHub (3 Apr 2024) +- [Tejaswikandula brought this change] + + Support RSA SHA2 cert-based authentication (rsa-sha2-512_cert and rsa-sha2-256_cert) (#1314) - File: transport.c + Replicating OpenSSH's behavior to handle RSA certificate authentication + differently based on the remote server version. - Notes: - This is to fix #102, instead of continuing to attempt to read a disconnected socket, it will now error out. + 1. For OpenSSH versions >= 7.8, ascertain server's support for RSA Cert + types by checking if the certificate's signature type is present in + the `server-sig-algs`. - Credit: - TDi-jonesds - -- [Will Cosgrove brought this change] + 2. For OpenSSH versions < 7.8, Set the "SSH_BUG_SIGTYPE" flag when the + RSA key in question is a certificate to ignore `server-sig-algs` and + only offer ssh-rsa signature algorithm for RSA certs. + + This arises from the fact that OpenSSH versions up to 7.7 accept + RSA-SHA2 keys but not RSA-SHA2 certificate types. Although OpenSSH <=7.7 + includes RSA-SHA2 keys in the `server-sig-algs`, versions <=7.7 do not + actually support RSA certs. Therefore, server sending RSA-SHA2 keys in + `server-sig-algs` should not be interpreted as indicating support for + RSA-SHA2 certs. So, `server-sig-algs` are ignored when the RSA key in + question is a cert, and the remote server version is 7.7 or below. + + Relevant sections of the OpenSSH source code: + + + + + Assisted-by: Will Cosgrove + Reviewed-by: Viktor Szakats - stale.yml +Viktor Szakats (3 Apr 2024) +- RELEASE-NOTES: sync [ci skip] - Increasing stale values. + Also fix to include 3-digit issue/PR references. -Marc Hoersken (6 Jul 2020) -- wincng: try newer DH API first, fallback to legacy RSA API +- mbedtls: add workaround + FIXME to build with 3.6.0 - Avoid the use of RtlGetVersion or similar Win32 functions, - since these depend on version information from manifests. + This is just a stub to make `_libssh2_mbedtls_ecdsa_new_private` + compile. - This commit makes the WinCNG backend first try to use the - new DH algorithm API with the raw secret derivation feature. - In case this feature is not available the WinCNG backend - will fallback to the classic approach of using RSA-encrypt - to perform the required modular exponentiation of BigNums. + mbedtls 3.6.0 silently deleted its public API `mbedtls_pk_load_file`, + which this function relies on. - The feature availability test is done during the first handshake - and the result is stored in the crypto backends global state. + Closes #1349 + +GitHub (3 Apr 2024) +- [Viktor Szakats brought this change] + + ci/appveyor: OpenSSL 3 no longer found by CMake, revert to 1.1.1 (#1348) - Follow up to #397 - Closes #484 + Ref: https://github.com/appveyor/build-images/commit/702e8cdca01f28f6a40687783f493c786cebbe2c + Ref: https://github.com/appveyor/build-images/pull/149 -- wincng: fix indentation of function arguments and comments +Viktor Szakats (3 Apr 2024) +- docs: improve `libssh2_userauth_publickey_from*` manpages - Follow up to #397 + Reported-by: Lyndon Brown + Assisted-by: Ryan Kelley + Fixes #652 + Closes #1308 + Closes #xxxx -- [Wez Furlong brought this change] +- RELEASE-NOTES: sync [ci skip] - wincng: use newer DH API for Windows 8.1+ +GitHub (2 Apr 2024) +- [Viktor Szakats brought this change] + + test debian:testing-slim post xz backdoor removal (#1346) - Since Windows 1903 the approach used to perform DH kex with the CNG - API has been failing. + The unexplained CI fallouts are gone with the latest debian:testing (20240330). - This commit switches to using the `DH` algorithm provider to perform - generation of the key pair and derivation of the shared secret. + Ref #1328 #1329 #1338. + Closes #1346 + +Viktor Szakats (30 Mar 2024) +- ci: use Linux runner for BSDs, add arm64 FreeBSD 14 job - It uses a feature of CNG that is not yet documented. The sources of - information that I've found on this are: + - bump cross-platform-actions to 0.23.0. + Ref: https://github.com/cross-platform-actions/action/releases/tag/v0.23.0 - * https://stackoverflow.com/a/56378698/149111 - * https://github.com/wbenny/mini-tor/blob/5d39011e632be8e2b6b1819ee7295e8bd9b7a769/mini/crypto/cng/dh.inl#L355 + - switch to Linux runners (from macOS) for cross-platform-actions. + It's significantly faster. - With this change I am able to successfully connect from Windows 10 to my - ubuntu system. + - switch back FreeBSD 14 job to cross-platform-actions. + Also switch back to default shell. - Refs: https://github.com/alexcrichton/ssh2-rs/issues/122 - Fixes: https://github.com/libssh2/libssh2/issues/388 - Closes: https://github.com/libssh2/libssh2/pull/397 + - add FreeBSD 14 arm64 job. + + Closes #1343 -GitHub (1 Jul 2020) -- [Zenju brought this change] +- ci: use single quotes in yaml [ci skip] - comp.c: Fix name clash with ZLIB macro "compress" (#418) +- ci: tidy-up job order [ci skip] + +- build: drop `-Wformat-nonliteral` warning suppressions - File: comp.c + Also markup a vararg function as such. - Notes: - * Fix name clash with ZLIB macro "compress". + In functions marked up as vararg functions, there is no need to suppress + `-Wformat-nonliteral` warnings. It's done automatically by the compiler. - Credit: - Zenju + Closes #1342 -- [yann-morin-1998 brought this change] +- ci: delete flaky FreeBSD 13.2 job + + Keep FreeBSD 14. - buildsystem: drop custom buildconf script, rely on autoreconf (#224) +- RELEASE-NOTES: sync [ci skip] + +- example: restore `sys/time.h` for AIX - Notes: - The buildconf script is currently required, because we need to copy a - header around, because it is used both from the library and the examples - sources. + In AIX, `time.h` header file doesn't have definitions like + `fd_set`, `struct timeval`, which are found in `sys/time.h`. - However, having a custom 'buildconf'-like script is not needed if we can - ensure that the header exists by the time it is needed. For that, we can - just append the src/ directory to the headers search path for the - examples. + Add `sys/time.h` to files affected when available. - And then it means we no longer need to generate the same header twice, - so we remove the second one from configure.ac. + Regression from e53aae0e16dbf53ddd1a4fcfc50e365a15fcb8b9 #1001. - Now, we can just call "autoreconf -fi" to generate the autotools files, - instead of relying on the canned sequence in "buildconf", since - autoreconf has now long known what to do at the correct moment (future - versions of autotools, automake, autopoint, autoheader etc... may - require an other ordering, or other intermediate steps, etc...). + Reported-by: shubhamhii on GitHub + Assisted-by: shubhamhii on GitHub + Fixes #1334 + Fixes #1335 + Closes #1340 + +- userauth: avoid oob with huge interactive kbd response - Eventually, get rid of buildconf now it is no longer needed. In fact, we - really keep it for legacy, but have it just call autoreconf (and print a - nice user-friendly warning). Don't include it in the release tarballs, - though. + - If the length of a response is `UINT_MAX - 3` or larger, an unsigned + integer overflow occurs on 64-bit systems. Avoid such truncation to + always allocate enough memory to avoid subsequent out of boundary + writes. - Update doc, gitignore, and travis-CI jobs accordingly. + Patch-by: Tobias Stoeckmann - Credit: - Signed-off-by: "Yann E. MORIN" - Cc: Sam Voss + - also add FIXME to bump up length field to `size_t` (ABI break) + + Closes #1337 -- [Will Cosgrove brought this change] +GitHub (28 Mar 2024) +- [Josef Cejka brought this change] - libssh2.h: Update Diffie Hellman group values (#493) - - File: libssh2.h + transport: check ETM on remote end when receiving (#1332) - Notes: - Update the min, preferred and max DH group values based on RFC 8270. + We should check if encrypt-then-MAC feature is enabled in remote end's + configuration. - Credit: - Will Cosgrove, noted from email list by Mitchell Holland + Fixes #1331 -Marc Hoersken (22 Jun 2020) -- travis: use existing Makefile target to run checksrc +- [Josef Cejka brought this change] -- Makefile: also run checksrc on test source files + kex: always add extension indicators to kex_algorithms (#1327) + + KEX pseudo-methods "ext-info-c" and "kex-strict-c-v00@openssh.com" + are in default kex method list but they were lost after configuring + custom kex method list in libssh2_session_method_pref(). + + Fixes #1326 -- tests: avoid use of deprecated function _sleep (#490) +- [Jiwoo Park brought this change] -- tests: avoid use of banned function strncat (#489) + cmake: use the imported target of FindOpenSSL module (#1322) + + * Use the imported target of FindOpenSSL module + * Build libssh2 before test runner + * Use find_package() in the CMake config file + * Use find_dependency() rather than find_package() + * Install CMake module files and use them in the config file + * Use elseif() to choose the crypto backend -- tests: satisfy checksrc regarding max line length of 79 chars +- [Andrei Augustin brought this change] + + docs: update INSTALL_AUTOTOOLS (#1316) - Follow up to 2764bc8e06d51876b6796d6080c6ac51e20f3332 + corrected --with-libmbedtls-prefix to current option --with-libmbedcrypto-prefix -- tests: satisfy checksrc with whitespace only fixes +Viktor Szakats (28 Mar 2024) +- ci: don't parallelize `distcheck` job - checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF - -ACOPYRIGHT -AFOPENMODE tests/*.[ch] + A while ago the `distcheck` CI job became flaky. This continued after + switching to Debian stable (from testing). Try stabilzing it by running + it single-threaded. + + Closes #1339 -- tests: add support for ports published via Docker for Windows +- Dockerfile: switch to Debian stable (from testing) + + This fixes flakiness experienced recently with two OpenSSL jobs and one + libgcrypt job, and/or intermittently causing all Docker-based tests to + fail. + + Reported-by: András Fekete + Fixes #1328 + Fixes #1329 + Closes #1338 -- tests: restore retry behaviour for docker-machine ip command +GitHub (22 Feb 2024) +- [Michael Buckley brought this change] -- tests: fix mix of declarations and code failing C89 compliance + Supply empty hash functions for mac_method_hmac_aesgcm to avoid a crash when e.g. setting LIBSSH2_METHOD_CRYPT_CS (#1321) -- wincng: add and improve checks in bit counting function +- [Michael Buckley brought this change] -- wincng: align bits to bytes calculation in all functions + gen_publickey_from_dsa: Initialize BIGNUMs to NULL for OpenSSL 3 (#1320) -- wincng: do not disable key validation that can be enabled +Viktor Szakats (23 Jan 2024) +- RELEASE-NOTES: add algo deprecation notices [ci skip] - The modular exponentiation also works with key validation enabled. + Closes #1307 -- wincng: fix return value in _libssh2_dh_secret - - Do not ignore return value of modular exponentiation. +- RELEASE-NOTES: sync [ci skip] -- appveyor: build and run tests for WinCNG crypto backend +GitHub (22 Jan 2024) +- [Juliusz Sosinowicz brought this change] -GitHub (1 Jun 2020) -- [suryakalpo brought this change] + wolfssl: enable debug logging in wolfSSL when compiled in (#1310) + + Co-authored-by: Viktor Szakats - INSTALL_CMAKE.md: Update formatting (#481) +- [monnerat brought this change] + + os400: maintain up to date (#1309) - File: INSTALL_CMAKE.md + - Handle MD5 conditionals in os400qc3. + - Check for errors in os400qc3 pbkdf1. + - Implement an optional build options override file. + - Sync ILE/RPG copy files with current C header files. + - Allow a null session within a string conversion cache. + - Add an ILE/RPG example. + - Adjust outdated copyrights in changed files. + +Viktor Szakats (18 Jan 2024) +- RELEASE-NOTES: sync + +- src: check hash update/final success - Notes: - Although the original text would be immediately clear to seasoned users of CMAKE and/or Unix shell, the lack of newlines may cause some confusion for newcomers. Hence, wrapping the texts in a md code-block such that the newlines appear as intended. + Also: + - delete unused internal macro `libssh2_md5()` where defined. + - prefix `libssh2_os400qc3_hash*()` function names with underscore. + These are public/visible, but internal. + - add FIXMEs to OS/400 code to verify update/final calls; some OS API, + some internal. - credit: - suryakalpo + Ref: https://github.com/libssh2/libssh2/pull/1301#discussion_r1446861650 + Reviewed-by: Michael Buckley + Reviewed-by: Patrick Monnerat + Closes #1303 -Marc Hoersken (31 May 2020) -- src: add new and align include guards in header files (#480) - - Make sure all include guards exist and follow the same format. +- RELEASE-NOTES: sync [ci skip] -- wincng: fix multiple definition of `_libssh2_wincng' (#479) - - Add missing include guard and move global state - from header to source file by using extern. +GitHub (18 Jan 2024) +- [Ryan Kelley brought this change] -GitHub (28 May 2020) -- [Will Cosgrove brought this change] + openssl: fix cppcheck found NULL dereferences (#1304) + + * Fix NULL dereference in gen_publickey_from_rsa_evp and + gen_publickey_from_dsa_evp. + * Add checks for en_publickey_from_ec_evp and en_publickey_from_ed_evp - transport.c: moving total_num check from #476 (#478) +Viktor Szakats (12 Jan 2024) +- openssl: delete internal `read_openssh_private_key_from_memory()` - file: transport.c + It was wrapping another internal function with no added logic. - notes: - moving total_num zero length check from #476 up to the prior bounds check which already includes a total_num check. Makes it slightly more readable. + Closes #1306 + +- openssl: formatting/whitespace - credit: - Will Cosgrove + Also use `NULL` instead of `0` for pointers. + + Closes #1305 -- [lutianxiong brought this change] +- HACKING-CRYPTO: more fixups [ci skip] + + Follow-up to f64885b6ab9bbdae2da9ebd70f4dd5cea56e838a #1297 - transport.c: fix use-of-uninitialized-value (#476) +- HACKING-CRYPTO: fixups [ci skip] - file:transport.c + Follow-up to f64885b6ab9bbdae2da9ebd70f4dd5cea56e838a #1297 + +- RELEASE-NOTES: sync [ci skip] + +- src: check hash init success - notes: - return error if malloc(0) + Before this patch, SHA2 and SHA1 init function results were cast to + `void`. This patch makes sure to verify these values. - credit: - lutianxiong + Also: + - exclude an `assert(0)` from release builds in `_libssh2_sha_algo_ctx_init()`. + (return error instead) + - fix indentation / whitespace + + Reviewed-by: Michael Buckley + Closes #1301 + +- mac: handle low-level errors + + - update low-level hmac functions from macros to functions. + - libgcrypt: propagate low-level hmac errors. + - libgcrypt: add error checks for hmac calls. + - os400qc3: add error checks, propagate them. + Assisted-by: Patrick Monnerat + - mbedtls: fix propagating low-level hmac errors. + - wincng: fix propagating low-level hmac errors. + - mac: verify success of low-level hmac functions. + - knownhost: verify success of low-level hmac functions. + - transport: verify success of MAC hash call. + - minor type cleanup in wincng. + - delete unused ripemd wrapper in wincng. + - delete unused SHA384 wrapper in mbedtls. + + Reported-by: Paul Howarth + Reviewed-by: Michael Buckley + Closes #1297 + +GitHub (8 Jan 2024) +- [Michael Buckley brought this change] -- [Dr. Koutheir Attouchi brought this change] + Fix an out-of-bounds read in _libssh2_kex_agree_instr when searching for a KEX not in the server list (#1302) - libssh2_sftp.h: Changed type of LIBSSH2_FX_* constants to unsigned long, fixes #474 +Viktor Szakats (21 Dec 2023) +- RELEASE-NOTES: sync [ci skip] + +- ci/appveyor: re-enable parallel mode - File: - libssh2_sftp.h + The comment cited earlier is no longer true with recent CMake versions. + This options does actually enable parallel builds with MSVC since CMake + v3.26.0: https://gitlab.kitware.com/cmake/cmake/-/issues/20564 - Notes: - Error constants `LIBSSH2_FX_*` are only returned by `libssh2_sftp_last_error()` which returns `unsigned long`. - Therefore these constants should be defined as unsigned long literals, instead of int literals. + The effect isn't much for libssh2, because it spends most time in tests, + but let's enable it anyway for efficiency. - Credit: - Dr. Koutheir Attouchi - -- [monnerat brought this change] + Ref: 0d08974633cfc02641e6593db8d569ddb3644255 #884 + Ref: 7a039d9a7a2945c10b4622f38eeed21ba6b4ec55 #867 + + Closes #1294 - os400qc3.c: constify libssh2_os400qc3_hash_update() data parameter. (#469) +- ci/gha: review/fixup auto-cancel settings - Files: os400qc3.c, os400qc3.h + - use the group expression from `reuse.yml` (via curl). + - add auto-cancel for `ci` and `cifuzz`. + - add auto-cancel to `appveyor_docker`. I'm just guessing here. + The hope is that it fixes AppVeyor CI runs when re-pushing a PR. + This frequently caused the freshly pushed session to fail waiting for + a connection. + - sync group expression in `appveyor_status` with `reuse`. - Notes: - Fixes building on OS400. #426 + Closes #1292 + +- RELEASE-NOTES: fix casing in GitHub names [ci skip] + +- RELEASE-NOTES: synced [ci skip] - Credit: - Reported-by: hjindra on github, dev by Monnerat + Closes #1279 -- [monnerat brought this change] +- [Michael Buckley brought this change] - HACKING.CRYPTO: keep up to date with new crypto definitions from code. (#466) + src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack" - File: HACKING.CRYPTO + Refs: + https://terrapin-attack.com/ + https://seclists.org/oss-sec/2023/q4/292 + https://osv.dev/list?ecosystem=&q=CVE-2023-48795 + https://github.com/advisories/GHSA-45x7-px36-x8w8 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 - Notes: - This commit updates the HACKING.CRYPTO documentation file in an attempt to make it in sync with current code. - New documented features are: + Fixes #1290 + Closes #1291 + +- session: add `libssh2_session_callback_set2()` - SHA384 - SHA512 - ECDSA - ED25519 + Add new `libssh2_session_callback_set2()` API that deprecates + `libssh2_session_callback_set()`. - Credit: - monnerat - -- [Harry Sintonen brought this change] + The new implementation offers the same functionality, but accepts and + returns a generic function pointer (of type `libssh2_cb_generic *`), as + opposed to the old function that used data pointers (`void *`). The new + solution thus avoids data to function (and vice versa) pointer + conversions, which has undefined behaviour in standard C. + + About the name: It seems the `*2` suffix was used in the past for + replacement functions for deprecated ones. Let's stick with that. + `*_ex` was preferred for new functions that extend existing ones with + new features. + + Closes #1285 - kex.c: Add diffie-hellman-group14-sha256 Key Exchange Method (#464) +- build: enable `-pedantic-errors` - File: kex.c + According to the manual, this isn't the same as `-Werror -pedantic`. + Enable it together with `-Werror`. - Notes: Added diffie-hellman-group14-sha256 kex + https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html#index-pedantic-errors-1 - Credit: Harry Sintonen - -- [Will Cosgrove brought this change] - - os400qc3.h: define sha512 macros (#465) + This option results in autotools feature detection going into crazies. + To avoid this, we add it to `CFLAGS` late. Idea copied from curl. - file: os400qc3.h - notes: fixes for building libssh2 1.9.x - -- [Will Cosgrove brought this change] - - os400qc3.h: define EC types to fix building #426 (#462) + This option has an effect only with gcc 5.0 and newer as of this commit. + Let's enable it for clang and older versions too for simplicity. Ref: + https://github.com/curl/curl/commit/d5c0351055d5709da8f3e16c91348092fdb481aa + https://github.com/curl/curl/pull/2747 - File: os400qc3.h - Notes: define missing EC types which prevents building - Credit: hjindra + Closes #1286 -- [Brendan Shanks brought this change] +- build: add mingw-w64 support to `LIBSSH2_PRINTF()` attribute + + And fix the warning it detected. + + Closes #1287 - hostkey.c: Fix 'unsigned int'/'uint32_t' mismatch (#461) +- libssh2.h: add deprecated function warnings - File: hostkey.c + With deprecated-at versions and suggested replacement function. - Notes: - These types are the same size so most compilers are fine with it, but CodeWarrior (on classic MacOS) throws an ‘illegal implicit conversion’ error + It's possible to silence them by defining `LIBSSH2_DISABLE_DEPRECATION`. - Credit: Brendan Shanks - -- [Thomas Klausner brought this change] - - Makefile.am: Fix unportable test(1) operator. (#459) + Also add depcreated-at versions to documentation, and unify wording. - file: Makefile.am + Ref: https://github.com/libssh2/libssh2/pull/1260#issuecomment-1837017987 + Closes #1289 + +- ci/spellcheck: delete redundant option [ci skip] - Notes: - The POSIX comparison operator for test(1) is =; bash supports == but not even test from GNU coreutils does. + `--check-hidden` not necessary when passing filenames explicitly. - Credit: - Thomas Klausner + Follow-up to a79218d3a058a333bb9de14079548a3511679a04 -- [Tseng Jun brought this change] +- tidy-up: add empty line for clarity [ci skip] - openssl.c: minor changes of coding style (#454) +- build: FIXME `-Wsign-conversion` to be errors [ci skip] + +- src: disable `-Wsign-conversion` warnings, add option to re-enable - File: openssl.c + To avoid the log noise till we fix those ~360 compiler warnings. - Notes: - minor changes of coding style and align preprocessor conditional for #439 + Also add macro `LIBSSH2_WARN_SIGN_CONVERSION` to re-enable them. - Credit: - Tseng Jun + Follow-up to afa6b865604019ab27ec033294edfe3ded9ae0c0 #1257 + + Closes #1284 -- [Hans Meier brought this change] +- cmake: fix indentation [ci skip] - openssl.c: Fix for use of uninitialized aes_ctr_cipher.key_len (#453) +- example, tests: call `WSACleanup()` for each `WSAStartup()` - File: - Openssl.c + On Windows. - Notes: - * Fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression from #439 + Closes #1283 + +- RELEASE-NOTES: update credits [ci skip] - Credit: - Hans Meirer, Tseng Jun + Ref: https://github.com/libssh2/libssh2/pull/1241#issuecomment-1830118584 -- [Zenju brought this change] +- RELEASE-NOTES: avoid splitting names, fix typo, refine order [ci skip] - agent.c: Fix Unicode builds on Windows (#417) +- RELEASE-NOTES: synced [ci skip] + +- add portable `LIBSSH2_SOCKET_CLOSE()` macro - File: agent.c + Add `LIBSSH2_SOCKET_CLOSE()` to the public `libssh2.h` header, for user + code. It translates to `closesocket()` on Windows and `close()` on other + platforms. - Notes: - Fixes unicode builds for Windows in Visual Studio 16.3.2. + Use it in example code. - Credit: - Zenju - -- [Hans Meier brought this change] + It makes them more readable by reducing the number of `_WIN32` guards. + + Closes #1278 - openssl.c: Fix use-after-free crash in openssl backend without memory leak (#439) +- ci: add FreeBSD 14 job, fix issues - Files: openssl.c + - install bash to fix error when running tests: + ``` + ERROR: test_sshd.test - missing test plan + ERROR: test_sshd.test - exited with status 127 (command not found?) + ===================================== + [...] + # TOTAL: 4 + # PASS: 2 + # SKIP: 0 + # XFAIL: 0 + # FAIL: 0 + # XPASS: 0 + # ERROR: 2 + [...] + env: bash: No such file or directory + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/7133852508/job/19427420687#step:3:3998 - Notes: - Fixes memory leaks and use after free AES EVP_CIPHER contexts when using OpenSSL 1.0.x. + - fix sshd issue when running tests: + ``` + # sshd log: + # Server listening on :: port 4711. + # Server listening on 0.0.0.0 port 4711. + # Authentication refused: bad ownership or modes for file /home/runner/work/libssh2/libssh2/tests/key_rsa.pub + # Authentication refused: bad ownership or modes for file /home/runner/work/libssh2/libssh2/tests/openssh_server/authorized_keys + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/7134629175/job/19429828342#step:3:4059 - Credit: - Hans Meier + Cherry-picked from #1277 + Closes #1277 -- [Romain Geissler @ Amadeus brought this change] - - Session.c: Fix undefined warning when mixing with LTO-enabled libcurl. (#449) +- ci: add OmniOS job, fix issues - File: Session.c + - use GNU Make, to avoid errors: + ``` + make: Fatal error in reader: Makefile, line 983: Badly formed macro assignment + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/7134629175/job/19429838379#step:3:1956 - Notes: - With gcc 9, libssh2, libcurl and LTO enabled for all binaries I see this - warning (error with -Werror): + Caused by `?=` in `Makefile.am`. Fix it just in case. - vssh/libssh2.c: In function ‘ssh_statemach_act’: - /data/mwrep/rgeissler/ospack/ssh2/BUILD/libssh2-libssh2-03c7c4a/src/session.c:579:9: error: ‘seconds_to_next’ is used uninitialized in this function [-Werror=uninitialized] - 579 | int seconds_to_next; - | ^ - lto1: all warnings being treated as errors + ``` + make: Fatal error in reader: Makefile, line 438: Unexpected end of line seen + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/7135524843/job/19432451767#step:3:1966 - Gcc normally issues -Wuninitialized when it is sure there is a problem, - and -Wmaybe-uninitialized when it's not sure, but it's possible. Here - the compiler seems to have find a real case where this could happen. I - looked in your code and overall it seems you always check if the return - code is non null, not often that it's below zero. I think we should do - the same here. With this patch, gcc is fine. + It's around line 43 in `Makefile.am`, reason undiscovered. - Credit: - Romain-Geissler-1A - -- [Zenju brought this change] - - transport.c: Fix crash with delayed compression (#443) + - fix error: + ``` + ../../src/hostkey.c:1227:44: error: pointer targets in passing argument 5 of '_libssh2_ed25519_sign' differ in signedness [-Werror=pointer-sign] + 1227 | datavec[0].iov_base, datavec[0].iov_len); + | ~~~~~~~~~~^~~~~~~~~ + | | + | caddr_t {aka char *} + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/7135102832/job/19431233967#step:3:2225 - Files: transport.c + https://docs.oracle.com/cd/E36784_01/html/E36887/iovec-9s.html - Notes: - Fixes crash with delayed compression option using Bitvise server. + - FIXME: new `-Wsign-conversion` warnings appeared in examples: + ``` + ../../example/direct_tcpip.c:251:9: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion] + 251 | FD_SET(forwardsock, &fds); + | ^~~~~~ + ../../example/direct_tcpip.c:251:9: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion] + ../../example/direct_tcpip.c:251:9: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion] + ../../example/direct_tcpip.c:251:9: warning: conversion to 'long int' from 'long unsigned int' may change the sign of the result [-Wsign-conversion] + ../../example/direct_tcpip.c:259:18: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion] + 259 | if(rc && FD_ISSET(forwardsock, &fds)) { + | ^~~~~~~~ + ../../example/direct_tcpip.c:259:18: warning: conversion to 'long unsigned int' from 'libssh2_socket_t' {aka 'int'} may change the sign of the result [-Wsign-conversion] + ../../example/direct_tcpip.c:259:18: warning: conversion to 'long unsigned int' from 'long int' may change the sign of the result [-Wsign-conversion] + [...] + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/7136086865/job/19433997429#step:3:3450 - Contributor: - Zenju - -- [Will Cosgrove brought this change] + Cherry-picked from #1277 - Update INSTALL_MAKE path to INSTALL_MAKE.md (#446) +- example: use `libssh2_socket_t` in X11 example - Included for #429 + Cherry-picked from #1277 -- [Will Cosgrove brought this change] +- [Aaron Stone brought this change] - Update INSTALL_CMAKE filename to INSTALL_CMAKE.md (#445) + Handle EINTR from send/recv/poll/select to try again as the error is not fatal - Fixing for #429 + Integration-patches-by: Viktor Szakats + Fixes #955 + Closes #1058 -- [Wallace Souza brought this change] - - Rename INSTALL_CMAKE to INTALL_CMAKE.md (#429) +- appveyor: delete UWP job broken since Visual Studio upgrade - Adding Markdown file extension in order to Github render the instructions properly + Few days ago UWP job started permafailing. + + fail: https://ci.appveyor.com/project/libssh2org/libssh2/builds/48678129/job/yb8n2pox8mfjwv6m + good: https://ci.appveyor.com/project/libssh2org/libssh2/builds/48673013 + + Other projects also affected: + https://ci.appveyor.com/project/c-ares/c-ares/builds/48687390/job/l0fo4b0sijvqkw9r + + No related local update. Same CMake version. Same CI image. + + This seems to be the culprit, which could mean that this update broke + CMake detection, needs a different CMake configuration on our end, or + that this MSVC update pulled support for UWP apps: + + fail: -- The C compiler identification is MSVC 19.38.33130.0 (~ Visual Studio 2022 v17.8) + good: -- The C compiler identification is MSVC 19.37.32825.0 (~ Visual Studio 2022 v17.7) + + If this is v17.8, release notes don't readily suggest a feature removal: + https://learn.microsoft.com/en-us/visualstudio/releases/2022/release-notes-v17.8 + + So it might just be UWP accidentally broken in this release. + + Closes #1275 -Will Cosgrove (17 Dec 2019) -- [Daniel Stenberg brought this change] +- checksrc: sync with curl + + Closes #1272 - include/libssh2.h: fix comment: the known host key uses 4 bits (#438) +- autotools: delete `--disable-tests` option, fix CI tests + + Originally added to improve build performance by skipping building + tests. But, there seems to be no point in this, because autotools + doesn't build tests by default, unless explicitly invoking + `make check`. + + Delete this option from Cygwin and FreeBSD CI tests, where it caused + `make check` to do nothing. Tests are built now, and runtime tests are + too, where supported. + + Also disable Docker-based tests for these, and add a missing `make -j3` + for FreeBSD. + + Reverts 7483edfada1f7e17cf8f9ac1c87ffa3d814c987e #715 + + Closes #1271 -- [Zenju brought this change] +GitHub (6 Dec 2023) +- [ren mingshuai brought this change] - ssh-ed25519: Support PKIX + calc pubkey from private (#416) + build: add `LIBSSH2_NO_DEPRECATED` option (#1266) - Files: openssl.c/h - Author: Zenju - Notes: - Adds support for PKIX key reading by fixing: + The following APIs have been deprecated for over 10 years and + use `LIBSSH2_NO_DEPRECATED` to mark them as deprecated: - _libssh2_pub_priv_keyfile() is missing the code to extract the ed25519 public key from a given private key + libssh2_session_startup() + libssh2_banner_set() + libssh2_channel_receive_window_adjust() + libssh2_channel_handle_extended_data() + libssh2_scp_recv() - _libssh2_ed25519_new_private_frommemory is only parsing the openssh key format but does not understand PKIX (as retrieved via PEM_read_bio_PrivateKey) + Add these options to disable them: + - autotools: `--disable-deprecated` + - cmake: `-DLIBSSH2_NO_DEPRECATED=ON` + - `CPPFLAGS`: `-DLIBSSH2_NO_DEPRECATED` + + Fixes #1259 + Replaces #1260 + Co-authored-by: Viktor Szakats + Closes #1267 -GitHub (15 Oct 2019) -- [Will Cosgrove brought this change] +Viktor Szakats (5 Dec 2023) +- autotools: show the default for `hidden-symbols` option + + Closes #1269 - .travis.yml: Fix Chrome and 32 bit builds (#423) +- tidy-up: bump casts from int to long for large C99 types in printfs - File: .travis.yml + Cast large integer types to avoid dealing with printf masks for + `size_t` and other C99 types. Some of existing code used `int` + for this, bump them to `long`. - Notes: - * Fix Chrome installing by using Travis build in directive - * Update to use libgcrypt20-dev package to fix 32 bit builds based on comments found here: - https://launchpad.net/ubuntu/xenial/i386/libgcrypt11-dev - -- [Will Cosgrove brought this change] + Ref: afa6b865604019ab27ec033294edfe3ded9ae0c0 #1257 + + Closes #1264 - packet.c: improved parsing in packet_x11_open (#410) +- build: enable missing OpenSSF-recommended warnings, with fixes - Use new API to parse data in packet_x11_open() for better bounds checking. + Ref: + https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html + (2023-11-29) + + Enable new warnings: + + - replace `-Wno-sign-conversion` with `-Wsign-conversion`. + + Fix them in example, tests and wincng. There remain about 360 of these + warnings in `src`. Add a TODO item for those and disable `-Werror` for + this particular warning. + + - enable `-Wformat=2` for clang (in both cmake and autotools). + + - enable `__attribute__((format))` for `_libssh2_debug()`, + `_libssh2_snprintf()` and in tests for `run_command()`. + + `LIBSSH2_PRINTF()` copied from `CURL_TEMP_PRINTF()` in curl. + + - enable `-Wimplicit-fallthrough`. + + - enable `-Wtrampolines`. + + Fix them: + + - src: replace obsolete fall-through-comments with + `__attribute__((fallthrough))`. + + - wincng: fix `-Wsign-conversion` warnings. + + - tests: fix `-Wsign-conversion` warnings. + + - example: fix `-Wsign-conversion` warnings. + + - src: fix `-Wformat` issues in trace calls. + + Also, where necessary fix `int` and `unsigned char` casts to + `unsigned int` and adjust printf format strings. These were not + causing compiler warnings. + + Cast large types to `long` to avoid dealing with printf masks for + `size_t` and other C99 types. Existing code often used `int` for this. + I'll update them to `long` in an upcoming commit. + + - tests: fix `-Wformat` warning. + + - silence `-Wformat-nonliteral` warnings. + + - mbedtls: silence `-Wsign-conversion`/`-Warith-conversion` + in external header. + + Closes #1257 -Will Cosgrove (12 Sep 2019) -- [Michael Buckley brought this change] +- packet: whitespace fix + + Tested via #1257 - knownhost.c: Double the static buffer size when reading and writing known hosts (#409) +- tidy-up: unsigned -> unsigned int - Notes: - We had a user who was being repeatedly prompted to accept a server key repeatedly. It turns out the base64-encoded key was larger than the static buffers allocated to read and write known hosts. I doubled the size of these buffers. + In the `interval` argument of public `libssh2_keepalive_config()`. - Credit: - Michael Buckley + Tested via #1257 -GitHub (4 Sep 2019) -- [Will Cosgrove brought this change] +- tests: sync port number type with the rest of codebase + + Tested via #1257 - packet.c: improved packet parsing in packet_queue_listener (#404) +- autotools: enable `-Wunused-macros` with gcc - * improved bounds checking in packet_queue_listener + It works with gcc without the libtool warnings seen with clang + on Windows in 96682bd5e14c20828e18bf10ed5b4b5c7543924a #1227. - file: packet.c + Sync usage of of this macro with CMake and + autotools + clang + non-Windows. Making it enabled everywhere except + autotools + clang + Windows due to the libtool stub issue. - notes: - improved parsing packet in packet_queue_listener + Follow-up to 7ecc309cd10454c54814b478c4f85d0041da6721 #1224 + + Closes #1262 -- [Will Cosgrove brought this change] +- TODO: disable or drop weak algos [ci skip] + + Closes #1261 - packet.c: improve message parsing (#402) +- example, tests: fix/silence `-Wformat-truncation=2` gcc warnings - * packet.c: improve parsing of packets + Then sync this warning option with curl. - file: packet.c + Seems like a false positive and/or couldn't figure how to fix it, so silence: + ``` + example/ssh2.c:227:38: error: '%s' directive output may be truncated writing likely 1 or more bytes into a region of size 0 [-Werror=format-truncation=] + 227 | snprintf(fn1, fn1sz, "%s/%s", h, pubkey); + | ^~ + example/ssh2.c:227:34: note: assuming directive output of 1 byte + 227 | snprintf(fn1, fn1sz, "%s/%s", h, pubkey); + | ^~~~~~~ + example/ssh2.c:227:13: note: 'snprintf' output 3 or more bytes (assuming 4) into a destination of size 2 + 227 | snprintf(fn1, fn1sz, "%s/%s", h, pubkey); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + example/ssh2.c:228:38: error: '%s' directive output may be truncated writing likely 1 or more bytes into a region of size 0 [-Werror=format-truncation=] + 228 | snprintf(fn2, fn2sz, "%s/%s", h, privkey); + | ^~ + example/ssh2.c:228:34: note: assuming directive output of 1 byte + 228 | snprintf(fn2, fn2sz, "%s/%s", h, privkey); + | ^~~~~~~ + example/ssh2.c:228:13: note: 'snprintf' output 3 or more bytes (assuming 4) into a destination of size 2 + 228 | snprintf(fn2, fn2sz, "%s/%s", h, privkey); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/7055480458/job/19205970397#step:10:98 - notes: - Use _libssh2_get_string API in SSH_MSG_DEBUG/SSH_MSG_DISCONNECT. Additional uint32 bounds check in SSH_MSG_GLOBAL_REQUEST. - -- [Will Cosgrove brought this change] + Fix: + ``` + tests/openssh_fixture.c:116:38: error: ' 2>&1' directive output may be truncated writing 5 bytes into a region of size between 1 and 1024 [-Werror=format-truncation=] + tests/openssh_fixture.c:116:11: note: 'snprintf' output between 6 and 1029 bytes into a destination of size 1024 + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/7055480458/job/19205969221#step:10:51 + + Tested via #1257 - misc.c: _libssh2_ntohu32 cast bit shifting (#401) +- example: fix indentation follow-up - To quite overly aggressive analyzers. + Fix long line and fix more indentations. - Note, the builds pass, Travis is having some issues with Docker images. + Follow-up to 9e896e1b80911a53d6aabb322e034e6ca51b6898 -- [Will Cosgrove brought this change] +- example: fix indentation + + Tested via #1257 - kex.c: improve bounds checking in kex_agree_methods() (#399) +- autotools: fix missed `-pedantic` and `-Wall` options for gcc - file: kex.c + Follow-up to 5996fefe2bad80cfba85b2569ce6ab6ef575142c #1223 - notes: - use _libssh2_get_string instead of kex_string_pair which does additional checks + Tested via #1257 -Will Cosgrove (23 Aug 2019) -- [Fabrice Fontaine brought this change] +- ci: show compiler in cross/cygwin job names + + Tested via #1257 - acinclude.m4: add mbedtls to LIBS (#371) +- mbedtls: further improve disabling `-Wredundant-decls` - Notes: - This is useful for static builds so that the Libs.private field in - libssh2.pc contains correct info for the benefit of pkg-config users. - Static link with libssh2 requires this information. + Move warning option suppression to `src/mbedtls.h` to surround the actual + external header #includes that need it. - Signed-off-by: Baruch Siach - [Retrieved from: - https://git.buildroot.net/buildroot/tree/package/libssh2/0002-acinclude.m4-add-mbedtls-to-LIBS.patch] - Signed-off-by: Fabrice Fontaine + Follow-up to ecec68a2c13a9c63fe8c2dc457ae785a513e157c #1226 + Follow-up to 7ecc309cd10454c54814b478c4f85d0041da6721 #1224 - Credit: - Fabrice Fontaine + Tested via #1257 -- [jethrogb brought this change] +GitHub (1 Dec 2023) +- [ren mingshuai brought this change] - Generate debug info when building with MSVC (#178) + example: replace remaining libssh2_scp_recv with libssh2_scp_recv2 in output messages (#1258) - files: CMakeLists.txt - - notes: Generate debug info when building with MSVC + libssh2_scp_recv is deprecated and has been replaced by libssh2_scp_recv2 + in prior commit. - credit: - jethrogb - -- [Panos brought this change] + Follow-up to 6c84a426beb494980579e5c1d244ea54d3fc1a3f - Add agent forwarding implementation (#219) +Viktor Szakats (27 Nov 2023) +- openssl: use OpenSSL 3 HMAC API, add `no-deprecated` CI job - files: channel.c, test_agent_forward_succeeds.c, libssh2_priv.h, libssh2.h, ssh2_agent_forwarding.c + - use OpenSSL 3 API when available for HMAC. + This fixes building with OpenSSL 3 `no-deprecated` builds. - notes: - * Adding SSH agent forwarding. - * Fix agent forwarding message, updated example. - Added integration test code and cmake target. Added example to cmake list. + - ensure we support pure OpenSSL 3 API by adding a CI job using + OpenSSL 3 custom-built with `no-deprecated`. - credit: - pkittenis + Follow-up to b0ab005fe79260e6e9fe08f8d73b58dd4856943d #1207 + + Fixes #1235 + Closes #1243 -GitHub (2 Aug 2019) -- [Will Cosgrove brought this change] +- ci: restore lost comment for FreeBSD [ci skip] + + Follow-up to eee4e8055ab375c9f9061d4feb39086737f41a9c - Update EditorConfig +- ci: add OpenBSD (v7.4) job + fix build error in example - Added max_line_length = 80 + - Use CMake, LibreSSL and clang from the base install. + + - This uncovered a build error in `example/subsystem_netconf.c`, caused + by using the `%n` printf mask. This is a security risk and some + systems (notably OpenBSD) disable this feature. + + Fix it by applying this patch from OpenBSD ports (from 2021-09-11): + https://cvsweb.openbsd.org/ports/security/libssh2/patches/patch-example_subsystem_netconf_c?rev=1.1&content-type=text/x-cvsweb-markup + https://github.com/openbsd/ports/commit/2c5b2f3e94381914a3e8ade960ce8c997ca9d6d7 + "The old code is also broken, as it passes a pointer to a variable + of a different size (on LP64). There is no check for truncation, + but buf[] is 1MB in size." + Patch-by: naddy + + ``` + /home/runner/work/libssh2/libssh2/example/subsystem_netconf.c:252:17: error: '%n' format specifier support is deactivated and will call abort(3) [-Werror] + "]]>]]>\n%n", (int *)&len); + ~^ + /home/runner/work/libssh2/libssh2/example/subsystem_netconf.c:270:17: error: '%n' format specifier support is deactivated and will call abort(3) [-Werror] + "]]>]]>\n%n", (int *)&len); + ~^ + 2 errors generated. + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/6991449778/job/19022024280#step:3:420 + + Also made tests with arm64, but it takes consistently almost 14m to + finish the job, vs. 2-3m for the native amd64: + https://github.com/libssh2/libssh2/actions/runs/6991648984/job/19022440525 + https://github.com/libssh2/libssh2/actions/runs/6991551220/job/19022233651 + + Cherry-picked from #1250 + Closes #1250 + +- ci: add NetBSD (v9.3) job + + Use CMake, OpenSSL (v1.1) and clang from the base install. + + Cherry-picked from #1250 + +- ci: update and speed up FreeBSD job + + - switch to an alternate GitHub action. This one seems (more) actively + maintained, and runs faster: + https://github.com/cross-platform-actions/action + + - use clang instead of gcc. clang is already present in the base + install, saving install time and bandwidth. + + - stop installing `openssl-quictls` and use the OpenSSL (v1.1) from + the base system. + (I'm suspecting that quictls before this patch wasn't detected by + the build.) + https://wiki.freebsd.org/OpenSSL + + Cherry-picked from #1250 + +- stop using leading underscores in macro names + + Underscored macros are reserved for the compiler / standard lib / etc. + Stop using them in user code. + + We used them as header guards in `src` and in `__FILESIZE` in `example`. + + Closes #1248 + +- ci: use absolute path in `CMAKE_INSTALL_PREFIX` + + To make the installed locations unambiguous in the build logs. + + Closes #1247 + +- openssl: make a function static, add `#ifdef` comments + + Follow-up to 03092292597ac601c3f9f0c267ecb145dda75e4e #248 + where the function was added. + + Also add comments to make `#ifdef` branches easier to follow in + `openssl.h`. + + Closes #1246 + +- ci: boost mbedTLS build speed + + Build times down to 4 seconds (from 18-20). + + Closes #1245 + +- openssl: fix DSA code to use OpenSSL 3 API + + - fix missing `DSA` type when building for OpenSSL 3 `no-deprecated`. + - fix fallouts after fixing the above by switching away from `DSA` + with OpenSSL 3. + + Follow-up to b0ab005fe79260e6e9fe08f8d73b58dd4856943d #1207 + + Closes #1244 + +- openssl: formatting (delete empty lines) [ci skip] + +- tests: fall back to `$LOGNAME` for username + + If the `$USER` variable is empty, fall back to using `$LOGNAME` to + retrieve the logged-in username. + + In POSIX, `$LOGNAME` is a mandatory variable, while `$USER` isn't, and + on some systems it may not be set. Without this value, tests were unable + to provide the correct username when logging into the SSH server running + under the active user's session. + + Reported-by: Nicolas Mora + Suggested-by: Nicolas Mora + Ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056348 + Fixes #1240 + Closes #1241 + +- libssh2.h: use `_WIN32` for Windows detection instead of rolling our own + + Sync up `libssh2.h` Windows detection with the libssh2 source code. + + `libssh2.h` was using `WIN32` and `LIBSSH2_WIN32` for Windows detection, + next to the official `_WIN32`. After this patch it only uses `_WIN32` + for this. Also, make it stop defining `LIBSSH2_WIN32`. + + There is a slight chance these break compatibility with Windows + compilers that fail to define `_WIN32`. I'm not aware of any obsolete + or modern compiler affected, but in case there is one, one possible + solution is to define this macro manually. + + Closes #1238 + +- openssl: fix `EC_KEY` reference with OpenSSL 3 `no-deprecated` build + + Fixes: + ``` + src/openssl.c:650:5: error: use of undeclared identifier 'EC_KEY' + EC_KEY *ec_key = EC_KEY_new_by_curve_name(curve); + ^ + src/openssl.c:650:13: error: use of undeclared identifier 'ec_key' + EC_KEY *ec_key = EC_KEY_new_by_curve_name(curve); + ^ + src/openssl.c:650:22: error: implicit declaration of function 'EC_KEY_new_by_curve_name' is invalid in C99 [-Werror,-Wimplicit-function-declaration] + EC_KEY *ec_key = EC_KEY_new_by_curve_name(curve); + ^ + src/openssl.c:650:22: note: did you mean 'EC_GROUP_new_by_curve_name'? + ./quictls/_a64-mac-sys/usr/include/openssl/ec.h:483:11: note: 'EC_GROUP_new_by_curve_name' declared here + EC_GROUP *EC_GROUP_new_by_curve_name(int nid); + ^ + In file included from ./_a64-mac-sys-bld/src/CMakeFiles/libssh2_static.dir/Unity/unity_0_c.c:19: + In file included from src/crypto.c:10: + src/openssl.c:652:8: error: use of undeclared identifier 'ec_key' + if(ec_key) { + ^ + ``` + Ref: https://github.com/curl/curl-for-win/actions/runs/6950001225/job/18909297867#step:3:4341 + + Follow-up to b0ab005fe79260e6e9fe08f8d73b58dd4856943d #1207 + + Bug #1235 + Closes #1236 + +- openssl: formatting + + Sync up these lines with the other two similar occurrences in the code. + + Cherry-picked from #1236 + +GitHub (21 Nov 2023) +- [Michael Buckley brought this change] + + openssl: use non-deprecated APIs with OpenSSL 3.x (#1207) + + Assisted-by: Viktor Szakats + +Viktor Szakats (21 Nov 2023) +- ci: add BoringSSL job (cmake, gcc, amd64) + + Closes #1233 + +- autotools: fix dotless gcc and Apple clang version detections + + - fix parsing dotless (major-only) gcc versions. + Follow-up to 00a3b88c51cdb407fbbb347a2e38c5c7d89875ad #1187 + + - sync gcc detection variable names with curl. + + - fix Apple clang version detection for releases between + 'Apple LLVM version 7.3.0' and 'Apple LLVM version 10.0.1' where the + version was under-detected as 3.7 llvm/clang equivalent. + + - fix Apple clang version detection for 'Apple clang version 11.0.0' + and newer where the Apple clang version was detected, instead of its + llvm/clang equivalent. + + - revert to show `clang` instead of `Apple clang`, because we follow it + with an llvm/clang version number. (Apple-ness still visible in raw + version.) + + Used this collection for Apple clang / llvm/clang translation and test + inputs: https://gist.github.com/yamaya/2924292 + + Closes #1232 + +- acinclude.m4: revert accidental edit [ci skip] + + Follow-up to 8c320a93a48775b74f40415e46f84bf68b4d5ae8 + +- autotools: show more clang/gcc version details + + Also: + - show if we detected Apple clang. + - delete duplicate version detection for clang. + + Closes #1230 + +- acinclude.m4: re-sync with curl [ci skip] + +- autotools: avoid warnings in libtool stub code + + Seen on Windows with clang64, in libtool-generated stub code for + examples and tests. + + The error didn't break the CI job for some reason. + + msys2 (autotools, clang64, clang-x86_64: + ``` + [...] + 2023-11-17T20:14:17.8639574Z ./.libs/lt-test_read.c:91:10: error: macro is not used [-Werror,-Wunused-macros] + [...] + 2023-11-17T20:14:39.8729255Z ./.libs/lt-sftp_write_nonblock.c:91:10: error: macro is not used [-Werror,-Wunused-macros] + [...] + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/6908585056/job/18798193405?pr=1226#step:8:474 + + Follow-up to 7ecc309cd10454c54814b478c4f85d0041da6721 #1224 + + Closes #1227 + +- mbedtls: improve disabling `-Wredundant-decls` + + Disable these warnings specifically for the mbedTLS public headers + and leave it on for the the rest of the code. This also fixes this + issue for autotools. Previous solution was globally disabling this + warning for the whole code when using mbedTLS and only with CMake. + + Follow-up to 7ecc309cd10454c54814b478c4f85d0041da6721 #1224 + + Closes #1226 + +- cmake: rename picky warnings script + + To match the camel-case style used in other CMake scripts and also + to match the name used in curl. + + Closes #1225 + +- build: enable more compiler warnings and fix them + + Enable more picky compiler warnings. I've found these options in the + nghttp3 project when implementing the CMake quick picky warning + functionality for it. + + Fix issues found along the way: + + - wincng, mbedtls: delete duplicate function declarations. + Most of this was due to re-#defining crypto functions to + crypto-backend specific implementations These redefines also remapped + the declarations in `crypto.h`, making the backend-specific + declarations duplicates. + This patch deletes the backend-specific declarations. + + - wincng mapped two crypto functions to the same local function. + Also causing double declarations. + Fix this by adding two disctinct wrappers and moving + the common function to a static one. + + - delete unreachable `break;` statements. + + - kex: disable macros when unused. + + - agent: disable unused constants. + + - mbedtls: disable double declaration warnings because public mbedTLS + headers trigger it. (with function `psa_set_key_domain_parameters`) + + - crypto.h: formatting. + + Ref: https://github.com/ngtcp2/nghttp3/blob/a70edb08e954d690e8fb2c1df999b5a056f8bf9f/cmake/PickyWarningsC.cmake + + Closes #1224 + +- autotools: sync warning enabler code with curl + + Tiny changes and minor updates to bring this code closer + to curl's `m4/curl-compilers.m4`. + + Closes #1223 + +- acinclude.m4: fix indentation [ci skip] + + Also match indentation of curl's `m4/curl-compilers.m4` for + easier syncing. + +- autotool: rename variable + + `WARN` -> `tmp_CFLAGS` + + To match curl and make syncing this code easier. + + Ref: https://github.com/curl/curl/blob/d1820768cce0e797d1f072343868ce1902170e93/m4/curl-compilers.m4#L479 + + Closes #1222 + +- autotools: picky warning options tidy-up + + - sync clang warning version limits with CMake. + - make `WARN=` vs. `CURL_ADD_COMPILER_WARNINGS()` consistent with curl + and between clang and gcc (`WARN=` is for `no-` options in general). + + Closes #1221 + +- build: picky warning updates + + - cmake, autotools: sync picky gcc warnings with curl. + - cmake, autotools: add `-Wold-style-definition` for clang too. + - cmake, autotools: add comment for `-Wformat-truncation=1`. + - cmake: more precise version info for old clang options. + + Closes #1219 + +- ci: fixup FreeBSD version, bump mbedtls + + We haven't been using the FreeBSD version. Also it turns out, + the single version supported is 13.2 at the moment: + https://github.com/vmactions/freebsd-vm/tree/main/conf + + Stop trying to set the version and instead rely on the action + providing the latest supported one automatically. + + Follow-up to a7d2a573be26238cc2b55e5ff6649bbe620cb8d9 + + Also: + - add more details to the FreeBSD job description. + - bump mbedtls version while here. + + Closes #1217 + +- cmake: fix multiple include of libssh2 package + + Also extend our integration test double inclusion. It will still not + catch this case, because that requires + `cmake_minimum_required(VERSION 3.18)` or higher. + + Fixes: + ``` + CMake Error at .../lib/cmake/libssh2/libssh2-config.cmake:8 (add_library): + add_library cannot create ALIAS target "libssh2::libssh2" because another + target with the same name already exists. + Call Stack (most recent call first): + CMakeLists.txt:24 (find_package) + + CMake Error at .../lib/cmake/libssh2/libssh2-config.cmake:13 (add_library): + add_library cannot create ALIAS target "Libssh2::libssh2" because another + target with the same name already exists. + Call Stack (most recent call first): + CMakeLists.txt:24 (find_package) + ``` + + Test to reproduce: + ```cmake + cmake_minimum_required(VERSION 3.18) # must be 3.18 or higher + + project(test) + + find_package(libssh2 CONFIG) + find_package(libssh2 CONFIG) # fails + + add_executable(test main.c) + target_link_libraries(test libssh2::libssh2) + ``` + + Ref: https://cmake.org/cmake/help/latest/release/3.18.html#other-changes + Ref: https://cmake.org/cmake/help/v3.18/policy/CMP0107.html + + Assisted-by: Kai Pastor + Assisted-by: Harry Mallon + Ref: https://github.com/curl/curl/pull/11913 + + Closes #1216 + +- ci: add FreeBSD 13.2 job + + It runs over Linux via qemu. First two runs were (very) slow, then it + became (much) more performant at just 2x slower than a native Linux + build. Then got slow again, then fast again. Still seems acceptable + for the value this adds. + + The build uses autotools and quictls. + + Successful builds: + 1. https://github.com/libssh2/libssh2/actions/runs/6802676786/job/18496286419 (13m59s, -j3) + 2. https://github.com/libssh2/libssh2/actions/runs/6802976375/job/18497243225 (11m5s, -j2) + 3. https://github.com/libssh2/libssh2/actions/runs/6803142201/job/18497785049 (3m6s, -j1) + 4. https://github.com/libssh2/libssh2/actions/runs/6803194839/job/18497962766 (3m10s, -j2) + 5. https://github.com/libssh2/libssh2/actions/runs/6803267201/job/18498208501 (3m13s) + 6. https://github.com/libssh2/libssh2/actions/runs/6803510333/job/18498993698 (15m25s) + 7. https://github.com/libssh2/libssh2/actions/runs/6813602863/job/18528571057 (3m13s) + + Similar solution exists for Solaris (over macOS via VirtualBox), but it + hangs forever at `Waiting for text: solaris console login`: + https://github.com/libssh2/libssh2/actions/runs/6802388128/job/18495391869#step:4:185 + + Idea taken from LibreSSL. + + FIXME: Unrelated, the `distcheck` job became flaky in recent days: + https://github.com/libssh2/libssh2/actions/runs/6802976375/job/18497256437#step:10:536 + ``` + FAIL: test_auth_pubkey_ok_rsa_aes256gcm + ``` + https://github.com/libssh2/libssh2/actions/runs/6813602863/job/18528588933#step:10:533 + ``` + FAIL: test_read + ``` + + Closes #1215 + +- reuse: fix duplicate copyright warning + + ``` + PendingDeprecationWarning: + Copyright and licensing information for 'tests/openssh_server/Dockerfile' + has been found in both 'tests/openssh_server/Dockerfile' and in the DEP5 + file located at '.reuse/dep5'. The information for these two sources has + been aggregated. In the future this behaviour will change, and you will + need to explicitly enable aggregation. [...] + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/6789274955/job/18456085964#step:4:4 + +- Makefile.mk: delete Windows-focused raw GNU Make build + + We recommend using CMake instead. Especially in unity mode, it's faster + and probably more familiar for most. It's also easily portable. + + (`Makefile.mk` was also portable, but in practice only usable for + Windows. Other platforms required a manual config header.) + + Also: + - migrate `LIBSSH2_NO_*` option CI tests to CMake. + - make MSYS2 CMake builds verbose to show compilation options. + + Closes #1204 + +- tidy-up: around `stdint.h` + + - os400: delete unused `HAVE_STDINT_H`. + + - fuzz: delete redundant `stdint.h` use. + `inttypes.h` is already included via `testinput.h`. + + - docs/TODO: adjust type in planned function. + + Closes #1212 + +- cmake: show crypto backend in feature summary + + This was visible as an enabled package before this patch, but it missed + to show WinCNG. + + Closes #1211 + +- man: fix double spaces and dash escaping + + - `- ` -> `- ` + - `. ` -> `. ` + - `\- ` -> `- ` + - `-1` -> `\-1` + - fold long lines along the way + + This makes the minus sign come out as a Unicode minus sign + (0x2212), and title separator dashes as Unicode hyphen (0x2010), + with `groff -Tutf8` v1.23.0. + + Ref: https://lwn.net/Articles/947941/ + + Closes #1210 + +- src: fix gcc 13 `-Wconversion` warning on Darwin + + ``` + src/session.c: In function 'libssh2_poll': + src/session.c:1776:22: warning: conversion from 'long int' to '__darwin_suseconds_t' {aka 'int'} may change value [-Wconversion] + 1776 | tv.tv_usec = (timeout_remaining % 1000) * 1000; + | ^ + ``` + Ref: https://github.com/curl/curl-for-win/actions/runs/6711735060/job/18239768548#step:3:4368 + + Follow-up to 08354e0abbe86d4cc5088d210d53531be6d8981a + + Closes #1209 + +- openssl: silence `-Wunused-value` warnings + + Seen with gcc 12. + + Manual: https://www.openssl.org/docs/man3.1/man3/BIO_reset.html + + ``` + ./quictls/linux-a64-musl/usr/include/openssl/bio.h:555:34: warning: value computed is not used [-Wunused-value] + 555 | # define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL) + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ./libssh2/src/openssl.c:3518:5: note: in expansion of macro 'BIO_reset' + ./libssh2/src/openssl.c:3884:5: note: in expansion of macro 'BIO_reset' + ./libssh2/src/openssl.c:3995:5: note: in expansion of macro 'BIO_reset' + ``` + Ref: https://github.com/curl/curl-for-win/actions/runs/6696392318/job/18194032712#step:3:5060 + + Closes #1205 + +- Makefile.am: fix `cp` to preserve attributes and timestamp + +- cmake: simplify showing CMake version + + Move it to `CMakeLists.txt`. Drop `cmake --version` commands. + + Credit to the `zlib-ng` project for the idea: + https://github.com/zlib-ng/zlib-ng/blob/61e181c8ae93dbf56040336179c9954078bd1399/CMakeLists.txt#L7 + + Closes #1203 + +- ci: mbedtls 3.5.0 + + v3.5.0 needs extra compiler option for i386 to avoid: + ``` + #error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C" + ``` + + Closes #1202 + +- tests: show cmake version used in integration tests + + Closes #1201 + +- readme.vms: fix typo [ci skip] + + Detected by codespell 2.2.6 + +- appveyor: YAML/PowerShell formatting, shorten variable name + + - use single-quotes in yaml and PowerShell. + + - shorten a variable name. + + - use indentation 2 for scripts. + + - use C else-style in PowerShell. + + Closes #1200 + +- ci: update actions, use shallow clones with appveyor + + - update GitHub Actions to their latest versions. + + - use shallow git clones in AppVeyor CI to save data over the wire. + + Closes #1199 + +- appveyor: move to pure PowerShell + + - replace batch commands with PowerShell. + + - merge separate command entries into single PowerShell blocks. + + Closes #1197 + +- windows: use built-in `_WIN32` macro to detect Windows + + Instead of `WIN32`. + + The compiler defines `_WIN32`. Windows SDK headers or build env defines + `WIN32`, or we have to take care of it. The agreement seems to be that + `_WIN32` is the preferred practice here. + + Minor downside is that CMake uses `WIN32` and we also adopted it in + `Makefile.mk`. + + In public libssh2 headers we stick with accepting either `_WIN32` or + `WIN32` and define our own namespaced `LIBSSH2_WIN32` based on them. + + grepping for `WIN32` remains useful to detect Windows-specific code. + + Closes #1195 + +- cmake: cleanup mbedTLS version detection more + + - lowercase, underscored local variables. + - fix `find_library()` to use the multiple names passed. + - rely more on `find_package_handle_standard_args()`. + Logic based on our `Findwolfssl.cmake`. + - delete ignored/unused `MBEDTLS_LIBRARY_DIR`. + - revert CI configuration to use `MBEDCRTYPO_LIBRARY`. + - clarify inputs/outputs in comment header. + - use variable for regex. + - formatting. + + Follow-up to 41594675072c578294674230d4cf5f47fa828778 #1192 + + Closes #1196 + +- cmake: delete duplicate `include()` + +- cmake: improve/fix mbedTLS detection + + - libssh2 needs the crypto lib only, stop dealing with the rest. + + - simplify logic. + + - drop hard-wired toolchain specific options that broke with e.g. MSVC. + + Reported by: AR Visions + Fixes #1191 + + - add mbedTLS version detection for recent releases. + + - merge custom detection results display into a single line. + + - shorten mbedTLS configuration in macOS CI job. + + Used the curl mbedTLS detection logic for ideas: + https://github.com/curl/curl/blob/a8c773845f4fdbfb09b08a6ec4b656c812568995/CMake/FindMbedTLS.cmake + + Closes #1192 + +GitHub (24 Sep 2023) +- [concussious brought this change] + + libssh2_session_get_blocking.3: Add description (#1185) + +Viktor Szakats (21 Sep 2023) +- autotools: fix selecting wincng in cross-builds (and more) + + - Fix explicitly selecting WinCNG in autotools cross-builds by moving + `windows.h` header check before the WinCNG availability check. + Follow-up to d43b8d9b0b9cd62668459fe5d582ed83aabf77e7 + + Reported-by: Jack L + Fixes #1186 + + - Add Linux -> mingw-w64 cross-builds for autotools and CMake. This + doesn't detect #1186, because that happened when explicitly specifying + WinCNG via `--with-crypto=wincng`, but not when falling back to WinCNG + by default. + + - autotools: fix to strip suffix from gcc version + + Before this patch we expected `n.n` `-dumpversion` output, but Ubuntu + may return `n-win32` (also with `-dumpfullversion`). Causing these + errors and failing to enable picky warnings: + ``` + ../configure: line 23845: test: : integer expression expected + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/6263453828/job/17007893718#step:5:143 + + Fix that by stripping any dash-suffix. + + gcc version detection is still half broken because we translate '10' + to '10.10' because `cut -d. -f2` returns the first word if the + delimiter missing. + + More possible `-dumpversion` output: `10-posix`, `10-win32`, + `9.3-posix`, `9.3-win32`, `6`, `9.3.0`, `11`, `11.2`, `11.2.0` + Ref: https://github.com/mamedev/mame/pull/9767 + + Closes #1187 + +GitHub (28 Aug 2023) +- [Michael Buckley brought this change] + + Properly bounds check packet_authagent_open() (#1179) + + * Properly bounds check packet_authagent_open + * packet.c: use strlen instead of sizeof for strings + * Make LIBSSH_CHANNEL's channel_type_len a size_t + * packet_authagent_open: use size_t for offset + + Credit: + Michael Buckley, signed off by Will Cosgrove + +Viktor Szakats (28 Aug 2023) +- os400qc3: move FIXME comment [ci skip] + + Follow-up to eb9f9de2c19ec67d12a444cce34bdd059fd26ddc + +- md5: allow disabling old-style encrypted private keys at build-time + + Before this patch, this happened at runtime when using an old (pre-3.0), + FIPS-enabled OpenSSL backend. + + This patch makes it possible to disable this via the build-time option + `LIBSSH2_NO_MD5_PEM`. + + Also: + - make sure to exclude all MD5 internal APIs when both the above and + `LIBSSH2_NO_MD5` are enabled. + - fix tests to support build with`LIBSSH2_NO_MD5`, `LIBSSH2_NO_MD5_PEM` + and `LIBSSH2_NO_3DES`. + - add FIXME to apply this change to `os400qc3.*`. + + Old-style encrypted private keys require MD5 and they look like this: + ``` + -----BEGIN RSA PRIVATE KEY----- + Proc-Type: 4,ENCRYPTED + DEK-Info: AES-128-CBC, + + + -----END RSA PRIVATE KEY----- + ``` + + E.g.: `tests/key_rsa_encrypted` + + Ref: https://github.com/libssh2/www/issues/20 + Closes #1181 + +- cmake: tidy-up `foreach()` syntax + + Use `IN LISTS` and `IN ITEMS`. This appears to be the preferred way + within CMake's own source code and possibly improves readability. + + Fixup a side-effect of `IN LISTS`, where it retains empty values at + the end of the list, as opposed to the syntax used before, which + dropped it. In our case this happened with lines read from a text + file via `file(READ)`. + + https://cmake.org/cmake/help/v3.7/command/foreach.html + + Closes #1180 + +- ci: replace `mv` + `chmod` with `install` in `Dockerfile` + + Cherry-picked from #1175 + Closes #1175 + +- ci: set file mode early in `appveyor_docker.yml` + + Also: + - replace tab with spaces in generated config file + - formatting + + Cherry-picked from #1175 + +- ci: add spellcheck (codespell) + + Also rename a variable in `src/os400qc3.c` to avoid a false positive. + + Cherry-picked from #1175 + +- cmake: also test for `libssh2_VERSION` + + Cherry-picked from #1175 + +- cmake: show cmake versions in ci + + Cherry-picked from #1175 + +- tests: formatting and tidy-ups + + - Dockerfile: use standard sep with `sed` + - Dockerfile: use single quotes in shell command + - appveyor.yml: use long-form option with `choco` + - tests/cmake: add language to test project + - reuse.yml: fix indentation + ``` + $ yamllint reuse.yml + reuse.yml + [...] + 11:5 error wrong indentation: expected 6 but found 4 (indentation) + 15:5 error wrong indentation: expected 6 but found 4 (indentation) + [...] + 27:5 error wrong indentation: expected 6 but found 4 (indentation) + ``` + + Cherry-picked from #1175 + +- openssl.c: whitespace fixes + + Cherry-picked from #1175 + +- checksrc: fix spelling in comment [ci skip] + +- cmake: quote more strings + + Follow-up to 3fa5282d6284efba62dc591697e6a687152bdcb1 + + Closes #1173 + +- drop `www.` from `www.libssh2.org` + + is now a 301 permanent redirect to + . + + Update all references to point directly to the new destination. + + Ref: https://github.com/libssh2/www/commit/ccf4a7de7f702a8ee17e2c697bcbef47fcf485ed + + Closes #1172 + +- cmake: add `ExternalProject` integration test + + - via `ExternalProject_Add()`: + https://cmake.org/cmake/help/latest/module/ExternalProject.html + (as documented in `docs/INSTALL_CMAKE.md`) + + - also make `FetchContent` fetch from local repo instead of live master. + + Closes #1171 + +- cmake: add integration tests + + Add a small project to test dependent/downstream CMake build using + libssh2. Also added to the GHA CI, and you can also run it locally with + `tests/cmake/test.sh`. + + Test three methods of integrating libssh2 into a project: + - via `find_package()`: + https://cmake.org/cmake/help/latest/command/find_package.html + - via `add_subdirectory()`: + https://cmake.org/cmake/help/latest/command/add_subdirectory.html + - via `FetchContent`: + https://cmake.org/cmake/help/latest/module/FetchContent.html + + Closes #1170 + +- cmake: (re-)add aliases for `add_subdirectory()` builds + + Add internal libssh2 library aliases to make these available for + downstream/dependent projects building libssh2 via `add_subdirectory()`: + + - `libssh2:libssh2_static` + - `libssh2:libssh2_shared` + - `libssh2:libssh2` (shared, or static when not building shared) + - `libssh2` (shared, or static when not building shared) + + Of these, `libssh2` was present in v1.10.0 and earlier releases, but + missing from v1.11.0. + + Closes #1169 + +- cmake: delete empty line [ci skip] + + Follow-up to 3fa5282d6284efba62dc591697e6a687152bdcb1 + +- cmake: reflect minimum version in docs [ci skip] + + Follow-up to 9cd18f4578baa41dfca197f60557063cad12cd59 + +- cmake: style tidy up + + - quote text literals to improve readability. + (exceptions: `FILES` items, `add_subdirectory` names, `find_package` + names, literal target names, version numbers, 0/1, built-in CMake + values and CMake keywords, list items in `cmake/max_warnings.cmake`) + - quote standalone variables that could break syntax on empty values. + - replace `libssh2_SOURCE_DIR` with `PROJECT_SOURCE_DIR`. + - add missing mode to `message()` call. + - `TRUE`/`FALSE` → `ON`/`OFF`. + - add missing default value `OFF` to `option()` for clarity. + - unfold some lines. + - `INSTALL_CMAKE.md` fixes and updates. Show defaults. + + Closes #1166 + +- wincng: prefer `ULONG`/`DWORD` over `unsigned long` + + To match with the types used by the `Crypt*()` (uses `DWORD`) and + `BCrypt*()` (uses `ULONG`) Windows APIs. + + This patch doesn't change data width or signedness. + + Closes #1165 + +- wincng: tidy-ups + + - make `_libssh2_wincng_key_sha_verify` static. + + - prefer `unsigned long` over `size_t` in two static functions. + + - prefer `ULONG` over `DWORD` to match `BCryptImportKeyPair()` + and `BCryptGenerateKeyPair()`. + + - add a newline. + + Closes #1164 + +- ci: add MSYS builds (autotools and cmake) + + Use existing MSYS2 section and extend it with builds for the MSYS + environment with both autotools and cmake. + + MSYS builds resemble Cygwin ones: The env is Unixy, where Windows + headers are all available but we don't use them. + + Also: + + - extend existing autotools logic for Cygwin to skip detecting + `windows.h` for MSYS targets too. + + - require `windows.h` for the WinCNG backend in autotools. Before this + patch, autotools allowed selecting WinCNG on the Cygwin and MSYS + platforms, but the builds then fell apart due to the resulting mixed + Unixy + Windowsy environment. The general expectation for Cygwin/MSYS + builds is not to use the Windows API directly in them. + + - stop manually selecting the `MSYS Makefiles` CMake generator for + MSYS2-based GHA CI builds. mingw-w64 builds work fine without it, but + it broke MSYS build which use `Unix Makefiles`. Deleting this setting + fixes all build flavours. + + Closes #1162 + +- ci: cygwin job tidy-ups + + `CMAKE_C_COMPILER=gcc` not necessary, delete it. + + Follow-up to f1e96e733fefb495bc31b07f5c2a5845ff877c9c + + Cherry-picked from #1163 + Closes #1163 + +- ci: add Cygwin builds (autotools and cmake) + + To avoid builds picking up non-Cygwin components coming by default with + the CI machine, I used the solution recommended by Cygwin [1] and set + `PATH` manually. To avoid repeating this for each step, I merged steps + into a single one. Let us know if there is a more elegant way. + + Cygwin's Github Action uses cleartext HTTP. We upgrade this to HTTPS. + + autotools build seemed to take slightly longer than other jobs. To save + turnaround time I disabled building tests. + + Cygwin package search: https://cygwin.com/cgi-bin2/package-grep.cgi + + [1] https://github.com/cygwin/cygwin-install-action/tree/v4#path + + Closes #1161 + +- cmake: add `LIB_NAME` variable + + It holds the name `libssh2`. Mainly to document its uses, and also + syncing up with the same variable in libcurl. + + Closes #1159 + +- cmake: add one missed `PROJECT_NAME` variable + + Follow-up to 72fd25958a7dc6f8e68f2b2d5d72839a2da98f9c + + Closes #1158 + +- cmake: tidy-up concatenation in `CMAKE_MODULE_PATH` + + Former solution was appending an empty element to the array if + `CMAKE_MODULE_PATH` was originally empty. The new syntax doesn't have + this side-effect. + + There is no known issue caused by this. Fixing it for good measure. + + Closes #1157 + +- ci: add mingw-w64 UWP build + + Add a CI test for Windows UWP builds using mingw-w64. Before this patch + we had UWP builds tested with MSVC only. + + Alike existing UWP jobs, it's not possible to run the binaries due to + the missing UWP runtime DLL: + https://github.com/libssh2/libssh2/actions/runs/5821297010/job/15783475118#step:11:42 + + We could install `winstorecompat-git` in the setup-msys2 step, but opted + to do it manually to avoid the overhead for every matrix job. + + All this would work smoother with llvm-mingw, which features an UWP + toolchain prefix and provides all necessary implibs by default. + + This also hit a CMake bug (with v3.26.4), where CMake gets confused and + sets up `windres.exe` to use the MSVC rc.exe-style command-line: + https://github.com/libssh2/libssh2/actions/runs/5819232677/job/15777236773#step:9:126 + + Notice that MS "sunset" UWP in 2021: + https://github.com/microsoft/WindowsAppSDK/discussions/1615 + + If this particular CI job turns out to be not worth the maintenance + burden or CPU time, or too much of a hack, feel free to delete it. + + Ref: https://github.com/libssh2/libssh2/pull/1147#issuecomment-1670850890 + Closes #1155 + +- cmake: replace `libssh2` literals with `PROJECT_NAME` variable + + Where applicable. + + This also makes it more obvious which `libssh2` uses were referring + to the project itself. + + Closes #1152 + +- cmake: fix `STREQUAL` check in error branch + + This caused a CMake error instead of our custom error when manually + selecting the `WinCNG` crypto-backend for a non-Windows target. + + Also cleanup `STREQUAL` checks to use variable name without `${}` on + the left side and quoted string literals on the right. + + Closes #1151 + +- misc: flatten `_libssh2_explicit_zero` if tree + + Closes #1149 + +- src: drop a redundant `#include` + + We include `misc.h` via `libssh2_priv.h` already. + + Closes #1153 + +- openssl: use automatic initialization with LibreSSL 2.7.0+ + + Stop calling `OpenSSL_add_all_*()` for LibreSSL 2.7.0 and later. + + LibreSSL 2.7.0 (2018-03-21) introduced automatic initialization and + deprecated these functions. Stop calling these functions manually for + LibreSSL version that no longer need them. + + Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.7.0-relnotes.txt + Ref: https://github.com/libressl/openbsd/commit/46f29f11977800547519ee65e2d1850f2483720b + Ref: https://github.com/libssh2/libssh2/issues/302 + + Also stop calling `ENGINE_*()` functions when initialization is + automatic with LibreSSL 2.7.0+ and OpenSSL 1.1.0+. Engines are also + initializated automatically with these. + + Closes #1146 + +- gha: restore curly braces in `if` + + Without curly braces it was less obvious which string is a GHA expression. + + Also fix an `if` expression that always missed its curly braces. + + Reverts cab3db588769d6deed97ba89ca9221fd7503405e + + Closes #1145 + +- ci: bump mbedtls + +- [renmingshuai brought this change] + + Add a new structure to separate memory read and file read. + We use different APIs when we read one private key from memory, + so it is improper to store the private key information in the + structure that stores the private key file information. + + Fixes https://github.com/libssh2/libssh2/issues/773 + Reported-by: mike-jumper + +- tests: replace FIXME with comments + + `key_dsa_wrong` is the same kind of (valid) key as `key_dsa`, both with + an empty passphrase. Named "wrong" because it's intentionally not added + to our `openssh_server/authorized_keys` file. + +- tidy-up: delete duplicate word from comment + +- cmake: cache more config values on Windows + + Set two cases of non-detection to save the time dynamically detecting + these on each build init. Affects old MSVC versions. + + Before: + https://ci.appveyor.com/project/libssh2org/libssh2/builds/47668870/job/i17e0e9yx8rgpv4i + + After: + https://ci.appveyor.com/project/libssh2org/libssh2/builds/47674950/job/ysa1jq0pxtyhui3f + + Closes #1142 + +- revert: build: respect autotools `DLL_EXPORT` in `libssh2.h` + + Revert fb1195cf88268a11e2709b9912ab9dca8c23739c #917 + + On a second look this change did not improve anything with autotools + builds. autotools seems to handle the dll export matter without it. + + This patch also broke (e.g.) curl-for-win autotools builds, where the + curl build defines `DLL_EXPORT` while building libcurl DLL. `libssh2.h` + picks it up, resulting in unresolved symbols while trying to link a + static libssh2 on Windows. The best fix seems to be to revert this, + instead of adding extra tweaks to dependents. + + Fixes: + https://ci.appveyor.com/project/curlorg/curl-for-win/builds/47667412#L11035 + ``` + ld.lld-15: error: undefined symbol: __declspec(dllimport) libssh2_session_block_directions + >>> referenced by vssh/.libs/libcurl_la-libssh2.o:(ssh_do) + >>> referenced by vssh/.libs/libcurl_la-libssh2.o:(ssh_connect) + >>> referenced by vssh/.libs/libcurl_la-libssh2.o:(ssh_multi_statemach) + >>> referenced 8 more times + + ld.lld-15: error: undefined symbol: __declspec(dllimport) libssh2_session_init_ex + >>> referenced by vssh/.libs/libcurl_la-libssh2.o:(ssh_connect) + + ld.lld-15: error: undefined symbol: __declspec(dllimport) libssh2_session_set_read_timeout + [...] + ``` + + Closes #1141 + +- gha: simplify `if` strings + + Closes #1140 + +- test_read: make it run without Docker + + Apply an existing fix to `test_read`, so that it falls back to use + the current username instead of the hardcoded `libssh2` when run + outside Docker. + + This allows to run algo tests with this command: + ```shell + cd tests + ./test_sshd.test ./test_read_algos.test + ``` + + Closes #1139 + +- cmake: streamline invocation + + Stop specifiying the current directory. + Simplify build instructions. + + Closes #1138 + +- NMakefile: delete + + This make file was for long time unmaintained (last updated in 2014). + Despite best efforts to keep it working in the recent round of major + overhauls, it appears to be broken now. There is also no way to test it + without an actual MSVC env and it's also missing from our CI. Based on + our Issue tracker, it's also not widely used. + + Since its addition in 2005, libssh2 got support for CMake in 2014. + CMake should be able to generate NMake makefiles with the option + `-G "NMake Makefiles"`. (I haven't tested this.) + + Ref: https://github.com/libssh2/libssh2/discussions/1129 + Closes #1134 + +- tests: add aes256-gcm encrypted key test + + Follow-up to #1133 + + Also update `tests/gen_keys.sh` to set `aes256-ctr` encryption method + for `key_ed25519_encrypted' explicitly. + + Closes #1135 + +GitHub (26 Jul 2023) +- [Jakob Egger brought this change] + + Fix private keys encrypted with aes-gcm methods (#1133) + + libssh2 1.11.0 fails to decrypt private keys encrypted with + aes128-gcm@openssh.com and aes256-gcm@openssh.com ciphers. + + To reproduce the issue, you can create a test key with a command like + the following: + + ```bash + ssh-keygen -Z aes256-gcm@openssh.com -f id_aes256-gcm + ``` + + If you attempt to use this key for authentication, libssh2 returns the + not-so-helpful error message "Wrong passphrase or invalid/unrecognized + private key file format". + + The problem is that OpenSSH encrypts keys differently than packets. It + does not include the length as AAD, and the 16 byte authentication tag + is appended after the encrypted key. The length of the authentication + tag is not included in the encrypted key length. + + I have not found any documentation for this behaviour -- I discovered it + by looking at the OpenSSH source. See the `private2_decrypt` function in + . + + This patch fixes the code for reading OpenSSH private keys encrypted + with AES-GCM methods. + +Viktor Szakats (26 Jul 2023) +- ci: add missing timeout to 'autotools distcheck' step + +- cmake: merge `set_target_properties()` calls + + Also rename variable `LIBSSH2_VERSION` to `LIBSSH2_LIBVERSION` in + context of lib versioning to avoid collision with another use. + + Closes #1132 + +- cmake: formatting [ci skip] + +- cmake: (re-)add zlib to `Libs.private` in `libssh2.pc` + + We mistakently added transitive zlib to `Requires.private` before, then + removed it. This patch re-adds zlib, but this time to `Libs.private`, + which is listing raw libs and should include transitive libs as well. + + Also add zlib when used as a direct dependency when zlib compression + support is enabled. + + Follow-up to ef538069a661a43134fe7b848b1fe66b2b43bdac + + Closes #1131 + +- cmake: formatting [ci skip] + +- cmake: use `wolfssl/options.h` for detection, like autotools + + Closes #1130 + +- build: stop requiring libssl from openssl + + libssh2 does not use or need the TLS/SSL library of OpenSSL. + It only needs libcrypto. + + Closes #1128 + +- cmake: add openssl libs to `Libs.private` in `libssh2.pc` + + Also to sync up with autotools-generated `libssh2.pc`, that + already added them. + + Closes #1127 + +- Makefile.mk: stop linking unused mbedtls libs + + Stop linking libmbedtls and libmbedx509 (similarly to autotools). + Only libmbedcrypto is necessary for libssh2. + +- cmake: bump minimum CMake version to v3.7.0 + + Fixes the warning below, which appeared in CMake v3.27.0: + ``` + CMake Deprecation Warning at CMakeLists.txt:39 (cmake_minimum_required): + Compatibility with CMake < 3.5 will be removed from a future version of + CMake. + + Update the VERSION argument value or use a ... suffix to tell + CMake that the project does not need compatibility with older versions. + ``` + + Bump straight up to v3.7.0 to sync up with the curl project: + https://github.com/curl/curl/blob/2900c29218d2d24ab519853589da84caa850e8c7/CMakeLists.txt#L64 + + CMake release dates: + v3.7.0 2016-11-11 + v3.5.0 2016-03-08 + v3.1.0 2014-12-17 + + Closes #1126 + +- build: tidy-up `libssh2.pc.in` variable names + + - prefix with `LIBSSH2_PC_` + + - match with the names of `pkg-config` values. + + - use the same names in autotools and CMake scripts. + + - use `LIBSSH2_VERSION` for the version number in autotools scripts, + to match the name used in CMake. + + Closes #1125 + +- libssh2.pc: re-add & extend support for static-only libssh2 builds + + Adapted for libssh2 from the curl commit message by James Le Cuirot: + + "A project built entirely statically will call `pkg-config` with + `--static`, which utilises the `Libs.private:` field. Conversely it will + not use `--static` when not being built entirely statically, even if + there is only a static build of libssh2 available. This will most + likely cause the build to fail due to underlinking unless we merge the + `Libs:` fields. + + Consider that this is what the Meson build system does when it generates + `pkg-config` files." + + This patch extends the above to `Requires:`, to mirror `Libs:` with + `pkg-config` package names. + + Follow-up to 1209c16d93cba3c5e0f68c12fa4a5049f49c00d8 #1114 + + Ref: https://github.com/libssh2/libssh2/pull/1114#issuecomment-1634334809 + Ref: https://github.com/curl/curl/commit/98e5904165859679cd78825bcccb52306ee3bb66 + Ref: https://github.com/curl/curl/pull/5373 + Closes #1119 + +GitHub (14 Jul 2023) +- [Nursan Valeyev brought this change] + + cmake: CMAKE_SOURCE_DIR -> PROJECT_SOURCE_DIR (#1121) + + Fixes compiling as dependency with FetchContent + + Co-authored-by: Viktor Szakats + +Viktor Szakats (14 Jul 2023) +- autotools: use comma separator in `Requires.private` of `libssh2.pc` + + In `Requires*:`, the documented name separator is comma. We already used + it in the CMake-generated `libssh2.pc`. Adjust the autotools-generated + one to use it too, instead of spaces. + + Ref: https://linux.die.net/man/1/pkg-config + Ref: https://gitlab.freedesktop.org/pkg-config/pkg-config/-/blob/d97db4fae4c1cd099b506970b285dc2afd818ea2/pkg-config.1 + + Closes #1124 + +- build: add/fix `Requires.private` packages in `libssh2.pc` + + - autotools was using `libwolfssl`. CMake left it empty. wolfSSL + provides `wolfssl.pc`. This patch sets `Requires.private: wolfssl` + with both build tools. + + - add `libgcrypt` to `Requires.private` with both autotools and CMake. + Ref: + https://github.com/gpg/libgcrypt/blob/e76e88eef7811ada4c6e1d57520ba8c439139782/src/libgcrypt.pc.in + Present since 2005-04-22: + https://github.com/gpg/libgcrypt/commit/32bf3f13e8b45497322177645bebf0b5d0c9cb8e + Released in v1.3.0 2007-05-04: + https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.3.0 + + - also stop adding transitive `zlib` deps to `Requires.private`. + The referenced crypto package is adding it as nedded. + This makes deduplication of the list redundant, so stop doing it. + Follow-up to 2fc367900701e6149efc42bd674c4b69127756dd + + (`libssh2.pc` not tested as a project dependency.) + + Closes #1123 + +- cmake: tidy-ups + + - dedupe `Requires.private` in `libssh2.pc`. + `zlib` could appear on the list twice: + ``` + Requires.private: libssl,libcrypto,zlib,zlib + ``` + According to CMake docs `list(REMOVE_DUPLICATES ...)`, is supported by + our minimum required CMake version (and by earlier ones even): + https://cmake.org/cmake/help/v3.1/command/list.html#remove-duplicates + + - move `cmake_minimum_required()` to the top. + + - move `set(CMAKE_MODULE_PATH)` to the top. + + - delete duplicate `set(CMAKE_MODULE_PATH)`. + + - replace `CMAKE_CURRENT_SOURCE_DIR` with `PROJECT_SOURCE_DIR` in root + `CMakeLists.txt` for robustness. + + - replace `gcovr` option with long-form for readability/consistency. + + - rename `GCOV_OPTIONS` to `GCOV_CFLAGS`. These are C options we enable + when using gcov, not gcov tooling options. + + Closes #1122 + +- openssl: add missing check for `LIBRESSL_VERSION_NUMBER` before use + + Fixes: + ``` + openssl.h:101:5: warning: "LIBRESSL_VERSION_NUMBER" is not defined [-Wundef] + LIBRESSL_VERSION_NUMBER >= 0x3050000fL + ^ + ``` + + Ref: https://github.com/libssh2/libssh2/issues/1115#issuecomment-1631845640 + Closes #1117 + +- [Harmen Stoppels brought this change] + + Don't put `@LIBS@` in pc file + +- misc: delete redundant NULL check and assignment + + Follow-up to 724effcb47ebb713d3ef1776684b8f6407b4b6a5 #1109 + + Ref: https://github.com/libssh2/libssh2/pull/1109#discussion_r1246613274 + Closes #1111 + +- [renmingshuai brought this change] + + We should check whether *key_method is a NULL pointer instead of key_method + + Signed-off-by: renmingshuai + +GitHub (30 Jun 2023) +- [ren mingshuai brought this change] + + Add NULL pointer check for outlen before use (#1109) + + Before assigning a value to the outlen, we need to check whether it is NULL. + + Credit: Ren Mingshuai + +Viktor Szakats (25 Jun 2023) +- cmake: re-add `Libssh2:libssh2` for compatibiliy + lowercase namespace + + - add `libssh2:libssh2` target that selects the shared lib if built, + otherwise the static one. + + - re-add `Libssh2:libssh2` target for compatibility with v1.10.0 and + earlier. This is an alias for `libssh2:libssh2`. + + - keep `libssh2:libssh2_shared` and `libssh2_libssh2_static` targets. + + - allow using `find_package(libssh2)` in dependents as an alternative + to `find_package(Libssh2)`. + + Co-authored-by: Radek Brich + Suggested-by: Haowei Hsu + + Fixes #1103 + Fixes #731 + Closes #1104 + +- example: fix regression in `ssh2_exec.c` + + Regression from b13936bd6a89993cd3bf4a18317ca5bd84bb08d7 #861 #846. + Update a variable name missed above. + + Reported-by: PewPewPew + Fixes #1105 + Closes #1106 + +- docs: replace SHA1 with SHA256 in CMake example + +- checksrc: modernise perl file open + + Use regular variables and separate file open modes from filenames. + + Suggested by perlcritic + + Copied from https://github.com/curl/curl/commit/7f669aa0f1d40ef5d64543981f22bdc5af1272f5 + Copied from https://github.com/curl/trurl/commit/f2784a9240f47ee28a845 + +- reuse: comply with 3.1 spec and 2.0.0 checker + + The checker tool was upgraded upstream to 2.0.0 and the REUSE + Specification to version 3.1 (from 3.0), causing these new errors: + ``` + reuse.project - WARNING - Copyright and licensing information for 'docs/INSTALL_AUTOTOOLS' have been found in 'docs/INSTALL_AUTOTOOLS' and the DEP5 file located at '.reuse/dep5'. The information in the DEP5 file has been overridden. Please ensure that this is correct. + reuse.project - WARNING - Copyright and licensing information for 'tests/openssh_server/Dockerfile' have been found in 'tests/openssh_server/Dockerfile' and the DEP5 file located at '.reuse/dep5'. The information in the DEP5 file has been overridden. Please ensure that this is correct. + + The following files have no licensing information: + * docs/INSTALL_AUTOTOOLS + * tests/openssh_server/Dockerfile + ``` + Via: https://github.com/libssh2/libssh2/actions/runs/5333572682/jobs/9664211341?pr=1098#step:4:4 + + Ref: https://github.com/fsfe/reuse-tool/releases/tag/v2.0.0 + Ref: https://git.fsfe.org/reuse/docs/src/branch/stable/CHANGELOG.md#3-1-2023-06-21 + + Original discovery: https://github.com/libssh2/libssh2/pull/1098#issuecomment-1600719575 + + Fixes #1101 + Closes #1102 + +- tests: trap signals in scripts + + Closes #1098 + +- test_sshd.test: fixup to distcheck failure + + Fixes: + ``` + ERROR: test_sshd.test - missing test plan + ERROR: test_sshd.test - exited with status 1 + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/5322354271/jobs/9638694218#step:10:532 + + Caused by trying to create the log file in a read-only directory. + + Follow-up to 299c2040625830d06ad757d687807a166b57d6de + Closes #1099 + +GitHub (21 Jun 2023) +- [Viktor Szakats brought this change] + + test_sshd.test: show sshd and test connect logs on harness failure (#1097) + +- [Joel Depooter brought this change] + + Fix incorrect byte offset in debug message (#1096) + + Fixes debug log message + + Credit: + Joel Depooter + +Viktor Szakats (16 Jun 2023) +- tidy-up: delete whitespace at EOL [ci skip] + +- mbedtls: include `version.h` for `MBEDTLS_VERSION_NUMBER` + + Older (2021 or earlier?) mbedTLS releases require this. + + Reported-by: rahmanih on Github + Fixes #1094 + Closes #1095 + +- hostkey: do not advertise ssh-rsa when SHA1 is disabled + + Before this patch OpenSSL, mbedTLS, WinCNG and OS/400 advertised both + SHA2 and SHA1 host key algos, even when SHA1 was not supported by the + crypto backend or when forcefully disabled via `LIBSSH2_NO_RSA_SHA1`. + + Reported-by: João M. S. Silva + Fixes #1092 + Closes #1093 + +- openssl.h: whitespace tidy-up [ci skip] + +GitHub (14 Jun 2023) +- [Dan Fandrich brought this change] + + test_sshd.test: set a safe PID directory (#1089) + + The compiled in default to sshd can be a non-writable location since it + expects to be run as root. + +Viktor Szakats (13 Jun 2023) +- mingw: fix printf mask for 64-bit integers + + Before 02f2700a61157ce5a264319bdb80754c92a40a24 #846 #876, we used + `%I64d'. That patch changed this to `%lld`. This patch uses `PRId64` + (defined in `inttypes.h`). + + Fixes #1090 + Closes #1091 + +- test_sshd.test: minor cleanups + +Daniel Stenberg (7 Jun 2023) +- provide SPDX identifiers + + - All files have prominent copyright and SPDX identifier + - If not embedded in the file, in the .reuse/dep5 file + - All used licenses are in LICENSES/ (not shipped in tarballs) + - A new REUSE CI job verify that all files are OK + + Assisted-by: Viktor Szakats + + Closes #1084 + +Viktor Szakats (6 Jun 2023) +- src: improve MSVC C4701 warning fix + + Simplify the code to avoid this warning. This might also help avoiding + it with other compilers (e.g. gcc?). + + Improves 02f2700a61157ce5a264319bdb80754c92a40a24 #876 + Might fix #1083 + Closes #1086 + +Daniel Stenberg (5 Jun 2023) +- configure.ac: remove AB_INIT + + Not used. Remove m4/autobuild.m4 as well + +Viktor Szakats (4 Jun 2023) +- copyright: remove years from copyright headers + + Also: + - uppercase `(C)`. + - add missing 'All rights reserved.' lines. + - drop duplicate 'Author' lines. + - add copyright headers where missing. + - enable copyright header check in checksrc. + + Reasons for deleting years (copied as-is from curl): + - they are mostly pointless in all major jurisdictions + - many big corporations and projects already don't use them + - saves us from pointless churn + - git keeps history for us + - the year range is kept in COPYING + + Closes #1082 + +- tests: cast to avoid `-Wchar-subscripts` with Cygwin + + ``` + In file included from $HOME/src/cygwin/libssh2/libssh2-1.11.0-1.x86_64/src/libssh2-1.11.0/tests/openssh_fixture.c:57: + $HOME/src/cygwin/libssh2/libssh2-1.11.0-1.x86_64/src/libssh2-1.11.0/tests/openssh_fixture.c: In function 'run_command_varg': + $HOME/src/cygwin/libssh2/libssh2-1.11.0-1.x86_64/src/libssh2-1.11.0/tests/openssh_fixture.c:136:37: warning: array subscript has type 'char' [-Wchar-subscripts] + 136 | while(end > 0 && isspace(buf[end - 1])) { + | ~~~^~~~~~~~~ + ``` + Ref: https://github.com/libssh2/libssh2/files/11644340/cygwin-x86_64-libssh2-1.11.0-1-check.log + + Reported-by: Brian Inglis + Fixes #1080 + Closes #1081 + +- tidy-up: avoid exclamations, prefer single quotes, in outputs + + Closes #1079 + +- autotools: improve libz position + + We repositioned crypto libs in 4f0f4bff5a92dce6a6cd7a5600a8ee5660402c3f + via #941 and subsequently in d4f58f03438e326b8696edd31acadd6f3e028763 + from d93ccf4901ef26443707d341553994715414e207 via #1013. + + This patch moves libz accordingly, to unbreak certain build scenarios. + + Reported-by: Kenneth Davidson + Regression from 4f0f4bff5a92dce6a6cd7a5600a8ee5660402c3f #941 + Fixes #1075 + Closes #1077 + +- src: bump `hash_len` to `size_t` in `LIBSSH2_HOSTKEY_METHOD` + + Follow-up to 7b8e02257f01a6dac5f65305b18bb74a157fb5c4 + Closes #1076 + +- ci: add non-static autotools i386 build, ignore GHA updates on AppVeyor + + Add a non-static autotools build to GitHub Actions. Make this build + target i386 and libgcrypt, to test a new build combination if we are at + it. + + Also: + - GHA: add necessary generic bits for i386 autotools builds. + - AppVeyor CI: teach it to ignore commits updating our GHA config. + + Follow-up to 572c57c9d8d4e89cfce19dde40125d55481256d1 #1072 + Closes #1074 + +GitHub (31 May 2023) +- [Xi Ruoyao brought this change] + + autotools: skip tests requiring static lib if `--disable-static` (#1072) + + Co-authored-by: Viktor Szakats + Regression from 83853f8aea0e2f739cacd491632eb7fd3d03ad2d #663 + Fixes #1056 + +Viktor Szakats (31 May 2023) +- ci: prefer `=` operator in shell snippets + + Closes #1073 + +- src: bump DSA and ECDSA sign `hash_len` to `size_t` + + Closes #1055 + +- scp: fix missing cast for targets without large file support + + E.g. on 32-bit Linux. Issue revealed after adding i386 Linux CI build + in abdf40c741c575f94bdea1c67a9d1182ff813ccb #1057. + + ``` + /home/runner/work/libssh2/libssh2/src/scp.c: In function 'scp_recv': + /home/runner/work/libssh2/libssh2/src/scp.c:765:23: error: conversion from 'libssh2_int64_t' {aka 'long long int'} to '__off_t' {aka 'long int'} may change value [-Werror=conversion] + 765 | sb->st_size = session->scpRecv_size; + | ^~~~~~~ + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/5126803482/jobs/9221746299?pr=1054#step:12:51 + + Regression from 5db836b2a829c6fff1e8c7acaa4b21b246ae1757 #1002 + Closes #1060 + +- mbedtls.h: formatting [ci skip] + + For consistency with `mbedtls.c`. + + Follow-up to 1153ebdeba563ac657b525edd6bf6da68b1fe5e2 + +- libssh2.h: bump to 1.11.1_DEV [ci skip] + +- mbedtls: use more `size_t` to sync up with `crypto.h` + + Ref: 5a96f494ee0b00282afb2db2e091246fc5e1774a #846 #879 + + Fixes #1053 + Closes #1054 + +- ci: drop redundant/unused vars, sync var names + + Closes #1059 + +- ci: add i386 Linux build (with mbedTLS) + + Also: + - reorder Linux build matrix to make build tool more visible. + - hide apt-get progress bar. + - prepare package install step for i386 builds. + + Detects bug #1053 + Closes #1057 + +- checksrc: switch to dot file + + Closes #1052 + +Version 1.11.0 (30 May 2023) + +Daniel Stenberg (30 May 2023) +- libssh2.h: bump to 1.11.0 for release + +GitHub (30 May 2023) +- [Will Cosgrove brought this change] + + Libssh2 1.11 release notes, copyright (#1048) + + * Libssh2 1.11 release notes, copyright + +Viktor Szakats (29 May 2023) +- add copyright/credits + + Closes #1050 + +- ci: add LIBSSH2_NO_AES_CBC to GNU Make build + + Closes #1049 + +- ci: add wolfSSL Linux builds + + Exclude wolfSSL builds from tests. All fail: + + ``` + 2/43 Test #2: test_aa_warmup ............................***Failed 5.59 sec + libssh2_session_handshake failed (-44): Unable to ask for ssh-userauth service + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/5085775952/jobs/9139583212#step:12:942 (with logging) + Ref: https://github.com/libssh2/libssh2/actions/runs/5085586301/jobs/9139192562#step:12:225 + + wolfSSL version: + ``` + Get:1 http://azure.archive.ubuntu.com/ubuntu jammy/universe amd64 libwolfssl32 amd64 5.2.0-2 [818 kB] + Get:2 http://azure.archive.ubuntu.com/ubuntu jammy/universe amd64 libwolfssl-dev amd64 5.2.0-2 [1194 kB] + ``` + + Cherry-picked from #1046 + Closes #1046 + +- ci: mbedTLS build config tidy-up + + Cherry-picked from #1046 + +- wolfssl: fix detection of AES-GCM feature + + Follow-up to df513c0128e1a811ad863d153892618e728845f0 + + Ref: https://github.com/libssh2/libssh2/issues/1020#issuecomment-1562069241 + Closes #1045 + +- build: fix 'unused' compiler warnings with all `NO` options set + + - add `LIBSSH2_NO_ED25519` build-time option to force-disable ED25519 + support. Useful to replicate crypto-backend builds without ED25519, + such as wolfSSL. + + - openssl: fix unused variable and function warnings with all supported + `LIBSSH2_NO_*` options enabled. + + - mbedtls: fix misplaced `#endif` leaving out the required internal + public function `libssh2_supported_key_sign_algorithms()`. + + - mbedtls: add missing prototype for two internal public functions. + + - delete a redundant block. + + All `NO` options: + ```shell + CPPFLAGS=' + -DLIBSSH2_NO_MD5 -DLIBSSH2_NO_HMAC_RIPEMD -DLIBSSH2_NO_DSA + -DLIBSSH2_NO_RSA -DLIBSSH2_NO_RSA_SHA1 + -DLIBSSH2_NO_ECDSA -DLIBSSH2_NO_ED25519 -DLIBSSH2_NO_AES_CTR + -DLIBSSH2_NO_BLOWFISH -DLIBSSH2_NO_RC4 -DLIBSSH2_NO_CAST + -DLIBSSH2_NO_3DES' + ``` + + Closes #1044 + +- cmake: avoid `list(PREPEND)` for compatibility + + `list(PREPEND)` requires CMake v3.15, our minimum is v3.1. `APPEND` + should work fine for headers anyway. + + Also fix a wrongly placed comment. + + Ref: https://cmake.org/cmake/help/latest/command/list.html#prepend + + Regression from 1e3319a167d2f32d295603167486e9e88af9bb4e + + Closes #1043 + +- checksrc: verify label indent, fix fallouts + + Also update two labels to match the rest of the source. + + checksrc update credit: Emanuele Torre @emanuele6 + + Ref: https://github.com/curl/curl/pull/11134 + + Closes #1042 + +- tidy-up: minor nits + +- ci: drop default shared/static configuration options + + Both autotools and cmake build both shared and static lib by default. + + Ref: 896154bc17f000c0a1bb89b74bc879692ac0d47c + + Delete configuration enabling these explicitly in CI jobs. + + Cherry-picked from #1036 + Closes #1036 + +- cmake: enable shared libssh2 library by default + + This brings default behaviour in sync with autotools, which builds both + lib flavours by default. + + (Notice that on Windows, autotools includes the Windows Resource in the + static library, when building both at the same time. CMake doesn't have + this issue.) + + Enabling both lib flavours has a side-effect when using non-MinGW + toolchains (e.g. MSVC): to resolve the filename conflict between import + and static libraries, we add a suffix to the static lib, naming it + `libssh2_static.lib`. This can break dependent builds relying on + `libssh2.lib` for linking the static libssh2. + + Workarounds: + + - disable either shared or static libssh2 via + `-DBUILD_STATIC_LIBS=OFF` or + `-DBUILD_SHARED_LIBS=OFF`. This results in a libssh2 library (either + static or shared) without a prefix: `libssh2.lib`. + + - set a custom static library suffix via: + `-DSTATIC_LIB_SUFFIX=_my_static`. Resulting in + `libssh2_my_static.lib`, and import library + `libssh2.lib`. + + - set a custom import library suffix via: + `-DIMPORT_LIB_SUFFIX=_my_implib`. Resulting in + `libssh2_my_implib.lib` import library, and static library + `libssh2.lib`. + + - customize the default static/import library suffix (incl. extension) + via + `-DCMAKE_STATIC_LIBRARY_SUFFIX=_my_static_suffix.lib` or + `-DCMAKE_IMPORT_LIBRARY_SUFFIX=_my_import_suffix.lib`. + + Cherry-picked from #1036 + +- cmake: tweak static/import lib name collision avoidance logic + + The collision issue affects (typically) MSVC, when building both shared + and static libssh2 in one go. + + Ref: https://stackoverflow.com/questions/2140129/what-is-proper-naming-convention-for-msvc-dlls-static-libraries-and-import-libr + + Initially we handled this by appending the `_imp` suffix to the import + library filename. This is how curl tackles this, but on a second look, + this solution seem to be accidental and has no widespread use. + + It seems more widely accepted to use the '_static' suffix for the static + library. This patch implements this. + + (MinGW, Cygwin and unixy platforms are not affected by this issue.) + + Follow-up to 4e2580628dd1f8dc51ac65ac747ebcf0e93fa3d1 + + Cherry-picked from #1036 + +- cmake: add `IMPORT_LIB_SUFFIX` (like `STATIC_LIB_SUFFIX`) + + Allow resolving the import/static library name collision also by setting + a custom _import_ library name suffix. + + Follow-up to 4e2580628dd1f8dc51ac65ac747ebcf0e93fa3d1 + + Cherry-picked from #1036 + +- ci: do not disable shared lib with msys2/autotools in GHA + + Cherry-picked from #1036 + +- Makefile.mk: fix `DYN=1 test` by skipping tests needing static lib + + `DYN=1` means to build examples/tests against the shared libssh2. + + Before this patch this was broken for building tests. This patch skips + building tests that require the static libssh2 library, so the build now + succeeds. + + Also move the list of tests that require static lib from + `CMakeLists.txt` to `Makefile.inc`, so that we can reuse it in + `Makefile.mk`. + + Couldn't find a way to also reuse it in `Makefile.am`. Move the + `Makefile.am` specific definitions close to the shared list, to make it + easier to keep them synced. + + Cherry-picked from #1036 + +- ci: make one of the AppVeyor CMake jobs shared-only + + This build combination did not have a CI test before. + + Cherry-picked from #1036 + +- cmake: allow tests with `BUILD_STATIC_LIBS=OFF` + + Before this patch, the CMake build did not allow to disable static + libssh2 library while also building tests. + + This patch removes this constraint, and makes this combination possible. + In this case the 3 (at the moment) tests that require a static libssh2 + library, are skipped from the build and test runs. + + Cherry-picked from #1036 + +- build: fix to set `-DLIBSSH2DEBUG` for tests + + Required for tests using libssh2 internals. These are the ones + requiring the libssh2 _static_ lib. + + Before this patch, `src` and `tests` declared the `session` structure + differently, due to extra struct members added with the `LIBSSH2DEBUG` + macro set. But, the macro was only set for `src` when using CMake. At + runtime this caused struct members to be at different offsets between + lib and test code, resulting in the test failures below. + + Due to another bug in the affected test, these failures did not reflect + in the exit code, which always returned success, so this went unnoticed + for a good while. Fixed in: 84d31d0ca7b647ad4c2aa92bf8f4a94b233f5d3b + + ``` + Start 5: test_auth_keyboard_info_request + [...] + 5: Test case 1 passed + 5: Test case 2 passed + 5: Test case 3: expected return code to be 0 got -1 + 5: Test case 4: expected last error code to be "-6" got "-38" + 5: Test case 5: expected last error code to be "-6" got "-38" + 5: Test case 6: expected last error code to be "-6" got "-38" + 5: Test case 7: expected last error message to be "Unable to decode keyboard-interactive number of keyboard prompts" got "userauth keyboard data buffer too small to get l + 5: Test case 8: expected last error code to be "-41" got "-38" + 5: Test case 9: expected return code to be 0 got -1 + 5: Test case 10: expected return code to be 0 got -1 + 5: Test case 11: expected last error code to be "-6" got "-38" + 5: Test case 12: expected last error message to be "Unable to decode user auth keyboard prompt echo" got "userauth keyboard data buffer too small to get length" + 5: Test case 13: expected return code to be 0 got -1 + 5: Test case 14: expected return code to be 0 got -1 + 5: Test case 15: expected last error code to be "-6" got "-38" + 5: Test case 16: expected last error code to be "-6" got "-38" + 5: Test case 17: expected last error code to be "-6" got "-38" + 5: Test case 18: expected last error code to be "-6" got "-38" + ``` + Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46925869/job/i9uasceu3coss0i2#L440 + Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46983040/job/c3vag25c26a77lyr#L485 + + Cherry-picked from #1037 + Closes #1037 + +- test_auth_keyboard_info_request: fix to return failure + + Before this patch, this test returned success even when one of its tests + failed. Fix it by returning 1 in case any of the tests fails. + + This issue masked a CMake build bug with logging enabled. Subject to an + upcoming patch. + + Cherry-picked from #1037 + +- test_auth_keyboard_info_request: fix indentation + + Cherry-picked from #1037 + +- tidy-up: move comment off from copyright header + + Cherry-picked from #1037 + +- ci: enable shared libs in msys2/macOS cmake builds + + Shared libs improve example/tests build times. For "unity" + builds the overhead of building shared lib is negligible, so + this even reduced the overall build-time. + + Follow-up to 3d64a3f5100f7f4cf52202396eb4f1c3f3567771 + Follow-up to d93ccf4901ef26443707d341553994715414e207 + + Tests: + https://github.com/libssh2/libssh2/actions/runs/4906586658: unity builds enabled + https://github.com/libssh2/libssh2/actions/runs/4906925743: unity builds enabled + parallel msys2 builds + https://github.com/libssh2/libssh2/actions/runs/4906777629: unity + shared lib (this commit) + https://github.com/libssh2/libssh2/actions/runs/4906927190: unity + shared lib (this commit) + parallel msys2 builds + + Consider making shared libs enabled by default also in CMake, to sync it with autotools? + + Closes #1035 + +- ci: add missed --parallel 3 from msys2 cmake builds + + Follow-up to 3d64a3f5100f7f4cf52202396eb4f1c3f3567771 + +- cmake: add and test "unity" builds + + "Unity" (aka "jumbo", aka "amalgamation" builds concatenate source files + before compiling. It has these benefits for example: faster builds, + improved code optimization, cleaner code. Let's support and test this. + + - enable unity builds for some existing CI builds to test this build + scenario. + - tune `UNITY_BUILD_BATCH_SIZE` size. + - disable unity build for example and test programs (they use one source + each already). + + You can enable it by passing `-DCMAKE_UNITY_BUILD=ON` to cmake. + Supported by CMake 3.16 and newer. + + Ref: https://cmake.org/cmake/help/latest/prop_tgt/UNITY_BUILD.html + + Closes #1034 + +- tests: simplify passing `srcdir` to tests + + Before this patch libssh2 used a variety of solutions to pass the source + directory to tests: `FIXTURE_WORKDIR` build-time macro (cmake), + `FIXTURE_WORKDIR` envvar (unused), setting `srcdir` manually + (autotools), setting current directory (cmake), and also `builddir` + envvar (autotools) for passing current working dir to `mansyntax.sh`. + + This patch reduces this to using existing `srcdir` with autotools and + setting it ourselves in CMake. This was mostly enabled by this recent + patch: 4c9ed51f962f542b98789b15bedaaa427f4029a2 + + Details: + + - cmake: replace baked-in `FIXTURE_WORKDIR` macro with env. + + Added in 54bef4c5dad868a9d45fdbfca9729b191c0abab5 #198 (2018-03-21) + + - rename `FIXTURE_WORKDIR` to `srcdir`, to match autotools. + + - cmake: add missing `srcdir` for algo and sshd tests. + + - session_fixture: stop `chdir()`-ing, rely on prefixing with `srcdir`. + + Changing current directory should be unnecessary after + 4c9ed51f962f542b98789b15bedaaa427f4029a2 #801 (2023-02-24), + that prefixes referenced input filenames with the `srcdir` envvar. + + The `srcdir` envvar was already exported by autotools, and now we're + also setting it from CMake. + + - cmake: stop setting `WORKING_DIRECTORY`, rely on `srcdir` env. + + `WORKING_DIRECTORY` is no longer necessary, after passing `srcdir` to + all tests, so they can find our source tree and keys/etc in it + regardless of the current directory. + + Also this past commit hints that `WORKING_DIRECTORY` wasn't always + working for this purpose as expected: + "tests: Xcode doesn't obey CMake's test working directory" + Ref: https://github.com/libssh2/libssh2/pull/198/commits/10a5cbf945abcc60153ee3d59284d09fc64ea152 + + - autotools: delete explicit `srcdir` for test env. + + Added in 13f8addd1bc17e6c55d52491cc6304319ac38c6d (2015-07-02) + + automake documents `srcdir` as exported to the test environment: + https://github.com/autotools-mirror/automake/blob/c04c4e8856e3c933239959ce18e16599fcc04a8b/doc/automake.texi#L9302-L9304 + https://www.gnu.org/software/automake/manual/html_node/Scripts_002dbased-Testsuites.html + It's mentioned in the docs back in 1997 and got a regression test in + 2012. We can safely assume it to be available without setting it + ourselves. + + - autotools: delete explicit `builddir`. + + Added in 13f8addd1bc17e6c55d52491cc6304319ac38c6d (2015-07-02) + + It seems this wasn't necessary to make the above fix work, and + `mansyntax.sh` is able to figure out the build workdir by reading + `$PWD`. Our out-of-tree and `make distcheck` CI builds also work + without it. + + Let us know if there is a scenario we're missing and needs this. + + Closes #1032 + +- src: fix `libssh2_store_*()` for >u32 inputs + + `_libssh2_store_str()` and `_libssh2_store_bignum2_bytes()` accept + inputs of `size_t` max, store the size as 32-bit unsigned integer, then + store the complete input buffer. + + With inputs larger than `UINT_MAX` this means the stored size is smaller + than the data that follows it. + + This patch truncates the stored data to the stored size, and now returns + a boolean with false if the stored length differs from the requested + one. Also add `assert()`s for this condition. + + This is still not a correct fix, as we now dump consistent, but still + truncated data which is not what the caller wants. In future steps we'll + need to update all callers that might pass large data to this function + to check the return value and handle an error, or make sure to not call + this function with more than UINT_MAX bytes of data. + + Ref: c3bcdd88a44c4636818407aeb894fabc90bb0ecd (2010-04-17) + Ref: ed439a29bb0b4d1c3f681f87ccfcd3e5a66c3ba0 (2022-09-29) + + Closes #1025 + +- cmake: limit WinCNG to Windows + + After deleting the `bcrypt.h` check, no check remained. Restore + a `WIN32` check here to ensure WinCNG is not enabled outside Windows. + + Follow-up to 1289033598546ee5089ff0fc4369d24e1e2be81f + + Tested-in #1032 + +- cmake: move `CMAKE_VS_GLOBALS` setting to CI configs + + To not force this setting for local builds where they might serve + a good purpose. + + It makes our CI runs slightly faster and we don't need to track + file changes in unattended, single, CI runs. + + Cherry-picked from #1031 + +- cmake: prefill for faster config phase on Windows + + Prefill known detection results on Windows with MinGW and MSVC, to + avoid spending time on detecting these on every cmake configuration + run. + + With MinGW + clang and MSVC, this elminates all detections. + With MinGW + gcc, it reduces them to 3. + + Cherry-picked from #1031 + +- libssh2_setup.h: set `HAVE_INTTYPES_H` for MSVC + + To sync up the hand-crafted config with actual detection results + by CMake and autotools. Sources compiled fine without it anyway. + + Cherry-picked from #1031 + +- cmake: re-add `select()` detection (regression) + + `select()` detection suffered two regressions: First I accidentally + deleted it for non-Windows [1]. Then the Windows-specific setting got + missed from the generated `libssh2_config.h` after a rearrangement in + `CMakeLists.txt` files. + + [1] 31fb8860dbaae3e0b7d38f2a647ee527b4b2a95f (2023-03-07) + [2] 803f19f004eb6a5b525c48fff6f46a493d25775c (2023-04-18) + + This patch restores detection. For Windows, enable it unconditionally, + not only for speed reasons, but because detection needs `ws2_32`, and + even that is broken on the x86 platform. According to the original + `cmake/SocketLibraries.cmake`, caused by a calling convention mismatch. + FWIW autotools detects it correctly. + + Cherry-picked from #1031 + +- ci: merge make job into msys2 section, enable zlib + openssl + + Follow up to dd625766271a0ba13f5ac661bdc2fa40bbfa580a + + Cherry-picked from #1030 + +- ci: add missing timeouts for autotools tests + + Cherry-picked from #1030 + +- ci: add mingw-w64 clang and gcc CMake jobs + + Cherry-picked from #1030 + +- cmake: assume `bcrypt.h` with WinCNG + + autotools already didn't check for `bcrypt.h`, and such check is only + required for old/legacy mingw without obsolete/incomplete Windows + headers. + + curl deprecated old-mingw support just recently and will delete support + in September 2023. + + This patch saves some complexity and detection time by dropping this + check for CMake. Meaning that mingw-w64 is now required to compile + libssh2 when using the WinCNG backend for 32-bit builds. Other backends + and CPU platforms are not affected. + + Ref: https://github.com/curl/curl/commit/e4d5685cb5d6eb07e1b43156fd7e3ba3563afba5 + + Closes #1026 + +- cmake: do not check for `poll()` on Windows + + While it seems to exist on mingw in theory, it's not detected as of this + writing. It also has issues, and not ready for production use: + https://stackoverflow.com/questions/1671827/poll-c-function-on-windows + + On MSVC it's even less supported. + + Skip checking this to save CMake detection time. + + Closes #1027 + +- agent_win: make a struct static and other build improvements + + Also: + - merge back `agent.h` into `agent.c` where it was earlier. + Ref: c998f79384116e9f6633cb69c2731c60d3a442bb + - introduce `HAVE_WIN32_AGENT` internal macro. + - fix two guards to exclude more code unused in UWP builds. + + Follow-up to 1c1317cb768688eee0e5496c72683190aaf63b29 + + Closes #1028 + +- tidy-up: formatting nits + + Whitespace and redundant parenthesis in `return`s. + + Closes #1029 + +GitHub (3 May 2023) +- [Nick Woodruff brought this change] + + sftp: parse attribute extensions, if present, to avoid stream parsing errors (#1019) + + Prevents directory listing errors when attribute extensions are present + by advancing stream parsing past extensions. + +Viktor Szakats (3 May 2023) +- tests: merge `sshd_fixture.sh` into `test_sshd.test` + + Merge the loop executing multiple tests and the script that actually + launches the tests into a single script. This same script is now called + from both autotools and CMake. autotools loads the list of tests from + `Makefile.inc`, CMake passes it via the command-line. It's also possible + to call the script manually with a custom list of tests or individual + ones. + + With this setup we're now launching a single sshd session for all tests, + instead of launching and killing it for each test. This did not improve + reliability of these test on CI machines, and it's easy to go back to + the previous behaviour if necessary. + + Also: + + - allow passing custom sshd options via `SSHD_FLAGS`. + + - add `SSHD_TESTS_LIMIT_TO` to limit the number of tests to its value. + E.g. `SSHD_TESTS_LIMIT_TO=1` executes the first test only. Meant for + debugging. + + - use `ssh` to test the connection (if available) instead of fixed + amount of wait. Made to also work on Windows. + + - set `PermitRootLogin yes` in `sshd`, to allow running tests as root. + + - show `sshd` path and version. + + Cherry-picked from #1017 (the last one) + Closes #1024 + +- ci: make sure to run tests after all builds in GHA + + Whenever possible. Due to flakiness/hangs/timeouts, keep sshd + tests disabled on Windows and macOS. + + Also keep Docker tests disabled on these platforms, they do not work: + + GHA Windows: + ``` + no matching manifest for windows/amd64 in the manifest list entries + ``` + + GHA macOS: + ``` + sh: docker: command not found + ``` + + It's not possible to run UWP and ARM64 binaries: + UWP: + ``` + Test #2: test_simple ......................Exit code 0xc0000135 + ``` + Needs but doesn't find: `VCRUNTIME140_APP.dll`. + + ARM64 + ``` + D:/a/libssh2/libssh2/bld/tests/Release/test_ssh2.exe: cannot execute binary file: Exec format error + ``` + + Cherry-picked from #1017 + +- tests: disable sshd tests on Windows via new options + + Instead of using hacks inside the build systems. + + `SSHD` variable added to GitHub Actions is not currently used. + Added there to make it easy to experiment with these tests and + the path is non-trivial to discover. Using the Windows built-in + sshd server is another option (haven't discovered its path yet). + + Cherry-picked from #1017 + +- tests: add cmake/autotools options to disable running tests + + autotools: + - `--disable-docker-tests` + - `--disable-sshd-tests` + + cmake: + - `RUN_DOCKER_TESTS` + - `RUN_SSHD_TESTS` + + Update automake and ci to use this new flag and delete former logic + of relying on Windows detection and `HOST_WINDOWS`. Also fix honoring + this when running `test_read_algos.test`. + + This allows to disable these individually and on per-CI/local-job basis. + To run as much tests as the env allows. + + Cherry-picked from #1017 + +- ci: add `make distcheck` job + + Cherry-picked from #1017 + +- ci: switch to out-of-tree autotools builds + + Cherry-picked from #1017 + +- ci: restore parallel builds with cmake + + Also add missing -j3 for macOS builds. + + Partial revert of 0d08974633cfc02641e6593db8d569ddb3644255 + + Cherry-picked from #1017 + +- ci: sync names, steps, syntax, build dirname between jobs + + Also: + + - delete an unused 64-bit option for Linux (all jobs are 64-bit). + + - fix to not install libgcrypt and openssl when doing mbedTLS builds. + + [ Empty lines after multiline run commands are solely to unbreak + my editor's syntax highlighting. They can be deleted in the future ] + + Cherry-picked from #1017 + +- ci: add `Makefile.mk` test, with `LIBSSH2_NO_*` options + + Cherry-picked from #1017 + +- Makefile.mk: use Makefile.inc from example and tests + + Instead of assembling the list using `$(wildcard ...)`. + + Also split off a `tests/Makefile.inc` from `tests/Makefile.am`. With its + simpler syntax, this also allows to delete some complexity from the + CMake loader. + + Cherry-picked from #1017 + +- example, tests: fix ssh2 to correctly return failure + + Before this patch ssh2 and test_ssh2 returned success even if the session + failed at `libssh2_session_handshake()` or after. + + This patch depends on cda41f7cb87c3af5258ba48ccef19d3efdbd3d3b, that fixed + running test_ssh2 on Windows via sshd_fixture. + + Cherry-picked from #1017 + +- tests: set -e -u in shell scripts + + Cherry-picked from #1017 + +- cmake: use shared libs again in example and tests + + Re-sync with autotools and v1.10.0 behavior. + + This improves build times. It also allows to stop building our special + shared test target to test shared builds. + + Follow-up to 4e2580628dd1f8dc51ac65ac747ebcf0e93fa3d1 + + Cherry-picked from #1017 + Closes #1022 + +- tests: retry KEX failures when using the WinCNG backend + + Twice. This tests are flaky and we haven't figured out why. In the + meantime use this workaround to test and log these issues, but also + ensure that CI run aren't flagged red because of it. + + Also: + - kex: add debug message when hostkey `sig_verify` fails, + to help tracking WinCNG KEX failures. + - test_ssh2: also add retry logic. + I'm not quite sure this is correct. Please let me know. + - session_fixture: bump up `src_path` slots to fit retries and show + message when hitting the limit. + - session_fixture: clear `kbd_password` static variable after use. + - session_fixture: close and deinit socket after use. + - session_fixture: deinit libssh2 after use. + + Ref: #804 #846 #979 #1012 #1015 + + Cherry-picked from #1017 + Closes #1023 + +- example, test_ssh2: shutdown socket before close + + Syncing them with `tests/session_fixture.c`. + + Cherry-picked from #1017 + +- ci.yml: fix indentation [ci skip] + + Cherry-picked from #1017 + +- Makefile.mk: make tests depend on runner lib + + Cherry-picked from #1017 + +- build: compile agent_win.c via agent.c + + Silences these warnings on non-Windows: + ``` + ranlib: file: libssh2.a(agent_win.c.o) has no symbols + ``` + + Cherry-picked from #1017 + +- cmake: delete obsolete comment + + Follow-up to 80175921638fa0a345237d23206a2ad1644cdd9b + + Cherry-picked from #1017 + +- checksrc.sh: fix it to run from any current directory + + Also silence a shellcheck warning. + + Cherry-picked from #1017 + +- ISSUE_TEMPLATE: ask for crypto backend version + + Also fix casing in backend names. + + Cherry-picked from #1017 + +- tests: fix newlines in test keys for sshd on Windows + + Make sure these files get LF newlines on checkout. Before this patch + a checked out libssh2 Git repository may have used CRLF newlines in text + files, include test keys. Private keys with CRLF newlines could confuse + sshd on Windows: + + ``` + # sshd version: 'OpenSSH_9.2, OpenSSL 1.1.1t 7 Feb 2023' + Unable to load host key "/d/a/libssh2/libssh2/tests/openssh_server/ssh_host_ed25519_key": invalid format + Unable to load host key: /d/a/libssh2/libssh2/tests/openssh_server/ssh_host_ed25519_key + ``` + Ref: https://github.com/libssh2/libssh2/actions/runs/4846188677/jobs/8635575847#step:6:39 + + Cherry-picked from #1017 + +- cmake: move option descriptions next to definition + + Cherry-picked from #1017 + +- checksrc: sync with curl + + There were no new issues detected. + + Cherry-picked from #1017 + +- openssl: enable AES-GCM with wolfSSL + + Follow-up to 3c953c05d67eb1ebcfd3316f279f12c4b1d600b4 #797 + + There is pending issue with wolfSSL, where encryption/decryption is not + working (both with and without this patch). Ref: #1020 + + Cherry-picked from #1017 + +- appveyor: add a UWP OpenSSL 3 build + + Cherry-picked from #1017 + +- appveyor: skip `before_test` when not doing tests + + Also merge `before_test` section into `test_script`. + + Cherry-picked from #1017 + +- docs: delete two stray characters + + Cherry-picked from #1017 + +- tidy-up: avoid expression 'of course' + + Cherry-picked from #1017 + +- tidy-up: avoid word 'just' + + Cherry-picked from #1017 + +- tidy-up: avoid word 'simply' + + Cherry-picked from #1017 + +- tests: teach to use the `USERNAME` envvar on Windows + + Necessary to pick the correct local username when run on Windows. + + Cherry-picked from #1017 + +- test_ssh2: support `FIXTURE_TRACE_ALL*` envvars + + Cherry-picked from #1017 + +- tidy-up: add missing newline to error msg, formatting + + Also: + - fix indent + - lowercase variables names + - fix formatting in `src/global.c` + + Cherry-picked from #1017 + +- appveyor: wait more for SSH connection from GHA + + Cherry-picked from #1017 + +- ci: restrict permissions in GitHub Actions + + Cherry-picked from #1017 + +- build: fix autoreconf warnings + + - update `AC_HELP_STRING' to 'AS_HELP_STRING`: + ``` + configure.ac:[...]: warning: The macro `AC_HELP_STRING' is obsolete. + ``` + "AC_HELP_STRING is deprecated in 2.70+ and I believe AS_HELP_STRING works + already since 2.59 so bump the minimum required version to that." + + Ref: https://github.com/curl/curl/commit/a59f04611629f0db9ad8e768b9def73b9b4d9423 + + - simplify to avoid: + ``` + src/Makefile.inc:48: warning: variable 'EXTRA_DIST_SOURCES' is defined but no program or + src/Makefile.inc:48: library has 'DIST' as canonical name (possible typo) + ``` + Regression from 2c18b6fc8df060c770fa7e5da704c32cf40a5757 + + - `AC_TRY_LINK`/`AC_TRY_COMPILE`: + ``` + configure.ac:335: warning: The macro `AC_TRY_COMPILE' is obsolete. + configure.ac:335: warning: The macro `AC_TRY_LINK' is obsolete. + ``` + + - `libtool`-related ones: + ``` + configure.ac:70: warning: The macro `AC_LIBTOOL_WIN32_DLL' is obsolete. + configure.ac:70: warning: AC_LIBTOOL_WIN32_DLL: Remove this warning and the call to _LT_SET_OPTION when you + configure.ac:70: put the 'win32-dll' option into LT_INIT's first parameter. + configure.ac:71: warning: The macro `AC_PROG_LIBTOOL' is obsolete. + ``` + Using code copied from curl: + https://github.com/curl/curl/blob/9ce7eee07042605045dcfd02a6f5b38ad5c8a05d/m4/xc-lt-iface.m4#L157-L163 + + - delete commented and obsolete `AC_HEADER_STDC`. + + - formatting. + + Most cherry-picked from `autoupdate` updates. + + Cherry-picked from #1017 + Closes #1021 + +- docker-bridge.ps1: use native newlines + + Also add a shebang and exec flag to ease testing/handling on *nix. + PowerShell accepts both LF and CRLF. + + Cherry-picked from #1017 + +GitHub (1 May 2023) +- [Zenju brought this change] + + sftp: remove packet limit for directory reading (#791) + + Currently libssh2 cannot read huge directory listings when the package + size of `LIBSSH2_SFTP_PACKET_MAXLEN` (256KB) is hit. For example AWS + always sends a single package with all files of a directory, no matter + how big it is: https://freefilesync.org/forum/viewtopic.php?t=10020 + Package size is probably around 7MB in this case! + + `LIBSSH2_SFTP_PACKET_MAXLEN` is a good idea in general, but there + doesn't seem to be a one size fits all. While almost all(?) SFTP + responses come in very small packages, I believe the `SSH_FXP_READDIR` + request should be exempted. + + The proposed patch, enhances the package size reading to include parsing + the full SFTP packet header. And in case a package is of type + `SSH_FXP_NAME` and matches an expected `readdir_request_id`, it does not + fail if `LIBSSH2_SFTP_PACKET_MAXLEN` is hit. The chances of accidentally + hiding data-corruption are pretty non-existent, because both SFTP + `request_id` and packet type must match. No change in behavior + otherwise. + + Best, Zenju + + Previous discussion: #268 #269 + + With the above changes, the `LIBSSH2_SFTP_PACKET_MAXLEN` value could + (and should?) probably be set back to a small number again. + + Integration-patches-by: Viktor Szakats + +Viktor Szakats (28 Apr 2023) +- checksrc: update and apply fixes + + Update to latest revision and fix new issues detected. + + Closes #1014 + +- ci: add macOS CI jobs + fix issues revealed + + Add macOS CI jobs, both cmake and autotools for all supported crypto + backends (except BoringSSL), with debug, zlib enabled. Without running + tests. It also introduces OpenSSL 1.1 into the CI with a non-MSVC + compiler. + + Credits to curl's `macos.yml`, that I used as a base. + + Fix these issues uncovered by the new tests: + + - openssl: fix warning when built with wolfSSL, or OpenSSL 1.1 and + earlier. CI missed it because apparently the only OpenSSL 1.1 test + we had used MSVC, which did not complain. + + ``` + ../src/openssl.c:3852:19: error: variable 'sslError' set but not used [-Werror,-Wunused-but-set-variable] + unsigned long sslError; + ^ + ``` + + Regression from 097c8f0dae558643d43051947a1c35b65e1c5761 + + - pem: add hack to build without MD5 crypto-backend support. + + The Homebrew wolfSSL build comes with MD5 support disabled. We can + expect this becoming the norm. FIPS also requires MD5 disabled. + + We deleted the same hack from `hostkey.c` a month ago: + ad6aae302aaec84afbfacf0c1dfdc446d46eaf21 + + A better fix would be to guard the MD5 logic with our `LIBSSH2_MD5` + macro. + + ``` + pem.c:214:32: error: use of undeclared identifier 'MD5_DIGEST_LENGTH'; did you mean 'SHA_DIGEST_LENGTH'? + unsigned char secret[2*MD5_DIGEST_LENGTH]; + ^~~~~~~~~~~~~~~~~ + SHA_DIGEST_LENGTH + ``` + + Regression from 386e012292a96fcf0dc6861588397845df0aba2c + + - `configure.ac`: add crypto libs late. + + Fix it by adding crypto libs to `LIBS` at the end of the configuration + process. + + Otherwise `configure` links crypto libs while doing feature tests, + which can cause unwanted detections. For example LibreSSL publishes + the function `explicit_bzero()`, which masks the system alternative, + e.g. `memset_s()` on macOS. Then when trying to compile libssh2, its + declaration is missing: + + ``` + bcrypt_pbkdf.c:93:5: error: implicit declaration of function 'explicit_bzero' is invalid in C99 [-Werror,-Wimplicit-function-declaration] + _libssh2_explicit_zero(ciphertext, sizeof(ciphertext)); + ^ + ../src/misc.h:50:43: note: expanded from macro '_libssh2_explicit_zero' + ^ + ``` + + Regression from 4f0f4bff5a92dce6a6cd7a5600a8ee5660402c3f + + - cmake: fix to list our own include directory before the crypto libs', + when building tests. + + Otherwise a global crypto header path, such as `/usr/local/include`, + containing an external `libssh2.h` of a different version, could cause + weird errors: + + ``` + cc -DHAVE_CONFIG_H -DLIBSSH2_LIBGCRYPT \ + -I../src -I../../src -I/usr/local/include -I[...]/libssh2/include \ + -g -isysroot /Library/Developer/CommandLineTools/SDKs/MacOSX13.1.sdk \ + -mmacosx-version-min=12.6 -MD -MT \ + tests/CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o \ + -MF CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o.d \ + -o CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o -c \ + [...]/libssh2/tests/test_aa_warmup.c + ``` + + ``` + [ 62%] Building C object tests/CMakeFiles/test_aa_warmup.dir/test_aa_warmup.c.o + In file included from /Users/runner/work/libssh2/libssh2/tests/test_aa_warmup.c:4: + In file included from /Users/runner/work/libssh2/libssh2/tests/runner.h:42: + In file included from /Users/runner/work/libssh2/libssh2/tests/session_fixture.h:43: + /Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:649:5: error: type name requires a specifier or qualifier + LIBSSH2_AUTHAGENT_FUNC((*authagent)); + ^ + /Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:649:30: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int] + LIBSSH2_AUTHAGENT_FUNC((*authagent)); + ^ + /Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:650:5: error: type name requires a specifier or qualifier + LIBSSH2_ADD_IDENTITIES_FUNC((*addLocalIdentities)); + ^ + /Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:650:35: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int] + LIBSSH2_ADD_IDENTITIES_FUNC((*addLocalIdentities)); + ^ + /Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:651:5: error: type name requires a specifier or qualifier + LIBSSH2_AUTHAGENT_SIGN_FUNC((*agentSignCallback)); + ^ + /Users/runner/work/libssh2/libssh2/tests/../src/libssh2_priv.h:651:35: error: type specifier missing, defaults to 'int' [-Werror,-Wimplicit-int] + LIBSSH2_AUTHAGENT_SIGN_FUNC((*agentSignCallback)); + ^ + 6 errors generated. + ``` + + - `tests/session_fixture.h`: delete duplicate `libssh2.h`, + `libssh2_priv.h` already includes it. + + Follow-up to a683133dfe96de126194f58f183131a84c7d36a2 + + CI logs with these errors: + https://github.com/libssh2/libssh2/actions/runs/4824079094 + https://github.com/libssh2/libssh2/actions/runs/4824270819 + + curl's `macos.yml`: https://github.com/curl/curl/blob/da2470de96e94e1c8d276b9ae6e4c97c2cf54239/.github/workflows/macos.yml + + Tidying-up while here: + + - tests/session_fixture.h: delete duplicate `libssh2.h`. + `libssh2_priv.h` includes it already. + + Follow-up to a683133dfe96de126194f58f183131a84c7d36a2 + + - ci.yml: yamllint warnings and formatting. + + - ci.yml: msvc section formatting and step-naming sync with macOS. + + Follow-up to f4a4c05dc3bcd62ecaa1b0cac5997faefe16c83f + + - ci.yml: enable `--enable-werror` for msys2 jobs. + + Follow-up to 71cae949d577fdd632a271da0bec89f977dc5dd2 + + - appveyor.yml: show OpenSSL versions, link to image content. + + Closes #1013 + +- ci: convert `docker-bridge.bat` to shell script + + Convert `ci/appveyor/docker-bridge.bat` to a POSIX shell script. + + Also bump the tunnel to use ed25519 (was RSA-2048). + + Closes #997 + +- kex: use distinctive error strings + + Use unique error strings to help localize errors. + + Closes #1011 + +- tidy-up: C header use + + - drop unused or duplicate C headers. + - add missing ones (that worked by chance). + (`string.h`, `stdlib.h`) + - mention the functions that need certain headers. + - move some headers from crypto header to crypto C source. + - reorder headers in some places. + - simplify the #if tree for `sys/select.h` in `libssh2_priv.h`. + - move scp-specific macros next to their header to `scp.c` + Follow-up to 5db836b2a829c6fff1e8c7acaa4b21b246ae1757 + + Closes #999 + +- tidy-up: text nits, English contractions [ci skip] + + In input/output text and docs mostly. + +- ci: add MSVC and UWP builds to GitHub Actions + + - add MSVC jobs to GitHub Actions. They are similar to the 'Build-only' + jobs we have on AppVeyor CI, though only the ARM64 Windows one is + identical. Major disadvantage is that we don't run tests here. Major + advantage is they only take a few minutes to complete, compared to + an hour on AppVeyor, so WinCNG build results now appear quicker. + + Docker tests might be possible, but my light attempts failed. + Finding ZLIB also failed, so we still miss an MSVC test with it. + + Tool versions as of now: Server 2022, VS2022, OpenSSL 1.1.1 + + - add UWP builds for both ARM64 and x64. This hasn't been CI tested + before. + + (We could probably enable UWP on AppVeyor CI as well. + I haven't tried.) + + - fix two uncovered UWP issues in tests. + + - rename internal macro `LIBSSH2_WINDOWS_APP` to `LIBSSH2_WINDOWS_UWP`. + + Follow-up to 2addafb77b662e64248d156c71c69b91ba7b926e + + - fold long lines and quote truthy values in `.github/workflows/ci.yml`. + + Closes #1010 + +- session_fixture: avoid no-op `chdir(getcwd())` + + If no `FIXTURE_WORKDIR` macro or envvar is present to set the cwd, + avoid querying the cwd and then calling chdir with the result. + + Ref: 54bef4c5dad868a9d45fdbfca9729b191c0abab5 (patch) + Ref: 10a5cbf945abcc60153ee3d59284d09fc64ea152 (individual commit) + + Closes #1009 + +- tests/sshd_fixture.sh: convert back to POSIX + + There was no strong reason to require bash. Let's use POSIX shell + like before the recent overhaul. + + Follow-up to a459a25302a31f6e2aba3c4e15b1472b83b596fc + + Closes #1008 + +GitHub (26 Apr 2023) +- [Miguel de Icaza brought this change] + + If SFTP fails to initialize, do not busy loop waiting for IO to happen (#720) + + Currently SFTP's init will busy loop waiting for the channel to close, + even if the underlying transport returns EAGAIN. While this works for + sockets, it might not work out if you have a different transport that + needs to do some additional processing on the side. + + Integration-patches-by: Viktor Szakats + +Viktor Szakats (26 Apr 2023) +- docs: simplify `.TH` header & other cleanups [ci skip] + + - simplify `.TH` headers. + - delete empty lines before sections. + - update template with an `AVAILABILITY` section. + + Left libssh2 version number in the `.TH` header for entries without an + `AVAILABILITY` section, or where there was a different version number + there. + +- tidy-up: formatting nits [ci skip] + +- vms: fix to include `sys/socket.h` + + Due to a typo in the `HAVE_*` macro, this header was never included. + + A comment suggests that `socklen_t` is not defined on VMS and defines it + manually. This symbol is usually in `sys/socket.h`, so the typo may have + been the reason for it to be missing. + + Closes #1007 + +- build: fix `make distcheck` regressions + + - add #included C files to `EXTRA_DIST`. + + Regression from 4f0f4bff5a92dce6a6cd7a5600a8ee5660402c3f + + - fix `tests/sshd_fixture.sh` to not write into the test dir, by using + a pre-assembled `TrustedUserCAKeys` file. Update `Dockerfile` too to + use this. + + Regression from a459a25302a31f6e2aba3c4e15b1472b83b596fc + + Also update `tests/sshd_fixture.sh` to use + `openssh_server/authorized_keys` like `Dockerfile` does. And a few more + cosmetic updates. + + Closes #1006 + +- libssh2_priv.h: assume `HAVE_LONGLONG` + + Unless I'm missing something, it looks like `libssh2.h` has been using + `libssh2_int64_t` unconditionally since at least 2010-04-17 when + `libssh2_scp_send64()` landed via commit + be9ee7095e2d5021985f57d88f5f889d3c2b9d8f. + + This makes it redundant to detect `HAVE_LONGLONG` to fallback to a + 32-bit `scpRecv_size` in `libssh2_priv.h`. Then deal with possible + combinations of this flag and `strtoll()` options, which was + error-prone. + + Instead, assume in `libssh2_priv.h` that we have `libssh2_int64_t`, and + use it always. + + For MSVC, this means `_MSC_VER` `1310` (from year 2003) is now + required. Based on the above, this was already so before this patch. + + If there happens to be no 64-bit `strtoll()` detected, fall back to the + 32-bit `strtol()` (this should never happen with MSVC, and probably + neither with any other reasonably modern toolchain.) + + Also make sure to set `HAVE_STRTOI64` for older, non-CMake, MSVC builds + (e.g. `Makefile.mk` or `NMakefile` ones). + + Closes #1002 -- [Will Cosgrove brought this change] +GitHub (26 Apr 2023) +- [Miguel de Icaza brought this change] - global.c : fixed call to libssh2_crypto_exit #394 (#396) + fix a couple of small regressions (#1004) - * global.c : fixed call to libssh2_crypto_exit #394 + - openssl: fix potentially missing `ERR_*` constants by including + `openssl/err.h`. This could happen with recent version of Xcode + or when building against OpenSSL built with the `OPENSSL_NO_ENGINE` + option. - File: global.c + Regression from 097c8f0dae558643d43051947a1c35b65e1c5761 (#789) - Notes: Don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count is down to zero. + - channel: fix an issue that would corrupt the data stream when + attempting to initialize the agent in non-blocking mode, as it is + necessary to propagate the `EAGAIN` signal upstream when the transport + returns `EAGAIN`. - Credit: seba30 + Regression from bc4e619e76071393e466c29220fc4ef5764c2820 (#752) + + - packet: the current code does not set the state machine upon reaching + this point which means that if the code is suspended due to the + transport returning an `EAGAIN`, this will re-initialize the structure + every time. + + The issue is that this keeps assigning a new channel-id downstream, + which does not match the initial channel-id that is initially + generated, causing a lookup later to fail as there is no matching + channel. + + Regression from bc4e619e76071393e466c29220fc4ef5764c2820 (#752) -Will Cosgrove (30 Jul 2019) -- [hlefebvre brought this change] +Viktor Szakats (26 Apr 2023) +- tidy-up: `gettimeofday()` fallback and use + + Simplify the way we handle `gettimeofday()` fallback for platforms + without native support or without any support. Make it similar to + how we handle `snprintf()`. + + In case of no native `gettimeofday()` support and a non-Windows + platform, our local fallback returns zero in `tv_usec` and `tv_sec`, + ending up with a zero `timeout_remaining` in `session.c`, same as + before this patch. + + Also: + - drop unused `sys/time.h` headers. + - fix our fallback code to compile with any Windows compilers + (not just MSVC) + - delete unnecessary casts. + + Closes #1001 - misc.c : Add an EWOULDBLOCK check for better portability (#172) +- libssh2_priv.h: fix checksrc warning [ci skip] - File: misc.c + Regression from 9ef75298fae0728305d9d38ba1e3c838ad0513f7 + +- libssh2_priv.h: whitespace fixes cont. [ci skip] + +- libssh2_priv.h: whitespace fixes [ci skip] + +- cmake: use portable mkdir for tests/coverage target [ci skip] - Notes: Added support for all OS' that implement EWOULDBLOCK, not only VMS + Makes `make coverage` work without a POSIX mkdir. - Credit: hlefebvre + Tested locally. + + Ref: https://cmake.org/cmake/help/latest/manual/cmake.1.html#cmdoption-cmake-E-arg-make_directory -- [Etienne Samson brought this change] +- kex: fix overlapping memcpy() to memmove() + + Noticed this when libasan started kicking out errors when sending in + MACs preferences that were not supported yet. + + Reported-by: fourierules on github + Fixes #611 + Closes #1000 - userauth.c: fix off by one error when loading public keys with no id (#386) +- test/CMakeLists.txt: reuse `Makefile.am` librunner source list - File: userauth.c + Follow-up to a459a25302a31f6e2aba3c4e15b1472b83b596fc - Credit: - Etienne Samson + Closes #998 + +GitHub (25 Apr 2023) +- [Zenju brought this change] + + openssl: fix misleading error message if wrong passphrase (#789) - Notes: - Caught by ASAN: + Fixes #608 + +Viktor Szakats (25 Apr 2023) +- tidy-up: tiny nits [ci skip] + +- tests: improve running tests - ================================================================= - ==73797==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700001bcf0 at pc 0x00010026198d bp 0x7ffeefbfed30 sp 0x7ffeefbfe4d8 - READ of size 69 at 0x60700001bcf0 thread T0 - 2019-07-04 08:35:30.292502+0200 atos[73890:2639175] examining /Users/USER/*/libssh2_clar [73797] - #0 0x10026198c in wrap_memchr (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f98c) - #1 0x1000f8e66 in file_read_publickey userauth.c:633 - #2 0x1000f2dc9 in userauth_publickey_fromfile userauth.c:1513 - #3 0x1000f2948 in libssh2_userauth_publickey_fromfile_ex userauth.c:1590 - #4 0x10000e254 in test_userauth_publickey__ed25519_auth_ok publickey.c:69 - #5 0x1000090c3 in clar_run_test clar.c:260 - #6 0x1000038f3 in clar_run_suite clar.c:343 - #7 0x100003272 in clar_test_run clar.c:522 - #8 0x10000c3cc in main runner.c:60 - #9 0x7fff5b43b3d4 in start (libdyld.dylib:x86_64+0x163d4) + TL;DR: Sync test builds between autotools and CMake. Sync sshd + configuration between Docker and non-Docker fixtures. Bump up + sshd_config for recent OpenSSH releases. - 0x60700001bcf0 is located 0 bytes to the right of 80-byte region [0x60700001bca0,0x60700001bcf0) - allocated by thread T0 here: - #0 0x10029e053 in wrap_malloc (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x5c053) - #1 0x1000b4978 in libssh2_default_alloc session.c:67 - #2 0x1000f8aba in file_read_publickey userauth.c:597 - #3 0x1000f2dc9 in userauth_publickey_fromfile userauth.c:1513 - #4 0x1000f2948 in libssh2_userauth_publickey_fromfile_ex userauth.c:1590 - #5 0x10000e254 in test_userauth_publickey__ed25519_auth_ok publickey.c:69 - #6 0x1000090c3 in clar_run_test clar.c:260 - #7 0x1000038f3 in clar_run_suite clar.c:343 - #8 0x100003272 in clar_test_run clar.c:522 - #9 0x10000c3cc in main runner.c:60 - #10 0x7fff5b43b3d4 in start (libdyld.dylib:x86_64+0x163d4) + This also opens up the path to have non-Docker tests that use a + local sshd process. Though sshd is practically unusable on Windows + CI machines out of the box, so this will need further efforts. - SUMMARY: AddressSanitizer: heap-buffer-overflow (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f98c) in wrap_memchr - Shadow bytes around the buggy address: - 0x1c0e00003740: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fd fd - 0x1c0e00003750: fd fd fd fd fd fd fd fa fa fa fa fa 00 00 00 00 - 0x1c0e00003760: 00 00 00 00 00 00 fa fa fa fa 00 00 00 00 00 00 - 0x1c0e00003770: 00 00 00 fa fa fa fa fa fd fd fd fd fd fd fd fd - 0x1c0e00003780: fd fd fa fa fa fa fd fd fd fd fd fd fd fd fd fa - =>0x1c0e00003790: fa fa fa fa 00 00 00 00 00 00 00 00 00 00[fa]fa - 0x1c0e000037a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - 0x1c0e000037b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - 0x1c0e000037c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - 0x1c0e000037d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - 0x1c0e000037e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa - Shadow byte legend (one shadow byte represents 8 application bytes): - Addressable: 00 - Partially addressable: 01 02 03 04 05 06 07 - Heap left redzone: fa - Freed heap region: fd - Stack left redzone: f1 - Stack mid redzone: f2 - Stack right redzone: f3 - Stack after return: f5 - Stack use after scope: f8 - Global redzone: f9 - Global init order: f6 - Poisoned by user: f7 - Container overflow: fc - Array cookie: ac - Intra object redzone: bb - ASan internal: fe - Left alloca redzone: ca - Right alloca redzone: cb - Shadow gap: cc + Details: + + - cmake: run sshd fixture test just like autotool did already. + + - sync tests and their order between autotools and CMake. + + It makes `test_aa_warmup` the first test with both. + + - cmake: load test lists from `Makefile.am`. + + Needed to update the loader to throw away certain lines to keep the + converted output conform CMake syntax. Using regexp might be an + alternative way of doing this, but couldn't make it work. + + - cmake: use the official way to configure test environment variables. + Switch to syntax that's extendable. + + - cmake: allow to run the same test both under Docker and sshd fixture. + + Useful for testing the sshd fixture runner, or how the same test + behaves in each fixture. + + - update test fixture to read the username from `USER` envvar instead of + using the Dockfile-specific hardwired one, when running outside Docker. + + - rework `ssh2.sh` into `sshd_fixture.sh`, to: + + - allow running any tests (not just `test_ssh2`). + - configure Docker tests for running outside Docker. + - fixup `SSHD` path when running on Windows (e.g. in AppVeyor CI). + Fixes: `sshd re-exec requires execution with an absolute path` + - allow overriding `PUBKEY` and `PRIVKEY` envvars. + - allow overriding `ssh_config` via `SSHD_FIXTURE_CONFIG`. + + - prepare support for running multiple tests via sshd_fixture. + + Add a TAP runner for autotools and extend CMake logic. The TAP runner + loads the test list from `Makefile.am`. + + Notice however that on Windows, `sshd_fixture.sh` is very flaky with + GitHub Actions. And consistently broken for subsequent tests in + AppVeyor CI: + 'libssh2_session_handshake failed (-43): Failed getting banner' + + Another way to try is a single sshd instance serving all tests. + For CMake this would probably mean using an external script. + + - ed25519 test keys were identical for auth and host. Regenerate the + auth keypair to make them distinct. + + - sync the sshd environment between Docker and sshd_fixture. + + - use common via `openssh_server/sshd_config`. + - accept same auth keys. + - offer the same host keys. + - sync TrustedUserCAKeys. + - delete now unused keypairs: `etc/host*`, `etc/user*`. + - bump up startup delay for Windows (randomly, to 5 secs, from 3). + - delete `UsePrivilegeSeparation no` to avoid deprecation warnings. + `command-line line 0: Deprecated option UsePrivilegeSeparation` + - delete `Protocol 2` to avoid deprecation warnings. + It has been the default since OpenSSH 3.0 (2001-11-06). + - delete `StrictModes no` (CI tests work without it, Docker tests + never used it). + + - bump `Dockerfile` base image to `testing-slim` (from `bullseye-slim`). + + It needed `sshd_config` updates to keep things working with + OpenSSH 9.2 (compared to bullseye's 8.4). + + - replace `ChallengeResponseAuthentication` alias with + `KbdInteractiveAuthentication`. + The former is no longer present in default `sshd_config` since + OpenSSH 8.7 (2021-08-20). This broke the `Dockerfile` script. + The new name is documented since OpenSSH 4.9 (2008-03-31) + + - add `PubkeyAcceptedKeyTypes +ssh-rsa,ssh-dss,ssh-rsa-cert-v01@openssh.com` + and `HostKeyAlgorithms +ssh-rsa`. + + Original-patch-by: Eric van Gyzen (@vangyzen on github) + Fixes #691 + + There is a new name for `PubkeyAcceptedKeyTypes`: + `PubkeyAcceptedAlgorithms`. + It requires OpenSSH 8.5 (2021-03-03) and breaks some envs so we're + not using it just yet. + + - drop `rijndael-cbc@lysator.liu.se` tests and references from config. + + This is a draft alias for `aes256-cbc`. No need to test it twice. + Also this alias is no longer recognized by OpenSSH 8.5 (2021-03-03). + + - update `mansyntax.sh` and `sshd_fixture.sh` to not rely on `srcdir`. + + Hopefully this works with out-of-tree builds. + + - fix `test_read_algos.test` to honor CRLF EOLs in their inputs + (necessary when running on Windows.) + + - fix `test_read_algos.test` to honor `EXEEXT`. Might be useful when + running tests under cross-builds? + + - `test_ssh2.c`: + + - use libssh2 API to set blocking mode. This makes it support all + platforms. + - adapt socket open timeout logic from `openssh_fixture.c`. + Sadly this did not help fix flakiness on GHA Windows. + + - tests: delete unused C headers and variable initialization. + + - delete unused test files: `sshd_fixture.sh.in`, `sshdwrap`, + `etc/sshd_config`. + + Ref: cf80f2f4b5255cc85a04ee43b27a29c678c1edb1 + + - autotools: delete stray `.c` test sources from `EXTRA_DIST` in tests. + + - `tests/.gitignore`: drop two stray tests. + + - autotools: fix passing `SSHD` containing space (Windows needs this). + + - autotools: sort `EXTRA_DIST` in tests. + + - cmake: fix to add `test_ssh2` to `TEST_TARGETS`. + + - fix `authorized_key` order in `tests/gen_keys.sh`. + + - silence shellcheck warning in `ci/checksrc.sh`. + + - set `SSHD` for autotools on GitHub Actions Windows. [skipped] + + Auto-detection doesn't work (maybe because sshd is installed via + Git for Windows and we're using MSYS2's shell.) + + It enables running sshd fixture (non-Docker) tests in these jobs. + + I did not include this in the final patch due to flakiness: + ``` + Connection to 127.0.0.1:4711 attempt #0 failed: retrying... + Connection to 127.0.0.1:4711 attempt #1 failed: retrying... + Connection to 127.0.0.1:4711 attempt #2 failed: retrying... + Failure establishing SSH session: -43 + ``` + + Can be enabled with: + `export SSHD='C:/Program Files/Git/usr/bin/sshd.exe'` + + Closes #996 + +- ci: reduce algo test runtime on AppVeyor + + Make the block count customizable in `test_read` via environment + `FIXTURE_XFER_COUNT`. + + Set the custom count lower than the default when running on AppVeyor. + + The goal is to reduce CI roundtrip times. + + Closes #995 + +GitHub (22 Apr 2023) +- [Michael Buckley brought this change] + + Agent forwarding implementation (#752) + + This PR contains a series of patches that date back many years and I + believe were discussed on the mailing list, but never merged. We have + been using these in our local copy of libssh2 without issue since 2015, + if not earlier. I believe this is the full set of changes, as we tried + to use comments to mark where our copy of libssh2 differs from the + canonical version. + + This also contains changes I made earlier this year, but which were not + discussed on the mailing list, to support certificates and FIDO2 keys + with agent forwarding. + + Note that this is not a complete implementation of agent forwarding, as + that is outside the scope of libssh2. Clients still need to provide + their own implementation that parses ssh-agent methods after calling + libssh2_channel_read() and calls the appropriate callback messages in + libssh2. See the man page changes in this PR for more details. + + Integration-patches-by: Viktor Szakats + + * prefer size_t + * prefer unsigned int over u_int in public function + * add const + * docs, indent, checksrc, debug call, compiler warning fixes + +Viktor Szakats (21 Apr 2023) +- ci: add Windows Server 2016 into the test mix + + We had Windows Server 2012 R2 (8.1) and Windows Server 2019 (10) before + this patch. After, we also have Windows Server 2016 (10). + + The WinCNG flakey tests should have a better chance when running on the + newer OS. + + This update does not change the compiler mix. + + Also change the test fixture to not use the `--quiet` option with the + `docker pull` commant. This option requires docker v19.03, and + AppVeyor's Visual Studio 2017 image doesn't support it. Log output did + not change without `--quiet`, so it seems safe to delete it. In case + we'd need it, another solution is to retry without `--quiet` if the + command fails. docker's exit status is 125 in that case. + + Ref: https://github.com/libssh2/libssh2/issues/804#issuecomment-1515232799 + Ref: https://www.appveyor.com/docs/windows-images-software/ + + Closes #994 + +- build: add autotools test_read support and more + + Keep a single list for mac and crypt algos that we use in both CMake + and autotools. Use the same test names across build tools. + + Use the TAP protocol to track individual tests run from a single shell + script. + + Also: + + - enable the rest of our tests with autotools. + + - set `make check` verbose to see errors in case they happen. + + - silence stray 'command not found' error when running `mansyntax.sh` + on Windows. + + GitHub Actions Windows docker tests disabled due to: + ``` + Command: docker build --quiet -t libssh2/openssh_server ../tests/openssh_server + Error running command 'docker build --quiet -t libssh2/openssh_server ../tests/openssh_server' (exit 1): Sending build context to Docker daemon 22.02kB + Step 1/42 : FROM debian:bullseye-slim + bullseye-slim: Pulling from library/debian + no matching manifest for windows/amd64 10.0.20348 in the manifest list entries + Failed to build docker image + ``` + + Closes #993 + +- cmake: restore a dash char in comment [ci skip] + + It's a CMake comment header convention. + +GitHub (21 Apr 2023) +- [Dan Fandrich brought this change] + + tests: add AES-GCM protocol read tests (#992) + + Closes #992 + +- [Viktor Szakats brought this change] + + support encrypt-then-mac (etm) MACs (#987) + + Support for calculating MAC (message authentication code) on encrypted + data instead of plain text data. + + This adds support for the following MACs: + - `hmac-sha1-etm@openssh.com` + - `hmac-sha2-256-etm@openssh.com` + - `hmac-sha2-512-etm@openssh.com` + + Integration-patches-by: Viktor Szakats + + * rebase on master + * fix checksec warnings + * fix compiler warning + * fix indent/whitespace/eol + * rebase/manual merge onto AES-GCM patch #797 + * more manual merge of `libssh2_transport_send()` based + on dfandrich/shellfish + + Fixes #582 + Closes #655 + Closes #987 + +Viktor Szakats (20 Apr 2023) +- docs: fix typo in argument name [ci skip] + +- [Keith Dart brought this change] + + channel: add support for "signal" message + + Can send specific signals to remote process. Allows for slightly + improved remote process management, if the server supports it. + + Integration-patches-by: Viktor Szakats + + * doc updates + * change `signame_len` to `size_t` + * variable scopes + * fix checksrc warnings + + Closes #672 + Closes #991 + +- crypto: add `LIBSSH2_NO_AES_CBC` option + + Also rename internal `LIBSSH2_AES` to `LIBSSH2_AES_CBC`. + + Follow-up to 857e431648df6edcb3e17138d877f2e65d2d769d + + Closes #990 + +- tidy-up: indentation fixes [ci skip] + +GitHub (20 Apr 2023) +- [Dan Fandrich brought this change] + + Add support for AES-GCM crypto protocols (#797) + + Add support for aes256-gcm@openssh.com and aes128-gcm@openssh.com + ciphers, which are the OpenSSH implementations of AES-GCM cryptography. + It is similar to RFC5647 but has changes to the MAC protocol + negotiation. These are implemented for recent versions of OpenSSL only. + + The ciphers work differently than most previous ones in two big areas: + the cipher includes its own integrated MAC, and the packet length field + in the SSH frame is left unencrypted. The code changes necessary are + gated by flags in the LIBSSH2_CRYPT_METHOD configuration structure. + + These differences mean that both the first and last parts of a block + require special handling during encryption. The first part is where the + packet length field is, which must be kept out of the encryption path + but in the authenticated part (as AAD). The last part is where the + Authentication Tag is found, which is calculated and appended during + encryption or removed and validated on decryption. As encryption/ + decryption is performed on each packet in a loop, one block at a time, + flags indicating when the first and last blocks are being processed are + passed down to the encryption layers. + + The strict block-by-block encryption that occurs with other protocols is + inappropriate for AES-GCM, since the packet length shifts the first + encrypted byte 4 bytes into the block. Additionally, the final part of + the block must contain the AES-GCM's Authentication Tag, so it must be + presented to the lower encryption layer whole. These requirements mean + added code to consolidate blocks as they are passed down. + + When AES-GCM is negotiated as the cipher, its built-in MAC is + automatically used as the SSH MAC so further MAC negotiation is not + necessary. The SSH negotiation is skipped when _libssh2_mac_override() + indicates that such a cipher is in use. The virtual MAC configuration + block mac_method_hmac_aesgcm is then used as the MAC placeholder. + + This work was sponsored by Anders Borum. + + Integration-patches-by: Viktor Szakats + + * fix checksrc errors + * fix openssl.c warning + * fix transport.c warnings + * switch to `LIBSSH2_MIN/MAX()` from `MIN()`/`MAX()` + * fix indent + * fix libgcrypt unused warning + * fix mbedtls unused warning + * fix wincng unused warning + * fix old openssl unused variable warnings + * delete blank lines + * updates to help merging with the ETM patch + +Viktor Szakats (20 Apr 2023) +- tidy-up: align comments [ci skip] + +- tidy-up: whitespace nits [ci skip] + +- crypto: add/fix algo guards and extend `NO` options + + Add new guard `LIBSSH2_RSA_SHA1`. Add missing guards for `LIBSSH2_RSA`, + `LIBSSH2_DSA`. + + Fix warnings when all options are disabled. + + This is still not complete and it's possible to break a build with + certain crypto backends (e.g. mbedTLS) and/or combination of options. + It's not guaranteed that all bits everywhere get disabled by these + settings. Consider this a "best effort". + + Add these new options to disable certain crypto elements: + - `LIBSSH2_NO_3DES` + - `LIBSSH2_NO_AES_CTR` + - `LIBSSH2_NO_BLOWFISH` + - `LIBSSH2_NO_CAST` + - `LIBSSH2_NO_ECDSA` + - `LIBSSH2_NO_RC4` + - `LIBSSH2_NO_RSA_SHA1` + - `LIBSSH2_NO_RSA` + + The goal is to offer a way to disable legacy/obsolete/insecure ones. + + See also: 146a25a06dd2365a4330dad34fefcdcee1a206aa `LIBSSH2_NO_HMAC_RIPEMD` + See also: 38015f4e46d8dbeea522dc7ee664522d4f47fc75 `LIBSSH2_NO_DSA` + See also: be31457f3071686b555a0f0b19e5dcf63d67fc27 `LIBSSH2_NO_MD5` + + Closes #986 + +- scp: fix typo in comments [ci skip] + + Follow-up to 0a500b3554c29451708353279eefce750f4bca6c + +- base64: do not use `snprintf()` on encoding + + This also significantly (by 7-8x in my limited tests with a short + string) speeds up this function. The impact is still minor as this + function is only used in `knownhost.c` in release builds. + + Closes #985 + +- wincng: constify data arg of `libssh2_wincng_hash()` + + Tested in #979 + +- wincng: fix unused variables with `LIBSSH2_RSA_SHA2` disabled + + Tested in #979 + +- ci: delete config elements for unused 32-bit Linux builds + + They have been disabled since d9b4222ef1c5ab9b9e499fe6234556e5cca7c4fe + + Tested in #979 + +- ci: enable FIXTURE_TRACE_ALL_CONNECT for WinCNG tests + + To hopefully help finding the WinCNG hostkey verification + intermittent failure #804. + + Tested in #979 + +- tests: add `FIXTURE_TRACE_ALL_CONNECT` option + + Works like the `FIXTURE_TRACE_ALL` envvar, but enables full trace for + the connection phase only. + + Also fix a possible NULL deref with `FIXTURE_TRACE_ALL` and a failed + `libssh2_session_init_ex()`. + + Tested in #979 + +- ci: really enable logging in AppVeyor CMake builds + + `CONFIGURATION` was never passed to the cmake command, so it had + never enabled logging when set to `Debug`. + + Also `CONFIGURATION` is ambiguous depending on the "generator" used + by CMake. In case of Visual Studio, this is a build/ctest-time + setting, not a cmake-config parameter. + + So set this permanently to `Release` and enable logging via our + dedicated CMake option `ENABLE_DEBUG_LOGGING`. + + Tested in #979 + +- HACKING-CRYPTO: fix stray whitespace + +- tidy-up: fix more nits + + - fix indentation errors. + - reformat `cmake/FindmbedTLS.cmake` + - replace a macro with a variable in `example/sftp_RW_nonblock.c`. + - delete macOS macro `_DARWIN_USE_64_BIT_INODE` from the + OS/400 config header, `os400/libssh2_config.h`. + - fix other minor nits. + + Closes #983 -- [Thilo Schulz brought this change] +- mansyntax: make it work on macOS, check reqs locally + + - use `gman` alias if present. This makes it work when the correct `man` + command is provided via `brew` on macOS. + + - move CMake attempts to detect tools necessary to run `mansyntax.sh` + into the script itself. + + - delete CMake TODO to move more test logic into CMake. This would make + it CMake-specific and require maintaining it separately for each build + tool. Just use our external script when a POSIX shell is available. + + Closes #982 - openssl.c : Fix use-after-free crash on reinitialization of openssl backend +- cmake: dedupe setting `-DHAVE_CONFIG_H` - file : openssl.c + Move `libssh2_config.h` generation and setting `-DHAVE_CONFIG_H` to + the root `CMakeFile.txt`. - notes : - libssh2's openssl backend has a use-after-free condition if HAVE_OPAQUE_STRUCTS is defined and you call libssh2_init() again after prior initialisation/deinitialisation of libssh2 + Also move symbol hiding setup there. It needs to be done before + generating the config file for `LIBSSH2_API` value to be set in it. - credit : Thilo Schulz + After this change the `HIDE_SYMBOLS` setting is accepted without an + annoying CMake warning when not actually building a shared libssh2 lib. + + Closes #981 -- [axjowa brought this change] +- build: assume non-blocking I/O on Windows + + Drop checks from Windows builds and enable it based on `WIN32`. + + This saves detection time and also makes 3rd party builds simpler. + + Also: + + - delete `HAVE_DISABLED_NONBLOCKING`, that we used in build tools to + explicitly disable an explicit `#error` in `session.c`. + + - replace existing `WSAEWOULDBLOCK` check for Windows support with + `WIN32`. Cleaner with the same result. + + Follow-up to f1e80d8d8ce9570d81836da96ba02f4d4552a7b3 + Follow-up to 5644eea2161b17f7c16e18f3a10465ebb217ca1f + + Closes #980 - openssl.h : Use of ifdef where if should be used (#389) +- ci: rename Logging to Debug in AppVeyor + +- switch to internal base64 decode that uses size_t - File : openssl.h + Make the public `libssh2_base64_decode()` a wrapper for that. + Bump up length sizes in callers. - Notes : - LIBSSH2_ECDSA and LIBSSH2_ED25519 are always defined so the #ifdef - checks would never be false. + Also fix output size calculation to first divide then multiply. - This change makes it possible to build libssh2 against OpenSSL built - without EC support. + Closes #978 + +- tests: switch to debian:bullseye-slim in Dockerfile - Change-Id: I0a2f07c2d80178314dcb7d505d1295d19cf15afd + 'slim' provides all we need, with less bloat. - Credit : axjowa + Tested in #976 + + Follow-up to 78cb64a85955f2cd9700c4fbad3f02d589dd7169 -- [Zenju brought this change] +- tests: build improvements and more + + - rename tests to have more succint names and a more useful natural + order. + + - rename `simple` and `ssh2` in tests to have the `test_` prefix. + + This avoids a name collisions with `ssh2` in examples. + + - cmake: drop the `example-` prefix for generated examples. + + Bringing their names in sync with other build tools, like autotools. + + - move common auth test code into the fixture and simplify tests by + using that. + + - move feature guards from CMake to preprocessor for auth tests. + + Now it works with all build tools and it's easier to keep it in sync + with the lib itself. + + For this we need to include `libssh2_priv.h` in tests, which in turn + needs tweaking on the trick we use to suppress extra MSVS warnings + when building tests and examples. + + - move mbedTLS blocklist for crypto tests from CMake to the test + fixture. + + - add ed25519 hostkey tests to `test_hostkey` and `test_hostkey_hash`. + + - add shell script to regenerate all test keys used for our tests. + + - alpha-sort tests. + + - rename `signed_*` keys to begin with `key` like the rest of the keys + do. + + - whitespace fixes. + + Closes #969 - Agent.c : Preserve error info from agent_list_identities() (#374) +- autotools: rename a variable - Files : agent.c + To match its counterpart we use for clang and to better match + the original code in curl. - Notes : - Currently the error details as returned by agent_transact_pageant() are overwritten by a generic "agent list id failed" message by int agent_list_identities(LIBSSH2_AGENT* agent). + Follow-up to ec0feae7920d695ce234a5aba13014bf29824c09 - Credit : - Zenju + Closes #977 -- [Who? Me?! brought this change] +- ssh2.sh: revert likely wrong quoting [ci skip] + + Follow-up to 50124428509ffc2f5d08d8d3c152fa36546c9a75 - Channel.c: Make sure the error code is set in _libssh2_channel_open() (#381) +- build: add `-Wbad-function-cast` picky warning - File : Channel.c + Also adjust minimum gcc versions in comment. - Notes : - if _libssh2_channel_open() fails, set the error code. + Closes #975 + +- tests: restore debian:bullseye in Dockerfile - Credit : - mark-i-m + Follow-up to 78cb64a85955f2cd9700c4fbad3f02d589dd7169 -- [Orgad Shaneh brought this change] +- session: simplify preprocessor logic + + - by using #elif + - by merging two blocks + + Closes #972 - Kex.c, Remove unneeded call to strlen (#373) +- tests: try debian:testing for Dockerfile - File : Kex.c + Follow-up to 78cb64a85955f2cd9700c4fbad3f02d589dd7169 + +- src: add and use `LIBSSH2_MIN/MAX` macros - Notes : - Removed call to strlen + Also for #797 - Credit : - Orgad Shaneh + Closes #974 -- [Pedro Monreal brought this change] +- tests: switch Dockerfile to debian:testing-slim + + From debian:bullseye + + - doesn't need manual bumps. + - is ahead of stable and should be stable enough for our purpose. + - slim is saving resources. + + Closes #971 - Spelling corrections (#380) +- cmake: optimize non-blocking tests on WIN32/non-WIN32 - Files : - libssh2.h, libssh2_sftp.h, bcrypt_pbkdf.c, mbedtls.c, sftp.c, ssh2.c + Skip testing unixy methods on Windows and vice versa. - Notes : - * Fixed misspellings + I continue to assume that CMake doesn't define `WIN32` with Cygwin + (as Cygwin doesn't define `_WIN32`/`WIN32` for C), though I haven't + tested this. - Credit : - Pedro Monreal + Closes #970 -- [Sebastián Katzer brought this change] +GitHub (15 Apr 2023) +- [Jörgen Sigvardsson brought this change] - Fix Potential typecast error for `_libssh2_ecdsa_key_get_curve_type` (#383) + scp: option to not quote paths (#803) - Issue : #383 + A new flag named `LIBSSH2_FLAG_QUOTE_PATHS` has been added, to make + libssh2 not quote file paths sent to the remote's scp subsystem. Some + custom ssh daemons cannot handle quoted paths, and this makes this flag + useful. - Files : hostkey.c, crypto.h, openssl.c + Authored-by: Jörgen Sigvardsson + +Viktor Szakats (15 Apr 2023) +- cmake: make Windows builds initialize faster - Notes : - * Fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type` - * Rename _libssh2_ecdsa_key_get_curve_type to _libssh2_ecdsa_get_curve_type + By skipping unixy header checks that always fail with + the MSVC toolchain or all Windows toolchains. - Credit : - Sebastián Katzer + Closes #968 -GitHub (20 Jun 2019) -- [Will Cosgrove brought this change] +- cmake: use a single build rule for all tests + + - use the complete filename of test sources in the input list. + + - build all tests with the ability to access libssh2 internals. + + This is necessary for `test_keyboard_interactive_auth_info_request` + now and might be necessary for others in the future, e.g. to avoid + the depreacted public base64 decoding API. + + - move `test_keyboard_interactive_auth_info_request` into the main + test build loop. + + - move `simple` into the main test build loop too. + + - build `ssh2` also in static mode. + + - cleanup the way we detect and enable gcov. + + - fix indentation. + + Closes #967 - bump copyright date +- tidy-up: more whitespace in src + + Closes #966 -Version 1.9.0 (19 Jun 2019) +- checksrc: fix `EQUALSNULL` warnings + + `s/([a-z0-9._>*-]+) == NULL/!\1/g` + + Closes #964 -GitHub (19 Jun 2019) -- [Will Cosgrove brought this change] +- Makefile.am: add new OS400 header [ci skip] + + Follow-up to 6dc42e9d625deb816a051d312d09e68926959e78 - 1.9 Formatting +- checksrc: fix `NOTEQUALSZERO` warnings + + Closes #963 -- [Will Cosgrove brought this change] +- checksrc: fix `SIZEOFNOPAREN` warnings + + `s/sizeof ([a-z0-9._>*-]+)/sizeof(\1)/g` + + Closes #962 - 1.9 Release notes +- crypto: add `LIBSSH2_NO_HMAC_RIPEMD` option + + See also: 38015f4e46d8dbeea522dc7ee664522d4f47fc75 + See also: be31457f3071686b555a0f0b19e5dcf63d67fc27 + + Ref: https://github.com/stribika/stribika.github.io/issues/46 + + Closes #965 -Will Cosgrove (17 May 2019) -- [Alexander Curtiss brought this change] +- tidy-up: example, tests continued + + - fix skip auth if `userauthlist` is NULL. + Closes #836 (Reported-by: @sudipm-mukherjee on github) + - fix most silenced `checksrc` warnings. + - sync examples/tests code between each other. + (output messages, error handling, declaration order, comments) + - stop including unnecessary headers. + - always deinitialize in case of error. + - drop some redundant variables. + - add error handling where missing. + - show more error codes. + - switch `perror()` to `fprintf()`. + - fix some `printf()`s to be `fprintf()`. + - formatting. + + Closes #960 - libgcrypt.c : Fixed _libssh2_rsa_sha1_sign memory leak. (#370) +- src: fix indentation of macro definitions (follow-up) - File: libgcrypt.c + Follow-up to d5438f4ba9036e8028f35258dd1ab97cc2edb37c + +- src: fix indentation of macro definitions - Notes : Added calls to gcry_sexp_release to free memory allocated by gcry_sexp_find_token + And some comment cleanup. - Credit : - Reporter : beckmi - PR by: Alexander Curtiss + Closes #958 -- [Orivej Desh brought this change] +- example/ssh2_exec: drop conditional code for deprecated API - libssh2_priv.h : Fix musl build warning on sys/poll.h (#346) +GitHub (13 Apr 2023) +- [monnerat brought this change] + + Make OS/400 implementation work again (#953) - File : libssh2_priv.h + * os400: support QADRT development files in a non-standard directory - Notes : - musl prints `redirecting incorrect #include to ` - http://git.musl-libc.org/cgit/musl/commit/include/sys/poll.h?id=54446d730cfb17c5f7bcf57f139458678f5066cc + This enables the possibility to compile libssh2 even if the ascii + runtime development files are not installed system-wide. - poll is defined by POSIX to be in poll.h: - http://pubs.opengroup.org/onlinepubs/7908799/xsh/poll.html + * userauth_kbd_packet: fix a pointer target type mismatch. - Credit : Orivej Desh - -GitHub (1 May 2019) -- [Will Cosgrove brought this change] + A temporary variable matching the parameter type is used before copying + to the real target and checking for overflow (that should not occur!). + + * os400qc3: move and fix big number procedures + + A bug added by a previous code style cleaning is fixed. + _libssh2_random() now checks and return the success status. + + * os400qc3: fix cipher definition block lengths + + They were wrongly set to the key size. + + * Diffie-Hellman min/max modulus sizes are dependent of crypto-backend + + In particular, os400qc3 limits the maximum group size to 2048-bits. + Move definitions of these parameters to crypto backend header files. + + * kex: return an error if Diffie-Hellman key pair generation fails + + * os400: add an ascii assert.h header file + + * os400qc3: implement RSA SHA2 256/512 - kex.c : additional bounds checks in diffie_hellman_sha1/256 (#361) +Viktor Szakats (13 Apr 2023) +- sftp: add open functions with custom attribute support - Files : kex.c, misc.c, misc.h + Before this patch, libssh2 sent hardcoded `LIBSSH2_SFTP_ATTRIBUTES` + struct on handle open. This can be problematic on some special OS, + where the file size should be known on new file creation. I added + two new functions to resolve this issue. - Notes : - Fixed possible out of bounds memory access when reading malformed data in diffie_hellman_sha1() and diffie_hellman_sha256(). + Patch-by: @vajdaakos on github via #506 - Added _libssh2_copy_string() to misc.c to return an allocated and filled char buffer from a string_buf offset. Removed no longer needed s var in kmdhgGPshakex_state_t. + Changes compared to #506: + - drop attr size fixup in favour of #946. + - move `memcpy()` under the state where we need it. + - bump filename length type to `size_t`. + - fix filenames in documentation and other nits. + + Closes #506 + Closes #947 -Will Cosgrove (26 Apr 2019) -- [Tseng Jun brought this change] +- build: speed up and extend picky compiler options + + Implement picky warnings with clang in autotools. Extend picky gcc + warnings, sync them between build tools and compilers and greatly + speed up detection in CMake. + + - autotools: enable clang compiler warnings with `--enable-debug`. + + - autotools: enable more gcc compiler warnings with `--enable-debug`. + + - autotools/cmake: sync compiler warning options between gcc and clang. + + - sync compiler warning options between autotools and cmake. + + - cmake: reduce option-checks to speed up the detection phase. + Bring them down to 3 (from 35). Leaving some checks to keep the + CMake logic alive and for an easy way to add new options. + + clang 3.0 (2011-11-29) and gcc 2.95 (1999-07-31) now required. + + - autotools logic copied from curl, with these differences: + + - delete `-Wimplicit-fallthrough=4` due to a false positive. + + - reduce `-Wformat-truncation=2` to `1` due to a false positive. + + - simplify MinGW detection for `-Wno-pedantic-ms-format`. + + - cmake: show enabled picky compiler options (like autotools). + + - cmake: do compile `tests/simple.c` and `tests/ssh2.c`. + + - fix new compiler warnings. + + - `tests/CMakeLists.txt`: fix indentation. + + Original source of autotools logic: + - https://github.com/curl/curl/blob/a8fbdb461cecbfe1ac6ecc5d8f6cf181e1507da8/acinclude.m4 + - https://github.com/curl/curl/blob/a8fbdb461cecbfe1ac6ecc5d8f6cf181e1507da8/m4/curl-compilers.m4 + + Notice that the autotools implementation considers Apple clang as + legacy clang 3.7. CMake detection works more accurately, at the same + time more error-prone and difficult to update due to the sparsely + documented nature of Apple clang option evolution. + + Closes #952 - sftp.c : sftp_bin2attr() Correct attrs->gid assignment (#366) +- include: delete leading underscore from macro name - Regression with fix for #339 + It can cause compiler warnings in 3rd-party code. - Credit : Tseng Jun + Follow-up to 59666e03f04927e5fe3e8d8772d40729f63c570e + + Closes #957 -- [Tseng Jun brought this change] +- ci: use OpenSSL 3 on AppVeyor VS2022 images + + Closes #954 - kex.c : Correct type cast in curve25519_sha256() (#365) +- build: be friendly with 3rd-party build tools + + After recent build changes, 3rd party build that took the list of + C source to compile them as-is, stopped working as expected, due to + `blowfish.c` and crypto-backend C sources no longer expected to compile + separately but via `bcrypt_pbkdf.c` and `crypto.c`, respectively. + + This patch ensures that compiling these files directly result in an + empty object instead of redundant code and duplicated symbols. + + Also: + - add a compile-time error if none of the supported crypto backends + are enabled. + - fix `libssh2_crypto_engine()` for wolfSSL and os400qc3. + Rearrange code to avoid a hard-to-find copy of crypto-backend + selection guards. + + Follow-up to 4f0f4bff5a92dce6a6cd7a5600a8ee5660402c3f + Follow-up to ff3c774e03585252b70a9ee0fcf254de7b14a767 + + Closes #951 -GitHub (24 Apr 2019) -- [Will Cosgrove brought this change] +- sftp: calculate attr size based on attr content in `sftp_open()` + + Improve robustness by replacing constant argument of `sftp_attrsize()` + in `sftp_open()` with the actual `flag` value read from the `attr` we + plan to transfer. Restores state of this before + 37624b61e3ec4aa65a608800613d00b55ced56d7. + + Prerequisite for #947, #506. + + Also improve readability a bit and link to SFTP specs. Delete comment + about version 6: The latest spec no longer features the mentioned + "DO NOT IMPLEMENT" notice. + + Closes #946 - transport.c : scope local total_num var (#364) +- man: fixups - file : transport.c - notes : move local `total_num` variable inside of if block to prevent scope access issues which caused #360. + - add missing `.fi` tags. + - fix misplaced `.nf` tags. + - add `.nf`/`.fi` tags `SYNOPSIS` where missing. + - fix missing/wrong function name from `SH NAME`. + - fix wrong function name in `TH`. + - keep return values in a separate line. + - indent. + - fold long lines. + - deleted `libssh2_channel_direct_streamlocal()`, there is no such function. + - add missing types. + - add missing headers. + + Closes #949 -Will Cosgrove (24 Apr 2019) -- [doublex brought this change] +- include: indentation fixes - transport.c : fixes bounds check if partial packet is read +- tidy-up: misc & minor cmake MSVS fix - Files : transport.c + - `libssh2.rc`: document language/codepage codes. - Issue : #360 + Ref: https://learn.microsoft.com/windows/win32/intl/code-page-identifiers - Notes : - 'p->total_num' instead of local value total_num when doing bounds check. + - convert to Markdown: `docs/BINDINGS`, `docs/HACKING` - Credit : Doublex - -GitHub (23 Apr 2019) -- [Will Cosgrove brought this change] - - Editor config file for source files (#322) + Blind update for `vms/libssh2_make_help.dcl`. Please double-check. - Simple start to an editor config file when editing source files to make sure they are configured correctly. + - cmake: fix to recognize dash-style warning options (`-Wn`) with MSVC. + + - `NMakefile`: sync `rd` command with `Makefile.mk`. + + - delete a CVS header. + + - cmake: simplify a `LIBSSH2_HAVE_ZLIB` macro. + + - few other nits and whitespace mods. + + Closes #943 -- [Will Cosgrove brought this change] +GitHub (10 Apr 2023) +- [Viktor Szakats brought this change] - misc.c : String buffer API improvements (#332) + Support for direct-streamlocal@openssh.com UNIX socket connection (#945) - Files : misc.c, hostkey.c, kex.c, misc.h, openssl.c, sftp.c + This patch allow to use direct-streamlocal service from OpenSSH 6.7, + that allows UNIX socket connections. - Notes : - * updated _libssh2_get_bignum_bytes and _libssh2_get_string. Now pass in length as an argument instead of returning it to keep signedness correct. Now returns -1 for failure, 0 for success. + Mods: + - delete unrelated condition: + Ref: https://github.com/libssh2/libssh2/pull/216#discussion_r374748111 + - rebase on master, whitespace updates. - _libssh2_check_length now returns 0 on success and -1 on failure to match the other string_buf functions. Added comment to _libssh2_check_length. + Patch-by: @gjalves Gustavo Junior Alves - Credit : Will Cosgrove + Closes #216 + Closes #632 + Closes #945 -Will Cosgrove (19 Apr 2019) -- [doublex brought this change] +Viktor Szakats (10 Apr 2023) +- build: support `libssh2.rc` with autotools + + Caveat: When building `--enable-static` and `--enable-shared` at the + same time, the compiled Windows resource is also included in the + static library. This appears to be an autotools limitation, with no + way to have different input lists (or different custom options) for + shared and static libraries, even though it builds them separately. + + The workaround is to build static libraries in a separate + `./configure` + `make` pass. + + Closes #944 - mbedtls.c : _libssh2_mbedtls_rsa_new_private_frommemory() allow private-key from memory (#359) +- crypto: add `LIBSSH2_NO_DSA` to disable DSA support - File : mbedtls.c + See also: be31457f3071686b555a0f0b19e5dcf63d67fc27 - Notes: _libssh2_mbedtls_rsa_new_private_frommemory() fixes private-key from memory reading to by adding NULL terminator before parsing; adds passphrase support. + Closes #942 + +- build: unify source lists - Credit: doublex + - introduce `src/crypto.c` as an umbrella source that does nothing else + than include the selected crypto backend source. Moving this job from + the built-tool to the C preprocessor. + + - this allows dropping the various techniques to pick the correct crypto + backend sources in autotools, CMake and other build method. Including + the per-backend `Makefile..inc` makefiles. + + - copy a trick from curl and instead of maintaining duplicate source + lists for CMake, convert the GNU Makefile kept for autotools + automatically. Do this in `docs`, `examples` and `src`. + + Ref: https://github.com/curl/curl/blob/dfabe8bca218d2524af052bd551aa87e13b8a10b/CMakeLists.txt#L1399-L1413 + + Also fixes missing `libssh2_setup.h` from `src/CMakeFiles.txt` after + 59666e03f04927e5fe3e8d8772d40729f63c570e. + + - move `Makefile.inc` from root to `src`. + + - reformat `src/Makefile.inc` to list each source in separate lines, + re-align the continuation character and sort the lists alphabetically. + + - update `docs/HACKING-CRYPTO` accordingly. + + - autotools: update the way we add crypto-backends to `LIBS`. + + - delete old CSV headers, indent, and merge two lines in + `docs/Makefile.am` and `src/Makefile.am`. + + - add `libssh2.pc` to `.gitignore`, while there. + + Closes #941 + +GitHub (9 Apr 2023) +- [Zenju brought this change] -- [Ryan Kelley brought this change] + sftp: always clear protocol error (#787) - Session.c : banner_receive() from leaking when accessing non ssh ports (#356) +Viktor Szakats (9 Apr 2023) +- cmake: add `HIDE_SYMBOLS` option & do symbol hiding on *nix - File : session.c + - implement symbol hiding on non-Windows platforms. - Release previous banner in banner_receive() if the session is reused after a failed connection. + The essence of the detection logic was copied from: + https://github.com/curl/curl/blob/dfabe8bca218d2524af052bd551aa87e13b8a10b/CMake/CurlSymbolHiding.cmake - Credit : Ryan Kelley - -GitHub (11 Apr 2019) -- [Will Cosgrove brought this change] - - Formatting in agent.c + Then simplified and shortened. This method doesn't require a recent + CMake version, nor an external, auto-generated C header. - Removed whitespace. - -- [Will Cosgrove brought this change] - - Fixed formatting in agent.c + Move `configure_file()` after `set(LIBSSH2_API ...)`, for the config + file to pick up `LIBSSH2_API`s value. - Quiet linter around a couple if blocks and pointer. - -Will Cosgrove (11 Apr 2019) -- [Zhen-Huan HWANG brought this change] - - sftp.c : discard and reset oversized packet in sftp_packet_read() (#269) + Closes #602 - file : sftp.c + - add CMake option `HIDE_SYMBOLS`. - notes : when sftp_packet_read() encounters an sftp packet which exceeds SFTP max packet size it now resets the reading state so it can continue reading. + This setting means to hide non-public functions from the libssh2 + dynamic library when set to `ON`. The default. - credit : Zhen-Huan HWANG - -GitHub (11 Apr 2019) -- [Will Cosgrove brought this change] - - Add agent functions libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() (#308) + When set to `OFF`, make all non-static/internal functions visible + in the dynamic library. - File : agent.c + This setting requires `BUILD_SHARED_LIBS=ON`. - Notes : - Libssh2 uses the SSH_AUTH_SOCK env variable to read the system agent location. However, when using a custom agent path you have to set this value using setenv which is not thread-safe. The new functions allow for a way to set a custom agent socket path in a thread safe manor. + - honor this setting on Windows. + + By setting the `LIBSSH2_EXPORTS` manual macro again, and stop + recognizing the automatic CMake macro for this purpose: + `libssh2_shared_EXPORT`. + + Closes #939 -- [Will Cosgrove brought this change] +- build: make `windows.h` even leaner + + Disable GDI and NLS features in `windows.h`. libssh2 doesn't use these. + + Closes #940 - Simplified _libssh2_check_length (#350) +- blowfish: build improvements - * Simplified _libssh2_check_length + - include `blowfish.c` into `bcrypt_pbkdf.c`, instead of + compiling it as a distinct object. - misc.c : _libssh2_check_length() + - make low-level blowfish functions static. This prevents this symbols + to pollute the public namespace of libssh2. It also allows the + compiler to inline these functions. - Removed cast and improved bounds checking and format. + - integrate `blf.h` header into `bcrypt_pbkdf.c` as well. - Credit : Yuriy M. Kaminskiy - -- [Will Cosgrove brought this change] - - _libssh2_check_length() : additional bounds check (#348) + - use `_DEBUG_BLOWFISH` instead of `#if 0`. - Misc.c : _libssh2_check_length() + - fix `_DEBUG_BLOWFISH` compiler warnings and other nits. - Ensure the requested length is less than the total length before doing the additional bounds check - -Daniel Stenberg (25 Mar 2019) -- misc: remove 'offset' from string_buf + - `#undef` `inline` before redefining it in `libssh2_priv.h`. + (copied from `blowfish.c`) - It isn't necessary. + - delete unused `inline` redefinitions from `blowfish.c`. - Closes #343 + - disable unused low-level blowfish functions. + + - formatting, header order. + + Closes #938 -- sftp: repair mtime from e1ead35e475 +- libssh2.rc: fix debug flag, other cleanups - A regression from e1ead35e4759 broke the SFTP mtime logic in - sftp_bin2attr + - fix to use `LIBSSH2DEBUG` macro to set the debug flag. + (was `DEBUGBUILD`, a curl-specific macro) - Also simplified the _libssh2_get_u32/u64 functions slightly. + - use manifest constants instead of literals - Closes #342 + - change language to neutral + + Closes #937 -- session_disconnect: don't zero state, just clear the right bit +- tidy-up: example, tests - If we clear the entire field, the freeing of data in session_free() is - skipped. Instead just clear the bit that risk making the code get stuck - in the transport functions. + - drop unnecessary `WIN32`-specific branches. - Regression from 4d66f6762ca3fc45d9. + - add `static`. - Reported-by: dimmaq on github - Fixes #338 - Closes #340 - -- libssh2_sftp.h: restore broken ABI + - sync header inclusion order. - Commit 41fbd44 changed variable sizes/types in a public struct which - broke the ABI, which breaks applications! + - sync some common code between examples/tests. - This reverts that change. + - fix formatting/indentation. - Closes #339 + - fix some `checksrc` errors not caught by `checksrc`. + + Closes #936 -- style: make includes and examples code style strict +- tests/mansyntax.sh: avoid `if !` for portability - make travis and the makefile rule verify them too + Ref: https://www.gnu.org/software/autoconf/manual/autoconf-2.69/html_node/Limitations-of-Builtins.html#Limitations-of-Builtins - Closes #334 + Fixes #704 + Closes #935 -GitHub (21 Mar 2019) -- [Daniel Stenberg brought this change] +- tidy-up: indentation in guarded #includes [ci skip] - create a github issue template +- Makefile.mk: drop `PROOT` variable [ci skip] -Daniel Stenberg (21 Mar 2019) -- stale-bot: activated +- build: hand-crafted config rework & header tidy-up - The stale bot will automatically mark stale issues (inactive for 90 - days) and if still untouched after 21 more days, close them. + - introduce the concept of a project level setup header + `src/libssh2_setup.h`, that is used by `src`, `example` and `tests` + alike. Move there all common platform/compiler configuration from + `src/libssh2_priv.h`, individual sources and `CMakeFiles.txt` files. + Also move there our hand-crafted (= not auto-generated by CMake or + autotools) configuration `win32/libssh2-config.h`. - See https://probot.github.io/apps/stale/ - -- libssh2_session_supported_algs.3: fix formatting mistakes + - `win32` directory is empty now, delete it. - Reported-by: Max Horn - Fixes #57 - -- [Zenju brought this change] - - libssh2.h: Fix Error C2371 'ssize_t': redefinition + - `Makefile.mk`: adapt to the above. Build-directory is the target + triplet, or any custom name set via `BLD_DIR`. - Closes #331 - -- travis: add code style check + - sync header path order between build systems: + build/src -> source/src -> source/include - Closes #324 - -- code style: unify code style + - delete redundant references to `windows.h`, `winsock2.h`, + `ws2tcpip.h`. - Indent-level: 4 - Max columns: 79 - No spaces after if/for/while - Unified brace positions - Unified white spaces - -- src/checksrc.pl: code style checker + - delete unnecessary #includes, update order (`libssh2_setup.h` first, + `winsock2.h` first), simplify where possible. - imported as-is from curl - -Will Cosgrove (19 Mar 2019) -- Merge branch 'MichaelBuckley-michaelbuckley-security-fixes' - -- Silence unused var warnings (#329) + This makes the code warning-free without `WIN32_LEAN_AND_MEAN`. + At the same time this patch applies this macro globally, to avoid + header bloat. - Silence warnings about unused variables in this test - -- Removed unneeded > 0 check + - example: add missing *nix header guards. - When checking `userauth_kybd_num_prompts > 100` we don't care if it's also above zero. - -- [Matthew D. Fuller brought this change] - - Spell OpenSS_H_ right when talking about their specific private key (#321) + - example: fix misindented `HAVE_UNISTD_H` `#ifdef`s. - Good catch, thanks. - -GitHub (19 Mar 2019) -- [Will Cosgrove brought this change] - - Silence unused var warnings (#329) + - set `WIN32` with all build-tools. - Silence warnings about unused variables in this test - -Michael Buckley (19 Mar 2019) -- Fix more scope and printf warning errors - -- Silence unused variable warning - -GitHub (19 Mar 2019) -- [Will Cosgrove brought this change] - - Removed unneeded > 0 check + - set `HAVE_SYS_PARAM_H` in the hand-crafted config for MinGW. + To match auto-detection. - When checking `userauth_kybd_num_prompts > 100` we don't care if it's also above zero. - -Will Cosgrove (19 Mar 2019) -- [Matthew D. Fuller brought this change] - - Spell OpenSS_H_ right when talking about their specific private key (#321) + - move a source-specific macro to `misc.c` from `libssh2_priv.h`. - Good catch, thanks. + See the PR's individual commits for step-by-step updates. + + Closes #932 -Michael Buckley (18 Mar 2019) -- Fix errors identified by the build process +- Makefile.mk: build tests and other improvements [ci skip] + + - use `example` target for building examples (was: `test`). + + - add support for building tests via the `test` target. + + - accept lib-only options in a new `LIBSSH2_CPPFLAGS_LIB` variable. + + Useful to pass `-DLIBSSH2_EXPORTS` for correct `dllexport` in + `libssh2.dll`. + + - fix to put dynamic library in lib directory for non-Windows builds + + - fix to not delete lib objects on `testclean` -- Fix casting errors after merge +- test_warmup: re-implement as `test()` + + Instead of overriding `main()`. To align with the other tests. + + Overriding `main()` can cause duplicate symbols without using a lib for + the `runner` code. + + Follow-up to 40ac6b230a309d35c57aa65a8f6d7ab6654aa3d8 + + Closes #934 -GitHub (18 Mar 2019) -- [Michael Buckley brought this change] +- NMakefile: drop `/DEBUG` linker option in release mode [ci skip] - Merge branch 'master' into michaelbuckley-security-fixes +- NMakefile: simplify [ci skip] -Michael Buckley (18 Mar 2019) -- Move fallback SIZE_MAX and UINT_MAX to libssh2_priv.h +- Makefile.mk: merge two rules [ci skip] -- Fix type and logic issues with _libssh2_get_u64 +- TODO: update item about compiler warnings [ci skip] + + Follow-up to 08354e0abbe86d4cc5088d210d53531be6d8981a + Follow-up to 29347905721d2e7fbb97dabfb0071bee51db3013 + Follow-up to 5a96f494ee0b00282afb2db2e091246fc5e1774a + Follow-up to 463449fb9ee7dbe5fbe71a28494579a9a6890d6d + Follow-up to 02f2700a61157ce5a264319bdb80754c92a40a24 -Daniel Stenberg (17 Mar 2019) -- examples: fix various compiler warnings +GitHub (5 Apr 2023) +- [ihsinme brought this change] -- lib: fix various compiler warnings + example/x11: Add null-termination (#749) -- session: ignore pedantic warnings for funcpointer <=> void * +Viktor Szakats (5 Apr 2023) +- crypto: fix `LIBSSH2_NO_MD5` compiler warnings + + Follow-up to be31457f3071686b555a0f0b19e5dcf63d67fc27 + + Closes #933 -- travis: add a build using configure +- build: add new man pages - Closes #320 + Follow-up to c20c81ab105cdf27f5a4e2604bd13085f46e21de -- configure: provide --enable-werror +GitHub (5 Apr 2023) +- [Daniel Silverstone brought this change] -- appveyor: remove old builds that mostly cause failures + Configurable session read timeout (#892) - ... and only run on master branch. + This set of changes provides a mechanism to runtime-configure the + previously #define'd timeout for reading packets from a session. The + intention here is to also extend libcurl to be able to use this + interface so that when fetching from sftp servers which are very slow + to return directory listings, connections do not time-out so much. - Closes #323 - -- cmake: add two missing man pages to get installed too + * Add new field to session to hold configurable read timeout - Both libssh2_session_handshake.3 and - libssh2_userauth_publickey_frommemory.3 were installed by the configure - build already. + * Updated `_libssh2_packet_require()`, `_libssh2_packet_requirev()`, + and `sftp_packet_requirev()` to use new field in session structure - Reported-by: Arfrever on github - Fixes #278 - -- include/libssh2.h: warning: "_WIN64" is not defined, evaluates to 0 + * Updated docs for API functions to set/get read timeout field in + session structure - We don't use #if for defines that might not be defined. + * Updated `libssh2.h` to declare the get/set read timeout functions + + Co-authored-by: Jon Axtell + Credit: Daniel Silverstone -- pem: //-comments are not allowed +Viktor Szakats (4 Apr 2023) +- cmake: whitespace fixes [ci skip] -Will Cosgrove (14 Mar 2019) -- [Daniel Stenberg brought this change] +- libssh2.h: bump LIBSSH2_COPYRIGHT year [ci skip] - userauth: fix "Function call argument is an uninitialized value" (#318) +- Makefile.mk: move portable GNU Make file to the root - Detected by scan-build. + Move the GNU Make file formerly known as `win32/GNUmakefile` to the + root directory from `win32`. It now supports any platform with a + GCC-like toolchain, while also keeping support for win32. + + For non-Windows platforms it's necessary to provide a hand-crafted + `libssh2_config.h` header for now. + + Usage: `make -f Makefile.mk` -- fixed unsigned/signed issue +- src: include `limits.h` for `*_MAX` macros + + Follow-up to 5a96f494ee0b00282afb2db2e091246fc5e1774a + + Reported-by: OldWorldOrdr on github + Fixes #928 + Closes #930 -Daniel Stenberg (15 Mar 2019) -- session_disconnect: clear state +- build: MSVS warning suppression option tidy-up - If authentication is started but not completed before the application - gives up and instead wants to shut down the session, the '->state' field - might still be set and thus effectively dead-lock session_disconnect. + - in `win32/libssh2_config.h` replace `_CRT_SECURE_NO_DEPRECATE` with + `_CRT_SECURE_NO_WARNINGS`, to use the official macro for this, like + in CMake. - This happens because both _libssh2_transport_send() and - _libssh2_transport_read() refuse to do anything as long as state is set - without the LIBSSH2_STATE_KEX_ACTIVE bit. + Also, it's now safe to move it back under `_MSC_VER`. - Reported in curl bug https://github.com/curl/curl/issues/3650 + Suppressing: - Closes #310 - -Will Cosgrove (14 Mar 2019) -- Release notes from 1.8.1 - -Michael Buckley (14 Mar 2019) -- Use string_buf in sftp_init(). - -- Guard against out-of-bounds reads in publickey.c - -- Guard against out-of-bounds reads in session.c - -- Guard against out-of-bounds reads in userauth.c - -- Use LIBSSH2_ERROR_BUFFER_TOO_SMALL instead of LIBSSH2_ERROR_OUT_OF_BOUNDARY in sftp.c - -- Additional bounds checking in sftp.c - -- Additional length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add(). https://libssh2.org/CVE-2019-3862.html - -- Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. https://libssh2.org/CVE-2019-3860.html - -- Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads. - -- Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. https://libssh2.org/CVE-2019-3858.html - -- Sanitize padding_length - _libssh2_transport_read(). https://libssh2.org/CVE-2019-3861.html + `warning C4996: 'fopen': This function or variable may be unsafe. Consider using fopen_s instead.` + `warning C4996: 'getenv': This function or variable may be unsafe. Consider using _dupenv_s instead.` - This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent. + - move `_CRT_NONSTDC_NO_DEPRECATE` to `example` and `tests`. + Not needed for `src`. + + Suppressing: + + `warning C4996: 'strdup': The POSIX name for this item is deprecated. Instead, use the ISO C and C++ conformant name: _strdup.` + `warning C4996: 'write': The POSIX name for this item is deprecated. Instead, use the ISO C and C++ conformant name: _write.` + + - move `_WINSOCK_DEPRECATED_NO_WARNINGS` from source files to + CMake files, in `example` and `tests`. Also limit this to MSVC. + + Suppressing: + + `warning C4996: 'inet_addr': Use inet_pton() or InetPton() instead` + + TODO: try fixing these instead of suppressing. + + Closes #929 -- Defend against writing beyond the end of the payload in _libssh2_transport_read(). +- win32/GNUmakefile: make it movable [ci skip] + + - add `BLD_DIR` to customize the output directory (where libs, .zip, + obj subdir will go). This directory must exist. + + It remains `./win32` for Windows builds. + + - add `CONFIG_H_DIR` option to customize `libssh2_config.h` location. + + It remains `./win32` for Windows builds. + + - include `.def` in distro zip for Windows. + + - ready to move to the root directory. -- Defend against possible integer overflows in comp_method_zlib_decomp. +- win32/GNUmakefile: drop an unnecessary variable [ci skip] -GitHub (14 Mar 2019) -- [Will Cosgrove brought this change] +- windows: re-add `libssh2.rc` + + Lost while moving it from the win32 directory + + Follow-up to 194cfc0f84192809c87f846140e5bf06b7a864af - Security fixes (#315) +- crypto: add `LIBSSH2_NO_MD5` to disable MD5 support - * Bounds checks + Closes #927 + +- hostkey: fix `hash_len` field constants - Fixes for CVEs - https://www.libssh2.org/CVE-2019-3863.html - https://www.libssh2.org/CVE-2019-3856.html + Replace incorrect `MD5_DIGEST_LENGTH` with `SHA_DIGEST_LENGTH` for these + hostkey algos: - * Packet length bounds check + - `ssh-rsa` and `ssh-dss` - CVE - https://www.libssh2.org/CVE-2019-3855.html + Ref: 7a5ffc8cee259bbde82ab92515cd8fea2166854b (2004-12-07 Initial) - * Response length check + - `ssh-rsa-cert-v01@openssh.com` - CVE - https://www.libssh2.org/CVE-2019-3859.html + Ref: 4b21e49d9d2db74579b18804ed1f5eeb16578b2f (2022-07-28) + Ref: #710 - * Bounds check + Also delete local fall-back definition of `MD5_DIGEST_LENGTH` (added + in 9af7eb48dc3854ce8ee0589f7e2beb944e064847). Macro is no longer used. - CVE - https://www.libssh2.org/CVE-2019-3857.html + Reported-by: Markus-Schmidt on github + Fixes #919 + Closes #926 + +- ci: add MSVS 2008/2010 build tests and fix warnings - * Bounds checking + Also: - CVE - https://www.libssh2.org/CVE-2019-3859.html + - fix newly surfaced (bogus) warnings in examples with MSVS 2010: - and additional data validation + ``` + ..\..\example\direct_tcpip.c(262): warning C4127: conditional expression is constant + ``` + Happens for every `FD_SET()` macro reference. - * Check bounds before reading into buffers + Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46677835/job/ni4hs97bh18c14ap - * Bounds checking + - silence MSVS 2010 predefined Windows macro warnings: - CVE - https://www.libssh2.org/CVE-2019-3859.html + ``` + ..\..\src\wincng.c(867): warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater size + ..\..\src\wincng.c(897): warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater size + ..\..\src\wincng.c(1132): warning C4306: 'type cast' : conversion from 'int' to 'LPCSTR' of greater size + ``` - * declare SIZE_MAX and UINT_MAX if needed - -- [Will Cosgrove brought this change] - - fixed type warnings (#309) - -- [Will Cosgrove brought this change] - - Bumping version number for pending 1.8.1 release - -Will Cosgrove (4 Mar 2019) -- [Daniel Stenberg brought this change] - - _libssh2_string_buf_free: use correct free (#304) + Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46678071/job/08t5ktvkcgdghp7r - Use LIBSSH2_FREE() here, not free(). We allow memory function - replacements so free() is rarely the right choice... - -GitHub (26 Feb 2019) -- [Will Cosgrove brought this change] + Closes #925 - Fix for building against libreSSL #302 +- transport: rename local `RANDOM_PADDING` macro - Changed to use the check we use elsewhere. + Rename `RANDOM_PADDING` macro used internally to enable some code. + + Committed in the initial version of `transport.c` in + 9d55db6501aa4e21f0858cf36cdc2ddc11b96e83 (2007-02-02). libssh2 code + never defined it. + + The name happens to collide with a Windows macro in `wincrypt.h`. + `transport.c` doesn't include this header, but it includes `winsock2.h`, + and it turns out it can also define this macro in some cases, e.g. + when `WIN32_LEAN_AND_MEAN` is not set. + + To be on the safe side, prefix the name with `LIBSSH2_` to avoid + enabling it by accident. + + Q: Maybe it'd be best to delete it with the guarded code? + + Reported-by: Markus-Schmidt on github + Fixes #921 + Closes #924 -- [Will Cosgrove brought this change] +- windows: move `libssh2.rc` to the `src` directory + + Closes #918 - Fix for when building against LibreSSL #302 +- autotools: delete unused conditional `HAVE_SYS_UN_H` + + No longer necessary after moving the disabling/enabling logic from + build tool to `example/x11.c`. + + Reverts 4774d500e724bc4e548f743a0cb644ab05599474 + Follow-up to d245c66cc0029e480674394c23e8be1c9410f7ad -Will Cosgrove (25 Feb 2019) -- [gartens brought this change] +- win32/GNUmakefile: update help & exit without crypto backend [ci skip] + + Follow-up to: 5bcd25c4c980e9765c00a2f20ac5348635063aad + Follow-up to: 68fd02fba002c8c6af3ba51a2780de46b47b3787 - docs: update libssh2_hostkey_hash.3 [ci skip] (#301) +- build: respect autotools `DLL_EXPORT` in `libssh2.h` + + The `DLL_EXPORT` macro is automatically set by autotools when building + the libssh2 DLL. Certain toolchains might require this to correctly + export symbols, so make sure to respect it in `libssh2.h` to enable + `declspec(dllexport)`. + + With this patch we have a manual macro for that (`LIBSSH2_EXPORT`), + this autotools one, the CMake one, and `_WINDLL` (added in + c355d31ff94a1622526c4988b9d09074f7f7605d), possibly defined by Visual + Studio. + + Closes #917 -GitHub (21 Feb 2019) -- [Will Cosgrove brought this change] +- build: make `HAVE_LIBCRYPT32` local to `wincng.c` + + libssh2 uses `wincrypt.h` aka the `crypt32` Windows system library + for the function `CryptDecodeObjectEx()` [1]. This function has been + available for Win32 (and UWP/WinRT apps) for a long while. Even old + MinGW supports it, and also Watcom 1.9, of the rare/old compilers + I checked. + + CMake had it permanently enabled, while it also did an extra check + for the header to add the lib to the lib list. Autotools did the + detection proper. Other builds had it permanently enabled. + + It seems safe to assume this function/header/lib is available in all + environments we support. + + In this patch we simplify by deleting these detections and feature + flags from all build tools. + + Keep the feature flag internal to `wincng.h`, and for extra safety add + the new macro `LIBSSH2_WINCNG_DISABLE_WINCRYPT` do disable it via + custom `CPPFLAGS`. + + WinCNG's other requirement is `bcrypt`. That also has been universally + available for a long time. Here the only known outlier is old/legacy + MinGW, which is missing support. + + [1] https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptdecodeobjectex + + Closes #916 - fix malloc/free mismatches #296 (#297) +- autotools: delete `src/libssh2.pc.in` reference [ci skip] + + Follow-up to 06f281921907fa077884c7020917661ca805b9d3 -- [Will Cosgrove brought this change] +- tidy-up: null-mac/cipher documentation + + Move documentation for these deleted build-level options from + autotools/cmake docs to the source code itself. + + Follow-up to 50c9bf868e833258d23c5f55ed546d1fcd5687d0 + + Closes #915 - Replaced malloc with calloc #295 +- cmake: re-use existing `libssh2.pc` template + + Instead of maintaining a second copy of `libssh2.pc.in` in `src` just + for CMake, teach CMake to use the existing template in the root dir, + that we already use with autotools. + + Closes #914 -- [Will Cosgrove brought this change] +- delete redundant `HAVE_STDLIB_H` + + libssh2 used this standard C89 header unconditionally before this patch. + + Delete the feature checks and all unnecessary header guards. + + Closes #913 - Abstracted OpenSSL calls out of hostkey.c (#294) +- NMakefile: drop redundant variable and assignments [ci skip] -- [Will Cosgrove brought this change] +- delete redundant `HAVE_WINSOCK2_H` + + `libssh2.h` required `winsock2.h` for `_WIN32` since + 81d53de4dc5ee39bd6215958c7dce3b12731195e (2011-06-04). + + Apply that to the whole codebase. This makes it unnecessary to detect + `HAVE_WINSOCK2_H` and allows to drop all its uses. + + Completes TODO from b66d7317ca6c882afbe52fe426f68c119c40d348 + + TODO: Straighten out the use a mixture of `HAVE_WINDOWS_H`, + `WIN32`, `_WIN32` to detect Windows. - Fix memory dealloc impedance mis-match #292 (#293) +- cmake: detect WinCNG last - When using ed25519 host keys and a custom memory allocator. + This gives a chance to auto-detect mbedTLS on Windows with CMake. -- [Will Cosgrove brought this change] +- NMakefile: rename config variables, default to WinCNG [ci skip] + + - replace `OPENSSLINC` and `OPENSSLLIB` with `OPENSSL_PATH`. + Assume `include` and `lib` subdirs for headers and libs. + + - replace `WITH_ZLIB`, `ZLIBINC` and `ZLIBLIB` with `ZLIB_PATH`. + Assume `include` and `lib` subdirs for header and lib. + + - make WinCNG the default if `WITH_OPENSSL` is not set. - Added call to OpenSSL_add_all_digests() #288 +- win32/GNUmakefile: rename object dir and update .gitignore [ci skip] - For OpenSSL 1.0.x we need to call OpenSSL_add_all_digests(). + From `-{release|debug}` to `{release|debug}-`. + + Follow-up to 68fd02fba002c8c6af3ba51a2780de46b47b3787 -Will Cosgrove (12 Feb 2019) -- [Zhen-Huan HWANG brought this change] +- win32/GNUmakefile: add libgcrypt support [ci skip] + + In the previous commit 969487113aae856e43d3d905c3f2260246d44f9b, + the commit message should read `win32/GNUmakefile: ` instead of + `libssh2-gnumake.sh: `. Sorry for the mixup. - SFTP: increase maximum packet size to 256K (#268) +- libssh2-gnumake.sh: make variable names platform-agnostic [ci skip] - to match implementations like OpenSSH. + Also more consistent. Refer to DLL/SO/shared as 'dyn'. + + Also add comment on how to find customizable environment variables. -- [Zenju brought this change] +- win32/GNUmakefile: make it support non-Windows builds [ci skip] + + With 20-ish extra lines, make this Makefile support all GCC-like + toolchains. + + The temporary directory becomes `-{release|debug}` from + the former `{release|debug}`. + + Also change the lib directory name in the `dist` package from + `win32` to `lib`, to match other packages and build tools. - Fix https://github.com/libssh2/libssh2/pull/271 (#284) +- win32/GNUmakefile: default to WinCNG [ci skip] + + Also check for wolfSSL before mbedTLS to match CMake. -GitHub (16 Jan 2019) -- [Will Cosgrove brought this change] +- win32/GNUmakefile: fixups to previous commit [ci skip] + + - `-lws2_32` is necessary when building examples. + + - drop a temporary variable. + + Follow-up to d245c66cc0029e480674394c23e8be1c9410f7ad - Agent NULL check in shutdown #281 +- delete redundant `HAVE_WS2TCPIP_H` + + It was used once in `src/libssh2_priv.h`, but without any effect. + The header included `ws2tcpip.h` twice, once guarded by + `HAVE_WS2TCPIP_H` and another time by `HAVE_WINSOCK2_H`. + + Dedupe these to not use `HAVE_WS2TCPIP_H`. Then delete detection + of this feature from all build methods. + + TODO: Replace `HAVE_WINSOCK2_H` with `_WIN32`/`WIN32`. -Will Cosgrove (15 Jan 2019) -- [Adrian Moran brought this change] +- win32/libssh2_config.h: set `HAVE_LONGLONG` & `HAVE_STDLIB_H` [ci skip] + + - enable `HAVE_LONGLONG` for MinGW and MSVC versions supporting it. + + Necessary for `GNUmakefile`/`NMakefile` builds to create the same + binaries as CMake/autotools ones do. + + - enable `HAVE_STDLIB_H`. It has been universally available on + Windows for a long time. + + Fixes these clang-cl warnings: + ``` + src\wincng.c(444,5) : warning: implicit declaration of function 'free' is invalid in C99 [-Wimplicit-function-declaration] + free(buf); + ^ + src\wincng.c(491,20) : warning: implicitly declaring library function 'malloc' with type 'void *(unsigned long long)' [-Wimplicit-function-declaration] + pbHashObject = malloc(dwHashObject); + ^ + src\wincng.c(491,20) : note: include the header or explicitly provide a declaration for 'malloc' + src\wincng.c(2106,14) : warning: implicitly declaring library function 'realloc' with type 'void *(void *, unsigned long long)' [-Wimplicit-function-declaration] + bignum = realloc(bn->bignum, length); + ^ + src\wincng.c(2106,14) : note: include the header or explicitly provide a declaration for 'realloc' + 3 warnings generated. + ``` - mbedtls: Fix leak of 12 bytes by each key exchange. (#280) +- example: make `x11` exclusion build-tool-agnostic - Correctly free ducts by calling _libssh2_mbedtls_bignum_free() in dtor. + Whether to build the `x11` example or not was decided by each build + tool. CMake didn't build it even on supported platforms. GNUMakefile + used a specific blocklist for it, while autotools enabled it based on + feature-detection. + + Migrate the enabler logic to an #ifdef in source and build `x11` + unconditionally with all build tools. + + On unsupported platforms (=Windows) this program now displays a short + message stating that fact. + + Also: + + - fix `x11.c` warnings uncovered after CMake started building it. + + - use `libssh2_socket_t` type for portability in `x11.c` too. + + - use detected header guards in `x11.c`. + + - delete a duplicate reference to `-lws2_32` from `win32/GNUmakefile` + while there. + + Closes #909 -- [alex-weaver brought this change] +- .gitignore updates [ci skip] - Fix error compiling on Win32 with STDCALL=ON (#275) +- tidy-up: whitespace, sorting, comment and naming fixups -GitHub (8 Nov 2018) -- [Will Cosgrove brought this change] +- cmake: add missing man pages - Allow default permissions to be used in sftp_mkdir (#271) +- cmake: dedupe and merge config detection - Added constant LIBSSH2_SFTP_DEFAULT_MODE to use the server default permissions when making a new directory - -Will Cosgrove (13 Sep 2018) -- [Giulio Benetti brought this change] - - openssl: fix dereferencing ambiguity potentially causing build failure (#267) + Before this patch CMake did feature detections in three files: + `src/CMakefiles.txt`, `examples/CMakefiles.txt` and + `tests/CMakefiles.txt`. - When dereferencing from *aes_ctr_cipher, being a pointer itself, - ambiguity can occur; fixed possible build errors. - -Viktor Szakats (12 Sep 2018) -- win32/GNUmakefile: define HAVE_WINDOWS_H + Merge and move them to the root `CMakefiles.txt`. - This macro was only used in test/example code before, now it is - also used in library code, but only defined automatically by - automake/cmake, so let's do the same for the standalone win32 - make file. + After this patch we end up with a single `src/libssh2_config.h`. This + brings CMake in sync with autotools builds, which already worked with + a single config header. - It'd be probably better to just rely on the built-in _WIN32 macro - to detect the presence of windows.h though. It's already used - in most of libssh2 library code. There is a 3rd, similar macro - named LIBSSH2_WIN32, which might also be replaced with _WIN32. + This also prevents mistakes where feature detection went out of sync + between `src` & `tests` (see ae90a35d15d97154ac0c8554bce99ebfb18ee825). + `tests` do compile sources from `src` directly, so these should always + be in sync. - Ref: https://github.com/libssh2/libssh2/commit/8b870ad771cbd9cd29edbb3dbb0878e950f868ab - Closes https://github.com/libssh2/libssh2/pull/266 - -Marc Hoersken (2 Sep 2018) -- Fix conditional check for HAVE_DECL_SECUREZEROMEMORY + It also allows to better integrate hand-crafted, platform-specific + config headers into the builds, like the one currently residing in + the `win32` directory (and also in `vms` and `os400`). Subject to an + upcoming PR. - "Unlike the other `AC_CHECK_*S' macros, when a symbol is not declared, - HAVE_DECL_symbol is defined to `0' instead of leaving HAVE_DECL_symbol - undeclared. When you are sure that the check was performed, - use HAVE_DECL_symbol in #if." + Also fix a warning revealed after this patch made CMake correctly + enable `HAVE_GETTIMEOFDAY` for `example` programs. - Source: autoconf documentation for AC_CHECK_DECLS. + Closes #906 -- Fix implicit declaration of function 'SecureZeroMemory' +- cmake: dedupe crypto-backend detection - Include window.h in order to use SecureZeroMemory on Windows. - -- Fix implicit declaration of function 'free' by including stdlib.h - -GitHub (27 Aug 2018) -- [Will Cosgrove brought this change] + Before this patch CMake did crypto-backend detection in both + `src/CMakefiles.txt` and `tests/CMakefiles.txt`. + + Merge them and move it to the root `CMakefiles.txt`. + + While here, also add zlib for OpenSSL. Necessary when using OpenSSL + builds with zlib enabled. + + Closes #905 - Use malloc abstraction function in pem parse +- cmake: add missing #cmakedefines to src - Fix warning on WinCNG build. + - `HAVE_MEMSET_S` missing since + 03092292597ac601c3f9f0c267ecb145dda75e4e (2018-08-02) + + - `HAVE_EXPLICIT_BZERO` and `HAVE_EXPLICIT_MEMSET` missing since + 00005682f7b9a1aa42be50e269056ea873637047 (2023-03-28) -- [Will Cosgrove brought this change] +GitHub (31 Mar 2023) +- [Viktor Szakats brought this change] - Fixed possible junk memory read in sftp_stat #258 + tidy-up: NMakefile (#903) -- [Will Cosgrove brought this change] +Viktor Szakats (30 Mar 2023) +- GNUmakefile: adjust win32/.gitignore [ci skip] - removed INT64_C define (#260) +- build: delete references to deleted NMake files [ci skip] - No longer used. + Follow-up to 057522bb0f15c10c33159e12899ecc60e40aa6ef -- [Will Cosgrove brought this change] +GitHub (30 Mar 2023) +- [Viktor Szakats brought this change] - Added conditional around engine.h include + NMakefile: merge them into a single file [ci skip] (#902) + + Also: + + - allow to override `AR` and `ARFLAGS`. + + - The extra `src` subdir in the target directory is no longer, to + simplify things. + + - gone the dynamically generated `objects.mk`. Now replaced with some + tricky logic to do that inline. + + - add necessary `LIBS` for WinCNG. (untested) + + Lightly tested via clang-cl. -Will Cosgrove (6 Aug 2018) -- [Alex Crichton brought this change] +- [Viktor Szakats brought this change] - Fix OpenSSL link error with `no-engine` support (#259) + maketgz: tidy-up [ci skip] (#901) - This commit fixes linking against an OpenSSL library that was compiled with - `no-engine` support by bypassing the initialization routines as they won't be - available anyway. + - fix shellcheck warnings: + - use quotes + - use `$()` + - use `printf` (instead of calling perl). + - indent. + - copy/adapt header comment from curl to `maketgz`. -GitHub (2 Aug 2018) -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - ED25519 Key Support #39 (#248) + ci: flatten AppVeyor jobs, add debug builds (#900) - OpenSSH Key and ED25519 support #39 - Added _libssh2_explicit_zero() to explicitly zero sensitive data in memory #120 + This results in better job names (now including CPU), avoiding the + complex exception rules, and fine-tuning the order and variation of + these tests. - * ED25519 Key file support - Requires OpenSSL 1.1.1 or later - * OpenSSH Key format reading support - Supports RSA/DSA/ECDSA/ED25519 types - * New string buffer reading functions - These add build-in bounds checking and convenance methods. Used for OpenSSL PEM file reading. - * Added new tests for OpenSSH formatted Keys + Enable `LIBSSH2DEBUG` for two of the existing jobs. -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - ECDSA key types are now explicit (#251) + ci: add VS2022 builds (incl. ARM64) to AppVeyor (#899) - * ECDSA key types are now explicit + - add MSVS 2022 WinCNG builds for x64 and ARM64, + replacing MSVS 2013 WinCNG builds for x64 and x86. - Issue was brough up in pull request #248 - -Will Cosgrove (2 May 2018) -- [Jakob Egger brought this change] + - add MSVS 2022 OpenSSL builds for x64. + + - fix a compiler warning uncovered by the new ARM64 build: + + ``` + tests\openssh_fixture.c(393,17): warning C4477: 'fprintf' : format string '%d' requires an argument of type 'int', but variadic argument 1 has type 'libssh2_socket_t' + tests\openssh_fixture.c(393,17): message : consider using '%lld' in the format string + tests\openssh_fixture.c(393,17): message : consider using '%Id' in the format string + tests\openssh_fixture.c(393,17): message : consider using '%I64d' in the format string + ``` + + - echo the actual CMake command-line. + + - cmake: echo the DLL filenames found by the OpenSSL DLL-finder + heuristics. + + - cmake: delete `libcrypto.dll` and `libssl.dll` names from the above + logic. + + I've added these in 19884e5055b6c65f0df93d7cc776a01c518a2f06. That + resulted in CMake picking up a rogue `libcrypto.dll` (with no + `libssl.dll` pair) from `C:\Windows\System32\` on the + `Visual Studio 2022` image, breaking tests. + + Turns out, OpenSSL v1.0.2 uses the "EAY" names, but let's not re-add + those either, because CMake mis-picks those up from + `C:/OpenSSL-Win64/bin/`, even while pointing `OPENSSL_ROOT_DIR` to a + v1.1.1 installation. + + - cmake: set `NO_DEFAULT_PATH` for OpenSSL DLL lookup to avoid picking + up all kinds of wrong DLLs. CMake considers not the first, but the + _last_ hit the valid one. This happened to be + `C:/Program Files/Meson/lib*-1_1.dll` when using the + `Visual Studio 2022` image. + + Ref: https://cmake.org/cmake/help/latest/command/find_file.html + + - cmake: leave two commented debug lines that will be useful next time + the DLL detection lookup goes wrong. + + Ref: https://cmake.org/cmake/help/latest/variable/CMAKE_FIND_DEBUG_MODE.html + + - on error, also dump `CMakeFiles/CMakeConfigureLog.yaml` if it exists + (requires CMake 3.26 and newer) - Add Instructions for building from Master (#249) +- [Viktor Szakats brought this change] -GitHub (27 Apr 2018) -- [Will Cosgrove brought this change] + src: fix compiler warning on Darwin (#898) + + ``` + src/session.c:675:52: warning: implicit conversion loses integer precision: 'long' to '__darwin_suseconds_t' (aka 'int') [-Wshorten-64-to-32] + tv.tv_usec = (ms_to_next - tv.tv_sec*1000) * 1000; + ~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~ + ``` - Initialize sb_intl #226 +Viktor Szakats (29 Mar 2023) +- tidy-up: tabs to spaces in Makefile.am [ci skip] + + Follow-up to 2f16d8105c9491beb2a02b3081f4f1c2a224fa62 -Will Cosgrove (19 Apr 2018) -- [doublex brought this change] +GitHub (29 Mar 2023) +- [Viktor Szakats brought this change] - buffer overflow (valgrind) (#159) + netware: delete support (#888) + + Last related commit happened 15 years ago. + NetWare had it last release in 2009. + + All links referenced from the make file are inaccessible. -- [Brendan Shanks brought this change] +- [Viktor Szakats brought this change] - mbedTLS: Remove some C99-style intermingled variable declarations (#196) + wolfssl: add workaround for HMAC_Update() len arg difference (#897) + + It's `int` in wolfSSL. `size_t` in OpenSSL/quictls/LibreSSL/BoringSSL. + + Ref: https://github.com/wolfSSL/wolfssl/blob/ba47562d182e10e59813da012e0ab8ef20892231/wolfssl/openssl/hmac.h#L60-L61 + + /cc @wolfSSL -GitHub (18 Apr 2018) -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - fix for #160 + cmake: introduce variables for lib target names (#896) + + Make our CMake config more self-documenting by introducing variables + for the shared and static lib target names. Without this, it might be + non-trivial to find out which line is referring to a target name vs + libname, export name or other occurrences of `libssh2`. + + This allows to rename back the shared lib target name to the value used + before 4e2580628dd1f8dc51ac65ac747ebcf0e93fa3d1: + `libssh2_shared` -> `libssh2`, if necessary for compatibility. Notice: + before that patch, `libssh2` name referred to either the static or + shared lib, depending on build settings. -Will Cosgrove (18 Apr 2018) -- [doublex brought this change] +- [Viktor Szakats brought this change] - fix memory leak when using mbedtls backend (#158) + detect and use explicit_bzero() and explicit_memset() (#895) - _libssh2_bn_init_from_bin/_libssh2_bn_free would leak bignum from mbedtls_calloc(). + Also skip detecting these and `memset_s()` for Windows targets in CMake, + to save detection time. On Windows we always use `SecureZeroMemory()`. -- [Brendan Shanks brought this change] +- [Viktor Szakats brought this change] - mbedTLS: Avoid multiple definition errors for context handles (#197) + ci: bump mbedtls (#894) -- [Tseng Jun brought this change] +- [Viktor Szakats brought this change] - Fix the EVP cipher meth memory leakage problem (#244) - - * Fix the EVP cipher meth memory leakage problem + GNUmakefile: minor fix for DYN mode [ci skip] (#893) - Looks good, thanks for the fixes. + Follow-up to b8762c1003d97e109efa587bdc760ff9873949eb -Marc Hörsken (31 Mar 2018) -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - Added ECDSA defines for WinCNG (#245) + build: delete MS Dev Studio build files (#891) - Fixed missing defines preventing building using WinCNG + Last updated in 2007. + + Also delete `VCPROJ` target remains (necessary files seem to have + been missing from the repo all along) for Visual Studio 2008. -GitHub (30 Mar 2018) -- [Will Cosgrove brought this change] +Viktor Szakats (28 Mar 2023) +- checksrc: fix reference in Makefile.am, update options [ci skip] + +GitHub (28 Mar 2023) +- [Viktor Szakats brought this change] - Fix for _libssh2_rsa_new with OpenSSL 1.0.x + build: delete native Watcom wmake support with Win32 (#889) - missing d value assignment. + CMake supports generating Watcom wmake files: + https://cmake.org/cmake/help/v3.1/generator/Watcom%20WMake.html -Will Cosgrove (20 Mar 2018) -- [Etienne Samson brought this change] +- [Viktor Szakats brought this change] - A collection of small fixes (#198) + checksrc: update and fix warnings (#890) - * tests: Remove if-pyramids + Update from: + https://github.com/curl/curl/blob/5fec927374e4d9553205d861f2dcb39ec78002cc/scripts/checksrc.pl - * tests: Switch run_command arguments + - suppress these new checks: - * tests: Make run_command a vararg function + - EQUALSNULL: 320 warnings + - NOTEQUALSZERO: 142 warnings + - TYPEDEFSTRUCT: 16 warnings - * tests: Xcode doesn't obey CMake's test working directory + We can enabled them in the future. - * openssl: move manual AES-CTR cipher into crypto init + - fix all other new ones. - * cmake: Move our include dir before all other include paths + - also fix whitespace in two `NMakefile` files. -GitHub (15 Mar 2018) -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - Fixes incorrect indexing of KEX prefs string - - After stripping out an invalid KEX pref entry, it would incorrectly advance again leaving invalid values in the list. + tidy-up: fix/update URLs (#887) -Viktor Szakats (13 Mar 2018) -- tests: fix checksrc warnings - - Also: - * add 'static' qualifier to file-wide const buffers - * fix a non-ANSI C89 comment - * silence a mismatched fprintf() mask warning by adding a cast +- [Viktor Szakats brought this change] -- cmake: recognize OpenSSL 1.1 .dll names + tidy-up: fix typos (#886) - Also fix some comment typos and a stray tab. + detected by codespell 2.2.4. -- docs: update an URL [ci skip] - -Daniel Stenberg (12 Mar 2018) -- docs/SECURITY: the max embargo is 14 days now +- [Viktor Szakats brought this change] -Viktor Szakats (12 Mar 2018) -- docs: spelling fixes [ci skip] + tidy-up: replace tabs and other whitespace (#885) - Closes https://github.com/libssh2/libssh2/pull/222 + There are a few non-whitespace changes, see them here: + https://github.com/libssh2/libssh2/pull/885/files?w=1 -GitHub (12 Mar 2018) -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - Fixed minor tabs/spacing issues + ci: drop cmake --parallel (#884) + + `--parallel 2` did not seem to make builds faster. Neither did 4 or 6. + + Delete this option from both GHA and AppVeyor jobs. + + On AppVeyor, with VS, it uses MSBuild under the hood where apparently + `--parallel` doesn't do much [1]. The suggested MSBuild-specific option + `/p:CL_MPcount=2` did not improve build times either. + + CMake spends significant time (comparable to building the project + itself) on feature detection, it'd be nice to execute those in parallel, + but I found not such CMake option. + + [1] https://discourse.cmake.org/t/parallel-does-not-really-enable-parallel-compiles-with-msbuild/964 + + Partial revert of 7a039d9a7a2945c10b4622f38eeed21ba6b4ec55 -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - Update kex.c + rework how to enable insecure null-cipher/null-MAC (#873) + + Null-cipher and null-MAC are security footguns we want to avoid. + + Existing option names to toggle these were ambiguous and gave room for + misinterpretation. Some projects may have had these options enabled by + accident. + + This patch aims to make it more difficult to enable them, and making + sure that existing methods require an update to stay enabled. + + - delete CMake/autotools settings to enable the "none" cipher and MAC. + + - rename existing C macros that can enable them. + + To use them, pass them as custom `CPPFLAGS` to the build. + + - enable them only if `LIBSSH2DEBUG` is also enabled. + + Best would be to delete them, though they may have some use while + developing libssh2 itself, or debugging. -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - Added basic bounds checking #206 + delete old gex (SSH2_MSG_KEX_DH_GEX_REQUEST_OLD) build option (#872) + + libssh2 supports an "old" style KEX message + `SSH2_MSG_KEX_DH_GEX_REQUEST_OLD`, as an off-by-default build option. + + OpenSSH deprecated/disabled this feature in v6.9 (2015-07-01): + https://www.openssh.com/releasenotes.html#6.9 - Basic bounds checking in ecdh_sha2_nistp() + This patch deletes this obsolete feature from libssh2, with no option + to enable it. + + Added to libssh2 in: cf8ca63ea0c9388c8ae9079961d7e6a91b72b5c8 (2004-12-31) + RFC: https://datatracker.ietf.org/doc/html/rfc4419 (2006-03) -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - Fixed Clang warning #206 + src: more tolerant snprintf() local override (#881) + + `#undef snprintf` before redefining it, when `HAVE_SNPRINTF` is not + defined, even though `snprintf` is available and it should have been. + Possibly with 3rd party builds. - Fixed possible garbage value for secret in an error case + Downside is that cases of missing `HAVE_SNPRINTF` are less trivially + detected at compile-time. -- [Will Cosgrove brought this change] +- [Viktor Szakats brought this change] - Fixed incorrect #if to #ifdef #206 + ci: fix cmake warning with AppVeyor WinCNG builds (#883) - When checking HAVE_OPAQUE_STRUCTS. - -Viktor Szakats (12 Mar 2018) -- src: suppress two checksrc warnings + ``` + CMake Warning: + Manually-specified variables were not used by the project: - Ref: https://github.com/libssh2/libssh2/pull/235 - -- src: address fopen() warnings, add missing copyright headers + OPENSSL_ROOT_DIR + ``` - Ref: https://github.com/libssh2/libssh2/pull/235 + Follow-up to 0834b9bcc85b90c78afff103f909b5a909b95e45 -- src: replace sprintf() with snprintf() +- [Viktor Szakats brought this change] + + ci: cmake `ENABLE_WERROR` -> `ON` (#877) - Ref: https://github.com/libssh2/libssh2/pull/235 + Consider warnings as errors for CMake jobs in CI. -- src: fix checksrc warnings +Viktor Szakats (26 Mar 2023) +- src: silence compiler warnings 4 (alignment in WinCNG) - Use checksrc.pl from the curl project, with (for now) - suppressed long line warnings and indentation set to - 4 spaces. Fixes are whitespace for the most part. + Silence alignment warnings in WinCNG, by reworking the code. - Warning count went down from 2704 to 12. + Also add two unrelated casts to avoid gcc compiler warnings + in surrounding code. - Also fix codespell typos, two non-ANSI C89 comments - and a stray tab in include/libssh2.h. + `increases required alignment from 1 to 4 [-Wcast-align]` + `increases required alignment from 1 to 8 [-Wcast-align]` - Ref: https://github.com/libssh2/libssh2/pull/235 + See warning details in the PR's individual commits. + + Reviewed-by: Marc Hörsken in + Cherry-picked from #846 + Closes #880 -- checksrc: add source style checker +- src: silence compiler warnings 3 (change types) - This is a slightly extended version of this original source - from the curl project: - https://github.com/curl/curl/blob/8b754c430b9a4c51aa606c687ee5014faf7c7b06/lib/checksrc.pl + Apply type changes to avoid casts and warnings. In most cases this + means changing to a larger type, usually `size_t` or `ssize_t`. - This version adds the following options to customize it for - libssh2 (plus some whitespace formatting): + Change signedness in a few places. - `-i` to override indentation spaces (2) - `-m` to override maximum line length (79) + Also introduce new variables to avoid reusing them for multiple + purposes, to avoid casts and warnings. - Command-line used to check libssh2 sources: + - add FIXME for public `libssh2_sftp_readdir_ex()` return type. - $ ./checksrc.pl -i4 -m500 *.c *.h + - fix `_libssh2_mbedtls_rsa_sha2_verify()` to verify if `sig_len` + is large enough. - Closes https://github.com/libssh2/libssh2/pull/236 - -- src: add static qualifier + - fix `_libssh2_dh_key_pair()` in `wincng.c` to return error if + `group_order` input is negative. - To private, const strings. + Maybe we should also reject zero? - Closes https://github.com/libssh2/libssh2/pull/237 - -- [Will Cosgrove brought this change] - - Add support for ECDSA keys and host keys (#41) + - bump `_libssh2_random()` size type `int` -> `size_t`. Add checks + for WinCNG and OpenSSL to return error if requested more than they + support (`ULONG_MAX`, `INT_MAX` respectively). - This commit lands full ECDSA key support when using the OpenSSL - backend. Which includes: + - change `_libssh2_ntohu32()` return value `unsigned int` -> `uint32_t`. - New KEX methods: - ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521 + - fix `_libssh2_mbedtls_bignum_random()` to check for a negative `top` + input. - Can now read OpenSSL formatted ECDSA key files. + - size down `_libssh2_wincng_key_sha_verify()` `hashlen` to match + Windows'. - Now supports known host keys of type ecdsa-sha2-nistp256. + - fix `session_disconnect()` to limit length of `lang_len` + (to 256 bytes). - New curve types: - NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1 + - fix bad syntax in an `assert()`. - Default host key preferred ordering is now nistp256, nistp384, - nistp521, rsa, dss. + - add a few `const` to casts. - Ref: https://github.com/libssh2/libssh2/issues/41 + - `while(1)` -> `for(;;)`. - Closes https://github.com/libssh2/libssh2/pull/206 - -GitHub (15 Dec 2017) -- [Will Cosgrove brought this change] - - Fixed possible crash when decoding invalid data + - add casts that didn't fit into #876. - When trying to decode invalid data, it frees the buffer but doesn't nil it so the caller gets a junk memory pointer which they could potentially double free. - -- [Will Cosgrove brought this change] - - Remove call to OpenSSL_add_all_ciphers() + - update `docs/HACKING-CRYPTO` with new sizes. - Now lives in libssh2 init() from PR #189 - -- [Will Cosgrove brought this change] - - Fixed incorrect reference to decrypted block + May need review for OS400QC3: /cc @monnerat @jonrumsey - Fixed incorrectly copied memory from p->buf into init instead of from the decrypted buffer block. The only reason this worked was because the crypt() function decrypts the value in-place and overwrites p->buf. I'm working on a fork that no longer does this and exposed this bug. - -Will Cosgrove (20 Oct 2017) -- [Pan brought this change] - - Fix typo in crypt.c (#218) + See warning details in the PR's individual commits. + + Cherry-picked from #846 + Closes #879 -Kamil Dudka (17 Oct 2017) -- session: avoid printing misleading debug messages +- src: silence compiler warnings 2 (ZLIB interface) - ... while throwing LIBSSH2_ERROR_EAGAIN out of session_startup() + Silence warnings in the ZLIB interface by adding casts and changing + types. - If the session runs in blocking mode, LIBSSH2_ERROR_EAGAIN never reaches - the libssh2 API boundary and, in non-blocking mode, these messages are - suppressed by the condition in _libssh2_error_flags() anyway. + See PR for individual commits. - Closes #211 + Cherry-picked from #846 + Closes #878 -Viktor Szakats (15 Oct 2017) -- win32/GNUmakefile: allow customizing dll suffixes +- src: silence compiler warnings 1 - - New `LIBSSH2_DLL_SUFFIX` envvar will add a suffix to the generated - libssh2 dll name. Useful to add `-x64` to 64-bit builds so that - it can live in the same directory as the 32-bit one. By default - this is empty. + Most of the changes aim to silence warnings by adding casts. - - New `LIBSSH2_DLL_A_SUFFIX` envvar to customize the suffix of the - generated import library (implib) for libssh2 .dll. It defaults - to `dll`, and it's useful to modify that to `.dll` to have the - standard naming scheme for mingw-built .dlls, i.e. `libssh2.dll.a`. + An assortment of other issues, mainly compiler warnings, resolved: - Ref: https://github.com/curl/curl/commit/aaa16f80256abc1463fd9374815130a165222257 + - unreachable code fixed by using `goto` in + `publickey_response_success()` in `publickey.c`. - Closes https://github.com/libssh2/libssh2/pull/215 - -- makefile.m32: allow to override gcc, ar and ranlib + - potentially uninitialized variable in `sftp_open()`. - Allow to ovverride certain build tools, making it possible to - use LLVM/Clang to build libssh2. The default behavior is unchanged. - To build with clang (as offered by MSYS2), these settings can - be used: + - MSVS-specific bogus warnings with `nid_type` in `kex.c`. - LIBSSH2_CC=clang - LIBSSH2_AR=llvm-ar - LIBSSH2_RANLIB=llvm-ranlib + - check result of `kex_session_ecdh_curve_type()`. - Also adjust ranlib parameters to be compatible with LLVM/Clang's - ranlib tool. + - add missing function declarations. - Closes https://github.com/libssh2/libssh2/pull/214 - -GitHub (27 Sep 2017) -- [Will Cosgrove brought this change] - - Fixes out of bounds memory access (#210) + - type changes to fit values without casts: + - `cmd_len` in `scp_recv()` and `scp_send()`: `int` -> `size_t` + - `Blowfish_expandstate()`, `Blowfish_expand0state()` loop counters: + `uint16_t` -> `int` + - `RECV_SEND_ALL()`: `int` -> `ssize_t` + - `shell_quotearg()` -> `unsigned` -> `size_t` + - `sig_len` in `_libssh2_mbedtls_rsa_sha2_sign()`: + `unsigned` -> `size_t` + - `prefs_len` in `libssh2_session_method_pref()`: `int` -> `size_t` + - `firstsec` in `_libssh2_debug_low()`: `int` -> `long` + - `method_len` in `libssh2_session_method_pref()`: `int` -> `size_t` - If an invalid PEM file is read and the lines are longer than 128 characters it will go out of bounds and crash on line 91. - -Will Cosgrove (11 Sep 2017) -- [Kamil Dudka brought this change] - - scp: do not NUL-terminate the command for remote exec (#208) + - simplify `_libssh2_ntohu64()`. + + - fix `LIBSSH2_INT64_T_FORMAT` for MinGW. + + - fix gcc warning by not using a bit field for + `burn_optimistic_kexinit`. + + - fix unused variable warning in `_libssh2_cipher_crypt()` in + `libgcrypt.c`. - It breaks SCP download/upload from/to certain server implementations. + - fix unused variables with `HAVE_DISABLED_NONBLOCKING`. - The bug does not manifest with OpenSSH, which silently drops the NUL - byte (eventually with any garbage that follows the NUL byte) before - executing it. + - avoid const stripping with `BIO_new_mem_buf()` and OpenSSL 1.0.2 and + newer. - Bug: https://bugzilla.redhat.com/1489736 + - add a missing const in `wincng.h`. + + - FIXME added for public: + - `libssh2_channel_window_read_ex()` `read_avail` argument type. + - `libssh2_base64_decode()` `datalen` argument type. + + - fix possible overflow in `sftp_read()`. + + Ref: 4552c73cd58fccb1fc49cb0f25f86619133e560f + + - formatting in `wincng.h`. + + See warning details in the PR's individual commits. + + Cherry-picked from #846 + Closes #876 -GitHub (21 Aug 2017) +GitHub (24 Mar 2023) - [Viktor Szakats brought this change] - openssl.c: remove no longer used variable (#204) + cmake: automatic exports macro tidy-up (#875) - after e378d2e30a40bd9bcee06dc3a4250f269098e200 - -- [Will Cosgrove brought this change] - - Fix for #188 (#189) + In a recent CMake update I left the original CMake EXPORTS macro + unchanged (`libssh2_EXPORTS`) for compatibility. - * Update openssl.c + However, that macro was also recently added [1] and not present in an + official release yet, so we might as well just use the new native one + instead (`libssh2_shared_EXPORTS`), defined by CMake automatically. + This way we don't need to define the old macro manually. - * Create openssl.h - -Will Cosgrove (24 May 2017) -- [Marcel Raad brought this change] - - openssl: fix build with OpenSSL 1.1 API (#176) + CMake forms this macro from the lib's internal name as defined in + `add_library()` by appending `_EXPORTS`. That target name changed from + `libssh2` to `libssh2_shared` after introducing dual shared + static + builds in the recent update. - When building with OPENSSL_API_COMPAT=0x10100000L, OpenSSL_add_all_algorithms - and OpenSSL_add_all_ciphers don't exist. The corresponding functionality is - handled automatically with OpenSSL 1.1. - -- [Sune Bredahl brought this change] - - Add support for SHA256 hostkey fingerprints (#180) + If we're here, add a new, stable, build-tool agnostic macro with the + same effect, for non-CMake use: `LIBSSH2_EXPORTS` - Looks good, thanks! - -GitHub (12 May 2017) -- [Will Cosgrove brought this change] - - Fix memory leak of crypt_ctx->h using openSSL 1.1+ (#177) + [1] 1f0fe7443a1ecddd320f2c693607b2afee9bbe2f (2021-10-26) - Need to use EVP_CIPHER_CTX_free instead of EVP_CIPHER_CTX_reset. + Follow-up to 4e2580628dd1f8dc51ac65ac747ebcf0e93fa3d1 -Marc Hoersken (2 Mar 2017) -- tests/openssh_server/authorized_keys: add key_rsa_encrypted.pub - -- tests: add simple test for passphrase-protected PEM file support - -- os400qc3: enable passphrase-protected PEM file support using pem.c - -- pem: fix indentation and replace assert after 386e012292 - -- [Keno Fischer brought this change] +- [Viktor Szakats brought this change] - pem: add passphrase-protected PEM file support for libgcrypt and wincng + maketgz: add .xz, .bz2, .zip source archive formats (#874) - Since they use our own PEM parser which did not support encrypted - PEM files, trying to use such files on these backends failed. - Fix that by augmenting the PEM parser to support encrypted PEM files. - -- [Thomas brought this change] - - misc: use time constant implementation for AES CTR increment - -- [Thomas brought this change] - - wincng: add AES CTR mode support (aes128-ctr, aes192-ctr, aes256-ctr) - -- [Thomas brought this change] + Copied from curl: + https://github.com/curl/curl/blob/4528690cd51e5445df74aef8f83470a602683797/maketgz#L174-L222 + + [ci skip] - openssl: move shared AES-CTR code into misc +Viktor Szakats (23 Mar 2023) +- dist: delete reference to recently deleted file [ci skip] + + Follow-up to b8762c1003d97e109efa587bdc760ff9873949eb -Daniel Stenberg (20 Dec 2016) -- [Alex Crichton brought this change] +GitHub (23 Mar 2023) +- [Viktor Szakats brought this change] - kex: acknowledge error code from libssh2_dh_key_pair() + cmake: separate compilation passes for shared/static (#871) - Fixes a segfault using ssh-agent on Windows + Before this patch, cmake did a single compilation pass when we enabled + both shared and static lib targets. This saves build time (esp. with + MinGW targets and cross-compiling), but has the disadvantage that static + libs built this way must have PIC enabled (offering slightly less + performance) and `dllexport` enabled also, which means that executables + linking the static libssh2 lib export its public symbols. - This commit fixes a segfault seen dereferencing a null pointer on - Windows when using ssh-agent. The problem ended up being that errors - weren't being communicated all the way through, causing null pointers to - be used when functions should have bailed out sooner. + To avoid these downsides, this patch separates the two passes and + creates a non-PIC, non-`dllexport` static lib, even when also building + the shared lib. + +- [Viktor Szakats brought this change] + + ci: test with OpenSSL v1.1.1 on AppVeyor (#870) - The `_libssh2_dh_key_pair` function for WinCNG was modified to propagate - errors, and then the two callsites in kex.c of - `diffie_hellman_sha{1,256}` were updated to recognize this error and - bail out. + Was: v1.0.2. - Fixes #162 - Closes #163 + Keep using v1.0.2 with the static-only test. To make sure we don't break + support. -Alexander Lamaison (27 Nov 2016) -- [monnerat brought this change] +- [Viktor Szakats brought this change] - Implement Diffie-Hellman computations in crypto backends. (#149) + ci: speed up static-only build tests on AppVeyor (#868) - Not all backends feature the low level API needed to compute a Diffie-Hellman - secret, but some of them directly implement Diffie-Hellman support with opaque - private data. The later approach is now generalized and backends are - responsible for all Diffie Hellman computations. - As a side effect, procedures/macros _libssh2_bn_rand and _libssh2_bn_mod_exp - are no longer needed outside the backends. - -Peter Stuge (16 Nov 2016) -- acinclude.m4: The mbedtls crypto backend actually requires libmbedcrypto + - limit static-only build to a single platform (x64). - Examples can't be linked with libmbedtls but need libmbedcrypto, and - any users of libssh2 which use libtool and libssh2.la would encounter - the same problem. + - skip running ctest for the static-only build. - This changes the mbedtls detection to search for libmbedcrypto, which - is the actual dependency for the backend. - -- acinclude.m4: Add CPPFLAGS=-I$prefix-dir/include in LIBSSH2_LIB_HAVE_LINKFLAGS + - use MSVS 2013 for static-only builds. It's faster. - This is absolutely neccessary for header files to be found when - AC_LIB_HAVE_LINKFLAGS searches for libraries. + - run static-only test before WinCNG ones. Otherwise it's often skipped + due to WinCNG failures (#804). -- acinclude.m4: Make saved variables in LIBSSH2_LIB_HAVE_LINKFLAGS uniform +- [Viktor Szakats brought this change] -- docs/HACKING.CRYPTO: Improve documentation for autoconf build system + cmake: fix error with static lib off and example/tests on (#869) + + Regression from 4e2580628dd1f8dc51ac65ac747ebcf0e93fa3d1 -Alexander Lamaison (16 Nov 2016) -- [Alex Arslan brought this change] +- [Viktor Szakats brought this change] - Check for netinet/in.h in the tests cmake file (#148) + ci: parallelize more (#867) -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - Define new Diffie-Hellman context for mbedTLS + cmake/src: move build options before target definitions (#864) + + To allow more flexibility when defining targets. -- [monnerat brought this change] +- [Viktor Szakats brought this change] - Make libssh2 work again on os400. (#118) + ci: use static+shared builds to cut number of cmake jobs (#865) - * os400: minimum supported OS version is now V6R1. - Do not log compiler informational messages. + With CMake builds supporting static-shared libssh2 builds in a single + pass, we no longer need to run static and shared jobs separately. For + the same effect it's enough to run builds with both shared and static + builds enabled. Halving CI jobs. - * Implement crypto backend specific Diffie-Hellman computation. + We add an extra run to test the CMake config-path without shared builds + enabled. - This feature is now needed on os400 because the QC3 library does not - implement bn_mod_exp() natively. Up to now, this function was emulated using - an RSA encryption, but commits ca5222ea819cc5ed797860070b4c6c1aeeb28420 and - 7934c9ce2a029c43e3642a492d3b9e494d1542be (CVE-2016-0787) broke the emulation - because QC3 only supports RSA exponents up to 512 bits. + This allows to add useful jobs, e.g. MSVS 2022 or ZLIB-enabled builds + for Windows, valgrind builds or other useful stuff, without stretching + CI run times further. - Happily, QC3 supports a native API for Diffie-Hellman computation, with - opaque random value: this commit implements the use of this API and, as a - side effect, enables support of this feature for any other crypto backend that - would use it. + Ref: #863 + +Viktor Szakats (22 Mar 2023) +- cmake: allow building static + shared libs in a single pass - A "generic" Diffie-Hellman computation internal API supports crypto backends - not implementing their own: this generic API uses the same functions as before. + - `BUILD_SHARED_LIBS=ON` no longer disables building static lib. - * Fix typos in docs/HACKING.CRYPTO. - -- [Peter Stuge brought this change] - - acinclude.m4: Fixup OpenSSL EVP_aes_128_ctr() detection - -- [Peter Stuge brought this change] - - configure.ac: Add --with-crypto= instead of many different --with-$backend + When set, we build the static lib with PIC enabled. - The new --with-crypto option replaces the previous backend-specific - --with-{openssl,libgcrypt,mbedtls,wincng} options and fixes some issues. + For shared lib only, set `BUILD_STATIC_LIBS=OFF`. For static lib + without PIC, leave this option disabled. - * libgcrypt or mbedtls would previously be used whenever found, even - if configure was passed --without-libgcrypt or --without-mbedtls. + - new setting: `BUILD_STATIC_LIBS`. `ON` by default. - * If --with-$backend was specified then configure would not fail even - if that library could not be found, and would instead use whichever - crypto library was found first. + Force-enabled when building examples or tests (we build those in + static mode always.) - The new option defaults to `auto`, which makes configure check for all - supported crypto libraries in turn, choosing the first one found, or - exiting with an error if none can be found. - -- [Tony Kelman brought this change] - - Build mbedtls from source on Travis (#133) + - fix to exclude Windows Resource from the static lib. - * Revert "Revert "travis: Test mbedtls too"" + - fix to not overwrite static lib with shared implib on Windows + platforms using identical suffix for them (MSVS). By using + `libssh2_imp<.ext>` implib filename. - This reverts commit c4c60eac5ca756333034b07dd9e0b97741493ed3. + - add support for `STATIC_LIB_SUFFIX` setting to set an optional suffix + (e.g. `_static`) for the static lib. (experimental, not documented). + Overrides the above when set. - * travis: Build mbedtls from source on Travis + - fix to set `dllexport` when building shared lib. - Use TOOLCHAIN_OPTION when calling cmake on mbedtls + - set `TrackFileAccess=false` for MSVS. - * tests: only run DSA tests for non-mbedtls + For faster builds, shorter verbose logs. - crypto backends - -- [Peter Stuge brought this change] - - configure.ac src/Makefile.am: Remove dead AM_CONDITIONAL(OS400QC3) + - tests: new test linking against shared libssh2: `test_warmup_shared` - According to os400/README400 this backend can not be built - with configure+make, and the conditional is hard coded to false. - -- [Peter Stuge brought this change] - - configure.ac: Add -DNDEBUG to CPPFLAGS in non-debug builds + - tests: simplify 'runner' lib by merging 3 libs into a single one. - There are a few uses of assert() in channel.c, sftp.c and transport.c. - -- [Peter Stuge brought this change] - - src/global.c: Fix conditional AES-CTR support + - tests: drop hack from `test_keyboard_interactive_auth_info_request` + build. - Most of libssh2 already has conditional support for AES-CTR according to - the LIBSSH2_AES_CTR crypto backend #define, but global.c needed fixing. - -- [Peter Stuge brought this change] - - src/crypto.h src/userauth.c: Fix conditional RSA support + We no longer need to compile `src/misc.c` because we always link + libssh2 statically. - Most of libssh2 already has conditional support for RSA according to - the LIBSSH2_RSA crypto backend #define, but crypto.h and userauth.c - needed a few small fixes. - -- [Peter Stuge brought this change] - - src/kex.c: Cast libssh2_sha{1,256}_update data arguments properly + - tests: limit `FIXTURE_WORKDIR=` to the `runner` target. - The update functions take a const unsigned char * but were called - with (const) char * in some places, causing unneccessary warnings. - -- [Peter Stuge brought this change] - - docs/HACKING.CRYPTO: Fix two type typos - -- [Sergei Trofimovich brought this change] + TL;DR: Default behavior unchanged: static (no-PIC), no shared. + Enabling shared unchanged, but now also builds a static (PIC) + lib by default. + + Based-on: b60dca8b6450a9729670986d2899cca54ccdbb6d #547 by berney on github + Fixes: #547 + Fixes: #675 + Closes: #863 - acinclude.m4: fix ./configure --with-libgcrypt +- include: silence warnings with casts in public `libssh2_sftp.h` - The change fixes passing of bogus gcrypt prefix. - Reproducible as: + Avoid triggering warnings in macros coming from public libssh2 headers. - $ ./configure --with-libgcrypt - $ make V=1 - ... - /bin/sh ../libtool --tag=CC --mode=link gcc -g -O2 -Iyes/include -version-info 1:1:0 -no-undefined -export-symbols-regex '^libssh2_.*' -lgcrypt -lz -Lyes/lib -o libssh2.la -rpath /usr/local/lib channel.lo comp.lo crypt.lo hostkey.lo kex.lo mac.lo misc.lo packet.lo publickey.lo scp.lo session.lo sftp.lo userauth.lo transport.lo version.lo knownhost.lo agent.lo libgcrypt.lo pem.lo keepalive.lo global.lo -lgcrypt - ../libtool: line 7475: cd: yes/lib: No such file or directory - libtool: error: cannot determine absolute directory name of 'yes/lib' + Cherry-picked from: #846 + Closes #862 + +- example, tests: address compiler warnings - These - -Iyes/include - -Lyes/lib - come from libgcrypt code autodetection: - if test -n "$use_libgcrypt" && test "$use_libgcrypt" != "no"; then - LDFLAGS="$LDFLAGS -L$use_libgcrypt/lib" - CFLAGS="$CFLAGS -I$use_libgcrypt/include" + Fix or silence all C compiler warnings discovered with (or without) + `PICKY_COMPILER=ON` (in CMake). This means all warnings showing up in + CI (gcc, clang, MSVS 2013/2015), in local tests on macOS (clang 14) and + Windows cross-builds using gcc (12) and llvm/clang (14/15). - I assume it's a typo to use yes/no flag as a prefix and changed - it to '$with_libgcrypt_prefix'. + Also fix the expression `nread -= nread` in `sftp_RW_nonblock.c`. - Reported-by: Mikhail Pukhlikov - Signed-off-by: Sergei Trofimovich - -- [Zenju brought this change] + Cherry-picked from: #846 + Closes #861 - libssh2_sftp_init hang: last error not set +- openssl: require `EVP_aes_128_ctr()` support - The problem is that the original if statement simply returns NULL, but does not set the session last error code. The consequence is that libssh2_sftp_init() also returns NULL and libssh2_session_last_errno(sshSession) == LIBSSH2_ERROR_NONE. + libssh2 built with OpenSSL and without its `EVP_aes_128_ctr()`, aka + `HAVE_EVP_AES_128_CTR`, option are working incorrectly. This option + wasn't always auto-detected by autotools up until recently (#811). + Non-cmake, non-autotools build methods never enabled it automatically. - In my test the LIBSSH2_ERROR_EAGAIN is coming from sftp.c row 337: - if(4 != sftp->partial_size_len) - /* we got a short read for the length part */ - return LIBSSH2_ERROR_EAGAIN; + OpenSSL supports this options since at least v1.0.2, which is already + EOLed and considered obsolete. OpenSSL forks (LibreSSL, BoringSSL) + supported it all along. - with "partial_size_len == 0". Not sure if this is expected. - -- [Aidan Hobson Sayers brought this change] - - docs: correctly describe channel_wait_eof + In this patch we enable this option unconditionally, now requiring + OpenSSL supporting this function, or one of its forks. - channel_wait_eof waits for channel->remote.eof, which is set on - receiving a `SSH_MSG_CHANNEL_EOF` message. This message is sent - when a party has no more data to send on a channel. - -- [Zenju brought this change] + Also modernize OpenSSL lib references to what 1.0.2 and newer versions + have been using. + + Fixes #739 - Fix MSVC 14 compilation warning (#92) +- wincng: fix memory leak in `_libssh2_dh_secret()` - 1> sftp.c - 1>libssh2-files\src\sftp.c(3393): warning C4456: declaration of 'retcode' hides previous local declaration - 1> libssh2-files\src\sftp.c(3315): note: see declaration of 'retcode' + Patch-by: iruis on github + Assisted-by: Marc Hörsken + Bug #846, commit e3487092ef9553af67633c6747cb9ab2f86465e0. + Fixes #856 + Closes #858 + +GitHub (19 Mar 2023) +- [Viktor Szakats brought this change] -- [Salvador Fandino brought this change] + nw, os400, watcom: stop setting unused macros [ci skip] (#859) - LIBSSH2_ERROR_CHANNEL_WINDOW_FULL: add new error code +Viktor Szakats (19 Mar 2023) +- cmake: fix `ENABLE_WERROR=ON` breaking auto-detections - In order to signal that the requested operation can not succeed - because the receiving window had been exhausted, the error code - LIBSSH2_ERROR_BUFFER_TOO_SMALL has been reused but I have found - that in certain context it may be ambigous. + - cmake: fix compiler warnings in `CheckNonblockingSocketSupport`. + detection functions. - This patch introduces a new error code, - LIBSSH2_ERROR_CHANNEL_WINDOW_FULL, exclusive to signal that condition. - -- [Salvador Fandino brought this change] - - channel_wait_eof: handle receive window exhaustion + Without this, these detections fail when `ENABLE_WERROR=ON`. - Until now, in blocking mode, if the remote receiving window is - exhausted this function hangs forever as data is not read and the - remote side just keeps waiting for the window to grow before sending - more data. + - cmake: disable ENABLE_WERROR for MSVC during symbol checks in `src`. - This patch, makes this function check for that condition and abort - with an error when it happens. - -- [Salvador Fandino brought this change] - - channel_wait_closed: don't fail when unread data is queued + CMake's built-in symbol check function `check_symbol_exists()` + generate warnings with MSVC. With warnings considered errors, these + detections fail permanently. Our workaround is to disable + warnings-as-errors while running these checks. - This function was calling channel_wait_eof to ensure that the EOF - packet has already been received, but that function also checks that - the read data queue is empty before reporting the EOF. That caused - channel_wait_closed to fail with a LIBSSH2_ERROR_INVAL when some data - was queued even after a successful call to libssh2_channel_wait_eof. + ``` + CheckSymbolExists.c(8): warning C4054: 'type cast': from function pointer '__int64 (__cdecl *)(const char *,char **,int)' to data pointer 'int *' + in `return ((int*)(&strtoll))[argc];` + ``` - This patch changes libssh2_channel_wait_closed to look directly into - channel->remote.eof so that both libssh2_channel_wait_eof and - libssh2_channel_wait_closed bahave consistently. - -- [Salvador Fandino brought this change] - - channel_wait_eof: fix debug message - -Daniel Stenberg (25 Oct 2016) -- libssh2.h: start working on 1.8.1 - -Version 1.8.0 (25 Oct 2016) - -Daniel Stenberg (25 Oct 2016) -- RELEASE-NOTES: adjusted for 1.8.0 - -Kamil Dudka (20 Oct 2016) -- Revert "aes: the init function fails when OpenSSL has AES support" + Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46537222/job/4vg4yg333mu2lg9b - This partially reverts commit f4f2298ef3635acd031cc2ee0e71026cdcda5864 - because it caused the compatibility code to call initialization routines - redundantly, leading to memory leakage with OpenSSL 1.1 and broken curl - test-suite in Fedora: + - example: replace `strcasecmp()` with C89 `strcmp()`. - 88 bytes in 1 blocks are definitely lost in loss record 5 of 8 - at 0x4C2DB8D: malloc (vg_replace_malloc.c:299) - by 0x72C607D: CRYPTO_zalloc (mem.c:100) - by 0x72A2480: EVP_CIPHER_meth_new (cmeth_lib.c:18) - by 0x4E5A550: make_ctr_evp.isra.0 (openssl.c:407) - by 0x4E5A8E8: _libssh2_init_aes_ctr (openssl.c:471) - by 0x4E5BB5A: libssh2_init (global.c:49) - -Daniel Stenberg (19 Oct 2016) -- [Charles Collicutt brought this change] - - libssh2_wait_socket: Fix comparison with api_timeout to use milliseconds (#134) + To avoid using CMake symbol checks in `example`. - Fixes #74 - -- [Charles Collicutt brought this change] - - Set err_msg on _libssh2_wait_socket errors (#135) - -- Revert "travis: Test mbedtls too" + Another option is to duplicate the `check_symbol_exists()` workaround + from `src`, but I figure it's not worth the complexity. We use + `strcasecmp()` solely to check optional command-line options for + example programs, and those are fine as lower-case. - This reverts commit 3e6de50a24815e72ec5597947f1831f6083b7da8. + Without this, these detections fail when `ENABLE_WERROR=ON`. - Travis doesn't seem to support the mbedtls-dev package - -- maketgz: support "only" to only update version number locally + - also delete `__function__` detection/use in `example`. - and fix the date output locale - -- configure: make the --with-* options override the OpenSSL default + To avoid the complexity for the sake of using it at a single place in + of the example's error branch. Replace that use with a literal name of + the function. - ... previously it would default to OpenSSL even with the --with-[crypto] - options used unless you specificly disabled OpenSSL. Now, enabling another - backend will automatically disable OpenSSL if the other one is found. - -- [Keno Fischer brought this change] - - docs: Add documentation on new cmake/configure options - -- [Keno Fischer brought this change] - - configure: Add support for building with mbedtls - -- [wildart brought this change] - - travis: Test mbedtls too - -- [wildart brought this change] - - crypto: add support for the mbedTLS backend + - cmake: also use `CMakePushCheckState` functions instead of manual + save/restore. - Closes #132 - -- [wildart brought this change] - - cmake: Add CLEAR_MEMORY option, analogously to that for autoconf - -- README.md: fix link typo + Closes #857 -- README: markdown version to look nicer on github - -Viktor Szakats (5 Sep 2016) -- [Taylor Holberton brought this change] - - openssl: add OpenSSL 1.1.0 compatibility - -Daniel Stenberg (4 Sep 2016) -- [Antenore Gatta brought this change] - - tests: HAVE_NETINET_IN_H was not defined correctly (#127) +- build: improve a test build workaround with bcrypt - Fixes #125 - -- SECURITY: fix web site typo - -- SECURITY: security process - -GitHub (14 Aug 2016) -- [Alexander Lamaison brought this change] - - Basic dockerised test suite. + - cmake: extend workaround for linking a test with shared libssh2. - This introduces a test suite for libssh2. It runs OpenSSH in a Docker - container because that works well on Windows (via docker-machine) as - well as Linux. Presumably it works on Mac too with docker-machine, but - I've not tested that. + One of the tests uses internal libssh2 functions, and with CMake it + compiles `src/misc.c` directly for this. `misc.c` references bcrypt / + blowfish code. This needs a workaround for build configs where libssh2 + doesn't export these. - Because the test suite is docker-machine aware, you can also run it - against a cloud provider, for more realistic network testing, by setting - your cloud provider as your active docker machine. The Appveyor CI setup - in this commit does that because Appveyor doesn't support docker - locally. - -Kamil Dudka (3 Aug 2016) -- [Viktor Szakats brought this change] - - misc.c: Delete unused static variables + Before this patch, we enabled this workaround for MSVC. - Closes #114 - -Daniel Stenberg (9 Apr 2016) -- [Will Cosgrove brought this change] - - Merge pull request #103 from willco007/patch-2 + In the patch we extend this to all Windows. There is no CI test for + this, but gcc and llvm/clang + mingw64 builds also need it. This may + well apply to other configurations (it should, as shared libs are not + supposed to export internal functions), so also make it easy to enable + it at a single point. - Fix for security issue CVE-2016-0787 - -Alexander Lamaison (2 Apr 2016) -- [Zenju brought this change] - - Fix MSVC 14 compilation errors + [ autotools builds force-link this one test against static libssh2. ] - For _MSC_VER == 1900 these macros are not needed and create problems: + - make `misc.c` not depend on bcrypt. + By moving out our `bcrypt_pbkdf()` wrapper into `bcrypt_pbkdf.c` + itself. + This allows to compile `misc.c` into tests without pulling in bcrypt / + blowfish functions, and simplify the above workaround. - 1>C:\Program Files (x86)\Windows Kits\10\Include\10.0.10240.0\ucrt\stdio.h(1925): warning C4005: 'snprintf': macro redefinition (compiling source file libssh2-files\src\mac.c) + Source code uses `HAVE_BCRYPT_PBKDF`, a leftover from original bcrypt + source. We never define this inside libssh2. Defining it breaks the + build, and this patch doesn't change that. - 1> \win32\libssh2_config.h(27): note: see previous definition of 'snprintf' (compiling source file libssh2-files\src\mac.c) + - make `bcrypt_pbkdf()` static. - 1>C:\Program Files (x86)\Windows Kits\10\Include\10.0.10240.0\ucrt\stdio.h(1927): fatal error C1189: #error: Macro definition of snprintf conflicts with Standard Library function declaration (compiling source file libssh2-files\src\mac.c) - -Daniel Stenberg (26 Mar 2016) -- [Brad Harder brought this change] + While here, make the low-level `bcrypt_pbkdf()` function static to + avoid namespace pollution. + + Closes #855 - _libssh2_channel_open: speeling error fixed in channel error message +GitHub (17 Mar 2023) +- [Viktor Szakats brought this change] -Alexander Lamaison (15 Mar 2016) -- Link with crypt32.lib on Windows. + ci: more timeout adjustments (#853) - Makes linking with static OpenSSL work again. Although it's not - required for dynamic OpenSSL, it does no harm. + - add timeout to SSH connection wait loop in AppVeyor test prep. + (2 minutes) - Fixes #98. - -- [Craig A. Berry brought this change] - - Tweak VMS help file building. + - switch to per-step timeout for GitHub CI cmake/ctest runs. + (10 minutes) - Primarily this is handling cases where top-level files moved into - the docs/ directory. I also corrected a typo and removed the - claim that libssh2 is public domain. + ctest timeout (of 450 seconds) didn't seem to make any difference. -- [Craig A. Berry brought this change] - - Build with standard stat structure on VMS. +Viktor Szakats (17 Mar 2023) +- ci: set timeout to ctest and GitHub CI jobs - This gets us large file support, is available on any VMS release - in the last decade and more, and gives stat other modern features - such as 64-bit ino_t. - -- [Craig A. Berry brought this change] - - Update vms/libssh2_config.h. + - `ctest` shows a the default timeout '10000000' (turns out to be + in seconds), cause infinite waits e.g. in case the necessary server + worker is not available. - VMS does have stdlib.h, gettimeofday(), and OpenSSL. The latter - is appropriate to hard-wire in the configuration because it's - installed by default as part of the base operating system and - there is currently no libgcrypt port. - -- [Craig A. Berry brought this change] - - VMS can't use %zd for off_t format. + CMake CI tests take approx: + - GitHub / Linux : 125 seconds + - AppVeyor / Windows: 300 seconds - %z is a C99-ism that VMS doesn't currently have; even though the - compiler is C99-compliant, the library isn't quite. The off_t used - for the st_size element of the stat can be 32-bit or 64-bit, so - detect what we've got and pick a format accordingly. - -- [Craig A. Berry brought this change] - - Normalize line endings in libssh2_sftp_get_channel.3. + New timeouts are: 450 and 900 seconds respectively. - Somehow it got Windows-style CRLF endings so convert to just LF, - for consistency as well as not to confuse tools that will regard - the \r as content (e.g. the OpenVMS help librarian). - -Dan Fandrich (29 Feb 2016) -- libgcrypt: Fixed a NULL pointer dereference on OOM - -Daniel Stenberg (24 Feb 2016) -- [Viktor Szakats brought this change] - - url updates, HTTP => HTTPS + - set timeouts for style-check, fuzz, Linux and Windows GitHub CI + jobs to avoid hanging forever. - Closes #87 - -Dan Fandrich (23 Feb 2016) -- RELEASE-NOTES: removed some duplicated names - -Version 1.7.0 (23 Feb 2016) - -Daniel Stenberg (23 Feb 2016) -- web: the site is now HTTPS - -- RELEASE-NOTES: 1.7.0 release - -- diffie_hellman_sha256: convert bytes to bits + Also: - As otherwise we get far too small numbers. + - move `choco install` to before_test to make builds start faster + in `appveyor.yml`. - Reported-by: Andreas Schneider + - fix some yamllint `ON`/`OFF`-confusion issue by quoting these + values in `appveyor.yml`. - CVE-2016-0787 - -Alexander Lamaison (18 Feb 2016) -- Allow CI failures with VS 2008 x64. + - fix indentation in `appveyor.yml`. - Appveyor doesn't support this combination. - -Daniel Stenberg (16 Feb 2016) -- [Viktor Szakats brought this change] - - GNUmakefile: list system libs after user libs + - convert to GitHub workflows to LF line-ending. - Otherwise some referenced WinSock functions will fail to - resolve when linking against LibreSSL 2.3.x static libraries - with mingw. + Ref: https://github.com/libssh2/libssh2/pull/655#issuecomment-1472853493 - Closes #80 + Closes #851 +GitHub (17 Mar 2023) - [Viktor Szakats brought this change] - openssl: apply new HAVE_OPAQUE_STRUCTS macro + ci: update mbedTLS repo URL, delete Travis CI (#850) + + Last Travis CI session run on 2021-11-18. - Closes #81 + Ref: https://app.travis-ci.com/github/libssh2/libssh2 + Ref: https://travis-ci.org/github/libssh2/libssh2/builds - [Viktor Szakats brought this change] - openssl: fix LibreSSL support after OpenSSL 1.1.0-pre1/2 support - -Alexander Lamaison (14 Feb 2016) -- sftp.h: Fix non-C90 type. + appveyor.yml: reorder tests to return relevant feedback earlier (#849) - uint64_t does not exist in C90. Use libssh2_uint64_t instead. - -- Exclude sshd tests from AppVeyor. + - build x64 first - They fail complaining that sshd wasn't invoked with an absolute path. - -- Test on more versions of Visual Studio. - -- Fix Appveyor builds. - -Daniel Stenberg (14 Feb 2016) -- [Viktor Szakats brought this change] - - openssl: add OpenSSL 1.1.0-pre3-dev compatibility + x64 is the more interesting target. Most type conversion issues are + revealed here. Also more commonly used by now. - by using API instead of accessing an internal structure. + - test VS 2013 earlier - Closes #83 - -- RELEASE-NOTES: synced with 996b04ececdf - -- include/libssh2.h: next version is 1.7.0 - -- configure: build "silent" if possible - -- sftp: re-indented some minor stuff - -- [Jakob Egger brought this change] - - sftp.c: ensure minimum read packet size + - test WinCNG earlier - For optimum performance we need to ensure we don't request tiny packets. - -- [Jakob Egger brought this change] - - sftp.c: Explicit return values & sanity checks - -- [Jakob Egger brought this change] - - sftp.c: Check Read Packet File Offset + - delete reference to no longer used VS 2008 - This commit adds a simple check to see if the offset of the read - request matches the expected file offset. + After this patch we end up starting with all Shared builds (2015, 2013, + OpenSSL, WinCNG), then continue with Static ones. Shared/Static makes + a minor if any difference in builds/tests compared to different VS + versions of TLS backends. - We could try to recover, from this condition at some point in the future. - Right now it is better to return an error instead of corrupted data. - -- [Jakob Egger brought this change] - - sftp.c: Don't return EAGAIN if data was written to buffer - -- [Jakob Egger brought this change] - - sftp.c: Send at least one read request before reading + -- + + CI run times: + + Preparation + build takes: + 8 x VS2015 4.5 mins -> total: 36 + 8 x VS2013 2 mins -> total: 16 + Total: 52 mins - This commit ensures that we have sent at least one read request before - we try to read data in sftp_read(). + with our 30 tests, it increases to: + 8 x VS2015 8-10 mins -> total: 72 + 8 x VS2013 6- 9 mins -> total: 60 + Total: 132 mins - Otherwise sftp_read() would return 0 bytes (indicating EOF) if the - socket is not ready for writing. + Without tests: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46475315 + With tests: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46480549 -- [Jakob Egger brought this change] - - sftp.c: stop reading when buffer is full +Dan Fandrich (14 Mar 2023) +- src: check for NULL pointer passed to _libssh2_get_string - Since we can only store data from a single chunk in filep, - we have to stop receiving data as soon as the buffer is full. + Callers should be protecting against this, but it's prudent to check + here anyway. - This adresses the following bug report: - https://github.com/libssh2/libssh2/issues/50 + Fixes #802 + Closes #848 -Salvador Fandiño (21 Jan 2016) -- agent_disconnect_unix: unset the agent fd after closing it +Viktor Szakats (14 Mar 2023) +- appveyor.yml: choco install improvements [ci skip] - "agent_disconnect_unix", called by "libssh2_agent_disconnect", was - leaving the file descriptor in the agent structure unchanged. Later, - "libssh2_agent_free" would call again "libssh2_agent_disconnect" under - the hood and it would try to close again the same file descriptor. In - most cases that resulted in just a harmless error, but it is also - possible that the file descriptor had been reused between the two - calls resulting in the closing of an unrelated file descriptor. + - avoid outputting 4000 log lines by hiding the progress bar. + Reduces log size by 5x. - This patch sets agent->fd to LIBSSH2_INVALID_SOCKET avoiding that - issue. + - decrease timeout (from the default 2700 seconds). - Signed-off-by: Salvador Fandiño + - omit unnecessary output. + + Tested as part of #846 -Daniel Stenberg (18 Jan 2016) -- [Patrick Monnerat brought this change] +GitHub (14 Mar 2023) +- [Jakob Egger brought this change] - os400qc3: support encrypted private keys + build: update instructions for autoreconf (#847) - PKCS#8 EncryptedPrivateKeyinfo structures are recognized and decoded to get - values accepted by the Qc3 crypto library. + The "convenience script" talks about the "buildconf" file, + which is no longer recommended. -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400qc3: New PKCS#5 decoder + win32: set HAVE_STRTOLL with MSVS 2013 and newer (#845) - The Qc3 library is not able to handle PKCS#8 EncryptedPrivateKeyInfo structures - by itself. It is only capable of decrypting the (encrypted) PrivateKeyInfo - part, providing a key encryption key and an encryption algorithm are given. - Since the encryption key and algorithm description part in a PKCS#8 - EncryptedPrivateKeyInfo is a PKCS#5 structure, such a decoder is needed to - get the derived key method and hash, as well as encryption algorith and - initialisation vector. + As in curl: + https://github.com/curl/curl/blob/7fa6e36583b52dd8f1e639b370c9a2849be81b54/lib/config-win32.h#L221 -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400qc3: force continuous update on non-final hash/hmac computation + GNUmakefile: move HAVE_STRTOLL to libssh2_config.h [ci skip] (#844) -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] + + src: silence unused variable warnings (#843) + +Viktor Szakats (13 Mar 2023) +- GNUmakefile: add wolfSSL support + major rework + + - add wolfSSL support. + - reduce size and redundant logic. + - fix a bunch of small issues. + - rework configuration, now with: `CC`, `AR`, `RC`, `TRIPLET`, `CFLAGS`, + `CPPFLAGS`, `LDFLAGS`, `RCFLAGS`, `LIBS`, `LIBSSH2_DLL_SUFFIX`, + `LIBSSH2_LDFLAGS_LIB`, `LIBSSH2_LDFLAGS_BIN` (and more). + - merge examples build into the main Makefile. + - relative dependency paths are now the same for building libssh2 or + examples. + - drop detection for obsolete OpenSSL versions (can be configure via new + `OPENSSL_LIBS`). + - merge dev/dist distribution zip options. + - build libssh2 with `-DHAVE_STRTOLL`. + - tidy-up. + - build examples in static mode by default (use `DYN` to build them in + shared mode). + - drop forced (in non-debug mode) `-O2`. + - drop Win9x support. + - deprecate `ARCH` in favour of custom options and `TRIPLET`. + - drop Windows resources from examples for simplicity + - drop `WITH_ZLIB`. Default `ZLIB_PATH` to enable zlib support. + - drop `LIBSSH2_DLL_A_SUFFIX`, use standard value `.dll` (as in + `libssh2.dll.a`). + - always link `bcrypt` (for LibreSSL and OpenSSL) and `crypt32` + (for wolfSSL). + - unhide executed build commands. + - fix mbedTLS `lib` path + - drop specific options to force static linking. Custom options seems + a better way for this. + - based on similar work made for curl: + https://github.com/curl/curl/commit/a8861b6ccdd7ca35b6115588a578e36d765c9e38 + + Closes #842 + +GitHub (13 Mar 2023) +- [Viktor Szakats brought this change] - os400qc3: Be sure hmac keys have a minimum length + wincng: fix memory leak in libssh2_dh_key_pair() (#829) - The Qc3 library requires a minimum key length depending on the target - hash algorithm. Append binary zeroes to the given key if not long enough. - This matches RFC 2104 specifications. + Fixes #722 -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400qc3: Slave descriptor for key encryption key + src: C89-compliant _libssh2_debug() macro (#831) + + Before this patch, with debug logging disabled, libssh2 code used a + variadic macro to catch `_libssh2_debug()` calls, and convert them to + no-ops. In certain conditions, it used an empty inline function instead. - The Qc3 library requires the key encryption key to exist as long as - the encrypted key is used. Its descriptor token is then kept as an - "encrypted key slave" for recursive release. + Variadic macro is a C99 feature. It means that depending on compiler, + and build settings, it littered the build log with warnings about this. + + The new solution uses the trick of passing the variable arg list as a + single argument and pass that down to the debug function with a regular + macro. When disabled, another regular C89-compatible macro converts it + to a no-op. + + This makes inlining, C99 variadic macros and maintaining the conditions + for each unnecessary and also makes the codebase compile more + consistently, e.g. with forced C standards and/or picky warnings. + + TL;DR: It makes this feature C89-compliant. -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400qc3.c: comment PEM/DER decoding + openssl: fix possible compiler warning in macro condition (#839) + + Building with wolfSSL or pre-OpenSSL v1.1.1 triggered it. + + ``` + ../src/openssl.h:130:5: warning: 'LIBRESSL_VERSION_NUMBER' is not defined, evaluates to 0 [-Wundef] + LIBRESSL_VERSION_NUMBER >= 0x3070000fL + ^ + ``` + + Regression from 2e2812dde8c1fc9b48eca592823770ab2e601f7a -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400qc3.c: improve ASN.1 header byte checks + GNUmakefile: cleanups [ci skip] (#840) + + - indent + - sync `test/GNUmakefile` with main + - delete `RANLIB` + - use `else if` + - use more `?=` + - use ASCII-7 copyright symbol (in test) -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400qc3.c: improve OID matching + win32: convert tabs to spaces [ci skip] (#838) + + Also strip stray newlines from `win32/rules.mk`. -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: os400qc3.c: replace malloc by LIBSSH2_ALLOC or alloca where possible + ci: retry choco install on appveyor (#837) + + Trying to mitigate occasional intermittent failures while installing + docker. + + Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46460704/job/g3t7bro6ta6n3pk6#L52 -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: asn1_new_from_bytes(): use data from a single element only + cmake: drop unnecessary exception for warmup build (#835) -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: fix an ILE/RPG prototype + cmake: reflect minimum version in docs (#834) + + Follow-up to 505ea626b6e125b7ce15caf453b522192008a884 -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: implement character encoding conversion support + cmake: add wolfSSL support to tests (#833) + + wolfSSL supports building with zlib as a dependency, that's the reason + for the ZLIB logic in the patch. + + Also add it to `docs/INSTALL_CMAKE.md` and to the help text in + `src/CMakeLists.txt`. + + Running tests not actually tested. + + Follow-up to 9f217a17f6f3c2047c4a1668a5c037a75a02abfd + + Ref: #817 -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: do not miss some external prototypes + tests: workaround for intermittent first test failures (#832) - Build procedure extproto() did not strip braces from header files, thus - possibly prepended them to true prototypes. This prevented the prototype to - be recognized as such. - The solution implemented here is to map braces to semicolons, effectively - considering them as potential prototype delimiters. + Flakiness got continously worse these last days. It didn't seem related + to recent commits. Flakiness also picked up in GitHub CI runs, something + rarely seen before. Manual restart consistently fixed them. + + The repeating pattern was the _first_ test (`test_hostkey`) failing, + with `libssh2_session_handshake failed (-13): Failed getting banner`. + Failures came after a lengthy wait, suggesting a timeout. + + I then reversed the order of the first two tests, and it turned out that + the _first_ test failed again (`test_hostkey_hash`). Also pointing to a + timeout issue. + + Then I added a dummy test to "warm up" whatever needs warming up in the + layers of CI + Docker + ssh server and their interconnects. This helped, + and GitHub CI tests run without failure right for the first time. + AppVeyor CI also improved a little. + + This patch adds a new first test called `test_warmup`, that creates a + new libssh2 session, and exits with success even if that attempt failed. + + A stop-gap solution at best, and there is no guarantee it will continue + to fix this or similar future issues, but it's also untenable to have + almost every CI run fail for intermittent reasons. + + In some [1] cases [2] it's not the first test failing intermittently. + That's a different issue, and this patch doesn't fix it. + + [1] #804 + [2] https://ci.appveyor.com/project/libssh2org/libssh2/builds/46440828/job/8rej6cq6itg7vc4w#L500 -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: Really add specific README + cmake: detect HAVE_SNPRINTF for tests (#830) + + Turns out `test_keyboard_interactive_auth_info_request.c` requires + `src/libssh2_priv.h`, which in turn requires a correctly set + `HAVE_SNPRINTF`. + + Follow-up to 4cdf785cd313c3272d04c2ef7458a35d44533d8b. -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: Add specific README and include new files in dist tarball + cmake: unset forced CMAKE_C_STANDARD 90 (#822) + + Added in cf80f2f4b5255cc85a04ee43b27a29c678c1edb1 (on 2016-08-14), + with the title "Basic dockerised test suite". + + It's not clear why a C standard was explicitly set, but a side-effect + of this is that CMake-built binaries diverged from ones built with + autotools or GNU Make (using the same compiler and configuration). + + Another issue is that this may introduce ABI incompatibility with + binaries built with a different C standard flag, e.g. the C compiler + default or one used for other components of a final app. + + Seems unlikely, but if our tests require this option, we should set it + for the CI builds only? -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: add compilation scripts + example: silence MSVS 2013 C4127 warnings (#828) -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: include files for ILE/RPG + cmake: reposition ws2_32 to make binutils ld work again (#827) + + This restores socket libs to their pre-regression positions. - In addition, file os400/macros.h declares all procedures originally - defined as macros. It must not be used for real inclusion and is only - intended to be used as a `database' for macro wrapping procedures generation. + Without this, `ld` doesn't find `ws2_32` symbols when referenced + from TLS libs. + + Regression from 31fb8860dbaae3e0b7d38f2a647ee527b4b2a95f -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - os400: add supplementary header files/wrappers. Define configuration. + fix compiling with LIBSSH2_NO_CLEAR_MEMORY and OpenSSL (#825) + + Regression from a0e424a51c27cc27af611ba20d134f9a9ae35273 + + Fixes #824 -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - Protect callback function calls from macro substitution + snprintf: add missing prototype for local replacement (#820) - Some structure fields holding callback addresses have the same name as the - underlying system function (connect, send, recv). Set parentheses around - their reference to suppress a possible macro substitution. + Should fix these warnings with MSVS 2013 and older: + `agent.c(294): warning C4013: '_libssh2_snprintf' undefined; assuming extern returning int` - Use a macro for connect() on OS/400 to resolve a const/nonconst parameter - problem. + Follow-up to 4cdf785cd313c3272d04c2ef7458a35d44533d8b. -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - Add interface for OS/400 crypto library QC3 + build: set _FILE_OFFSET_BITS=64 for mingw-w64 (#821) + + autotools builds already did auto-detect and set this mingw-specific + macro, but CMake and GNU Make builds did not. This patch fixes that. + + Necessary for `src/scp.c`. -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - misc: include stdarg.h for debug code + cmake: add os400qc3.c to SOURCES (#826) + + This re-syncs the list of compiled objects in cmake builds with + non-cmake builds. + + Follow-up to 16619a8eddec35bb8582d1c334db0fc13b0817c4. -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - Document crypto library interface + build: silence bogus C4127 warnings with MSVS 2013 and earlier (#819) + + E.g.: + `channel.c(370): warning C4127: conditional expression is constant` + Ref: + https://ci.appveyor.com/project/libssh2org/libssh2/builds/46437333/job/5rak1vcl9hue31ei#L190 -- [Patrick Monnerat brought this change] +- [Viktor Szakats brought this change] - Feature an optional crypto-specific macro to rsa sign a data fragment vector + cmake: use only needed socket libs when checking non-blocking sockets (#816) - OS/400 crypto library is unable to sign a precomputed SHA1 hash: however - it does support a procedure that hashes data fragments and rsa signs. - If defined, the new macro _libssh2_rsa_sha1_signv() implements this function - and disables use of _libssh2_rsa_sha1_sign(). + Based on patch by Christian Beier. - The function described above requires that the struct iovec unused slacks are - cleared: for this reason, macro libssh2_prepare_iovec() has been introduced. - It should be defined as empty for crypto backends that are not sensitive - to struct iovec unused slack values. - -- [Patrick Monnerat brought this change] - - Fold long lines in include files + Fixes #694 + Closes #712 - [Viktor Szakats brought this change] - kex.c: fix indentation + cmake: update openssl dll list (#818) + + Add OpenSSL 3 and versionless DLL names. Also modernize warning messages + and variable names. - Closes #71 + Do we need the OpenSSL-Windows-specific check and the related + `RUNTIME_DEPENDENCIES` feature? The list of OpenSSL DLLs was out of date + for 1.5 years without anybody noticing. Keeping it fresh is a chore and + copying around DLL dependencies rarely helps as much as expected. This + check also results in unuseful warnings in certain build scenarios, e.g. + when linking to OpenSSL statically. - [Viktor Szakats brought this change] - add OpenSSL-1.1.0-pre2 compatibility + cmake: add wolfSSL support (#817) + + Implement wolfSSL support for libssh2 when building with CMake. + + Configuration example from curl-for-win: + ``` + -DCRYPTO_BACKEND=wolfSSL + -DWOLFSSL_LIBRARY=/path-to/wolfssl/lib/libwolfssl.a + -DWOLFSSL_INCLUDE_DIR=/path-to/wolfssl/include + ``` - Closes #70 + Module `cmake/Findwolfssl.cmake` copied from: + https://github.com/ngtcp2/ngtcp2/blob/e4d920c4b7a350d63b6978c68b216b76faa12635/cmake/Findwolfssl.cmake + via commit: + https://github.com/ngtcp2/ngtcp2/commit/296396d3730b721ad97f9de22f525400f8524c0e + by Stefan Eissing - [Viktor Szakats brought this change] - add OpenSSL 1.1.0-pre1 compatibility + cmake: restore non-Windows socket lib detection (#815) - * close https://github.com/libssh2/libssh2/issues/69 - * sync a declaration with the rest of similar ones - * handle EVP_MD_CTX_new() returning NULL with OpenSSL 1.1.0 - * fix potential memory leak with OpenSSL 1.1.0 in - _libssh2_*_init() functions, when EVP_MD_CTX_new() succeeds, - but EVP_DigestInit() fails. + I mistakenly pruned some non-Windows logic, also missing the fact that + our local `check_function_exists_may_need_library()` set the `NEED_*` + variables. Oddly, only `src` imported this function, yet also `examples` + and `tests` called it indirectly. The referenced `HAVE_SOCKET` / + `HAVE_INET_ADDR` variables might be coming from an upstream CMake + project? Leaving those there also, just in case. + + Regression from 31fb8860dbaae3e0b7d38f2a647ee527b4b2a95f -Marc Hoersken (22 Dec 2015) -- wincng.c: fixed _libssh2_wincng_hash_final return value +Viktor Szakats (7 Mar 2023) +- build: more fixes and tidy-up (mostly for Windows) - _libssh2_wincng_hash_final was returning the internal BCRYPT - status code instead of a valid libssh2 return value (0 or -1). + - cmake: always link `ws2_32` on Windows. Also add it to `libssh2.pc`. - This also means that _libssh2_wincng_hash never returned 0. - -- wincng.c: fixed possible memory leak in _libssh2_wincng_hash + Fixes #745 - If _libssh2_wincng_hash_update failed _libssh2_wincng_hash_final - would never have been called before. + - agent: fix gcc compiler warning: + `src/agent.c:296:35: warning: 'snprintf' output truncated before the last format character [-Wformat-truncation=]` - Reported by Zenju. - -Kamil Dudka (15 Dec 2015) -- [Paul Howarth brought this change] - - libssh2.pc.in: fix the output of pkg-config --libs + - autotools: fix `EVP_aes_128_ctr` detection with binutils `ld` - ... such that it does not include LDFLAGS used to build libssh2 itself. - There was a similar fix in the curl project long time ago: + The prerequisite for a successful detection is setting + `LIBS=-lbcrypt` if the chosen openssl-compatible library requires + it, e.g. libressl, or quictls/openssl built with + `-DUSE_BCRYPTGENRANDOM`. - https://github.com/bagder/curl/commit/curl-7_19_7-56-g4c8adc8 + With llvm `lld`, detection works out of the box. With binutils `ld`, + it does not. The reason is `ld`s world-famous pickiness with lib + order. - Bug: https://bugzilla.redhat.com/1279966 - Signed-off-by: Kamil Dudka - -Marc Hoersken (6 Dec 2015) -- hostkey.c: align code path of ssh_rsa_init to ssh_dss_init - -- hostkey.c: fix invalid memory access if libssh2_dsa_new fails + To fix it, we pass all custom libs before and after the TLS libs. + This ugly hack makes `ld` happy and detection succeed. - Reported by dimmaq, fixes #66 - -Daniel Stenberg (3 Nov 2015) -- [Will Cosgrove brought this change] - - gcrypt: define libssh2_sha256_ctx + - agent: fix Windows-specific warning: + `src/agent.c:318:10: warning: implicit conversion loses integer precision: 'LRESULT' (aka 'long long') to 'int' [-Wshorten-64-to-32]` - Looks like it didn't make it into the latest commit for whatever reason. + - src: fix llvm/clang compiler warning: + `src/libssh2_priv.h:987:28: warning: variadic macros are a C99 feature [-Wvariadic-macros]` - Closes #58 - -- [Salvador Fandino brought this change] - - libssh2_session_set_last_error: Add function + - src: support `inline` with `__GNUC__` (llvm/clang and gcc), fixing: + ``` + src/libssh2_priv.h:990:8: warning: extension used [-Wlanguage-extension-token] + static inline void + ^ + ``` - Net::SSH2, the Perl wrapping module for libssh2 implements several features* - on top of libssh2 that can fail and so need some mechanism to report the error - condition to the user. + - blowfish: support `inline` keyword with MSVC. - Until now, besides the error state maintained internally by libssh2, another - error state was maintained at the Perl level for every session object and then - additional logic was used to merge both error states. That is a maintenance - nighmare, and actually there is no way to do it correctly and consistently. + Also switch to `__inline__` (from `__inline`) for `__GNUC__`: + https://gcc.gnu.org/onlinedocs/gcc/Inline.html + https://clang.llvm.org/docs/UsersManual.html#differences-between-various-standard-modes - In order to allow the high level language to add new features to the library - but still rely in its error reporting features the new function - libssh2_session_set_last_error (that just exposses _libssh2_error_flags) is - introduced. + - example/test: fix MSVC compiler warnings: - *) For instance, connecting to a remote SSH service giving the hostname and - port. + - `example\direct_tcpip.c(209): warning C4244: 'function': conversion from 'unsigned int' to 'u_short', possible loss of data` + - `tests\session_fixture.c(96): warning C4013: 'getcwd' undefined; assuming extern returning int` + - `tests\session_fixture.c(100): warning C4013: 'chdir' undefined; assuming extern returning int` - Signed-off-by: Salvador Fandino - Signed-off-by: Salvador Fandiño - -- [Salvador Fandino brought this change] + - delete unused macros: + - `HAVE_SOCKET` + - `HAVE_INET_ADDR` + - `NEED_LIB_NSL` + - `NEED_LIB_SOCKET` + - `HAVE_NTSTATUS_H` + - `HAVE_NTDEF_H` + + - build: delete stale zlib/openssl version numbers from path defaults. + + - cmake: convert tabs to spaces, add newline at EOFs. + + Closes #811 - _libssh2_error: Support allocating the error message +- cmake: make `test_read` runs cross-build-friendly - Before this patch "_libssh2_error" required the error message to be a - static string. + Improve tests added in 7487dcf4b4ddae54b2a850737789b57b4251b0ae by + running `test_read` commands directly. This makes external shell/batch + files unnecessary, and is friendlier with cross-builds and when run + from non-default shells, like MSYS2. - This patch adds a new function "_libssh2_error_flags" accepting an - additional "flags" argument and specifically the flag - "LIBSSH2_ERR_FLAG_DUP" indicating that the passed string must be - duplicated into the heap. + Also extend CRYPT/MAC test error messages with the CRYPT/MAC name. - Then, the method "_libssh2_error" has been rewritten to use that new - function under the hood. + External runner shell scripts kept for future use. - Signed-off-by: Salvador Fandino - Signed-off-by: Salvador Fandiño - -- [Will Cosgrove brought this change] - - added engine.h include to fix warning + Closes #814 -- [sune brought this change] - - kex.c: removed dupe entry from libssh2_kex_methods[] +- src: enable clear memory on all platforms + + - convert `_libssh2_explicit_zero()` to macro. This allows inlining + where supported (e.g. `SecureZeroMemory()`). + + - replace `SecureZeroMemory()` (in `wincng.c`) and + `LIBSSH2_CLEAR_MEMORY`-guarded `memset()` (in `os400qc3.c`) with + `_libssh2_explicit_zero()` macro. + + - delete `LIBSSH2_CLEAR_MEMORY` guards, which enables secure-zeroing + universally. + + - add `LIBSSH2_NO_CLEAR_MEMORY` option to disable secure-zeroing. + + - while here, delete double/triple inclusion of `misc.h`. + `libssh2_priv.h` included it already. - Closes #51 + Closes #810 -- [Salvador Fandiño brought this change] +- cmake: bump minimum version to 3.1 (from 2.8.12) + + This allows to delete some fallback code. + + CMake release dates: + - 2014-12-15: 3.1 + - 2013-10-07: 2.8.12 + + Closes #813 - userauth: Fix off by one error when reading public key file +- snprintf: unify fallback logic + + Before this patch, the `snprintf()` fallback logic for envs not + supporting this function (i.e. Visual Studio 2013 and older) varied + depending on build tool, and used different techniques in examples, + tests and libssh2 itself. + + This patch aims to apply a common logic to libssh2 and examples/tests. + + - libssh2: use local `snprintf()` fallback with all build tools. + + We already had a local implementation, but only with CMake. Move that + to the library as `_libssh2_snprintf()`, and map `snprintf()` to it + when `HAVE_SNPRINTF` is not set. + + Also change the length type from `int` to `size_t`, and fix + formatting. - After reading the public key from file the size was incorrectly - decremented by one. + - set or detect `HAVE_SNPRINTF` in non-CMake builds. - This was usually a harmless error as the last character on the public - key file is an unimportant EOL. But if due to some error the public key - file is empty, the public key size becomes (uint)(0 - 1), resulting in - an unrecoverable out of memory error later. + Detect in autotools. Keep existing logic in `win32/libssh2_config.h`. + Always set for OS/400, NetWare and VMS, keeping existing behaviour. + (OS/400 builds use a different local implementation) - Signed-off-by: Salvador Fandi??o + - examples/tests: drop the CMake-specific fallback logic and map + `snprintf()` to `_snprintf()` for old MSVC versions, like we did + before with other build tools. This is unsafe, but should be fine for + these uses. + + - `win32/libssh2_config.h`: make it easier to read. + + Closes #812 -- [Salvador Fandino brought this change] +- cmake: build fixes with OpenSSL/LibreSSL on Windows + + - Link `bcrypt` for newer (non-fork) OpenSSL. + + - Link `bcrypt` and `ws2_32` when using (non-fork) OpenSSL or LibreSSL, + to allow `Looking for EVP_aes_128_ctr` detecting this feature. + + With the feature available, but not found by CMake, build failed with: + `openssl.c:636:21: error: incompatible integer to pointer conversion assigning to 'EVP_CIPHER *' (aka 'struct evp_cipher_st *') from 'int' [-Wint-conversion]` + + Closes #809 - channel: Detect bad usage of libssh2_channel_process_startup +- build fixes and improvements (mostly for Windows) + + - in `hostkey.c` check the result of `libssh2_sha256_init()` and + `libssh2_sha512_init()` calls. This avoid the warning that we're + ignoring the return values. + + - fix code using `int` (or `SOCKET`) for sockets. Use libssh2's + dedicated `libssh2_socket_t` and `LIBSSH2_INVALID_SOCKET` instead. + + - fix compiler warnings due to `STATUS_*` macro redefinitions between + `ntstatus.h` / `winnt.h`. Solve it by manually defining the single + `STATUS` value we need from `ntstatus.h` and stop including the whole + header. + Fixes #733 + + - improve Windows UWP/WinRT builds by detecting it with code copied + from the curl project. Then excluding problematic libssh2 parts + according to PR by Dmitry Kostjučenko. + Fixes #734 + + - always use `SecureZeroMemory()` on Windows. + + We can tweak this if not found or not inlined by a C compiler which + we otherwise support. Same if it causes issues with UWP apps. + + Ref: https://learn.microsoft.com/en-us/previous-versions/windows/desktop/legacy/aa366877(v=vs.85) + Ref: https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/nf-wdm-rtlsecurezeromemory + + - always enable `LIBSSH2_CLEAR_MEMORY` on Windows. CMake and + curl-for-win builds already did that. Delete `SecureZeroMemory()` + detection from autotools' WinCNG backend logic, that this + setting used to depend on. + + TODO: Enable it for all platforms in a separate PR. + TODO: For clearing buffers in WinCNG, call `_libssh2_explicit_zero()`, + insead of a local function or explicit `SecureZeroMemory()`. + + - Makefile.inc: move `os400qc3.h` to `HEADERS`. This fixes + compilation on non-unixy platforms. Recent regression. + + - `libssh2.rc`: replace copyright with plain ASCII, as in curl. + + Ref: curl/curl@1ca62bb + Ref: curl/curl#7765 + Ref: curl/curl#7776 + + - CMake fixes and improvements: + + - enable warnings with llvm/clang. + - enable more comprehensive warnings with gcc and llvm/clang. + Logic copied from curl: + https://github.com/curl/curl/blob/233810bb5f6c5e7bedfc10bdd36607b958c0cfe4/CMakeLists.txt#L131-L148 + - fix `Policy CMP0080` CMake warning by deleting that reference. + - add `ENABLE_WERROR` (default: `OFF`) option. Ported from curl. + - add `PICKY_COMPILER` (default: `ON`) option, as known from curl. + + It controls both the newly added picky warnings for llvm/clang and + gcc, and also the pre-existing ones for MSVC. + + - `win32/GNUmakefile` fixes and improvements: + + - delete `_AMD64_` and add missing `-m64` for x64 builds under test. + - add support for `ARCH=custom`. + It disables hardcoded Intel 64-bit and Intel 32-bit options, + allowing ARM64 builds. + - add support for `LIBSSH2_RCFLAG_EXTRAS`. + To pass custom options to windres, e.g. in ARM64 builds. + - add support for `LIBSSH2_RC`. To override `windres`. + - delete support for Metrowerks C. Last released in 2004. + + - `win32/libssh2_config.h`: delete unnecessary socket #includes + + `src/libssh2_priv.h` includes `winsock2.h` and `ws2tcpip.h` further + down the line, triggered by `HAVE_WINSOCK2_H`. + + `mswsock.h` does not seem to be necessary anymore. + + Double-including these (before `windows.h`) caused compiler failures + when building against BoringSSL and warnings with LibreSSL. We could + work this around by passing `-DNOCRYPT`. Deleting the duplicates + fixes these issues. + + Timeline: + 2013: c910cd382dfa07fed2adaabf688af9e4a084fa1d deleted `mswsock.h` from `src/libssh2_priv.h` + 2008: 8c43bc52b1e3de2c8fc7899a80aec0e98de4e2d8 added `winsock2.h` and `ws2tcpip.h` to `src/libssh2_priv.h` + 2005: dc4bb1af967d2c53e90349f2f37324c622e714f5 added the now deleted #includes + + - delete or replace `LIBSSH2_WIN32` with `WIN32`. + + - replace hand-rolled `HAVE_WINDOWS_H` macro with `WIN32`. Also delete + its detections/definitions. + + - delete unused `LIBSSH2_DARWIN` macro. + + - delete unused `writev()` Windows implementation - A common novice programmer error (at least among those using the - wrapping Perl module Net::SSH2), is to try to reuse channels. + There is no reference to `writev()` since 2007-02-02, commit + 9d55db6501aa4e21f0858cf36cdc2ddc11b96e83. - This patchs detects that incorrect usage and fails with a - LIBSSH2_ERROR_BAD_USE error instead of hanging. + - fix a bunch of MSVC / llvm/clang / gcc compiler warnings: - Signed-off-by: Salvador Fandino + - `warning C4100: '...': unreferenced formal parameter` + - using value of undefined PP macro `LIBSSH2DEBUG` + - missing void from function definition + - `if()` block missing in non-debug builds + - unreferenced variable in non-debug builds + - `warning: must specify at least one argument for '...' parameter of variadic macro [-Wgnu-zero-variadic-macro-arguments]` + in `_libssh2_debug()` + - `warning C4295: 'ciphertext' : array is too small to include a terminating null character` + - `warning C4706: assignment within conditional expression` + - `warning C4996: 'inet_addr': Use inet_pton() or InetPton() instead or + define _WINSOCK_DEPRECATED_NO_WARNINGS to disable deprecated API warnings` + By suppressning it. Would be best to use inet_pton() as suggested. + On Windows this needs Vista though. + - `warning C4152: nonstandard extension, function/data pointer conversion in expression` + (silenced locally) + - `warning C4068: unknown pragma` + + Ref: https://ci.appveyor.com/project/libssh2org/libssh2/builds/46354480/job/j7d0m34qgq8rag5w + + Closes #808 + +Dan Fandrich (1 Mar 2023) +- Add tests to check individual crypt & HMAC methods + + One specific crypt or hmac method is requested to be negotiated, then + several MB of data is transferred. +- Add test to read lots of data over a channel + + Connects to the ssh server then downloads several MB of data. This + tests the data transfer path as well as boundary cases in packet + handling as data is split into smaller SSH blocks. + +GitHub (27 Feb 2023) - [Will Cosgrove brought this change] - kex: Added diffie-hellman-group-exchange-sha256 support + Disable deprecated warnings for OpenSSL 3 #805 (#806) - ... and fixed HMAC_Init depricated usage + Disable deprecated warnings (for now) when building against OpenSSL 3 for a clean build. - Closes #48 + Reported: + Daniel Stenberg -Alexander Lamaison (21 Sep 2015) -- Prefixed new #defines to prevent collisions. +Dan Fandrich (24 Feb 2023) +- Fix a couple of warnings of errors in MSVC builds - Other libraries might have their own USE_WIN32_*FILES. + Two warnings (in tests & examples) in particular would cause problems: + bad format causing invalid data output or a bad chdir due to out of + scope buffer use. -- [keith-daigle brought this change] +- tests: Support running tests in out-of-tree builds + + Various files are found by referencing the srcdir environment variable + in that case. + + Closes #801 - Update examples/scp.c to fix bug where large files on win32 would cause got to wrap and go negative +- Improve the ssh2 example program to run a command + + This performs better as an example since it shows more working code, and + in the simplest possible way. It also turns the program into an actually + useful tool out of the box, able to run an arbitrary command (with one + restriction) on a remote machine and return the response, without + needing to touch the source. + + Closes #800 -- [David Byron brought this change] +GitHub (14 Feb 2023) +- [Will Cosgrove brought this change] - add libssh2_scp_recv2 to support large (> 2GB) files on windows + Add NULL session check to _libssh2_error_flags() (#796) + + Don't dereference null if a null session happens to make it into _libssh2_error_flags() -Daniel Stenberg (17 Sep 2015) -- [sune brought this change] +Dan Fandrich (7 Feb 2023) +- Reorder AES crypt methods so stronger ones are first + + This make it more likely that a stronger one will be negotiated rather + than a weaker variant. - WinCNG: support for SHA256/512 HMAC +- CI: update uses: dependencies to the latest versions - Closes #47 + We were seeing some deprecation warning messages on some of the older + ones. -- [brian m. carlson brought this change] +- transport.c: Add some comments - Add support for HMAC-SHA-256 and HMAC-SHA-512. +- Add missing files to automake makefiles & build tests - Implement support for these algorithms and wire them up to the libgcrypt - and OpenSSL backends. Increase the maximum MAC buffer size to 64 bytes - to prevent buffer overflows. Prefer HMAC-SHA-256 over HMAC-SHA-512, and - that over HMAC-SHA-1, as OpenSSH does. + Many files have been added to the cmake build files but not the automake + ones in recent years. Missing ones have been added so automake "make + dist" will now create a usable tar ball. - Closes #40 - -- [Zenju brought this change] + The integration tests using Docker are now built with automake as well + (with "make check"). They are not run yet since they aren't working yet + on Linux. - kex: free server host key before allocating it (again) +- tests: Fix gcc compile warnings - Fixes a memory leak when Synology server requests key exchange - - Closes #43 + These were mostly due to missing and non-ANSI prototypes. -- [Viktor Szakats brought this change] +- Enable trace debugging in example/ssh2 + + This is intended to be a test program, so debugging is likely to be + useful by default. - GNUmakefile: up OpenSSL version +- Improve example/ssh2 to allow unmodified use of public key auth - closes #23 + The previous hard-coded key file paths were not valid for normal users. + Make the paths relative to the user's home directory instead so they + can work out of the box. Add a banner showing what connection will be + attempted to make it easier for the user to see what is being attempted. + Enable trace debugging since this is designed as a test program. +GitHub (13 Dec 2022) - [Viktor Szakats brought this change] - GNUmakefile: add -m64 CFLAGS when targeting mingw64, add -m32/-m64 to LDFLAGS + openssl.h: enable ed25519 for LibreSSL 3.7.0 (#778) - libssh2 equivalent of curl patch https://github.com/bagder/curl/commit/d21b66835f2af781a3c2a685abc92ef9f0cd86be + This brings LibreSSL libssh2 builds on par with OpenSSL. + +Dan Fandrich (5 Dec 2022) +- configure.ac: check for sys/param.h - This allows to build for the non-default target when using a multi-target mingw distro. - Also bump default OpenSSL dependency path to 1.0.2c. + This file is required by glibc for the test suite. +GitHub (12 Nov 2022) - [Viktor Szakats brought this change] - GNUmakefile: add support for LIBSSH2_LDFLAG_EXTRAS + tests: add option to run tests without docker (#762) - It is similar to existing LIBSSH2_CFLAG_EXTRAS, but for - extra linker options. + via `export OPENSSH_NO_DOCKER=1`. - Also delete some line/file ending whitespace. + SSH server host can be set via: + `export OPENSSH_SERVER_HOST=127.0.0.1` - closes #27 + SSH server port via existing: + `export OPENSSH_SERVER_PORT=4711` + + This requires more work to be usable out of the box. The necessery sshd + config is (partly) embedded into `tests/openssh_server/Dockerfile`. + + After this patch, it is possible to run tests in envs where docker is + not installed or not available, by running a preconfigured, + non-containerized sshd. -- [nasacj brought this change] +- [Michael Buckley brought this change] - hostkey.c: Fix compiling error when OPENSSL_NO_MD5 is defined + Skip leading \r and \n characters in banner_receive() (#769) + + Fixes #768 - Closes #32 + Credit: + Michael Buckley -- [Mizunashi Mana brought this change] +- [Zenju brought this change] - openssl.h: adjust the rsa/dsa includes + Fixed error handling of _libssh2_packet_requirev callers (#767) - ... to work when built without DSA support. + Notes: - Closes #36 - -Alexander Lamaison (26 Jul 2015) -- Let CMake build work as a subproject. + some callers of _libssh2_packet_requirev() fail to set _libssh2_error(). + This creates the situation where e.g. libssh2_session_handshake() fails, but libssh2_session_last_error() confusingly returns LIBSSH2_ERROR_NONE. - Patch contributed by JasonHaslam. + Credit: + Zenju -- Fix builds with Visual Studio 2015. - - VS2015 moved stdio functions to the header files as inline function. That means check_function_exists can't detect them because it doesn't use header files - just does a link check. Instead we need to use check_symbol_exists with the correct headers. +- [Will Cosgrove brought this change] -Kamil Dudka (2 Jul 2015) -- cmake: include CMake files in the release tarballs - - Despite we announced the CMake support in libssh2-1.6.0 release notes, - the files required by the CMake build system were not included in the - release tarballs. Hence, the only way to use CMake for build was the - upstream git repository. + Revert usage of EVP_CipherUpdate #764 #739 (#765) - This commit makes CMake actually supported in the release tarballs. + Revert usage of EVP_CipherUpdate from wolfSSL PR to fix #764 #739. + +- [Will Cosgrove brought this change] -- tests/mansyntax.sh: fix 'make distcheck' with recent autotools + Fix regression with rsa_sha2_verify #758 (#763) - Do not create symbolic links off the build directory. Recent autotools - verify that out-of-source build works even if the source directory tree - is not writable. + Fixes comparison with the result value coming from `mbedtls_rsa_pkcs1_verify`. Success is 0, not 1. + +Marc Hoersken (24 Oct 2022) +- CI: fix AppVeyor status failing for starting jobs + +Viktor Szakats (24 Oct 2022) +- delete cast5 - null-cipher mapping + +- more feature guard cleanup + +- indent -- openssl: fix memleak in _libssh2_dsa_sha1_verify() +- formatting -Daniel Stenberg (12 Jun 2015) -- openssl: make libssh2_sha1 return error code +- fold long lines + +- cleanup + +- temporarily silence checksrc + +- add mbedTLS 3.x support + + Make libssh2 compile cleanly with mbedTLS 3.x and later. - - use the internal prefix _libssh2_ for non-exported functions + This patch makes use of `MBEDTLS_PRIVATE()`, which is not the + recommended, future-proof way to access mbedTLS data structures. This + method may break with a minor upgrade, according to the authors. This + is also the method used by libcurl. - - removed libssh2_md5() since it wasn't used + Also: + + - Fix a potentially uninitialized variable in + `libssh2_mbedtls_rsa_sha2_sign()`. This happened in an error path, + resulting in an unnecessary mbedTLS API call, with an uninitialized + `md_type`. - Reported-by: Kamil Dudka + - Bump mbedTLS version used in CI tests to 3.2.1. + + Fixes #751 -- [LarsNordin-LNdata brought this change] +- tests: add option to enable all trace messages in fixture + + via `export FIXTURE_TRACE_ALL=1`. - SFTP: Increase speed and datasize in SFTP read +- win32/GNUmakefile: add mbedTLS support - The function sftp_read never return more then 2000 bytes (as it should - when I asked Daniel). I increased the MAX_SFTP_READ_SIZE to 30000 but - didn't get the same speed as a sftp read in SecureSSH. I analyzed the - code and found that a return always was dona when a chunk has been read. - I changed it to a sliding buffer and worked on all available chunks. I - got an increase in speed and non of the test I have done has failed - (both local net and over Internet). Please review and test. I think - 30000 is still not the optimal MAX_SFTP_READ_SIZE, my next goal is to - make an API to enable changing this value (The SecureSSH sftp_read has - more complete filled packages when comparing the network traffic) + via `export MBEDTLS_PATH=`. -- bump: start working on 1.6.1 +Marc Hoersken (21 Oct 2022) +- CI: fix AppVeyor job links only working for most recent build + + Ref: https://github.com/curl/curl/pull/9768#issuecomment-1286675916 + Reported-by: Daniel Stenberg + + Follow up to #754 -Version 1.6.0 (5 Jun 2015) +- CI: add missing permission section to AppVeyor status workflow + + Follow up to #754 -Daniel Stenberg (5 Jun 2015) -- RELEASE-NOTES: synced with 858930cae5c6a +- Remove OSSFuzz integration which was replaced with CIFuzz (#756) + + Confirmed-by: Max Dymond -Marc Hoersken (19 May 2015) -- wincng.c: fixed indentation +- Rename workflow file appveyor.yml to appveyor_docker.yml -- [sbredahl brought this change] +- Streamline names of CI workflow jobs - wincng.c: fixed memleak in (block) cipher destructor +- [Jeroen Ooms brought this change] -Alexander Lamaison (6 May 2015) -- [Jakob Egger brought this change] + Add CI for mingw-w64 via msys2 (#742) + + Credit: Jeroen Ooms - libssh2_channel_open: more detailed error message +- CI: report AppVeyor build status for each job (#754) - The error message returned by libssh2_channel_open in case of a server side channel open failure is now more detailed and includes the four standard error conditions in RFC 4254. + Also give each job on AppVeyor CI a human-readable name. + + This aims to make job and therefore build failures more visible. -- [Hannes Domani brought this change] +GitHub (29 Sep 2022) +- [Michael Buckley brought this change] - kex: fix libgcrypt memory leaks of bignum + Support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys, FIDO (#698) - Fixes #168. + Notes: + Add support for sk-ecdsa-sha2-nistp256@openssh.com and sk-ssh-ed25519@openssh.com key exchange for FIDO auth using the OpenSSL backend. Stub API for other backends. + + Credit: + Michael Buckley -Marc Hoersken (3 Apr 2015) -- configure.ac: check for SecureZeroMemory for clear memory feature +- [Y. Yang brought this change] -- Revert "wincng.c: fix clear memory feature compilation with mingw" + Fix DLL import library name (#711) - This reverts commit 2d2744efdd0497b72b3e1ff6e732aa4c0037fc43. + Notes: + Fix DLL import library name - Autobuilds show that this did not solve the issue. - And it seems like RtlFillMemory is defined to memset, - which would be optimized out by some compilers. - -- wincng.c: fix clear memory feature compilation with mingw + https://aur.archlinux.org/packages/mingw-w64-libssh2 + https://cmake.org/cmake/help/latest/prop_tgt/IMPORT_PREFIX.html + + Credit: + metab0t + Y. Yang -Alexander Lamaison (1 Apr 2015) -- [LarsNordin-LNdata brought this change] +- [skundu07 brought this change] - Enable use of OpenSSL that doesn't have DSA. + Add RSA-SHA2 support for the WinCNG backend (#736) - Added #if LIBSSH2_DSA for all DSA functions. + Notes: + Added code to support RSA-SHA2 for WinCNG backend. + + Credit: + skundu07 -- [LarsNordin-LNdata brought this change] +- [Gabriel Smith brought this change] - Use correct no-blowfish #define with OpenSSL. + sftp: Prevent files from being skipped if the output buffer is too small (#746) - The OpenSSL define is OPENSSL_NO_BF, not OPENSSL_NO_BLOWFISH. - -Marc Hoersken (25 Mar 2015) -- configure: error if explicitly enabled clear-memory is not supported + Notes: + LIBSSH2_ERROR_BUFFER_TOO_SMALL is returned if the buffer is too small + to contain a returned directory entry. On this condition we jump to the + label `end`. At this point the number of names left is decremented + despite no name being returned. - This takes 22bd8d81d8fab956085e2079bf8c29872455ce59 and - b8289b625e291bbb785ed4add31f4759241067f3 into account, - but still makes it enabled by default if it is supported - and error out in case it is unsupported and was requested. - -Daniel Stenberg (25 Mar 2015) -- configure: make clear-memory default but only WARN if backend unsupported + As suggested in #714, this commit moves the error label after the + decrement of `names_left`. - ... instead of previous ERROR. - -Marc Hoersken (24 Mar 2015) -- wincng.h: fix warning about computed return value not being used + Fixes #714 + + Credit: + Co-authored-by: Gabriel Smith -- nonblocking examples: fix warning about unused tvdiff on Mac OS X +- [bgermann brought this change] -Daniel Stenberg (24 Mar 2015) -- openssl: fix compiler warnings + Drop advertisement clause on Blowfish (#747) + + Originally driven by https://github.com/pyca/bcrypt/issues/169, OpenBSD + removed Niels Provos's BSD advertisement clause in version 7.1: + + https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/lib/libsa/blowfish.c.diff?r1=1.1&r2=1.2 + https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/lib/libsa/blowfish.h.diff?r1=1.1&r2=1.2 + + This enables using libssh2 in GPL software. -- cofigure: fix --disable-clear-memory check +- [zhaochongliu brought this change] -Marc Hoersken (23 Mar 2015) -- scp.c: improved command length calculation + Support building with gcc < version 8 - Reduced number of calls to strlen, because shell_quotearg already - returns the length of the resulting string (e.q. quoted path) - which we can add to the existing and known cmd_len. - Removed obsolete call to memset again, because we can put a final - NULL-byte at the end of the string using the calculated length. - -- scp.c: improved and streamlined formatting + Files: CMakeLists.txt + + Notes: don't use gcc arguments that don't exist in gcc versions lower than 8 if building with older gcc. + + Credit: + zhaochongliu -- scp.c: fix that scp_recv may transmit not initialised memory +- [Miguel de Icaza brought this change] -- scp.c: fix that scp_send may transmit not initialised memory + Document the obscure LIBSSH2_ERROR_BAD_USE when writing to a channel (#713) - Fixes ticket 244. Thanks Torsten. - -- kex: do not ignore failure of libssh2_sha1_init() + Document the obscure LIBSSH2_ERROR_BAD_USE when writing to a channel - Based upon 43b730ce56f010e9d33573fcb020df49798c1ed8. - Fixes ticket 290. Thanks for the suggestion, mstrsn. + Credit: + Miguel de Icaza -- wincng.h: fix return code of libssh2_md5_init() +- [Michael Buckley brought this change] + + Don't erroneously log SSH_MSG_REQUEST_FAILURE packets from keepalive (#727) + + Notes: + When setting a ServerAliveInterval using libssh2_keepalive_config() with want_reply set to true, some servers will reply to the keep-alive requests with a single SSH_MSG_REQUEST_FAILURE packet. This is an allowed behavior in RFC 4254, section 4. + + Credit: + Michael Buckley -- openssl.c: fix possible segfault in case EVP_DigestInit fails +- [Ryan Kelley brought this change] -- wincng.c: fix possible use of uninitialized variables + Updating docs for libssh2_channel_flush_ex (#728) + + Notes: + In #614 it was identified the docs do not accurately show how libssh2_channel_flush_ex() return value is set. I have updated the doc's to correctly show what the function is returning. + + Credit: + Ryan Kelley -- wincng.c: fix unused argument warning if clear memory is not enabled +- [Sandeep Bansal brought this change] -- wincng: Added explicit clear memory feature to WinCNG backend + Support RSA certificate authentication (#710) - This re-introduces the original feature proposed during - the development of the WinCNG crypto backend. It still needs - to be added to libssh2 itself and probably other backends. + * Adding support for signed RSA keys and unit test - Memory is cleared using the function SecureZeroMemory which is - available on Windows systems, just like the WinCNG backend. - -- wincng.c: fixed mixed line-endings + Credit: + Sandeep Bansal -- wincng.c: fixed use of invalid parameter types in a8d14c5dcf +Viktor Szakats (2 Jul 2022) +- configure: add --disable-tests option -- wincng.c: only try to load keys corresponding to the algorithm +- cmake: do not add libssh2.rc to the static library -- wincng.c: moved PEM headers into definitions +GitHub (23 May 2022) +- [AyushiN brought this change] -- wincng.h: fixed invalid parameter name + Fixed typo #697 (#701) + + Credit: + AyushiN -- wincng: fixed mismatch with declarations in crypto.h +- [Viktor Szakats brought this change] -- userauth.c: fixed warning C6001: using uninitialized sig and sig_len + Openssl: add support for LibreSSL 3.5.x (#700) + + LibreSSL 3.5.0 made more structures opaque, so let's enable existing + support for that when building against these LibreSSL versions. + + Ref: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt + + Credit: + Viktor Szakats -- pem.c: fixed warning C6269: possible incorrect order of operations +- [Michael Buckley brought this change] -- wincng: add support for authentication keys to be passed in memory + Ensure KEX replies don't include extra bytes (#696) - Based upon 18cfec8336e and daa2dfa2db. - -- pem.c: add _libssh2_pem_parse_memory to parse PEM from memory + Addresses #695 - Requirement to implement 18cfec8336e for Libgcrypt and WinCNG. + Credit: + Michael Buckley, reported by Harry Sintonen -- pem.c: fix copy and paste mistake from 55d030089b8 +- [Zenju brought this change] -- userauth.c: fix another possible dereference of a null pointer + Fix buffer overflow during SSH_MSG_USERAUTH_BANNER (#693) + + File: userauth.c + Notes: + This patch fixes application crashes due to heap corruption. Turns out the null terminator is written one byte outside of the allocated area. + Credit: + Zenju -- userauth.c: fix possible dereference of a null pointer +- [Will Cosgrove brought this change] -- pem.c: reduce number of calls to strlen in readline + Changed NULL check to avoid logic change -Alexander Lamaison (17 Mar 2015) - [Will Cosgrove brought this change] - Initialise HMAC_CTX in more places. - - Missed a couple more places we init ctx to avoid openssl threading crash. + NULL check before calling session_handshake + +- [Harry Sintonen brought this change] -- Build build breakage in WinCNG backend caused when adding libssh2_userauth_publickey_frommemory. + Fix build since openssl 1.1.0 when ECDSA and/or RIPEMD are disabled (#666) - The new feature isn't implemented for the WinCNG backend currently, but the WinCNG backend didn't contain any implementation of the required backend functions - even ones that returns an error. That caused link errors. + File: openssl.h - This change fixes the problem by providing an implementation of the backend functions that returns an error. - -- Fix breakage in WinCNG backend caused by introducing libssh2_hmac_ctx_init. + Notes: + In openssl 1.1.0 and later openssl decided to change some of the defines used to check if certain features are not compiled in the libraries. This updates the define checks. - The macro was defined to nothing for the libgcrypt backend, but not for WinCNG. This brings the latter into line with the former. + Credit: + Harry Sintonen + Co-authored-by: Harry Sintonen -Daniel Stenberg (15 Mar 2015) -- userauth_publickey_frommemory.3: add AVAILABILITY +- [gbaraldi brought this change] + + Add RSA-SHA2 support for the mbedtls backend (#688) + + File: mbedtls.c - ... it will be added in 1.6.0 + Notes: + * Add sha2 support for RSA key upgrading to mbedTLS backend + + Credit: + gbaraldi -- libssh2: next version will be called 1.6.0 +Daniel Stenberg (21 Mar 2022) +- misc/libssh2_copy_string: avoid malloc zero bytes + + Avoids the inconsistent malloc return code for malloc(0) - ... since we just added a new function. + Closes #686 -- docs: add libssh2_userauth_publickey_frommemory.3 to dist +Marc Hoersken (17 Mar 2022) +- wincng: rename struct field referring to the DH private big number - The function and man page were added in commit 18cfec8336e + Closes #684 -- [Jakob Egger brought this change] +- tests/openssh_fixture.c: print command after variable expansion - direct_tcpip: Fixed channel write - - There were 3 bugs in this loop: - 1) Started from beginning after partial writes - 2) Aborted when 0 bytes were sent - 3) Ignored LIBSSH2_ERROR_EAGAIN +- CI: store and reuse OpenSSH Server docker image used for tests - See also: - https://trac.libssh2.org/ticket/281 - https://trac.libssh2.org/ticket/293 + Supersedes #588 + Fixes #665 + Closes #685 -Alexander Lamaison (15 Mar 2015) +GitHub (26 Feb 2022) - [Will Cosgrove brought this change] - Must init HMAC_CTX before using it. - - Must init ctx before using it or openssl will reuse the hmac which is not thread safe and causes a crash. - Added libssh2_hmac_ctx_init macro. + Added LibreSSL to crypto backend list + +- [Will Cosgrove brought this change] -- Add continuous integration configurations. + Added crypto backend list to template - Linux-based CI is done by Travis CI. Windows-based CI is done by Appveyor. + Added OS version as well -- [David Calavera brought this change] +- [Will Cosgrove brought this change] - Allow authentication keys to be passed in memory. + Revert "Option to build both static and shared libraries (#547)" (#675) - All credits go to Joe Turpin, I'm just reaplying and cleaning his patch: - http://www.libssh2.org/mail/libssh2-devel-archive-2012-01/0015.shtml + This reverts commit b60dca8b6450a9729670986d2899cca54ccdbb6d. - * Use an unimplemented error for extracting keys from memory with libgcrypt. + #547 doesn't build clean anymore with the keyboard interactive changes. -Daniel Stenberg (14 Mar 2015) -- docs: include the renamed INSTALL* files in dist +- [berney brought this change] -Alexander Lamaison (13 Mar 2015) -- Prevent collisions between CMake and Autotools in examples/ and tests/. - -- Avoid clash between CMake build and Autotools. + Option to build both static and shared libraries (#547) - Autotools expects a configuration template file at src/libssh2_config.h.in, which buildconf generates. But the CMake build system has its CMake-specific version of the file at this path. This means that, if you don't run buildconf, the Autotools build will fail because it configured the wrong header template. + files: cmakelists.txt - See https://github.com/libssh2/libssh2/pull/8. - -- Merge pull request #8 from alamaison/cmake + Notes: + * Option to build both static and shared libraries when using CMake - CMake build system. + Credit: + berney -- CMake build system. +- [xalopp brought this change] + + Use modern API in userauth_keyboard_interactive() (#663) - Tested: - - Windows: - - Visual C++ 2005/2008/2010/2012/2013/MinGW-w64 - - static/shared - - 32/64-bit - - OpenSSL/WinCNG - - Without zlib - - Linux: - - GCC 4.6.3/Clang 3.4 - - static/shared - - 32/64-bit - - OpenSSL/Libgcrypt - - With/Without zlib - - MacOS X - - AppleClang 6.0.0 - - static - - 64-bit - - OpenSSL - - Without zlib + Files: userauth_kbd_packet.c, userauth_kbd_packet.h, test_keyboard_interactive_auth_info_request.c, userauth.c - Conflicts: - README - -- Man man syntax tests fail gracefully if man version is not suitable. - -- Return valid code from test fixture on failure. + Notes: + This refactors `SSH_MSG_USERAUTH_INFO_REQUEST` processing in `userauth_keyboard_interactive()` in order to improve robustness, correctness and readability or the code. - The sshd test fixture was returning -1 if an error occurred, but negative error codes aren't technically valid (google it). Bash on Windows converted them to 0 which made setup failure look as though all tests were passing. - -- Let mansyntax.sh work regardless of where it is called from. + * Refactor userauth_keyboard_interactive to use new api for packet parsing + * add unit test for userauth_keyboard_interactive_parse_response() + * add _libssh2_get_boolean() and _libssh2_get_byte() utility functions + + Credit: + xalopp -Daniel Stenberg (12 Mar 2015) -- [Viktor Szakáts brought this change] +- [xalopp brought this change] - mingw build: allow to pass custom CFLAGS + Fix formatting in manual page (#667) - Allow to pass custom `CFLAGS` options via environment variable - `LIBSSH2_CFLAG_EXTRAS`. Default and automatically added options of - `GNUmakefile` have preference over custom ones. This addition is useful - for passing f.e. custom CPU tuning or LTO optimization (`-flto - -ffat-lto-objects`) options. The only current way to do this is to edit - `GNUmakefile`. This patch makes it unnecessary. + Fixed formatting of `LIBSSH2_ERROR_AUTHENTICATION_FAILED` in the errors section. - This is a mirror of similar libcurl patch: - https://github.com/bagder/curl/pull/136 + credit: xalopp -- [Will Cosgrove brought this change] +- [tihmstar brought this change] - userauth: Fixed prompt text no longer being copied to the prompts struct + NULL terminate server_sign_algorithms string (#669) - Regression from 031566f9c - -- README: update the git repo locations - -- wait_socket: wrong use of difftime() + files: packet.c, libssh2_priv.h - With reversed arguments it would always return a negative value... + notes: + * Fix heap buffer overflow in _libssh2_key_sign_algorithm - Bug: https://github.com/bagder/libssh2/issues/1 - -- bump: start working toward 1.5.1 now + When allocating `session->server_sign_algorithms` which is a `char*` is is important to also allocate space for the string-terminating null byte at the end and make sure the string is actually null terminated. + + Without this fix, the `strchr()` call inside the `_libssh2_key_sign_algorithm` (line 1219) function will try to parse the string and go out of buffer on the last invocation. + + Credit: tihmstar + Co-authored-by: Will Cosgrove -Version 1.5.0 (11 Mar 2015) +- [Will Cosgrove brought this change] -Daniel Stenberg (11 Mar 2015) -- RELEASE-NOTES: 1.5.0 release + free RSA2 related memory (#664) + + Free `server_sign_algorithms` and `sign_algo_prefs`. -- [Mariusz Ziulek brought this change] +- [Will Cosgrove brought this change] - kex: bail out on rubbish in the incoming packet + Legacy Agent support for rsa2 key upgrading/downgrading #659 (#662) - CVE-2015-1782 + Files: libssh2.h, agent.c, userauth.c - Bug: http://www.libssh2.org/adv_20150311.html - -- docs: move INSTALL, AUTHORS, HACKING and TODO to docs/ + Notes: + Part 2 of the fix for #659. This adds rsa key downgrading for agents that don't support sha2 upgrading. It also adds better trace output for debugging/logging around key upgrading. - And with this, cleanup README to be shorter and mention the new source - code home. - -- .gitignore: don't ignore INSTALL + Credit: + Will Cosgrove (signed off by Michael Buckley) -Dan Fandrich (4 Mar 2015) -- examples/x11.c: include sys/select.h for improved portability +- [Ian Hattendorf brought this change] -Daniel Stenberg (4 Mar 2015) -- RELEASE-NOTES: synced with a8473c819bc068 + Support rsa-sha2 agent flags (#661) + + File: agent.c + Notes: implements rsa-sha2 flags used to tell the agent which signing algo to use. + https://tools.ietf.org/id/draft-miller-ssh-agent-01.html#rfc.section.4.5.1 - In preparation for the upcoming 1.5.0 release. + Credit: + Ian Hattendorf -Guenter Knauf (8 Jan 2015) -- NetWare build: added some missing exports. +Daniel Stenberg (13 Jan 2022) +- [Sunil Nimmagadda brought this change] -Marc Hoersken (29 Dec 2014) -- knownhost.c: fix use of uninitialized argument variable wrote + ssh: Add support for userauth banner. - Detected by clang scan in line 1195, column 18. - -- examples/x11.c: fix result of operation is garbage or undefined + The new libssh2_userauth_banner API allows to get an optional + userauth banner sent with SSH_MSG_USERAUTH_BANNER packet by the + server. - Fix use of uninitialized structure w_size_bck. - Detected by clang scan in line 386, column 28. + Closes #610 -- examples/x11.c: remove dead assigments of some return values - - Detected by clang scan in line 212, column 9. - Detected by clang scan in line 222, column 13. - Detected by clang scan in line 410, column 13. +GitHub (6 Jan 2022) +- [Michael Buckley brought this change] -- examples/x11.c: fix possible memory leak if read fails + Fix a memcmp errors in code that was changed from memmem to memcmp (#656) - Detected by clang scan in line 224, column 21. - -- examples/x11.c: fix invalid removal of first list element + Notes: + Fixed supported algo prefs list check when upgrading rsa keys - Fix use of memory after it was being freed. - Detected by clang scan in line 56, column 12. + Credit: Michael Buckley + +- [Hayden Roche brought this change] -- userauth.c: make sure that sp_len is positive and avoid overflows + Add support for a wolfSSL crypto backend. (#629) - ... if the pointer subtraction of sp1 - pubkey - 1 resulted in a - negative or larger value than pubkey_len, memchr would fail. + It uses wolfSSL's OpenSSL compatibility layer, so rather than introduce new + wolfssl.h/c files, the new backend just reuses openssl.h/c. Additionally, + replace EVP_Cipher() calls with EVP_CipherUpdate(), since EVP_Cipher() is not + recommended. - Reported by Coverity CID 89846. + Credit: Hayden Roche -- channel.c: remove logically dead code, host cannot be NULL here +- [Bastien Durel brought this change] + + Runtime engine detection with libssh2_crypto_engine() (#643) - ... host cannot be NULL in line 525, because it is always - valid (e.g. at least set to "0.0.0.0") after lines 430 and 431. + File: + version.c, HACKING-CRYPTO, libssh2.h, libssh2_crypto_engine.3, makefile. - Reported by Coverity CID 89807. - -- session.c: check return value of session_nonblock during startup + Notes: + libssh2_crypto_engine() API to get crypto engine at runtime. - Reported by Coverity CID 89803. + Credit: Bastien Durel -- session.c: check return value of session_nonblock in debug mode +- [Will Cosgrove brought this change] + + RSA SHA2 256/512 key upgrade support RFC 8332 #536 (#626) + + Notes: + * Host Key RSA 256/512 support #536 + * Client side key hash upgrading for RFC 8332 + * Support for server-sig-algs, ext-info-c server messages + * Customizing preferred server-sig-algs via the preference LIBSSH2_METHOD_SIGN_ALGO - Reported by Coverity CID 89805. + Credit: Anders Borum, Will Cosgrove -- pem.c: fix mixed line-endings introduced with 8670f5da24 +- [xalopp brought this change] -- pem.c: make sure there's a trailing zero and b64data is not NULL + fix: use userauth name length to check memory boundaries for userauth name, fixes #653 (#654) - ... if there is no base64 data between PEM header and footer. - Reported by Coverity CID 89823. - -- kex.c: make sure mlist is not set to NULL + File: userauth.c - ... if the currently unsupported LANG methods are called. - Reported by Coverity CID 89834. - -- packet.c: i < 256 was always true and i would overflow to 0 + Notes: + Fixes `userauth_kybd_auth_name_len` length check - Visualize that the 0-termination is intentional, because the array - is later passed to strlen within _libssh2_packet_askv. + Co-authored-by: Xaver Lopenstedt -- silence multiple data conversion warnings - -Daniel Stenberg (23 Dec 2014) -- agent_connect_unix: make sure there's a trailing zero - - ... if the path name was too long. Reported by Coverity CID 89801. +- [Daniel Stenberg brought this change] -Marc Hoersken (22 Dec 2014) -- examples on Windows: use native SOCKET-type instead of int + agent: handle overly large comment lengths (#651) - And check return values accordingly. + Reported-by: Harry Sintonen -- userauth.c: improve readability and clarity of for-loops +- [Daniel Stenberg brought this change] -Daniel Stenberg (22 Dec 2014) -- calloc: introduce LIBSSH2_CALLOC() + userauth: check for too large userauth_kybd_auth_name_len (#650) - A simple function using LIBSSH2_ALLOC + memset, since this pattern was - used in multiple places and this simplies code in general. + ... before using it. + + Reported-by: MarcoPoloPie + Fixes #649 -Marc Hoersken (15 Dec 2014) -- libssh2_priv.h: Ignore session, context and format parameters +Daniel Stenberg (17 Dec 2021) +- .github/SECURITY.md: fix the URL -- x11 example: check return value of socket function +- .github/SECURITY.md: add security policy -- examples: fixed mixed line-endings introduced with aedfba25b8 +GitHub (30 Nov 2021) +- [Will Cosgrove brought this change] -- wincng.c: explicitly ignore BCrypt*AlgorithmProvider return codes + hostkey_method_ssh_ed25519_init() check key bounds (#645) - Fixes VS2012 code analysis warning C6031: - return value ignored: could return unexpected value - -- wincng.c: fix possible invalid memory write access + * hostkey_method_ssh_ed25519_init() check key bounds - Fixes VS2012 code analysis warning C6386: - buffer overrun: accessing 'pbOutput', the writable size is - 'cbOutput' bytes, but '3' bytes may be written: libssh2 wincng.c 610 - -- tests on Windows: check for WSAStartup return code + File: hostkey.c - Fixes VS2012 code analysis warning C6031: - return value ignored: could return unexpected value - -- wincng.c: fix possible NULL pointer de-reference of bignum + Notes: + Additional key length checking before calling _libssh2_ed25519_new_public() - Fixes VS2012 code analysis warning C6011: - dereferencing NULL pointer 'bignum'. libssh2 wincng.c 1567 + Credit: + Will Cosgrove -- wincng.c: fix possible use of uninitialized memory - - Fixes VS2012 code analysis warning C6001: - using uninitialized memory 'cbDecoded'. libssh2 wincng.c 553 +- [Will Cosgrove brought this change] -- packet.c: fix possible NULL pointer de-reference within listen_state + Fix error message in memory_read_privatekey #636 - Fixes VS2012 code analysis warning C6011: - dereferencing NULL pointer 'listen_state->channel'. libssh2 packet.c 221 + file: userauth.c + note: fix error message + credit: + volund -- kex.c: fix possible NULL pointer de-reference with session->kex - - Fixes VS2012 code analysis warning C6011: - dereferencing NULL pointer 'session->kex'. libssh2 kex.c 1761 +- [cntrump brought this change] -- agent.c: check return code of MapViewOfFile + Update maketgz for macOS (#543) - Fixes VS2012 code analysis warning C6387: 'p+4' may be '0': - this does not adhere to the specification for the function - 'memcpy': libssh2 agent.c 330 + File: + maketgz - Fixes VS2012 code analysis warning C6387: 'p' may be '0': - this does not adhere to the specification for the function - 'UnmapViewOfFile': libssh2 agent.c 333 - -- examples on Windows: check for socket return code + Notes: + Fix error on macOS: sed: -e: No such file or directory - Fixes VS2012 code analysis warning C28193: - The variable holds a value that must be examined + Credit: + cntrump -- examples on Windows: check for WSAStartup return code - - Fixes VS2012 code analysis warning C6031: - return value ignored: could return unexpected value +- [Jun Tseng brought this change] -Guenter Knauf (11 Dec 2014) -- wincng.c: silent some more gcc compiler warnings. + CMake update minimum version to 2.8.12 (#639) + + File: + CMakeLists.txt + + Notes: + Following CMake's advice, Update the minimum required version. + + Credit: + Jun Tseng -- wincng.c: silent gcc compiler warnings. +Daniel Stenberg (8 Nov 2021) +- [David Korczynski brought this change] -- Watcom build: added support for WinCNG build. + ci: Add CIFuzz integration + + Notes: + Add CIFuzz integration to run fuzzer using the OSS-Fuzz infrastructure + at each PR. + + Signed-off-by: David Korczynski + Closes #635 -- build: updated dependencies in makefiles. +GitHub (26 Oct 2021) +- [Uwe L. Korn brought this change] -Daniel Stenberg (4 Dec 2014) -- configure: change LIBS not LDFLAGS when checking for libs + Use libssh2_EXPORTS as an alternative to _WINDLL (#470) - Closes #289 + Files: libssh2.h - Patch-by: maurerpe - -Guenter Knauf (3 Dec 2014) -- MinGW build: some more GNUMakefile tweaks. + Notes: + `_WINDLL` is only defined when a Visual Studio CMake generator is used, `libssh2_EXPORTS` is used though for all CMake generator if a shared libssh2 library is being built. - test/GNUmakefile: added architecture autodetection; added switches to - CFLAGS and RCFLAGS to make sure that the right architecture is used. - Added support to build with WinCNG. + Credit: + Uwe L. Korn -- sftpdir.c: added authentication method detection. +Viktor Szakats (1 Oct 2021) +- windows: fix clang and WinCNG warnings - Stuff copied over from ssh2.c to make testing a bit easier. - -- NMake build: fixed LIBS settings. - -- NMake build: added support for WinCNG build. - -- MinGW build: some GNUMakefile tweaks. + Fix these categories of warning: - Added architecture autodetection; added switches to CFLAGS and - RCFLAGS to make sure that the right architecture is used. - Added support to build with WinCNG. - -- MinGW build: Fixed redefine warnings. - -- Updated copyright year. - -Daniel Stenberg (31 Aug 2014) -- COPYING: bump the copyright year - -Dan Fandrich (28 Jul 2014) -- docs: fixed a bunch of typos - -- docs: added missing libssh2_session_handshake.3 file - -Marc Hoersken (19 May 2014) -- wincng.c: specify the required libraries for dependencies using MSVC + - in `wincng.c` disagreement in signed/unsigned char when passing around + the passphrase string: + `warning: pointer targets in passing argument [...] differ in signedness [-Wpointer-sign]` + Fixed by using `const unsigned char *` in all static functions and + applying/updating casts as necessary. - Initially reported by Bob Kast as "for MS VS builds, specify the - libraries that are required so they don't need to go into all - project files that may use this library". Thanks a lot. - -- [Bob Kast brought this change] - - windows build: do not export externals from static library + - in each use of `libssh2_*_init()` macros where the result is not used: + `warning: value computed is not used [-Wunused-value]` + Fixed by using `(void)` casts. - If you are building a DLL, then you need to explicitly export each - entry point. When building a static library, you should not. + - `channel.c:1171:7: warning: 'rc' may be used uninitialized in this function [-Wmaybe-uninitialized]` + Fixed by initializing this variable with `LIBSSH2_ERROR_CHANNEL_UNKNOWN`. + While there I replaced a few 0 literals with `LIBSSH2_ERROR_NONE`. - libssh2 was exporting the entry points whether it was building a DLL or a - static library. To elaborate further, if libssh2 was used as a static - library, which was being linked into a DLL, the libssh2 API would be - exported from that separate DLL. - -Daniel Stenberg (19 May 2014) -- [Mikhail Gusarov brought this change] - - Fix typos in manpages - -Marc Hoersken (18 May 2014) -- wincng.c: Fixed memory leak in case of an error during ASN.1 decoding - -- configure: Display individual crypto backends on separate lines + - in `sftp.c`, several of these two warnings: + `warning: 'data' may be used uninitialized in this function [-Wmaybe-uninitialized]` + `warning: 'data_len' may be used uninitialized in this function [-Wmaybe-uninitialized]` + Fixed by initializing these variables with NULL and 0 respectively. - This avoids line-wrapping in between parameters and makes the - error message look like the following: + - Also removed the exec attribute from `wincng.h`. - configure: error: No crypto library found! - Try --with-libssl-prefix=PATH - or --with-libgcrypt-prefix=PATH - or --with-wincng on Windows - -- [Bob Kast brought this change] - - libssh2_priv.h: a 1 bit bit-field should be unsigned + Notes: + - There are many pre-existing checksrc issues. + - The `sftp.c` and `channel.c` warnings may apply to other platforms as well. - some compilers may not like this - -- knownhost.c: Fixed warning that pointer targets differ in signedness - -- wincng.c: Fixed warning about pointer targets differing in signedness + Closes #628 -- tcpip-forward.c: Fixed warning that pointer targets differ in signedness - - libssh2_channel_forward_listen_ex uses ints instead of unsigned ints. +Daniel Stenberg (25 Sep 2021) +- README: use www.libssh2.org for the license link -- misc.c: Fixed warning about mixed declarations and code +- libssh2.h: bump it to 1.10.1-dev -- libgcrypt.h: Fixed warning about pointer targets differing in signedness +- mailing list: moved to lists.haxx.se -- wincng.h: Fixed warning about pointer targets differing in signedness +GitHub (2 Sep 2021) +- [Laurent Stacul brought this change] -- misc.c: Fixed warning about unused parameter abstract + openssh_fixture.c: Fix openssh_server build not working (#616) (#620) + + File: openssh_fixture.c + + Notes: + fixes too long of output lines building docker image + + Credit: + Laurent Stacul -- tcpip-forward.c: Removed unused variables shost, sport and sockopt +- [Will Cosgrove brought this change] -- wincng.h: Added forward declarations for all WinCNG functions + openssh_fixture.c: fix warning (#621) - Initially reported by Bob Kast as "Wincng - define function - prototypes for wincng routines". Thanks a lot. + File: openssh_fixture.c - Also replaced structure definitions with type definitions. - -- [Bob Kast brought this change] + Notes: + Fix `portable_sleep` return type warning + + Credit: + Will Cosgrove - libssh2.h: on Windows, a socket is of type SOCKET, not int +- [Will Cosgrove brought this change] -- win32: Added WinCNG targets to generated Visual Studio project + Update CI to use latest Ubuntu #624 (#625) - Inspired by Bob Kast's reports, this commit enables the compilation - of libssh2 with WinCNG using the generated Visual Studio project files. - This commit adds WinCNG support to parts of the existing Win32 build - infrastructure, until new build systems, like pre-defined VS project - files or CMake files may be added. + File: ci.yml - This commit and b20bfeb3e519119a48509a1099c06d65aa7da1d7 raise one - question: How to handle build systems, like VS project files, that - need to include all source files regardless of the desired target, - including all supported crypto backends? For now the mentioned commit - added a check for LIBSSH2_OPENSSL to openssl.c and with this commit - the supported crypto backends are hardcoded within Makefile.am. - -- libssh2_priv msvc: Removed redundant definition of inline keyword + Notes: + Update CI to use latest Ubuntu #624 - Initially reported by Bob Kast as "Remove redundant 'inline' define". - Thanks a lot. - -- wincng: Made data parameter to hash update function constant + Also removed 32 bit building in the matrix. - Initially reported by Bob Kast as "formal parameter must be const - since it is used in contexts where the actual parameter may be const". - Thanks a lot. - -- wincng: fix cross-compilation against the w64 mingw-runtime package + Credit: + Will Cosgrove -- openssl: Check for LIBSSH2_OPENSSL in order to compile with openssl +- [Will Cosgrove brought this change] -- wincng: Fixed use of possible uninitialized variable pPaddingInfo + Update .gitignore - Reported by Bob Kast, thanks a lot. + Add .DS_Store files for macOS -- wincng: Added cast for double to unsigned long conversion - -- wincng: Cleaned up includes and check NTSTATUS using macro - - Removed header file combination that is not supported on a real - Windows platform and can only be compiled using MinGW. Replaced - custom NTSTATUS return code checks with BCRYPT_SUCCESS macro. +- [Laurent Stacul brought this change] -Daniel Stenberg (16 Mar 2014) -- userauth_hostbased_fromfile: zero assign to avoid uninitialized use + Makefile.am: Add missing key in case openssl > 1.1.0 (#617) - Detected by clang-analyze - -- channel_receive_window_adjust: store windows size always + File: Makefile.am - Avoid it sometimes returning without storing it, leaving calling - functions with unknown content! + Notes: fix missing test keys - Detected by clang-analyzer + Credit: + Laurent Stacul -- publickey_packet_receive: avoid junk in returned pointers - - clang-analyzer found this risk it would return a non-initialized pointer - in a success case +Version 1.10.0 (29 Aug 2021) -Peter Stuge (16 Mar 2014) -- [Marc Hoersken brought this change] +Daniel Stenberg (29 Aug 2021) +- [Will Cosgrove brought this change] - Added Windows Cryptography API: Next Generation based backend + updated docs for 1.10.0 release -- [Marc Hoersken brought this change] +Marc Hörsken (30 May 2021) +- [Laurent Stacul brought this change] - knownhost.c: fixed that 'key_type_len' may be used uninitialized + [tests] Try several times to connect the ssh server - ../src/knownhost.c: In function 'libssh2_knownhost_readline': - ../src/knownhost.c:651:16: warning: 'key_type_len' may be used - uninitialized in this function [-Wmaybe-uninitialized] - rc = knownhost_add(hosts, hostbuf, NULL, - ^ - ../src/knownhost.c:745:12: note: 'key_type_len' was declared here - size_t key_type_len; - ^ - -- [Marc Hoersken brought this change] + Sometimes, as the OCI container is run in detached mode, it is possible + the actual server is not ready yet to handle SSH traffic. The goal of + this PR is to try several times (max 3). The mechanism is the same as + for the connection to the docker machine. - pem.c: always compile pem.c independently of crypto backend +- [Laurent Stacul brought this change] -- Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro - - Commit d512b25f69a1b6778881f6b4b5ff9cfc6023be42 introduced a crypto - library abstraction in the autotools build system, to allow us to more - easily support new crypto libraries. In that process it was found that - all other build system which we support are hard-coded to build with - OpenSSL. Commit f5c1a0d98bd51aeb24aca3d49c7c81dcf8bd858d fixes automake - introduced into non-autotools build systems but still overlooked the - CPP macro saying that we are using OpenSSL. - - Thanks to Marc Hörsken for identifying this issue and proposing a fix - for win32/{GNUmakefile,config.mk}. This commit uses a slightly different - approach but the end result is the same. + Remove openssh_server container on test exit -Dan Fandrich (15 Mar 2014) -- channel_close: Close the channel even in the case of errors +- [Laurent Stacul brought this change] -- sftp_close_handle: ensure the handle is always closed + Allow the tests to run inside a container + + The current tests suite starts SSH server as OCI container. This commit + add the possibility to run the tests in a container provided that: - Errors are reported on return, but otherwise the close path is - completed as much as possible and the handle is freed on exit. + * the docker client is installed builder container + * the host docker daemon unix socket has been mounted in the builder + container (with, if needed, the DOCKER_HOST environment variable + accordingly set, and the permission to write on this socket) + * the builder container is run on the default bridge network, or the + host network. This PR does not handle the case where the builder + container is on another network. -Alexander Lamaison (6 Mar 2014) -- knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short buffer. +Marc Hoersken (28 May 2021) +- CI/appveyor: run SSH server for tests on GitHub Actions (#607) - Commit 85c6627c changed the behaviour of `libssh2_knownhost_writeline` so that it stopped returning the number of bytes needed when the given buffer was too small. Also, the function changed such that is might write to part of the buffer before realising it is too small. + No longer rely on DigitalOcean to host the Docker container. - This commit restores the original behaviour, whilst keeping the unknown-key-type functionality that 85c6627c. Instead of writing to the buffer piecemeal, the length of the various parts is calculated up front and the buffer written only if there is enough space. The calculated necessary size is output in `outlen` regardless of whether the buffer was written to. + Unfortunately we require a small dispatcher script that has + access to a GitHub access token with scope repo in order to + trigger the daemon workflow on GitHub Actions also for PRs. - The main use-case for the original behaviour that this commit restores is to allow passing in a NULL buffer to get the actual buffer size needed, before calling the function again with the buffer allocated to the exact size required. + This script is hosted by myself for the time being until GitHub + provides a tighter scope to trigger the workflow_dispatch event. -- knownhost: Fix DSS keys being detected as unknown. - - I missing `else` meant ssh-dss format keys were being re-detected as unknown format. +GitHub (26 May 2021) +- [Will Cosgrove brought this change] -Dan Fandrich (6 Mar 2014) -- knownhosts: Abort if the hosts buffer is too small + openssl.c: guards around calling FIPS_mode() #596 (#603) - This could otherwise cause a match on the wrong host - -- agent_list_identities: Fixed memory leak on OOM - -- Fixed a few typos - -- userauth: Fixed an attempt to free from stack on error + Notes: + FIPS_mode() is not implemented in LibreSSL and this API is removed in OpenSSL 3.0 and was introduced in 0.9.7. Added guards around making this call. + + Credit: + Will Cosgrove -- Fixed a few memory leaks in error paths +- [Will Cosgrove brought this change] -- Fixed two potential use-after-frees of the payload buffer + configure.ac: don't undefine scoped variable (#594) + + * configure.ac: don't undefine scoped variable - The first might occur if _libssh2_packet_add returns an error, as - fullpacket_state wasn't reset to idle so if it were possible for - fullpacket to be called again, it would return to the same state - handler and re-use the freed p->packet buffer. + To get this script to run with Autoconf 2.71 on macOS I had to remove the undefine of the backend for loop variable. It seems scoped to the for loop and also isn't referenced later in the script so it seems OK to remove it. - The second could occur if decrypt returned an error, as it freed the - packet buffer but did not clear total_num, meaning that freed buffer - could be written into again later. - -Alexander Lamaison (28 Nov 2013) -- Fix missing `_libssh2_error` in `_libssh2_channel_write`. + * configure.ac: remove cygwin specific CFLAGS #598 - In one case, the error code from `_libssh2_transport_read` was being returned from `_libssh2_channel_write` without setting it as the last error by calling `_libssh2_error`. This commit fixes that. + Notes: + Remove cygwin specific Win32 CFLAGS and treat the build like a posix build - Found when using a session whose socket had been inadvertently destroyed. The calling code got confused because via `libssh2_session_last_error` it appeared no error had occurred, despite one being returned from the previous function. + Credit: + Will Cosgrove, Brian Inglis -Kamil Dudka (21 Nov 2013) -- [Mark McPherson brought this change] +- [Laurent Stacul brought this change] - openssl: initialise the digest context before calling EVP_DigestInit() - - When using the OpenSSL libraries in FIPS mode, the function call - EVP_DigestInit() is actually #defined to FIPS_digestinit(). - Unfortunately wheres EVP_DigestInit() initialises the context and then - calls EVP_DigestInit_ex(), this function assumes that the context has - been pre-initialised and crashes when it isn't. + tests: Makefile.am: Add missing tests client keys in distribution tarball (#604) - Bug: https://trac.libssh2.org/ticket/279 + Notes: + Added missing test keys. - Fixes #279 - -- [Marc Hörsken brought this change] + Credit: + Laurent Stacul - .gitignore: Ignore files like src/libssh2_config.h.in~ +- [Laurent Stacul brought this change] -Peter Stuge (13 Nov 2013) -- Move automake conditionals added by commit d512b25f out of Makefile.inc - - Commit d512b25f69a1b6778881f6b4b5ff9cfc6023be42 added automake - conditionals to Makefile.inc but since Makefile.inc is included - from Makefile for all other build systems that does not work. + Makefile.am: Add missing test keys in the distribution tarball (#601) - This commit instead adds Makefile.OpenSSL.inc and Makefile.libgcrypt.inc - and moves the automake conditional to its proper place, src/Makefile.am. + Notes: + Fix tests missing key to build the OCI image - The automake conditional includes the correct Makefile.$name.inc per - the crypto library selection/detection done by configure. + Credit: + Laurent Stacul + +Daniel Stenberg (16 May 2021) +- dist: add src/agent.h - All non-autotools build system files in libssh2 are hardcoded to use - OpenSSL and do not get a conditional but at least there is some reuse - because they can all include the new Makefile.OpenSSL.inc. + Fixes #597 + Closes #599 -Daniel Stenberg (27 Oct 2013) -- [Salvador Fandino brought this change] +GitHub (12 May 2021) +- [Will Cosgrove brought this change] - Set default window size to 2MB - - The default channel window size used until now was 256KB. This value is - too small and results on a bottleneck on real-life networks where - round-trip delays can easily reach 300ms. - - The issue was not visible because the configured channel window size - was being ignored and a hard-coded value of ~22MB being used instead, - but that was fixed on a previous commit. + packet.c: Reset read timeout after received a packet (#576) (#586) - This patch just changes the default window size - (LIBSSH2_CHANNEL_WINDOW_DEFAULT) to 2MB. It is the same value used by - OpenSSH and in our opinion represents a good compromise between memory - used and transfer speed. + File: + packet.c - Performance tests were run to determine the optimum value. The details - and related discussion are available from the following thread on the - libssh2 mailing-list: + Notes: + Attempt keyboard interactive login (Azure AD 2FA login) and use more than 60 seconds to complete the login, the connection fails. - http://www.libssh2.org/mail/libssh2-devel-archive-2013-10/0018.shtml - http://article.gmane.org/gmane.network.ssh.libssh2.devel/6543 + The _libssh2_packet_require function does almost the same as _libssh2_packet_requirev but this function sets state->start = 0 before returning. - An excerpt follows: + Credit: + teottin, Co-authored-by: Tor Erik Ottinsen + +- [kkoenig brought this change] + + Support ECDSA certificate authentication (#570) - "I have been running some transfer test and measuring their speed. + Files: hostkey.c, userauth.c, test_public_key_auth_succeeds_with_correct_ecdsa_key.c - My setup was composed of a quad-core Linux machine running Ubuntu 13.10 - x86_64 with a LXC container inside. The data transfers were performed - from the container to the host (never crossing through a physical - network device). + Notes: + Support ECDSA certificate authentication - Network delays were simulated using the tc tool. And ping was used to - verify that they worked as intended during the tests. + Add a test for: + - Existing ecdsa basic public key authentication + - ecdsa public key authentication with a signed public key - The operation performed was the equivalent to the following ssh command: + Credit: + kkoenig + +- [Gabriel Smith brought this change] + + agent.c: Add support for Windows OpenSSH agent (#517) - $ ssh container "dd bs=16K count=8K if=/dev/zero" >/dev/null + Files: agent.c, agent.h, agent_win.c - Though, establishment and closing of the SSH connection was excluded - from the timings. + Notes: + * agent: Add support for Windows OpenSSH agent - I run the tests several times transferring files of sizes up to 128MB - and the results were consistent between runs. + The implementation was partially taken and modified from that found in + the Portable OpenSSH port to Win32 by the PowerShell team, but mostly + based on the existing Unix OpenSSH agent support. - The results corresponding to the 128MB transfer are available here: + https://github.com/PowerShell/openssh-portable - https://docs.google.com/spreadsheet/ccc?key=0Ao1yRmX6PQQzdG5wSFlrZl9HRWNET3ZyN0hnaGo5ZFE&usp=sharing + Regarding the partial transfer support implementation: partial transfers + are easy to deal with, but you need to track additional state when + non-blocking IO enters the picture. A tracker of how many bytes have + been transfered has been placed in the transfer context struct as that's + where it makes most sense. This tracker isn't placed behind a WIN32 + #ifdef as it will probably be useful for other agent implementations. - It clearly shows that 256KB is too small as the default window size. - Moving to a 512MB generates a great improvement and after the 1MB mark - the returns rapidly diminish. Other factors (TCP window size, probably) - become more limiting than the channel window size + * agent: win32 openssh: Disable overlapped IO - For comparison I also performed the same transfers using OpenSSH. Its - speed is usually on par with that of libssh2 using a window size of 1MB - (even if it uses a 2MB window, maybe it is less aggressive sending the - window adjust msgs)." + Non-blocking IO is not currently supported by the surrounding agent + code, despite a lot of the code having everything set up to handle it. - Signed-off-by: Salvador Fandino + Credit: + Co-authored-by: Gabriel Smith -- [Salvador brought this change] +- [Zenju brought this change] - _libssh2_channel_read: Honour window_size_initial - - _libssh2_channel_read was using an arbitrary hard-coded limit to trigger - the window adjusting code. The adjustment used was also hard-coded and - arbitrary, 15MB actually, which would limit the usability of libssh2 on - systems with little RAM. - - This patch, uses the window_size parameter passed to - libssh2_channel_open_ex (stored as remote.window_size_initial) plus the - buflen as the base for the trigger and the adjustment calculation. + Fix detailed _libssh2_error being overwritten (#473) - The memory usage when using the default window size is reduced from 22MB - to 256KB per channel (actually, if compression is used, these numbers - should be incremented by ~50% to account for the errors between the - decompressed packet sizes and the predicted sizes). + Files: openssl.c, pem.c, userauth.c - My tests indicate that this change does not impact the performance of - transfers across localhost or a LAN, being it on par with that of - OpenSSH. On the other hand, it will probably slow down transfers on - networks with high bandwidth*delay when the default window size - (LIBSSH2_CHANNEL_WINDOW_DEFAULT=256KB) is used. + Notes: + * Fix detailed _libssh2_error being overwritten by generic errors + * Unified error handling - Signed-off-by: Salvador Fandino + Credit: + Zenju -- [Salvador Fandino brought this change] +- [Paul Capron brought this change] - knownhosts: handle unknown key types - - Store but don't use keys of unsupported types on the known_hosts file. + Fix _libssh2_random() silently discarding errors (#520) - Currently, when libssh2 parses a known_host file containing keys of some - type it doesn't natively support, it stops reading the file and returns - an error. + Notes: + * Make _libssh2_random return code consistent - That means, that the known_host file can not be safely shared with other - software supporting other key types (i.e. OpenSSH). + Previously, _libssh2_random was advertized in HACKING.CRYPTO as + returning `void` (and was implemented that way in os400qc3.c), but that + was in other crypto backends a lie; _libssh2_random is (a macro + expanding) to an int-value expression or function. - This patch adds support for handling keys of unknown type. It can read - and write them, even if they are never going to be matched. + Moreover, that returned code was: + — 0 or success, -1 on error for the MbedTLS & WinCNG crypto backends + But also: + — 1 on success, -1 or 0 on error for the OpenSSL backend! + – 1 on success, error cannot happen for libgcrypt! - At the source level the patch does the following things: + This commit makes explicit that _libssh2_random can fail (because most of + the underlying crypto functions can indeed fail!), and it makes its result + code consistent: 0 on success, -1 on error. - - add a new unknown key type LIBSSH2_KNOWNHOST_KEY_UNKNOWN + This is related to issue #519 https://github.com/libssh2/libssh2/issues/519 + It fixes the first half of it. - - add a new slot (key_type_name) on the known_host struct that is - used to store the key type in ascii form when it is not supported + * Don't silent errors of _libssh2_random - - parse correctly known_hosts entries with unknown key types and - populate the key_type_name slot + Make sure to check the returned code of _libssh2_random(), and + propagates any failure. - - print correctly known_hosts entries of unknown type + A new LIBSSH_ERROR_RANDGEN constant is added to libssh2.h + None of the existing error constants seemed fit. - - when checking a host key ignore keys that do not match the key + This commit is related to d74285b68450c0e9ea6d5f8070450837fb1e74a7 + and to https://github.com/libssh2/libssh2/issues/519 (see the issue + for more info.) It closes #519. - Fixes #276 + Credit: + Paul Capron -- windows build: fix build errors - - Fixes various link errors with VS2010 - - Reported-by: "kdekker" - Fixes #272 +- [Gabriel Smith brought this change] -- man page: add missing function argument - - for libssh2_userauth_publickey_fromfile_ex() + ci: Remove caching of docker image layers (#589) - Reported-by: "pastey" + Notes: + continued ci reliability work. - Fixes #262 + Credit: + Gabriel Smith -- [Salvador brought this change] +- [Gabriel Smith brought this change] - Fix zlib deflate usage - - Deflate may return Z_OK even when not all data has been compressed - if the output buffer becomes full. - - In practice this is very unlikely to happen because the output buffer - size is always some KBs larger than the size of the data passed for - compression from the upper layers and I think that zlib never expands - the data so much, even on the worst cases. + ci: Speed up docker builds for tests (#587) - Anyway, this patch plays on the safe side checking that the output - buffer is not exhausted. + Notes: + The OpenSSH server docker image used for tests is pre-built to prevent + wasting time building it during a test, and unneeded rebuilds are + prevented by caching the image layers. - Signed-off-by: Salvador + Credit: + Gabriel Smith -- [Salvador brought this change] +- [Will Cosgrove brought this change] - comp_method_zlib_decomp: Improve buffer growing algorithm - - The old algorithm was O(N^2), causing lots and lots of reallocations - when highly compressed data was transferred. + userauth.c: don't error if using keys without RSA (#555) - This patch implements a simpler one that just doubles the buffer size - everytime it is exhausted. It results in O(N) complexity. + file: userauth.c - Also a smaller inflate ratio is used to calculate the initial size (x4). + notes: libssh2 now supports many other key types besides RSA, if the library is built without RSA support and a user attempts RSA auth it shouldn't be an automatic error - Signed-off-by: Salvador + credit: + Will Cosgrove -- [Salvador brought this change] +- [Marc brought this change] - Fix zlib usage - - Data may remain in zlib internal buffers when inflate() returns Z_OK - and avail_out == 0. In that case, inflate has to be called again. - - Also, once all the data has been inflated, it returns Z_BUF_ERROR to - signal that the input buffer has been exhausted. - - Until now, the way to detect that a packet payload had been completely - decompressed was to check that no data remained on the input buffer - but that didn't account for the case where data remained on the internal - zlib buffers. + openssl.c: Avoid OpenSSL latent error in FIPS mode (#528) - That resulted in packets not being completely decompressed and the - missing data reappearing on the next packet, though the bug was masked - by the buffer allocation algorithm most of the time and only manifested - when transferring highly compressible data. + File: + openssl.c - This patch fixes the zlib usage. + Notes: + Avoid initing MD5 digest, which is not permitted in OpenSSL FIPS certified cryptography mode. - Signed-off-by: Salvador + Credit: + Marc -- [Salvador brought this change] +- [Laurent Stacul brought this change] - _libssh2_channel_read: fix data drop when out of window - - After filling the read buffer with data from the read queue, when the - window size was too small, "libssh2_channel_receive_window_adjust" was - called to increase it. In non-blocking mode that function could return - EAGAIN and, in that case, the EAGAIN was propagated upwards and the data - already read on the buffer lost. - - The function was also moving between the two read states - "libssh2_NB_state_idle" and "libssh2_NB_state_created" both of which - behave in the same way (excepting a debug statment). + openssl.c: Fix EVP_Cipher interface change in openssl 3 #463 - This commit modifies "_libssh2_channel_read" so that the - "libssh2_channel_receive_window_adjust" call is performed first (when - required) and if everything goes well, then it reads the data from the - queued packets into the read buffer. + File: + openssl.c - It also removes the useless "libssh2_NB_state_created" read state. + Notes: + Fixes building with OpenSSL 3, #463. - Some rotted comments have also been updated. + The change is described there: + https://github.com/openssl/openssl/commit/f7397f0d58ce7ddf4c5366cd1846f16b341fbe43 - Signed-off-by: Salvador + Credit: + Laurent Stacul, reported by Sergei -- [Salvador Fandino brought this change] +- [Gabriel Smith brought this change] - window_size: redid window handling for flow control reasons - - Until now, the window size (channel->remote.window_size) was being - updated just after receiving the packet from the transport layer. - - That behaviour is wrong because the channel queue may grow uncontrolled - when data arrives from the network faster that the upper layer consumes - it. - - This patch adds a new counter, read_avail, which keeps a count of the - bytes available from the packet queue for reading. Also, now the window - size is adjusted when the data is actually read by an upper layer. - - That way, if the upper layer stops reading data, the window will - eventually fill and the remote host will stop sending data. When the - upper layers reads enough data, a window adjust packet is delivered and - the transfer resumes. + openssh_fixture.c: Fix potential overwrite of buffer when reading stdout of command (#580) - The read_avail counter is used to detect the situation when the remote - server tries to send data surpassing the window size. In that case, the - extra data is discarded. + File: + openssh_fixture.c + Notes: + If reading the full output from the executed command took multiple + passes (such as when reading multiple lines) the old code would read + into the buffer starting at the some position (the start) every time. + The old code only works if fgets updated p or had an offset parameter, + both of which are not true. - Signed-off-by: Salvador - -Peter Stuge (15 Sep 2013) -- configure.ac: Call zlib zlib and not libz in text but keep option names + Credit: + Gabriel Smith -- configure.ac: Reorder --with-* options in --help output +- [Gabriel Smith brought this change] -- configure.ac: Rework crypto library detection + ci: explicitly state the default branch (#585) - This further simplifies adding new crypto libraries. - -- Clean up crypto library abstraction in build system and source code + Notes: + It looks like the $default-branch macro only works in templates, not + workflows. This is not explicitly stated anywhere except the linked PR + comment. - libssh2 used to explicitly check for libgcrypt and default to OpenSSL. + https://github.com/actions/starter-workflows/pull/590#issuecomment-672360634 - Now all possible crypto libraries are checked for explicitly, making - the addition of further crypto libraries both simpler and cleaner. + credit: + Gabriel Smith -- configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib +- [Gabriel Smith brought this change] -- Revert "Added Windows Cryptography API: Next Generation based backend" + ci: Swap from Travis to Github Actions (#581) - This reverts commit d385230e15715e67796f16f3e65fd899f21a638b. - -Daniel Stenberg (7 Sep 2013) -- [Leif Salomonsson brought this change] - - sftp_statvfs: fix for servers not supporting statfvs extension + Files: ci files + + Notes: + Move Linux CI using Github Actions - Fixes issue arising when server does not support statfvs and or fstatvfs - extensions. sftp_statvfs() and sftp_fstatvfs() after this patch will - handle the case when SSH_FXP_STATUS is returned from server. + Credit: + Gabriel Smith, Marc Hörsken -- [Marc Hoersken brought this change] +- [Mary brought this change] - Added Windows Cryptography API: Next Generation based backend + libssh2_priv.h: add iovec on 3ds (#575) + + file: libssh2_priv.h + note: include iovec for 3DS + credit: Mary Mstrodl -- [Kamil Dudka brought this change] +- [Laurent Stacul brought this change] - partially revert "window_size: explicit adjustments only" + Tests: Fix unused variables warning (#561) - This partially reverts commit 03ca9020756a4e16f0294e5b35e9826ee6af2364 - in order to fix extreme slowdown when uploading to localhost via SFTP. + file: test_public_key_auth_succeeds_with_correct_ed25519_key_from_mem.c - I was able to repeat the issue on RHEL-7 on localhost only. It did not - occur when uploading via network and it did not occur on a RHEL-6 box - with the same version of libssh2. + notes: fixed unused vars - The problem was that sftp_read() used a read-ahead logic to figure out - the window_size, but sftp_packet_read() called indirectly from - sftp_write() did not use any read-ahead logic. + credit: + Laurent Stacul -- _libssh2_channel_write: client spins on write when window full - - When there's no window to "write to", there's no point in waiting for - the socket to become writable since it most likely just will continue to - be. - - Patch-by: ncm - Fixes #258 +- [Viktor Szakats brought this change] -- _libssh2_channel_forward_cancel: avoid memory leaks on error + bcrypt_pbkdf.c: fix clang10 false positive warning (#563) - Fixes #257 - -- _libssh2_packet_add: avoid using uninitialized memory + File: bcrypt_pbkdf.c - In _libssh2_packet_add, called by _libssh2_packet_read, a call to - _libssh2_packet_send that is supposed to send a one-byte message - SSH_MSG_REQUEST_FAILURE would send an uninitialized byte upon re-entry - if its call to _send returns _EAGAIN. + Notes: + blf_enc() takes a number of 64-bit blocks to encrypt, but using + sizeof(uint64_t) in the calculation triggers a warning with + clang 10 because the actual data type is uint32_t. Pass + BCRYPT_BLOCKS / 2 for the number of blocks like libc bcrypt(3) + does. - Fixes #259 - -- _libssh2_channel_forward_cancel: accessed struct after free + Ref: https://github.com/openbsd/src/commit/04a2240bd8f465bcae6b595d912af3e2965856de - ... and the assignment was pointless anyway since the struct was about - to be freed. Bug introduced in dde2b094. + Fixes #562 - Fixes #268 + Credit: + Viktor Szakats -Peter Stuge (2 Jun 2013) -- [Marc Hoersken brought this change] +- [Will Cosgrove brought this change] - Fixed compilation using mingw-w64 + transport.c: release payload on error (#554) + + file: transport.c + notes: If the payload is invalid and there is an early return, we could leak the payload + credit: + Will Cosgrove -- [Marc Hoersken brought this change] +- [Will Cosgrove brought this change] - knownhost.c: use LIBSSH2_FREE macro instead of free + ssh2_client_fuzzer.cc: fixed building - Use LIBSSH2_FREE instead of free since - _libssh2_base64_encode uses LIBSSH2_ALLOC + The GitHub web editor did some funky things -Daniel Stenberg (18 May 2013) -- [Matthias Kerestesch brought this change] +- [Will Cosgrove brought this change] - libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET + ssh_client_fuzzer.cc: set blocking mode on (#553) - ... previously it was left at 0 which is a valid file descriptor! + file: ssh_client_fuzzer.cc - Bug: https://trac.libssh2.org/ticket/265 + notes: the session needs blocking mode turned on to avoid EAGAIN being returned from libssh2_session_handshake() - Fixes #265 + credit: + Will Cosgrove, reviewed by Michael Buckley + +- [Etienne Samson brought this change] -- userauth_password: pass on the underlying error code + Add a LINT option to CMake (#372) - _libssh2_packet_requirev() may return different errors and we pass that - to the parent instead of rewriting it. + * ci: make style-checking available locally - Bug: http://libssh2.org/mail/libssh2-devel-archive-2013-04/0029.shtml - Reported by: Cosmin - -Peter Stuge (9 May 2013) -- [Marc Hoersken brought this change] - - libcrypt.c: Fix typo in _libssh2_rsa_sha1_sign() parameter type - -Kamil Dudka (4 May 2013) -- configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS + * cmake: add a linting target - Reported by: Quintus - Bug: https://trac.libssh2.org/ticket/261 - -Guenter Knauf (12 Apr 2013) -- Fixed copyright string for NetWare build. + * tests: check test suite syntax with checksrc.pl -Daniel Stenberg (9 Apr 2013) -- [Richard W.M. Jones brought this change] +- [Will Cosgrove brought this change] - sftp: Add support for fsync (OpenSSH extension). - - The new libssh2_sftp_fsync API causes data and metadata in the - currently open file to be committed to disk at the server. + kex.c: kex_agree_instr() improve string reading (#552) - This is an OpenSSH extension to the SFTP protocol. See: + * kex.c: kex_agree_instr() improve string reading - https://bugzilla.mindrot.org/show_bug.cgi?id=1798 - -- [Richard W.M. Jones brought this change] - - sftp: statvfs: Along error path, reset the correct 'state' variable. + file: kex.c + notes: if haystack isn't null terminated we should use memchr() not strchar(). We should also make sure we don't walk off the end of the buffer. + credit: + Will Cosgrove, reviewed by Michael Buckley -- [Richard W.M. Jones brought this change] +- [Will Cosgrove brought this change] - sftp: seek: Don't flush buffers on same offset + kex.c: use string_buf in ecdh_sha2_nistp (#551) - Signed-off-by: Richard W.M. Jones - -Guenter Knauf (9 Feb 2013) -- Updated dependency libs. - -- Fixed tool macro names. - -Daniel Stenberg (29 Nov 2012) -- [Seth Willits brought this change] - - compiler warnings: typecast strlen in macros + * kex.c: use string_buf in ecdh_sha2_nistp - ... in macro parameters to avoid compiler warnings about lost precision. + file: kex.c - Several macros in libssh2.h call strlen and pass the result directly to - unsigned int parameters of other functions, which warns about precision - loss because strlen returns size_t which is unsigned long on at least - some platforms (such as OS X). The fix is to simply typecast the - strlen() result to unsigned int. - -- libssh2.h: bump version to 1.4.4-DEV - -Version 1.4.3 (27 Nov 2012) - -Daniel Stenberg (27 Nov 2012) -- RELEASE-NOTES: fixed for 1.4.3 - -- sftp_read: return error if a too large package arrives - -Peter Stuge (13 Nov 2012) -- Only define _libssh2_dsa_*() functions when building with DSA support + notes: + use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data -Guenter Knauf (8 Nov 2012) -- Added .def file to output. +- [Will Cosgrove brought this change] -Kamil Dudka (1 Nov 2012) -- libssh2_hostkey_hash.3: update the description of return value + kex.c: move EC macro outside of if check #549 (#550) - The function returns NULL also if the hash algorithm is not available. - -Guenter Knauf (24 Oct 2012) -- Fixed mode acciedently committed. - -- Ignore generated file. - -- Added hack to make use of Makefile.inc. + File: kex.c - This should avoid further maintainance of the objects list. - -- Fixed MSVC NMakefile. + Notes: + Moved the macro LIBSSH2_KEX_METHOD_EC_SHA_HASH_CREATE_VERIFY outside of the LIBSSH2_ECDSA since it's also now used by the ED25519 code. + + Sha 256, 384 and 512 need to be defined for all backends now even if they aren't used directly. I believe this is already the case, but just a heads up. - Added missing source files; added resource for DLL. + Credit: + Stefan-Ghinea -Kamil Dudka (22 Oct 2012) -- examples: use stderr for messages, stdout for data - - Reported by: Karel Srot - Bug: https://bugzilla.redhat.com/867462 +- [Tim Gates brought this change] -- openssl: do not leak memory when handling errors + kex.c: fix simple typo, niumber -> number (#545) - ,.. in aes_ctr_init(). Detected by Coverity. - -- channel: fix possible NULL dereference + File: kex.c - ... in libssh2_channel_get_exit_signal(). Detected by Coverity. - -- Revert "aes: the init function fails when OpenSSL has AES support" + Notes: + There is a small typo in src/kex.c. - This partially reverts commit f4f2298ef3635acd031cc2ee0e71026cdcda5864. + Should read `number` rather than `niumber`. - We need to use the EVP_aes_???_ctr() functions in FIPS mode. - -- crypt: use hard-wired cipher block sizes consistently + Credit: + Tim Gates -- openssl: do not ignore failure of EVP_CipherInit() +- [Tseng Jun brought this change] -- kex: do not ignore failure of libssh2_md5_init() + session.c: Correct a typo which may lead to stack overflow (#533) - The MD5 algorithm is disabled when running in FIPS mode. - -Daniel Stenberg (21 Aug 2012) -- [Peter Krempa brought this change] - - known_hosts: Fail when parsing unknown keys in known_hosts file. + File: session.c - libssh2_knownhost_readfile() silently ignored problems when reading keys - in unsupported formats from the known hosts file. When the file is - written again from the internal structures of libssh2 it gets truntcated - to the point where the first unknown key was located. + Notes: + Seems the author intend to terminate banner_dup buffer, later, print it to the debug console. - * src/knownhost.c:libssh2_knownhost_readfile() - return error if key - parsing fails + Author: + Tseng Jun -- AUTHORS: synced with 42fec44c8a4 +Marc Hoersken (10 Oct 2020) +- wincng: fix random big number generation to match openssl - 31 recent authors added - -- [Dave Hayden brought this change] - - compression: add support for zlib@openssh.com + The old function would set the least significant bits in + the most significant byte instead of the most significant bits. - Add a "use_in_auth" flag to the LIBSSH2_COMP_METHOD struct and a - separate "zlib@openssh.com" method, along with checking session->state - for LIBSSH2_STATE_AUTHENTICATED. Appears to work on the OpenSSH servers - I've tried against, and it should work as before with normal zlib - compression. - -- [Dmitry Smirnov brought this change] - - configure: gcrypt doesn't come with pkg-config support + The old function would also zero pad too much bits in the + most significant byte. This lead to a reduction of key space + in the most significant byte according to the following listing: + - 8 bits reduced to 0 bits => eg. 2048 bits to 2040 bits DH key + - 7 bits reduced to 1 bits => eg. 2047 bits to 2041 bits DH key + - 6 bits reduced to 2 bits => eg. 2046 bits to 2042 bits DH key + - 5 bits reduced to 3 bits => eg. 2045 bits to 2043 bits DH key - ... so use plain old -lgcrypt to the linker to link with it. + No change would occur for the case of 4 significant bits. + For 1 to 3 significant bits in the most significant byte + the DH key would actually be expanded instead of reduced: + - 3 bits expanded to 5 bits => eg. 2043 bits to 2045 bits DH key + - 2 bits expanded to 6 bits => eg. 2042 bits to 2046 bits DH key + - 1 bits expanded to 7 bits => eg. 2041 bits to 2047 bits DH key - Fixes #225 - -- sftp_read: Value stored to 'next' is never read + There is no case of 0 significant bits in the most significant byte + since this would be a case of 8 significant bits in the next byte. - Detected by clang-analyzer - -- publickey_init: errors are negative, fix check + At the moment only the following case applies due to a fixed + DH key size value currently being used in libssh2: - Detected by clang-analyzer. - -- [Maxime Larocque brought this change] - - session_free: wrong variable used for keeping state + The DH group_order is fixed to 256 (bytes) which leads to a + 2047 bits DH key size by calculating (256 * 8) - 1. - If libssh2_session_free is called without the channel being freed - previously by libssh2_channel_free a memory leak could occur. + This means the DH keyspace was previously reduced from 2047 bits + to 2041 bits (while the top and bottom bits are always set), so the + keyspace is actually always reduced from 2045 bits to 2039 bits. - A mismatch of states variables in session_free() prevent the call to - libssh2_channel_free function. session->state member is used instead of - session->free_state. + All of this is only relevant for Windows versions supporting the + WinCNG backend (Vista or newer) before Windows 10 version 1903. - It causes a leak of around 600 bytes on every connection on my systems - (Linux, x64 and PPC). + Closes #521 + +Daniel Stenberg (28 Sep 2020) +- libssh2_session_callback_set.3: explain the recv/send callbacks - (Debugging done under contract for Accedian Networks) + Describe how to actually use these callbacks. - Fixes #246 + Closes #518 -Guenter Knauf (29 Jun 2012) -- Small NetWare makefile tweak. +GitHub (23 Sep 2020) +- [Will Cosgrove brought this change] -- Some small Win32 makefile fixes. + agent.c: formatting + + Improved formatting of RECV_SEND_ALL macro. -Daniel Stenberg (19 Jun 2012) -- libssh2_userauth_publickey_fromfile_ex.3: mention publickey == NULL +- [Will Cosgrove brought this change] -- comp_method_zlib_decomp: handle Z_BUF_ERROR when inflating - - When using libssh2 to perform an SFTP file transfer from the "JSCAPE MFT - Server" (http://www.jscape.com) the transfer failed. The default JSCAPE - configuration is to enforce zlib compression on SSH2 sessions so the - session was compressed. The relevant part of the debug trace contained: + CMakeLists.txt: respect install lib dir #405 (#515) - [libssh2] 1.052750 Transport: unhandled zlib error -5 - [libssh2] 1.052750 Failure Event: -29 - decompression failure + Files: + CMakeLists.txt - The trace comes from comp_method_zlib_decomp() in comp.c. The "unhandled - zlib error -5" is the status returned from the zlib function - inflate(). The -5 status corresponds to "Z_BUF_ERROR". + Notes: + Use CMAKE_INSTALL_LIBDIR directory - The inflate() function takes a pointer to a z_stream structure and - "inflates" (decompresses) as much as it can. The relevant fields of the - z_stream structure are: + Credit: Arfrever + +- [Will Cosgrove brought this change] + + kex.c: group16-sha512 and group18-sha512 support #457 (#468) - next_in - pointer to the input buffer containing compressed data - avail_in - the number of bytes available at next_in - next_out - pointer to the output buffer to be filled with uncompressed - data - avail_out - how much space available at next_out + Files: kex.c - To decompress data you set up a z_stream struct with the relevant fields - filled in and pass it to inflate(). On return the fields will have been - updated so next_in and avail_in show how much compressed data is yet to - be processed and next_out and avail_out show how much space is left in - the output buffer. + Notes: + Added key exchange group16-sha512 and group18-sha512. As a result did the following: - If the supplied output buffer is too small then on return there will be - compressed data yet to be processed (avail_in != 0) and inflate() will - return Z_OK. In this case the output buffer must be grown, avail_out - updated and inflate() called again. + Abstracted diffie_hellman_sha256() to diffie_hellman_sha_algo() which is now algorithm agnostic and takes the algorithm as a parameter since we needed sha512 support. Unfortunately it required some helper functions but they are simple. + Deleted diffie_hellman_sha1() + Deleted diffie_hellman_sha1 specific macro + Cleaned up some formatting + Defined sha384 in os400 and wincng backends + Defined LIBSSH2_DH_MAX_MODULUS_BITS to abort the connection if we receive too large of p from the server doing sha1 key exchange. + Reorder the default key exchange list to match OpenSSH and improve security - If the supplied output buffer was big enough then on return the - compressed data will have been exhausted (avail_in == 0) and inflate() - will return Z_OK, so the data has all been uncompressed. + Credit: + Will Cosgrove + +- [Igor Klevanets brought this change] + + agent.c: Recv and send all bytes via network in agent_transact_unix() (#510) - There is a corner case where inflate() makes no progress. That is, there - may be unprocessed compressed data and space available in the output - buffer and yet the function does nothing. In this case inflate() will - return Z_BUF_ERROR. From the zlib documentation and the source code it - is not clear under what circumstances this happens. It could be that it - needs to write multiple bytes (all in one go) from its internal state to - the output buffer before processing the next chunk of input but but - can't because there is not enough space (though my guesses as to the - cause are not really relevant). Recovery from Z_BUF_ERROR is pretty - simple - just grow the output buffer, update avail_out and call - inflate() again. + Files: agent.c - The comp_method_zlib_decomp() function does not handle the case when - inflate() returns Z_BUF_ERROR. It treats it as a non-recoverable error - and basically aborts the session. + Notes: + Handle sending/receiving partial packet replies in agent.c API. - Fixes #240 + Credit: Klevanets Igor -Guenter Knauf (12 Jun 2012) -- MinGW makefile tweaks. - - Use GNU tools when compiling on Linux. - Fixed dist and dev targets. +- [Daniel Stenberg brought this change] -- NetWare makefile tweaks. + Makefile.am: include all test files in the dist #379 - Changed to use Windows commandline tools instead of - GNU tools when compiling on Windows. Fixed dist and - dev targets. Enabled nlmconv error for unresolved - symbols. - -Daniel Stenberg (11 Jun 2012) -- Revert "config.rpath: generated file, no need to keep in git" + File: + Makefile.am - This reverts commit 1ac7bd09cc685755577fb2c8829adcd081e7ab3c. + Notes: + No longer conditionally include OpenSSL specific test files, they aren't run if we're not building against OpenSSL 1.1.x anyway. - This file still used by lib/*m4 functions so we need to keep the file - around. - -- BINDINGS: added PySsh2, a Python-ctypes binding + Credit: + Daniel Stenberg -Guenter Knauf (8 Jun 2012) -- Fixed MinGW debug build. +- [Max Dymond brought this change] -Daniel Stenberg (5 Jun 2012) -- BINDINGS: Added the Cocoa/Objective-C one + Add support for an OSS Fuzzer fuzzing target (#392) - ... and sorted the bindings after the languages, alphabetically + Files: + .travis.yml, configure.ac, ossfuzz - Reported by: Mike Abdullah - -- BINDINGS: document the bindings we know of - -Guenter Knauf (4 Jun 2012) -- Fixed LIBSSH2_INT64_T_FORMAT macro. + Notes: + This adds support for an OSS-Fuzz fuzzing target in ssh2_client_fuzzer, + which is a cut down example of ssh2.c. Future enhancements can improve + coverage. - Usually a format macro should hold the whole format, otherwise - it should be named a prefix. Also fixed usage of this macro in - scp.c for a signed var where it was used as prefix for unsigned. - -- Removed obsolete define from makefiles. - -- Renamed NetWare makefiles. - -- Renamed NetWare makefiles. + Credit: + Max Dymond -- Synced MinGW makefiles with 56c64a6..39e438f. - - Also synced MinGW test makefile with b092696..f8cb874. +- [Sebastián Katzer brought this change] -Peter Stuge (30 May 2012) -- Revert "sftp: Don't send attrs.permissions on read-only SSH_FXP_OPEN" + mbedtls.c: ECDSA support for mbed TLS (#385) - This reverts commit 04e79e0c798674a0796be8a55f63dd92e6877790. - -- sftp: Don't send attrs.permissions on read-only SSH_FXP_OPEN + Files: + mbedtls.c, mbedtls.h, .travis.yml - This works around a protocol violation in the ProFTPD 1.3.4 mod_sftp - server, as reported by Will Cosgrove in: + Notes: + This PR adds support for ECDSA for both key exchange and host key algorithms. - http://libssh2.org/mail/libssh2-devel-archive-2012-05/0079.shtml + The following elliptic curves are supported: - Based on a suggested fix by TJ Saunders in: + 256-bit curve defined by FIPS 186-4 and SEC1 + 384-bit curve defined by FIPS 186-4 and SEC1 + 521-bit curve defined by FIPS 186-4 and SEC1 - http://libssh2.org/mail/libssh2-devel-archive-2012-05/0104.shtml + Credit: + Sebastián Katzer -Guenter Knauf (28 May 2012) -- Try to detect OpenSSL build type automatically. +Marc Hoersken (1 Sep 2020) +- buildconf: exec autoreconf to avoid additional process (#512) - Also fixed recently added libgdi32 linkage which is only - required when OpenSSL libs are linked statically. - -Daniel Stenberg (25 May 2012) -- config.rpath: generated file, no need to keep in git - -Guenter Knauf (22 May 2012) -- Updated dependency libary versions. - -Daniel Stenberg (18 May 2012) -- 1.4.3: towards the future + Also make buildconf exit with the return code of autoreconf. + + Follow up to #224 -Version 1.4.2 (18 May 2012) +- scp.c: fix indentation in shell_quotearg documentation -Daniel Stenberg (18 May 2012) -- RELEASE-NOTES: synced with 92a9f952794 +- wincng: make more use of new helper functions (#496) -Alexander Lamaison (15 May 2012) -- win32/libssh2_config.h: Remove hardcoded #define LIBSSH2_HAVE_ZLIB. - - Rationale: Everything else in this file states a fact about the win32 - platform that is unconditional for that platform. There is nothing - unconditional about the presence of zlib. It is neither included with - Windows nor with the platform SDK. Therefore, this is not an appropriate - place to assert its presence. Especially as, once asserted, it cannot be - overridden using a compiler flag. - - In contrast, if it is omitted, then it can easily be reasserted by adding - a compiler flag defining LIBSSH2_HAVE_ZLIB. +- wincng: make sure algorithm providers are closed once (#496) -Daniel Stenberg (14 May 2012) -- RELEASE-NOTES: synced with 69a3354467c +GitHub (10 Jul 2020) +- [David Benjamin brought this change] -- _libssh2_packet_add: SSH_MSG_CHANNEL_REQUEST default to want_reply + openssl.c: clean up curve25519 code (#499) - RFC4254 says the default 'want_reply' is TRUE but the code defaulted to - FALSE. Now changed. + File: openssl.c, openssl.h, crypto.h, kex.c - Fixes #233 - -- gettimeofday: no need for a replacement under cygwin + Notes: + This cleans up a few things in the curve25519 implementation: - Fixes #224 - -Alexander Lamaison (13 May 2012) -- Prevent sftp_packet_read accessing freed memory. + - There is no need to create X509_PUBKEYs or PKCS8_PRIV_KEY_INFOs to + extract key material. EVP_PKEY_get_raw_private_key and + EVP_PKEY_get_raw_public_key work fine. - sftp_packet_add takes ownership of the packet passed to it and (now that we - handle zombies) might free the packet. sftp_packet_read uses the packet type - byte as its return code but by this point sftp_packet_add might have freed - it. This change fixes the problem by caching the packet type before calling - sftp_packet_add. + - libssh2_x25519_ctx was never used (and occasionally mis-typedefed to + libssh2_ed25519_ctx). Remove it. The _libssh2_curve25519_new and + _libssh2_curve25519_gen_k interfaces use the bytes. Note, if it needs + to be added back, there is no need to roundtrip through + EVP_PKEY_new_raw_private_key. EVP_PKEY_keygen already generated an + EVP_PKEY. - I don't understand why sftp_packet_read uses the packet type as its return - code. A future change might get rid of this entirely. - -Daniel Stenberg (12 May 2012) -- sftp_packet_flush: flush zombies too + - Add some missing error checks. - As this function is called when the SFTP session is closed, it needs to - also kill all zombies left in the SFTP session to avoid leaking memory - just in case some zombie would still be in there. + Credit: + David Benjamin -- sftp_packetlist_flush: zombies must not have responses already - - When flushing the packetlist, we must only add the request as a zombie - if no response has already been received. Otherwise we could wrongly - make it a zombie even though the response was already received and then - we'd get a zombie stuck there "forever"... +- [Will Cosgrove brought this change] -- sftp_read: on EOF remove packet before flush + transport.c: socket is disconnected, return error (#500) - Since the sftp_packetlist_flush() function will move all the existing - FXP_READ requests in this handle to the zombie list we must first remove - this just received packet as it is clearly not a zombie. - -- sftp_packet_require: sftp_packet_read() returning 0 is not an error + File: transport.c - Exactly as the comment in the code said, checking the return code from - sftp_packet_read() with <= was wrong and it should be < 0. With the new - filtering on incoming packets that are "zombies" we can now see this - getting zero returned. - -- sftp_packetlist_flush: only make it zombie if it was sent + Notes: + This is to fix #102, instead of continuing to attempt to read a disconnected socket, it will now error out. - The list of outgoing packets may also contain packets that never were - sent off and we better not make them zombies too. + Credit: + TDi-jonesds -- [Alexander Lamaison brought this change] +- [Will Cosgrove brought this change] - Mark outstanding read requests after EOF as zombies. - - In order to be fast, sftp_read sends many read requests at once. With a small - file, this can mean that when EOF is received back, many of these requests are - still outstanding. Responses arriving after we close the file and abandon the - file handle are queued in the SFTP packet queue and never collected. This - causes transfer speed to drop as a progressively longer queue must be searched - for every packet. + stale.yml - This change introduces a zombie request-ID list in the SFTP session that is - used to recognise these outstanding requests and prevent them being added to - the queue. - -Peter Stuge (23 Apr 2012) -- [Rafael Kitover brought this change] + Increasing stale values. - Update win32/GNUmakefile to use OpenSSL 1.0.1a +Marc Hoersken (6 Jul 2020) +- wincng: try newer DH API first, fallback to legacy RSA API - libcrypto on win32 now depends on gdi32.dll, so move the OpenSSL LDLIBS - block to before the compiler definitions, so that libcrypto gets added - first, and then add -lgdi32 into the following common LDLIBS for gcc. - -Guenter Knauf (23 Apr 2012) -- Changed 'Requires' to 'Requires.private'. + Avoid the use of RtlGetVersion or similar Win32 functions, + since these depend on version information from manifests. - Only static builds need to link against the crypto libs. - -- Fixed 'Requires:' names. + This commit makes the WinCNG backend first try to use the + new DH algorithm API with the raw secret derivation feature. + In case this feature is not available the WinCNG backend + will fallback to the classic approach of using RSA-encrypt + to perform the required modular exponentiation of BigNums. + + The feature availability test is done during the first handshake + and the result is stored in the crypto backends global state. - The 'Requires:' line lists the names of the .pc files. + Follow up to #397 + Closes #484 -- Added 'Requires:' line to libssh2.pc. +- wincng: fix indentation of function arguments and comments - This is necessary so that other libs which lookup libssh2 info - via pkg-config can add the right crypto lib dependencies. + Follow up to #397 -- Updated dependency lib versions. +- [Wez Furlong brought this change] -Peter Stuge (18 Apr 2012) -- configure.ac: Add option to disable build of the example applications + wincng: use newer DH API for Windows 8.1+ - Examples are built by default. Any of the following options on the - configure command line will skip building them: + Since Windows 1903 the approach used to perform DH kex with the CNG + API has been failing. - --disable-examples-build - --enable-examples-build=no - --enable-examples-build=false - -- userauth.c: fread() from public key file to correctly detect any errors + This commit switches to using the `DH` algorithm provider to perform + generation of the key pair and derivation of the shared secret. - If the filename parameter for file_read_publickey() was the name of a - directory instead of a file then libssh2 would spin trying to fgetc() - from the FILE * for the opened directory when trying to determine the - length of the encoded public key, since fgetc() can't report errors. + It uses a feature of CNG that is not yet documented. The sources of + information that I've found on this are: - Use fread() instead to correctly detect this error condition along - with many others. + * https://stackoverflow.com/a/56378698/149111 + * https://github.com/wbenny/mini-tor/blob/5d39011e632be8e2b6b1819ee7295e8bd9b7a769/mini/crypto/cng/dh.inl#L355 - This fixes the problem reported in - http://www.libssh2.org/mail/libssh2-devel-archive-2012-04/0021.shtml + With this change I am able to successfully connect from Windows 10 to my + ubuntu system. - Reported-by: Oleksiy Zagorskyi - -- Return LIBSSH2_ERROR_SOCKET_DISCONNECT on EOF when reading banner - -Guenter Knauf (17 Apr 2012) -- Fixed copyright year. + Refs: https://github.com/alexcrichton/ssh2-rs/issues/122 + Fixes: https://github.com/libssh2/libssh2/issues/388 + Closes: https://github.com/libssh2/libssh2/pull/397 -- Updated dependency lib versions in static makefiles. +GitHub (1 Jul 2020) +- [Zenju brought this change] -Daniel Stenberg (6 Apr 2012) -- version: bump to 1.4.2 + comp.c: Fix name clash with ZLIB macro "compress" (#418) - We're on the 1.4.2 track now (at least) - -Version 1.4.1 (4 Apr 2012) + File: comp.c + + Notes: + * Fix name clash with ZLIB macro "compress". + + Credit: + Zenju -Daniel Stenberg (4 Apr 2012) -- RELEASE-NOTES: updated for 1.4.1 release +- [yann-morin-1998 brought this change] -- always do "forced" window updates + buildsystem: drop custom buildconf script, rely on autoreconf (#224) + + Notes: + The buildconf script is currently required, because we need to copy a + header around, because it is used both from the library and the examples + sources. + + However, having a custom 'buildconf'-like script is not needed if we can + ensure that the header exists by the time it is needed. For that, we can + just append the src/ directory to the headers search path for the + examples. + + And then it means we no longer need to generate the same header twice, + so we remove the second one from configure.ac. - When calling _libssh2_channel_receive_window_adjust() internally, we now - always use the 'force' option to prevent libssh2 to avoid sending the - update if the update isn't big enough. + Now, we can just call "autoreconf -fi" to generate the autotools files, + instead of relying on the canned sequence in "buildconf", since + autoreconf has now long known what to do at the correct moment (future + versions of autotools, automake, autopoint, autoheader etc... may + require an other ordering, or other intermediate steps, etc...). - It isn't fully analyzed but we have seen corner cases which made a - necessary window update not get send due to this and then the other side - doesn't send data our side then sits waiting for forever. - -- channel_read: force window adjusts! + Eventually, get rid of buildconf now it is no longer needed. In fact, we + really keep it for legacy, but have it just call autoreconf (and print a + nice user-friendly warning). Don't include it in the release tarballs, + though. - if there's not enough room to receive the data that's being requested, - the window adjustment needs to be sent to the remote and thus the force - option has to be used. _libssh2_channel_receive_window_adjust() would - otherwise "queue" small window adjustments for a later packet but that - is really terribly for the small buffer read that for example is the - final little piece of a very large file as then there is no logical next - packet! + Update doc, gitignore, and travis-CI jobs accordingly. - Reported by: Armen Babakhanian - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0130.shtml + Credit: + Signed-off-by: "Yann E. MORIN" + Cc: Sam Voss -- [Paul Howarth brought this change] +- [Will Cosgrove brought this change] - aes: the init function fails when OpenSSL has AES support - - The internal init function only worked fine when the configure script - didn't detect the OpenSSL AES_CTR function! + libssh2.h: Update Diffie Hellman group values (#493) - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0111.shtml - Reported by: Paul Howarth - -- [Matthew Booth brought this change] - - transport_send: Finish in-progress key exchange before sending data + File: libssh2.h - _libssh2_channel_write() first reads outstanding packets before writing - new data. If it reads a key exchange request, it will immediately start - key re-exchange, which will require sending a response. If the output - socket is full, this will result in a return from - _libssh2_transport_read() of LIBSSH2_ERROR_EAGAIN. In order not to block - a write because there is no data to read, this error is explicitly - ignored and the code continues marshalling a packet for sending. When it - is sent, the remote end immediately drops the connection because it was - expecting a continuation of the key exchange, but got a data packet. + Notes: + Update the min, preferred and max DH group values based on RFC 8270. - This change adds the same check for key exchange to - _libssh2_transport_send() that is in _libssh2_transport_read(). This - ensures that key exchange is completed before any data packet is sent. + Credit: + Will Cosgrove, noted from email list by Mitchell Holland -- channel_write: acknowledge transport errors - - When draining data off the socket with _libssh2_transport_read() (which - in turn has to be done so that we can be sure to have read any possible - window-increasing packets), this code previously ignored errors which - could lead to nasty loops. Now all error codes except EAGAIN will cause - the error to be returned at once. - - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0068.shtml - Reported by: Matthew Booth +Marc Hoersken (22 Jun 2020) +- travis: use existing Makefile target to run checksrc -- [Steven Dake brought this change] +- Makefile: also run checksrc on test source files - In examples/x11.c, Make sure sizeof passed to read operation is correct - - sizeof(buf) expands to 8 or 4 (since its a pointer). This variable may - have been static in the past, leading to this error. - - Signed-off-by: Steven Dake +- tests: avoid use of deprecated function _sleep (#490) -- [Steven Dake brought this change] +- tests: avoid use of banned function strncat (#489) - Fix suspicious sizeof usage in examples/x11.c - - In the x11 example, sizeof(buf) = 8UL (on x86_64), when this should - probably represent the buffer size available. I am not sure how to - test that this change is actually correct, however. +- tests: satisfy checksrc regarding max line length of 79 chars - Signed-off-by: Steven Dake + Follow up to 2764bc8e06d51876b6796d6080c6ac51e20f3332 -- sftp_packet_read: follow-up fix for EAGAIN/window adjust +- tests: satisfy checksrc with whitespace only fixes - The commit in 7194a9bd7ba45 wasn't complete. This change makes sure - variables are initialized properly before used in the EAGAIN and window - adjust cases. + checksrc.pl -i4 -m79 -ASIZEOFNOPAREN -ASNPRINTF + -ACOPYRIGHT -AFOPENMODE tests/*.[ch] -- sftp_packet_add: use named error code instead of number +- tests: add support for ports published via Docker for Windows -- sftp_packet_add: verify the packet before accepting it - - In order to bail out as quickly as possible when things are wrong and - out of sync, make sure the SFTP message is one we understand. +- tests: restore retry behaviour for docker-machine ip command -- SFTP: preserve the original error code more - - Lots of places in the code translated the original error into the more - generic LIBSSH2_ERROR_SOCKET_TIMEOUT but this turns out to distort the - original error reason a lot and makes tracking down the real origin of a - problem really hard. This change makes the original error code be - preserved to a larger extent when return up to the parent function. +- tests: fix mix of declarations and code failing C89 compliance -- sftp_packet_read: adjust window size as necessary - - Commit 03ca9020756 tried to simplify the window sizing logic but broke - SFTP readdir as there was no window sizing code left there so large - directory listings no longer worked. - - This change introduces window sizing logic to the sftp_packet_read() - function so that it now tells the remote about the local size having a - window size that suffice when it is about to ask for directory data. - - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2012-03/0069.shtml - Reported by: Eric +- wincng: add and improve checks in bit counting function -- [Steven Dake brought this change] +- wincng: align bits to bytes calculation in all functions - Tell C compiler we don't care about return code of libssh2_init - - The call of libssh2_init returns a return code, but nothing could be done - within the _libssh2_init_if_needed execution path. +- wincng: do not disable key validation that can be enabled - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] + The modular exponentiation also works with key validation enabled. - Add comment indicating a resource leak is not really a resource leak - - While possibly obvious to those investigating the code, coverity complains - about this out of scope leak. +- wincng: fix return value in _libssh2_dh_secret - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] + Do not ignore return value of modular exponentiation. - Use safer snprintf rather then sprintf in scp_send() - - Signed-off-by: Steven Dake +- appveyor: build and run tests for WinCNG crypto backend -- [Steven Dake brought this change] +GitHub (1 Jun 2020) +- [suryakalpo brought this change] - Use safer snprintf rather then sprintf in scp_recv() - - While the buffer is indeed allocated to a safe length, better safe then sorry. + INSTALL_CMAKE.md: Update formatting (#481) - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] - - use snprintf in knownhost_writeline() rather then sprintf + File: INSTALL_CMAKE.md - Although the function checks the length, if the code was in error, there - could potentially be a buffer overrun with the use of sprintf. Instead replace - with snprintf. + Notes: + Although the original text would be immediately clear to seasoned users of CMAKE and/or Unix shell, the lack of newlines may cause some confusion for newcomers. Hence, wrapping the texts in a md code-block such that the newlines appear as intended. - Signed-off-by: Steven Dake - -- [Steven Dake brought this change] + credit: + suryakalpo - Add tracing to print packets left on session at libssh2_session_free +Marc Hoersken (31 May 2020) +- src: add new and align include guards in header files (#480) - Signed-off-by: Steven Dake + Make sure all include guards exist and follow the same format. -Peter Stuge (2 Mar 2012) -- Define and use LIBSSH2_INVALID_SOCKET instead of INVALID_SOCKET - - INVALID_SOCKET is a special value in Windows representing a - non-valid socket identifier. We were #defining this to -1 on - non-Windows platforms, causing unneccessary namespace pollution. - Let's have our own identifier instead. +- wincng: fix multiple definition of `_libssh2_wincng' (#479) - Thanks to Matt Lawson for pointing this out. + Add missing include guard and move global state + from header to source file by using extern. -- nw/Makefile.netware: Fix project name typo to avoid needless confusion +GitHub (28 May 2020) +- [Will Cosgrove brought this change] -- example/x11: Set raw terminal mode manually instead of with cfmakeraw() - - OpenSolaris has no cfmakeraw() so to make the example more portable - we simply do the equivalent operations on struct termios ourselves. + transport.c: moving total_num check from #476 (#478) - Thanks to Tom Weber for reporting this problem, and finding a solution. - -Daniel Stenberg (17 Feb 2012) -- sftp_write: cannot return acked data *and* EAGAIN + file: transport.c - Whenever we have acked data and is about to call a function that *MAY* - return EAGAIN we must return the number now and wait to get called - again. Our API only allows data *or* EAGAIN and we must never try to get - both. - -Peter Stuge (13 Feb 2012) -- example/x11: Build only when sys/un.h is found by configure + notes: + moving total_num zero length check from #476 up to the prior bounds check which already includes a total_num check. Makes it slightly more readable. - The example can't be built on systems without AF_UNIX sockets. + credit: + Will Cosgrove -Daniel Stenberg (10 Feb 2012) -- [Alexander Lamaison brought this change] +- [lutianxiong brought this change] - Simplified sftp_read. - - Removed the total_read variable that originally must have tracked how - much data had been written to the buffer. With non-blocking reads, we - must return straight away once we have read data into the buffer so this - variable served not purpose. + transport.c: fix use-of-uninitialized-value (#476) - I think it was still hanging around in case the initial processing of - 'leftover' data meant we wrote to the buffer but this case, like the - others, must return immediately. Now that it does, the last remaining - need for the variable is gone. - -- [Alexander Lamaison brought this change] - - Cleaned up sftp_read and added more explanation. + file:transport.c - Replaced the gotos which were implementing the state machine with - a switch statement which makes the states more explicit. - -- sftp_read: avoid data *and* EAGAIN + notes: + return error if malloc(0) - Whenever we have data and is about to call a function that *MAY* return - EAGAIN we must return the data now and wait to get called again. Our API - only allows data *or* EAGAIN and we must never try to get both. - -Peter Stuge (2 Feb 2012) -- Add a tcpip-forward example which demonstrates remote port forwarding + credit: + lutianxiong -- libssh2.h: Add missing prototype for libssh2_session_banner_set() +- [Dr. Koutheir Attouchi brought this change] -- example/subsystem_netconf.c: Return error when read buffer is too small + libssh2_sftp.h: Changed type of LIBSSH2_FX_* constants to unsigned long, fixes #474 - Also remove a little redundancy in the read loop condition. - -- example/subsystem_netconf.c: Add a missing newline in an error message - -- Fix undefined reference to _libssh_error in libgcrypt backend + File: + libssh2_sftp.h - Commit 209de22299b4b58e582891dfba70f57e1e0492db introduced a function - call to a non-existing function, and since then the libgcrypt backend - has not been buildable. - -Version 1.4.0 (31 Jan 2012) - -Daniel Stenberg (31 Jan 2012) -- RELEASE-NOTES: synced with 6bd584d29 for 1.4.0 - -- s/1.3.1/1.4.0 + Notes: + Error constants `LIBSSH2_FX_*` are only returned by `libssh2_sftp_last_error()` which returns `unsigned long`. + Therefore these constants should be defined as unsigned long literals, instead of int literals. - We're bumping the minor number - -- [Jernej Kovacic brought this change] - - libssh2_session_supported_algs: fix compiler warning - -- [Jernej Kovacic brought this change] - - session_supported_algs docs: added an example + Credit: + Dr. Koutheir Attouchi -- [Gellule Xg brought this change] +- [monnerat brought this change] - sftp-seek: clear EOF flag + os400qc3.c: constify libssh2_os400qc3_hash_update() data parameter. (#469) - Set the EOF flag to False when calling seek64 to be able to get some - data back on a following read - -- [Peter Krempa brought this change] - - userauth: Provide more informations if ssh pub key extraction fails + Files: os400qc3.c, os400qc3.h - If the function that extracts/computes the public key from a private key - fails the errors it reports were masked by the function calling it. This - patch modifies the key extraction function to return errors using - _libssh_error() function. The error messages are tweaked to contain - reference to the failed operaton in addition to the reason. + Notes: + Fixes building on OS400. #426 - * AUTHORS: - add my name - * libgcrypt.c: _libssh2_pub_priv_keyfile(): - return a more verbose - error using - _libssh2_error() func. - * openssl.c: - modify call graph of _libssh2_pub_priv_keyfile() to use - _libssh2_error for error reporting(); - * userauth.c: - tweak functions calling _libssh2_pub_priv_keyfile() not - to shadow error messages + Credit: + Reported-by: hjindra on github, dev by Monnerat -- TODO: remove issues we (sort of) did already +- [monnerat brought this change] -- ssh2_exec: skip error outputs for EAGAIN + HACKING.CRYPTO: keep up to date with new crypto definitions from code. (#466) - Since the example uses non-blocking mode, it will just flood the output - with this "nonsense" error. - -Guenter Knauf (30 Nov 2011) -- Some NetWare makefile tweaks. - -Daniel Stenberg (18 Nov 2011) -- LIBSSH2_SFTP_PACKET_MAXLEN: increase to 80000 + File: HACKING.CRYPTO - Some SFTP servers send SFTP packets larger than 40000. Since the limit - is only present to avoid insane sizes anyway, we can easily bump it. + Notes: + This commit updates the HACKING.CRYPTO documentation file in an attempt to make it in sync with current code. + New documented features are: - The define was formerly in the public header libssh2_sftp.h but served - no external purpose and was moved into the source dir. + SHA384 + SHA512 + ECDSA + ED25519 - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2011-11/0004.shtml - Reported by: Michael Harris + Credit: + monnerat -Alexander Lamaison (18 Nov 2011) -- [Peter Krempa brought this change] +- [Harry Sintonen brought this change] - knownhost_check(): Don't dereference ext if NULL is passed + kex.c: Add diffie-hellman-group14-sha256 Key Exchange Method (#464) - Documentation for libssh2_knownhost_checkp() and related functions - states that the last argument is filled with data if non-NULL. + File: kex.c - "knownhost if set to non-NULL, it must be a pointer to a 'struct - libssh2_knownhost' pointer that gets filled in to point to info about a - known host that matches or partially matches." + Notes: Added diffie-hellman-group14-sha256 kex - In this function ext is dereferenced even if set to NULL, causing - segfault in applications not needing the extra data. + Credit: Harry Sintonen -Daniel Stenberg (11 Nov 2011) -- [Peter Krempa brought this change] +- [Will Cosgrove brought this change] - knownhost_add: Avoid dereferencing uninitialized memory on error path. - - In function knownhost_add, memory is alocated for a new entry. If normal - alocation is used, memory is not initialized to 0 right after, but a - check is done to verify if correct key type is passed. This test is done - BEFORE setting the memory to null, and on the error path function - free_host() is called, that tries to dereference unititialized memory, - resulting into a glibc abort(). + os400qc3.h: define sha512 macros (#465) - * knownhost.c - knownhost_add(): - move typemask check before alloc + file: os400qc3.h + notes: fixes for building libssh2 1.9.x -- windows build: add define to avoid compiler warning - - A recent mingw compiler has started to complain on "#warning Please - include winsock2.h before windows.h" unless the magic define is set - first. +- [Will Cosgrove brought this change] + + os400qc3.h: define EC types to fix building #426 (#462) - Reported by: Vincent Torri - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2011-10/0064.shtml + File: os400qc3.h + Notes: define missing EC types which prevents building + Credit: hjindra -Henrik Nordstrom (31 Oct 2011) -- [Vincent Torri brought this change] +- [Brendan Shanks brought this change] - Correct Windows include file name case, simplifying cross-compilation + hostkey.c: Fix 'unsigned int'/'uint32_t' mismatch (#461) - When cross compiling to Windows, libssh2.h include Windows header files - with upper case filenames : BaseTsd.h and WinSock2.h. + File: hostkey.c - These files have lowercase names with mingw-w64 (iirc, it's the same with - mingw). And as on Windows, being lowercase or uppercase does not matter. - -Daniel Stenberg (25 Oct 2011) -- [Jernej Kovacic brought this change] - - libssh2_session_supported_algs: added - -- [Kamil Dudka brought this change] - - example/sftp_RW_nonblock: do not ignore LIBSSH2_ERROR_EAGAIN + Notes: + These types are the same size so most compilers are fine with it, but CodeWarrior (on classic MacOS) throws an ‘illegal implicit conversion’ error - Bug: https://bugzilla.redhat.com/745420 + Credit: Brendan Shanks -Peter Stuge (5 Oct 2011) -- example/ssh2_agent: Print host key fingerprint before authentication - - Also moves the comment about not being authenticated to before the - agent authentication takes place, so that it better matches the code. +- [Thomas Klausner brought this change] -Daniel Stenberg (29 Sep 2011) -- OpenSSL EVP: fix threaded use of structs + Makefile.am: Fix unportable test(1) operator. (#459) - Make sure we don't clear or reset static structs after first init so - that they work fine even when used from multiple threads. Init the - structs in the global init. + file: Makefile.am - Help and assistance by: John Engstrom + Notes: + The POSIX comparison operator for test(1) is =; bash supports == but not even test from GNU coreutils does. - Fixes #229 (again) + Credit: + Thomas Klausner + +- [Tseng Jun brought this change] -- openssl: don't init static structs differently + openssl.c: minor changes of coding style (#454) - make_ctr_evp() is changed to take a struct pointer, and then each - _libssh2_EVP_aes_[keylen]_ctr function is made to pass in their own - static struct + File: openssl.c + + Notes: + minor changes of coding style and align preprocessor conditional for #439 - Reported by: John Engstrom - Fixes #229 + Credit: + Tseng Jun -Guenter Knauf (27 Sep 2011) -- Removed obsolete include path. +- [Hans Meier brought this change] -Daniel Stenberg (21 Sep 2011) -- read_state: clear the state variable better + openssl.c: Fix for use of uninitialized aes_ctr_cipher.key_len (#453) - Set read_state back to idle before trying to send anything so that if - the state somehow is wrongly set. + File: + Openssl.c - Also, avoid such a case of confusion by resetting the read_state when an - sftp handle is closed. - -- sftp_read: remove leftover fprintf + Notes: + * Fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression from #439 - Reported by: Alexander Lamaison - -- sftp.h: fix the #ifdef to prevent multiple inclusions + Credit: + Hans Meirer, Tseng Jun -- sftp_read: use a state variable to avoid bad writes - - When a channel_write call has gotten an EAGAIN back, we try harder to - continue the same write in the subsequent invoke. +- [Zenju brought this change] -- window_size: explicit adjustments only + agent.c: Fix Unicode builds on Windows (#417) - Removed the automatic window_size adjustments from - _libssh2_channel_read() and instead all channel readers must now make - sure to enlarge the window sizes properly themselves. + File: agent.c - libssh2_channel_read_ex() - the public function, now grows the window - size according to the requested buffer size. Applications can still opt - to grow the window more on demand. Larger windows tend to give higher - performance. + Notes: + Fixes unicode builds for Windows in Visual Studio 16.3.2. - sftp_read() now uses the read-ahead logic to figure out a window_size. + Credit: + Zenju -- libssh2.h: bump the default window size to 256K +- [Hans Meier brought this change] -- libssh2_userauth_keyboard_interactive.3: fix man warning + openssl.c: Fix use-after-free crash in openssl backend without memory leak (#439) - It seemed to occur due to the excessive line length - -- [Mikhail Gusarov brought this change] - - Add missing .gitignore entries - -- [Mikhail Gusarov brought this change] - - Add manpage syntax checker to 'check' target + Files: openssl.c - In virtually every libssh2 release Debian's lintian catches syntax errors in - manpages. Prevent it by checking manpages as a part of testsuite. - -- libssh2_banner_set.3: fix nroff syntax mistake - -Guenter Knauf (10 Sep 2011) -- Use predefined resource compiler macro. - -- Added casts to silent compiler warnings. - -- Fixed uint64_t printf. - -- Fixed macro function signatures. - -- NetWare makefile tweaks. - -- Removed unused var. - -- Added 2 samples not mentioned. - -- Dont build x11 sample with MinGW. - -- Fixed executable file description. - -- Removed unused var. - -- Kill stupid gcc 3.x uninitialized warning. - -- Build all examples. - -- More MinGW makefile tweaks. + Notes: + Fixes memory leaks and use after free AES EVP_CIPHER contexts when using OpenSSL 1.0.x. - Renamed *.mingw makefiles to GNUmakefile since GNU make picks these - up automatically, and therefore win32/Makefile removed. + Credit: + Hans Meier -- Removed forgotten WINSOCK_VERSION defines. +- [Romain Geissler @ Amadeus brought this change] -Daniel Stenberg (9 Sep 2011) -- libssh2_session_startup(3) => libssh2_session_handshake(3) + Session.c: Fix undefined warning when mixing with LTO-enabled libcurl. (#449) - Propagate for the current function in docs and examples. - libssh2_session_startup() is deprecated. - -- libssh2_banner_set => libssh2_session_banner_get + File: Session.c - Marked the old function as deprecated. Added the new name in the correct - name space with the same arguments and functionality. - -- new function: libssh2_session_banner_get + Notes: + With gcc 9, libssh2, libcurl and LTO enabled for all binaries I see this + warning (error with -Werror): - Returns the banner from the server handshake + vssh/libssh2.c: In function ‘ssh_statemach_act’: + /data/mwrep/rgeissler/ospack/ssh2/BUILD/libssh2-libssh2-03c7c4a/src/session.c:579:9: error: ‘seconds_to_next’ is used uninitialized in this function [-Werror=uninitialized] + 579 | int seconds_to_next; + | ^ + lto1: all warnings being treated as errors - Fixes #226 - -- libssh2.h: bump version to 1.4.0 for new function(s) - -- remove embedded CVS/svn tags + Gcc normally issues -Wuninitialized when it is sure there is a problem, + and -Wmaybe-uninitialized when it's not sure, but it's possible. Here + the compiler seems to have find a real case where this could happen. I + looked in your code and overall it seems you always check if the return + code is non null, not often that it's below zero. I think we should do + the same here. With this patch, gcc is fine. + + Credit: + Romain-Geissler-1A -- [liuzl brought this change] +- [Zenju brought this change] - API add:libssh2_sftp_get_channel + transport.c: Fix crash with delayed compression (#443) - Return the channel of sftp, then caller can - control the channel's behavior. + Files: transport.c - Signed-off-by: liuzl - -- _libssh2_channel_read: react on errors from receive_window_adjust + Notes: + Fixes crash with delayed compression option using Bitvise server. - Previously the function would ignore all errors except for EAGAIN. + Contributor: + Zenju -- sftp_read: extend and clarify the documentation +- [Will Cosgrove brought this change] -- sftp_read: cap the read ahead maximum amount + Update INSTALL_MAKE path to INSTALL_MAKE.md (#446) - Now we only go up to LIBSSH2_CHANNEL_WINDOW_DEFAULT*30 bytes SFTP read - ahead, which currently equals 64K*30 == 1966080 bytes. + Included for #429 -- _libssh2_channel_read: fix non-blocking window adjusting - - If EAGAIN is returned when adjusting the receive window, we must not - read from the transport directly until we've finished the adjusting. +- [Will Cosgrove brought this change] -Guenter Knauf (8 Sep 2011) -- Fix for systems which need sys/select.h. + Update INSTALL_CMAKE filename to INSTALL_CMAKE.md (#445) + + Fixing for #429 -- The files were not gone but renamed ... +- [Wallace Souza brought this change] -Daniel Stenberg (6 Sep 2011) -- sftp_read: added documenting comment + Rename INSTALL_CMAKE to INTALL_CMAKE.md (#429) - Taken from some recent email conversations I added some descriptions of - the logic in sftp_read() to aid readers. - -- 1.3.1: start the work + Adding Markdown file extension in order to Github render the instructions properly -Version 1.3.0 (6 Sep 2011) +Will Cosgrove (17 Dec 2019) +- [Daniel Stenberg brought this change] -Daniel Stenberg (6 Sep 2011) -- Makefile.am: the Makefile.win32 files are gone + include/libssh2.h: fix comment: the known host key uses 4 bits (#438) -- RELEASE-NOTES: updated for 1.3.0 +- [Zenju brought this change] -- sftp_read: a short read is not end of file + ssh-ed25519: Support PKIX + calc pubkey from private (#416) + + Files: openssl.c/h + Author: Zenju + Notes: + Adds support for PKIX key reading by fixing: - A returned READ packet that is short will now only reduce the - offset. + _libssh2_pub_priv_keyfile() is missing the code to extract the ed25519 public key from a given private key - This is a temporary fix as it is slightly better than the previous - approach but still not very good. + _libssh2_ed25519_new_private_frommemory is only parsing the openssh key format but does not understand PKIX (as retrieved via PEM_read_bio_PrivateKey) -- [liuzl brought this change] +GitHub (15 Oct 2019) +- [Will Cosgrove brought this change] - _libssh2_packet_add: adjust window size when truncating + .travis.yml: Fix Chrome and 32 bit builds (#423) - When receiving more data than what the window size allows on a - particular channel, make sure that the window size is adjusted in that - case too. Previously it would only adjust the window in the non-error - case. + File: .travis.yml + + Notes: + * Fix Chrome installing by using Travis build in directive + * Update to use libgcrypt20-dev package to fix 32 bit builds based on comments found here: + https://launchpad.net/ubuntu/xenial/i386/libgcrypt11-dev -Guenter Knauf (29 Aug 2011) -- Silent compiler warning with MinGW64. +- [Will Cosgrove brought this change] -- Fixed link to native Win32 awk tool. + packet.c: improved parsing in packet_x11_open (#410) + + Use new API to parse data in packet_x11_open() for better bounds checking. -- Renamed MinGW makefiles. +Will Cosgrove (12 Sep 2019) +- [Michael Buckley brought this change] -- Some MinGW makefile tweaks. + knownhost.c: Double the static buffer size when reading and writing known hosts (#409) - Enable build without GNU tools and with MinGW64 compiler. - -- Fixed aes_ctr_do_cipher() signature. + Notes: + We had a user who was being repeatedly prompted to accept a server key repeatedly. It turns out the base64-encoded key was larger than the static buffers allocated to read and write known hosts. I doubled the size of these buffers. + + Credit: + Michael Buckley -Daniel Stenberg (26 Aug 2011) -- [liuzl brought this change] +GitHub (4 Sep 2019) +- [Will Cosgrove brought this change] - libssh2_sftp_seek64: flush packetlist and buffered data + packet.c: improved packet parsing in packet_queue_listener (#404) - When seeking to a new position, flush the packetlist and buffered data - to prevent already received or pending data to wrongly get used when - sftp-reading from the new offset within the file. - -- sftp_read: advance offset correctly for buffered copies + * improved bounds checking in packet_queue_listener - In the case where a read packet has been received from the server, but - the entire contents couldn't be copied to the user-buffer, the data is - instead buffered and copied to the user's buffer in the next invocation - of sftp_read(). When that "extra" copy is made, the 'offset' pointer was - not advanced accordingly. + file: packet.c - The biggest impact of this flaw was that the 'already' variable at the - top of the function that figures out how much data "ahead" that has - already been asked for would slowly go more and more out of sync, which - could lead to the file not being read all the way to the end. + notes: + improved parsing packet in packet_queue_listener + +- [Will Cosgrove brought this change] + + packet.c: improve message parsing (#402) - This problem was most noticable in cases where the application would - only try to read the exact file size amount, like curl does. In the - examples libssh2 provides the sftp read function is most often called - with a fixed size large buffer and then the bug would not appear as - easily. + * packet.c: improve parsing of packets - This bug was introduced in the SFTP rewrite in 1.2.8. + file: packet.c - Bug: http://curl.haxx.se/mail/lib-2011-08/0305.html - http://www.libssh2.org/mail/libssh2-devel-archive-2011-08/0085.shtml - -- wrap some long lines < 80 columns - -- LIBSSH2_RECV: fix typo, use the RECV_FD macro - -- subsystem_netconf.c: fix compiler warnings - -- [Henrik Nordstrom brought this change] - - Custom callbacks for performing low level socket I/O - -- version bump: start working towards 1.3.0 - -Version 1.2.9 (16 Aug 2011) - -Daniel Stenberg (16 Aug 2011) -- RELEASE-NOTES: synced with 95d69d3a81261 - -- [Henrik Nordstrom brought this change] - - Document prototypes for macro defined functions - -- [Henrik Nordstrom brought this change] + notes: + Use _libssh2_get_string API in SSH_MSG_DEBUG/SSH_MSG_DISCONNECT. Additional uint32 bounds check in SSH_MSG_GLOBAL_REQUEST. - Avoid reuse after free when closing X11 channels +- [Will Cosgrove brought this change] -- _libssh2_channel_write: handle window_size == 0 better + misc.c: _libssh2_ntohu32 cast bit shifting (#401) - When about to send data on the channel and the window size is 0, we must - not just return 0 if the transport_read() function returned EAGAIN as it - then causes a busy-loop. + To quite overly aggressive analyzers. - Bug: http://libssh2.org/mail/libssh2-devel-archive-2011-08/0011.shtml + Note, the builds pass, Travis is having some issues with Docker images. + +- [Will Cosgrove brought this change] -- gettimeofday: fix name space pollution + kex.c: improve bounds checking in kex_agree_methods() (#399) - For systems without its own gettimeofday() implementation, we still must - not provide one outside our namespace. + file: kex.c - Reported by: Bill Segall - -Dan Fandrich (5 Aug 2011) -- libssh2.pc.in: Fixed spelling in pkgconfig file - -Peter Stuge (17 Jul 2011) -- example/subsystem_netconf.c: Add missing #include - -- example/subsystem_netconf.c: Discard ]]>]]> and return only XML response + notes: + use _libssh2_get_string instead of kex_string_pair which does additional checks -- example/subsystem_netconf.c: Fix uninitialized variable bug +Will Cosgrove (23 Aug 2019) +- [Fabrice Fontaine brought this change] -- example: Add subsystem_netconf.c + acinclude.m4: add mbedtls to LIBS (#371) + + Notes: + This is useful for static builds so that the Libs.private field in + libssh2.pc contains correct info for the benefit of pkg-config users. + Static link with libssh2 requires this information. - This example demonstrates how to use libssh2 to send a request to - the NETCONF subsystem available e.g. in JunOS. + Signed-off-by: Baruch Siach + [Retrieved from: + https://git.buildroot.net/buildroot/tree/package/libssh2/0002-acinclude.m4-add-mbedtls-to-LIBS.patch] + Signed-off-by: Fabrice Fontaine - See also http://tools.ietf.org/html/draft-ietf-netconf-ssh-06 + Credit: + Fabrice Fontaine -Daniel Stenberg (16 Jul 2011) -- man page cleanups: non-existing functions need no man pages +- [jethrogb brought this change] -- libssh2_new_host_entry.3: removed + Generate debug info when building with MSVC (#178) - This is just junk leftovers. - -- userauth_keyboard_interactive: fix buffer overflow + files: CMakeLists.txt - Partly reverse 566894494b4972ae12 which was simplifying the code far too - much and ended up overflowing a buffer within the LIBSSH2_SESSION - struct. Back to allocating the buffer properly like it used to do. + notes: Generate debug info when building with MSVC - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2011-06/0032.shtml - Reported by: Alfred Gebert - -- keyboard-interactive man page: cleaned up + credit: + jethrogb -- [Alfred Gebert brought this change] +- [Panos brought this change] - _libssh2_recv(): handle ENOENT error as EAGAIN - - A sftp session failed with error "failure establishing ssh session" on - Solaris and HP-UX. Sometimes the first recv() function call sets errno - to ENOENT. In the man pages for recv of Solaris and HP-UX the error - ENOENT is not documented. + Add agent forwarding implementation (#219) - I tested Solaris SPARC and x86, HP-UX i64, AIX, Windows and Linux. - -- agent_list_identities: fix out of scope access + files: channel.c, test_agent_forward_succeeds.c, libssh2_priv.h, libssh2.h, ssh2_agent_forwarding.c - An auto variable out of scope was being referenced and used. + notes: + * Adding SSH agent forwarding. + * Fix agent forwarding message, updated example. + Added integration test code and cmake target. Added example to cmake list. - fixes #220 + credit: + pkittenis -- _libssh2_wait_socket: fix timeouts for poll() uses +GitHub (2 Aug 2019) +- [Will Cosgrove brought this change] -- windows: inclusion fix + Update EditorConfig - include winsock2.h for all windows compilers + Added max_line_length = 80 -- keyb-interactive: add the fixed buffer - - Belongs to commit 5668944 +- [Will Cosgrove brought this change] -- code cleanup: don't use C99/c++ comments + global.c : fixed call to libssh2_crypto_exit #394 (#396) - We aim for C89 compliance - -- keyb-interactive: allow zero length fields + * global.c : fixed call to libssh2_crypto_exit #394 - Allow zero length fields so they don't cause malloc(0) calls + File: global.c - Avoid free()ing NULL pointers + Notes: Don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count is down to zero. - Avoid a malloc of a fixed 5 byte buffer. + Credit: seba30 -- libssh2_channel_process_startup.3: clean up +Will Cosgrove (30 Jul 2019) +- [hlefebvre brought this change] + + misc.c : Add an EWOULDBLOCK check for better portability (#172) - Remove the references to the macro-fied shortcuts as they have their own - individual man pages. + File: misc.c - Made the prototype different and more readable. - -- man page: fix .BR lines + Notes: Added support for all OS' that implement EWOULDBLOCK, not only VMS - We don't use \fI etc on .BR lines + Credit: hlefebvre -- userauth_keyboard_interactive: skip code on zero length auth +- [Etienne Samson brought this change] -- libssh2_channel_forward_accept.3: mention how to get error + userauth.c: fix off by one error when loading public keys with no id (#386) - Since this returns a pointer, libssh2_session_last_errno() must be used - to get the actual error code and it wasn't that clear before. - -- timeout docs: mention they're added in 1.2.9 - -- sftp_write_sliding.c: indent fix + File: userauth.c - Use the standard indenting and removed CVS leftover comment - -- [zl liu brought this change] - - sftp_write_sliding: send the complete file + Credit: + Etienne Samson - When reaching the end of file there can still be data left not sent. - -- [Douglas Masterson brought this change] - - session_startup: init state properly + Notes: + Caught by ASAN: + + ================================================================= + ==73797==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700001bcf0 at pc 0x00010026198d bp 0x7ffeefbfed30 sp 0x7ffeefbfe4d8 + READ of size 69 at 0x60700001bcf0 thread T0 + 2019-07-04 08:35:30.292502+0200 atos[73890:2639175] examining /Users/USER/*/libssh2_clar [73797] + #0 0x10026198c in wrap_memchr (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f98c) + #1 0x1000f8e66 in file_read_publickey userauth.c:633 + #2 0x1000f2dc9 in userauth_publickey_fromfile userauth.c:1513 + #3 0x1000f2948 in libssh2_userauth_publickey_fromfile_ex userauth.c:1590 + #4 0x10000e254 in test_userauth_publickey__ed25519_auth_ok publickey.c:69 + #5 0x1000090c3 in clar_run_test clar.c:260 + #6 0x1000038f3 in clar_run_suite clar.c:343 + #7 0x100003272 in clar_test_run clar.c:522 + #8 0x10000c3cc in main runner.c:60 + #9 0x7fff5b43b3d4 in start (libdyld.dylib:x86_64+0x163d4) - libssh2_session_startup() didn't set the state correctly so it could get - confused. + 0x60700001bcf0 is located 0 bytes to the right of 80-byte region [0x60700001bca0,0x60700001bcf0) + allocated by thread T0 here: + #0 0x10029e053 in wrap_malloc (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x5c053) + #1 0x1000b4978 in libssh2_default_alloc session.c:67 + #2 0x1000f8aba in file_read_publickey userauth.c:597 + #3 0x1000f2dc9 in userauth_publickey_fromfile userauth.c:1513 + #4 0x1000f2948 in libssh2_userauth_publickey_fromfile_ex userauth.c:1590 + #5 0x10000e254 in test_userauth_publickey__ed25519_auth_ok publickey.c:69 + #6 0x1000090c3 in clar_run_test clar.c:260 + #7 0x1000038f3 in clar_run_suite clar.c:343 + #8 0x100003272 in clar_test_run clar.c:522 + #9 0x10000c3cc in main runner.c:60 + #10 0x7fff5b43b3d4 in start (libdyld.dylib:x86_64+0x163d4) - Fixes #218 + SUMMARY: AddressSanitizer: heap-buffer-overflow (libclang_rt.asan_osx_dynamic.dylib:x86_64h+0x1f98c) in wrap_memchr + Shadow bytes around the buggy address: + 0x1c0e00003740: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fd fd + 0x1c0e00003750: fd fd fd fd fd fd fd fa fa fa fa fa 00 00 00 00 + 0x1c0e00003760: 00 00 00 00 00 00 fa fa fa fa 00 00 00 00 00 00 + 0x1c0e00003770: 00 00 00 fa fa fa fa fa fd fd fd fd fd fd fd fd + 0x1c0e00003780: fd fd fa fa fa fa fd fd fd fd fd fd fd fd fd fa + =>0x1c0e00003790: fa fa fa fa 00 00 00 00 00 00 00 00 00 00[fa]fa + 0x1c0e000037a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x1c0e000037b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x1c0e000037c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x1c0e000037d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + 0x1c0e000037e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa + Shadow byte legend (one shadow byte represents 8 application bytes): + Addressable: 00 + Partially addressable: 01 02 03 04 05 06 07 + Heap left redzone: fa + Freed heap region: fd + Stack left redzone: f1 + Stack mid redzone: f2 + Stack right redzone: f3 + Stack after return: f5 + Stack use after scope: f8 + Global redzone: f9 + Global init order: f6 + Poisoned by user: f7 + Container overflow: fc + Array cookie: ac + Intra object redzone: bb + ASan internal: fe + Left alloca redzone: ca + Right alloca redzone: cb + Shadow gap: cc -- timeout: added man pages +- [Thilo Schulz brought this change] -- BLOCK_ADJUST_ERRNO: move rc to right level + openssl.c : Fix use-after-free crash on reinitialization of openssl backend - We can't declare the variable within the block and use it in the final - do-while() expression to be properly portable C89. + file : openssl.c + + notes : + libssh2's openssl backend has a use-after-free condition if HAVE_OPAQUE_STRUCTS is defined and you call libssh2_init() again after prior initialisation/deinitialisation of libssh2 + + credit : Thilo Schulz -- [Matt Lilley brought this change] +- [axjowa brought this change] - adds a timeout to blocking calls + openssl.h : Use of ifdef where if should be used (#389) - Fixes bug #160 as per Daniel's suggestion + File : openssl.h - Adds libssh2_session_set_timeout() and libssh2_session_get_timeout() - -- SCP: fix incorrect error code + Notes : + LIBSSH2_ECDSA and LIBSSH2_ED25519 are always defined so the #ifdef + checks would never be false. - After an error occurs in libssh2_scp_recv() or libssh2_scp_send(), the - function libssh2_session_last_error() would return - LIBSSH2_ERROR_SOCKET_NONE on error. + This change makes it possible to build libssh2 against OpenSSL built + without EC support. - Bug: http://trac.libssh2.org/ticket/216 - Patch by: "littlesavage" + Change-Id: I0a2f07c2d80178314dcb7d505d1295d19cf15afd - Fixes #216 + Credit : axjowa -Guenter Knauf (19 Apr 2011) -- Updated default (recommended) dependency versions. +- [Zenju brought this change] -Daniel Stenberg (17 Apr 2011) -- libssh2_session_block_directions: fix mistake + Agent.c : Preserve error info from agent_list_identities() (#374) - The last LIBSSH2_SESSION_BLOCK_INBOUND should be - LIBSSH2_SESSION_BLOCK_OUTBOUND + Files : agent.c - And I shortened the short description + Notes : + Currently the error details as returned by agent_transact_pageant() are overwritten by a generic "agent list id failed" message by int agent_list_identities(LIBSSH2_AGENT* agent). - Reported by: "drswinghead" + Credit : + Zenju -- msvcproj: added libs and debug stuff +- [Who? Me?! brought this change] + + Channel.c: Make sure the error code is set in _libssh2_channel_open() (#381) - Added libraries needed to link whether using openssl dynamically or - statically + File : Channel.c - Added LIBSSH2DEBUG define to debug versions to enable tracing + Notes : + if _libssh2_channel_open() fails, set the error code. - URL: http://trac.libssh2.org/ticket/215 - Patch by: Mark Smith + Credit : + mark-i-m -- sftp_write: clean offsets on error +- [Orgad Shaneh brought this change] + + Kex.c, Remove unneeded call to strlen (#373) + + File : Kex.c + + Notes : + Removed call to strlen - When an error has occurred on FXP_WRITE, we must make sure that the - offset, sent offset and acked counter are reset properly. + Credit : + Orgad Shaneh -- example/.gitignore: ignore built binaries +- [Pedro Monreal brought this change] -- sftp_write: flush the packetlist on error + Spelling corrections (#380) - When an error occurs during write, flush the entire list of pending - outgoing SFTP packets. - -- keepalive: add first basic man pages + Files : + libssh2.h, libssh2_sftp.h, bcrypt_pbkdf.c, mbedtls.c, sftp.c, ssh2.c - Someone on IRC pointed out that we don't have these documented so I - wrote up a first set based on the information in the wiki: - http://trac.libssh2.org/wiki/KeepAlive - -- scp_write_nonblock.c: remove pointless check + Notes : + * Fixed misspellings - libssh2_channel_write() cannot return a value that is larger than the - input length value + Credit : + Pedro Monreal -Mikhail Gusarov (9 Apr 2011) -- s/\.NF/.nf/ to fix wrong macro name caught by man --warnings +- [Sebastián Katzer brought this change] -Daniel Stenberg (6 Apr 2011) -- version: bump to 1.2.9_dev + Fix Potential typecast error for `_libssh2_ecdsa_key_get_curve_type` (#383) - Also update the copyright year range to include 2011 - -- configure: fix $VERSION + Issue : #383 - Stop using the $VERSION variable as it seems to be magically used by - autoconfig itself and thus gets set to the value set in AC_INIT() - without us wanting that. $LIBSSH2VER is now the libssh2 version as - detected. + Files : hostkey.c, crypto.h, openssl.c + + Notes : + * Fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type` + * Rename _libssh2_ecdsa_key_get_curve_type to _libssh2_ecdsa_get_curve_type - Reported by: Paul Howarth - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2011-04/0008.shtml + Credit : + Sebastián Katzer -- maketgz: use git2news.pl by the correct name +GitHub (20 Jun 2019) +- [Will Cosgrove brought this change] -Version 1.2.8 (4 Apr 2011) + bump copyright date -Daniel Stenberg (4 Apr 2011) -- RELEASE-NOTES: synced with fabf1a45ee +Version 1.9.0 (19 Jun 2019) -- NEWS: auto-generated from git - - Starting now, the NEWS file is generated from git using the git2news.pl - script. This makes it always accurate and up-to-date, even for daily - snapshots etc. +GitHub (19 Jun 2019) +- [Will Cosgrove brought this change] -- sftp_write: handle FXP_WRITE errors - - When an sftp server returns an error back on write, make sure the - function bails out and returns the proper error. + 1.9 Formatting -- configure: stop using the deprecated AM_INIT_AUTOMAKE syntax +- [Will Cosgrove brought this change] -Alexander Lamaison (13 Mar 2011) -- Support unlimited number of host names in a single line of the known_hosts file. - - Previously the code assumed either a single host name or a hostname,ip-address pair. However, according to the spec [1], there can be any number of comma separated host names or IP addresses. - - [1] http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8 + 1.9 Release notes -Daniel Stenberg (26 Feb 2011) -- libssh2_knownhost_readfile.3: clarify return value - - This function returns the number of parsed hosts on success, not just - zero as previously documented. +Will Cosgrove (17 May 2019) +- [Alexander Curtiss brought this change] -Peter Stuge (26 Feb 2011) -- Don't save allocated packet size until it has actually been allocated + libgcrypt.c : Fixed _libssh2_rsa_sha1_sign memory leak. (#370) - The allocated packet size is internal state which needs to match reality - in order to avoid problems. This commit fixes #211. + File: libgcrypt.c + + Notes : Added calls to gcry_sexp_release to free memory allocated by gcry_sexp_find_token + + Credit : + Reporter : beckmi + PR by: Alexander Curtiss -Daniel Stenberg (21 Feb 2011) -- [Alfred Gebert brought this change] +- [Orivej Desh brought this change] - session_startup: manage server data before server identification + libssh2_priv.h : Fix musl build warning on sys/poll.h (#346) + + File : libssh2_priv.h - Fix the bug that libssh2 could not connect if the sftp server - sends data before sending the version string. + Notes : + musl prints `redirecting incorrect #include to ` + http://git.musl-libc.org/cgit/musl/commit/include/sys/poll.h?id=54446d730cfb17c5f7bcf57f139458678f5066cc - http://tools.ietf.org/html/rfc4253#section-4.2 + poll is defined by POSIX to be in poll.h: + http://pubs.opengroup.org/onlinepubs/7908799/xsh/poll.html - "The server MAY send other lines of data before sending the version - string. Each line SHOULD be terminated by a Carriage Return and Line - Feed. Such lines MUST NOT begin with "SSH-", and SHOULD be encoded - in ISO-10646 UTF-8 [RFC3629] (language is not specified). Clients - MUST be able to process such lines." + Credit : Orivej Desh -- [Alfred Gebert brought this change] +GitHub (1 May 2019) +- [Will Cosgrove brought this change] - fullpacket: decompression only after init + kex.c : additional bounds checks in diffie_hellman_sha1/256 (#361) - The buffer for the decompression (remote.comp_abstract) is initialised - in time when it is needed. With this fix decompression is disabled when - the buffer (remote.comp_abstract) is not initialised. + Files : kex.c, misc.c, misc.h - Bug: http://trac.libssh2.org/ticket/200 - -- _libssh2_channel_read: store last error + Notes : + Fixed possible out of bounds memory access when reading malformed data in diffie_hellman_sha1() and diffie_hellman_sha256(). - When the transport layer returns EAGAIN this function didn't call - _libssh2_error() which made the last_error not get set. + Added _libssh2_copy_string() to misc.c to return an allocated and filled char buffer from a string_buf offset. Removed no longer needed s var in kmdhgGPshakex_state_t. -- sftp_write: clarified the comment header +Will Cosgrove (26 Apr 2019) +- [Tseng Jun brought this change] -- sftp_read: avoid wrapping counter to insanity + sftp.c : sftp_bin2attr() Correct attrs->gid assignment (#366) - As pointed out in bug #206, if a second invoke of libssh2_sftp_read() - would shrink the buffer size, libssh2 would go nuts and send out read - requests like crazy. This was due to an unsigned variable turning - "negative" by some wrong math, and that value would be the amount of - data attempt to pre-buffer! + Regression with fix for #339 - Bug: http://trac.libssh2.org/ticket/206 + Credit : Tseng Jun -- sftp_packet_read: use 32bit variables for 32bit data +- [Tseng Jun brought this change] -- libssh2_sftp_stat_ex.3: cleaned up, extended - - Removed the macros from it as they have their own man pages. - - Added the LIBSSH2_SFTP_ATTRIBUTES struct in here for easier reference. + kex.c : Correct type cast in curve25519_sha256() (#365) -- sftp_readdir: return error if buffer is too small - - If asked to read data into a buffer and the buffer is too small to hold - the data, this function now returns an error instead of as previously - just copy as much as fits. +GitHub (24 Apr 2019) +- [Will Cosgrove brought this change] -- sftp_symlink: return error if receive buffer too small - - and clean up some variable type mismatches + transport.c : scope local total_num var (#364) - Discussion: http://www.libssh2.org/mail/libssh2-devel-archive-2011-01/0001.shtml + file : transport.c + notes : move local `total_num` variable inside of if block to prevent scope access issues which caused #360. -- docs: clarify what happens with a too small buffer - - This flaw is subject to change, but I figured it might be valuable to - users of existing code to know how it works. +Will Cosgrove (24 Apr 2019) +- [doublex brought this change] -- channel_request_pty_size: fix reqPTY_state + transport.c : fixes bounds check if partial packet is read - The state variable isn't properly set so every other call to the - function fails! + Files : transport.c - Bug: http://libssh2.org/mail/libssh2-devel-archive-2010-12/0096.shtml - Reported by: Steve Legg - -- data size: cleanup + Issue : #360 - Fix 64bit warnings by using (s)size_t and dedicated uint32_t types more. - -- [Pierre Joye brought this change] - - ssize_t: proper typedef with MSVC compilers + Notes : + 'p->total_num' instead of local value total_num when doing bounds check. - As discussed on the mailing list, it was wrong for win64 and using the - VC-provided type is the safest approach instead of second- guessing - which one it should be. + Credit : Doublex -Guenter Knauf (22 Dec 2010) -- Updated OpenSSL version. +GitHub (23 Apr 2019) +- [Will Cosgrove brought this change] -- Expanded tabs to spaces. + Editor config file for source files (#322) + + Simple start to an editor config file when editing source files to make sure they are configured correctly. -Peter Stuge (21 Dec 2010) -- [Joey Degges brought this change] +- [Will Cosgrove brought this change] - _libssh2_ntohu64: fix conversion from network bytes to uint64 + misc.c : String buffer API improvements (#332) - Cast individual bytes to uint64 to avoid overflow in arithmetic. - -Daniel Stenberg (20 Dec 2010) -- libssh2_userauth_list: language fix + Files : misc.c, hostkey.c, kex.c, misc.h, openssl.c, sftp.c - "faily" is not a good English word, and I also cleaned up some other minor - mistakes - -- crypto: unify the generic functions + Notes : + * updated _libssh2_get_bignum_bytes and _libssh2_get_string. Now pass in length as an argument instead of returning it to keep signedness correct. Now returns -1 for failure, 0 for success. + + _libssh2_check_length now returns 0 on success and -1 on failure to match the other string_buf functions. Added comment to _libssh2_check_length. - Added crypto.h that is the unified header to include when using crypto - functionality. It should be the only header that needs to adapt to the - underlying crypto library in use. It provides the set of prototypes that - are library agnostic. + Credit : Will Cosgrove -- [Mark Smith brought this change] +Will Cosgrove (19 Apr 2019) +- [doublex brought this change] - userauth: derive publickey from private + mbedtls.c : _libssh2_mbedtls_rsa_new_private_frommemory() allow private-key from memory (#359) - Pass a NULL pointer for the publickey parameter of - libssh2_userauth_publickey_fromfile and - libssh2_userauth_hostbased_fromfile functions. In this case, the - functions recompute the public key from the private key file data. + File : mbedtls.c - This is work done by Jean-Louis CHARTON - , then adapted by Mark Smith and - slightly edited further by me Daniel. + Notes: _libssh2_mbedtls_rsa_new_private_frommemory() fixes private-key from memory reading to by adding NULL terminator before parsing; adds passphrase support. - WARNING: this does leave the feature NOT WORKING when libssh2 is built - to use libgcrypt instead of OpenSSL simply due to lack of - implementation. + Credit: doublex -- ssh2_echo: Value stored to 'exitcode' is never read +- [Ryan Kelley brought this change] -- _libssh2_packet_add: fix SSH_MSG_DEBUG weirdness + Session.c : banner_receive() from leaking when accessing non ssh ports (#356) - I believe I may have caused this weird typo style error when I cleaned - up this function a while ago. Corrected now. - -- uint32: more longs converted to proper types + File : session.c - I also moved the MAC struct over to the mac.h header file and made sure - that the users of that struct include that file. - -- SFTP: more types to uint32_t + Release previous banner in banner_receive() if the session is reused after a failed connection. - The 'num_names' field in the SSH_FXP_NAME response is an unsigned 32bit - value so we make sure to treat it like that. + Credit : Ryan Kelley -- SFTP: request_ids are uint32_t - - I went over the code and made sure we use uint32_t all over for the - request_id data. It is an unsigned 32bit value on the wire. +GitHub (11 Apr 2019) +- [Will Cosgrove brought this change] -- SFTP: store request_id separately in packets + Formatting in agent.c - By using a new separate struct for incoming SFTP packets and not sharing - the generic packet struct, we can get rid of an unused field and add a - new one dedicated for holding the request_id for the incoming - package. As sftp_packet_ask() is called fairly often, a "mere" integer - comparison is MUCH faster than the previous memcmp() of (typically) 5 - bytes. + Removed whitespace. + +- [Will Cosgrove brought this change] -- libssh2_sftp_open_ex: man page extended and cleaned up + Fixed formatting in agent.c - I added the missing documentation for the 'flags' argument. + Quiet linter around a couple if blocks and pointer. -- SFTP: unify the READ/WRITE chunk structs +Will Cosgrove (11 Apr 2019) +- [Zhen-Huan HWANG brought this change] -- SFTP: fix memory leaks - - Make sure that we cleanup remainders when the handle is closed and when - the subsystem is shutdown. + sftp.c : discard and reset oversized packet in sftp_packet_read() (#269) - Existing flaw: if a single handle sends packets that haven't been - replied to yet at the time when the handle is closed, those packets will - arrive later and end up in the generic packet brigade queue and they - will remain in there until flushed. They will use unnecessary memory, - make things slower and they will ruin the SFTP handling if the - request_id counter ever wraps (highly unlikely to every happen). - -- sftp_close_handle: packet list is generic + file : sftp.c - Fix comment, simplify the loop logic - -- sftp_read: pipeline reads + notes : when sftp_packet_read() encounters an sftp packet which exceeds SFTP max packet size it now resets the reading state so it can continue reading. - The SFTP read function now does transfers the same way the SFTP write - function was made to recently: it creates a list of many outgoing - FXP_READ packets that each asks for a small data chunk. The code then - tries to keep sending read request while collecting the acks for the - previous requests and returns the received data. + credit : Zhen-Huan HWANG -- sftp_write: removed unused variable +GitHub (11 Apr 2019) +- [Will Cosgrove brought this change] -- _libssh2_channel_close: don't call transport read if disconnected + Add agent functions libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path() (#308) - The loop that waits for remote.close to get set may end up looping - forever since session->socket_state gets set to - LIBSSH2_SOCKET_DISCONNECTED by the packet_add() function called from the - transport_read() function and after having been set to - LIBSSH2_SOCKET_DISCONNECTED, the transport_read() function will only - return 0. + File : agent.c - Bug: http://trac.libssh2.org/ticket/198 + Notes : + Libssh2 uses the SSH_AUTH_SOCK env variable to read the system agent location. However, when using a custom agent path you have to set this value using setenv which is not thread-safe. The new functions allow for a way to set a custom agent socket path in a thread safe manor. -- libssh2_sftp_seek64: new man page - - Split off libssh2_sftp_seek64 from the libssh2_sftp_seek man page, and - mentioned that we consider the latter deprecated. Also added a mention - about the dangers of doing seek during writing or reading. +- [Will Cosgrove brought this change] -- sftp_seek: fix + Simplified _libssh2_check_length (#350) - The new SFTP write code caused a regression as the seek function no - longer worked as it didn't set the write position properly. + * Simplified _libssh2_check_length - It should be noted that seeking is STRONGLY PROHIBITED during upload, as - the upload magic uses two different offset positions and the multiple - outstanding packets etc make them sensitive to change in the midst of - operations. + misc.c : _libssh2_check_length() - This functionality was just verified with the new example code - sftp_append. This bug was filed as bug #202: + Removed cast and improved bounds checking and format. - Bug: http://trac.libssh2.org/ticket/202 + Credit : Yuriy M. Kaminskiy -- sftp_append: new example doing SFTP append +- [Will Cosgrove brought this change] -- MAX_SFTP_OUTGOING_SIZE: 30000 + _libssh2_check_length() : additional bounds check (#348) - I ran SFTP upload tests against localhost. It showed that to make the - app reach really good speeds, I needed to do a little code tweak and - change MAX_SFTP_OUTGOING_SIZE from 4000 to 30000. The tests I did before - with the high latency tests didn't show any real difference whatever I - had that size set to. + Misc.c : _libssh2_check_length() - This number is the size in bytes that libssh2 cuts off the large input - buffer and sends off as an individual sftp packet. + Ensure the requested length is less than the total length before doing the additional bounds check -- sftp_write_sliding.c: new example +Daniel Stenberg (25 Mar 2019) +- misc: remove 'offset' from string_buf - This is an example that is very similar to sftp_write_nonblock.c, with - the exception that this uses + It isn't necessary. - 1 - a larger upload buffer + Closes #343 + +- sftp: repair mtime from e1ead35e475 - 2 - a sliding buffer mechnism to allow the app to keep sending lots of - data to libssh2 without having to first drain the buffer. + A regression from e1ead35e4759 broke the SFTP mtime logic in + sftp_bin2attr - These are two key issues to make libssh2 SFTP uploads really perform - well at this point in time. - -- cpp: s/#elsif/#elif + Also simplified the _libssh2_get_u32/u64 functions slightly. - This looks like a typo as #elsif is not really C... + Closes #342 -- _libssh2_channel_write: revert channel_write() use - - The attempts made to have _libssh2_channel_write() accept larger pieces - of data and split up the data by itself into 32700 byte chunks and pass - them on to channel_write() in a loop as a way to do faster operations on - larger data blocks was a failed attempt. +- session_disconnect: don't zero state, just clear the right bit - The reason why it is difficult: + If we clear the entire field, the freeing of data in session_free() is + skipped. Instead just clear the bit that risk making the code get stuck + in the transport functions. - The API only allows EAGAIN or a length to be returned. When looping over - multiple blocks to get sent, one block can get sent and the next might - not. And yet: when transport_send() has returned EAGAIN we must not call - it again with new data until it has returned OK on the existing data it - is still working on. This makes it a mess and we do get a much easier - job by simply returning the bytes or EAGAIN at once, as in the EAGAIN - case we can assume that we will be called with the same arguments again - and transport_send() will be happy. + Regression from 4d66f6762ca3fc45d9. - Unfortunately, I think we take a small performance hit by not being able - to do this. + Reported-by: dimmaq on github + Fixes #338 + Closes #340 -- ssh2_echo: new example +- libssh2_sftp.h: restore broken ABI - This is a new example snippet. The code is largely based on ssh2_exec, - and is written by Tommy Lindgren. I edited it into C90 compliance and to - conform to libssh2 indent style and some more. - -- send_existing: return after send_existing + Commit 41fbd44 changed variable sizes/types in a public struct which + broke the ABI, which breaks applications! - When a piece of data is sent from the send_existing() function we must - make the parent function return afterwards. Otherwise we risk that the - parent function tries to send more data and ends up getting an EGAIN for - that more data and since it can only return one return code it doesn't - return info for the successfully sent data. + This reverts that change. - As this change is a regression I now added a larger comment explaining - why it has to work like this. + Closes #339 -- _libssh2_channel_write: count resent data as written +- style: make includes and examples code style strict - In the logic that resends data that was kept for that purpose due to a - previous EAGAIN, the data was not counted as sent causing badness. - -Peter Stuge (13 Nov 2010) -- Use fprintf(stderr, ) instead of write(2, ) for debugging + make travis and the makefile rule verify them too + + Closes #334 -- session/transport: Correctly handle when _libssh2_send() returns -EAGAIN +GitHub (21 Mar 2019) +- [Daniel Stenberg brought this change] -- src/agent.c: Simplify _libssh2_send() error checking ever so slightly + create a github issue template -Daniel Stenberg (12 Nov 2010) -- send/recv: use _libssh2_recv and _libssh2_send now +Daniel Stenberg (21 Mar 2019) +- stale-bot: activated - Starting now, we unconditionally use the internal replacement functions - for send() and recv() - creatively named _libssh2_recv() and - _libssh2_send(). + The stale bot will automatically mark stale issues (inactive for 90 + days) and if still untouched after 21 more days, close them. - On errors, these functions return the negative 'errno' value instead of - the traditional -1. This design allows systems that have no "natural" - errno support to not have to invent it. It also means that no code - outside of these two transfer functions should use the errno variable. + See https://probot.github.io/apps/stale/ -- channel_write: move some logic to _libssh2_channel_write +- libssh2_session_supported_algs.3: fix formatting mistakes - Some checks are better done in _libssh2_channel_write just once per - write instead of in channel_write() since the looping will call the - latter function multiple times per _libssh2_channel_write() invoke. + Reported-by: Max Horn + Fixes #57 -- sftp_write: handle "left over" acked data - - The SFTP handle struct now buffers number of acked bytes that haven't - yet been returned. The way this is used is as following: - - 1. sftp_write() gets called with a buffer of let say size 32000. We - split 32000 into 8 smaller packets and send them off one by one. One of - them gets acked before the function returns so 4000 is returned. - - 2. sftp_write() gets called again a short while after the previous one, - now with a much smaller size passed in to the function. Lets say 8000. - In the mean-time, all of the remaining packets from the previous call - have been acked (7*4000 = 28000). This function then returns 8000 as all - data passed in are already sent and it can't return any more than what - it got passed in. But we have 28000 bytes acked. We now store the - remaining 20000 in the handle->u.file.acked struct field to add up in - the next call. - - 3. sftp_write() gets called again, and now there's a backlogged 20000 - bytes to return as fine and that will get skipped from the beginning - of the buffer that is passed in. +- [Zenju brought this change] -- sftp_write: polished and simplified - - Removed unnecessary struct fields and state changes within the function. + libssh2.h: Fix Error C2371 'ssize_t': redefinition - Made the loop that checks for ACKs only check chunks that were fully - sent. + Closes #331 -- SCP: on failure, show the numerical error reason +- travis: add code style check - By calling libssh2_session_last_errno() + Closes #324 -- SFTP: provide the numerical error reason on failure +- code style: unify code style + + Indent-level: 4 + Max columns: 79 + No spaces after if/for/while + Unified brace positions + Unified white spaces -- SCP: clean up failure treatment +- src/checksrc.pl: code style checker - When SCP send or recv fails, it gets a special message from the server - with a warning or error message included. We have no current API to - expose that message but the foundation is there. Removed unnecessary use - of session struct fields. + imported as-is from curl -- sftp_write: enlarge buffer to perform better +Will Cosgrove (19 Mar 2019) +- Merge branch 'MichaelBuckley-michaelbuckley-security-fixes' -- packets: code cleanup +- Silence unused var warnings (#329) - I added size checks in several places. I fixed the code flow to be easier - to read in some places. + Silence warnings about unused variables in this test + +- Removed unneeded > 0 check - I removed unnecessary zeroing of structs. I removed unused struct fields. + When checking `userauth_kybd_num_prompts > 100` we don't care if it's also above zero. -- LIBSSH2_CALLBACK_MACERROR: clarify return code use +- [Matthew D. Fuller brought this change] -- _libssh2_userauth_publickey: avoid shadowing + Spell OpenSS_H_ right when talking about their specific private key (#321) + + Good catch, thanks. -- packet: avoid shadowing global symbols +GitHub (19 Mar 2019) +- [Will Cosgrove brought this change] -- sftp_readdir: avoid shadowing + Silence unused var warnings (#329) + + Silence warnings about unused variables in this test -- shadowing: don't shadow the global compress +Michael Buckley (19 Mar 2019) +- Fix more scope and printf warning errors -- _libssh2_packet_add: turn ifs into a single switch +- Silence unused variable warning -- _libssh2_packet_add: check SSH_MSG_GLOBAL_REQUEST packet +GitHub (19 Mar 2019) +- [Will Cosgrove brought this change] -- _libssh2_packet_add: SSH_MSG_DEBUG length checks + Removed unneeded > 0 check - Verify lengths before using them. Read always_display from the correct - index. Don't copy stuff around just to provide zero-termination of the - strings. + When checking `userauth_kybd_num_prompts > 100` we don't care if it's also above zero. -- _libssh2_packet_add: SSH_MSG_IGNORE skip memmove - - There's no promise of a zero termination of the data in the callback so - no longer perform ugly operation in order to provide it. +Will Cosgrove (19 Mar 2019) +- [Matthew D. Fuller brought this change] -- _libssh2_packet_add: SSH_MSG_DISCONNECT length checks + Spell OpenSS_H_ right when talking about their specific private key (#321) - Verify lengths before trying to read data. - -- indent: break lines at 80 columns + Good catch, thanks. -- SSH_MSG_CHANNEL_OPEN_FAILURE: used defined values - - We don't like magic numbers in the code. Now the acceptable failure - codes sent in the SSH_MSG_CHANNEL_OPEN_FAILURE message are added as - defined values in the private header file. +Michael Buckley (18 Mar 2019) +- Fix errors identified by the build process -- sftp_write: don't return EAGAIN if no EAGAIN was received - - This function now only returns EAGAIN if a lower layer actually returned - EAGAIN to it. If nothing was acked and no EAGAIN was received, it will - now instead return 0. +- Fix casting errors after merge -- _libssh2_wait_socket: detect nothing-to-wait-for - - If _libssh2_wait_socket() gets called but there's no direction set to - wait for, this causes a "hang". This code now detects this situation, - set a 1 second timeout instead and outputs a debug output about it. +GitHub (18 Mar 2019) +- [Michael Buckley brought this change] -- decomp: remove the free_dest argument - - Since the decompress function ALWAYS returns allocated memory we get a - lot simpler code by removing the ability to return data unallocated. + Merge branch 'master' into michaelbuckley-security-fixes -- decomp: cleaned off old compression stuff - - I cleared off legacy code from when the compression and decompression - functions were a single unified function. Makes the code easier to read - too. +Michael Buckley (18 Mar 2019) +- Move fallback SIZE_MAX and UINT_MAX to libssh2_priv.h -- [TJ Saunders brought this change] +- Fix type and logic issues with _libssh2_get_u64 - decomp: increase decompression buffer sizes +Daniel Stenberg (17 Mar 2019) +- examples: fix various compiler warnings -- [TJ Saunders brought this change] +- lib: fix various compiler warnings - zlib: Add debug tracing of zlib errors +- session: ignore pedantic warnings for funcpointer <=> void * -- sftp_packet_read: handle partial reads of the length field +- travis: add a build using configure - SFTP packets come as [32 bit length][payload] and the code didn't - previously handle that the initial 32 bit field was read only partially - when it was read. + Closes #320 -- [Jasmeet Bagga brought this change] +- configure: provide --enable-werror - kex_agree_hostkey: fix NULL pointer derefence +- appveyor: remove old builds that mostly cause failures - While setting up the session, ssh tries to determine the type of - encryption method it can use for the session. This requires looking at - the keys offered by the remote host and comparing these with the methods - supported by libssh2 (rsa & dss). To do this there is an iteration over - the array containing the methods supported by libssh2. + ... and only run on master branch. - If there is no agreement on the type of encryption we come to the 3rd - entry of the hostkeyp array. Here hostkeyp is valid but *hostkep is - NULL. Thus when we dereference that in (*hostkeyp)->name there is a - crash + Closes #323 -- _libssh2_transport_send: remove dead assignment +- cmake: add two missing man pages to get installed too + + Both libssh2_session_handshake.3 and + libssh2_userauth_publickey_frommemory.3 were installed by the configure + build already. - 'data' isn't accessed beyond this point so there's no need to assign it. + Reported-by: Arfrever on github + Fixes #278 -- scp_recv: remove dead assignment +- include/libssh2.h: warning: "_WIN64" is not defined, evaluates to 0 - Instead of assigning a variable we won't read, we now use the more - explicit (void) prefix. + We don't use #if for defines that might not be defined. -- sftp_write: removed superfluous assignment +- pem: //-comments are not allowed -- bugfix: avoid use of uninitialized value +Will Cosgrove (14 Mar 2019) +- [Daniel Stenberg brought this change] -- sftp_packet_require: propagate error codes better + userauth: fix "Function call argument is an uninitialized value" (#318) - There were some chances that they would cause -1 to get returned by - public functions and as we're hunting down all such occurances and since - the underlying functions do return valuable information the code now - passes back proper return codes better. - -- [Alfred Gebert brought this change] + Detected by scan-build. - fix memory leaks (two times cipher_data) for each sftp session +- fixed unsigned/signed issue -- libssh2_userauth_authenticated: make it work as documented +Daniel Stenberg (15 Mar 2019) +- session_disconnect: clear state - The man page clearly says it returns 1 for "already authenticated" but - the code said non-zero. I changed the code to use 1 now, as that is also - non-zero but it gets the benefit that it now matches the documentation. + If authentication is started but not completed before the application + gives up and instead wants to shut down the session, the '->state' field + might still be set and thus effectively dead-lock session_disconnect. + + This happens because both _libssh2_transport_send() and + _libssh2_transport_read() refuse to do anything as long as state is set + without the LIBSSH2_STATE_KEX_ACTIVE bit. - Using 1 instead of non-zero is better for two reasons: + Reported in curl bug https://github.com/curl/curl/issues/3650 - 1. We have the opportunity to introduce other return codes in the future for - things like error and what not. - 2. We don't expose the internal bitmask variable value. + Closes #310 -- userauth_keyboard_interactive: fix indent +Will Cosgrove (14 Mar 2019) +- Release notes from 1.8.1 -- [Alfred Gebert brought this change] +Michael Buckley (14 Mar 2019) +- Use string_buf in sftp_init(). - fix memory leak in userauth_keyboard_interactive() - - First I wanted to free the memory in session_free() but then - I had still memory leaks because in my test case the function - userauth_keyboard_interactive() is called twice. It is called - twice perhaps because the server has this authentication - methods available: publickey,gssapi-with-mic,keyboard-interactive - The keyboard-interactive method is successful. +- Guard against out-of-bounds reads in publickey.c -- dist: include sftp.h in dist archives +- Guard against out-of-bounds reads in session.c -Simon Josefsson (27 Oct 2010) -- Update header to match new function prototype, see c48840ba88. +- Guard against out-of-bounds reads in userauth.c -Daniel Stenberg (26 Oct 2010) -- bugfixes: the transport rearrange left some subtle flaws now gone +- Use LIBSSH2_ERROR_BUFFER_TOO_SMALL instead of LIBSSH2_ERROR_OUT_OF_BOUNDARY in sftp.c -- libssh2_userauth_publickey_fromfile_ex.3: cleaned up looks +- Additional bounds checking in sftp.c -- libssh2_userauth_publickey: add man page - - I found an undocumented public function and we can't have it like - that. The description here is incomplete, but should serve as a template - to allow filling in... +- Additional length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add(). https://libssh2.org/CVE-2019-3862.html -- libssh2_sftp_write.3: added blurb about the "write ahead" - - Documented the new SFTP write concept +- Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. https://libssh2.org/CVE-2019-3860.html -- sftp_close_handle: free any trailing write chunks +- Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads. -- _libssh2_channel_write: fix warnings +- Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. https://libssh2.org/CVE-2019-3858.html -- SFTP: bufgix, move more sftp stuff to sftp.h - - The sftp_write function shouldn't assume that the buffer pointer will be - the same in subsequent calls, even if it assumes that the data already - passed in before haven't changed. +- Sanitize padding_length - _libssh2_transport_read(). https://libssh2.org/CVE-2019-3861.html - The sftp structs are now moved to sftp.h (which I forgot to add before) + This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent. -- SFTP: use multiple outgoing packets when writing - - sftp_write was rewritten to split up outgoing data into multiple packets - and deal with the acks in a more asynchronous manner. This is meant to - help overcome latency and round-trip problems with the SFTP protocol. +- Defend against writing beyond the end of the payload in _libssh2_transport_read(). -- TODO: implemented a lot of the ideas now +- Defend against possible integer overflows in comp_method_zlib_decomp. -- _libssh2_channel_write: removed 32500 size limit - - Neither _libssh2_channel_write nor sftp_write now have the 32500 size - limit anymore and instead the channel writing function now has its own - logic to send data in multiple calls until everything is sent. +GitHub (14 Mar 2019) +- [Will Cosgrove brought this change] -- send_existing: don't tell parent to return when drained + Security fixes (#315) - That will just cause unnecessary code execution. - -- _libssh2_channel_write: general code cleanup + * Bounds checks - simplified the function and removed some unused struct fields - -- _libssh2_transport_send: replaces _libssh2_transport_write + Fixes for CVEs + https://www.libssh2.org/CVE-2019-3863.html + https://www.libssh2.org/CVE-2019-3856.html - The new function takes two data areas, combines them and sends them as a - single SSH packet. This allows several functions to allocate and copy - less data. + * Packet length bounds check - I also found and fixed a mixed up use of the compression function - arguments that I introduced in my rewrite in a recent commit. - -- scp_write_nonblock: use select() instead of busyloop + CVE + https://www.libssh2.org/CVE-2019-3855.html - Make this example nicer by not busylooping. - -- send_existing: clear olen when the data is sent off - -- _libssh2_transport_write: allow 256 extra bytes around the packet - -- _libssh2_transport_write: remade to send without malloc - -- compress: compression disabled by default + * Response length check - We now allow libssh2_session_flag() to enable compression with a new - flag and I added documentation for the previous LIBSSH2_FLAG_SIGPIPE - flag which I wasn't really aware of! - -- comp: split the compress function + CVE + https://www.libssh2.org/CVE-2019-3859.html - It is now made into two separate compress and decompress functions. In - preparation for upcoming further modficications. - -Dan Fandrich (20 Oct 2010) -- Added header file to allow compiling in older environments - -Daniel Stenberg (20 Oct 2010) -- TODO: add a possible new API for SFTP transfers - -- TODO: "New Transport API" added - -- TODO: add buffering plans - -Simon Josefsson (13 Oct 2010) -- Mention libssh2_channel_get_exit_signal and give kudos. - -- [Tommy Lindgren brought this change] - - Add libssh2_channel_get_exit_signal man page. + * Bounds check - Signed-off-by: Simon Josefsson - -- [Tommy Lindgren brought this change] - - Add libssh2_channel_get_exit_signal. + CVE + https://www.libssh2.org/CVE-2019-3857.html - Signed-off-by: Simon Josefsson - -- Add libssh2_free man page and fix typo. - -- Add libssh2_free. - -Daniel Stenberg (11 Oct 2010) -- scp_recv: improved treatment of channel_read() returning zero + * Bounds checking - As a zero return code from channel_read() is not an error we must make - sure that the SCP functions deal with that properly. channel_read() - always returns 0 if the channel is EOFed already so we check for EOF - after 0-reads to be able to return error properly. - -- libssh2_session_methods.3: detail what can be asked for - -- compression: send zlib before none + CVE + https://www.libssh2.org/CVE-2019-3859.html - As the list of algorithms in a preferred order we should send zlib - before none to increase the chances that the server will let us do - compression. - -- compress: faster check, better return codes + and additional data validation - In the transport functions we avoid a strcmp() now and just check a - boolean instead. + * Check bounds before reading into buffers - The compress/decompress function's return code is now acknowledged and - used as actual return code in case of failures. - -- libssh2_session_handshake: replaces libssh2_session_startup() + * Bounds checking - The function libssh2_session_startup() is now considered deprecated due - to the portability issue with the socket argument. - libssh2_session_handshake() is the name of the replacement. - -- libssh2_socket_t: now externally visible + CVE + https://www.libssh2.org/CVE-2019-3859.html - In preparation for upcominig changes, the libssh2_socket_t type is now - typedef'ed in the public header. + * declare SIZE_MAX and UINT_MAX if needed -- _libssh2_transport_drain: removed - - This function proved not to be used nor useful. +- [Will Cosgrove brought this change] -- _libssh2_channel_write: don't iterate over transport writes - - When a call to _libssh2_transport_write() succeeds, we must return from - _libssh2_channel_write() to allow the caller to provide the next chunk - of data. - - We cannot move on to send the next piece of data that may already have - been provided in this same function call, as we risk getting EAGAIN for - that and we can't return information both about sent data as well as - EAGAIN. So, by returning short now, the caller will call this function - again with new data to send. + fixed type warnings (#309) + +- [Will Cosgrove brought this change] -- _libssh2_transport_write: updated documentation blurb + Bumping version number for pending 1.8.1 release -- _libssh2_transport_write: remove fprintf remainder - - Mistake from previous debugging +Will Cosgrove (4 Mar 2019) +- [Daniel Stenberg brought this change] -- session: improved errors - - Replaced -1/SOCKET_NONE errors with appropriate error defines instead. + _libssh2_string_buf_free: use correct free (#304) - Made the verbose trace output during banner receiving less annoying for - non-blocking sessions. + Use LIBSSH2_FREE() here, not free(). We allow memory function + replacements so free() is rarely the right choice... -- crypt_init: use correct error define +GitHub (26 Feb 2019) +- [Will Cosgrove brought this change] -- _libssh2_error: hide EAGAIN for non-blocking sessions + Fix for building against libreSSL #302 - In an attempt to make the trace output less cluttered for non-blocking - sessions the error function now avoids calling the debug function if the - error is the EAGAIN and the session is non-blocking. + Changed to use the check we use elsewhere. -- agent: use better error defines +- [Will Cosgrove brought this change] -- comp_method_zlib_init: use correct error defines + Fix for when building against LibreSSL #302 -- transport: better error codes - - LIBSSH2_SOCKET_NONE (-1) should no longer be used as error code as it is - (too) generic and we should instead use specific and dedicated error - codes to better describe the error. +Will Cosgrove (25 Feb 2019) +- [gartens brought this change] -- channel: return code and _libssh2_error cleanup - - Made sure that all transport_write() call failures get _libssh2_error - called. + docs: update libssh2_hostkey_hash.3 [ci skip] (#301) -- _libssh2_channel_write: limit to 32700 bytes - - The well known and used ssh server Dropbear has a maximum SSH packet - length at 32768 by default. Since the libssh2 design current have a - fixed one-to-one mapping from channel_write() to the packet size created - by transport_write() the previous limit of 32768 in the channel layer - caused the transport layer to create larger packets than 32768 at times - which Dropbear rejected forcibly (by closing the connection). - - The long term fix is of course to remove the hard relation between the - outgoing SSH packet size and what the input length argument is in the - transport_write() function call. +GitHub (21 Feb 2019) +- [Will Cosgrove brought this change] -- libssh.h: add more dedicated error codes + fix malloc/free mismatches #296 (#297) -- SCP: allow file names with bytes > 126 - - When parsing the SCP protocol and verifying that the data looks like a - valid file name, byte values over 126 must not be consider illegal since - UTF-8 file names will use such codes. - - Reported by: Uli Zappe - Bug: http://www.libssh2.org/mail/libssh2-devel-archive-2010-08/0112.shtml +- [Will Cosgrove brought this change] -Dan Fandrich (25 Aug 2010) -- Document the three sftp stat constants + Replaced malloc with calloc #295 -Guenter Knauf (18 Aug 2010) -- Fixed Win32 makefile which was now broken at resource build. +- [Will Cosgrove brought this change] -- It is sufficient to pipe stderr to NUL to get rid of the nasty messages. + Abstracted OpenSSL calls out of hostkey.c (#294) -- [Author: Guenter Knauf brought this change] +- [Will Cosgrove brought this change] - Removed Win32 ifdef completely for sys/uio.h. + Fix memory dealloc impedance mis-match #292 (#293) - No idea why we had this ifdef at all but MSVC, MingW32, Watcom - and Borland all have no sys/uio.h header; so if there's another - Win32 compiler which needs it then it should be added explicitely - instead of this negative list. + When using ed25519 host keys and a custom memory allocator. + +- [Will Cosgrove brought this change] -- New files should also be added to Makefile.am. + Added call to OpenSSL_add_all_digests() #288 - Otherwise they will never be included with release and snapshot tarballs ... + For OpenSSL 1.0.x we need to call OpenSSL_add_all_digests(). -Daniel Stenberg (18 Aug 2010) -- version: bump to 1.2.8_DEV +Will Cosgrove (12 Feb 2019) +- [Zhen-Huan HWANG brought this change] -Version 1.2.7 (17 Aug 2010) + SFTP: increase maximum packet size to 256K (#268) + + to match implementations like OpenSSH. -Daniel Stenberg (17 Aug 2010) -- release: updated to hold 1.2.7 info +- [Zenju brought this change] -Guenter Knauf (17 Aug 2010) -- Use the new libssh2.rc file. + Fix https://github.com/libssh2/libssh2/pull/271 (#284) -- Added resource file for libssh2.dll (shamelessly stolen from libcurl). +GitHub (16 Jan 2019) +- [Will Cosgrove brought this change] -- Updated Win32 MSVC dependencies versions. + Agent NULL check in shutdown #281 -- Added include for sys/select.h to get fd.set on some platforms. +Will Cosgrove (15 Jan 2019) +- [Adrian Moran brought this change] -- Added Watcom makefile borrowed from libcurl. + mbedtls: Fix leak of 12 bytes by each key exchange. (#280) - This makefile compiles already all files fine for static lib, but needs - final touch when I have OpenSSL fully working with shared libs and Watcom. + Correctly free ducts by calling _libssh2_mbedtls_bignum_free() in dtor. -- Added copyright define to libssh2.h and use it for binary builds. +- [alex-weaver brought this change] -- Moved version defines up in order to include from .rc file. - - Blocked rest of header with ifndef so its possible to let - the rc compiler only use the version defines. + Fix error compiling on Win32 with STDCALL=ON (#275) -- Some minor makefile tweaks. +GitHub (8 Nov 2018) +- [Will Cosgrove brought this change] -Daniel Stenberg (2 Aug 2010) -- example: treat the libssh2_channel_read() return code properly + Allow default permissions to be used in sftp_mkdir (#271) - A short read is not an error. Only negative values are errors! + Added constant LIBSSH2_SFTP_DEFAULT_MODE to use the server default permissions when making a new directory + +Will Cosgrove (13 Sep 2018) +- [Giulio Benetti brought this change] -- libssh2_wait_socket: reset error code to "leak" EAGAIN less + openssl: fix dereferencing ambiguity potentially causing build failure (#267) - Since libssh2 often sets LIBSSH2_ERROR_EAGAIN internally before - _libssh2_wait_socket is called, we can decrease some amount of - confusion in user programs by resetting the error code in this function - to reduce the risk of EAGAIN being stored as error when a blocking - function returns. + When dereferencing from *aes_ctr_cipher, being a pointer itself, + ambiguity can occur; fixed possible build errors. -- _libssh2_wait_socket: poll needs milliseconds +Viktor Szakats (12 Sep 2018) +- win32/GNUmakefile: define HAVE_WINDOWS_H - As reported on the mailing list, the code path using poll() should - multiple seconds with 1000 to get milliseconds, not divide! + This macro was only used in test/example code before, now it is + also used in library code, but only defined automatically by + automake/cmake, so let's do the same for the standalone win32 + make file. - Reported by: Jan Van Boghout - -- typedef: make ssize_t get typedef without LIBSSH2_WIN32 + It'd be probably better to just rely on the built-in _WIN32 macro + to detect the presence of windows.h though. It's already used + in most of libssh2 library code. There is a 3rd, similar macro + named LIBSSH2_WIN32, which might also be replaced with _WIN32. - The condition around the ssize_t typedef depended on both LIBSSH2_WIN32 - *and* _MSC_VER being defined when it should be enough to depend on - _MSC_VER only. It also makes it nicer so libssh2-using code builds fine - without having custom defines. - -- [John Little brought this change] - - session_free: free more data to avoid memory leaks + Ref: https://github.com/libssh2/libssh2/commit/8b870ad771cbd9cd29edbb3dbb0878e950f868ab + Closes https://github.com/libssh2/libssh2/pull/266 -- channel_free: ignore problems with channel_close() +Marc Hoersken (2 Sep 2018) +- Fix conditional check for HAVE_DECL_SECUREZEROMEMORY - As was pointed out in bug #182, we must not return failure from - _libssh2_channel_free() when _libssh2_channel_close() returns an error - that isn't EAGAIN. It can effectively cause the function to never go - through, like it did now in the case where the socket was actually - closed but socket_state still said LIBSSH2_SOCKET_CONNECTED. + "Unlike the other `AC_CHECK_*S' macros, when a symbol is not declared, + HAVE_DECL_symbol is defined to `0' instead of leaving HAVE_DECL_symbol + undeclared. When you are sure that the check was performed, + use HAVE_DECL_symbol in #if." - I consider this fix the right thing as it now also survives other - errors, even if making sure socket_state isn't lying is also a good - idea. + Source: autoconf documentation for AC_CHECK_DECLS. -- publickey_list_free: no return value from a void function +- Fix implicit declaration of function 'SecureZeroMemory' - Fixed a compiler warning I introduced previously when checking input - arguments more. I also added a check for the other pointer to avoid NULL - pointer dereferences. + Include window.h in order to use SecureZeroMemory on Windows. + +- Fix implicit declaration of function 'free' by including stdlib.h -- [Lars Nordin brought this change] +GitHub (27 Aug 2018) +- [Will Cosgrove brought this change] - openssl: make use of the EVP interface + Use malloc abstraction function in pem parse - Make use of the EVP interface for the AES-funktion. Using this method - supports the use of different ENGINES in OpenSSL for the AES function - (and the direct call to the AES_encrypt should not be used according to - openssl.org) + Fix warning on WinCNG build. -Peter Stuge (23 Jun 2010) -- [Tor Arntsen brought this change] +- [Will Cosgrove brought this change] - Don't overflow MD5 server hostkey - - Use SHA_DIGEST_LENGTH and MD5_DIGEST_LENGTH in memcpy instead of hardcoded - values. An incorrect value was used for MD5. + Fixed possible junk memory read in sftp_stat #258 -- Fix message length bugs in libssh2_debug() - - There was a buffer overflow waiting to happen when a debug message was - longer than 1536 bytes. - - Thanks to Daniel who spotted that there was a problem with the message - length passed to a trace handler also after commit - 0f0652a3093111fc7dac0205fdcf8d02bf16e89f. +- [Will Cosgrove brought this change] -- Make libssh2_debug() create a correctly terminated string + removed INT64_C define (#260) - Also use FILE *stderr rather than fd 2, which can very well be something - completely different. + No longer used. -Daniel Stenberg (23 Jun 2010) -- [TJ Saunders brought this change] +- [Will Cosgrove brought this change] - handshake: Compression enabled at the wrong time - - In KEXINIT messages, the client and server agree on, among other - things, whether to use compression. This method agreement occurs - in src/kex.c's kex_agree_methods() function. However, if - compression is enabled (either client->server, server->client, or - both), then the compression layer is initialized in - kex_agree_methods() -- before NEWKEYS has been received. - - Instead, the initialization of the compression layer should - happen after NEWKEYS has been received. This looks to occur - insrc/kex.c's diffie_hellman_sha1(), which even has the comment: - - /* The first key exchange has been performed, - - switch to active crypt/comp/mac mode */ - - There, after NEWKEYS is received, the cipher and mac algorithms - are initialized, and that is where the compression should be - initialized as well. - - The current implementation fails if server->client compression is - enabled because most server implementations follow OpenSSH's - lead, where compression is initialized after NEWKEYS. Since the - server initializes compression after NEWKEYS, but libssh2 - initializes compression after KEXINIT (i.e. before NEWKEYS), they - are out of sync. - - Reported in bug report #180 + Added conditional around engine.h include -- [TJ Saunders brought this change] +Will Cosgrove (6 Aug 2018) +- [Alex Crichton brought this change] - userauth_hostbased_fromfile: packet length too short - - The packet length calculated in src/userauth.c's - userauth_hostbased_fromfile() function is too short by 4 bytes; - it forgets to add four bytes for the length of the hostname. - This causes hostbased authentication to fail, since the server - will read junk data. + Fix OpenSSL link error with `no-engine` support (#259) - verified against proftpd's mod_sftp module + This commit fixes linking against an OpenSSL library that was compiled with + `no-engine` support by bypassing the initialization routines as they won't be + available anyway. + +GitHub (2 Aug 2018) +- [Will Cosgrove brought this change] -- _libssh2_userauth_publickey: reject method names longer than the data + ED25519 Key Support #39 (#248) - This functions get the method length by looking at the first 32 - bit of data, and I now made it not accept method lengths that are - longer than the whole data set is, as given in the dedicated - function argument. + OpenSSH Key and ED25519 support #39 + Added _libssh2_explicit_zero() to explicitly zero sensitive data in memory #120 - This was detected when the function was given bogus public key - data as an ascii string, which caused the first 32bits to create - a HUGE number. + * ED25519 Key file support - Requires OpenSSL 1.1.1 or later + * OpenSSH Key format reading support - Supports RSA/DSA/ECDSA/ED25519 types + * New string buffer reading functions - These add build-in bounds checking and convenance methods. Used for OpenSSL PEM file reading. + * Added new tests for OpenSSH formatted Keys -- NULL resistance: make more public functions survive NULL pointer input - - Sending in NULL as the primary pointer is now dealt with by more - public functions. I also narrowed the userauth.c code somewhat to - stay within 80 columns better. +- [Will Cosgrove brought this change] -- agent: make libssh2_agent_userauth() work blocking properly + ECDSA key types are now explicit (#251) - previously it would always work in a non-blocking manner - -Peter Stuge (17 Jun 2010) -- Fix underscore typo for 64-bit printf format specifiers on Windows + * ECDSA key types are now explicit - Commit 49ddf447ff4bd80285f926eac0115f4e595f9425 was missing underscores. - -Daniel Stenberg (16 Jun 2010) -- libssh2_session_callback_set: extended the man page + Issue was brough up in pull request #248 diff --git a/NMakefile b/NMakefile deleted file mode 100644 index 07bc2dd..0000000 --- a/NMakefile +++ /dev/null @@ -1,33 +0,0 @@ -!include "win32/config.mk" - -!if "$(WITH_WINCNG)" == "1" -!include "Makefile.WinCNG.inc" -!else -!include "Makefile.OpenSSL.inc" -!endif -!include "Makefile.inc" - -OBJECTS=$(CSOURCES:.c=.obj) - -# SUBDIRS=src example -SUBDIRS=src - -all-sub: win32\objects.mk - -for %D in ($(SUBDIRS)) do $(MAKE) /nologo /f %D/NMakefile BUILD=$(BUILD) SUBDIR=%D all-sub - -clean: - -rmdir 2>NUL /s/q $(TARGET) - -del 2>NUL win32\objects.mk - -real-clean vclean: clean - -del 2>NUL libssh2.dll - -del 2>NUL libssh2.exp - -del 2>NUL libssh2.ilk - -del 2>NUL libssh2.lib - -del 2>NUL *.pdb - -win32\objects.mk: Makefile.inc - @echo OBJECTS = \>$@ - @for %O in ($(OBJECTS)) do @echo $$(INTDIR)\%O \>>$@ - @echo $$(EOL)>>$@ - diff --git a/README b/README index 8a14856..fca539d 100644 --- a/README +++ b/README @@ -4,9 +4,9 @@ libssh2 - SSH2 library libssh2 is a library implementing the SSH2 protocol, available under the revised BSD license. -Web site: https://www.libssh2.org/ +Web site: https://libssh2.org/ -Mailing list: https://cool.haxx.se/mailman/listinfo/libssh2-devel +Mailing list: https://lists.haxx.se/listinfo/libssh2-devel License: see COPYING diff --git a/README.md b/README.md new file mode 100644 index 0000000..9d167c0 --- /dev/null +++ b/README.md @@ -0,0 +1,16 @@ +# libssh2 - SSH2 library + +libssh2 is a library implementing the SSH2 protocol, available under +the revised BSD license. + +[Web site](https://libssh2.org/) + +[Mailing list](https://lists.haxx.se/listinfo/libssh2-devel) + +[BSD Licensed](https://libssh2.org/license.html) + +[Web site source code](https://github.com/libssh2/www) + +Installation instructions: + - [for CMake](docs/INSTALL_CMAKE.md) + - [for autotools](docs/INSTALL_AUTOTOOLS) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 62064a9..d9af168 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -1,62 +1,325 @@ -libssh2 1.10 +libssh2 1.11.1 + +Deprecation notices: + +- Starting October 2024, the following algos go deprecated and will be + disabled in default builds (with an option to enable them): + + - DSA: `ssh-dss` hostkeys. + You can enable it now with `-DLIBSSH2_DSA_ENABLE`. + Disabled by default in OpenSSH 7.0 (2015-08-11). + Support to be removed by early 2025 from OpenSSH. + - MD5-based MACs and hashes: `hmac-md5`, `hmac-md5-96`, + `LIBSSH2_HOSTKEY_HASH_MD5` + You can disable it now with `-DLIBSSH2_NO_MD5`. + Disabled by default since OpenSSH 7.2 (2016-02-29). + - 3DES cipher: `3des-cbc` + You can disable it now with `-DLIBSSH2_NO_3DES`. + Disabled by default since OpenSSH 7.4 (2016-12-19). + - RIPEMD-160 MACs: `hmac-ripemd160`, `hmac-ripemd160@openssh.com` + You can disable it now with `-DLIBSSH2_NO_HMAC_RIPEMD`. + Removed in OpenSSH 7.6 (2017-10-03). + - Blowfish cipher: `blowfish-cbc` + You can disable it now with `-DLIBSSH2_NO_BLOWFISH`. + Removed in OpenSSH 7.6 (2017-10-03). + - RC4 ciphers: `arcfour`, `arcfour128` + You can disable it now with `-DLIBSSH2_NO_RC4`. + Removed in OpenSSH 7.6 (2017-10-03). + - CAST cipher: `cast128-cbc` + You can disable it now with `-DLIBSSH2_NO_CAST`. + Removed in OpenSSH 7.6 (2017-10-03). + +- Starting April 2025, above options will be deleted from the + libssh2 codebase. + + - Default builds will also disable support for old-style, MD5-based + encrypted private keys. + You can disable it now with `-DLIBSSH2_NO_MD5_PEM`. This release includes the following enhancements and bugfixes: - o adds agent forwarding support - o adds OpenSSH Agent support on Windows - o adds ECDSA key support using the Mbed TLS backend - o adds ECDSA cert authentication - o adds diffie-hellman-group14-sha256, diffie-hellman-group16-sha512, - diffie-hellman-group18-sha512 key exchanges - o adds support for PKIX key reading when using ed25519 with OpenSSL - o adds support for EWOULDBLOCK on VMS systems - o adds support for building with OpenSSL 3 - o adds support for using FIPS mode in OpenSSL - o adds debug symbols when building with MSVC - o adds support for building on the 3DS - o adds unicode build support on Windows - o restores os400 building - o increases min, max and opt Diffie Hellman group values - o improves portiablity of the make file - o improves timeout behavior with 2FA keyboard auth - o various improvements to the Wincng backend - o fixes reading parital packet replies when using an agent - o fixes Diffie Hellman key exchange on Windows 1903+ builds - o fixes building tests with older versions of OpenSSL - o fixes possible multiple definition warnings - o fixes potential cast issues _libssh2_ecdsa_key_get_curve_type() - o fixes potential use after free if libssh2_init() is called twice - o improved linking when using Mbed TLS - o fixes call to libssh2_crypto_exit() if crypto hasn't been initialized - o fixes crash when loading public keys with no id - o fixes possible out of bounds read when exchanging keys - o fixes possible out of bounds read when reading packets - o fixes possible out of bounds read when opening an X11 connection - o fixes possible out of bounds read when ecdh host keys - o fixes possible hang when trying to read a disconnected socket - o fixes a crash when using the delayed compression option - o fixes read error with large known host entries - o fixes various warnings - o fixes various small memory leaks - o improved error handling, various detailed errors will now be reported - o builds are now using OSS-Fuzz - o builds now use autoreconf instead of a custom build script - o cmake now respects install directory - o improved CI backend - o updated HACKING-CRYPTO documentation - o use markdown file extensions - o improved unit tests +- autotools: fix to update `LDFLAGS` for each detected dependency (d19b6190 #1384 #1381 #1377) +- autotools: delete `--disable-tests` option, fix CI tests (e051ae34 #1271 #715 revert: 7483edfa) +- autotools: show the default for `hidden-symbols` option (a3f5594a #1269) +- autotools: enable `-Wunused-macros` with gcc (ecdf5199 #1262 #1227 #1224) +- autotools: fix dotless gcc and Apple clang version detections (89ccc83c #1232 #1187) +- autotools: show more clang/gcc version details (fb580161 #1230) +- autotools: avoid warnings in libtool stub code (96682bd5 #1227 #1224) +- autotools: sync warning enabler code with curl (5996fefe #1223) +- autotools: rename variable (ce5f208a #1222) +- autotools: picky warning options tidy-up (cdca8cff #1221) +- autotools: fix `cp` to preserve attributes and timestamp in `Makefile.am` (f64e6318) +- autotools: fix selecting WinCNG in cross-builds (and more) (00a3b88c #1187 #1186) +- autotools: use comma separator in `Requires.private` of `libssh2.pc` (7f83de14 #1124) +- autotools: remove `AB_INIT` from `configure.ac` (f4f52ccc) +- autotools: improve libz position (c89174a7 #1077 #941 #1075 #1013 regr: 4f0f4bff) +- autotools: skip tests requiring static lib if `--disable-static` (572c57c9 #1072 #663 #1056 regr: 83853f8a) +- build: stop detecting `sys/param.h` header (2677d3b0 #1418 #1415) +- build: silence warnings inside `FD_SET()`/`FD_ISSET()` macros (323a14b2 #1379) +- build: drop `-Wformat-nonliteral` warning suppressions (c452c5cc #1342) +- build: enable `-pedantic-errors` (3ec53f3e #1286) +- build: add mingw-w64 support to `LIBSSH2_PRINTF()` attribute (f8c45794 #1287) +- build: add `LIBSSH2_NO_DEPRECATED` option (b1414503 #1267 #1266 #1260 #1259) +- build: enable missing OpenSSF-recommended warnings, with fixes (afa6b865 #1257) +- build: enable more compiler warnings and fix them (7ecc309c #1224) +- build: picky warning updates (328a96b3 #1219) +- build: revert: respect autotools `DLL_EXPORT` in `libssh2.h` (481be044 #1141 #917 revert: fb1195cf) +- build: stop requiring libssl from openssl (c84745e3 #1128) +- build: tidy-up `libssh2.pc.in` variable names (5720dd9f #1125) +- build: add/fix `Requires.private` packages in `libssh2.pc` (ef538069 #1123) +- buildconf: drop (814a850c #1441 follow: fc5d7788) +- checksrc: update, check all sources, fix fallouts (1117b677 #1457) +- checksrc: sync with curl (8cd473c9 #1272) +- checksrc: fix spelling in comment (a95d401f) +- checksrc: modernise Perl file open (3d309f9b) +- checksrc: switch to dot file (d67a91aa #1052) +- ci: use Ninja with cmake (20ad047d #1458) +- ci: disable dependency tracking in autotools builds (e44f0418 #1396) +- ci: fix mbedtls runners on macOS (84411539 #1381) +- ci: enable Unity mode for most CMake builds (1bfae57b #1367 #1034) +- ci: add shellcheck job and script (d88b9bcd) +- ci: verify build and install from tarball (a86e27e8 #1362) +- ci: add reproducibility test for `maketgz` (2d765e45 #1360) +- ci: use Linux runner for BSDs, add arm64 FreeBSD 14 job (6f86b196 #1343) +- ci: do not parallelize `distcheck` job (5e65dd87 #1339) +- ci: add FreeBSD 14 job, fix issues (46333adf #1277) +- ci: add OmniOS job, fix issues (5e0ec991) +- ci: show compiler in cross/cygwin job names (c9124088) +- ci: add OpenBSD (v7.4) job + fix build error in example (0c9a8e35 #1250) +- ci: add NetBSD (v9.3) job (65c7a7a5) +- ci: update and speed up FreeBSD job (eee4e805) +- ci: use absolute path in `CMAKE_INSTALL_PREFIX` (74948816 #1247) +- ci: boost mbedTLS build speed (236e79a1 #1245) +- ci: add BoringSSL job (cmake, gcc, amd64) (c9dd3566 #1233) +- ci: fixup FreeBSD version, bump mbedTLS (fea6664e #1217) +- ci: add FreeBSD 13.2 job (a7d2a573 #1215) +- ci: mbedTLS 3.5.0 (5e190442 #1202) +- ci: update actions, use shallow clones with appveyor (d468a33f #1199) +- ci: replace `mv` + `chmod` with `install` in `Dockerfile` (5754fed6 #1175) +- ci: set file mode early in `appveyor_docker.yml` (633db55f) +- ci: add spellcheck (codespell) (a79218d3) +- ci: add MSYS builds (autotools and cmake) (d43b8d9b #1162) +- ci: add Cygwin builds (autotools and cmake) (f1e96e73 #1161) +- ci: add mingw-w64 UWP build (1215aa5f #1155 #1147) +- ci: add missing timeout to 'autotools distcheck' step (6265ffdb) +- ci: add non-static autotools i386 build, ignore GHA updates on AppVeyor (c6e137f7 #1074 #1072) +- ci: prefer `=` operator in shell snippets (e5c03043 #1073) +- ci: drop redundant/unused vars, sync var names (ab8e95bc #1059) +- ci: add i386 Linux build (with mbedTLS) (abdf40c7 #1057 #1053) +- ci/appveyor: reduce test runs (workaround for infrastructure permafails) (b5e68bdc #1461) +- ci/appveyor: increase wait for SSH server on GHA (bf3af90b) +- ci/appveyor: bump to OpenSSL 3.2.1 (53d9c1a6 #1363 #1348) +- ci/appveyor: re-enable parallel mode (e190e5b2 #1294 #884 #867) +- ci/appveyor: delete UWP job broken since Visual Studio upgrade (d0a7f1da #1275) +- ci/appveyor: YAML/PowerShell formatting, shorten variable name (06fd721f #1200) +- ci/appveyor: move to pure PowerShell (8a081fd9 #1197) +- ci/GHA: revert concurrency and improve permissions (e4c042f6) +- ci/GHA: FreeBSD 14.1, actions bump (ae04b1b9 #1424) +- ci/GHA: fix wolfSSL-from-source AES-GCM tests (1c0b07a7 #1409 #1408) +- ci/GHA: add Linux job with latest wolfSSL built from source (d4cea53f #1408 #1299 #1020) +- ci/GHA: tidy up build-from-source steps (2c633033) +- ci/GHA: show configure logs on failure and other tidy-ups (dab48398 #1403) +- ci/GHA: bump parallel jobs to nproc+1 (6f3d3bc8 #1402) +- ci/GHA: show test logs on failure (b8ffa7a5 #1401) +- ci/GHA: fix `Dockerfile` failing after Ubuntu package update (839bb84e #1400) +- ci/GHA: use ubuntu-latest with OmniOS job (50143d58) +- ci/GHA: shell syntax tidy-up (3b23e039 #1390) +- ci/GHA: bump NetBSD/OpenBSD, add NetBSD arm64 job (e980af72 #1388) +- ci/GHA: tidy up wolfSSL autotools config on macOS (5953c1f1 #1383) +- ci/GHA: shorter mbedTLS autotools workaround (736e3d7d #1382 #1381) +- ci/GHA: fix gcrypt with autotools/macOS/Homebrew/ARM64 (ae2770de #1377) +- ci/GHA: fix verbose option for autotools jobs (499b27ae #1376) +- ci/GHA: dump `config.log` on failure for macOS autotools jobs (4fa69214 #1375) +- ci/GHA: fix `autoreconf` failure on macOS/Homebrew (0b64b30b #1374) +- ci/GHA: fixup Homebrew location (for ARM runners) (6128aee0 #1373) +- ci/GHA: review/fixup auto-cancel settings (b08cfbc9 #1292) +- ci/GHA: restore curly braces in `if` (36748270 #1145) +- ci/GHA: simplify `if` strings (cab3db58 #1140) +- cmake: sync and improve Find modules, add `pkg-config` native detection (45064137 #1445 #1420) +- cmake: generate `LIBSSH2_PC_LIBS_PRIVATE` dynamically (c87f1296 #1466) +- cmake: add comment about `ibssh2.pc.in` variables (14b1b9d0) +- cmake: support absolute `CMAKE_INSTALL_INCLUDEDIR`/`CMAKE_INSTALL_LIBDIR` (d70cee36 #1465) +- cmake: rename two variables and initialize them (0fce9dcc #1464) +- cmake: prefer `find_dependency()` in `libssh2-config.cmake` (d9c2e550 #1460) +- cmake: tidy up syntax, minor improvements (9d9ee780 #1446) +- cmake: rename mbedTLS and wolfSSL Find modules (570de0f2) +- cmake: fixup version detection in mbedTLS Find module (8e3c40b2 #1444) +- cmake: mbedTLS detection tidy-ups (6d1d13c2 #1438) +- cmake: add quotes, delete ending dirseps (2bb46d44 #1437 #1166) +- cmake: sync formatting in `cmake/Find*` modules (a0310699) +- cmake: tidy up function name casing in `CopyRuntimeDependencies.cmake` (03547cb8) +- cmake: use the imported target of FindOpenSSL module (82b09f9b #1322) +- cmake: rename picky warnings script (64d6789f #1225) +- cmake: fix multiple include of libssh2 package (932d6a32 #1216) +- cmake: show crypto backend in feature summary (20387285 #1211) +- cmake: simplify showing CMake version (fc00bdd7 #1203) +- cmake: cleanup mbedTLS version detection more (4c241d5c #1196 #1192) +- cmake: delete duplicate `include()` (30eef0a6) +- cmake: improve/fix mbedTLS detection (41594675 #1192 #1191) +- cmake: tidy-up `foreach()` syntax (4a64ca14 #1180) +- cmake: verify `libssh2_VERSION` in integration tests (a20572e9) +- cmake: show cmake versions in ci (87f5769b) +- cmake: quote more strings (e9c7d3af #1173) +- cmake: add `ExternalProject` integration test (aeaefaf6 #1171) +- cmake: add integration tests (8715c3d5 #1170) +- cmake: (re-)add aliases for `add_subdirectory()` builds (4ff64ae3 #1169) +- cmake: style tidy-up (3fa5282d #1166) +- cmake: add `LIB_NAME` variable (5453fc80 #1159) +- cmake: tidy-up concatenation in `CMAKE_MODULE_PATH` (ae7d5108 #1157) +- cmake: replace `libssh2` literals with `PROJECT_NAME` variable (72fd2595 #1152) +- cmake: fix `STREQUAL` check in error branch (42d3bf13 #1151) +- cmake: cache more config values on Windows (11a03690 #1142) +- cmake: streamline invocation (f58f77b5 #1138) +- cmake: merge `set_target_properties()` calls (a9091007 #1132) +- cmake: (re-)add zlib to `Libs.private` in `libssh2.pc` (64643018 #1131) +- cmake: use `wolfssl/options.h` for detection, like autotools (c5ec6c49 #1130) +- cmake: add openssl libs to `Libs.private` in `libssh2.pc` (5cfa59d3 #1127) +- cmake: bump minimum CMake version to v3.7.0 (9cd18f45 #1126) +- cmake: CMAKE_SOURCE_DIR -> PROJECT_SOURCE_DIR (0f396aa9 #1121) +- cmake: tidy-ups (2fc36790 #1122) +- cmake: re-add `Libssh2:libssh2` for compatibility + lowercase namespace (2da13c13 #1104 #731 #1103) +- copyright: remove years from copyright headers (187d89bb #1082) +- disable DSA by default (b7ab0faa #1435 #1433) +- docs: update `INSTALL_AUTOTOOLS` (2f0efde3 #1316) +- docs: replace SHA1 with SHA256 in CMake example (766bde9f) +- example: restore `sys/time.h` for AIX (24503cb9 #1340 #1335 #1334 #1001 regr: e53aae0e) +- example: use `libssh2_socket_t` in X11 example (3f60ccb7) +- example: replace remaining libssh2_scp_recv with libssh2_scp_recv2 in output messages (8d69e63d #1258 follow: 6c84a426) +- example: fix regression in `ssh2_exec.c` (279a2e57 #1106 #861 #846 #1105 regr: b13936bd) +- example, tests: call `WSACleanup()` for each `WSAStartup()` (94b6bad3 #1283) +- example, tests: fix/silence `-Wformat-truncation=2` gcc warnings (744e059f) +- hostkey: do not advertise ssh-rsa when SHA1 is disabled (82d1b8ff #1093 #1092) +- kex: prevent possible double free of hostkey (b3465418 #1452) +- kex: always check for null pointers before calling _libssh2_bn_set_word (9f23a3bb #1423) +- kex: fix a memory leak in key exchange (19101843 #1412 #1404) +- kex: always add extension indicators to kex_algorithms (00e2a07e #1327 #1326) +- libssh2.h: add deprecated function warnings (9839ebe5 #1289 #1260) +- libssh2.h: add portable `LIBSSH2_SOCKET_CLOSE()` macro (28dbf016 #1278) +- libssh2.h: use `_WIN32` for Windows detection instead of rolling our own (631e7734 #1238) +- libssh2.pc: reference mbedcrypto pkgconfig (c149a127 #1405) +- libssh2.pc: re-add & extend support for static-only libssh2 builds (624abe27 #1119 #1114) +- libssh2.pc: don't put `@LIBS@` in pc file (1209c16d) +- mac: add empty hash functions for `mac_method_hmac_aesgcm` to not crash when e.g. setting `LIBSSH2_METHOD_CRYPT_CS` (b2738391 #1321) +- mac: handle low-level errors (f64885b6 #1297) +- Makefile.mk: delete Windows-focused raw GNU Make build (43485579 #1204) +- maketgz: reproducible tarballs/zip, display tarball hashes (d52fe1b4 #1357 #1359) +- maketgz: `set -eu`, reproducibility, improve zip, add CI test (cba7f975 #1353) +- man: improve `libssh2_userauth_publickey_from*` manpages (581b72aa #1347 #1308 #652) +- man: fix double spaces and dash escaping (a3ffc422 #1210) +- man: add description to `libssh2_session_get_blocking.3` (67e39091 #1185) +- mbedtls: always init ECDSA mbedtls_pk_context (a50d7deb #1430) +- mbedtls: correctly initialize values (ECDSA) (1701d5c0 #1428 #1421) +- mbedtls: expose `mbedtls_pk_load_file()` for our use (1628f6ca #1421 #1393 #1349 follow: e973493f) +- mbedtls: add workaround + FIXME to build with 3.6.0 (2e4c5ec4 #1349) +- mbedtls: improve disabling `-Wredundant-decls` (ecec68a2 #1226 #1224) +- mbedtls: include `version.h` for `MBEDTLS_VERSION_NUMBER` (9d7bc253 #1095 #1094) +- mbedtls: use more `size_t` to sync up with `crypto.h` (1153ebde #1054 #879 #846 #1053) +- md5: allow disabling old-style encrypted private keys at build-time (eb9f9de2 #1181) +- mingw: fix printf mask for 64-bit integers (36c1e1d1 #1091 #876 #846 #1090) +- misc: flatten `_libssh2_explicit_zero` if tree (74e74288 #1149) +- NMakefile: delete (c515eed3 #1134 #1129) +- openssl: free allocated resources when using openssl3 (b942bad1 #1459) +- openssl: fix memory leaks in `_libssh2_ecdsa_curve_name_with_octal_new` and `_libssh2_ecdsa_verify` (8d3bc19b #1449) +- openssl: fix calculating DSA public key with OpenSSL 3 (8b3c6e9d #1380) +- openssl: initialize BIGNUMs to NULL in `gen_publickey_from_dsa` for OpenSSL 3 (f1133c75 #1320) +- openssl: fix cppcheck found NULL dereferences (f2945905 #1304) +- openssl: delete internal `read_openssh_private_key_from_memory()` (34aff5ff #1306) +- openssl: use OpenSSL 3 HMAC API, add `no-deprecated` CI job (363dcbf4 #1243 #1235 #1207) +- openssl: make a function static, add `#ifdef` comments (efee9133 #1246 #248 follow: 03092292) +- openssl: fix DSA code to use OpenSSL 3 API (82581941 #1244 #1207) +- openssl: fix `EC_KEY` reference with OpenSSL 3 `no-deprecated` build (487152f4 #1236 #1235 #1207) +- openssl: use non-deprecated APIs with OpenSSL 3.x (b0ab005f #1207) +- openssl: silence `-Wunused-value` warnings (bf285500 #1205) +- openssl: use automatic initialization with LibreSSL 2.7.0+ (d79047c9 #1146 #302) +- openssl: add missing check for `LIBRESSL_VERSION_NUMBER` before use (4a42f42e #1117 #1115) +- os400: drop vsprintf() use (40e817ff #1462 #1457) +- os400: Add two recent files to the distribution (e4c65e5b #1364) +- os400: fix shellcheck warnings in scripts (fixups) (81341e1e #1366 #1364 #1358) +- os400: fix shellcheck warnings in scripts (c6625707 #1358) +- os400: maintain up to date (8457c37a #1309) +- packet: properly bounds check packet_authagent_open() (88a960a8 #1179) +- pem: fix private keys encrypted with AES-GCM methods (e87bdefa #1133) +- reuse: upgrade to `REUSE.toml` (70b8bf31 #1419) +- reuse: fix duplicate copyright warning (b9a4ed83) +- reuse: comply with 3.1 spec and 2.0.0 checker (fe6239a1 #1102 #1101 #1098) +- reuse: provide SPDX identifiers (f6aa31f4 #1084) +- scp: fix missing cast for targets without large file support (c317e06f #1060 #1057 #1002 regr: 5db836b2) +- session: support server banners up to 8192 bytes (was: 256) (1a9e8811 #1443 #1442) +- session: add `libssh2_session_callback_set2()` (c0f69548 #1285) +- session: handle EINTR from send/recv/poll/select to try again as the error is not fatal (798ed4a7 #1058 #955) +- sftp: increase SFTP_HANDLE_MAXLEN back to 4092 (75de6a37 #1422) +- sftp: implement posix-rename@openssh.com (fb652746 #1386) +- src: implement chacha20-poly1305@openssh.com (492bc543 #1426 #584) +- src: use `UINT32_MAX` (dc206408 #1413) +- src: fix type warning in `libssh2_sftp_unlink` macro (ac2e8c73 #1406) +- src: check the return value from `_libssh2_bn_*()` functions (95c824d5 #1354) +- src: support RSA-SHA2 cert-based authentication (rsa-sha2-512_cert and rsa-sha2-256_cert) (3a6ab70d #1314) +- src: check hash update/final success (4718ede4 #1303 #1301) +- src: check hash init success (2ed9eb92 #1301) +- src: add 'strict KEX' to fix CVE-2023-48795 "Terrapin Attack" (d34d9258 #1291 #1290) +- src: disable `-Wsign-conversion` warnings, add option to re-enable (6e451669 #1284 #1257) +- src: fix gcc 13 `-Wconversion` warning on Darwin (8cca7b77 #1209 follow: 08354e0a) +- src: drop a redundant `#include` (1f0174d0 #1153) +- src: improve MSVC C4701 warning fix (8b924999 #1086 #876 #1083) +- src: bump `hash_len` to `size_t` in `LIBSSH2_HOSTKEY_METHOD` (8b917d76 #1076) +- src: bump DSA and ECDSA sign `hash_len` to `size_t` (7b8e0225 #1055) +- tests: avoid using `MAXPATHLEN`, for portability (12427f4f #1415 #198 #1414) +- tests: fix excluding AES-GCM tests (fbd9d192 #1410) +- tests: drop default cygpath option `-u` (38e50aa0) +- tests: fix shellcheck issues in `test_sshd.test` (a2ac8c55) +- tests: sync port number type with the rest of codebase (eb996af8) +- tests: fall back to `$LOGNAME` for username (5326a5ce #1241 #1240) +- tests: show cmake version used in integration tests (2cd2f40e #1201) +- tests: formatting and tidy-ups (e61987a3) +- tests: replace FIXME with comments (1a99a86a) +- tests: add aes256-gcm encrypted key test (802336cf #1135 #1133) +- tests: trap signals in scripts (b2916b28 #1098) +- tests: cast to avoid `-Wchar-subscripts` with Cygwin (43df6a46 #1081 #1080) +- test_read: make it run without Docker (57e9d18e #1139) +- test_sshd.test: show sshd and test connect logs on harness failure (299c2040 #1097) +- test_sshd.test: set a safe PID directory (e8cabdcf #1089) +- test_sshd.test: minor cleanups (d29eea1d) +- tidy-up: link updates (c905bfd2 #1434) +- tidy-up: typo in comment (792e1b6f) +- tidy-up: fix typo found by codespell (706ec36d) +- tidy-up: bump casts from int to long for large C99 types in printfs (2e5a8719 #1264 #1257) +- tidy-up: `unsigned` -> `unsigned int` (b136c379) +- tidy-up: stop using leading underscores in macro names (c6589b88 #1248) +- tidy-up: around `stdint.h` (bfa00f1b #1212) +- tidy-up: fix typo in `readme.vms` (a9a79e7a) +- tidy-up: use built-in `_WIN32` macro to detect Windows (6fbc9505 #1195) +- tidy-up: drop `www.` from `www.libssh2.org` (6e3e8839 #1172) +- tidy-up: delete duplicate word from comment (76307435) +- tidy-up: avoid exclamations, prefer single quotes, in outputs (003fb454 #1079) +- TODO: disable or drop weak algos (0b4bdc85 #1261) +- transport: fix unstable connections over non-blocking sockets (de004875 #1454 #720 #1431 #1397) +- transport: check ETM on remote end when receiving (bde10825 #1332 #1331) +- transport: fix incorrect byte offset in debug message (2388a3aa #1096) +- userauth: avoid oob with huge interactive kbd response (f3a85cad #1337) +- userauth: add a new structure to separate memory read and file read (63b4c20e #773) +- userauth: check whether `*key_method` is a NULL pointer instead of `key_method` (bec57c40) +- wincng: fix `DH_GEX_MAXGROUP` set higher than supported (48584671 #1372 #493) +- wincng: add to ci/GHA, add `./configure` option `--enable-ecdsa-wincng` (3f98bfb0 #1368 #1315) +- wincng: add ECDSA support for host and user authentication (3e723437 #1315) +- wincng: prefer `ULONG`/`DWORD` over `unsigned long` (186c1d63 #1165) +- wincng: tidy-ups (7bb669b5 #1164) +- wolfssl: drop header path hack (8ae1b2d7 #1439) +- wolfssl: fix `EVP_Cipher()` use with v5.6.0 and older (a5b0fac2 #1407 #1394 #797 #1299 #1020) +- wolfssl: bump version in upstream issue comment (5cab802c) +- wolfssl: require v5.4.0 for AES-GCM (260a721c #1411 #1299 #1020) +- wolfssl: enable debug logging in wolfSSL when compiled in (76e7a68a #1310) This release would not have looked like this without help, code, reports and advice from friends like these: - katzer, Orgad Shaneh, mark-i-m, Zenju, axjowa, Thilo Schulz, - Etienne Samson, hlefebvre, seba30, Panos, jethrogb, Fabrice Fontaine, - Will Cosgrove, Daniel Stenberg, Michael Buckley, Wallace Souza Silva, - Romain-Geissler-1A, meierha, Tseng Jun, Thomas Klausner, Brendan Shanks, - Harry Sintonen, monnerat, Koutheir Attouchi, Marc Hörsken, yann-morin-1998, - Wez Furlong, TDi-jonesds, David Benjamin, Max Dymond, Igor Klevanets, - Viktor Szakats, Laurent Stacul, Mstrodl, Gabriel Smith, MarcT512, - Paul Capron, teottin, Tor Erik Ottinsen, Brian Inglis - - (40 contributors) + Viktor Szakats, Michael Buckley, Patrick Monnerat, Ren Mingshuai, + Will Cosgrove, Daniel Stenberg, Josef Cejka, Nicolas Mora, Ryan Kelley, + Aaron Stone, Adam, Anders Borum, András Fekete, Andrei Augustin, binary1248, + Brian Inglis, brucsc on GitHub, concussious on github, Dan Fandrich, + dksslq on github, Haowei Hsu, Harmen Stoppels, Harry Mallon, Jack L, + Jakob Egger, Jiwoo Park, João M. S. Silva, Joel Depooter, Johannes Passing, + Jose Quaresma, Juliusz Sosinowicz, Kai Pastor, Kenneth Davidson, + klux21 on github, Lyndon Brown, Marc Hoersken, mike-jumper, naddy, + Nursan Valeyev, Paul Howarth, PewPewPew, Radek Brich, rahmanih on github, + rolag on github, Seo Suchan, shubhamhii on github, Steve McIntyre, + Tejaswi Kandula, Tobias Stoeckmann, Trzik, Xi Ruoyao diff --git a/acinclude.m4 b/acinclude.m4 index 2066f0e..e06476f 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -1,3 +1,134 @@ +# Copyright (C) The libssh2 project and its contributors. +# SPDX-License-Identifier: BSD-3-Clause +dnl CURL_CPP_P +dnl +dnl Check if $cpp -P should be used for extract define values due to gcc 5 +dnl splitting up strings and defines between line outputs. gcc by default +dnl (without -P) will show TEST EINVAL TEST as +dnl +dnl # 13 "conftest.c" +dnl TEST +dnl # 13 "conftest.c" 3 4 +dnl 22 +dnl # 13 "conftest.c" +dnl TEST + +AC_DEFUN([CURL_CPP_P], [ + AC_MSG_CHECKING([if cpp -P is needed]) + AC_EGREP_CPP([TEST.*TEST], [ + #include +TEST EINVAL TEST + ], [cpp=no], [cpp=yes]) + AC_MSG_RESULT([$cpp]) + + dnl we need cpp -P so check if it works then + if test "x$cpp" = "xyes"; then + AC_MSG_CHECKING([if cpp -P works]) + OLDCPPFLAGS=$CPPFLAGS + CPPFLAGS="$CPPFLAGS -P" + AC_EGREP_CPP([TEST.*TEST], [ + #include +TEST EINVAL TEST + ], [cpp_p=yes], [cpp_p=no]) + AC_MSG_RESULT([$cpp_p]) + + if test "x$cpp_p" = "xno"; then + AC_MSG_WARN([failed to figure out cpp -P alternative]) + # without -P + CPPPFLAG="" + else + # with -P + CPPPFLAG="-P" + fi + dnl restore CPPFLAGS + CPPFLAGS=$OLDCPPFLAGS + else + # without -P + CPPPFLAG="" + fi +]) + +dnl CURL_CHECK_DEF (SYMBOL, [INCLUDES], [SILENT]) +dnl ------------------------------------------------- +dnl Use the C preprocessor to find out if the given object-style symbol +dnl is defined and get its expansion. This macro will not use default +dnl includes even if no INCLUDES argument is given. This macro will run +dnl silently when invoked with three arguments. If the expansion would +dnl result in a set of double-quoted strings the returned expansion will +dnl actually be a single double-quoted string concatenating all them. + +AC_DEFUN([CURL_CHECK_DEF], [ + AC_REQUIRE([CURL_CPP_P])dnl + OLDCPPFLAGS=$CPPFLAGS + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" + AS_VAR_PUSHDEF([ac_HaveDef], [curl_cv_have_def_$1])dnl + AS_VAR_PUSHDEF([ac_Def], [curl_cv_def_$1])dnl + if test -z "$SED"; then + AC_MSG_ERROR([SED not set. Cannot continue without SED being set.]) + fi + if test -z "$GREP"; then + AC_MSG_ERROR([GREP not set. Cannot continue without GREP being set.]) + fi + ifelse($3,,[AC_MSG_CHECKING([for preprocessor definition of $1])]) + tmp_exp="" + AC_PREPROC_IFELSE([ + AC_LANG_SOURCE( +ifelse($2,,,[$2])[[ +#ifdef $1 +CURL_DEF_TOKEN $1 +#endif + ]]) + ],[ + tmp_exp=`eval "$ac_cpp conftest.$ac_ext" 2>/dev/null | \ + "$GREP" CURL_DEF_TOKEN 2>/dev/null | \ + "$SED" 's/.*CURL_DEF_TOKEN[[ ]][[ ]]*//' 2>/dev/null | \ + "$SED" 's/[["]][[ ]]*[["]]//g' 2>/dev/null` + if test -z "$tmp_exp" || test "$tmp_exp" = "$1"; then + tmp_exp="" + fi + ]) + if test -z "$tmp_exp"; then + AS_VAR_SET(ac_HaveDef, no) + ifelse($3,,[AC_MSG_RESULT([no])]) + else + AS_VAR_SET(ac_HaveDef, yes) + AS_VAR_SET(ac_Def, $tmp_exp) + ifelse($3,,[AC_MSG_RESULT([$tmp_exp])]) + fi + AS_VAR_POPDEF([ac_Def])dnl + AS_VAR_POPDEF([ac_HaveDef])dnl + CPPFLAGS=$OLDCPPFLAGS +]) + +dnl CURL_CHECK_COMPILER_CLANG +dnl ------------------------------------------------- +dnl Verify if compiler being used is clang. + +AC_DEFUN([CURL_CHECK_COMPILER_CLANG], [ + AC_BEFORE([$0],[CURL_CHECK_COMPILER_GNU_C])dnl + AC_MSG_CHECKING([if compiler is clang]) + CURL_CHECK_DEF([__clang__], [], [silent]) + if test "$curl_cv_have_def___clang__" = "yes"; then + AC_MSG_RESULT([yes]) + AC_MSG_CHECKING([if compiler is xlclang]) + CURL_CHECK_DEF([__ibmxl__], [], [silent]) + if test "$curl_cv_have_def___ibmxl__" = "yes" ; then + dnl IBM's almost-compatible clang version + AC_MSG_RESULT([yes]) + compiler_id="XLCLANG" + else + AC_MSG_RESULT([no]) + compiler_id="CLANG" + fi + flags_dbg_yes="-g" + flags_opt_all="-O -O0 -O1 -O2 -Os -O3 -O4" + flags_opt_yes="-O2" + flags_opt_off="-O0" + else + AC_MSG_RESULT([no]) + fi +]) dnl ********************************************************************** dnl CURL_DETECT_ICC ([ACTION-IF-YES]) @@ -7,146 +138,490 @@ dnl sets the $ICC variable to "yes" or "no" dnl ********************************************************************** AC_DEFUN([CURL_DETECT_ICC], [ - ICC="no" - AC_MSG_CHECKING([for icc in use]) - if test "$GCC" = "yes"; then - dnl check if this is icc acting as gcc in disguise - AC_EGREP_CPP([^__INTEL_COMPILER], [__INTEL_COMPILER], - dnl action if the text is found, this it has not been replaced by the - dnl cpp - ICC="no", - dnl the text was not found, it was replaced by the cpp - ICC="yes" - AC_MSG_RESULT([yes]) - [$1] - ) - fi - if test "$ICC" = "no"; then - # this is not ICC - AC_MSG_RESULT([no]) - fi + ICC="no" + AC_MSG_CHECKING([for icc in use]) + if test "$GCC" = "yes"; then + dnl check if this is icc acting as gcc in disguise + AC_EGREP_CPP([^__INTEL_COMPILER], [__INTEL_COMPILER], + dnl action if the text is found, this it has not been replaced by the + dnl cpp + ICC="no", + dnl the text was not found, it was replaced by the cpp + ICC="yes" + AC_MSG_RESULT([yes]) + [$1] + ) + fi + if test "$ICC" = "no"; then + # this is not ICC + AC_MSG_RESULT([no]) + fi ]) dnl We create a function for detecting which compiler we use and then set as -dnl pendantic compiler options as possible for that particular compiler. The +dnl pedantic compiler options as possible for that particular compiler. The dnl options are only used for debug-builds. AC_DEFUN([CURL_CC_DEBUG_OPTS], [ - if test "z$ICC" = "z"; then - CURL_DETECT_ICC + if test "z$CLANG" = "z"; then + CURL_CHECK_COMPILER_CLANG + if test "z$compiler_id" = "zCLANG"; then + CLANG="yes" + else + CLANG="no" fi + fi + if test "z$ICC" = "z"; then + CURL_DETECT_ICC + fi - if test "$GCC" = "yes"; then - - dnl figure out gcc version! - AC_MSG_CHECKING([gcc version]) - gccver=`$CC -dumpversion` - num1=`echo $gccver | cut -d . -f1` - num2=`echo $gccver | cut -d . -f2` - gccnum=`(expr $num1 "*" 100 + $num2) 2>/dev/null` - AC_MSG_RESULT($gccver) - - if test "$ICC" = "yes"; then - dnl this is icc, not gcc. - - dnl ICC warnings we ignore: - dnl * 269 warns on our "%Od" printf formatters for curl_off_t output: - dnl "invalid format string conversion" - dnl * 279 warns on static conditions in while expressions - dnl * 981 warns on "operands are evaluated in unspecified order" - dnl * 1418 "external definition with no prior declaration" - dnl * 1419 warns on "external declaration in primary source file" - dnl which we know and do on purpose. - - WARN="-wd279,269,981,1418,1419" - - if test "$gccnum" -gt "600"; then - dnl icc 6.0 and older doesn't have the -Wall flag - WARN="-Wall $WARN" - fi - else dnl $ICC = yes - dnl this is a set of options we believe *ALL* gcc versions support: - WARN="-W -Wall -Wwrite-strings -pedantic -Wpointer-arith -Wnested-externs -Winline -Wmissing-prototypes" - - dnl -Wcast-align is a bit too annoying on all gcc versions ;-) - - if test "$gccnum" -ge "207"; then - dnl gcc 2.7 or later - WARN="$WARN -Wmissing-declarations" - fi - - if test "$gccnum" -gt "295"; then - dnl only if the compiler is newer than 2.95 since we got lots of - dnl "`_POSIX_C_SOURCE' is not defined" in system headers with - dnl gcc 2.95.4 on FreeBSD 4.9! - WARN="$WARN -Wundef -Wno-long-long -Wsign-compare" - fi - - if test "$gccnum" -ge "296"; then - dnl gcc 2.96 or later - WARN="$WARN -Wfloat-equal" - fi - - if test "$gccnum" -gt "296"; then - dnl this option does not exist in 2.96 - WARN="$WARN -Wno-format-nonliteral" - fi - - dnl -Wunreachable-code seems totally unreliable on my gcc 3.3.2 on - dnl on i686-Linux as it gives us heaps with false positives. - dnl Also, on gcc 4.0.X it is totally unbearable and complains all - dnl over making it unusable for generic purposes. Let's not use it. - - if test "$gccnum" -ge "303"; then - dnl gcc 3.3 and later - WARN="$WARN -Wendif-labels -Wstrict-prototypes" - fi - - if test "$gccnum" -ge "304"; then - # try these on gcc 3.4 - WARN="$WARN -Wdeclaration-after-statement" - fi - - for flag in $CPPFLAGS; do - case "$flag" in - -I*) - dnl Include path, provide a -isystem option for the same dir - dnl to prevent warnings in those dirs. The -isystem was not very - dnl reliable on earlier gcc versions. - add=`echo $flag | sed 's/^-I/-isystem /g'` - WARN="$WARN $add" + if test "$CLANG" = "yes"; then + + # indentation to match curl's m4/curl-compilers.m4 + + dnl figure out clang version! + AC_MSG_CHECKING([compiler version]) + fullclangver=`$CC -v 2>&1 | grep version` + if echo $fullclangver | grep 'Apple' >/dev/null; then + appleclang=1 + else + appleclang=0 + fi + clangver=`echo $fullclangver | grep "based on LLVM " | "$SED" 's/.*(based on LLVM \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*)/\1/'` + if test -z "$clangver"; then + clangver=`echo $fullclangver | "$SED" 's/.*version \(@<:@0-9@:>@*\.@<:@0-9@:>@*\).*/\1/'` + oldapple=0 + else + oldapple=1 + fi + clangvhi=`echo $clangver | cut -d . -f1` + clangvlo=`echo $clangver | cut -d . -f2` + compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null` + if test "$appleclang" = '1' && test "$oldapple" = '0'; then + dnl Starting with Xcode 7 / clang 3.7, Apple clang won't tell its upstream version + if test "$compiler_num" -ge '1300'; then compiler_num='1200' + elif test "$compiler_num" -ge '1205'; then compiler_num='1101' + elif test "$compiler_num" -ge '1204'; then compiler_num='1000' + elif test "$compiler_num" -ge '1107'; then compiler_num='900' + elif test "$compiler_num" -ge '1103'; then compiler_num='800' + elif test "$compiler_num" -ge '1003'; then compiler_num='700' + elif test "$compiler_num" -ge '1001'; then compiler_num='600' + elif test "$compiler_num" -ge '904'; then compiler_num='500' + elif test "$compiler_num" -ge '902'; then compiler_num='400' + elif test "$compiler_num" -ge '803'; then compiler_num='309' + elif test "$compiler_num" -ge '703'; then compiler_num='308' + else compiler_num='307' + fi + fi + AC_MSG_RESULT([clang '$compiler_num' (raw: '$fullclangver' / '$clangver')]) + + tmp_CFLAGS="-pedantic" + if test "$want_werror" = "yes"; then + LIBSSH2_CFLAG_EXTRAS="$LIBSSH2_CFLAG_EXTRAS -pedantic-errors" + fi + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [all extra]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [pointer-arith write-strings]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [shadow]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [inline nested-externs]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-declarations]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-prototypes]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-long-long" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [float-equal]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [sign-compare]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-multichar" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [undef]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-format-nonliteral" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [endif-labels strict-prototypes]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [declaration-after-statement]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [cast-align]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-system-headers" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [shorten-64-to-32]) + # + dnl Only clang 1.1 or later + if test "$compiler_num" -ge "101"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused]) + fi + # + dnl Only clang 2.7 or later + if test "$compiler_num" -ge "207"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [address]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [attributes]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [bad-function-cast]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [conversion]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [div-by-zero format-security]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [empty-body]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-field-initializers]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-noreturn]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [old-style-definition]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [redundant-decls]) + # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [switch-enum]) # Not used because this basically disallows default case + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [type-limits]) + if test "x$have_windows_h" != "xyes"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused-macros]) # Seen to clash with libtool-generated stub code + fi + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unreachable-code unused-parameter]) + fi + # + dnl Only clang 2.8 or later + if test "$compiler_num" -ge "208"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [ignored-qualifiers]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [vla]) + fi + # + dnl Only clang 2.9 or later + if test "$compiler_num" -ge "209"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [sign-conversion]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-error=sign-conversion" # FIXME + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [shift-sign-overflow]) + # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [padded]) # Not used because we cannot change public structs + fi + # + dnl Only clang 3.0 or later + if test "$compiler_num" -ge "300"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [language-extension-token]) + tmp_CFLAGS="$tmp_CFLAGS -Wformat=2" + fi + # + dnl Only clang 3.2 or later + if test "$compiler_num" -ge "302"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [enum-conversion]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [sometimes-uninitialized]) + case $host_os in + cygwin* | mingw*) + dnl skip missing-variable-declarations warnings for cygwin and + dnl mingw because the libtool wrapper executable causes them ;; - esac - done - - fi dnl $ICC = no - - CFLAGS="$CFLAGS $WARN" - - AC_MSG_NOTICE([Added this set of compiler options: $WARN]) + *) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-variable-declarations]) + ;; + esac + fi + # + dnl Only clang 3.4 or later + if test "$compiler_num" -ge "304"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [header-guard]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused-const-variable]) + fi + # + dnl Only clang 3.5 or later + if test "$compiler_num" -ge "305"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [pragmas]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unreachable-code-break]) + fi + # + dnl Only clang 3.6 or later + if test "$compiler_num" -ge "306"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [double-promotion]) + fi + # + dnl Only clang 3.9 or later + if test "$compiler_num" -ge "309"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [comma]) + # avoid the varargs warning, fixed in 4.0 + # https://bugs.llvm.org/show_bug.cgi?id=29140 + if test "$compiler_num" -lt "400"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-varargs" + fi + fi + dnl clang 7 or later + if test "$compiler_num" -ge "700"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [assign-enum]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [extra-semi-stmt]) + fi + dnl clang 10 or later + if test "$compiler_num" -ge "1000"; then + tmp_CFLAGS="$tmp_CFLAGS -Wimplicit-fallthrough" # we have silencing markup for clang 10.0 and above only + fi + + CFLAGS="$CFLAGS $tmp_CFLAGS" + + AC_MSG_NOTICE([Added this set of compiler options: $tmp_CFLAGS]) + + elif test "$GCC" = "yes"; then + + # indentation to match curl's m4/curl-compilers.m4 + + dnl figure out gcc version! + AC_MSG_CHECKING([compiler version]) + # strip '-suffix' parts, e.g. Ubuntu Windows cross-gcc returns '10-win32' + gccver=`$CC -dumpversion | sed -E 's/-.+$//'` + gccvhi=`echo $gccver | cut -d . -f1` + if echo $gccver | grep -F "." >/dev/null; then + gccvlo=`echo $gccver | cut -d . -f2` + else + gccvlo="0" + fi + compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null` + AC_MSG_RESULT([gcc '$compiler_num' (raw: '$gccver')]) + + if test "$ICC" = "yes"; then + dnl this is icc, not gcc. + + dnl ICC warnings we ignore: + dnl * 269 warns on our "%Od" printf formatters for curl_off_t output: + dnl "invalid format string conversion" + dnl * 279 warns on static conditions in while expressions + dnl * 981 warns on "operands are evaluated in unspecified order" + dnl * 1418 "external definition with no prior declaration" + dnl * 1419 warns on "external declaration in primary source file" + dnl which we know and do on purpose. + + tmp_CFLAGS="-wd279,269,981,1418,1419" + + if test "$compiler_num" -gt "600"; then + dnl icc 6.0 and older doesn't have the -Wall flag + tmp_CFLAGS="-Wall $tmp_CFLAGS" + fi + else dnl $ICC = yes + dnl this is a set of options we believe *ALL* gcc versions support: + tmp_CFLAGS="-pedantic" + if test "$want_werror" = "yes"; then + LIBSSH2_CFLAG_EXTRAS="$LIBSSH2_CFLAG_EXTRAS -pedantic-errors" + fi + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [all]) + tmp_CFLAGS="$tmp_CFLAGS -W" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [pointer-arith write-strings]) + # + dnl Only gcc 2.7 or later + if test "$compiler_num" -ge "207"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [inline nested-externs]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-declarations]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-prototypes]) + fi + # + dnl Only gcc 2.95 or later + if test "$compiler_num" -ge "295"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-long-long" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [bad-function-cast]) + fi + # + dnl Only gcc 2.96 or later + if test "$compiler_num" -ge "296"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [float-equal]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-multichar" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [sign-compare]) + dnl -Wundef used only if gcc is 2.96 or later since we get + dnl lots of "`_POSIX_C_SOURCE' is not defined" in system + dnl headers with gcc 2.95.4 on FreeBSD 4.9 + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [undef]) + fi + # + dnl Only gcc 2.97 or later + if test "$compiler_num" -ge "297"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-format-nonliteral" + fi + # + dnl Only gcc 3.0 or later + if test "$compiler_num" -ge "300"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-system-headers" + dnl -Wunreachable-code seems totally unreliable on my gcc 3.3.2 on + dnl on i686-Linux as it gives us heaps with false positives. + dnl Also, on gcc 4.0.X it is totally unbearable and complains all + dnl over making it unusable for generic purposes. Let's not use it. + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused shadow]) + fi + # + dnl Only gcc 3.3 or later + if test "$compiler_num" -ge "303"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [endif-labels strict-prototypes]) + fi + # + dnl Only gcc 3.4 or later + if test "$compiler_num" -ge "304"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [declaration-after-statement]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [old-style-definition]) + fi + # + dnl Only gcc 4.0 or later + if test "$compiler_num" -ge "400"; then + tmp_CFLAGS="$tmp_CFLAGS -Wstrict-aliasing=3" + fi + # + dnl Only gcc 4.1 or later (possibly earlier) + if test "$compiler_num" -ge "401"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [attributes]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [div-by-zero format-security]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-field-initializers]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-noreturn]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unreachable-code unused-parameter]) + # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [padded]) # Not used because we cannot change public structs + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [pragmas]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [redundant-decls]) + # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [switch-enum]) # Not used because this basically disallows default case + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused-macros]) + fi + # + dnl Only gcc 4.2 or later + if test "$compiler_num" -ge "402"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [cast-align]) + fi + # + dnl Only gcc 4.3 or later + if test "$compiler_num" -ge "403"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [address]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [type-limits old-style-declaration]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [missing-parameter-type empty-body]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [clobbered ignored-qualifiers]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [conversion trampolines]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [sign-conversion]) + tmp_CFLAGS="$tmp_CFLAGS -Wno-error=sign-conversion" # FIXME + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [vla]) + dnl required for -Warray-bounds, included in -Wall + tmp_CFLAGS="$tmp_CFLAGS -ftree-vrp" + fi + # + dnl Only gcc 4.5 or later + if test "$compiler_num" -ge "405"; then + dnl Only windows targets + case $host_os in + mingw*) + tmp_CFLAGS="$tmp_CFLAGS -Wno-pedantic-ms-format" + ;; + esac + fi + # + dnl Only gcc 4.6 or later + if test "$compiler_num" -ge "406"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [double-promotion]) + fi + # + dnl only gcc 4.8 or later + if test "$compiler_num" -ge "408"; then + tmp_CFLAGS="$tmp_CFLAGS -Wformat=2" + fi + # + dnl Only gcc 5 or later + if test "$compiler_num" -ge "500"; then + tmp_CFLAGS="$tmp_CFLAGS -Warray-bounds=2" + fi + # + dnl Only gcc 6 or later + if test "$compiler_num" -ge "600"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [shift-negative-value]) + tmp_CFLAGS="$tmp_CFLAGS -Wshift-overflow=2" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [null-dereference]) + tmp_CFLAGS="$tmp_CFLAGS -fdelete-null-pointer-checks" + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [duplicated-cond]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [unused-const-variable]) + fi + # + dnl Only gcc 7 or later + if test "$compiler_num" -ge "700"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [duplicated-branches]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [restrict]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [alloc-zero]) + tmp_CFLAGS="$tmp_CFLAGS -Wformat-overflow=2" + tmp_CFLAGS="$tmp_CFLAGS -Wformat-truncation=2" + tmp_CFLAGS="$tmp_CFLAGS -Wimplicit-fallthrough" + fi + # + dnl Only gcc 10 or later + if test "$compiler_num" -ge "1000"; then + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [arith-conversion]) + CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [enum-conversion]) + fi + + for flag in $CPPFLAGS; do + case "$flag" in + -I*) + dnl Include path, provide a -isystem option for the same dir + dnl to prevent warnings in those dirs. The -isystem was not very + dnl reliable on earlier gcc versions. + add=`echo $flag | sed 's/^-I/-isystem /g'` + tmp_CFLAGS="$tmp_CFLAGS $add" + ;; + esac + done + + fi dnl $ICC = no + + CFLAGS="$CFLAGS $tmp_CFLAGS" + + AC_MSG_NOTICE([Added this set of compiler options: $tmp_CFLAGS]) + + else dnl $GCC = yes + + AC_MSG_NOTICE([Added no extra compiler options]) + + fi dnl $GCC = yes + + dnl strip off optimizer flags + NEWFLAGS="" + for flag in $CFLAGS; do + case "$flag" in + -O*) + dnl echo "cut off $flag" + ;; + *) + NEWFLAGS="$NEWFLAGS $flag" + ;; + esac + done + CFLAGS=$NEWFLAGS - else dnl $GCC = yes +]) dnl end of AC_DEFUN() - AC_MSG_NOTICE([Added no extra compiler options]) +dnl CURL_ADD_COMPILER_WARNINGS (WARNING-LIST, NEW-WARNINGS) +dnl ------------------------------------------------------- +dnl Contents of variable WARNING-LIST and NEW-WARNINGS are +dnl handled as whitespace separated lists of words. +dnl Add each compiler warning from NEW-WARNINGS that has not +dnl been disabled via CFLAGS to WARNING-LIST. + +AC_DEFUN([CURL_ADD_COMPILER_WARNINGS], [ + AC_REQUIRE([CURL_SHFUNC_SQUEEZE])dnl + ac_var_added_warnings="" + for warning in [$2]; do + CURL_VAR_MATCH(CFLAGS, [-Wno-$warning -W$warning]) + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + dnl squeeze whitespace out of result + [$1]="$[$1] $ac_var_added_warnings" + squeeze [$1] +]) - fi dnl $GCC = yes +dnl CURL_SHFUNC_SQUEEZE +dnl ------------------------------------------------- +dnl Declares a shell function squeeze() which removes +dnl redundant whitespace out of a shell variable. + +AC_DEFUN([CURL_SHFUNC_SQUEEZE], [ +squeeze() { + _sqz_result="" + eval _sqz_input=\[$][$]1 + for _sqz_token in $_sqz_input; do + if test -z "$_sqz_result"; then + _sqz_result="$_sqz_token" + else + _sqz_result="$_sqz_result $_sqz_token" + fi + done + eval [$]1=\$_sqz_result + return 0 +} +]) - dnl strip off optimizer flags - NEWFLAGS="" - for flag in $CFLAGS; do - case "$flag" in - -O*) - dnl echo "cut off $flag" - ;; - *) - NEWFLAGS="$NEWFLAGS $flag" - ;; - esac +dnl CURL_VAR_MATCH (VARNAME, VALUE) +dnl ------------------------------------------------- +dnl Verifies if shell variable VARNAME contains VALUE. +dnl Contents of variable VARNAME and VALUE are handled +dnl as whitespace separated lists of words. If at least +dnl one word of VALUE is present in VARNAME the match +dnl is considered positive, otherwise false. + +AC_DEFUN([CURL_VAR_MATCH], [ + ac_var_match_word="no" + for word1 in $[$1]; do + for word2 in [$2]; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi done - CFLAGS=$NEWFLAGS - -]) dnl end of AC_DEFUN() + done +]) dnl CURL_CHECK_NONBLOCKING_SOCKET dnl ------------------------------------------------- @@ -163,12 +638,12 @@ AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET], [ AC_MSG_CHECKING([non-blocking sockets style]) - AC_TRY_COMPILE([ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ /* headers for O_NONBLOCK test */ #include #include #include -],[ +]], [[ /* try to compile O_NONBLOCK */ #if defined(sun) || defined(__sun__) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) @@ -187,22 +662,22 @@ AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET], #endif int socket; int flags = fcntl(socket, F_SETFL, flags | O_NONBLOCK); -],[ +]])],[ dnl the O_NONBLOCK test was fine nonblock="O_NONBLOCK" AC_DEFINE(HAVE_O_NONBLOCK, 1, [use O_NONBLOCK for non-blocking sockets]) ],[ dnl the code was bad, try a different program now, test 2 - AC_TRY_COMPILE([ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ /* headers for FIONBIO test */ #include #include -],[ +]], [[ /* FIONBIO source test (old-style unix) */ int socket; int flags = ioctl(socket, FIONBIO, &flags); -],[ +]])],[ dnl FIONBIO test was good nonblock="FIONBIO" AC_DEFINE(HAVE_FIONBIO, 1, [use FIONBIO for non-blocking sockets]) @@ -210,67 +685,34 @@ AC_DEFINE(HAVE_FIONBIO, 1, [use FIONBIO for non-blocking sockets]) dnl FIONBIO test was also bad dnl the code was bad, try a different program now, test 3 - AC_TRY_COMPILE([ -/* headers for ioctlsocket test (Windows) */ -#undef inline -#ifdef HAVE_WINDOWS_H -#ifndef WIN32_LEAN_AND_MEAN -#define WIN32_LEAN_AND_MEAN -#endif -#include -#ifdef HAVE_WINSOCK2_H -#include -#else -#ifdef HAVE_WINSOCK_H -#include -#endif -#endif -#endif -],[ -/* ioctlsocket source code */ - SOCKET sd; - unsigned long flags = 0; - sd = socket(0, 0, 0); - ioctlsocket(sd, FIONBIO, &flags); -],[ -dnl ioctlsocket test was good -nonblock="ioctlsocket" -AC_DEFINE(HAVE_IOCTLSOCKET, 1, [use ioctlsocket() for non-blocking sockets]) -],[ -dnl ioctlsocket didnt compile!, go to test 4 - - AC_TRY_LINK([ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[ /* headers for IoctlSocket test (Amiga?) */ #include -],[ +]], [[ /* IoctlSocket source code */ int socket; int flags = IoctlSocket(socket, FIONBIO, (long)1); -],[ +]])],[ dnl ioctlsocket test was good nonblock="IoctlSocket" AC_DEFINE(HAVE_IOCTLSOCKET_CASE, 1, [use Ioctlsocket() for non-blocking sockets]) ],[ -dnl Ioctlsocket didnt compile, do test 5! - AC_TRY_COMPILE([ +dnl Ioctlsocket did not compile, do test 4! + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ /* headers for SO_NONBLOCK test (BeOS) */ #include -],[ +]], [[ /* SO_NONBLOCK source code */ long b = 1; int socket; int flags = setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); -],[ +]])],[ dnl the SO_NONBLOCK test was good nonblock="SO_NONBLOCK" AC_DEFINE(HAVE_SO_NONBLOCK, 1, [use SO_NONBLOCK for non-blocking sockets]) ],[ -dnl test 5 didnt compile! +dnl test 4 did not compile! nonblock="nada" -AC_DEFINE(HAVE_DISABLED_NONBLOCKING, 1, [disabled non-blocking sockets]) -]) -dnl end of fifth test - ]) dnl end of forth test @@ -390,7 +832,7 @@ dnl autoconf only checks $prefix/lib64 if gcc -print-search-dirs output dnl includes a directory named lib64. So, to find libraries in $prefix/lib dnl we append -L$prefix/lib to LDFLAGS before checking. dnl -dnl For conveniece, $4 is expanded if [lib]$1 is found. +dnl For convenience, $4 is expanded if [lib]$1 is found. AC_DEFUN([LIBSSH2_LIB_HAVE_LINKFLAGS], [ libssh2_save_CPPFLAGS="$CPPFLAGS" @@ -403,12 +845,11 @@ AC_DEFUN([LIBSSH2_LIB_HAVE_LINKFLAGS], [ AC_LIB_HAVE_LINKFLAGS([$1], [$2], [$3]) - LDFLAGS="$libssh2_save_LDFLAGS" - if test "$ac_cv_lib$1" = "yes"; then : $4 else CPPFLAGS="$libssh2_save_CPPFLAGS" + LDFLAGS="$libssh2_save_LDFLAGS" fi ]) @@ -418,22 +859,24 @@ m4_case([$1], [openssl], [ LIBSSH2_LIB_HAVE_LINKFLAGS([ssl], [crypto], [#include ], [ AC_DEFINE(LIBSSH2_OPENSSL, 1, [Use $1]) - LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libssl libcrypto" - - # Not all OpenSSL have AES-CTR functions. - libssh2_save_LIBS="$LIBS" - LIBS="$LIBS $LIBSSL" - AC_CHECK_FUNCS(EVP_aes_128_ctr) - LIBS="$libssh2_save_LIBS" + LIBSSH2_PC_REQUIRES_PRIVATE="$LIBSSH2_PC_REQUIRES_PRIVATE${LIBSSH2_PC_REQUIRES_PRIVATE:+,}libcrypto" + found_crypto="$1" + found_crypto_str="OpenSSL" + ]) +], +[wolfssl], [ + LIBSSH2_LIB_HAVE_LINKFLAGS([wolfssl], [], [#include ], [ + AC_DEFINE(LIBSSH2_WOLFSSL, 1, [Use $1]) + LIBSSH2_PC_REQUIRES_PRIVATE="$LIBSSH2_PC_REQUIRES_PRIVATE${LIBSSH2_PC_REQUIRES_PRIVATE:+,}wolfssl" found_crypto="$1" - found_crypto_str="OpenSSL (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A})" ]) ], [libgcrypt], [ LIBSSH2_LIB_HAVE_LINKFLAGS([gcrypt], [], [#include ], [ AC_DEFINE(LIBSSH2_LIBGCRYPT, 1, [Use $1]) + LIBSSH2_PC_REQUIRES_PRIVATE="$LIBSSH2_PC_REQUIRES_PRIVATE${LIBSSH2_PC_REQUIRES_PRIVATE:+,}libgcrypt" found_crypto="$1" ]) ], @@ -443,29 +886,25 @@ m4_case([$1], AC_DEFINE(LIBSSH2_MBEDTLS, 1, [Use $1]) LIBS="$LIBS -lmbedcrypto" found_crypto="$1" - support_clear_memory=yes ]) ], [wincng], [ - # Look for Windows Cryptography API: Next Generation - - AC_CHECK_HEADERS([ntdef.h ntstatus.h], [], [], [#include ]) - AC_CHECK_DECLS([SecureZeroMemory], [], [], [#include ]) - - LIBSSH2_LIB_HAVE_LINKFLAGS([crypt32], [], [ - #include - #include - ]) - LIBSSH2_LIB_HAVE_LINKFLAGS([bcrypt], [], [ - #include - #include - ], [ - AC_DEFINE(LIBSSH2_WINCNG, 1, [Use $1]) - found_crypto="$1" - found_crypto_str="Windows Cryptography API: Next Generation" - support_clear_memory="$ac_cv_have_decl_SecureZeroMemory" - ]) + if test "x$have_windows_h" = "xyes"; then + # Look for Windows Cryptography API: Next Generation + + LIBS="$LIBS -lcrypt32" + + # Check necessary for old-MinGW + LIBSSH2_LIB_HAVE_LINKFLAGS([bcrypt], [], [ + #include + #include + ], [ + AC_DEFINE(LIBSSH2_WINCNG, 1, [Use $1]) + found_crypto="$1" + found_crypto_str="Windows Cryptography API: Next Generation" + ]) + fi ], ) test "$found_crypto" = "none" && @@ -486,8 +925,8 @@ AC_DEFUN([LIBSSH2_CHECK_OPTION_WERROR], [ AC_MSG_CHECKING([whether to enable compiler warnings as errors]) OPT_COMPILER_WERROR="default" AC_ARG_ENABLE(werror, -AC_HELP_STRING([--enable-werror],[Enable compiler warnings as errors]) -AC_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]), +AS_HELP_STRING([--enable-werror],[Enable compiler warnings as errors]) +AS_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]), OPT_COMPILER_WERROR=$enableval) case "$OPT_COMPILER_WERROR" in no) @@ -506,7 +945,6 @@ AC_HELP_STRING([--disable-werror],[Disable compiler warnings as errors]), AC_MSG_RESULT([$want_werror]) if test X"$want_werror" = Xyes; then - CFLAGS="$CFLAGS -Werror" + LIBSSH2_CFLAG_EXTRAS="$LIBSSH2_CFLAG_EXTRAS -Werror" fi ]) - diff --git a/aclocal.m4 b/aclocal.m4 index fc56a69..390d9b4 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -1,4 +1,4 @@ -# generated automatically by aclocal 1.16.4 -*- Autoconf -*- +# generated automatically by aclocal 1.16.5 -*- Autoconf -*- # Copyright (C) 1996-2021 Free Software Foundation, Inc. @@ -14,8 +14,8 @@ m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl -m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.71],, -[m4_warning([this file was generated for autoconf 2.71. +m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.72],, +[m4_warning([this file was generated for autoconf 2.72. You have another version of autoconf. It may work, but is not guaranteed to. If you have problems, you may need to regenerate the build system entirely. To do so, use the procedure documented by the package, typically 'autoreconf'.])]) @@ -35,7 +35,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION], [am__api_version='1.16' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.16.4], [], +m4_if([$1], [1.16.5], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -51,7 +51,7 @@ m4_define([_AM_AUTOCONF_VERSION], []) # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.16.4])dnl +[AM_AUTOMAKE_VERSION([1.16.5])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) @@ -428,6 +428,10 @@ m4_defn([AC_PROG_CC]) # release and drop the old call support. AC_DEFUN([AM_INIT_AUTOMAKE], [AC_PREREQ([2.65])dnl +m4_ifdef([_$0_ALREADY_INIT], + [m4_fatal([$0 expanded multiple times +]m4_defn([_$0_ALREADY_INIT]))], + [m4_define([_$0_ALREADY_INIT], m4_expansion_stack)])dnl dnl Autoconf wants to disallow AM_ names. We explicitly allow dnl the ones we care about. m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl @@ -1180,7 +1184,6 @@ AC_SUBST([am__tar]) AC_SUBST([am__untar]) ]) # _AM_PROG_TAR -m4_include([m4/autobuild.m4]) m4_include([m4/lib-ld.m4]) m4_include([m4/lib-link.m4]) m4_include([m4/lib-prefix.m4]) diff --git a/cmake/CheckFunctionExistsMayNeedLibrary.cmake b/cmake/CheckFunctionExistsMayNeedLibrary.cmake index 8ac61ab..d11b201 100644 --- a/cmake/CheckFunctionExistsMayNeedLibrary.cmake +++ b/cmake/CheckFunctionExistsMayNeedLibrary.cmake @@ -1,4 +1,4 @@ -# Copyright (c) 2014 Alexander Lamaison +# Copyright (C) Alexander Lamaison # # Redistribution and use in source and binary forms, # with or without modification, are permitted provided @@ -32,6 +32,8 @@ # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE # USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY # OF SUCH DAMAGE. +# +# SPDX-License-Identifier: BSD-3-Clause # - check_function_exists_maybe_need_library( [lib1 ... libn]) @@ -58,24 +60,22 @@ include(CheckFunctionExists) include(CheckLibraryExists) -function(check_function_exists_may_need_library function variable) +function(check_function_exists_may_need_library _function _variable) - check_function_exists(${function} ${variable}) + check_function_exists(${_function} ${_variable}) - if(NOT ${variable}) - foreach(lib ${ARGN}) - string(TOUPPER ${lib} UP_LIB) + if(NOT ${_variable}) + foreach(_lib IN LISTS ARGN) + string(TOUPPER ${_lib} _up_lib) # Use new variable to prevent cache from previous step shortcircuiting # new test - check_library_exists(${lib} ${function} "" HAVE_${function}_IN_${lib}) - if(HAVE_${function}_IN_${lib}) - set(${variable} 1 CACHE INTERNAL - "Function ${function} found in library ${lib}") - set(NEED_LIB_${UP_LIB} 1 CACHE INTERNAL - "Need to link ${lib}") - break() + check_library_exists(${_lib} ${_function} "" HAVE_${_function}_IN_${_lib}) + if(HAVE_${_function}_IN_${_lib}) + set(${_variable} 1 CACHE INTERNAL "Function ${_function} found in library ${_lib}") + set(NEED_LIB_${_up_lib} 1 CACHE INTERNAL "Need to link ${_lib}") + break() endif() endforeach() endif() -endfunction() \ No newline at end of file +endfunction() diff --git a/cmake/CheckNonblockingSocketSupport.cmake b/cmake/CheckNonblockingSocketSupport.cmake index 74f4776..bb3229c 100644 --- a/cmake/CheckNonblockingSocketSupport.cmake +++ b/cmake/CheckNonblockingSocketSupport.cmake @@ -1,3 +1,5 @@ +# Copyright (C) The libssh2 project and its contributors. +# SPDX-License-Identifier: BSD-3-Clause include(CheckCSourceCompiles) # - check_nonblocking_socket_support() @@ -11,10 +13,8 @@ include(CheckCSourceCompiles) # method (if any): # HAVE_O_NONBLOCK # HAVE_FIONBIO -# HAVE_IOCTLSOCKET # HAVE_IOCTLSOCKET_CASE # HAVE_SO_NONBLOCK -# HAVE_DISABLED_NONBLOCKING # # The following variables may be set before calling this macro to # modify the way the check is run: @@ -47,73 +47,49 @@ macro(check_nonblocking_socket_support) #error \"O_NONBLOCK does not work on this platform\" #endif -int main() +int main(void) { - int socket; - int flags = fcntl(socket, F_SETFL, flags | O_NONBLOCK); + int socket = 0; + (void)fcntl(socket, F_SETFL, O_NONBLOCK); }" - HAVE_O_NONBLOCK) + HAVE_O_NONBLOCK) if(NOT HAVE_O_NONBLOCK) check_c_source_compiles("/* FIONBIO test (old-style unix) */ #include #include -int main() +int main(void) { - int socket; - int flags = ioctl(socket, FIONBIO, &flags); + int socket = 0; + int flags = 0; + (void)ioctl(socket, FIONBIO, &flags); }" - HAVE_FIONBIO) + HAVE_FIONBIO) if(NOT HAVE_FIONBIO) - check_c_source_compiles("/* ioctlsocket test (Windows) */ -#undef inline -#ifndef WIN32_LEAN_AND_MEAN -#define WIN32_LEAN_AND_MEAN -#endif - -#include -#include - -int main() -{ - SOCKET sd; - unsigned long flags = 0; - sd = socket(0, 0, 0); - ioctlsocket(sd, FIONBIO, &flags); -}" - HAVE_IOCTLSOCKET) - - if(NOT HAVE_IOCTLSOCKET) - check_c_source_compiles("/* IoctlSocket test (Amiga?) */ + check_c_source_compiles("/* IoctlSocket test (Amiga?) */ #include -int main() +int main(void) { - int socket; - int flags = IoctlSocket(socket, FIONBIO, (long)1); + int socket = 0; + (void)IoctlSocket(socket, FIONBIO, (long)1); }" HAVE_IOCTLSOCKET_CASE) - if(NOT HAVE_IOCTLSOCKET_CASE) - check_c_source_compiles("/* SO_NONBLOCK test (BeOS) */ + if(NOT HAVE_IOCTLSOCKET_CASE) + check_c_source_compiles("/* SO_NONBLOCK test (BeOS) */ #include -int main() +int main(void) { long b = 1; - int socket; - int flags = setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); + int socket = 0; + (void)setsockopt(socket, SOL_SOCKET, SO_NONBLOCK, &b, sizeof(b)); }" HAVE_SO_NONBLOCK) - - if(NOT HAVE_SO_NONBLOCK) - # No non-blocking socket method found - set(HAVE_DISABLED_NONBLOCKING 1) - endif() - endif() endif() endif() endif() -endmacro() \ No newline at end of file +endmacro() diff --git a/cmake/CopyRuntimeDependencies.cmake b/cmake/CopyRuntimeDependencies.cmake index 083f762..9181e4d 100644 --- a/cmake/CopyRuntimeDependencies.cmake +++ b/cmake/CopyRuntimeDependencies.cmake @@ -1,4 +1,4 @@ -# Copyright (c) 2014 Alexander Lamaison +# Copyright (C) Alexander Lamaison # # Redistribution and use in source and binary forms, # with or without modification, are permitted provided @@ -32,15 +32,16 @@ # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE # USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY # OF SUCH DAMAGE. +# +# SPDX-License-Identifier: BSD-3-Clause include(CMakeParseArguments) -function(ADD_TARGET_TO_COPY_DEPENDENCIES) +function(add_target_to_copy_dependencies) set(options) set(oneValueArgs TARGET) set(multiValueArgs DEPENDENCIES BEFORE_TARGETS) - cmake_parse_arguments(COPY - "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN}) + cmake_parse_arguments(COPY "${options}" "${oneValueArgs}" "${multiValueArgs}" ${ARGN}) if(NOT COPY_DEPENDENCIES) return() @@ -50,23 +51,18 @@ function(ADD_TARGET_TO_COPY_DEPENDENCIES) # parallel builds trying to kick off the commands at the same time add_custom_target(${COPY_TARGET}) - foreach(target ${COPY_BEFORE_TARGETS}) - add_dependencies(${target} ${COPY_TARGET}) + foreach(_target IN LISTS COPY_BEFORE_TARGETS) + add_dependencies(${_target} ${COPY_TARGET}) endforeach() - foreach(dependency ${COPY_DEPENDENCIES}) - + foreach(_dependency IN LISTS COPY_DEPENDENCIES) add_custom_command( TARGET ${COPY_TARGET} - DEPENDS ${dependency} + DEPENDS ${_dependency} # Make directory first otherwise file is copied in place of # directory instead of into it - COMMAND ${CMAKE_COMMAND} - ARGS -E make_directory ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_CFG_INTDIR} - COMMAND ${CMAKE_COMMAND} - ARGS -E copy ${dependency} ${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_CFG_INTDIR} + COMMAND ${CMAKE_COMMAND} ARGS -E make_directory "${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_CFG_INTDIR}" + COMMAND ${CMAKE_COMMAND} ARGS -E copy ${_dependency} "${CMAKE_CURRENT_BINARY_DIR}/${CMAKE_CFG_INTDIR}" VERBATIM) - endforeach() - endfunction() diff --git a/cmake/FindLibgcrypt.cmake b/cmake/FindLibgcrypt.cmake index 44a7987..4582ce9 100644 --- a/cmake/FindLibgcrypt.cmake +++ b/cmake/FindLibgcrypt.cmake @@ -1,53 +1,59 @@ -# Copyright (c) 2014 Alexander Lamaison +# Copyright (C) The libssh2 project and its contributors. +# SPDX-License-Identifier: BSD-3-Clause # -# Redistribution and use in source and binary forms, -# with or without modification, are permitted provided -# that the following conditions are met: +########################################################################### +# Find the libgcrypt library # -# Redistributions of source code must retain the above -# copyright notice, this list of conditions and the -# following disclaimer. +# Input variables: # -# Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following -# disclaimer in the documentation and/or other materials -# provided with the distribution. +# LIBGCRYPT_INCLUDE_DIR The libgcrypt include directory +# LIBGCRYPT_LIBRARY Path to libgcrypt library # -# Neither the name of the copyright holder nor the names -# of any other contributors may be used to endorse or -# promote products derived from this software without -# specific prior written permission. +# Result variables: # -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND -# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, -# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR -# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY -# OF SUCH DAMAGE. +# LIBGCRYPT_FOUND System has libgcrypt +# LIBGCRYPT_INCLUDE_DIRS The libgcrypt include directories +# LIBGCRYPT_LIBRARIES The libgcrypt library names +# LIBGCRYPT_LIBRARY_DIRS The libgcrypt library directories +# LIBGCRYPT_CFLAGS Required compiler flags +# LIBGCRYPT_VERSION Version of libgcrypt -# - Try to find Libgcrypt -# This will define all or none of: -# LIBGCRYPT_FOUND - if Libgcrypt headers and library was found -# LIBGCRYPT_INCLUDE_DIRS - The Libgcrypt include directories -# LIBGCRYPT_LIBRARIES - The libraries needed to use Libgcrypt +if((UNIX OR VCPKG_TOOLCHAIN OR (MINGW AND NOT CMAKE_CROSSCOMPILING)) AND + NOT DEFINED LIBGCRYPT_INCLUDE_DIR AND + NOT DEFINED LIBGCRYPT_LIBRARY) + find_package(PkgConfig QUIET) + pkg_check_modules(LIBGCRYPT "libgcrypt") +endif() -find_path(LIBGCRYPT_INCLUDE_DIR gcrypt.h) +if(LIBGCRYPT_FOUND) + string(REPLACE ";" " " LIBGCRYPT_CFLAGS "${LIBGCRYPT_CFLAGS}") + message(STATUS "Found Libgcrypt (via pkg-config): ${LIBGCRYPT_INCLUDE_DIRS} (found version \"${LIBGCRYPT_VERSION}\")") +else() + find_path(LIBGCRYPT_INCLUDE_DIR NAMES "gcrypt.h") + find_library(LIBGCRYPT_LIBRARY NAMES "gcrypt" "libgcrypt") -find_library(LIBGCRYPT_LIBRARY NAMES gcrypt libgcrypt) + if(LIBGCRYPT_INCLUDE_DIR AND EXISTS "${LIBGCRYPT_INCLUDE_DIR}/gcrypt.h") + set(_version_regex "#[\t ]*define[\t ]+GCRYPT_VERSION[\t ]+\"([^\"]*)\"") + file(STRINGS "${LIBGCRYPT_INCLUDE_DIR}/gcrypt.h" _version_str REGEX "${_version_regex}") + string(REGEX REPLACE "${_version_regex}" "\\1" _version_str "${_version_str}") + set(LIBGCRYPT_VERSION "${_version_str}") + unset(_version_regex) + unset(_version_str) + endif() -set(LIBGCRYPT_LIBRARIES ${LIBGCRYPT_LIBRARY}) -set(LIBGCRYPT_INCLUDE_DIRS ${LIBGCRYPT_INCLUDE_DIR}) + include(FindPackageHandleStandardArgs) + find_package_handle_standard_args(Libgcrypt + REQUIRED_VARS + LIBGCRYPT_INCLUDE_DIR + LIBGCRYPT_LIBRARY + VERSION_VAR + LIBGCRYPT_VERSION + ) -include(FindPackageHandleStandardArgs) -find_package_handle_standard_args(Libgcrypt DEFAULT_MSG - LIBGCRYPT_LIBRARY LIBGCRYPT_INCLUDE_DIR) + if(LIBGCRYPT_FOUND) + set(LIBGCRYPT_INCLUDE_DIRS ${LIBGCRYPT_INCLUDE_DIR}) + set(LIBGCRYPT_LIBRARIES ${LIBGCRYPT_LIBRARY}) + endif() -mark_as_advanced(LIBGCRYPT_INCLUDE_DIR LIBGCRYPT_LIBRARY) \ No newline at end of file + mark_as_advanced(LIBGCRYPT_INCLUDE_DIR LIBGCRYPT_LIBRARY) +endif() diff --git a/cmake/FindWolfSSL.cmake b/cmake/FindWolfSSL.cmake new file mode 100644 index 0000000..f66a59d --- /dev/null +++ b/cmake/FindWolfSSL.cmake @@ -0,0 +1,59 @@ +# Copyright (C) The libssh2 project and its contributors. +# SPDX-License-Identifier: BSD-3-Clause +# +########################################################################### +# Find the wolfssl library +# +# Input variables: +# +# WOLFSSL_INCLUDE_DIR The wolfssl include directory +# WOLFSSL_LIBRARY Path to wolfssl library +# +# Result variables: +# +# WOLFSSL_FOUND System has wolfssl +# WOLFSSL_INCLUDE_DIRS The wolfssl include directories +# WOLFSSL_LIBRARIES The wolfssl library names +# WOLFSSL_LIBRARY_DIRS The wolfssl library directories +# WOLFSSL_CFLAGS Required compiler flags +# WOLFSSL_VERSION Version of wolfssl + +if((UNIX OR VCPKG_TOOLCHAIN OR (MINGW AND NOT CMAKE_CROSSCOMPILING)) AND + NOT DEFINED WOLFSSL_INCLUDE_DIR AND + NOT DEFINED WOLFSSL_LIBRARY) + find_package(PkgConfig QUIET) + pkg_check_modules(WOLFSSL "wolfssl") +endif() + +if(WOLFSSL_FOUND) + string(REPLACE ";" " " WOLFSSL_CFLAGS "${WOLFSSL_CFLAGS}") + message(STATUS "Found WolfSSL (via pkg-config): ${WOLFSSL_INCLUDE_DIRS} (found version \"${WOLFSSL_VERSION}\")") +else() + find_path(WOLFSSL_INCLUDE_DIR NAMES "wolfssl/options.h") + find_library(WOLFSSL_LIBRARY NAMES "wolfssl") + + if(WOLFSSL_INCLUDE_DIR AND EXISTS "${WOLFSSL_INCLUDE_DIR}/wolfssl/version.h") + set(_version_regex "#[\t ]*define[\t ]+LIBWOLFSSL_VERSION_STRING[\t ]+\"([^\"]*)\"") + file(STRINGS "${WOLFSSL_INCLUDE_DIR}/wolfssl/version.h" _version_str REGEX "${_version_regex}") + string(REGEX REPLACE "${_version_regex}" "\\1" _version_str "${_version_str}") + set(WOLFSSL_VERSION "${_version_str}") + unset(_version_regex) + unset(_version_str) + endif() + + include(FindPackageHandleStandardArgs) + find_package_handle_standard_args(WolfSSL + REQUIRED_VARS + WOLFSSL_INCLUDE_DIR + WOLFSSL_LIBRARY + VERSION_VAR + WOLFSSL_VERSION + ) + + if(WOLFSSL_FOUND) + set(WOLFSSL_INCLUDE_DIRS ${WOLFSSL_INCLUDE_DIR}) + set(WOLFSSL_LIBRARIES ${WOLFSSL_LIBRARY}) + endif() + + mark_as_advanced(WOLFSSL_INCLUDE_DIR WOLFSSL_LIBRARY) +endif() diff --git a/cmake/FindmbedTLS.cmake b/cmake/FindmbedTLS.cmake index 2f4adbc..26bc565 100644 --- a/cmake/FindmbedTLS.cmake +++ b/cmake/FindmbedTLS.cmake @@ -1,64 +1,69 @@ -# - Try to find mbedTLS -# Once done this will define +# Copyright (C) The libssh2 project and its contributors. +# SPDX-License-Identifier: BSD-3-Clause # -# Read-Only variables -# MBEDTLS_FOUND - system has mbedTLS -# MBEDTLS_INCLUDE_DIR - the mbedTLS include directory -# MBEDTLS_LIBRARY_DIR - the mbedTLS library directory -# MBEDTLS_LIBRARIES - Link these to use mbedTLS -# MBEDTLS_LIBRARY - path to mbedTLS library -# MBEDX509_LIBRARY - path to mbedTLS X.509 library -# MBEDCRYPTO_LIBRARY - path to mbedTLS Crypto library - -FIND_PATH(MBEDTLS_INCLUDE_DIR mbedtls/version.h) +########################################################################### +# Find the mbedtls library +# +# Input variables: +# +# MBEDTLS_INCLUDE_DIR The mbedtls include directory +# MBEDCRYPTO_LIBRARY Path to mbedcrypto library +# +# Result variables: +# +# MBEDTLS_FOUND System has mbedtls +# MBEDTLS_INCLUDE_DIRS The mbedtls include directories +# MBEDTLS_LIBRARIES The mbedtls library names +# MBEDTLS_LIBRARY_DIRS The mbedtls library directories +# MBEDTLS_CFLAGS Required compiler flags +# MBEDTLS_VERSION Version of mbedtls -IF(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARIES) - # Already in cache, be silent - SET(MBEDTLS_FIND_QUIETLY TRUE) -ENDIF() +if((UNIX OR VCPKG_TOOLCHAIN OR (MINGW AND NOT CMAKE_CROSSCOMPILING)) AND + NOT DEFINED MBEDTLS_INCLUDE_DIR AND + NOT DEFINED MBEDCRYPTO_LIBRARY) + find_package(PkgConfig QUIET) + pkg_check_modules(MBEDTLS "mbedcrypto") +endif() -FIND_LIBRARY(MBEDTLS_LIBRARY NAMES mbedtls libmbedtls libmbedx509) -FIND_LIBRARY(MBEDX509_LIBRARY NAMES mbedx509 libmbedx509) -FIND_LIBRARY(MBEDCRYPTO_LIBRARY NAMES mbedcrypto libmbedcrypto) +if(MBEDTLS_FOUND) + string(REPLACE ";" " " MBEDTLS_CFLAGS "${MBEDTLS_CFLAGS}") + message(STATUS "Found MbedTLS (via pkg-config): ${MBEDTLS_INCLUDE_DIRS} (found version \"${MBEDTLS_VERSION}\")") +else() + find_path(MBEDTLS_INCLUDE_DIR NAMES "mbedtls/version.h") + find_library(MBEDCRYPTO_LIBRARY NAMES "mbedcrypto" "libmbedcrypto") -IF(MBEDTLS_INCLUDE_DIR AND MBEDTLS_LIBRARY AND MBEDX509_LIBRARY AND MBEDCRYPTO_LIBRARY) - SET(MBEDTLS_FOUND TRUE) -ENDIF() + if(MBEDTLS_INCLUDE_DIR) + if(EXISTS "${MBEDTLS_INCLUDE_DIR}/mbedtls/build_info.h") # 3.x + set(_version_header "${MBEDTLS_INCLUDE_DIR}/mbedtls/build_info.h") + elseif(EXISTS "${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h") # 2.x + set(_version_header "${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h") + else() + unset(_version_header) + endif() + if(_version_header) + set(_version_regex "#[\t ]*define[\t ]+MBEDTLS_VERSION_STRING[\t ]+\"([0-9.]+)\"") + file(STRINGS "${_version_header}" _version_str REGEX "${_version_regex}") + string(REGEX REPLACE "${_version_regex}" "\\1" _version_str "${_version_str}") + set(MBEDTLS_VERSION "${_version_str}") + unset(_version_regex) + unset(_version_str) + unset(_version_header) + endif() + endif() -IF(MBEDTLS_FOUND) - # split mbedTLS into -L and -l linker options, so we can set them for pkg-config - GET_FILENAME_COMPONENT(MBEDTLS_LIBRARY_DIR ${MBEDTLS_LIBRARY} PATH) - GET_FILENAME_COMPONENT(MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY} NAME_WE) - GET_FILENAME_COMPONENT(MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY} NAME_WE) - GET_FILENAME_COMPONENT(MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY} NAME_WE) - STRING(REGEX REPLACE "^lib" "" MBEDTLS_LIBRARY_FILE ${MBEDTLS_LIBRARY_FILE}) - STRING(REGEX REPLACE "^lib" "" MBEDX509_LIBRARY_FILE ${MBEDX509_LIBRARY_FILE}) - STRING(REGEX REPLACE "^lib" "" MBEDCRYPTO_LIBRARY_FILE ${MBEDCRYPTO_LIBRARY_FILE}) - SET(MBEDTLS_LIBRARIES "-L${MBEDTLS_LIBRARY_DIR} -l${MBEDTLS_LIBRARY_FILE} -l${MBEDX509_LIBRARY_FILE} -l${MBEDCRYPTO_LIBRARY_FILE}") + include(FindPackageHandleStandardArgs) + find_package_handle_standard_args(MbedTLS + REQUIRED_VARS + MBEDTLS_INCLUDE_DIR + MBEDCRYPTO_LIBRARY + VERSION_VAR + MBEDTLS_VERSION + ) - IF(NOT MBEDTLS_FIND_QUIETLY) - MESSAGE(STATUS "Found mbedTLS:") - FILE(READ ${MBEDTLS_INCLUDE_DIR}/mbedtls/version.h MBEDTLSCONTENT) - STRING(REGEX MATCH "MBEDTLS_VERSION_STRING +\"[0-9|.]+\"" MBEDTLSMATCH ${MBEDTLSCONTENT}) - IF (MBEDTLSMATCH) - STRING(REGEX REPLACE "MBEDTLS_VERSION_STRING +\"([0-9|.]+)\"" "\\1" MBEDTLS_VERSION ${MBEDTLSMATCH}) - MESSAGE(STATUS " version ${MBEDTLS_VERSION}") - ENDIF(MBEDTLSMATCH) - MESSAGE(STATUS " TLS: ${MBEDTLS_LIBRARY}") - MESSAGE(STATUS " X509: ${MBEDX509_LIBRARY}") - MESSAGE(STATUS " Crypto: ${MBEDCRYPTO_LIBRARY}") - ENDIF(NOT MBEDTLS_FIND_QUIETLY) -ELSE(MBEDTLS_FOUND) - IF(MBEDTLS_FIND_REQUIRED) - MESSAGE(FATAL_ERROR "Could not find mbedTLS") - ENDIF(MBEDTLS_FIND_REQUIRED) -ENDIF(MBEDTLS_FOUND) + if(MBEDTLS_FOUND) + set(MBEDTLS_INCLUDE_DIRS ${MBEDTLS_INCLUDE_DIR}) + set(MBEDTLS_LIBRARIES ${MBEDCRYPTO_LIBRARY}) + endif() -MARK_AS_ADVANCED( - MBEDTLS_INCLUDE_DIR - MBEDTLS_LIBRARY_DIR - MBEDTLS_LIBRARIES - MBEDTLS_LIBRARY - MBEDX509_LIBRARY - MBEDCRYPTO_LIBRARY -) + mark_as_advanced(MBEDTLS_INCLUDE_DIR MBEDCRYPTO_LIBRARY) +endif() diff --git a/cmake/PickyWarnings.cmake b/cmake/PickyWarnings.cmake new file mode 100644 index 0000000..94feee8 --- /dev/null +++ b/cmake/PickyWarnings.cmake @@ -0,0 +1,247 @@ +# Copyright (C) Viktor Szakats +# SPDX-License-Identifier: BSD-3-Clause + +include(CheckCCompilerFlag) + +option(ENABLE_WERROR "Turn compiler warnings into errors" OFF) +option(PICKY_COMPILER "Enable picky compiler options" ON) + +if(ENABLE_WERROR) + if(MSVC) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /WX") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /WX") + else() # llvm/clang and gcc style options + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Werror") + endif() +endif() + +if(MSVC) + # Use the highest warning level for Visual Studio. + if(PICKY_COMPILER) + if(CMAKE_CXX_FLAGS MATCHES "[/-]W[0-4]") + string(REGEX REPLACE "[/-]W[0-4]" "/W4" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}") + else() + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /W4") + endif() + if(CMAKE_C_FLAGS MATCHES "[/-]W[0-4]") + string(REGEX REPLACE "[/-]W[0-4]" "/W4" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}") + else() + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4") + endif() + endif() +elseif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX OR CMAKE_C_COMPILER_ID MATCHES "Clang") + + # https://clang.llvm.org/docs/DiagnosticsReference.html + # https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html + + if(NOT CMAKE_CXX_FLAGS MATCHES "-Wall") + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall") + endif() + if(NOT CMAKE_C_FLAGS MATCHES "-Wall") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall") + endif() + + if(PICKY_COMPILER) + + # WPICKY_ENABLE = Options we want to enable as-is. + # WPICKY_DETECT = Options we want to test first and enable if available. + + # Prefer the -Wextra alias with clang. + if(CMAKE_C_COMPILER_ID MATCHES "Clang") + set(WPICKY_ENABLE "-Wextra") + else() + set(WPICKY_ENABLE "-W") + endif() + + list(APPEND WPICKY_ENABLE + -pedantic + ) + + if(ENABLE_WERROR) + list(APPEND WPICKY_ENABLE + -pedantic-errors + ) + endif() + + # ---------------------------------- + # Add new options here, if in doubt: + # ---------------------------------- + set(WPICKY_DETECT + ) + + # Assume these options always exist with both clang and gcc. + # Require clang 3.0 / gcc 2.95 or later. + list(APPEND WPICKY_ENABLE + -Wbad-function-cast # clang 2.7 gcc 2.95 + -Wconversion # clang 2.7 gcc 2.95 + -Winline # clang 1.0 gcc 1.0 + -Wmissing-declarations # clang 1.0 gcc 2.7 + -Wmissing-prototypes # clang 1.0 gcc 1.0 + -Wnested-externs # clang 1.0 gcc 2.7 + -Wno-long-long # clang 1.0 gcc 2.95 + -Wno-multichar # clang 1.0 gcc 2.95 + -Wpointer-arith # clang 1.0 gcc 1.4 + -Wshadow # clang 1.0 gcc 2.95 + -Wsign-compare # clang 1.0 gcc 2.95 + -Wundef # clang 1.0 gcc 2.95 + -Wunused # clang 1.1 gcc 2.95 + -Wwrite-strings # clang 1.0 gcc 1.4 + ) + + # Always enable with clang, version dependent with gcc + set(WPICKY_COMMON_OLD + -Waddress # clang 2.7 gcc 4.3 + -Wattributes # clang 2.7 gcc 4.1 + -Wcast-align # clang 1.0 gcc 4.2 + -Wdeclaration-after-statement # clang 1.0 gcc 3.4 + -Wdiv-by-zero # clang 2.7 gcc 4.1 + -Wempty-body # clang 2.7 gcc 4.3 + -Wendif-labels # clang 1.0 gcc 3.3 + -Wfloat-equal # clang 1.0 gcc 2.96 (3.0) + -Wformat-security # clang 2.7 gcc 4.1 + -Wignored-qualifiers # clang 2.8 gcc 4.3 + -Wmissing-field-initializers # clang 2.7 gcc 4.1 + -Wmissing-noreturn # clang 2.7 gcc 4.1 + -Wno-format-nonliteral # clang 1.0 gcc 2.96 (3.0) + -Wno-system-headers # clang 1.0 gcc 3.0 + # -Wpadded # clang 2.9 gcc 4.1 # Not used because we cannot change public structs + -Wold-style-definition # clang 2.7 gcc 3.4 + -Wredundant-decls # clang 2.7 gcc 4.1 + -Wsign-conversion # clang 2.9 gcc 4.3 + -Wno-error=sign-conversion # FIXME + -Wstrict-prototypes # clang 1.0 gcc 3.3 + # -Wswitch-enum # clang 2.7 gcc 4.1 # Not used because this basically disallows default case + -Wtype-limits # clang 2.7 gcc 4.3 + -Wunreachable-code # clang 2.7 gcc 4.1 + -Wunused-macros # clang 2.7 gcc 4.1 + -Wunused-parameter # clang 2.7 gcc 4.1 + -Wvla # clang 2.8 gcc 4.3 + ) + + set(WPICKY_COMMON + -Wdouble-promotion # clang 3.6 gcc 4.6 appleclang 6.3 + -Wenum-conversion # clang 3.2 gcc 10.0 appleclang 4.6 g++ 11.0 + -Wpragmas # clang 3.5 gcc 4.1 appleclang 6.0 + -Wunused-const-variable # clang 3.4 gcc 6.0 appleclang 5.1 + ) + + if(CMAKE_C_COMPILER_ID MATCHES "Clang") + list(APPEND WPICKY_ENABLE + ${WPICKY_COMMON_OLD} + -Wshift-sign-overflow # clang 2.9 + -Wshorten-64-to-32 # clang 1.0 + -Wlanguage-extension-token # clang 3.0 + -Wformat=2 # clang 3.0 gcc 4.8 + ) + # Enable based on compiler version + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 3.6) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 6.3)) + list(APPEND WPICKY_ENABLE + ${WPICKY_COMMON} + -Wunreachable-code-break # clang 3.5 appleclang 6.0 + -Wheader-guard # clang 3.4 appleclang 5.1 + -Wsometimes-uninitialized # clang 3.2 appleclang 4.6 + ) + endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 3.9) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 8.3)) + list(APPEND WPICKY_ENABLE + -Wcomma # clang 3.9 appleclang 8.3 + -Wmissing-variable-declarations # clang 3.2 appleclang 4.6 + ) + endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 7.0) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 10.3)) + list(APPEND WPICKY_ENABLE + -Wassign-enum # clang 7.0 appleclang 10.3 + -Wextra-semi-stmt # clang 7.0 appleclang 10.3 + ) + endif() + if((CMAKE_C_COMPILER_ID STREQUAL "Clang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 10.0) OR + (CMAKE_C_COMPILER_ID STREQUAL "AppleClang" AND NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 12.4)) + list(APPEND WPICKY_ENABLE + -Wimplicit-fallthrough # clang 4.0 gcc 7.0 appleclang 12.4 # we have silencing markup for clang 10.0 and above only + ) + endif() + else() # gcc + list(APPEND WPICKY_DETECT + ${WPICKY_COMMON} + ) + # Enable based on compiler version + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.3) + list(APPEND WPICKY_ENABLE + ${WPICKY_COMMON_OLD} + -Wclobbered # gcc 4.3 + -Wmissing-parameter-type # gcc 4.3 + -Wold-style-declaration # gcc 4.3 + -Wstrict-aliasing=3 # gcc 4.0 + -Wtrampolines # gcc 4.3 + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.5 AND MINGW) + list(APPEND WPICKY_ENABLE + -Wno-pedantic-ms-format # gcc 4.5 (mingw-only) + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 4.8) + list(APPEND WPICKY_ENABLE + -Wformat=2 # clang 3.0 gcc 4.8 + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 5.0) + list(APPEND WPICKY_ENABLE + -Warray-bounds=2 -ftree-vrp # clang 3.0 gcc 5.0 (clang default: -Warray-bounds) + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 6.0) + list(APPEND WPICKY_ENABLE + -Wduplicated-cond # gcc 6.0 + -Wnull-dereference # clang 3.0 gcc 6.0 (clang default) + -fdelete-null-pointer-checks + -Wshift-negative-value # clang 3.7 gcc 6.0 (clang default) + -Wshift-overflow=2 # clang 3.0 gcc 6.0 (clang default: -Wshift-overflow) + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 7.0) + list(APPEND WPICKY_ENABLE + -Walloc-zero # gcc 7.0 + -Wduplicated-branches # gcc 7.0 + -Wformat-overflow=2 # gcc 7.0 + -Wformat-truncation=2 # gcc 7.0 + -Wimplicit-fallthrough # clang 4.0 gcc 7.0 + -Wrestrict # gcc 7.0 + ) + endif() + if(NOT CMAKE_C_COMPILER_VERSION VERSION_LESS 10.0) + list(APPEND WPICKY_ENABLE + -Warith-conversion # gcc 10.0 + ) + endif() + endif() + + # + + unset(WPICKY) + + foreach(_CCOPT IN LISTS WPICKY_ENABLE) + set(WPICKY "${WPICKY} ${_CCOPT}") + endforeach() + + foreach(_CCOPT IN LISTS WPICKY_DETECT) + # surprisingly, CHECK_C_COMPILER_FLAG needs a new variable to store each new + # test result in. + string(MAKE_C_IDENTIFIER "OPT${_CCOPT}" _optvarname) + # GCC only warns about unknown -Wno- options if there are also other diagnostic messages, + # so test for the positive form instead + string(REPLACE "-Wno-" "-W" _CCOPT_ON "${_CCOPT}") + check_c_compiler_flag(${_CCOPT_ON} ${_optvarname}) + if(${_optvarname}) + set(WPICKY "${WPICKY} ${_CCOPT}") + endif() + endforeach() + + message(STATUS "Picky compiler options:${WPICKY}") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${WPICKY}") + endif() +endif() diff --git a/cmake/SocketLibraries.cmake b/cmake/SocketLibraries.cmake deleted file mode 100644 index bfbbd71..0000000 --- a/cmake/SocketLibraries.cmake +++ /dev/null @@ -1,64 +0,0 @@ -# Copyright (c) 2014 Alexander Lamaison -# -# Redistribution and use in source and binary forms, -# with or without modification, are permitted provided -# that the following conditions are met: -# -# Redistributions of source code must retain the above -# copyright notice, this list of conditions and the -# following disclaimer. -# -# Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following -# disclaimer in the documentation and/or other materials -# provided with the distribution. -# -# Neither the name of the copyright holder nor the names -# of any other contributors may be used to endorse or -# promote products derived from this software without -# specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND -# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, -# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR -# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY -# OF SUCH DAMAGE. - -# Some systems have their socket functions in a library. -# (Solaris -lsocket/-lnsl, Windows -lws2_32). This macro appends those -# libraries to the given list -macro(append_needed_socket_libraries LIBRARIES_LIST) - if(CMAKE_SYSTEM_NAME STREQUAL "Windows" AND CMAKE_SIZEOF_VOID_P EQUAL 4) - # x86 Windows uses STDCALL for these functions, so their names are mangled, - # meaning the platform checks don't work. Hardcoding these until we get - # a better solution. - set(HAVE_SOCKET 1) - set(HAVE_SELECT 1) - set(HAVE_INET_ADDR 1) - set(NEED_LIB_WS2_32 1) - else() - check_function_exists_may_need_library(socket HAVE_SOCKET socket ws2_32) - check_function_exists_may_need_library(select HAVE_SELECT ws2_32) - check_function_exists_may_need_library(inet_addr HAVE_INET_ADDR nsl ws2_32) - endif() - - if(NEED_LIB_SOCKET) - list(APPEND ${LIBRARIES_LIST} socket) - endif() - if(NEED_LIB_NSL) - list(APPEND ${LIBRARIES_LIST} nsl) - endif() - if(NEED_LIB_WS2_32) - list(APPEND ${LIBRARIES_LIST} ws2_32) - endif() - -endmacro() \ No newline at end of file diff --git a/cmake/Toolchain-Linux-32.cmake b/cmake/Toolchain-Linux-32.cmake deleted file mode 100644 index 6aad9b1..0000000 --- a/cmake/Toolchain-Linux-32.cmake +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright (c) 2014 Alexander Lamaison -# -# Redistribution and use in source and binary forms, -# with or without modification, are permitted provided -# that the following conditions are met: -# -# Redistributions of source code must retain the above -# copyright notice, this list of conditions and the -# following disclaimer. -# -# Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following -# disclaimer in the documentation and/or other materials -# provided with the distribution. -# -# Neither the name of the copyright holder nor the names -# of any other contributors may be used to endorse or -# promote products derived from this software without -# specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND -# CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, -# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR -# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, -# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING -# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE -# USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY -# OF SUCH DAMAGE. - -# Cross-compile 32-bit binary on 64-bit linux host -set(CMAKE_SYSTEM_NAME Linux) -set(CMAKE_SYSTEM_VERSION 1) -set(CMAKE_SYSTEM_PROCESSOR "i386") - -set(CMAKE_CXX_COMPILER_ARG1 "-m32") -set(CMAKE_C_COMPILER_ARG1 "-m32") \ No newline at end of file diff --git a/cmake/libssh2-config.cmake.in b/cmake/libssh2-config.cmake.in new file mode 100644 index 0000000..edc86d7 --- /dev/null +++ b/cmake/libssh2-config.cmake.in @@ -0,0 +1,31 @@ +# Copyright (C) The libssh2 project and its contributors. +# SPDX-License-Identifier: BSD-3-Clause + +include(CMakeFindDependencyMacro) +list(PREPEND CMAKE_MODULE_PATH ${CMAKE_CURRENT_LIST_DIR}) + +if("@CRYPTO_BACKEND@" STREQUAL "OpenSSL") + find_dependency(OpenSSL) +elseif("@CRYPTO_BACKEND@" STREQUAL "wolfSSL") + find_dependency(WolfSSL) +elseif("@CRYPTO_BACKEND@" STREQUAL "Libgcrypt") + find_dependency(Libgcrypt) +elseif("@CRYPTO_BACKEND@" STREQUAL "mbedTLS") + find_dependency(MbedTLS) +endif() + +if(@ZLIB_FOUND@) + find_dependency(ZLIB) +endif() + +include("${CMAKE_CURRENT_LIST_DIR}/@PROJECT_NAME@-targets.cmake") + +# Alias for either shared or static library +if(NOT TARGET @PROJECT_NAME@::@LIB_NAME@) + add_library(@PROJECT_NAME@::@LIB_NAME@ ALIAS @PROJECT_NAME@::@LIB_SELECTED@) +endif() + +# Compatibility alias +if(NOT TARGET Libssh2::@LIB_NAME@) + add_library(Libssh2::@LIB_NAME@ ALIAS @PROJECT_NAME@::@LIB_SELECTED@) +endif() diff --git a/cmake/max_warnings.cmake b/cmake/max_warnings.cmake deleted file mode 100644 index b176d30..0000000 --- a/cmake/max_warnings.cmake +++ /dev/null @@ -1,23 +0,0 @@ -if(MSVC) - # Use the highest warning level for visual studio. - if(CMAKE_CXX_FLAGS MATCHES "/W[0-4]") - string(REGEX REPLACE "/W[0-4]" "/W4" CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS}") - else() - set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /W4") - endif() - if(CMAKE_C_FLAGS MATCHES "/W[0-4]") - string(REGEX REPLACE "/W[0-4]" "/W4" CMAKE_C_FLAGS "${CMAKE_C_FLAGS}") - else() - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} /W4") - endif() - - # Disable broken warnings - add_definitions(-D_CRT_SECURE_NO_WARNINGS -D_CRT_NONSTDC_NO_DEPRECATE) -elseif(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX) - if(NOT CMAKE_CXX_FLAGS MATCHES "-Wall") - set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall") - endif() - if(NOT CMAKE_C_FLAGS MATCHES "-Wall") - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall") - endif() -endif() diff --git a/compile b/compile index 23fcba0..df363c8 100644 --- a/compile +++ b/compile @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1999-2020 Free Software Foundation, Inc. +# Copyright (C) 1999-2021 Free Software Foundation, Inc. # Written by Tom Tromey . # # This program is free software; you can redistribute it and/or modify diff --git a/config.guess b/config.guess index f50dcdb..7f76b62 100644 --- a/config.guess +++ b/config.guess @@ -1,12 +1,14 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright 1992-2018 Free Software Foundation, Inc. +# Copyright 1992-2022 Free Software Foundation, Inc. -timestamp='2018-02-24' +# shellcheck disable=SC2006,SC2268 # see below for rationale + +timestamp='2022-01-09' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or +# the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but @@ -27,11 +29,19 @@ timestamp='2018-02-24' # Originally written by Per Bothner; maintained since 2000 by Ben Elliston. # # You can get the latest version of this script from: -# https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess +# https://git.savannah.gnu.org/cgit/config.git/plain/config.guess # # Please send patches to . +# The "shellcheck disable" line above the timestamp inhibits complaints +# about features and limitations of the classic Bourne shell that were +# superseded or lifted in POSIX. However, this script identifies a wide +# variety of pre-POSIX systems that do not have POSIX shells at all, and +# even some reasonably current systems (Solaris 10 as case-in-point) still +# have a pre-POSIX /bin/sh. + + me=`echo "$0" | sed -e 's,.*/,,'` usage="\ @@ -50,7 +60,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright 1992-2018 Free Software Foundation, Inc. +Copyright 1992-2022 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -84,7 +94,8 @@ if test $# != 0; then exit 1 fi -trap 'exit 1' 1 2 15 +# Just in case it came from the environment. +GUESS= # CC_FOR_BUILD -- compiler used by this script. Note that the use of a # compiler to aid in system detection is discouraged as it requires @@ -96,73 +107,90 @@ trap 'exit 1' 1 2 15 # Portable tmp directory creation inspired by the Autoconf team. -set_cc_for_build=' -trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; -trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; -: ${TMPDIR=/tmp} ; - { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || - { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || - { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || - { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; -dummy=$tmp/dummy ; -tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; -case $CC_FOR_BUILD,$HOST_CC,$CC in - ,,) echo "int x;" > "$dummy.c" ; - for c in cc gcc c89 c99 ; do - if ($c -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then - CC_FOR_BUILD="$c"; break ; - fi ; - done ; - if test x"$CC_FOR_BUILD" = x ; then - CC_FOR_BUILD=no_compiler_found ; - fi - ;; - ,,*) CC_FOR_BUILD=$CC ;; - ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac ; set_cc_for_build= ;' +tmp= +# shellcheck disable=SC2172 +trap 'test -z "$tmp" || rm -fr "$tmp"' 0 1 2 13 15 + +set_cc_for_build() { + # prevent multiple calls if $tmp is already set + test "$tmp" && return 0 + : "${TMPDIR=/tmp}" + # shellcheck disable=SC2039,SC3028 + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir "$tmp" 2>/dev/null) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir "$tmp" 2>/dev/null) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } + dummy=$tmp/dummy + case ${CC_FOR_BUILD-},${HOST_CC-},${CC-} in + ,,) echo "int x;" > "$dummy.c" + for driver in cc gcc c89 c99 ; do + if ($driver -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then + CC_FOR_BUILD=$driver + break + fi + done + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; + esac +} # This is needed to find uname on a Pyramid OSx when run in the BSD universe. # (ghazi@noc.rutgers.edu 1994-08-24) -if (test -f /.attbin/uname) >/dev/null 2>&1 ; then +if test -f /.attbin/uname ; then PATH=$PATH:/.attbin ; export PATH fi UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown -UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown -case "$UNAME_SYSTEM" in +case $UNAME_SYSTEM in Linux|GNU|GNU/*) - # If the system lacks a compiler, then just pick glibc. - # We could probably try harder. - LIBC=gnu + LIBC=unknown - eval "$set_cc_for_build" + set_cc_for_build cat <<-EOF > "$dummy.c" #include #if defined(__UCLIBC__) LIBC=uclibc #elif defined(__dietlibc__) LIBC=dietlibc - #else + #elif defined(__GLIBC__) LIBC=gnu + #else + #include + /* First heuristic to detect musl libc. */ + #ifdef __DEFINED_va_list + LIBC=musl + #endif #endif EOF - eval "`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'`" + cc_set_libc=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'` + eval "$cc_set_libc" - # If ldd exists, use it to detect musl libc. - if command -v ldd >/dev/null && \ - ldd --version 2>&1 | grep -q ^musl - then - LIBC=musl + # Second heuristic to detect musl libc. + if [ "$LIBC" = unknown ] && + command -v ldd >/dev/null && + ldd --version 2>&1 | grep -q ^musl; then + LIBC=musl + fi + + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + if [ "$LIBC" = unknown ]; then + LIBC=gnu fi ;; esac # Note: order is significant - the case branches are not exclusive. -case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in +case $UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, @@ -174,12 +202,12 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # # Note: NetBSD doesn't particularly care about the vendor # portion of the name. We always set it to "unknown". - sysctl="sysctl -n hw.machine_arch" UNAME_MACHINE_ARCH=`(uname -p 2>/dev/null || \ - "/sbin/$sysctl" 2>/dev/null || \ - "/usr/sbin/$sysctl" 2>/dev/null || \ + /sbin/sysctl -n hw.machine_arch 2>/dev/null || \ + /usr/sbin/sysctl -n hw.machine_arch 2>/dev/null || \ echo unknown)` - case "$UNAME_MACHINE_ARCH" in + case $UNAME_MACHINE_ARCH in + aarch64eb) machine=aarch64_be-unknown ;; armeb) machine=armeb-unknown ;; arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; @@ -188,18 +216,18 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in earmv*) arch=`echo "$UNAME_MACHINE_ARCH" | sed -e 's,^e\(armv[0-9]\).*$,\1,'` endian=`echo "$UNAME_MACHINE_ARCH" | sed -ne 's,^.*\(eb\)$,\1,p'` - machine="${arch}${endian}"-unknown + machine=${arch}${endian}-unknown ;; - *) machine="$UNAME_MACHINE_ARCH"-unknown ;; + *) machine=$UNAME_MACHINE_ARCH-unknown ;; esac # The Operating System including object format, if it has switched # to ELF recently (or will in the future) and ABI. - case "$UNAME_MACHINE_ARCH" in + case $UNAME_MACHINE_ARCH in earm*) os=netbsdelf ;; arm*|i386|m68k|ns32k|sh3*|sparc|vax) - eval "$set_cc_for_build" + set_cc_for_build if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ELF__ then @@ -215,7 +243,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in ;; esac # Determine ABI tags. - case "$UNAME_MACHINE_ARCH" in + case $UNAME_MACHINE_ARCH in earm*) expr='s/^earmv[0-9]/-eabi/;s/eb$//' abi=`echo "$UNAME_MACHINE_ARCH" | sed -e "$expr"` @@ -226,7 +254,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # thus, need a distinct triplet. However, they do not need # kernel version information, so it can be replaced with a # suitable tag, in the style of linux-gnu. - case "$UNAME_VERSION" in + case $UNAME_VERSION in Debian*) release='-gnu' ;; @@ -237,45 +265,57 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: # contains redundant information, the shorter form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. - echo "$machine-${os}${release}${abi}" - exit ;; + GUESS=$machine-${os}${release}${abi-} + ;; *:Bitrig:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` - echo "$UNAME_MACHINE_ARCH"-unknown-bitrig"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE_ARCH-unknown-bitrig$UNAME_RELEASE + ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` - echo "$UNAME_MACHINE_ARCH"-unknown-openbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE_ARCH-unknown-openbsd$UNAME_RELEASE + ;; + *:SecBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/SecBSD.//'` + GUESS=$UNAME_MACHINE_ARCH-unknown-secbsd$UNAME_RELEASE + ;; *:LibertyBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/^.*BSD\.//'` - echo "$UNAME_MACHINE_ARCH"-unknown-libertybsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE_ARCH-unknown-libertybsd$UNAME_RELEASE + ;; *:MidnightBSD:*:*) - echo "$UNAME_MACHINE"-unknown-midnightbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-midnightbsd$UNAME_RELEASE + ;; *:ekkoBSD:*:*) - echo "$UNAME_MACHINE"-unknown-ekkobsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-ekkobsd$UNAME_RELEASE + ;; *:SolidBSD:*:*) - echo "$UNAME_MACHINE"-unknown-solidbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-solidbsd$UNAME_RELEASE + ;; + *:OS108:*:*) + GUESS=$UNAME_MACHINE-unknown-os108_$UNAME_RELEASE + ;; macppc:MirBSD:*:*) - echo powerpc-unknown-mirbsd"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-unknown-mirbsd$UNAME_RELEASE + ;; *:MirBSD:*:*) - echo "$UNAME_MACHINE"-unknown-mirbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-mirbsd$UNAME_RELEASE + ;; *:Sortix:*:*) - echo "$UNAME_MACHINE"-unknown-sortix - exit ;; + GUESS=$UNAME_MACHINE-unknown-sortix + ;; + *:Twizzler:*:*) + GUESS=$UNAME_MACHINE-unknown-twizzler + ;; *:Redox:*:*) - echo "$UNAME_MACHINE"-unknown-redox - exit ;; + GUESS=$UNAME_MACHINE-unknown-redox + ;; mips:OSF1:*.*) - echo mips-dec-osf1 - exit ;; + GUESS=mips-dec-osf1 + ;; alpha:OSF1:*:*) + # Reset EXIT trap before exiting to avoid spurious non-zero exit code. + trap '' 0 case $UNAME_RELEASE in *4.0) UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` @@ -289,7 +329,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # covers most systems running today. This code pipes the CPU # types through head -n 1, so we only detect the type of CPU 0. ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` - case "$ALPHA_CPU_TYPE" in + case $ALPHA_CPU_TYPE in "EV4 (21064)") UNAME_MACHINE=alpha ;; "EV4.5 (21064)") @@ -326,117 +366,121 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. - echo "$UNAME_MACHINE"-dec-osf"`echo "$UNAME_RELEASE" | sed -e 's/^[PVTX]//' | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz`" - # Reset EXIT trap before exiting to avoid spurious non-zero exit code. - exitcode=$? - trap '' 0 - exit $exitcode ;; + OSF_REL=`echo "$UNAME_RELEASE" | sed -e 's/^[PVTX]//' | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` + GUESS=$UNAME_MACHINE-dec-osf$OSF_REL + ;; Amiga*:UNIX_System_V:4.0:*) - echo m68k-unknown-sysv4 - exit ;; + GUESS=m68k-unknown-sysv4 + ;; *:[Aa]miga[Oo][Ss]:*:*) - echo "$UNAME_MACHINE"-unknown-amigaos - exit ;; + GUESS=$UNAME_MACHINE-unknown-amigaos + ;; *:[Mm]orph[Oo][Ss]:*:*) - echo "$UNAME_MACHINE"-unknown-morphos - exit ;; + GUESS=$UNAME_MACHINE-unknown-morphos + ;; *:OS/390:*:*) - echo i370-ibm-openedition - exit ;; + GUESS=i370-ibm-openedition + ;; *:z/VM:*:*) - echo s390-ibm-zvmoe - exit ;; + GUESS=s390-ibm-zvmoe + ;; *:OS400:*:*) - echo powerpc-ibm-os400 - exit ;; + GUESS=powerpc-ibm-os400 + ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) - echo arm-acorn-riscix"$UNAME_RELEASE" - exit ;; + GUESS=arm-acorn-riscix$UNAME_RELEASE + ;; arm*:riscos:*:*|arm*:RISCOS:*:*) - echo arm-unknown-riscos - exit ;; + GUESS=arm-unknown-riscos + ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) - echo hppa1.1-hitachi-hiuxmpp - exit ;; + GUESS=hppa1.1-hitachi-hiuxmpp + ;; Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. - if test "`(/bin/universe) 2>/dev/null`" = att ; then - echo pyramid-pyramid-sysv3 - else - echo pyramid-pyramid-bsd - fi - exit ;; + case `(/bin/universe) 2>/dev/null` in + att) GUESS=pyramid-pyramid-sysv3 ;; + *) GUESS=pyramid-pyramid-bsd ;; + esac + ;; NILE*:*:*:dcosx) - echo pyramid-pyramid-svr4 - exit ;; + GUESS=pyramid-pyramid-svr4 + ;; DRS?6000:unix:4.0:6*) - echo sparc-icl-nx6 - exit ;; + GUESS=sparc-icl-nx6 + ;; DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) case `/usr/bin/uname -p` in - sparc) echo sparc-icl-nx7; exit ;; - esac ;; + sparc) GUESS=sparc-icl-nx7 ;; + esac + ;; s390x:SunOS:*:*) - echo "$UNAME_MACHINE"-ibm-solaris2"`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=$UNAME_MACHINE-ibm-solaris2$SUN_REL + ;; sun4H:SunOS:5.*:*) - echo sparc-hal-solaris2"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=sparc-hal-solaris2$SUN_REL + ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) - echo sparc-sun-solaris2"`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=sparc-sun-solaris2$SUN_REL + ;; i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) - echo i386-pc-auroraux"$UNAME_RELEASE" - exit ;; + GUESS=i386-pc-auroraux$UNAME_RELEASE + ;; i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) - eval "$set_cc_for_build" + set_cc_for_build SUN_ARCH=i386 # If there is a compiler, see if it is configured for 64-bit objects. # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. # This test works for both compilers. - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then + if test "$CC_FOR_BUILD" != no_compiler_found; then if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + (CCOPTS="" $CC_FOR_BUILD -m64 -E - 2>/dev/null) | \ grep IS_64BIT_ARCH >/dev/null then SUN_ARCH=x86_64 fi fi - echo "$SUN_ARCH"-pc-solaris2"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=$SUN_ARCH-pc-solaris2$SUN_REL + ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize # SunOS6. Hard to guess exactly what SunOS6 will be like, but # it's likely to be more like Solaris than SunOS4. - echo sparc-sun-solaris3"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=sparc-sun-solaris3$SUN_REL + ;; sun4*:SunOS:*:*) - case "`/usr/bin/arch -k`" in + case `/usr/bin/arch -k` in Series*|S4*) UNAME_RELEASE=`uname -v` ;; esac # Japanese Language versions have a version number like `4.1.3-JL'. - echo sparc-sun-sunos"`echo "$UNAME_RELEASE"|sed -e 's/-/_/'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/-/_/'` + GUESS=sparc-sun-sunos$SUN_REL + ;; sun3*:SunOS:*:*) - echo m68k-sun-sunos"$UNAME_RELEASE" - exit ;; + GUESS=m68k-sun-sunos$UNAME_RELEASE + ;; sun*:*:4.2BSD:*) UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` test "x$UNAME_RELEASE" = x && UNAME_RELEASE=3 - case "`/bin/arch`" in + case `/bin/arch` in sun3) - echo m68k-sun-sunos"$UNAME_RELEASE" + GUESS=m68k-sun-sunos$UNAME_RELEASE ;; sun4) - echo sparc-sun-sunos"$UNAME_RELEASE" + GUESS=sparc-sun-sunos$UNAME_RELEASE ;; esac - exit ;; + ;; aushp:SunOS:*:*) - echo sparc-auspex-sunos"$UNAME_RELEASE" - exit ;; + GUESS=sparc-auspex-sunos$UNAME_RELEASE + ;; # The situation for MiNT is a little confusing. The machine name # can be virtually everything (everything which is not # "atarist" or "atariste" at least should have a processor @@ -446,43 +490,43 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-atari-mint$UNAME_RELEASE + ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-atari-mint$UNAME_RELEASE + ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-atari-mint$UNAME_RELEASE + ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-milan-mint$UNAME_RELEASE + ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-hades-mint$UNAME_RELEASE + ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-unknown-mint$UNAME_RELEASE + ;; m68k:machten:*:*) - echo m68k-apple-machten"$UNAME_RELEASE" - exit ;; + GUESS=m68k-apple-machten$UNAME_RELEASE + ;; powerpc:machten:*:*) - echo powerpc-apple-machten"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-apple-machten$UNAME_RELEASE + ;; RISC*:Mach:*:*) - echo mips-dec-mach_bsd4.3 - exit ;; + GUESS=mips-dec-mach_bsd4.3 + ;; RISC*:ULTRIX:*:*) - echo mips-dec-ultrix"$UNAME_RELEASE" - exit ;; + GUESS=mips-dec-ultrix$UNAME_RELEASE + ;; VAX*:ULTRIX*:*:*) - echo vax-dec-ultrix"$UNAME_RELEASE" - exit ;; + GUESS=vax-dec-ultrix$UNAME_RELEASE + ;; 2020:CLIX:*:* | 2430:CLIX:*:*) - echo clipper-intergraph-clix"$UNAME_RELEASE" - exit ;; + GUESS=clipper-intergraph-clix$UNAME_RELEASE + ;; mips:*:*:UMIPS | mips:*:*:RISCos) - eval "$set_cc_for_build" + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #ifdef __cplusplus #include /* for printf() prototype */ @@ -508,78 +552,79 @@ EOF dummyarg=`echo "$UNAME_RELEASE" | sed -n 's/\([0-9]*\).*/\1/p'` && SYSTEM_NAME=`"$dummy" "$dummyarg"` && { echo "$SYSTEM_NAME"; exit; } - echo mips-mips-riscos"$UNAME_RELEASE" - exit ;; + GUESS=mips-mips-riscos$UNAME_RELEASE + ;; Motorola:PowerMAX_OS:*:*) - echo powerpc-motorola-powermax - exit ;; + GUESS=powerpc-motorola-powermax + ;; Motorola:*:4.3:PL8-*) - echo powerpc-harris-powermax - exit ;; + GUESS=powerpc-harris-powermax + ;; Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) - echo powerpc-harris-powermax - exit ;; + GUESS=powerpc-harris-powermax + ;; Night_Hawk:Power_UNIX:*:*) - echo powerpc-harris-powerunix - exit ;; + GUESS=powerpc-harris-powerunix + ;; m88k:CX/UX:7*:*) - echo m88k-harris-cxux7 - exit ;; + GUESS=m88k-harris-cxux7 + ;; m88k:*:4*:R4*) - echo m88k-motorola-sysv4 - exit ;; + GUESS=m88k-motorola-sysv4 + ;; m88k:*:3*:R3*) - echo m88k-motorola-sysv3 - exit ;; + GUESS=m88k-motorola-sysv3 + ;; AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ "$UNAME_PROCESSOR" = mc88100 ] || [ "$UNAME_PROCESSOR" = mc88110 ] + if test "$UNAME_PROCESSOR" = mc88100 || test "$UNAME_PROCESSOR" = mc88110 then - if [ "$TARGET_BINARY_INTERFACE"x = m88kdguxelfx ] || \ - [ "$TARGET_BINARY_INTERFACE"x = x ] + if test "$TARGET_BINARY_INTERFACE"x = m88kdguxelfx || \ + test "$TARGET_BINARY_INTERFACE"x = x then - echo m88k-dg-dgux"$UNAME_RELEASE" + GUESS=m88k-dg-dgux$UNAME_RELEASE else - echo m88k-dg-dguxbcs"$UNAME_RELEASE" + GUESS=m88k-dg-dguxbcs$UNAME_RELEASE fi else - echo i586-dg-dgux"$UNAME_RELEASE" + GUESS=i586-dg-dgux$UNAME_RELEASE fi - exit ;; + ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) - echo m88k-dolphin-sysv3 - exit ;; + GUESS=m88k-dolphin-sysv3 + ;; M88*:*:R3*:*) # Delta 88k system running SVR3 - echo m88k-motorola-sysv3 - exit ;; + GUESS=m88k-motorola-sysv3 + ;; XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) - echo m88k-tektronix-sysv3 - exit ;; + GUESS=m88k-tektronix-sysv3 + ;; Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) - echo m68k-tektronix-bsd - exit ;; + GUESS=m68k-tektronix-bsd + ;; *:IRIX*:*:*) - echo mips-sgi-irix"`echo "$UNAME_RELEASE"|sed -e 's/-/_/g'`" - exit ;; + IRIX_REL=`echo "$UNAME_RELEASE" | sed -e 's/-/_/g'` + GUESS=mips-sgi-irix$IRIX_REL + ;; ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + GUESS=romp-ibm-aix # uname -m gives an 8 hex-code CPU id + ;; # Note that: echo "'`uname -s`'" gives 'AIX ' i*86:AIX:*:*) - echo i386-ibm-aix - exit ;; + GUESS=i386-ibm-aix + ;; ia64:AIX:*:*) - if [ -x /usr/bin/oslevel ] ; then + if test -x /usr/bin/oslevel ; then IBM_REV=`/usr/bin/oslevel` else - IBM_REV="$UNAME_VERSION.$UNAME_RELEASE" + IBM_REV=$UNAME_VERSION.$UNAME_RELEASE fi - echo "$UNAME_MACHINE"-ibm-aix"$IBM_REV" - exit ;; + GUESS=$UNAME_MACHINE-ibm-aix$IBM_REV + ;; *:AIX:2:3) if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then - eval "$set_cc_for_build" + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #include @@ -593,16 +638,16 @@ EOF EOF if $CC_FOR_BUILD -o "$dummy" "$dummy.c" && SYSTEM_NAME=`"$dummy"` then - echo "$SYSTEM_NAME" + GUESS=$SYSTEM_NAME else - echo rs6000-ibm-aix3.2.5 + GUESS=rs6000-ibm-aix3.2.5 fi elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then - echo rs6000-ibm-aix3.2.4 + GUESS=rs6000-ibm-aix3.2.4 else - echo rs6000-ibm-aix3.2 + GUESS=rs6000-ibm-aix3.2 fi - exit ;; + ;; *:AIX:*:[4567]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El "$IBM_CPU_ID" | grep ' POWER' >/dev/null 2>&1; then @@ -610,57 +655,57 @@ EOF else IBM_ARCH=powerpc fi - if [ -x /usr/bin/lslpp ] ; then - IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | + if test -x /usr/bin/lslpp ; then + IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | \ awk -F: '{ print $3 }' | sed s/[0-9]*$/0/` else - IBM_REV="$UNAME_VERSION.$UNAME_RELEASE" + IBM_REV=$UNAME_VERSION.$UNAME_RELEASE fi - echo "$IBM_ARCH"-ibm-aix"$IBM_REV" - exit ;; + GUESS=$IBM_ARCH-ibm-aix$IBM_REV + ;; *:AIX:*:*) - echo rs6000-ibm-aix - exit ;; + GUESS=rs6000-ibm-aix + ;; ibmrt:4.4BSD:*|romp-ibm:4.4BSD:*) - echo romp-ibm-bsd4.4 - exit ;; + GUESS=romp-ibm-bsd4.4 + ;; ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and - echo romp-ibm-bsd"$UNAME_RELEASE" # 4.3 with uname added to - exit ;; # report: romp-ibm BSD 4.3 + GUESS=romp-ibm-bsd$UNAME_RELEASE # 4.3 with uname added to + ;; # report: romp-ibm BSD 4.3 *:BOSX:*:*) - echo rs6000-bull-bosx - exit ;; + GUESS=rs6000-bull-bosx + ;; DPX/2?00:B.O.S.:*:*) - echo m68k-bull-sysv3 - exit ;; + GUESS=m68k-bull-sysv3 + ;; 9000/[34]??:4.3bsd:1.*:*) - echo m68k-hp-bsd - exit ;; + GUESS=m68k-hp-bsd + ;; hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) - echo m68k-hp-bsd4.4 - exit ;; + GUESS=m68k-hp-bsd4.4 + ;; 9000/[34678]??:HP-UX:*:*) - HPUX_REV=`echo "$UNAME_RELEASE"|sed -e 's/[^.]*.[0B]*//'` - case "$UNAME_MACHINE" in + HPUX_REV=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*.[0B]*//'` + case $UNAME_MACHINE in 9000/31?) HP_ARCH=m68000 ;; 9000/[34]??) HP_ARCH=m68k ;; 9000/[678][0-9][0-9]) - if [ -x /usr/bin/getconf ]; then + if test -x /usr/bin/getconf; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "$sc_cpu_version" in + case $sc_cpu_version in 523) HP_ARCH=hppa1.0 ;; # CPU_PA_RISC1_0 528) HP_ARCH=hppa1.1 ;; # CPU_PA_RISC1_1 532) # CPU_PA_RISC2_0 - case "$sc_kernel_bits" in + case $sc_kernel_bits in 32) HP_ARCH=hppa2.0n ;; 64) HP_ARCH=hppa2.0w ;; '') HP_ARCH=hppa2.0 ;; # HP-UX 10.20 esac ;; esac fi - if [ "$HP_ARCH" = "" ]; then - eval "$set_cc_for_build" + if test "$HP_ARCH" = ""; then + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #define _HPUX_SOURCE @@ -698,9 +743,9 @@ EOF test -z "$HP_ARCH" && HP_ARCH=hppa fi ;; esac - if [ "$HP_ARCH" = hppa2.0w ] + if test "$HP_ARCH" = hppa2.0w then - eval "$set_cc_for_build" + set_cc_for_build # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler @@ -719,14 +764,14 @@ EOF HP_ARCH=hppa64 fi fi - echo "$HP_ARCH"-hp-hpux"$HPUX_REV" - exit ;; + GUESS=$HP_ARCH-hp-hpux$HPUX_REV + ;; ia64:HP-UX:*:*) - HPUX_REV=`echo "$UNAME_RELEASE"|sed -e 's/[^.]*.[0B]*//'` - echo ia64-hp-hpux"$HPUX_REV" - exit ;; + HPUX_REV=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*.[0B]*//'` + GUESS=ia64-hp-hpux$HPUX_REV + ;; 3050*:HI-UX:*:*) - eval "$set_cc_for_build" + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #include int @@ -754,36 +799,36 @@ EOF EOF $CC_FOR_BUILD -o "$dummy" "$dummy.c" && SYSTEM_NAME=`"$dummy"` && { echo "$SYSTEM_NAME"; exit; } - echo unknown-hitachi-hiuxwe2 - exit ;; + GUESS=unknown-hitachi-hiuxwe2 + ;; 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:*) - echo hppa1.1-hp-bsd - exit ;; + GUESS=hppa1.1-hp-bsd + ;; 9000/8??:4.3bsd:*:*) - echo hppa1.0-hp-bsd - exit ;; + GUESS=hppa1.0-hp-bsd + ;; *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) - echo hppa1.0-hp-mpeix - exit ;; + GUESS=hppa1.0-hp-mpeix + ;; hp7??:OSF1:*:* | hp8?[79]:OSF1:*:*) - echo hppa1.1-hp-osf - exit ;; + GUESS=hppa1.1-hp-osf + ;; hp8??:OSF1:*:*) - echo hppa1.0-hp-osf - exit ;; + GUESS=hppa1.0-hp-osf + ;; i*86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then - echo "$UNAME_MACHINE"-unknown-osf1mk + if test -x /usr/sbin/sysversion ; then + GUESS=$UNAME_MACHINE-unknown-osf1mk else - echo "$UNAME_MACHINE"-unknown-osf1 + GUESS=$UNAME_MACHINE-unknown-osf1 fi - exit ;; + ;; parisc*:Lites*:*:*) - echo hppa1.1-hp-lites - exit ;; + GUESS=hppa1.1-hp-lites + ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) - echo c1-convex-bsd - exit ;; + GUESS=c1-convex-bsd + ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd @@ -791,17 +836,18 @@ EOF fi exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) - echo c34-convex-bsd - exit ;; + GUESS=c34-convex-bsd + ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) - echo c38-convex-bsd - exit ;; + GUESS=c38-convex-bsd + ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) - echo c4-convex-bsd - exit ;; + GUESS=c4-convex-bsd + ;; CRAY*Y-MP:*:*:*) - echo ymp-cray-unicos"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=ymp-cray-unicos$CRAY_REL + ;; CRAY*[A-Z]90:*:*:*) echo "$UNAME_MACHINE"-cray-unicos"$UNAME_RELEASE" \ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ @@ -809,103 +855,129 @@ EOF -e 's/\.[^.]*$/.X/' exit ;; CRAY*TS:*:*:*) - echo t90-cray-unicos"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=t90-cray-unicos$CRAY_REL + ;; CRAY*T3E:*:*:*) - echo alphaev5-cray-unicosmk"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=alphaev5-cray-unicosmk$CRAY_REL + ;; CRAY*SV1:*:*:*) - echo sv1-cray-unicos"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=sv1-cray-unicos$CRAY_REL + ;; *:UNICOS/mp:*:*) - echo craynv-cray-unicosmp"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=craynv-cray-unicosmp$CRAY_REL + ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` FUJITSU_REL=`echo "$UNAME_RELEASE" | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + GUESS=${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL} + ;; 5000:UNIX_System_V:4.*:*) FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` FUJITSU_REL=`echo "$UNAME_RELEASE" | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + GUESS=sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL} + ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) - echo "$UNAME_MACHINE"-pc-bsdi"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-pc-bsdi$UNAME_RELEASE + ;; sparc*:BSD/OS:*:*) - echo sparc-unknown-bsdi"$UNAME_RELEASE" - exit ;; + GUESS=sparc-unknown-bsdi$UNAME_RELEASE + ;; *:BSD/OS:*:*) - echo "$UNAME_MACHINE"-unknown-bsdi"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-bsdi$UNAME_RELEASE + ;; + arm:FreeBSD:*:*) + UNAME_PROCESSOR=`uname -p` + set_cc_for_build + if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_PCS_VFP + then + FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL-gnueabi + else + FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL-gnueabihf + fi + ;; *:FreeBSD:*:*) UNAME_PROCESSOR=`/usr/bin/uname -p` - case "$UNAME_PROCESSOR" in + case $UNAME_PROCESSOR in amd64) UNAME_PROCESSOR=x86_64 ;; i386) UNAME_PROCESSOR=i586 ;; esac - echo "$UNAME_PROCESSOR"-unknown-freebsd"`echo "$UNAME_RELEASE"|sed -e 's/[-(].*//'`" - exit ;; + FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL + ;; i*:CYGWIN*:*) - echo "$UNAME_MACHINE"-pc-cygwin - exit ;; + GUESS=$UNAME_MACHINE-pc-cygwin + ;; *:MINGW64*:*) - echo "$UNAME_MACHINE"-pc-mingw64 - exit ;; + GUESS=$UNAME_MACHINE-pc-mingw64 + ;; *:MINGW*:*) - echo "$UNAME_MACHINE"-pc-mingw32 - exit ;; + GUESS=$UNAME_MACHINE-pc-mingw32 + ;; *:MSYS*:*) - echo "$UNAME_MACHINE"-pc-msys - exit ;; + GUESS=$UNAME_MACHINE-pc-msys + ;; i*:PW*:*) - echo "$UNAME_MACHINE"-pc-pw32 - exit ;; + GUESS=$UNAME_MACHINE-pc-pw32 + ;; + *:SerenityOS:*:*) + GUESS=$UNAME_MACHINE-pc-serenity + ;; *:Interix*:*) - case "$UNAME_MACHINE" in + case $UNAME_MACHINE in x86) - echo i586-pc-interix"$UNAME_RELEASE" - exit ;; + GUESS=i586-pc-interix$UNAME_RELEASE + ;; authenticamd | genuineintel | EM64T) - echo x86_64-unknown-interix"$UNAME_RELEASE" - exit ;; + GUESS=x86_64-unknown-interix$UNAME_RELEASE + ;; IA64) - echo ia64-unknown-interix"$UNAME_RELEASE" - exit ;; + GUESS=ia64-unknown-interix$UNAME_RELEASE + ;; esac ;; i*:UWIN*:*) - echo "$UNAME_MACHINE"-pc-uwin - exit ;; + GUESS=$UNAME_MACHINE-pc-uwin + ;; amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) - echo x86_64-unknown-cygwin - exit ;; + GUESS=x86_64-pc-cygwin + ;; prep*:SunOS:5.*:*) - echo powerpcle-unknown-solaris2"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=powerpcle-unknown-solaris2$SUN_REL + ;; *:GNU:*:*) # the GNU system - echo "`echo "$UNAME_MACHINE"|sed -e 's,[-/].*$,,'`-unknown-$LIBC`echo "$UNAME_RELEASE"|sed -e 's,/.*$,,'`" - exit ;; + GNU_ARCH=`echo "$UNAME_MACHINE" | sed -e 's,[-/].*$,,'` + GNU_REL=`echo "$UNAME_RELEASE" | sed -e 's,/.*$,,'` + GUESS=$GNU_ARCH-unknown-$LIBC$GNU_REL + ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo "$UNAME_MACHINE-unknown-`echo "$UNAME_SYSTEM" | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"``echo "$UNAME_RELEASE"|sed -e 's/[-(].*//'`-$LIBC" - exit ;; - i*86:Minix:*:*) - echo "$UNAME_MACHINE"-pc-minix - exit ;; + GNU_SYS=`echo "$UNAME_SYSTEM" | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"` + GNU_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_MACHINE-unknown-$GNU_SYS$GNU_REL-$LIBC + ;; + *:Minix:*:*) + GUESS=$UNAME_MACHINE-unknown-minix + ;; aarch64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; aarch64_be:Linux:*:*) UNAME_MACHINE=aarch64_be - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' /proc/cpuinfo 2>/dev/null` in EV5) UNAME_MACHINE=alphaev5 ;; EV56) UNAME_MACHINE=alphaev56 ;; PCA56) UNAME_MACHINE=alphapca56 ;; @@ -916,187 +988,225 @@ EOF esac objdump --private-headers /bin/sh | grep -q ld.so.1 if test "$?" = 0 ; then LIBC=gnulibc1 ; fi - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; - arc:Linux:*:* | arceb:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; + arc:Linux:*:* | arceb:Linux:*:* | arc32:Linux:*:* | arc64:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; arm*:Linux:*:*) - eval "$set_cc_for_build" + set_cc_for_build if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_EABI__ then - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC else if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_PCS_VFP then - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"eabi + GUESS=$UNAME_MACHINE-unknown-linux-${LIBC}eabi else - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"eabihf + GUESS=$UNAME_MACHINE-unknown-linux-${LIBC}eabihf fi fi - exit ;; + ;; avr32*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; cris:Linux:*:*) - echo "$UNAME_MACHINE"-axis-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-axis-linux-$LIBC + ;; crisv32:Linux:*:*) - echo "$UNAME_MACHINE"-axis-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-axis-linux-$LIBC + ;; e2k:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; frv:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; hexagon:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; i*86:Linux:*:*) - echo "$UNAME_MACHINE"-pc-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-pc-linux-$LIBC + ;; ia64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; k1om:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; + loongarch32:Linux:*:* | loongarch64:Linux:*:* | loongarchx32:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; m32r*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; m68*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; mips:Linux:*:* | mips64:Linux:*:*) - eval "$set_cc_for_build" + set_cc_for_build + IS_GLIBC=0 + test x"${LIBC}" = xgnu && IS_GLIBC=1 sed 's/^ //' << EOF > "$dummy.c" #undef CPU - #undef ${UNAME_MACHINE} - #undef ${UNAME_MACHINE}el + #undef mips + #undef mipsel + #undef mips64 + #undef mips64el + #if ${IS_GLIBC} && defined(_ABI64) + LIBCABI=gnuabi64 + #else + #if ${IS_GLIBC} && defined(_ABIN32) + LIBCABI=gnuabin32 + #else + LIBCABI=${LIBC} + #endif + #endif + + #if ${IS_GLIBC} && defined(__mips64) && defined(__mips_isa_rev) && __mips_isa_rev>=6 + CPU=mipsisa64r6 + #else + #if ${IS_GLIBC} && !defined(__mips64) && defined(__mips_isa_rev) && __mips_isa_rev>=6 + CPU=mipsisa32r6 + #else + #if defined(__mips64) + CPU=mips64 + #else + CPU=mips + #endif + #endif + #endif + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=${UNAME_MACHINE}el + MIPS_ENDIAN=el #else #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=${UNAME_MACHINE} + MIPS_ENDIAN= #else - CPU= + MIPS_ENDIAN= #endif #endif EOF - eval "`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^CPU'`" - test "x$CPU" != x && { echo "$CPU-unknown-linux-$LIBC"; exit; } + cc_set_vars=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^CPU\|^MIPS_ENDIAN\|^LIBCABI'` + eval "$cc_set_vars" + test "x$CPU" != x && { echo "$CPU${MIPS_ENDIAN}-unknown-linux-$LIBCABI"; exit; } ;; mips64el:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; openrisc*:Linux:*:*) - echo or1k-unknown-linux-"$LIBC" - exit ;; + GUESS=or1k-unknown-linux-$LIBC + ;; or32:Linux:*:* | or1k*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; padre:Linux:*:*) - echo sparc-unknown-linux-"$LIBC" - exit ;; + GUESS=sparc-unknown-linux-$LIBC + ;; parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-"$LIBC" - exit ;; + GUESS=hppa64-unknown-linux-$LIBC + ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-"$LIBC" ;; - PA8*) echo hppa2.0-unknown-linux-"$LIBC" ;; - *) echo hppa-unknown-linux-"$LIBC" ;; + PA7*) GUESS=hppa1.1-unknown-linux-$LIBC ;; + PA8*) GUESS=hppa2.0-unknown-linux-$LIBC ;; + *) GUESS=hppa-unknown-linux-$LIBC ;; esac - exit ;; + ;; ppc64:Linux:*:*) - echo powerpc64-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpc64-unknown-linux-$LIBC + ;; ppc:Linux:*:*) - echo powerpc-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpc-unknown-linux-$LIBC + ;; ppc64le:Linux:*:*) - echo powerpc64le-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpc64le-unknown-linux-$LIBC + ;; ppcle:Linux:*:*) - echo powerpcle-unknown-linux-"$LIBC" - exit ;; - riscv32:Linux:*:* | riscv64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpcle-unknown-linux-$LIBC + ;; + riscv32:Linux:*:* | riscv32be:Linux:*:* | riscv64:Linux:*:* | riscv64be:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; s390:Linux:*:* | s390x:Linux:*:*) - echo "$UNAME_MACHINE"-ibm-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-ibm-linux-$LIBC + ;; sh64*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; sh*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; sparc:Linux:*:* | sparc64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; tile*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; vax:Linux:*:*) - echo "$UNAME_MACHINE"-dec-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-dec-linux-$LIBC + ;; x86_64:Linux:*:*) - if objdump -f /bin/sh | grep -q elf32-x86-64; then - echo "$UNAME_MACHINE"-pc-linux-"$LIBC"x32 - else - echo "$UNAME_MACHINE"-pc-linux-"$LIBC" + set_cc_for_build + LIBCABI=$LIBC + if test "$CC_FOR_BUILD" != no_compiler_found; then + if (echo '#ifdef __ILP32__'; echo IS_X32; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_X32 >/dev/null + then + LIBCABI=${LIBC}x32 + fi fi - exit ;; + GUESS=$UNAME_MACHINE-pc-linux-$LIBCABI + ;; xtensa*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both # sysname and nodename. - echo i386-sequent-sysv4 - exit ;; + GUESS=i386-sequent-sysv4 + ;; i*86:UNIX_SV:4.2MP:2.*) # Unixware is an offshoot of SVR4, but it has its own version # number series starting with 2... # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. # Use sysv4.2uw... so that sysv4* matches it. - echo "$UNAME_MACHINE"-pc-sysv4.2uw"$UNAME_VERSION" - exit ;; + GUESS=$UNAME_MACHINE-pc-sysv4.2uw$UNAME_VERSION + ;; i*86:OS/2:*:*) # If we were able to find `uname', then EMX Unix compatibility # is probably installed. - echo "$UNAME_MACHINE"-pc-os2-emx - exit ;; + GUESS=$UNAME_MACHINE-pc-os2-emx + ;; i*86:XTS-300:*:STOP) - echo "$UNAME_MACHINE"-unknown-stop - exit ;; + GUESS=$UNAME_MACHINE-unknown-stop + ;; i*86:atheos:*:*) - echo "$UNAME_MACHINE"-unknown-atheos - exit ;; + GUESS=$UNAME_MACHINE-unknown-atheos + ;; i*86:syllable:*:*) - echo "$UNAME_MACHINE"-pc-syllable - exit ;; + GUESS=$UNAME_MACHINE-pc-syllable + ;; i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) - echo i386-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=i386-unknown-lynxos$UNAME_RELEASE + ;; i*86:*DOS:*:*) - echo "$UNAME_MACHINE"-pc-msdosdjgpp - exit ;; + GUESS=$UNAME_MACHINE-pc-msdosdjgpp + ;; i*86:*:4.*:*) UNAME_REL=`echo "$UNAME_RELEASE" | sed 's/\/MP$//'` if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then - echo "$UNAME_MACHINE"-univel-sysv"$UNAME_REL" + GUESS=$UNAME_MACHINE-univel-sysv$UNAME_REL else - echo "$UNAME_MACHINE"-pc-sysv"$UNAME_REL" + GUESS=$UNAME_MACHINE-pc-sysv$UNAME_REL fi - exit ;; + ;; i*86:*:5:[678]*) # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in @@ -1104,12 +1214,12 @@ EOF *Pentium) UNAME_MACHINE=i586 ;; *Pent*|*Celeron) UNAME_MACHINE=i686 ;; esac - echo "$UNAME_MACHINE-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}{$UNAME_VERSION}" - exit ;; + GUESS=$UNAME_MACHINE-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + ;; i*86:*:3.2:*) if test -f /usr/options/cb.name; then UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 @@ -1119,11 +1229,11 @@ EOF && UNAME_MACHINE=i686 (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ && UNAME_MACHINE=i686 - echo "$UNAME_MACHINE"-pc-sco"$UNAME_REL" + GUESS=$UNAME_MACHINE-pc-sco$UNAME_REL else - echo "$UNAME_MACHINE"-pc-sysv32 + GUESS=$UNAME_MACHINE-pc-sysv32 fi - exit ;; + ;; pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about @@ -1131,31 +1241,31 @@ EOF # Note: whatever this is, it MUST be the same as what config.sub # prints for the "djgpp" host, or else GDB configure will decide that # this is a cross-build. - echo i586-pc-msdosdjgpp - exit ;; + GUESS=i586-pc-msdosdjgpp + ;; Intel:Mach:3*:*) - echo i386-pc-mach3 - exit ;; + GUESS=i386-pc-mach3 + ;; paragon:*:*:*) - echo i860-intel-osf1 - exit ;; + GUESS=i860-intel-osf1 + ;; i860:*:4.*:*) # i860-SVR4 if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then - echo i860-stardent-sysv"$UNAME_RELEASE" # Stardent Vistra i860-SVR4 + GUESS=i860-stardent-sysv$UNAME_RELEASE # Stardent Vistra i860-SVR4 else # Add other i860-SVR4 vendors below as they are discovered. - echo i860-unknown-sysv"$UNAME_RELEASE" # Unknown i860-SVR4 + GUESS=i860-unknown-sysv$UNAME_RELEASE # Unknown i860-SVR4 fi - exit ;; + ;; mini*:CTIX:SYS*5:*) # "miniframe" - echo m68010-convergent-sysv - exit ;; + GUESS=m68010-convergent-sysv + ;; mc68k:UNIX:SYSTEM5:3.51m) - echo m68k-convergent-sysv - exit ;; + GUESS=m68k-convergent-sysv + ;; M680?0:D-NIX:5.3:*) - echo m68k-diab-dnix - exit ;; + GUESS=m68k-diab-dnix + ;; M68*:*:R3V[5678]*:*) test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) @@ -1180,249 +1290,404 @@ EOF /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ && { echo i586-ncr-sysv4.3"$OS_REL"; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) - echo m68k-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=m68k-unknown-lynxos$UNAME_RELEASE + ;; mc68030:UNIX_System_V:4.*:*) - echo m68k-atari-sysv4 - exit ;; + GUESS=m68k-atari-sysv4 + ;; TSUNAMI:LynxOS:2.*:*) - echo sparc-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=sparc-unknown-lynxos$UNAME_RELEASE + ;; rs6000:LynxOS:2.*:*) - echo rs6000-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=rs6000-unknown-lynxos$UNAME_RELEASE + ;; PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) - echo powerpc-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-unknown-lynxos$UNAME_RELEASE + ;; SM[BE]S:UNIX_SV:*:*) - echo mips-dde-sysv"$UNAME_RELEASE" - exit ;; + GUESS=mips-dde-sysv$UNAME_RELEASE + ;; RM*:ReliantUNIX-*:*:*) - echo mips-sni-sysv4 - exit ;; + GUESS=mips-sni-sysv4 + ;; RM*:SINIX-*:*:*) - echo mips-sni-sysv4 - exit ;; + GUESS=mips-sni-sysv4 + ;; *:SINIX-*:*:*) if uname -p 2>/dev/null >/dev/null ; then UNAME_MACHINE=`(uname -p) 2>/dev/null` - echo "$UNAME_MACHINE"-sni-sysv4 + GUESS=$UNAME_MACHINE-sni-sysv4 else - echo ns32k-sni-sysv + GUESS=ns32k-sni-sysv fi - exit ;; + ;; PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort # says - echo i586-unisys-sysv4 - exit ;; + GUESS=i586-unisys-sysv4 + ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm - echo hppa1.1-stratus-sysv4 - exit ;; + GUESS=hppa1.1-stratus-sysv4 + ;; *:*:*:FTX*) # From seanf@swdc.stratus.com. - echo i860-stratus-sysv4 - exit ;; + GUESS=i860-stratus-sysv4 + ;; i*86:VOS:*:*) # From Paul.Green@stratus.com. - echo "$UNAME_MACHINE"-stratus-vos - exit ;; + GUESS=$UNAME_MACHINE-stratus-vos + ;; *:VOS:*:*) # From Paul.Green@stratus.com. - echo hppa1.1-stratus-vos - exit ;; + GUESS=hppa1.1-stratus-vos + ;; mc68*:A/UX:*:*) - echo m68k-apple-aux"$UNAME_RELEASE" - exit ;; + GUESS=m68k-apple-aux$UNAME_RELEASE + ;; news*:NEWS-OS:6*:*) - echo mips-sony-newsos6 - exit ;; + GUESS=mips-sony-newsos6 + ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then - echo mips-nec-sysv"$UNAME_RELEASE" + if test -d /usr/nec; then + GUESS=mips-nec-sysv$UNAME_RELEASE else - echo mips-unknown-sysv"$UNAME_RELEASE" + GUESS=mips-unknown-sysv$UNAME_RELEASE fi - exit ;; + ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. - echo powerpc-be-beos - exit ;; + GUESS=powerpc-be-beos + ;; BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. - echo powerpc-apple-beos - exit ;; + GUESS=powerpc-apple-beos + ;; BePC:BeOS:*:*) # BeOS running on Intel PC compatible. - echo i586-pc-beos - exit ;; + GUESS=i586-pc-beos + ;; BePC:Haiku:*:*) # Haiku running on Intel PC compatible. - echo i586-pc-haiku - exit ;; + GUESS=i586-pc-haiku + ;; x86_64:Haiku:*:*) - echo x86_64-unknown-haiku - exit ;; + GUESS=x86_64-unknown-haiku + ;; SX-4:SUPER-UX:*:*) - echo sx4-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx4-nec-superux$UNAME_RELEASE + ;; SX-5:SUPER-UX:*:*) - echo sx5-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx5-nec-superux$UNAME_RELEASE + ;; SX-6:SUPER-UX:*:*) - echo sx6-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx6-nec-superux$UNAME_RELEASE + ;; SX-7:SUPER-UX:*:*) - echo sx7-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx7-nec-superux$UNAME_RELEASE + ;; SX-8:SUPER-UX:*:*) - echo sx8-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx8-nec-superux$UNAME_RELEASE + ;; SX-8R:SUPER-UX:*:*) - echo sx8r-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx8r-nec-superux$UNAME_RELEASE + ;; SX-ACE:SUPER-UX:*:*) - echo sxace-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sxace-nec-superux$UNAME_RELEASE + ;; Power*:Rhapsody:*:*) - echo powerpc-apple-rhapsody"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-apple-rhapsody$UNAME_RELEASE + ;; *:Rhapsody:*:*) - echo "$UNAME_MACHINE"-apple-rhapsody"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-apple-rhapsody$UNAME_RELEASE + ;; + arm64:Darwin:*:*) + GUESS=aarch64-apple-darwin$UNAME_RELEASE + ;; *:Darwin:*:*) - UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - eval "$set_cc_for_build" - if test "$UNAME_PROCESSOR" = unknown ; then - UNAME_PROCESSOR=powerpc + UNAME_PROCESSOR=`uname -p` + case $UNAME_PROCESSOR in + unknown) UNAME_PROCESSOR=powerpc ;; + esac + if command -v xcode-select > /dev/null 2> /dev/null && \ + ! xcode-select --print-path > /dev/null 2> /dev/null ; then + # Avoid executing cc if there is no toolchain installed as + # cc will be a stub that puts up a graphical alert + # prompting the user to install developer tools. + CC_FOR_BUILD=no_compiler_found + else + set_cc_for_build fi - if test "`echo "$UNAME_RELEASE" | sed -e 's/\..*//'`" -le 10 ; then - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - case $UNAME_PROCESSOR in - i386) UNAME_PROCESSOR=x86_64 ;; - powerpc) UNAME_PROCESSOR=powerpc64 ;; - esac - fi - # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc - if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_PPC >/dev/null - then - UNAME_PROCESSOR=powerpc - fi + if test "$CC_FOR_BUILD" != no_compiler_found; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc + if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_PPC >/dev/null + then + UNAME_PROCESSOR=powerpc fi elif test "$UNAME_PROCESSOR" = i386 ; then - # Avoid executing cc on OS X 10.9, as it ships with a stub - # that puts up a graphical alert prompting to install - # developer tools. Any system running Mac OS X 10.7 or - # later (Darwin 11 and later) is required to have a 64-bit - # processor. This is not true of the ARM version of Darwin - # that Apple uses in portable devices. - UNAME_PROCESSOR=x86_64 + # uname -m returns i386 or x86_64 + UNAME_PROCESSOR=$UNAME_MACHINE fi - echo "$UNAME_PROCESSOR"-apple-darwin"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_PROCESSOR-apple-darwin$UNAME_RELEASE + ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) UNAME_PROCESSOR=`uname -p` if test "$UNAME_PROCESSOR" = x86; then UNAME_PROCESSOR=i386 UNAME_MACHINE=pc fi - echo "$UNAME_PROCESSOR"-"$UNAME_MACHINE"-nto-qnx"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_PROCESSOR-$UNAME_MACHINE-nto-qnx$UNAME_RELEASE + ;; *:QNX:*:4*) - echo i386-pc-qnx - exit ;; + GUESS=i386-pc-qnx + ;; NEO-*:NONSTOP_KERNEL:*:*) - echo neo-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=neo-tandem-nsk$UNAME_RELEASE + ;; NSE-*:NONSTOP_KERNEL:*:*) - echo nse-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nse-tandem-nsk$UNAME_RELEASE + ;; NSR-*:NONSTOP_KERNEL:*:*) - echo nsr-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nsr-tandem-nsk$UNAME_RELEASE + ;; NSV-*:NONSTOP_KERNEL:*:*) - echo nsv-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nsv-tandem-nsk$UNAME_RELEASE + ;; NSX-*:NONSTOP_KERNEL:*:*) - echo nsx-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nsx-tandem-nsk$UNAME_RELEASE + ;; *:NonStop-UX:*:*) - echo mips-compaq-nonstopux - exit ;; + GUESS=mips-compaq-nonstopux + ;; BS2000:POSIX*:*:*) - echo bs2000-siemens-sysv - exit ;; + GUESS=bs2000-siemens-sysv + ;; DS/*:UNIX_System_V:*:*) - echo "$UNAME_MACHINE"-"$UNAME_SYSTEM"-"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-$UNAME_SYSTEM-$UNAME_RELEASE + ;; *:Plan9:*:*) # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 # operating systems. - if test "$cputype" = 386; then + if test "${cputype-}" = 386; then UNAME_MACHINE=i386 - else - UNAME_MACHINE="$cputype" + elif test "x${cputype-}" != x; then + UNAME_MACHINE=$cputype fi - echo "$UNAME_MACHINE"-unknown-plan9 - exit ;; + GUESS=$UNAME_MACHINE-unknown-plan9 + ;; *:TOPS-10:*:*) - echo pdp10-unknown-tops10 - exit ;; + GUESS=pdp10-unknown-tops10 + ;; *:TENEX:*:*) - echo pdp10-unknown-tenex - exit ;; + GUESS=pdp10-unknown-tenex + ;; KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) - echo pdp10-dec-tops20 - exit ;; + GUESS=pdp10-dec-tops20 + ;; XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) - echo pdp10-xkl-tops20 - exit ;; + GUESS=pdp10-xkl-tops20 + ;; *:TOPS-20:*:*) - echo pdp10-unknown-tops20 - exit ;; + GUESS=pdp10-unknown-tops20 + ;; *:ITS:*:*) - echo pdp10-unknown-its - exit ;; + GUESS=pdp10-unknown-its + ;; SEI:*:*:SEIUX) - echo mips-sei-seiux"$UNAME_RELEASE" - exit ;; + GUESS=mips-sei-seiux$UNAME_RELEASE + ;; *:DragonFly:*:*) - echo "$UNAME_MACHINE"-unknown-dragonfly"`echo "$UNAME_RELEASE"|sed -e 's/[-(].*//'`" - exit ;; + DRAGONFLY_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_MACHINE-unknown-dragonfly$DRAGONFLY_REL + ;; *:*VMS:*:*) UNAME_MACHINE=`(uname -p) 2>/dev/null` - case "$UNAME_MACHINE" in - A*) echo alpha-dec-vms ; exit ;; - I*) echo ia64-dec-vms ; exit ;; - V*) echo vax-dec-vms ; exit ;; + case $UNAME_MACHINE in + A*) GUESS=alpha-dec-vms ;; + I*) GUESS=ia64-dec-vms ;; + V*) GUESS=vax-dec-vms ;; esac ;; *:XENIX:*:SysV) - echo i386-pc-xenix - exit ;; + GUESS=i386-pc-xenix + ;; i*86:skyos:*:*) - echo "$UNAME_MACHINE"-pc-skyos"`echo "$UNAME_RELEASE" | sed -e 's/ .*$//'`" - exit ;; + SKYOS_REL=`echo "$UNAME_RELEASE" | sed -e 's/ .*$//'` + GUESS=$UNAME_MACHINE-pc-skyos$SKYOS_REL + ;; i*86:rdos:*:*) - echo "$UNAME_MACHINE"-pc-rdos - exit ;; - i*86:AROS:*:*) - echo "$UNAME_MACHINE"-pc-aros - exit ;; + GUESS=$UNAME_MACHINE-pc-rdos + ;; + i*86:Fiwix:*:*) + GUESS=$UNAME_MACHINE-pc-fiwix + ;; + *:AROS:*:*) + GUESS=$UNAME_MACHINE-unknown-aros + ;; x86_64:VMkernel:*:*) - echo "$UNAME_MACHINE"-unknown-esx - exit ;; + GUESS=$UNAME_MACHINE-unknown-esx + ;; amd64:Isilon\ OneFS:*:*) - echo x86_64-unknown-onefs - exit ;; + GUESS=x86_64-unknown-onefs + ;; + *:Unleashed:*:*) + GUESS=$UNAME_MACHINE-unknown-unleashed$UNAME_RELEASE + ;; esac +# Do we have a guess based on uname results? +if test "x$GUESS" != x; then + echo "$GUESS" + exit +fi + +# No uname command or uname output not recognized. +set_cc_for_build +cat > "$dummy.c" < +#include +#endif +#if defined(ultrix) || defined(_ultrix) || defined(__ultrix) || defined(__ultrix__) +#if defined (vax) || defined (__vax) || defined (__vax__) || defined(mips) || defined(__mips) || defined(__mips__) || defined(MIPS) || defined(__MIPS__) +#include +#if defined(_SIZE_T_) || defined(SIGLOST) +#include +#endif +#endif +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + if (version < 4) + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + else + printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); +#endif + +#if defined (vax) +#if !defined (ultrix) +#include +#if defined (BSD) +#if BSD == 43 + printf ("vax-dec-bsd4.3\n"); exit (0); +#else +#if BSD == 199006 + printf ("vax-dec-bsd4.3reno\n"); exit (0); +#else + printf ("vax-dec-bsd\n"); exit (0); +#endif +#endif +#else + printf ("vax-dec-bsd\n"); exit (0); +#endif +#else +#if defined(_SIZE_T_) || defined(SIGLOST) + struct utsname un; + uname (&un); + printf ("vax-dec-ultrix%s\n", un.release); exit (0); +#else + printf ("vax-dec-ultrix\n"); exit (0); +#endif +#endif +#endif +#if defined(ultrix) || defined(_ultrix) || defined(__ultrix) || defined(__ultrix__) +#if defined(mips) || defined(__mips) || defined(__mips__) || defined(MIPS) || defined(__MIPS__) +#if defined(_SIZE_T_) || defined(SIGLOST) + struct utsname *un; + uname (&un); + printf ("mips-dec-ultrix%s\n", un.release); exit (0); +#else + printf ("mips-dec-ultrix\n"); exit (0); +#endif +#endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +$CC_FOR_BUILD -o "$dummy" "$dummy.c" 2>/dev/null && SYSTEM_NAME=`"$dummy"` && + { echo "$SYSTEM_NAME"; exit; } + +# Apollos put the system type in the environment. +test -d /usr/apollo && { echo "$ISP-apollo-$SYSTYPE"; exit; } + echo "$0: unable to guess system type" >&2 -case "$UNAME_MACHINE:$UNAME_SYSTEM" in +case $UNAME_MACHINE:$UNAME_SYSTEM in mips:Linux | mips64:Linux) # If we got here on MIPS GNU/Linux, output extra information. cat >&2 <&2 <&2 exit 1 ;; *local*) @@ -110,1223 +119,1186 @@ case $# in exit 1;; esac -# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). -# Here we must recognize all the valid KERNEL-OS combinations. -maybe_os=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` -case $maybe_os in - nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ - linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ - knetbsd*-gnu* | netbsd*-gnu* | netbsd*-eabi* | \ - kopensolaris*-gnu* | cloudabi*-eabi* | \ - storm-chaos* | os2-emx* | rtmk-nova*) - os=-$maybe_os - basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` - ;; - android-linux) - os=-linux-android - basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown - ;; - *) - basic_machine=`echo "$1" | sed 's/-[^-]*$//'` - if [ "$basic_machine" != "$1" ] - then os=`echo "$1" | sed 's/.*-/-/'` - else os=; fi - ;; -esac +# Split fields of configuration type +# shellcheck disable=SC2162 +saved_IFS=$IFS +IFS="-" read field1 field2 field3 field4 <&2 + exit 1 ;; - -lynx*) - os=-lynxos + *-*-*-*) + basic_machine=$field1-$field2 + basic_os=$field3-$field4 ;; - -ptx*) - basic_machine=`echo "$1" | sed -e 's/86-.*/86-sequent/'` + *-*-*) + # Ambiguous whether COMPANY is present, or skipped and KERNEL-OS is two + # parts + maybe_os=$field2-$field3 + case $maybe_os in + nto-qnx* | linux-* | uclinux-uclibc* \ + | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* \ + | netbsd*-eabi* | kopensolaris*-gnu* | cloudabi*-eabi* \ + | storm-chaos* | os2-emx* | rtmk-nova*) + basic_machine=$field1 + basic_os=$maybe_os + ;; + android-linux) + basic_machine=$field1-unknown + basic_os=linux-android + ;; + *) + basic_machine=$field1-$field2 + basic_os=$field3 + ;; + esac ;; - -psos*) - os=-psos + *-*) + # A lone config we happen to match not fitting any pattern + case $field1-$field2 in + decstation-3100) + basic_machine=mips-dec + basic_os= + ;; + *-*) + # Second component is usually, but not always the OS + case $field2 in + # Prevent following clause from handling this valid os + sun*os*) + basic_machine=$field1 + basic_os=$field2 + ;; + zephyr*) + basic_machine=$field1-unknown + basic_os=$field2 + ;; + # Manufacturers + dec* | mips* | sequent* | encore* | pc533* | sgi* | sony* \ + | att* | 7300* | 3300* | delta* | motorola* | sun[234]* \ + | unicom* | ibm* | next | hp | isi* | apollo | altos* \ + | convergent* | ncr* | news | 32* | 3600* | 3100* \ + | hitachi* | c[123]* | convex* | sun | crds | omron* | dg \ + | ultra | tti* | harris | dolphin | highlevel | gould \ + | cbm | ns | masscomp | apple | axis | knuth | cray \ + | microblaze* | sim | cisco \ + | oki | wec | wrs | winbond) + basic_machine=$field1-$field2 + basic_os= + ;; + *) + basic_machine=$field1 + basic_os=$field2 + ;; + esac + ;; + esac ;; - -mint | -mint[0-9]*) - basic_machine=m68k-atari - os=-mint + *) + # Convert single-component short-hands not valid as part of + # multi-component configurations. + case $field1 in + 386bsd) + basic_machine=i386-pc + basic_os=bsd + ;; + a29khif) + basic_machine=a29k-amd + basic_os=udi + ;; + adobe68k) + basic_machine=m68010-adobe + basic_os=scout + ;; + alliant) + basic_machine=fx80-alliant + basic_os= + ;; + altos | altos3068) + basic_machine=m68k-altos + basic_os= + ;; + am29k) + basic_machine=a29k-none + basic_os=bsd + ;; + amdahl) + basic_machine=580-amdahl + basic_os=sysv + ;; + amiga) + basic_machine=m68k-unknown + basic_os= + ;; + amigaos | amigados) + basic_machine=m68k-unknown + basic_os=amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + basic_os=sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + basic_os=sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + basic_os=bsd + ;; + aros) + basic_machine=i386-pc + basic_os=aros + ;; + aux) + basic_machine=m68k-apple + basic_os=aux + ;; + balance) + basic_machine=ns32k-sequent + basic_os=dynix + ;; + blackfin) + basic_machine=bfin-unknown + basic_os=linux + ;; + cegcc) + basic_machine=arm-unknown + basic_os=cegcc + ;; + convex-c1) + basic_machine=c1-convex + basic_os=bsd + ;; + convex-c2) + basic_machine=c2-convex + basic_os=bsd + ;; + convex-c32) + basic_machine=c32-convex + basic_os=bsd + ;; + convex-c34) + basic_machine=c34-convex + basic_os=bsd + ;; + convex-c38) + basic_machine=c38-convex + basic_os=bsd + ;; + cray) + basic_machine=j90-cray + basic_os=unicos + ;; + crds | unos) + basic_machine=m68k-crds + basic_os= + ;; + da30) + basic_machine=m68k-da30 + basic_os= + ;; + decstation | pmax | pmin | dec3100 | decstatn) + basic_machine=mips-dec + basic_os= + ;; + delta88) + basic_machine=m88k-motorola + basic_os=sysv3 + ;; + dicos) + basic_machine=i686-pc + basic_os=dicos + ;; + djgpp) + basic_machine=i586-pc + basic_os=msdosdjgpp + ;; + ebmon29k) + basic_machine=a29k-amd + basic_os=ebmon + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + basic_os=ose + ;; + gmicro) + basic_machine=tron-gmicro + basic_os=sysv + ;; + go32) + basic_machine=i386-pc + basic_os=go32 + ;; + h8300hms) + basic_machine=h8300-hitachi + basic_os=hms + ;; + h8300xray) + basic_machine=h8300-hitachi + basic_os=xray + ;; + h8500hms) + basic_machine=h8500-hitachi + basic_os=hms + ;; + harris) + basic_machine=m88k-harris + basic_os=sysv3 + ;; + hp300 | hp300hpux) + basic_machine=m68k-hp + basic_os=hpux + ;; + hp300bsd) + basic_machine=m68k-hp + basic_os=bsd + ;; + hppaosf) + basic_machine=hppa1.1-hp + basic_os=osf + ;; + hppro) + basic_machine=hppa1.1-hp + basic_os=proelf + ;; + i386mach) + basic_machine=i386-mach + basic_os=mach + ;; + isi68 | isi) + basic_machine=m68k-isi + basic_os=sysv + ;; + m68knommu) + basic_machine=m68k-unknown + basic_os=linux + ;; + magnum | m3230) + basic_machine=mips-mips + basic_os=sysv + ;; + merlin) + basic_machine=ns32k-utek + basic_os=sysv + ;; + mingw64) + basic_machine=x86_64-pc + basic_os=mingw64 + ;; + mingw32) + basic_machine=i686-pc + basic_os=mingw32 + ;; + mingw32ce) + basic_machine=arm-unknown + basic_os=mingw32ce + ;; + monitor) + basic_machine=m68k-rom68k + basic_os=coff + ;; + morphos) + basic_machine=powerpc-unknown + basic_os=morphos + ;; + moxiebox) + basic_machine=moxie-unknown + basic_os=moxiebox + ;; + msdos) + basic_machine=i386-pc + basic_os=msdos + ;; + msys) + basic_machine=i686-pc + basic_os=msys + ;; + mvs) + basic_machine=i370-ibm + basic_os=mvs + ;; + nacl) + basic_machine=le32-unknown + basic_os=nacl + ;; + ncr3000) + basic_machine=i486-ncr + basic_os=sysv4 + ;; + netbsd386) + basic_machine=i386-pc + basic_os=netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + basic_os=linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + basic_os=newsos + ;; + news1000) + basic_machine=m68030-sony + basic_os=newsos + ;; + necv70) + basic_machine=v70-nec + basic_os=sysv + ;; + nh3000) + basic_machine=m68k-harris + basic_os=cxux + ;; + nh[45]000) + basic_machine=m88k-harris + basic_os=cxux + ;; + nindy960) + basic_machine=i960-intel + basic_os=nindy + ;; + mon960) + basic_machine=i960-intel + basic_os=mon960 + ;; + nonstopux) + basic_machine=mips-compaq + basic_os=nonstopux + ;; + os400) + basic_machine=powerpc-ibm + basic_os=os400 + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + basic_os=ose + ;; + os68k) + basic_machine=m68k-none + basic_os=os68k + ;; + paragon) + basic_machine=i860-intel + basic_os=osf + ;; + parisc) + basic_machine=hppa-unknown + basic_os=linux + ;; + psp) + basic_machine=mipsallegrexel-sony + basic_os=psp + ;; + pw32) + basic_machine=i586-unknown + basic_os=pw32 + ;; + rdos | rdos64) + basic_machine=x86_64-pc + basic_os=rdos + ;; + rdos32) + basic_machine=i386-pc + basic_os=rdos + ;; + rom68k) + basic_machine=m68k-rom68k + basic_os=coff + ;; + sa29200) + basic_machine=a29k-amd + basic_os=udi + ;; + sei) + basic_machine=mips-sei + basic_os=seiux + ;; + sequent) + basic_machine=i386-sequent + basic_os= + ;; + sps7) + basic_machine=m68k-bull + basic_os=sysv2 + ;; + st2000) + basic_machine=m68k-tandem + basic_os= + ;; + stratus) + basic_machine=i860-stratus + basic_os=sysv4 + ;; + sun2) + basic_machine=m68000-sun + basic_os= + ;; + sun2os3) + basic_machine=m68000-sun + basic_os=sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + basic_os=sunos4 + ;; + sun3) + basic_machine=m68k-sun + basic_os= + ;; + sun3os3) + basic_machine=m68k-sun + basic_os=sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + basic_os=sunos4 + ;; + sun4) + basic_machine=sparc-sun + basic_os= + ;; + sun4os3) + basic_machine=sparc-sun + basic_os=sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + basic_os=sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + basic_os=solaris2 + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + basic_os= + ;; + sv1) + basic_machine=sv1-cray + basic_os=unicos + ;; + symmetry) + basic_machine=i386-sequent + basic_os=dynix + ;; + t3e) + basic_machine=alphaev5-cray + basic_os=unicos + ;; + t90) + basic_machine=t90-cray + basic_os=unicos + ;; + toad1) + basic_machine=pdp10-xkl + basic_os=tops20 + ;; + tpf) + basic_machine=s390x-ibm + basic_os=tpf + ;; + udi29k) + basic_machine=a29k-amd + basic_os=udi + ;; + ultra3) + basic_machine=a29k-nyu + basic_os=sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + basic_os=none + ;; + vaxv) + basic_machine=vax-dec + basic_os=sysv + ;; + vms) + basic_machine=vax-dec + basic_os=vms + ;; + vsta) + basic_machine=i386-pc + basic_os=vsta + ;; + vxworks960) + basic_machine=i960-wrs + basic_os=vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + basic_os=vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + basic_os=vxworks + ;; + xbox) + basic_machine=i686-pc + basic_os=mingw32 + ;; + ymp) + basic_machine=ymp-cray + basic_os=unicos + ;; + *) + basic_machine=$1 + basic_os= + ;; + esac ;; esac -# Decode aliases for certain CPU-COMPANY combinations. +# Decode 1-component or ad-hoc basic machines case $basic_machine in - # Recognize the basic CPU types without company name. - # Some are omitted here because they have special meanings below. - 1750a | 580 \ - | a29k \ - | aarch64 | aarch64_be \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ - | am33_2.0 \ - | arc | arceb \ - | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ - | avr | avr32 \ - | ba \ - | be32 | be64 \ - | bfin \ - | c4x | c8051 | clipper \ - | d10v | d30v | dlx | dsp16xx \ - | e2k | epiphany \ - | fido | fr30 | frv | ft32 \ - | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ - | hexagon \ - | i370 | i860 | i960 | ia16 | ia64 \ - | ip2k | iq2000 \ - | k1om \ - | le32 | le64 \ - | lm32 \ - | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ - | mips | mipsbe | mipseb | mipsel | mipsle \ - | mips16 \ - | mips64 | mips64el \ - | mips64octeon | mips64octeonel \ - | mips64orion | mips64orionel \ - | mips64r5900 | mips64r5900el \ - | mips64vr | mips64vrel \ - | mips64vr4100 | mips64vr4100el \ - | mips64vr4300 | mips64vr4300el \ - | mips64vr5000 | mips64vr5000el \ - | mips64vr5900 | mips64vr5900el \ - | mipsisa32 | mipsisa32el \ - | mipsisa32r2 | mipsisa32r2el \ - | mipsisa32r6 | mipsisa32r6el \ - | mipsisa64 | mipsisa64el \ - | mipsisa64r2 | mipsisa64r2el \ - | mipsisa64r6 | mipsisa64r6el \ - | mipsisa64sb1 | mipsisa64sb1el \ - | mipsisa64sr71k | mipsisa64sr71kel \ - | mipsr5900 | mipsr5900el \ - | mipstx39 | mipstx39el \ - | mn10200 | mn10300 \ - | moxie \ - | mt \ - | msp430 \ - | nds32 | nds32le | nds32be \ - | nios | nios2 | nios2eb | nios2el \ - | ns16k | ns32k \ - | open8 | or1k | or1knd | or32 \ - | pdp10 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle \ - | pru \ - | pyramid \ - | riscv32 | riscv64 \ - | rl78 | rx \ - | score \ - | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[234]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ - | sh64 | sh64le \ - | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ - | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu \ - | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ - | ubicom32 \ - | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ - | visium \ - | wasm32 \ - | x86 | xc16x | xstormy16 | xtensa \ - | z8k | z80) - basic_machine=$basic_machine-unknown - ;; - c54x) - basic_machine=tic54x-unknown - ;; - c55x) - basic_machine=tic55x-unknown - ;; - c6x) - basic_machine=tic6x-unknown - ;; - leon|leon[3-9]) - basic_machine=sparc-$basic_machine - ;; - m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip) - basic_machine=$basic_machine-unknown - os=-none + # Here we handle the default manufacturer of certain CPU types. It is in + # some cases the only manufacturer, in others, it is the most popular. + w89k) + cpu=hppa1.1 + vendor=winbond ;; - m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65) + op50n) + cpu=hppa1.1 + vendor=oki ;; - ms1) - basic_machine=mt-unknown + op60c) + cpu=hppa1.1 + vendor=oki ;; - - strongarm | thumb | xscale) - basic_machine=arm-unknown + ibm*) + cpu=i370 + vendor=ibm ;; - xgate) - basic_machine=$basic_machine-unknown - os=-none + orion105) + cpu=clipper + vendor=highlevel ;; - xscaleeb) - basic_machine=armeb-unknown + mac | mpw | mac-mpw) + cpu=m68k + vendor=apple ;; - - xscaleel) - basic_machine=armel-unknown + pmac | pmac-mpw) + cpu=powerpc + vendor=apple ;; - # We use `pc' rather than `unknown' - # because (1) that's what they normally are, and - # (2) the word "unknown" tends to confuse beginning users. - i*86 | x86_64) - basic_machine=$basic_machine-pc - ;; - # Object if more than one company name word. - *-*-*) - echo Invalid configuration \`"$1"\': machine \`"$basic_machine"\' not recognized 1>&2 - exit 1 - ;; - # Recognize the basic CPU types with company name. - 580-* \ - | a29k-* \ - | aarch64-* | aarch64_be-* \ - | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ - | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ - | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ - | avr-* | avr32-* \ - | ba-* \ - | be32-* | be64-* \ - | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* \ - | c8051-* | clipper-* | craynv-* | cydra-* \ - | d10v-* | d30v-* | dlx-* \ - | e2k-* | elxsi-* \ - | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ - | h8300-* | h8500-* \ - | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ - | hexagon-* \ - | i*86-* | i860-* | i960-* | ia16-* | ia64-* \ - | ip2k-* | iq2000-* \ - | k1om-* \ - | le32-* | le64-* \ - | lm32-* \ - | m32c-* | m32r-* | m32rle-* \ - | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ - | microblaze-* | microblazeel-* \ - | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ - | mips16-* \ - | mips64-* | mips64el-* \ - | mips64octeon-* | mips64octeonel-* \ - | mips64orion-* | mips64orionel-* \ - | mips64r5900-* | mips64r5900el-* \ - | mips64vr-* | mips64vrel-* \ - | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* \ - | mips64vr5000-* | mips64vr5000el-* \ - | mips64vr5900-* | mips64vr5900el-* \ - | mipsisa32-* | mipsisa32el-* \ - | mipsisa32r2-* | mipsisa32r2el-* \ - | mipsisa32r6-* | mipsisa32r6el-* \ - | mipsisa64-* | mipsisa64el-* \ - | mipsisa64r2-* | mipsisa64r2el-* \ - | mipsisa64r6-* | mipsisa64r6el-* \ - | mipsisa64sb1-* | mipsisa64sb1el-* \ - | mipsisa64sr71k-* | mipsisa64sr71kel-* \ - | mipsr5900-* | mipsr5900el-* \ - | mipstx39-* | mipstx39el-* \ - | mmix-* \ - | mt-* \ - | msp430-* \ - | nds32-* | nds32le-* | nds32be-* \ - | nios-* | nios2-* | nios2eb-* | nios2el-* \ - | none-* | np1-* | ns16k-* | ns32k-* \ - | open8-* \ - | or1k*-* \ - | orion-* \ - | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ - | pru-* \ - | pyramid-* \ - | riscv32-* | riscv64-* \ - | rl78-* | romp-* | rs6000-* | rx-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ - | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ - | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx*-* \ - | tahoe-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tile*-* \ - | tron-* \ - | ubicom32-* \ - | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ - | vax-* \ - | visium-* \ - | wasm32-* \ - | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* \ - | xstormy16-* | xtensa*-* \ - | ymp-* \ - | z8k-* | z80-*) - ;; - # Recognize the basic CPU types without company name, with glob match. - xtensa*) - basic_machine=$basic_machine-unknown - ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. - 386bsd) - basic_machine=i386-pc - os=-bsd - ;; 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) - basic_machine=m68000-att + cpu=m68000 + vendor=att ;; 3b*) - basic_machine=we32k-att - ;; - a29khif) - basic_machine=a29k-amd - os=-udi - ;; - abacus) - basic_machine=abacus-unknown - ;; - adobe68k) - basic_machine=m68010-adobe - os=-scout - ;; - alliant | fx80) - basic_machine=fx80-alliant - ;; - altos | altos3068) - basic_machine=m68k-altos - ;; - am29k) - basic_machine=a29k-none - os=-bsd - ;; - amd64) - basic_machine=x86_64-pc - ;; - amd64-*) - basic_machine=x86_64-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - amdahl) - basic_machine=580-amdahl - os=-sysv - ;; - amiga | amiga-*) - basic_machine=m68k-unknown - ;; - amigaos | amigados) - basic_machine=m68k-unknown - os=-amigaos - ;; - amigaunix | amix) - basic_machine=m68k-unknown - os=-sysv4 - ;; - apollo68) - basic_machine=m68k-apollo - os=-sysv - ;; - apollo68bsd) - basic_machine=m68k-apollo - os=-bsd - ;; - aros) - basic_machine=i386-pc - os=-aros - ;; - asmjs) - basic_machine=asmjs-unknown - ;; - aux) - basic_machine=m68k-apple - os=-aux - ;; - balance) - basic_machine=ns32k-sequent - os=-dynix - ;; - blackfin) - basic_machine=bfin-unknown - os=-linux - ;; - blackfin-*) - basic_machine=bfin-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=-linux + cpu=we32k + vendor=att ;; bluegene*) - basic_machine=powerpc-ibm - os=-cnk - ;; - c54x-*) - basic_machine=tic54x-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - c55x-*) - basic_machine=tic55x-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - c6x-*) - basic_machine=tic6x-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - c90) - basic_machine=c90-cray - os=-unicos - ;; - cegcc) - basic_machine=arm-unknown - os=-cegcc - ;; - convex-c1) - basic_machine=c1-convex - os=-bsd - ;; - convex-c2) - basic_machine=c2-convex - os=-bsd - ;; - convex-c32) - basic_machine=c32-convex - os=-bsd - ;; - convex-c34) - basic_machine=c34-convex - os=-bsd - ;; - convex-c38) - basic_machine=c38-convex - os=-bsd - ;; - cray | j90) - basic_machine=j90-cray - os=-unicos - ;; - craynv) - basic_machine=craynv-cray - os=-unicosmp - ;; - cr16 | cr16-*) - basic_machine=cr16-unknown - os=-elf - ;; - crds | unos) - basic_machine=m68k-crds - ;; - crisv32 | crisv32-* | etraxfs*) - basic_machine=crisv32-axis - ;; - cris | cris-* | etrax*) - basic_machine=cris-axis - ;; - crx) - basic_machine=crx-unknown - os=-elf - ;; - da30 | da30-*) - basic_machine=m68k-da30 - ;; - decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) - basic_machine=mips-dec + cpu=powerpc + vendor=ibm + basic_os=cnk ;; decsystem10* | dec10*) - basic_machine=pdp10-dec - os=-tops10 + cpu=pdp10 + vendor=dec + basic_os=tops10 ;; decsystem20* | dec20*) - basic_machine=pdp10-dec - os=-tops20 + cpu=pdp10 + vendor=dec + basic_os=tops20 ;; delta | 3300 | motorola-3300 | motorola-delta \ | 3300-motorola | delta-motorola) - basic_machine=m68k-motorola - ;; - delta88) - basic_machine=m88k-motorola - os=-sysv3 - ;; - dicos) - basic_machine=i686-pc - os=-dicos - ;; - djgpp) - basic_machine=i586-pc - os=-msdosdjgpp - ;; - dpx20 | dpx20-*) - basic_machine=rs6000-bull - os=-bosx + cpu=m68k + vendor=motorola ;; dpx2*) - basic_machine=m68k-bull - os=-sysv3 - ;; - e500v[12]) - basic_machine=powerpc-unknown - os=$os"spe" - ;; - e500v[12]-*) - basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=$os"spe" - ;; - ebmon29k) - basic_machine=a29k-amd - os=-ebmon - ;; - elxsi) - basic_machine=elxsi-elxsi - os=-bsd + cpu=m68k + vendor=bull + basic_os=sysv3 ;; encore | umax | mmax) - basic_machine=ns32k-encore + cpu=ns32k + vendor=encore ;; - es1800 | OSE68k | ose68k | ose | OSE) - basic_machine=m68k-ericsson - os=-ose + elxsi) + cpu=elxsi + vendor=elxsi + basic_os=${basic_os:-bsd} ;; fx2800) - basic_machine=i860-alliant + cpu=i860 + vendor=alliant ;; genix) - basic_machine=ns32k-ns - ;; - gmicro) - basic_machine=tron-gmicro - os=-sysv - ;; - go32) - basic_machine=i386-pc - os=-go32 + cpu=ns32k + vendor=ns ;; h3050r* | hiux*) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - h8300hms) - basic_machine=h8300-hitachi - os=-hms - ;; - h8300xray) - basic_machine=h8300-hitachi - os=-xray - ;; - h8500hms) - basic_machine=h8500-hitachi - os=-hms - ;; - harris) - basic_machine=m88k-harris - os=-sysv3 - ;; - hp300-*) - basic_machine=m68k-hp - ;; - hp300bsd) - basic_machine=m68k-hp - os=-bsd - ;; - hp300hpux) - basic_machine=m68k-hp - os=-hpux + cpu=hppa1.1 + vendor=hitachi + basic_os=hiuxwe2 ;; hp3k9[0-9][0-9] | hp9[0-9][0-9]) - basic_machine=hppa1.0-hp + cpu=hppa1.0 + vendor=hp ;; hp9k2[0-9][0-9] | hp9k31[0-9]) - basic_machine=m68000-hp + cpu=m68000 + vendor=hp ;; hp9k3[2-9][0-9]) - basic_machine=m68k-hp + cpu=m68k + vendor=hp ;; hp9k6[0-9][0-9] | hp6[0-9][0-9]) - basic_machine=hppa1.0-hp + cpu=hppa1.0 + vendor=hp ;; hp9k7[0-79][0-9] | hp7[0-79][0-9]) - basic_machine=hppa1.1-hp + cpu=hppa1.1 + vendor=hp ;; hp9k78[0-9] | hp78[0-9]) # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp + cpu=hppa1.1 + vendor=hp ;; hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp + cpu=hppa1.1 + vendor=hp ;; hp9k8[0-9][13679] | hp8[0-9][13679]) - basic_machine=hppa1.1-hp + cpu=hppa1.1 + vendor=hp ;; hp9k8[0-9][0-9] | hp8[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hppaosf) - basic_machine=hppa1.1-hp - os=-osf - ;; - hppro) - basic_machine=hppa1.1-hp - os=-proelf - ;; - i370-ibm* | ibm*) - basic_machine=i370-ibm + cpu=hppa1.0 + vendor=hp ;; i*86v32) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-sysv32 + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=sysv32 ;; i*86v4*) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-sysv4 + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=sysv4 ;; i*86v) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-sysv + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=sysv ;; i*86sol2) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-solaris2 - ;; - i386mach) - basic_machine=i386-mach - os=-mach + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=solaris2 ;; - vsta) - basic_machine=i386-unknown - os=-vsta + j90 | j90-cray) + cpu=j90 + vendor=cray + basic_os=${basic_os:-unicos} ;; iris | iris4d) - basic_machine=mips-sgi - case $os in - -irix*) + cpu=mips + vendor=sgi + case $basic_os in + irix*) ;; *) - os=-irix4 + basic_os=irix4 ;; esac ;; - isi68 | isi) - basic_machine=m68k-isi - os=-sysv - ;; - leon-*|leon[3-9]-*) - basic_machine=sparc-`echo "$basic_machine" | sed 's/-.*//'` - ;; - m68knommu) - basic_machine=m68k-unknown - os=-linux - ;; - m68knommu-*) - basic_machine=m68k-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=-linux - ;; - magnum | m3230) - basic_machine=mips-mips - os=-sysv - ;; - merlin) - basic_machine=ns32k-utek - os=-sysv - ;; - microblaze*) - basic_machine=microblaze-xilinx - ;; - mingw64) - basic_machine=x86_64-pc - os=-mingw64 - ;; - mingw32) - basic_machine=i686-pc - os=-mingw32 - ;; - mingw32ce) - basic_machine=arm-unknown - os=-mingw32ce - ;; miniframe) - basic_machine=m68000-convergent - ;; - *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; - mips3*-*) - basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'` - ;; - mips3*) - basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'`-unknown - ;; - monitor) - basic_machine=m68k-rom68k - os=-coff - ;; - morphos) - basic_machine=powerpc-unknown - os=-morphos - ;; - moxiebox) - basic_machine=moxie-unknown - os=-moxiebox + cpu=m68000 + vendor=convergent ;; - msdos) - basic_machine=i386-pc - os=-msdos - ;; - ms1-*) - basic_machine=`echo "$basic_machine" | sed -e 's/ms1-/mt-/'` - ;; - msys) - basic_machine=i686-pc - os=-msys - ;; - mvs) - basic_machine=i370-ibm - os=-mvs - ;; - nacl) - basic_machine=le32-unknown - os=-nacl - ;; - ncr3000) - basic_machine=i486-ncr - os=-sysv4 - ;; - netbsd386) - basic_machine=i386-unknown - os=-netbsd - ;; - netwinder) - basic_machine=armv4l-rebel - os=-linux - ;; - news | news700 | news800 | news900) - basic_machine=m68k-sony - os=-newsos - ;; - news1000) - basic_machine=m68030-sony - os=-newsos + *mint | mint[0-9]* | *MiNT | *MiNT[0-9]*) + cpu=m68k + vendor=atari + basic_os=mint ;; news-3600 | risc-news) - basic_machine=mips-sony - os=-newsos - ;; - necv70) - basic_machine=v70-nec - os=-sysv + cpu=mips + vendor=sony + basic_os=newsos ;; next | m*-next) - basic_machine=m68k-next - case $os in - -nextstep* ) + cpu=m68k + vendor=next + case $basic_os in + openstep*) + ;; + nextstep*) ;; - -ns2*) - os=-nextstep2 + ns2*) + basic_os=nextstep2 ;; *) - os=-nextstep3 + basic_os=nextstep3 ;; esac ;; - nh3000) - basic_machine=m68k-harris - os=-cxux - ;; - nh[45]000) - basic_machine=m88k-harris - os=-cxux - ;; - nindy960) - basic_machine=i960-intel - os=-nindy - ;; - mon960) - basic_machine=i960-intel - os=-mon960 - ;; - nonstopux) - basic_machine=mips-compaq - os=-nonstopux - ;; np1) - basic_machine=np1-gould - ;; - neo-tandem) - basic_machine=neo-tandem - ;; - nse-tandem) - basic_machine=nse-tandem - ;; - nsr-tandem) - basic_machine=nsr-tandem - ;; - nsv-tandem) - basic_machine=nsv-tandem - ;; - nsx-tandem) - basic_machine=nsx-tandem + cpu=np1 + vendor=gould ;; op50n-* | op60c-*) - basic_machine=hppa1.1-oki - os=-proelf - ;; - openrisc | openrisc-*) - basic_machine=or32-unknown - ;; - os400) - basic_machine=powerpc-ibm - os=-os400 - ;; - OSE68000 | ose68000) - basic_machine=m68000-ericsson - os=-ose - ;; - os68k) - basic_machine=m68k-none - os=-os68k + cpu=hppa1.1 + vendor=oki + basic_os=proelf ;; pa-hitachi) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - paragon) - basic_machine=i860-intel - os=-osf - ;; - parisc) - basic_machine=hppa-unknown - os=-linux - ;; - parisc-*) - basic_machine=hppa-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=-linux + cpu=hppa1.1 + vendor=hitachi + basic_os=hiuxwe2 ;; pbd) - basic_machine=sparc-tti + cpu=sparc + vendor=tti ;; pbb) - basic_machine=m68k-tti - ;; - pc532 | pc532-*) - basic_machine=ns32k-pc532 - ;; - pc98) - basic_machine=i386-pc + cpu=m68k + vendor=tti ;; - pc98-*) - basic_machine=i386-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - pentium | p5 | k5 | k6 | nexgen | viac3) - basic_machine=i586-pc - ;; - pentiumpro | p6 | 6x86 | athlon | athlon_*) - basic_machine=i686-pc - ;; - pentiumii | pentium2 | pentiumiii | pentium3) - basic_machine=i686-pc - ;; - pentium4) - basic_machine=i786-pc - ;; - pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) - basic_machine=i586-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - pentiumpro-* | p6-* | 6x86-* | athlon-*) - basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) - basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - pentium4-*) - basic_machine=i786-`echo "$basic_machine" | sed 's/^[^-]*-//'` + pc532) + cpu=ns32k + vendor=pc532 ;; pn) - basic_machine=pn-gould - ;; - power) basic_machine=power-ibm - ;; - ppc | ppcbe) basic_machine=powerpc-unknown + cpu=pn + vendor=gould ;; - ppc-* | ppcbe-*) - basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - ppcle | powerpclittle) - basic_machine=powerpcle-unknown + power) + cpu=power + vendor=ibm ;; - ppcle-* | powerpclittle-*) - basic_machine=powerpcle-`echo "$basic_machine" | sed 's/^[^-]*-//'` + ps2) + cpu=i386 + vendor=ibm ;; - ppc64) basic_machine=powerpc64-unknown + rm[46]00) + cpu=mips + vendor=siemens ;; - ppc64-*) basic_machine=powerpc64-`echo "$basic_machine" | sed 's/^[^-]*-//'` + rtpc | rtpc-*) + cpu=romp + vendor=ibm ;; - ppc64le | powerpc64little) - basic_machine=powerpc64le-unknown + sde) + cpu=mipsisa32 + vendor=sde + basic_os=${basic_os:-elf} ;; - ppc64le-* | powerpc64little-*) - basic_machine=powerpc64le-`echo "$basic_machine" | sed 's/^[^-]*-//'` + simso-wrs) + cpu=sparclite + vendor=wrs + basic_os=vxworks ;; - ps2) - basic_machine=i386-ibm + tower | tower-32) + cpu=m68k + vendor=ncr ;; - pw32) - basic_machine=i586-unknown - os=-pw32 + vpp*|vx|vx-*) + cpu=f301 + vendor=fujitsu ;; - rdos | rdos64) - basic_machine=x86_64-pc - os=-rdos + w65) + cpu=w65 + vendor=wdc ;; - rdos32) - basic_machine=i386-pc - os=-rdos + w89k-*) + cpu=hppa1.1 + vendor=winbond + basic_os=proelf ;; - rom68k) - basic_machine=m68k-rom68k - os=-coff + none) + cpu=none + vendor=none ;; - rm[46]00) - basic_machine=mips-siemens + leon|leon[3-9]) + cpu=sparc + vendor=$basic_machine ;; - rtpc | rtpc-*) - basic_machine=romp-ibm + leon-*|leon[3-9]-*) + cpu=sparc + vendor=`echo "$basic_machine" | sed 's/-.*//'` ;; - s390 | s390-*) - basic_machine=s390-ibm + + *-*) + # shellcheck disable=SC2162 + saved_IFS=$IFS + IFS="-" read cpu vendor <&2 - exit 1 + # Recognize the canonical CPU types that are allowed with any + # company name. + case $cpu in + 1750a | 580 \ + | a29k \ + | aarch64 | aarch64_be \ + | abacus \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] \ + | alphapca5[67] | alpha64pca5[67] \ + | am33_2.0 \ + | amdgcn \ + | arc | arceb | arc32 | arc64 \ + | arm | arm[lb]e | arme[lb] | armv* \ + | avr | avr32 \ + | asmjs \ + | ba \ + | be32 | be64 \ + | bfin | bpf | bs2000 \ + | c[123]* | c30 | [cjt]90 | c4x \ + | c8051 | clipper | craynv | csky | cydra \ + | d10v | d30v | dlx | dsp16xx \ + | e2k | elxsi | epiphany \ + | f30[01] | f700 | fido | fr30 | frv | ft32 | fx80 \ + | h8300 | h8500 \ + | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | hexagon \ + | i370 | i*86 | i860 | i960 | ia16 | ia64 \ + | ip2k | iq2000 \ + | k1om \ + | le32 | le64 \ + | lm32 \ + | loongarch32 | loongarch64 | loongarchx32 \ + | m32c | m32r | m32rle \ + | m5200 | m68000 | m680[012346]0 | m68360 | m683?2 | m68k \ + | m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x \ + | m88110 | m88k | maxq | mb | mcore | mep | metag \ + | microblaze | microblazeel \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64eb | mips64el \ + | mips64octeon | mips64octeonel \ + | mips64orion | mips64orionel \ + | mips64r5900 | mips64r5900el \ + | mips64vr | mips64vrel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa32r3 | mipsisa32r3el \ + | mipsisa32r5 | mipsisa32r5el \ + | mipsisa32r6 | mipsisa32r6el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64r3 | mipsisa64r3el \ + | mipsisa64r5 | mipsisa64r5el \ + | mipsisa64r6 | mipsisa64r6el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipsr5900 | mipsr5900el \ + | mipstx39 | mipstx39el \ + | mmix \ + | mn10200 | mn10300 \ + | moxie \ + | mt \ + | msp430 \ + | nds32 | nds32le | nds32be \ + | nfp \ + | nios | nios2 | nios2eb | nios2el \ + | none | np1 | ns16k | ns32k | nvptx \ + | open8 \ + | or1k* \ + | or32 \ + | orion \ + | picochip \ + | pdp10 | pdp11 | pj | pjl | pn | power \ + | powerpc | powerpc64 | powerpc64le | powerpcle | powerpcspe \ + | pru \ + | pyramid \ + | riscv | riscv32 | riscv32be | riscv64 | riscv64be \ + | rl78 | romp | rs6000 | rx \ + | s390 | s390x \ + | score \ + | sh | shl \ + | sh[1234] | sh[24]a | sh[24]ae[lb] | sh[23]e | she[lb] | sh[lb]e \ + | sh[1234]e[lb] | sh[12345][lb]e | sh[23]ele | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet \ + | sparclite \ + | sparcv8 | sparcv9 | sparcv9b | sparcv9v | sv1 | sx* \ + | spu \ + | tahoe \ + | thumbv7* \ + | tic30 | tic4x | tic54x | tic55x | tic6x | tic80 \ + | tron \ + | ubicom32 \ + | v70 | v850 | v850e | v850e1 | v850es | v850e2 | v850e2v3 \ + | vax \ + | visium \ + | w65 \ + | wasm32 | wasm64 \ + | we32k \ + | x86 | x86_64 | xc16x | xgate | xps100 \ + | xstormy16 | xtensa* \ + | ymp \ + | z8k | z80) + ;; + + *) + echo Invalid configuration \`"$1"\': machine \`"$cpu-$vendor"\' not recognized 1>&2 + exit 1 + ;; + esac ;; esac # Here we canonicalize certain aliases for manufacturers. -case $basic_machine in - *-digital*) - basic_machine=`echo "$basic_machine" | sed 's/digital.*/dec/'` +case $vendor in + digital*) + vendor=dec ;; - *-commodore*) - basic_machine=`echo "$basic_machine" | sed 's/commodore.*/cbm/'` + commodore*) + vendor=cbm ;; *) ;; @@ -1334,203 +1306,215 @@ esac # Decode manufacturer-specific aliases for certain operating systems. -if [ x"$os" != x"" ] +if test x$basic_os != x then + +# First recognize some ad-hoc cases, or perhaps split kernel-os, or else just +# set os. +case $basic_os in + gnu/linux*) + kernel=linux + os=`echo "$basic_os" | sed -e 's|gnu/linux|gnu|'` + ;; + os2-emx) + kernel=os2 + os=`echo "$basic_os" | sed -e 's|os2-emx|emx|'` + ;; + nto-qnx*) + kernel=nto + os=`echo "$basic_os" | sed -e 's|nto-qnx|qnx|'` + ;; + *-*) + # shellcheck disable=SC2162 + saved_IFS=$IFS + IFS="-" read kernel os <&2 - exit 1 + # No normalization, but not necessarily accepted, that comes below. ;; esac + else # Here we handle the default operating systems that come with various machines. @@ -1543,258 +1527,363 @@ else # will signal an error saying that MANUFACTURER isn't an operating # system, and we'll never get to this point. -case $basic_machine in +kernel= +case $cpu-$vendor in score-*) - os=-elf + os=elf ;; spu-*) - os=-elf + os=elf ;; *-acorn) - os=-riscix1.2 + os=riscix1.2 ;; arm*-rebel) - os=-linux + kernel=linux + os=gnu ;; arm*-semi) - os=-aout + os=aout ;; c4x-* | tic4x-*) - os=-coff + os=coff ;; c8051-*) - os=-elf + os=elf + ;; + clipper-intergraph) + os=clix ;; hexagon-*) - os=-elf + os=elf ;; tic54x-*) - os=-coff + os=coff ;; tic55x-*) - os=-coff + os=coff ;; tic6x-*) - os=-coff + os=coff ;; # This must come before the *-dec entry. pdp10-*) - os=-tops20 + os=tops20 ;; pdp11-*) - os=-none + os=none ;; *-dec | vax-*) - os=-ultrix4.2 + os=ultrix4.2 ;; m68*-apollo) - os=-domain + os=domain ;; i386-sun) - os=-sunos4.0.2 + os=sunos4.0.2 ;; m68000-sun) - os=-sunos3 + os=sunos3 ;; m68*-cisco) - os=-aout + os=aout ;; mep-*) - os=-elf + os=elf ;; mips*-cisco) - os=-elf + os=elf ;; mips*-*) - os=-elf + os=elf ;; or32-*) - os=-coff + os=coff ;; *-tti) # must be before sparc entry or we get the wrong os. - os=-sysv3 + os=sysv3 ;; sparc-* | *-sun) - os=-sunos4.1.1 + os=sunos4.1.1 ;; pru-*) - os=-elf + os=elf ;; *-be) - os=-beos + os=beos ;; *-ibm) - os=-aix + os=aix ;; *-knuth) - os=-mmixware + os=mmixware ;; *-wec) - os=-proelf + os=proelf ;; *-winbond) - os=-proelf + os=proelf ;; *-oki) - os=-proelf + os=proelf ;; *-hp) - os=-hpux + os=hpux ;; *-hitachi) - os=-hiux + os=hiux ;; i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) - os=-sysv + os=sysv ;; *-cbm) - os=-amigaos + os=amigaos ;; *-dg) - os=-dgux + os=dgux ;; *-dolphin) - os=-sysv3 + os=sysv3 ;; m68k-ccur) - os=-rtu + os=rtu ;; m88k-omron*) - os=-luna + os=luna ;; *-next) - os=-nextstep + os=nextstep ;; *-sequent) - os=-ptx + os=ptx ;; *-crds) - os=-unos + os=unos ;; *-ns) - os=-genix + os=genix ;; i370-*) - os=-mvs + os=mvs ;; *-gould) - os=-sysv + os=sysv ;; *-highlevel) - os=-bsd + os=bsd ;; *-encore) - os=-bsd + os=bsd ;; *-sgi) - os=-irix + os=irix ;; *-siemens) - os=-sysv4 + os=sysv4 ;; *-masscomp) - os=-rtu + os=rtu ;; f30[01]-fujitsu | f700-fujitsu) - os=-uxpv + os=uxpv ;; *-rom68k) - os=-coff + os=coff ;; *-*bug) - os=-coff + os=coff ;; *-apple) - os=-macos + os=macos ;; *-atari*) - os=-mint + os=mint + ;; + *-wrs) + os=vxworks ;; *) - os=-none + os=none ;; esac + fi +# Now, validate our (potentially fixed-up) OS. +case $os in + # Sometimes we do "kernel-libc", so those need to count as OSes. + musl* | newlib* | relibc* | uclibc*) + ;; + # Likewise for "kernel-abi" + eabi* | gnueabi*) + ;; + # VxWorks passes extra cpu info in the 4th filed. + simlinux | simwindows | spe) + ;; + # Now accept the basic system types. + # The portable systems comes first. + # Each alternative MUST end in a * to match a version number. + gnu* | android* | bsd* | mach* | minix* | genix* | ultrix* | irix* \ + | *vms* | esix* | aix* | cnk* | sunos | sunos[34]* \ + | hpux* | unos* | osf* | luna* | dgux* | auroraux* | solaris* \ + | sym* | plan9* | psp* | sim* | xray* | os68k* | v88r* \ + | hiux* | abug | nacl* | netware* | windows* \ + | os9* | macos* | osx* | ios* \ + | mpw* | magic* | mmixware* | mon960* | lnews* \ + | amigaos* | amigados* | msdos* | newsos* | unicos* | aof* \ + | aos* | aros* | cloudabi* | sortix* | twizzler* \ + | nindy* | vxsim* | vxworks* | ebmon* | hms* | mvs* \ + | clix* | riscos* | uniplus* | iris* | isc* | rtu* | xenix* \ + | mirbsd* | netbsd* | dicos* | openedition* | ose* \ + | bitrig* | openbsd* | secbsd* | solidbsd* | libertybsd* | os108* \ + | ekkobsd* | freebsd* | riscix* | lynxos* | os400* \ + | bosx* | nextstep* | cxux* | aout* | elf* | oabi* \ + | ptx* | coff* | ecoff* | winnt* | domain* | vsta* \ + | udi* | lites* | ieee* | go32* | aux* | hcos* \ + | chorusrdb* | cegcc* | glidix* | serenity* \ + | cygwin* | msys* | pe* | moss* | proelf* | rtems* \ + | midipix* | mingw32* | mingw64* | mint* \ + | uxpv* | beos* | mpeix* | udk* | moxiebox* \ + | interix* | uwin* | mks* | rhapsody* | darwin* \ + | openstep* | oskit* | conix* | pw32* | nonstopux* \ + | storm-chaos* | tops10* | tenex* | tops20* | its* \ + | os2* | vos* | palmos* | uclinux* | nucleus* | morphos* \ + | scout* | superux* | sysv* | rtmk* | tpf* | windiss* \ + | powermax* | dnix* | nx6 | nx7 | sei* | dragonfly* \ + | skyos* | haiku* | rdos* | toppers* | drops* | es* \ + | onefs* | tirtos* | phoenix* | fuchsia* | redox* | bme* \ + | midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi* \ + | nsk* | powerunix* | genode* | zvmoe* | qnx* | emx* | zephyr* \ + | fiwix* ) + ;; + # This one is extra strict with allowed versions + sco3.2v2 | sco3.2v[4-9]* | sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + ;; + none) + ;; + *) + echo Invalid configuration \`"$1"\': OS \`"$os"\' not recognized 1>&2 + exit 1 + ;; +esac + +# As a final step for OS-related things, validate the OS-kernel combination +# (given a valid OS), if there is a kernel. +case $kernel-$os in + linux-gnu* | linux-dietlibc* | linux-android* | linux-newlib* \ + | linux-musl* | linux-relibc* | linux-uclibc* ) + ;; + uclinux-uclibc* ) + ;; + -dietlibc* | -newlib* | -musl* | -relibc* | -uclibc* ) + # These are just libc implementations, not actual OSes, and thus + # require a kernel. + echo "Invalid configuration \`$1': libc \`$os' needs explicit kernel." 1>&2 + exit 1 + ;; + kfreebsd*-gnu* | kopensolaris*-gnu*) + ;; + vxworks-simlinux | vxworks-simwindows | vxworks-spe) + ;; + nto-qnx*) + ;; + os2-emx) + ;; + *-eabi* | *-gnueabi*) + ;; + -*) + # Blank kernel with real OS is always fine. + ;; + *-*) + echo "Invalid configuration \`$1': Kernel \`$kernel' not known to work with OS \`$os'." 1>&2 + exit 1 + ;; +esac + # Here we handle the case where we know the os, and the CPU type, but not the # manufacturer. We pick the logical manufacturer. -vendor=unknown -case $basic_machine in - *-unknown) - case $os in - -riscix*) +case $vendor in + unknown) + case $cpu-$os in + *-riscix*) vendor=acorn ;; - -sunos*) + *-sunos*) vendor=sun ;; - -cnk*|-aix*) + *-cnk* | *-aix*) vendor=ibm ;; - -beos*) + *-beos*) vendor=be ;; - -hpux*) + *-hpux*) vendor=hp ;; - -mpeix*) + *-mpeix*) vendor=hp ;; - -hiux*) + *-hiux*) vendor=hitachi ;; - -unos*) + *-unos*) vendor=crds ;; - -dgux*) + *-dgux*) vendor=dg ;; - -luna*) + *-luna*) vendor=omron ;; - -genix*) + *-genix*) vendor=ns ;; - -mvs* | -opened*) + *-clix*) + vendor=intergraph + ;; + *-mvs* | *-opened*) + vendor=ibm + ;; + *-os400*) vendor=ibm ;; - -os400*) + s390-* | s390x-*) vendor=ibm ;; - -ptx*) + *-ptx*) vendor=sequent ;; - -tpf*) + *-tpf*) vendor=ibm ;; - -vxsim* | -vxworks* | -windiss*) + *-vxsim* | *-vxworks* | *-windiss*) vendor=wrs ;; - -aux*) + *-aux*) vendor=apple ;; - -hms*) + *-hms*) vendor=hitachi ;; - -mpw* | -macos*) + *-mpw* | *-macos*) vendor=apple ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + *-*mint | *-mint[0-9]* | *-*MiNT | *-MiNT[0-9]*) vendor=atari ;; - -vos*) + *-vos*) vendor=stratus ;; esac - basic_machine=`echo "$basic_machine" | sed "s/unknown/$vendor/"` ;; esac -echo "$basic_machine$os" +echo "$cpu-$vendor-${kernel:+$kernel-}$os" exit # Local variables: -# eval: (add-hook 'write-file-functions 'time-stamp) +# eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" diff --git a/configure b/configure index 1cbf782..bbf00d4 100644 --- a/configure +++ b/configure @@ -1,11 +1,11 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for libssh2 -. +# Generated by GNU Autoconf 2.72 for libssh2 -. # -# Report bugs to . +# Report bugs to . # # -# Copyright (C) 1992-1996, 1998-2017, 2020-2021 Free Software Foundation, +# Copyright (C) 1992-1996, 1998-2017, 2020-2023 Free Software Foundation, # Inc. # # @@ -17,7 +17,6 @@ # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -as_nop=: if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 then : emulate sh @@ -26,12 +25,13 @@ then : # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST -else $as_nop - case `(set -o) 2>/dev/null` in #( +else case e in #( + e) case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; +esac ;; esac fi @@ -103,7 +103,7 @@ IFS=$as_save_IFS ;; esac -# We did not find ourselves, most probably we were run as `sh COMMAND' +# We did not find ourselves, most probably we were run as 'sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 @@ -133,15 +133,14 @@ case $- in # (((( esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. +# out after a failed 'exec'. printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi # We don't want this to propagate to other subprocesses. { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then - as_bourne_compatible="as_nop=: -if test \${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 + as_bourne_compatible="if test \${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 then : emulate sh NULLCMD=: @@ -149,12 +148,13 @@ then : # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST -else \$as_nop - case \`(set -o) 2>/dev/null\` in #( +else case e in #( + e) case \`(set -o) 2>/dev/null\` in #( *posix*) : set -o posix ;; #( *) : ;; +esac ;; esac fi " @@ -172,8 +172,9 @@ as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } if ( set x; as_fn_ret_success y && test x = \"\$1\" ) then : -else \$as_nop - exitcode=1; echo positional parameters were not saved. +else case e in #( + e) exitcode=1; echo positional parameters were not saved. ;; +esac fi test x\$exitcode = x0 || exit 1 blah=\$(echo \$(echo blah)) @@ -195,14 +196,15 @@ test \$(( 1 + 1 )) = 2 || exit 1" if (eval "$as_required") 2>/dev/null then : as_have_required=yes -else $as_nop - as_have_required=no +else case e in #( + e) as_have_required=no ;; +esac fi if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null then : -else $as_nop - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +else case e in #( + e) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do @@ -235,12 +237,13 @@ IFS=$as_save_IFS if $as_found then : -else $as_nop - if { test -f "$SHELL" || test -f "$SHELL.exe"; } && +else case e in #( + e) if { test -f "$SHELL" || test -f "$SHELL.exe"; } && as_run=a "$SHELL" -c "$as_bourne_compatible""$as_required" 2>/dev/null then : CONFIG_SHELL=$SHELL as_have_required=yes -fi +fi ;; +esac fi @@ -262,7 +265,7 @@ case $- in # (((( esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. +# out after a failed 'exec'. printf "%s\n" "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi @@ -276,13 +279,14 @@ then : printf "%s\n" "$0: be upgraded to zsh 4.3.4 or later." else printf "%s\n" "$0: Please tell bug-autoconf@gnu.org and -$0: libssh2-devel@cool.haxx.se about your system, including -$0: any error possibly output before this message. Then -$0: install a modern shell, or manually run the script -$0: under such a shell if you do have one." +$0: libssh2-devel@lists.haxx.se about your system, +$0: including any error possibly output before this +$0: message. Then install a modern shell, or manually run +$0: the script under such a shell if you do have one." fi exit 1 -fi +fi ;; +esac fi fi SHELL=${CONFIG_SHELL-/bin/sh} @@ -321,14 +325,6 @@ as_fn_exit () as_fn_set_status $1 exit $1 } # as_fn_exit -# as_fn_nop -# --------- -# Do nothing but, unlike ":", preserve the value of $?. -as_fn_nop () -{ - return $? -} -as_nop=as_fn_nop # as_fn_mkdir_p # ------------- @@ -397,11 +393,12 @@ then : { eval $1+=\$2 }' -else $as_nop - as_fn_append () +else case e in #( + e) as_fn_append () { eval $1=\$$1\$2 - } + } ;; +esac fi # as_fn_append # as_fn_arith ARG... @@ -415,21 +412,14 @@ then : { as_val=$(( $* )) }' -else $as_nop - as_fn_arith () +else case e in #( + e) as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` - } + } ;; +esac fi # as_fn_arith -# as_fn_nop -# --------- -# Do nothing but, unlike ":", preserve the value of $?. -as_fn_nop () -{ - return $? -} -as_nop=as_fn_nop # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- @@ -503,6 +493,8 @@ as_cr_alnum=$as_cr_Letters$as_cr_digits /[$]LINENO/= ' <$as_myself | sed ' + t clear + :clear s/[$]LINENO.*/&-/ t lineno b @@ -551,7 +543,6 @@ esac as_echo='printf %s\n' as_echo_n='printf %s' - rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file @@ -563,9 +554,9 @@ if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. + # 1) On MSYS, both 'ln -s file dir' and 'ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; 'ln -s' creates a wrapper executable. + # In both cases, we have to default to 'cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then @@ -590,10 +581,12 @@ as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" +as_sed_cpp="y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g" +as_tr_cpp="eval sed '$as_sed_cpp'" # deprecated # Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" +as_sed_sh="y%*+%pp%;s%[^_$as_cr_alnum]%_%g" +as_tr_sh="eval sed '$as_sed_sh'" # deprecated SHELL=${CONFIG_SHELL-/bin/sh} @@ -623,7 +616,7 @@ PACKAGE_NAME='libssh2' PACKAGE_TARNAME='libssh2' PACKAGE_VERSION='-' PACKAGE_STRING='libssh2 -' -PACKAGE_BUGREPORT='libssh2-devel@cool.haxx.se' +PACKAGE_BUGREPORT='libssh2-devel@lists.haxx.se' PACKAGE_URL='' ac_unique_file="src" @@ -659,13 +652,19 @@ ac_includes_default="\ #endif" ac_header_c_list= +enable_year2038=no ac_subst_vars='am__EXEEXT_FALSE am__EXEEXT_TRUE LTLIBOBJS LIBOBJS +LIBSSH2_PC_LIBS +LIBSSH2_PC_REQUIRES +LIBSSH2_PC_LIBS_PRIVATE +HAVE_LIB_STATIC_FALSE +HAVE_LIB_STATIC_TRUE +HAVE_WINDRES_FALSE +HAVE_WINDRES_TRUE ALLOCA -HAVE_SYS_UN_H_FALSE -HAVE_SYS_UN_H_TRUE USE_OSSFUZZ_STATIC_FALSE USE_OSSFUZZ_STATIC_TRUE USE_OSSFUZZ_FLAG_FALSE @@ -675,28 +674,25 @@ USE_OSSFUZZERS_FALSE USE_OSSFUZZERS_TRUE BUILD_EXAMPLES_FALSE BUILD_EXAMPLES_TRUE +RUN_SSHD_TESTS_FALSE +RUN_SSHD_TESTS_TRUE +RUN_DOCKER_TESTS_FALSE +RUN_DOCKER_TESTS_TRUE +LIBSSH2_CFLAG_EXTRAS CPP -LIBSREQUIRED +LIBSSH2_PC_REQUIRES_PRIVATE LIBZ_PREFIX LTLIBZ LIBZ HAVE_LIBZ -WINCNG_FALSE -WINCNG_TRUE -MBEDTLS_FALSE -MBEDTLS_TRUE -LIBGCRYPT_FALSE -LIBGCRYPT_TRUE -OPENSSL_FALSE -OPENSSL_TRUE +LIBWOLFSSL_PREFIX +LTLIBWOLFSSL +LIBWOLFSSL +HAVE_LIBWOLFSSL LIBBCRYPT_PREFIX LTLIBBCRYPT LIBBCRYPT HAVE_LIBBCRYPT -LIBCRYPT32_PREFIX -LTLIBCRYPT32 -LIBCRYPT32 -HAVE_LIBCRYPT32 LIBMBEDCRYPTO_PREFIX LTLIBMBEDCRYPTO LIBMBEDCRYPTO @@ -709,6 +705,7 @@ LIBSSL_PREFIX LTLIBSSL LIBSSL HAVE_LIBSSL +RC CXXCPP LT_SYS_LIBRARY_PATH OTOOL64 @@ -720,6 +717,7 @@ MANIFEST_TOOL RANLIB ac_ct_AR AR +FILECMD NM ac_ct_DUMPBIN DUMPBIN @@ -765,7 +763,7 @@ build_os build_vendor build_cpu build -LIBSSH2VER +LIBSSH2_VERSION CSCOPE ETAGS CTAGS @@ -860,19 +858,21 @@ enable_rpath with_libssl_prefix with_libgcrypt_prefix with_libmbedcrypto_prefix -with_libcrypt32_prefix with_libbcrypt_prefix +with_libwolfssl_prefix +enable_ecdsa_wincng with_libz with_libz_prefix -enable_crypt_none -enable_mac_none -enable_gex_new enable_clear_memory +enable_werror enable_debug enable_hidden_symbols +enable_deprecated +enable_docker_tests +enable_sshd_tests enable_examples_build enable_ossfuzzers -enable_werror +enable_year2038 ' ac_precious_vars='build_alias host_alias @@ -996,7 +996,7 @@ do ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid feature name: \`$ac_useropt'" + as_fn_error $? "invalid feature name: '$ac_useropt'" ac_useropt_orig=$ac_useropt ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in @@ -1022,7 +1022,7 @@ do ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid feature name: \`$ac_useropt'" + as_fn_error $? "invalid feature name: '$ac_useropt'" ac_useropt_orig=$ac_useropt ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in @@ -1235,7 +1235,7 @@ do ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid package name: \`$ac_useropt'" + as_fn_error $? "invalid package name: '$ac_useropt'" ac_useropt_orig=$ac_useropt ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in @@ -1251,7 +1251,7 @@ do ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && - as_fn_error $? "invalid package name: \`$ac_useropt'" + as_fn_error $? "invalid package name: '$ac_useropt'" ac_useropt_orig=$ac_useropt ac_useropt=`printf "%s\n" "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in @@ -1281,8 +1281,8 @@ do | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; - -*) as_fn_error $? "unrecognized option: \`$ac_option' -Try \`$0 --help' for more information" + -*) as_fn_error $? "unrecognized option: '$ac_option' +Try '$0 --help' for more information" ;; *=*) @@ -1290,7 +1290,7 @@ Try \`$0 --help' for more information" # Reject names that are not valid shell variable names. case $ac_envvar in #( '' | [0-9]* | *[!_$as_cr_alnum]* ) - as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; + as_fn_error $? "invalid variable name: '$ac_envvar'" ;; esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; @@ -1340,7 +1340,7 @@ do as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done -# There might be people who depend on the old broken behavior: `$host' +# There might be people who depend on the old broken behavior: '$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias @@ -1408,7 +1408,7 @@ if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi -ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" +ac_msg="sources are in $srcdir, but 'cd $srcdir' does not work" ac_abs_confdir=`( cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` @@ -1436,7 +1436,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libssh2 - to adapt to many kinds of systems. +'configure' configures libssh2 - to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1450,11 +1450,11 @@ Configuration: --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit - -q, --quiet, --silent do not print \`checking ...' messages + -q, --quiet, --silent do not print 'checking ...' messages --cache-file=FILE cache test results in FILE [disabled] - -C, --config-cache alias for \`--cache-file=config.cache' + -C, --config-cache alias for '--cache-file=config.cache' -n, --no-create do not create output files - --srcdir=DIR find the sources in DIR [configure dir or \`..'] + --srcdir=DIR find the sources in DIR [configure dir or '..'] Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX @@ -1462,10 +1462,10 @@ Installation directories: --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] -By default, \`make install' will install all the files in -\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify -an installation prefix other than \`$ac_default_prefix' using \`--prefix', -for instance \`--prefix=\$HOME'. +By default, 'make install' will install all the files in +'$ac_default_prefix/bin', '$ac_default_prefix/lib' etc. You can specify +an installation prefix other than '$ac_default_prefix' using '--prefix', +for instance '--prefix=\$HOME'. For better control, use the options below. @@ -1531,22 +1531,24 @@ Optional Features: --disable-libtool-lock avoid locking (might break parallel builds) --disable-largefile omit support for large files --disable-rpath do not hardcode runtime library paths - --enable-crypt-none Permit "none" cipher -- NOT RECOMMENDED - --enable-mac-none Permit "none" MAC -- NOT RECOMMENDED - --disable-gex-new Disable "new" diffie-hellman-group-exchange-sha1 - method + --enable-ecdsa-wincng WinCNG ECDSA support (requires Windows 10 or later) --disable-clear-memory Disable clearing of memory before being freed + --enable-werror Enable compiler warnings as errors + --disable-werror Disable compiler warnings as errors --enable-debug Enable pedantic and debug options --disable-debug Disable debug options --enable-hidden-symbols Hide internal symbols in library --disable-hidden-symbols Leave all symbols with default visibility in library + (default) + --disable-deprecated Build without deprecated APIs [default=no] + --disable-docker-tests Do not run tests requiring Docker + --disable-sshd-tests Do not run tests requiring sshd --enable-examples-build Build example applications (this is the default) --disable-examples-build Do not build example applications --enable-ossfuzzers Whether to generate the fuzzers for OSS-Fuzz - --enable-werror Enable compiler warnings as errors - --disable-werror Disable compiler warnings as errors + --enable-year2038 support timestamps after 2038 Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] @@ -1559,7 +1561,7 @@ Optional Packages: --with-gnu-ld assume the C compiler uses GNU ld [default=no] --with-sysroot[=DIR] Search for dependent libraries within DIR (or the compiler's sysroot if not specified). - --with-crypto=auto|openssl|libgcrypt|mbedtls|wincng + --with-crypto=auto|openssl|libgcrypt|mbedtls|wincng|wolfssl Select crypto backend (default: auto) --with-gnu-ld assume the C compiler uses GNU ld default=no --with-libssl-prefix[=DIR] search for libssl in DIR/include and DIR/lib @@ -1568,10 +1570,10 @@ Optional Packages: --without-libgcrypt-prefix don't search for libgcrypt in includedir and libdir --with-libmbedcrypto-prefix[=DIR] search for libmbedcrypto in DIR/include and DIR/lib --without-libmbedcrypto-prefix don't search for libmbedcrypto in includedir and libdir - --with-libcrypt32-prefix[=DIR] search for libcrypt32 in DIR/include and DIR/lib - --without-libcrypt32-prefix don't search for libcrypt32 in includedir and libdir --with-libbcrypt-prefix[=DIR] search for libbcrypt in DIR/include and DIR/lib --without-libbcrypt-prefix don't search for libbcrypt in includedir and libdir + --with-libwolfssl-prefix[=DIR] search for libwolfssl in DIR/include and DIR/lib + --without-libwolfssl-prefix don't search for libwolfssl in includedir and libdir --with-libz Use libz for compression --with-libz-prefix[=DIR] search for libz in DIR/include and DIR/lib --without-libz-prefix don't search for libz in includedir and libdir @@ -1591,10 +1593,10 @@ Some influential environment variables: CXXCPP C++ preprocessor CPP C preprocessor -Use these variables to override the choices made by `configure' or to help +Use these variables to override the choices made by 'configure' or to help it to find libraries and programs with nonstandard names/locations. -Report bugs to . +Report bugs to . _ACEOF ac_status=$? fi @@ -1659,9 +1661,9 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF libssh2 configure - -generated by GNU Autoconf 2.71 +generated by GNU Autoconf 2.72 -Copyright (C) 2021 Free Software Foundation, Inc. +Copyright (C) 2023 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -1700,107 +1702,18 @@ printf "%s\n" "$ac_try_echo"; } >&5 } && test -s conftest.$ac_objext then : ac_retval=0 -else $as_nop - printf "%s\n" "$as_me: failed program was:" >&5 +else case e in #( + e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_retval=1 + ac_retval=1 ;; +esac fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_compile -# ac_fn_c_check_type LINENO TYPE VAR INCLUDES -# ------------------------------------------- -# Tests whether TYPE exists after having included INCLUDES, setting cache -# variable VAR accordingly. -ac_fn_c_check_type () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -printf %s "checking for $2... " >&6; } -if eval test \${$3+y} -then : - printf %s "(cached) " >&6 -else $as_nop - eval "$3=no" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main (void) -{ -if (sizeof ($2)) - return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO" -then : - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main (void) -{ -if (sizeof (($2))) - return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO" -then : - -else $as_nop - eval "$3=yes" -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext -fi -eval ac_res=\$$3 - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -printf "%s\n" "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_type - -# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES -# ------------------------------------------------------- -# Tests whether HEADER exists and can be compiled using the include files in -# INCLUDES, setting the cache variable VAR accordingly. -ac_fn_c_check_header_compile () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -printf %s "checking for $2... " >&6; } -if eval test \${$3+y} -then : - printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -#include <$2> -_ACEOF -if ac_fn_c_try_compile "$LINENO" -then : - eval "$3=yes" -else $as_nop - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext -fi -eval ac_res=\$$3 - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -printf "%s\n" "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_header_compile - # ac_fn_c_try_link LINENO # ----------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. @@ -1832,11 +1745,12 @@ printf "%s\n" "$ac_try_echo"; } >&5 } then : ac_retval=0 -else $as_nop - printf "%s\n" "$as_me: failed program was:" >&5 +else case e in #( + e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_retval=1 + ac_retval=1 ;; +esac fi # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would @@ -1876,17 +1790,53 @@ printf "%s\n" "$ac_try_echo"; } >&5 } && test -s conftest.$ac_objext then : ac_retval=0 -else $as_nop - printf "%s\n" "$as_me: failed program was:" >&5 +else case e in #( + e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_retval=1 + ac_retval=1 ;; +esac fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_cxx_try_compile +# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists and can be compiled using the include files in +# INCLUDES, setting the cache variable VAR accordingly. +ac_fn_c_check_header_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +printf %s "checking for $2... " >&6; } +if eval test \${$3+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + eval "$3=yes" +else case e in #( + e) eval "$3=no" ;; +esac +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac +fi +eval ac_res=\$$3 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_header_compile + # ac_fn_c_check_func LINENO FUNC VAR # ---------------------------------- # Tests whether FUNC exists, setting the cache variable VAR accordingly @@ -1898,15 +1848,15 @@ printf %s "checking for $2... " >&6; } if eval test \${$3+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Define $2 to an innocuous variant, in case declares $2. For example, HP-UX 11i declares gettimeofday. */ #define $2 innocuous_$2 /* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $2 (); below. */ + which can conflict with char $2 (void); below. */ #include #undef $2 @@ -1917,7 +1867,7 @@ else $as_nop #ifdef __cplusplus extern "C" #endif -char $2 (); +char $2 (void); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ @@ -1936,11 +1886,13 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : eval "$3=yes" -else $as_nop - eval "$3=no" +else case e in #( + e) eval "$3=no" ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ - conftest$ac_exeext conftest.$ac_ext + conftest$ac_exeext conftest.$ac_ext ;; +esac fi eval ac_res=\$$3 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 @@ -1976,11 +1928,12 @@ printf "%s\n" "$ac_try_echo"; } >&5 } then : ac_retval=0 -else $as_nop - printf "%s\n" "$as_me: failed program was:" >&5 +else case e in #( + e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_retval=1 + ac_retval=1 ;; +esac fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval @@ -2018,11 +1971,12 @@ printf "%s\n" "$ac_try_echo"; } >&5 } then : ac_retval=0 -else $as_nop - printf "%s\n" "$as_me: failed program was:" >&5 +else case e in #( + e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_retval=1 + ac_retval=1 ;; +esac fi # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would @@ -2064,12 +2018,13 @@ printf "%s\n" "$ac_try_echo"; } >&5 test $ac_status = 0; }; } then : ac_retval=0 -else $as_nop - printf "%s\n" "$as_me: program exited with status $ac_status" >&5 +else case e in #( + e) printf "%s\n" "$as_me: program exited with status $ac_status" >&5 printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_retval=$ac_status + ac_retval=$ac_status ;; +esac fi rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno @@ -2077,58 +2032,6 @@ fi } # ac_fn_c_try_run -# ac_fn_check_decl LINENO SYMBOL VAR INCLUDES EXTRA-OPTIONS FLAG-VAR -# ------------------------------------------------------------------ -# Tests whether SYMBOL is declared in INCLUDES, setting cache variable VAR -# accordingly. Pass EXTRA-OPTIONS to the compiler, using FLAG-VAR. -ac_fn_check_decl () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - as_decl_name=`echo $2|sed 's/ *(.*//'` - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether $as_decl_name is declared" >&5 -printf %s "checking whether $as_decl_name is declared... " >&6; } -if eval test \${$3+y} -then : - printf %s "(cached) " >&6 -else $as_nop - as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'` - eval ac_save_FLAGS=\$$6 - as_fn_append $6 " $5" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -int -main (void) -{ -#ifndef $as_decl_name -#ifdef __cplusplus - (void) $as_decl_use; -#else - (void) $as_decl_name; -#endif -#endif - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO" -then : - eval "$3=yes" -else $as_nop - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - eval $6=\$ac_save_FLAGS - -fi -eval ac_res=\$$3 - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -printf "%s\n" "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_check_decl - # ac_fn_c_try_cpp LINENO # ---------------------- # Try to preprocess conftest.$ac_ext, and return whether this succeeded. @@ -2156,16 +2059,76 @@ printf "%s\n" "$ac_try_echo"; } >&5 } then : ac_retval=0 -else $as_nop - printf "%s\n" "$as_me: failed program was:" >&5 +else case e in #( + e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 - ac_retval=1 + ac_retval=1 ;; +esac fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_cpp + +# ac_fn_c_check_type LINENO TYPE VAR INCLUDES +# ------------------------------------------- +# Tests whether TYPE exists after having included INCLUDES, setting cache +# variable VAR accordingly. +ac_fn_c_check_type () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +printf %s "checking for $2... " >&6; } +if eval test \${$3+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) eval "$3=no" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +if (sizeof ($2)) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main (void) +{ +if (sizeof (($2))) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO" +then : + +else case e in #( + e) eval "$3=yes" ;; +esac +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac +fi +eval ac_res=\$$3 + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +printf "%s\n" "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + +} # ac_fn_c_check_type ac_configure_args_raw= for ac_arg do @@ -2191,7 +2154,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by libssh2 $as_me -, which was -generated by GNU Autoconf 2.71. Invocation command line was +generated by GNU Autoconf 2.72. Invocation command line was $ $0$ac_configure_args_raw @@ -2437,10 +2400,10 @@ esac printf "%s\n" "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" \ - || { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} + || { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file -See \`config.log' for more details" "$LINENO" 5; } +See 'config.log' for more details" "$LINENO" 5; } fi done @@ -2476,9 +2439,7 @@ struct stat; /* Most of the following tests are stolen from RCS 5.7 src/conf.sh. */ struct buf { int x; }; struct buf * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; +static char *e (char **p, int i) { return p[i]; } @@ -2492,6 +2453,21 @@ static char *f (char * (*g) (char **, int), char **p, ...) return s; } +/* C89 style stringification. */ +#define noexpand_stringify(a) #a +const char *stringified = noexpand_stringify(arbitrary+token=sequence); + +/* C89 style token pasting. Exercises some of the corner cases that + e.g. old MSVC gets wrong, but not very hard. */ +#define noexpand_concat(a,b) a##b +#define expand_concat(a,b) noexpand_concat(a,b) +extern int vA; +extern int vbee; +#define aye A +#define bee B +int *pvA = &expand_concat(v,aye); +int *pvbee = &noexpand_concat(v,bee); + /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not \xHH hex character constants. These do not provoke an error unfortunately, instead are silently treated @@ -2519,16 +2495,19 @@ ok |= (argc == 0 || f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]); # Test code for whether the C compiler supports C99 (global declarations) ac_c_conftest_c99_globals=' -// Does the compiler advertise C99 conformance? +/* Does the compiler advertise C99 conformance? */ #if !defined __STDC_VERSION__ || __STDC_VERSION__ < 199901L # error "Compiler does not advertise C99 conformance" #endif +// See if C++-style comments work. + #include extern int puts (const char *); extern int printf (const char *, ...); extern int dprintf (int, const char *, ...); extern void *malloc (size_t); +extern void free (void *); // Check varargs macros. These examples are taken from C99 6.10.3.5. // dprintf is used instead of fprintf to avoid needing to declare @@ -2578,7 +2557,6 @@ typedef const char *ccp; static inline int test_restrict (ccp restrict text) { - // See if C++-style comments work. // Iterate through items via the restricted pointer. // Also check for declarations in for loops. for (unsigned int i = 0; *(text+i) != '\''\0'\''; ++i) @@ -2644,6 +2622,8 @@ ac_c_conftest_c99_main=' ia->datasize = 10; for (int i = 0; i < ia->datasize; ++i) ia->data[i] = i * 1.234; + // Work around memory leak warnings. + free (ia); // Check named initializers. struct named_init ni = { @@ -2665,7 +2645,7 @@ ac_c_conftest_c99_main=' # Test code for whether the C compiler supports C11 (global declarations) ac_c_conftest_c11_globals=' -// Does the compiler advertise C11 conformance? +/* Does the compiler advertise C11 conformance? */ #if !defined __STDC_VERSION__ || __STDC_VERSION__ < 201112L # error "Compiler does not advertise C11 conformance" #endif @@ -2769,15 +2749,6 @@ main (int argc, char **argv) } " -as_fn_append ac_header_c_list " stdio.h stdio_h HAVE_STDIO_H" -as_fn_append ac_header_c_list " stdlib.h stdlib_h HAVE_STDLIB_H" -as_fn_append ac_header_c_list " string.h string_h HAVE_STRING_H" -as_fn_append ac_header_c_list " inttypes.h inttypes_h HAVE_INTTYPES_H" -as_fn_append ac_header_c_list " stdint.h stdint_h HAVE_STDINT_H" -as_fn_append ac_header_c_list " strings.h strings_h HAVE_STRINGS_H" -as_fn_append ac_header_c_list " sys/stat.h sys_stat_h HAVE_SYS_STAT_H" -as_fn_append ac_header_c_list " sys/types.h sys_types_h HAVE_SYS_TYPES_H" -as_fn_append ac_header_c_list " unistd.h unistd_h HAVE_UNISTD_H" # Test code for whether the C++ compiler supports C++98 (global declarations) ac_cxx_conftest_cxx98_globals=' // Does the compiler advertise C++98 conformance? @@ -2994,9 +2965,18 @@ main (int argc, char **argv) } " +as_fn_append ac_header_c_list " stdio.h stdio_h HAVE_STDIO_H" +as_fn_append ac_header_c_list " stdlib.h stdlib_h HAVE_STDLIB_H" +as_fn_append ac_header_c_list " string.h string_h HAVE_STRING_H" +as_fn_append ac_header_c_list " inttypes.h inttypes_h HAVE_INTTYPES_H" +as_fn_append ac_header_c_list " stdint.h stdint_h HAVE_STDINT_H" +as_fn_append ac_header_c_list " strings.h strings_h HAVE_STRINGS_H" +as_fn_append ac_header_c_list " sys/stat.h sys_stat_h HAVE_SYS_STAT_H" +as_fn_append ac_header_c_list " sys/types.h sys_types_h HAVE_SYS_TYPES_H" +as_fn_append ac_header_c_list " unistd.h unistd_h HAVE_UNISTD_H" # Auxiliary files required by this configure script. -ac_aux_files="config.rpath ltmain.sh compile config.guess config.sub missing install-sh" +ac_aux_files="config.rpath ltmain.sh compile config.guess config.sub missing install-sh tap-driver.sh" # Locations in which to look for auxiliary files. ac_aux_dir_candidates="${srcdir}${PATH_SEPARATOR}${srcdir}/..${PATH_SEPARATOR}${srcdir}/../.." @@ -3073,8 +3053,9 @@ IFS=$as_save_IFS if $as_found then : -else $as_nop - as_fn_error $? "cannot find required auxiliary files:$ac_missing_aux_files" "$LINENO" 5 +else case e in #( + e) as_fn_error $? "cannot find required auxiliary files:$ac_missing_aux_files" "$LINENO" 5 ;; +esac fi @@ -3102,12 +3083,12 @@ for ac_var in $ac_precious_vars; do eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 -printf "%s\n" "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: '$ac_var' was set to '$ac_old_val' in the previous run" >&5 +printf "%s\n" "$as_me: error: '$ac_var' was set to '$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 -printf "%s\n" "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: '$ac_var' was not set in the previous run" >&5 +printf "%s\n" "$as_me: error: '$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) @@ -3116,18 +3097,18 @@ printf "%s\n" "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_old_val_w=`echo x $ac_old_val` ac_new_val_w=`echo x $ac_new_val` if test "$ac_old_val_w" != "$ac_new_val_w"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 -printf "%s\n" "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: '$ac_var' has changed since the previous run:" >&5 +printf "%s\n" "$as_me: error: '$ac_var' has changed since the previous run:" >&2;} ac_cache_corrupted=: else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 -printf "%s\n" "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in '$ac_var' since the previous run:" >&5 +printf "%s\n" "$as_me: warning: ignoring whitespace changes in '$ac_var' since the previous run:" >&2;} eval $ac_var=\$ac_old_val fi - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 -printf "%s\n" "$as_me: former value: \`$ac_old_val'" >&2;} - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 -printf "%s\n" "$as_me: current value: \`$ac_new_val'" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: former value: '$ac_old_val'" >&5 +printf "%s\n" "$as_me: former value: '$ac_old_val'" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: current value: '$ac_new_val'" >&5 +printf "%s\n" "$as_me: current value: '$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. @@ -3143,11 +3124,11 @@ printf "%s\n" "$as_me: current value: \`$ac_new_val'" >&2;} fi done if $ac_cache_corrupted; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 printf "%s\n" "$as_me: error: changes in the environment can compromise the build" >&2;} - as_fn_error $? "run \`${MAKE-make} distclean' and/or \`rm $cache_file' + as_fn_error $? "run '${MAKE-make} distclean' and/or 'rm $cache_file' and start over" "$LINENO" 5 fi ## -------------------- ## @@ -3166,14 +3147,18 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_config_headers="$ac_config_headers src/libssh2_config.h" -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable maintainer-specific portions of Makefiles" >&5 printf %s "checking whether to enable maintainer-specific portions of Makefiles... " >&6; } # Check whether --enable-maintainer-mode was given. if test ${enable_maintainer_mode+y} then : enableval=$enable_maintainer_mode; USE_MAINTAINER_MODE=$enableval -else $as_nop - USE_MAINTAINER_MODE=no +else case e in #( + e) USE_MAINTAINER_MODE=no ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $USE_MAINTAINER_MODE" >&5 @@ -3206,8 +3191,8 @@ printf %s "checking whether $am_make supports nested variables... " >&6; } if test ${am_cv_make_support_nested_variables+y} then : printf %s "(cached) " >&6 -else $as_nop - if printf "%s\n" 'TRUE=$(BAR$(V)) +else case e in #( + e) if printf "%s\n" 'TRUE=$(BAR$(V)) BAR0=false BAR1=true V=1 @@ -3217,7 +3202,8 @@ am__doit: am_cv_make_support_nested_variables=yes else am_cv_make_support_nested_variables=no -fi +fi ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 printf "%s\n" "$am_cv_make_support_nested_variables" >&6; } @@ -3238,8 +3224,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_path_SED+y} then : printf %s "(cached) " >&6 -else $as_nop - case $SED in +else case e in #( + e) case $SED in [\\/]* | ?:[\\/]*) ac_cv_path_SED="$SED" # Let the user override the test with a path. ;; @@ -3266,6 +3252,7 @@ IFS=$as_save_IFS test -z "$ac_cv_path_SED" && ac_cv_path_SED="sed-was-not-found-by-configure" ;; +esac ;; esac fi SED=$ac_cv_path_SED @@ -3285,11 +3272,10 @@ if test "x$SED" = "xsed-was-not-found-by-configure"; then printf "%s\n" "$as_me: WARNING: sed was not found, this may ruin your chances to build fine" >&2;} fi -LIBSSH2VER=`$SED -ne 's/^#define LIBSSH2_VERSION *"\(.*\)"/\1/p' ${srcdir}/include/libssh2.h` +LIBSSH2_VERSION=`$SED -ne 's/^#define LIBSSH2_VERSION *"\(.*\)"/\1/p' ${srcdir}/include/libssh2.h` am__api_version='1.16' - # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: @@ -3310,8 +3296,8 @@ if test -z "$INSTALL"; then if test ${ac_cv_path_install+y} then : printf %s "(cached) " >&6 -else $as_nop - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +else case e in #( + e) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS @@ -3365,7 +3351,8 @@ esac IFS=$as_save_IFS rm -rf conftest.one conftest.two conftest.dir - + ;; +esac fi if test ${ac_cv_path_install+y}; then INSTALL=$ac_cv_path_install @@ -3461,7 +3448,7 @@ test "$program_prefix" != NONE && test "$program_suffix" != NONE && program_transform_name="s&\$&$program_suffix&;$program_transform_name" # Double any \ or $. -# By default was `s,x,x', remove it if useless. +# By default was 's,x,x', remove it if useless. ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' program_transform_name=`printf "%s\n" "$program_transform_name" | sed "$ac_script"` @@ -3504,8 +3491,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_STRIP+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$STRIP"; then +else case e in #( + e) if test -n "$STRIP"; then ac_cv_prog_STRIP="$STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -3527,7 +3514,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi STRIP=$ac_cv_prog_STRIP if test -n "$STRIP"; then @@ -3549,8 +3537,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_STRIP+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_STRIP"; then +else case e in #( + e) if test -n "$ac_ct_STRIP"; then ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -3572,7 +3560,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP if test -n "$ac_ct_STRIP"; then @@ -3608,8 +3597,8 @@ if test -z "$MKDIR_P"; then if test ${ac_cv_path_mkdir+y} then : printf %s "(cached) " >&6 -else $as_nop - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +else case e in #( + e) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin do IFS=$as_save_IFS @@ -3623,7 +3612,7 @@ do as_fn_executable_p "$as_dir$ac_prog$ac_exec_ext" || continue case `"$as_dir$ac_prog$ac_exec_ext" --version 2>&1` in #( 'mkdir ('*'coreutils) '* | \ - 'BusyBox '* | \ + *'BusyBox '* | \ 'mkdir (fileutils) '4.1*) ac_cv_path_mkdir=$as_dir$ac_prog$ac_exec_ext break 3;; @@ -3632,18 +3621,17 @@ do done done IFS=$as_save_IFS - + ;; +esac fi test -d ./--version && rmdir ./--version if test ${ac_cv_path_mkdir+y}; then MKDIR_P="$ac_cv_path_mkdir -p" else - # As a last resort, use the slow shell script. Don't cache a - # value for MKDIR_P within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - MKDIR_P="$ac_install_sh -d" + # As a last resort, use plain mkdir -p, + # in the hope it doesn't have the bugs of ancient mkdir. + MKDIR_P='mkdir -p' fi fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 @@ -3658,8 +3646,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_AWK+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$AWK"; then +else case e in #( + e) if test -n "$AWK"; then ac_cv_prog_AWK="$AWK" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -3681,7 +3669,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi AWK=$ac_cv_prog_AWK if test -n "$AWK"; then @@ -3703,8 +3692,8 @@ ac_make=`printf "%s\n" "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` if eval test \${ac_cv_prog_make_${ac_make}_set+y} then : printf %s "(cached) " >&6 -else $as_nop - cat >conftest.make <<\_ACEOF +else case e in #( + e) cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @echo '@@@%%%=$(MAKE)=@@@%%%' @@ -3716,7 +3705,8 @@ case `${MAKE-make} -f conftest.make 2>/dev/null` in *) eval ac_cv_prog_make_${ac_make}_set=no;; esac -rm -f conftest.make +rm -f conftest.make ;; +esac fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 @@ -3864,13 +3854,14 @@ fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking libssh2 version" >&5 printf %s "checking libssh2 version... " >&6; } -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBSSH2VER" >&5 -printf "%s\n" "$LIBSSH2VER" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBSSH2_VERSION" >&5 +printf "%s\n" "$LIBSSH2_VERSION" >&6; } -AB_VERSION=$LIBSSH2VER - +# Check for the OS. +# Daniel's note: this should not be necessary and we need to work to +# get this removed. # Make sure we can run config.sub. @@ -3882,15 +3873,16 @@ printf %s "checking build system type... " >&6; } if test ${ac_cv_build+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_build_alias=$build_alias +else case e in #( + e) ac_build_alias=$build_alias test "x$ac_build_alias" = x && ac_build_alias=`$SHELL "${ac_aux_dir}config.guess"` test "x$ac_build_alias" = x && as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 ac_cv_build=`$SHELL "${ac_aux_dir}config.sub" $ac_build_alias` || as_fn_error $? "$SHELL ${ac_aux_dir}config.sub $ac_build_alias failed" "$LINENO" 5 - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 printf "%s\n" "$ac_cv_build" >&6; } @@ -3917,14 +3909,15 @@ printf %s "checking host system type... " >&6; } if test ${ac_cv_host+y} then : printf %s "(cached) " >&6 -else $as_nop - if test "x$host_alias" = x; then +else case e in #( + e) if test "x$host_alias" = x; then ac_cv_host=$ac_cv_build else ac_cv_host=`$SHELL "${ac_aux_dir}config.sub" $host_alias` || as_fn_error $? "$SHELL ${ac_aux_dir}config.sub $host_alias failed" "$LINENO" 5 fi - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 printf "%s\n" "$ac_cv_host" >&6; } @@ -3946,51 +3939,11 @@ IFS=$ac_save_IFS case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac - - - - - if test -z "$AB_PACKAGE"; then - AB_PACKAGE=${PACKAGE_NAME:-$PACKAGE} - fi - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: autobuild project... $AB_PACKAGE" >&5 -printf "%s\n" "$as_me: autobuild project... $AB_PACKAGE" >&6;} - - if test -z "$AB_VERSION"; then - AB_VERSION=${PACKAGE_VERSION:-$VERSION} - fi - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: autobuild revision... $AB_VERSION" >&5 -printf "%s\n" "$as_me: autobuild revision... $AB_VERSION" >&6;} - - hostname=`hostname` - if test "$hostname"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: autobuild hostname... $hostname" >&5 -printf "%s\n" "$as_me: autobuild hostname... $hostname" >&6;} - fi - - - - date=`date +%Y%m%d-%H%M%S` - if test "$?" != 0; then - date=`date` - fi - if test "$date"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: autobuild timestamp... $date" >&5 -printf "%s\n" "$as_me: autobuild timestamp... $date" >&6;} - fi - - -# Check for the OS. -# Daniel's note: this should not be necessary and we need to work to -# get this removed. - case "$host" in *-mingw*) - CFLAGS="$CFLAGS -DLIBSSH2_WIN32" LIBS="$LIBS -lws2_32" ;; *darwin*) - CFLAGS="$CFLAGS -DLIBSSH2_DARWIN" ;; *hpux*) ;; @@ -4087,8 +4040,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -4110,7 +4063,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -4132,8 +4086,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_CC"; then +else case e in #( + e) if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -4155,7 +4109,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then @@ -4190,8 +4145,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -4213,7 +4168,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -4235,8 +4191,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no @@ -4275,7 +4231,8 @@ if test $ac_prog_rejected = yes; then ac_cv_prog_CC="$as_dir$ac_word${1+' '}$@" fi fi -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -4299,8 +4256,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -4322,7 +4279,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -4348,8 +4306,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_CC"; then +else case e in #( + e) if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -4371,7 +4329,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then @@ -4409,8 +4368,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -4432,7 +4391,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -4454,8 +4414,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_CC"; then +else case e in #( + e) if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -4477,7 +4437,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then @@ -4506,10 +4467,10 @@ fi fi -test -z "$CC" && { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +test -z "$CC" && { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH -See \`config.log' for more details" "$LINENO" 5; } +See 'config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 @@ -4581,8 +4542,8 @@ printf "%s\n" "$ac_try_echo"; } >&5 printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } then : - # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. -# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' + # Autoconf-2.13 could set the ac_cv_exeext variable to 'no'. +# So ignore a value of 'no', otherwise this would lead to 'EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, # so that the user can short-circuit this test for compilers unknown to # Autoconf. @@ -4602,7 +4563,7 @@ do ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi # We set ac_cv_exeext here because the later test for it is not - # safe: cross compilers may not add the suffix if given an `-o' + # safe: cross compilers may not add the suffix if given an '-o' # argument, so we may need to know it at that point already. # Even if this section looks crufty: it has the advantage of # actually working. @@ -4613,8 +4574,9 @@ do done test "$ac_cv_exeext" = no && ac_cv_exeext= -else $as_nop - ac_file='' +else case e in #( + e) ac_file='' ;; +esac fi if test -z "$ac_file" then : @@ -4623,13 +4585,14 @@ printf "%s\n" "no" >&6; } printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 -{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables -See \`config.log' for more details" "$LINENO" 5; } -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -printf "%s\n" "yes" >&6; } +See 'config.log' for more details" "$LINENO" 5; } +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 printf %s "checking for C compiler default output file name... " >&6; } @@ -4653,10 +4616,10 @@ printf "%s\n" "$ac_try_echo"; } >&5 printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } then : - # If both `conftest.exe' and `conftest' are `present' (well, observable) -# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will -# work properly (i.e., refer to `conftest.exe'), while it won't with -# `rm'. + # If both 'conftest.exe' and 'conftest' are 'present' (well, observable) +# catch 'conftest.exe'. For instance with Cygwin, 'ls conftest' will +# work properly (i.e., refer to 'conftest.exe'), while it won't with +# 'rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in @@ -4666,11 +4629,12 @@ for ac_file in conftest.exe conftest conftest.*; do * ) break;; esac done -else $as_nop - { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +else case e in #( + e) { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details" "$LINENO" 5; } +See 'config.log' for more details" "$LINENO" 5; } ;; +esac fi rm -f conftest conftest$ac_cv_exeext { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 @@ -4686,6 +4650,8 @@ int main (void) { FILE *f = fopen ("conftest.out", "w"); + if (!f) + return 1; return ferror (f) || fclose (f) != 0; ; @@ -4725,26 +4691,27 @@ printf "%s\n" "$ac_try_echo"; } >&5 if test "$cross_compiling" = maybe; then cross_compiling=yes else - { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error 77 "cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details" "$LINENO" 5; } +If you meant to cross compile, use '--host'. +See 'config.log' for more details" "$LINENO" 5; } fi fi fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 printf "%s\n" "$cross_compiling" >&6; } -rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out +rm -f conftest.$ac_ext conftest$ac_cv_exeext \ + conftest.o conftest.obj conftest.out ac_clean_files=$ac_clean_files_save { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 printf %s "checking for suffix of object files... " >&6; } if test ${ac_cv_objext+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -4776,16 +4743,18 @@ then : break;; esac done -else $as_nop - printf "%s\n" "$as_me: failed program was:" >&5 +else case e in #( + e) printf "%s\n" "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 -{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +{ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile -See \`config.log' for more details" "$LINENO" 5; } +See 'config.log' for more details" "$LINENO" 5; } ;; +esac fi -rm -f conftest.$ac_cv_objext conftest.$ac_ext +rm -f conftest.$ac_cv_objext conftest.$ac_ext ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 printf "%s\n" "$ac_cv_objext" >&6; } @@ -4796,8 +4765,8 @@ printf %s "checking whether the compiler supports GNU C... " >&6; } if test ${ac_cv_c_compiler_gnu+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -4814,12 +4783,14 @@ _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_compiler_gnu=yes -else $as_nop - ac_compiler_gnu=no +else case e in #( + e) ac_compiler_gnu=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 printf "%s\n" "$ac_cv_c_compiler_gnu" >&6; } @@ -4837,8 +4808,8 @@ printf %s "checking whether $CC accepts -g... " >&6; } if test ${ac_cv_prog_cc_g+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_save_c_werror_flag=$ac_c_werror_flag +else case e in #( + e) ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" @@ -4856,8 +4827,8 @@ _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_cv_prog_cc_g=yes -else $as_nop - CFLAGS="" +else case e in #( + e) CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -4872,8 +4843,8 @@ _ACEOF if ac_fn_c_try_compile "$LINENO" then : -else $as_nop - ac_c_werror_flag=$ac_save_c_werror_flag +else case e in #( + e) ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -4890,12 +4861,15 @@ if ac_fn_c_try_compile "$LINENO" then : ac_cv_prog_cc_g=yes fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - ac_c_werror_flag=$ac_save_c_werror_flag + ac_c_werror_flag=$ac_save_c_werror_flag ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 printf "%s\n" "$ac_cv_prog_cc_g" >&6; } @@ -4922,8 +4896,8 @@ printf %s "checking for $CC option to enable C11 features... " >&6; } if test ${ac_cv_prog_cc_c11+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_prog_cc_c11=no +else case e in #( + e) ac_cv_prog_cc_c11=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -4940,25 +4914,28 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c11" != "xno" && break done rm -f conftest.$ac_ext -CC=$ac_save_CC +CC=$ac_save_CC ;; +esac fi if test "x$ac_cv_prog_cc_c11" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } -else $as_nop - if test "x$ac_cv_prog_cc_c11" = x +else case e in #( + e) if test "x$ac_cv_prog_cc_c11" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5 printf "%s\n" "$ac_cv_prog_cc_c11" >&6; } - CC="$CC $ac_cv_prog_cc_c11" + CC="$CC $ac_cv_prog_cc_c11" ;; +esac fi ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c11 - ac_prog_cc_stdc=c11 + ac_prog_cc_stdc=c11 ;; +esac fi fi if test x$ac_prog_cc_stdc = xno @@ -4968,8 +4945,8 @@ printf %s "checking for $CC option to enable C99 features... " >&6; } if test ${ac_cv_prog_cc_c99+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_prog_cc_c99=no +else case e in #( + e) ac_cv_prog_cc_c99=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -4986,25 +4963,28 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c99" != "xno" && break done rm -f conftest.$ac_ext -CC=$ac_save_CC +CC=$ac_save_CC ;; +esac fi if test "x$ac_cv_prog_cc_c99" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } -else $as_nop - if test "x$ac_cv_prog_cc_c99" = x +else case e in #( + e) if test "x$ac_cv_prog_cc_c99" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 printf "%s\n" "$ac_cv_prog_cc_c99" >&6; } - CC="$CC $ac_cv_prog_cc_c99" + CC="$CC $ac_cv_prog_cc_c99" ;; +esac fi ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c99 - ac_prog_cc_stdc=c99 + ac_prog_cc_stdc=c99 ;; +esac fi fi if test x$ac_prog_cc_stdc = xno @@ -5014,8 +4994,8 @@ printf %s "checking for $CC option to enable C89 features... " >&6; } if test ${ac_cv_prog_cc_c89+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_prog_cc_c89=no +else case e in #( + e) ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -5032,25 +5012,28 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext -CC=$ac_save_CC +CC=$ac_save_CC ;; +esac fi if test "x$ac_cv_prog_cc_c89" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } -else $as_nop - if test "x$ac_cv_prog_cc_c89" = x +else case e in #( + e) if test "x$ac_cv_prog_cc_c89" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 printf "%s\n" "$ac_cv_prog_cc_c89" >&6; } - CC="$CC $ac_cv_prog_cc_c89" + CC="$CC $ac_cv_prog_cc_c89" ;; +esac fi ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c89 - ac_prog_cc_stdc=c89 + ac_prog_cc_stdc=c89 ;; +esac fi fi @@ -5071,8 +5054,8 @@ printf %s "checking whether $CC understands -c and -o together... " >&6; } if test ${am_cv_prog_cc_c_o+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -5102,7 +5085,8 @@ _ACEOF fi done rm -f core conftest* - unset am_i + unset am_i ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 printf "%s\n" "$am_cv_prog_cc_c_o" >&6; } @@ -5128,8 +5112,8 @@ printf %s "checking dependency style of $depcc... " >&6; } if test ${am_cv_CC_dependencies_compiler_type+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then +else case e in #( + e) if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up @@ -5233,7 +5217,8 @@ else $as_nop else am_cv_CC_dependencies_compiler_type=none fi - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 printf "%s\n" "$am_cv_CC_dependencies_compiler_type" >&6; } @@ -5251,46 +5236,6 @@ fi -ac_header= ac_cache= -for ac_item in $ac_header_c_list -do - if test $ac_cache; then - ac_fn_c_check_header_compile "$LINENO" $ac_header ac_cv_header_$ac_cache "$ac_includes_default" - if eval test \"x\$ac_cv_header_$ac_cache\" = xyes; then - printf "%s\n" "#define $ac_item 1" >> confdefs.h - fi - ac_header= ac_cache= - elif test $ac_header; then - ac_cache=$ac_item - else - ac_header=$ac_item - fi -done - - - - - - - - -if test $ac_cv_header_stdlib_h = yes && test $ac_cv_header_string_h = yes -then : - -printf "%s\n" "#define STDC_HEADERS 1" >>confdefs.h - -fi -ac_fn_c_check_type "$LINENO" "long long" "ac_cv_type_long_long" "$ac_includes_default" -if test "x$ac_cv_type_long_long" = xyes -then : - -printf "%s\n" "#define HAVE_LONGLONG 1" >>confdefs.h - - longlong="yes" - -fi - - # { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if _REENTRANT is already defined" >&5 @@ -5322,12 +5267,13 @@ then : printf "%s\n" "yes" >&6; } tmp_reentrant_initially_defined="yes" -else $as_nop - +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } tmp_reentrant_initially_defined="no" - + ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext # @@ -5383,15 +5329,21 @@ printf %s "checking for library containing socket... " >&6; } if test ${ac_cv_search_socket+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_func_search_save_LIBS=$LIBS +else case e in #( + e) ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -char socket (); + builtin and then its argument prototype would still apply. + The 'extern "C"' is for builds by C++ compilers; + although this is not generally supported in C code supporting it here + has little cost and some practical benefit (sr 110532). */ +#ifdef __cplusplus +extern "C" +#endif +char socket (void); int main (void) { @@ -5422,11 +5374,13 @@ done if test ${ac_cv_search_socket+y} then : -else $as_nop - ac_cv_search_socket=no +else case e in #( + e) ac_cv_search_socket=no ;; +esac fi rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS +LIBS=$ac_func_search_save_LIBS ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5 printf "%s\n" "$ac_cv_search_socket" >&6; } @@ -5444,15 +5398,21 @@ printf %s "checking for library containing inet_addr... " >&6; } if test ${ac_cv_search_inet_addr+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_func_search_save_LIBS=$LIBS +else case e in #( + e) ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -char inet_addr (); + builtin and then its argument prototype would still apply. + The 'extern "C"' is for builds by C++ compilers; + although this is not generally supported in C code supporting it here + has little cost and some practical benefit (sr 110532). */ +#ifdef __cplusplus +extern "C" +#endif +char inet_addr (void); int main (void) { @@ -5483,11 +5443,13 @@ done if test ${ac_cv_search_inet_addr+y} then : -else $as_nop - ac_cv_search_inet_addr=no +else case e in #( + e) ac_cv_search_inet_addr=no ;; +esac fi rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS +LIBS=$ac_func_search_save_LIBS ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_inet_addr" >&5 printf "%s\n" "$ac_cv_search_inet_addr" >&6; } @@ -5514,8 +5476,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -5537,7 +5499,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -5559,8 +5522,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_CC"; then +else case e in #( + e) if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -5582,7 +5545,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then @@ -5617,8 +5581,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -5640,7 +5604,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -5662,8 +5627,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no @@ -5702,7 +5667,8 @@ if test $ac_prog_rejected = yes; then ac_cv_prog_CC="$as_dir$ac_word${1+' '}$@" fi fi -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -5726,8 +5692,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -5749,7 +5715,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -5775,8 +5742,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_CC"; then +else case e in #( + e) if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -5798,7 +5765,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then @@ -5836,8 +5804,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CC"; then +else case e in #( + e) if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -5859,7 +5827,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi CC=$ac_cv_prog_CC if test -n "$CC"; then @@ -5881,8 +5850,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CC+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_CC"; then +else case e in #( + e) if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -5904,7 +5873,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then @@ -5933,10 +5903,10 @@ fi fi -test -z "$CC" && { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +test -z "$CC" && { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH -See \`config.log' for more details" "$LINENO" 5; } +See 'config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 @@ -5968,8 +5938,8 @@ printf %s "checking whether the compiler supports GNU C... " >&6; } if test ${ac_cv_c_compiler_gnu+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -5986,12 +5956,14 @@ _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_compiler_gnu=yes -else $as_nop - ac_compiler_gnu=no +else case e in #( + e) ac_compiler_gnu=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 printf "%s\n" "$ac_cv_c_compiler_gnu" >&6; } @@ -6009,8 +5981,8 @@ printf %s "checking whether $CC accepts -g... " >&6; } if test ${ac_cv_prog_cc_g+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_save_c_werror_flag=$ac_c_werror_flag +else case e in #( + e) ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" @@ -6028,8 +6000,8 @@ _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_cv_prog_cc_g=yes -else $as_nop - CFLAGS="" +else case e in #( + e) CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -6044,8 +6016,8 @@ _ACEOF if ac_fn_c_try_compile "$LINENO" then : -else $as_nop - ac_c_werror_flag=$ac_save_c_werror_flag +else case e in #( + e) ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -6062,12 +6034,15 @@ if ac_fn_c_try_compile "$LINENO" then : ac_cv_prog_cc_g=yes fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - ac_c_werror_flag=$ac_save_c_werror_flag + ac_c_werror_flag=$ac_save_c_werror_flag ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 printf "%s\n" "$ac_cv_prog_cc_g" >&6; } @@ -6094,8 +6069,8 @@ printf %s "checking for $CC option to enable C11 features... " >&6; } if test ${ac_cv_prog_cc_c11+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_prog_cc_c11=no +else case e in #( + e) ac_cv_prog_cc_c11=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -6112,25 +6087,28 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c11" != "xno" && break done rm -f conftest.$ac_ext -CC=$ac_save_CC +CC=$ac_save_CC ;; +esac fi if test "x$ac_cv_prog_cc_c11" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } -else $as_nop - if test "x$ac_cv_prog_cc_c11" = x +else case e in #( + e) if test "x$ac_cv_prog_cc_c11" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5 printf "%s\n" "$ac_cv_prog_cc_c11" >&6; } - CC="$CC $ac_cv_prog_cc_c11" + CC="$CC $ac_cv_prog_cc_c11" ;; +esac fi ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c11 - ac_prog_cc_stdc=c11 + ac_prog_cc_stdc=c11 ;; +esac fi fi if test x$ac_prog_cc_stdc = xno @@ -6140,8 +6118,8 @@ printf %s "checking for $CC option to enable C99 features... " >&6; } if test ${ac_cv_prog_cc_c99+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_prog_cc_c99=no +else case e in #( + e) ac_cv_prog_cc_c99=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -6158,25 +6136,28 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c99" != "xno" && break done rm -f conftest.$ac_ext -CC=$ac_save_CC +CC=$ac_save_CC ;; +esac fi if test "x$ac_cv_prog_cc_c99" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } -else $as_nop - if test "x$ac_cv_prog_cc_c99" = x +else case e in #( + e) if test "x$ac_cv_prog_cc_c99" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 printf "%s\n" "$ac_cv_prog_cc_c99" >&6; } - CC="$CC $ac_cv_prog_cc_c99" + CC="$CC $ac_cv_prog_cc_c99" ;; +esac fi ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c99 - ac_prog_cc_stdc=c99 + ac_prog_cc_stdc=c99 ;; +esac fi fi if test x$ac_prog_cc_stdc = xno @@ -6186,8 +6167,8 @@ printf %s "checking for $CC option to enable C89 features... " >&6; } if test ${ac_cv_prog_cc_c89+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_prog_cc_c89=no +else case e in #( + e) ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -6204,25 +6185,28 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext -CC=$ac_save_CC +CC=$ac_save_CC ;; +esac fi if test "x$ac_cv_prog_cc_c89" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } -else $as_nop - if test "x$ac_cv_prog_cc_c89" = x +else case e in #( + e) if test "x$ac_cv_prog_cc_c89" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 printf "%s\n" "$ac_cv_prog_cc_c89" >&6; } - CC="$CC $ac_cv_prog_cc_c89" + CC="$CC $ac_cv_prog_cc_c89" ;; +esac fi ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c89 - ac_prog_cc_stdc=c89 + ac_prog_cc_stdc=c89 ;; +esac fi fi @@ -6243,8 +6227,8 @@ printf %s "checking whether $CC understands -c and -o together... " >&6; } if test ${am_cv_prog_cc_c_o+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -6274,7 +6258,8 @@ _ACEOF fi done rm -f core conftest* - unset am_i + unset am_i ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 printf "%s\n" "$am_cv_prog_cc_c_o" >&6; } @@ -6300,8 +6285,8 @@ printf %s "checking dependency style of $depcc... " >&6; } if test ${am_cv_CC_dependencies_compiler_type+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then +else case e in #( + e) if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up @@ -6405,7 +6390,8 @@ else $as_nop else am_cv_CC_dependencies_compiler_type=none fi - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 printf "%s\n" "$am_cv_CC_dependencies_compiler_type" >&6; } @@ -6447,8 +6433,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$CXX"; then +else case e in #( + e) if test -n "$CXX"; then ac_cv_prog_CXX="$CXX" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -6470,7 +6456,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi CXX=$ac_cv_prog_CXX if test -n "$CXX"; then @@ -6496,8 +6483,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_CXX"; then +else case e in #( + e) if test -n "$ac_ct_CXX"; then ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -6519,7 +6506,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_CXX=$ac_cv_prog_ac_ct_CXX if test -n "$ac_ct_CXX"; then @@ -6579,8 +6567,8 @@ printf %s "checking whether the compiler supports GNU C++... " >&6; } if test ${ac_cv_cxx_compiler_gnu+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -6597,12 +6585,14 @@ _ACEOF if ac_fn_cxx_try_compile "$LINENO" then : ac_compiler_gnu=yes -else $as_nop - ac_compiler_gnu=no +else case e in #( + e) ac_compiler_gnu=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ac_cv_cxx_compiler_gnu=$ac_compiler_gnu - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cxx_compiler_gnu" >&5 printf "%s\n" "$ac_cv_cxx_compiler_gnu" >&6; } @@ -6620,8 +6610,8 @@ printf %s "checking whether $CXX accepts -g... " >&6; } if test ${ac_cv_prog_cxx_g+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_save_cxx_werror_flag=$ac_cxx_werror_flag +else case e in #( + e) ac_save_cxx_werror_flag=$ac_cxx_werror_flag ac_cxx_werror_flag=yes ac_cv_prog_cxx_g=no CXXFLAGS="-g" @@ -6639,8 +6629,8 @@ _ACEOF if ac_fn_cxx_try_compile "$LINENO" then : ac_cv_prog_cxx_g=yes -else $as_nop - CXXFLAGS="" +else case e in #( + e) CXXFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -6655,8 +6645,8 @@ _ACEOF if ac_fn_cxx_try_compile "$LINENO" then : -else $as_nop - ac_cxx_werror_flag=$ac_save_cxx_werror_flag +else case e in #( + e) ac_cxx_werror_flag=$ac_save_cxx_werror_flag CXXFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -6673,12 +6663,15 @@ if ac_fn_cxx_try_compile "$LINENO" then : ac_cv_prog_cxx_g=yes fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - ac_cxx_werror_flag=$ac_save_cxx_werror_flag + ac_cxx_werror_flag=$ac_save_cxx_werror_flag ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_g" >&5 printf "%s\n" "$ac_cv_prog_cxx_g" >&6; } @@ -6702,11 +6695,11 @@ if test x$ac_prog_cxx_stdcxx = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CXX option to enable C++11 features" >&5 printf %s "checking for $CXX option to enable C++11 features... " >&6; } -if test ${ac_cv_prog_cxx_11+y} +if test ${ac_cv_prog_cxx_cxx11+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_prog_cxx_11=no +else case e in #( + e) ac_cv_prog_cxx_cxx11=no ac_save_CXX=$CXX cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -6723,36 +6716,39 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cxx_cxx11" != "xno" && break done rm -f conftest.$ac_ext -CXX=$ac_save_CXX +CXX=$ac_save_CXX ;; +esac fi if test "x$ac_cv_prog_cxx_cxx11" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } -else $as_nop - if test "x$ac_cv_prog_cxx_cxx11" = x +else case e in #( + e) if test "x$ac_cv_prog_cxx_cxx11" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_cxx11" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_cxx11" >&5 printf "%s\n" "$ac_cv_prog_cxx_cxx11" >&6; } - CXX="$CXX $ac_cv_prog_cxx_cxx11" + CXX="$CXX $ac_cv_prog_cxx_cxx11" ;; +esac fi ac_cv_prog_cxx_stdcxx=$ac_cv_prog_cxx_cxx11 - ac_prog_cxx_stdcxx=cxx11 + ac_prog_cxx_stdcxx=cxx11 ;; +esac fi fi if test x$ac_prog_cxx_stdcxx = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CXX option to enable C++98 features" >&5 printf %s "checking for $CXX option to enable C++98 features... " >&6; } -if test ${ac_cv_prog_cxx_98+y} +if test ${ac_cv_prog_cxx_cxx98+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_prog_cxx_98=no +else case e in #( + e) ac_cv_prog_cxx_cxx98=no ac_save_CXX=$CXX cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -6769,25 +6765,28 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam test "x$ac_cv_prog_cxx_cxx98" != "xno" && break done rm -f conftest.$ac_ext -CXX=$ac_save_CXX +CXX=$ac_save_CXX ;; +esac fi if test "x$ac_cv_prog_cxx_cxx98" = xno then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 printf "%s\n" "unsupported" >&6; } -else $as_nop - if test "x$ac_cv_prog_cxx_cxx98" = x +else case e in #( + e) if test "x$ac_cv_prog_cxx_cxx98" = x then : { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 printf "%s\n" "none needed" >&6; } -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_cxx98" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_cxx98" >&5 printf "%s\n" "$ac_cv_prog_cxx_cxx98" >&6; } - CXX="$CXX $ac_cv_prog_cxx_cxx98" + CXX="$CXX $ac_cv_prog_cxx_cxx98" ;; +esac fi ac_cv_prog_cxx_stdcxx=$ac_cv_prog_cxx_cxx98 - ac_prog_cxx_stdcxx=cxx98 + ac_prog_cxx_stdcxx=cxx98 ;; +esac fi fi @@ -6804,8 +6803,8 @@ printf %s "checking dependency style of $depcc... " >&6; } if test ${am_cv_CXX_dependencies_compiler_type+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then +else case e in #( + e) if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up @@ -6909,7 +6908,8 @@ else $as_nop else am_cv_CXX_dependencies_compiler_type=none fi - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $am_cv_CXX_dependencies_compiler_type" >&5 printf "%s\n" "$am_cv_CXX_dependencies_compiler_type" >&6; } @@ -6945,8 +6945,8 @@ ac_make=`printf "%s\n" "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` if eval test \${ac_cv_prog_make_${ac_make}_set+y} then : printf %s "(cached) " >&6 -else $as_nop - cat >conftest.make <<\_ACEOF +else case e in #( + e) cat >conftest.make <<\_ACEOF SHELL = /bin/sh all: @echo '@@@%%%=$(MAKE)=@@@%%%' @@ -6958,7 +6958,8 @@ case `${MAKE-make} -f conftest.make 2>/dev/null` in *) eval ac_cv_prog_make_${ac_make}_set=no;; esac -rm -f conftest.make +rm -f conftest.make ;; +esac fi if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 @@ -6979,8 +6980,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_path_SSHD+y} then : printf %s "(cached) " >&6 -else $as_nop - case $SSHD in +else case e in #( + e) case $SSHD in [\\/]* | ?:[\\/]*) ac_cv_path_SSHD="$SSHD" # Let the user override the test with a path. ;; @@ -7005,6 +7006,7 @@ done IFS=$as_save_IFS ;; +esac ;; esac fi SSHD=$ac_cv_path_SSHD @@ -7028,125 +7030,117 @@ else SSHD_FALSE= fi -enable_win32_dll=yes +case `pwd` in + *\ * | *\ *) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5 +printf "%s\n" "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;; +esac -case $host in -*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*) - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}as", so it can be a program name with args. -set dummy ${ac_tool_prefix}as; ac_word=$2 -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_AS+y} -then : - printf %s "(cached) " >&6 -else $as_nop - if test -n "$AS"; then - ac_cv_prog_AS="$AS" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_AS="${ac_tool_prefix}as" - printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS -fi -fi -AS=$ac_cv_prog_AS -if test -n "$AS"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $AS" >&5 -printf "%s\n" "$AS" >&6; } -else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } -fi +macro_version='2.4.7' +macro_revision='2.4.7' -fi -if test -z "$ac_cv_prog_AS"; then - ac_ct_AS=$AS - # Extract the first word of "as", so it can be a program name with args. -set dummy as; ac_word=$2 -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_ac_ct_AS+y} -then : - printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_AS"; then - ac_cv_prog_ac_ct_AS="$ac_ct_AS" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_AS="as" - printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS -fi -fi -ac_ct_AS=$ac_cv_prog_ac_ct_AS -if test -n "$ac_ct_AS"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AS" >&5 -printf "%s\n" "$ac_ct_AS" >&6; } + + + + + + + + + + + + +ltmain=$ac_aux_dir/ltmain.sh + +# Backslashify metacharacters that are still active within +# double-quoted strings. +sed_quote_subst='s/\(["`$\\]\)/\\\1/g' + +# Same as above, but do not quote variable references. +double_quote_subst='s/\(["`\\]\)/\\\1/g' + +# Sed substitution to delay expansion of an escaped shell variable in a +# double_quote_subst'ed string. +delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' + +# Sed substitution to delay expansion of an escaped single quote. +delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' + +# Sed substitution to avoid accidental globbing in evaled expressions +no_glob_subst='s/\*/\\\*/g' + +ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5 +printf %s "checking how to print strings... " >&6; } +# Test print first, because it will be a builtin if present. +if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ + test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='print -r --' +elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='printf %s\n' else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } + # Use this function as a fallback that always works. + func_fallback_echo () + { + eval 'cat <<_LTECHO_EOF +$1 +_LTECHO_EOF' + } + ECHO='func_fallback_echo' fi - if test "x$ac_ct_AS" = x; then - AS="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; +# func_echo_all arg... +# Invoke $ECHO with all args, space-separated. +func_echo_all () +{ + $ECHO "" +} + +case $ECHO in + printf*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: printf" >&5 +printf "%s\n" "printf" >&6; } ;; + print*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: print -r" >&5 +printf "%s\n" "print -r" >&6; } ;; + *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: cat" >&5 +printf "%s\n" "cat" >&6; } ;; esac - AS=$ac_ct_AS - fi -else - AS="$ac_cv_prog_AS" -fi - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. -set dummy ${ac_tool_prefix}dlltool; ac_word=$2 -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_DLLTOOL+y} + + + + + + + + + + + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5 +printf %s "checking for a sed that does not truncate output... " >&6; } +if test ${ac_cv_path_SED+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$DLLTOOL"; then - ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +else case e in #( + e) ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ + for ac_i in 1 2 3 4 5 6 7; do + ac_script="$ac_script$as_nl$ac_script" + done + echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed + { ac_script=; unset ac_script;} + if test -z "$SED"; then + ac_path_SED_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS @@ -7155,44 +7149,83 @@ do */) ;; *) as_dir=$as_dir/ ;; esac + for ac_prog in sed gsed + do for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" - printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 - break 2 - fi -done + ac_path_SED="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_SED" || continue +# Check for GNU ac_path_SED and select it if it is found. + # Check for GNU $ac_path_SED +case `"$ac_path_SED" --version 2>&1` in #( +*GNU*) + ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;; +#( +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" '' >> "conftest.nl" + "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_SED_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_SED="$ac_path_SED" + ac_path_SED_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break done -IFS=$as_save_IFS + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac -fi -fi -DLLTOOL=$ac_cv_prog_DLLTOOL -if test -n "$DLLTOOL"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 -printf "%s\n" "$DLLTOOL" >&6; } + $ac_path_SED_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_SED"; then + as_fn_error $? "no acceptable sed could be found in \$PATH" "$LINENO" 5 + fi else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } + ac_cv_path_SED=$SED +fi + ;; +esac fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5 +printf "%s\n" "$ac_cv_path_SED" >&6; } + SED="$ac_cv_path_SED" + rm -f conftest.sed +test -z "$SED" && SED=sed +Xsed="$SED -e 1s/^X//" -fi -if test -z "$ac_cv_prog_DLLTOOL"; then - ac_ct_DLLTOOL=$DLLTOOL - # Extract the first word of "dlltool", so it can be a program name with args. -set dummy dlltool; ac_word=$2 -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_ac_ct_DLLTOOL+y} + + + + + + + + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 +printf %s "checking for grep that handles long lines and -e... " >&6; } +if test ${ac_cv_path_GREP+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_DLLTOOL"; then - ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH +else case e in #( + e) if test -z "$GREP"; then + ac_path_GREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS case $as_dir in #((( @@ -7200,56 +7233,73 @@ do */) ;; *) as_dir=$as_dir/ ;; esac + for ac_prog in grep ggrep + do for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_DLLTOOL="dlltool" - printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 - break 2 - fi -done + ac_path_GREP="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_GREP" || continue +# Check for GNU ac_path_GREP and select it if it is found. + # Check for GNU $ac_path_GREP +case `"$ac_path_GREP" --version 2>&1` in #( +*GNU*) + ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; +#( +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" 'GREP' >> "conftest.nl" + "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_GREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_GREP="$ac_path_GREP" + ac_path_GREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break done -IFS=$as_save_IFS + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac -fi -fi -ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL -if test -n "$ac_ct_DLLTOOL"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 -printf "%s\n" "$ac_ct_DLLTOOL" >&6; } + $ac_path_GREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_GREP"; then + as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } + ac_cv_path_GREP=$GREP fi - - if test "x$ac_ct_DLLTOOL" = x; then - DLLTOOL="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; + ;; esac - DLLTOOL=$ac_ct_DLLTOOL - fi -else - DLLTOOL="$ac_cv_prog_DLLTOOL" fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 +printf "%s\n" "$ac_cv_path_GREP" >&6; } + GREP="$ac_cv_path_GREP" - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. -set dummy ${ac_tool_prefix}objdump; ac_word=$2 -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_OBJDUMP+y} + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 +printf %s "checking for egrep... " >&6; } +if test ${ac_cv_path_EGREP+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$OBJDUMP"; then - ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH +else case e in #( + e) if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 + then ac_cv_path_EGREP="$GREP -E" + else + if test -z "$EGREP"; then + ac_path_EGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS case $as_dir in #((( @@ -7257,44 +7307,76 @@ do */) ;; *) as_dir=$as_dir/ ;; esac + for ac_prog in egrep + do for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" - printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 - break 2 - fi -done + ac_path_EGREP="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_EGREP" || continue +# Check for GNU ac_path_EGREP and select it if it is found. + # Check for GNU $ac_path_EGREP +case `"$ac_path_EGREP" --version 2>&1` in #( +*GNU*) + ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; +#( +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" 'EGREP' >> "conftest.nl" + "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_EGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_EGREP="$ac_path_EGREP" + ac_path_EGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break done -IFS=$as_save_IFS + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac -fi -fi -OBJDUMP=$ac_cv_prog_OBJDUMP -if test -n "$OBJDUMP"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 -printf "%s\n" "$OBJDUMP" >&6; } + $ac_path_EGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_EGREP"; then + as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } + ac_cv_path_EGREP=$EGREP fi - + fi ;; +esac fi -if test -z "$ac_cv_prog_OBJDUMP"; then - ac_ct_OBJDUMP=$OBJDUMP - # Extract the first word of "objdump", so it can be a program name with args. -set dummy objdump; ac_word=$2 -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_ac_ct_OBJDUMP+y} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 +printf "%s\n" "$ac_cv_path_EGREP" >&6; } + EGREP="$ac_cv_path_EGREP" + + EGREP_TRADITIONAL=$EGREP + ac_cv_path_EGREP_TRADITIONAL=$EGREP + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5 +printf %s "checking for fgrep... " >&6; } +if test ${ac_cv_path_FGREP+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_OBJDUMP"; then - ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH +else case e in #( + e) if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1 + then ac_cv_path_FGREP="$GREP -F" + else + if test -z "$FGREP"; then + ac_path_FGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS case $as_dir in #((( @@ -7302,58 +7384,67 @@ do */) ;; *) as_dir=$as_dir/ ;; esac + for ac_prog in fgrep + do for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_OBJDUMP="objdump" - printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 - break 2 - fi -done + ac_path_FGREP="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_FGREP" || continue +# Check for GNU ac_path_FGREP and select it if it is found. + # Check for GNU $ac_path_FGREP +case `"$ac_path_FGREP" --version 2>&1` in #( +*GNU*) + ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;; +#( +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" 'FGREP' >> "conftest.nl" + "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_FGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_FGREP="$ac_path_FGREP" + ac_path_FGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break done -IFS=$as_save_IFS - -fi -fi -ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP -if test -n "$ac_ct_OBJDUMP"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 -printf "%s\n" "$ac_ct_OBJDUMP" >&6; } -else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } -fi - - if test "x$ac_ct_OBJDUMP" = x; then - OBJDUMP="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac - OBJDUMP=$ac_ct_OBJDUMP + + $ac_path_FGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_FGREP"; then + as_fn_error $? "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else - OBJDUMP="$ac_cv_prog_OBJDUMP" + ac_cv_path_FGREP=$FGREP fi - ;; + fi ;; esac - -test -z "$AS" && AS=as - - +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5 +printf "%s\n" "$ac_cv_path_FGREP" >&6; } + FGREP="$ac_cv_path_FGREP" +test -z "$GREP" && GREP=grep -test -z "$DLLTOOL" && DLLTOOL=dlltool -test -z "$OBJDUMP" && OBJDUMP=objdump @@ -7361,88 +7452,120 @@ test -z "$OBJDUMP" && OBJDUMP=objdump -case `pwd` in - *\ * | *\ *) - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5 -printf "%s\n" "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;; -esac -macro_version='2.4.6' -macro_revision='2.4.6' +# Check whether --with-gnu-ld was given. +if test ${with_gnu_ld+y} +then : + withval=$with_gnu_ld; test no = "$withval" || with_gnu_ld=yes +else case e in #( + e) with_gnu_ld=no ;; +esac +fi - - - - - - - - - - -ltmain=$ac_aux_dir/ltmain.sh - -# Backslashify metacharacters that are still active within -# double-quoted strings. -sed_quote_subst='s/\(["`$\\]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\(["`\\]\)/\\\1/g' - -# Sed substitution to delay expansion of an escaped shell variable in a -# double_quote_subst'ed string. -delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' - -# Sed substitution to delay expansion of an escaped single quote. -delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' - -# Sed substitution to avoid accidental globbing in evaled expressions -no_glob_subst='s/\*/\\\*/g' - -ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO -ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO - -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5 -printf %s "checking how to print strings... " >&6; } -# Test print first, because it will be a builtin if present. -if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ - test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then - ECHO='print -r --' -elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then - ECHO='printf %s\n' +ac_prog=ld +if test yes = "$GCC"; then + # Check if gcc -print-prog-name=ld gives a path. + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 +printf %s "checking for ld used by $CC... " >&6; } + case $host in + *-*-mingw*) + # gcc leaves a trailing carriage return, which upsets mingw + ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; + *) + ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; + esac + case $ac_prog in + # Accept absolute paths. + [\\/]* | ?:[\\/]*) + re_direlt='/[^/][^/]*/\.\./' + # Canonicalize the pathname of ld + ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` + while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do + ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` + done + test -z "$LD" && LD=$ac_prog + ;; + "") + # If it fails, then pretend we aren't using GCC. + ac_prog=ld + ;; + *) + # If it is relative, then search for the first ld in PATH. + with_gnu_ld=unknown + ;; + esac +elif test yes = "$with_gnu_ld"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 +printf %s "checking for GNU ld... " >&6; } else - # Use this function as a fallback that always works. - func_fallback_echo () - { - eval 'cat <<_LTECHO_EOF -$1 -_LTECHO_EOF' - } - ECHO='func_fallback_echo' + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 +printf %s "checking for non-GNU ld... " >&6; } fi - -# func_echo_all arg... -# Invoke $ECHO with all args, space-separated. -func_echo_all () -{ - $ECHO "" -} - -case $ECHO in - printf*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: printf" >&5 -printf "%s\n" "printf" >&6; } ;; - print*) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: print -r" >&5 -printf "%s\n" "print -r" >&6; } ;; - *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: cat" >&5 -printf "%s\n" "cat" >&6; } ;; +if test ${lt_cv_path_LD+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) if test -z "$LD"; then + lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR + for ac_dir in $PATH; do + IFS=$lt_save_ifs + test -z "$ac_dir" && ac_dir=. + if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then + lt_cv_path_LD=$ac_dir/$ac_prog + # Check to see if the program is GNU ld. I'd rather use --version, + # but apparently some variants of GNU ld only accept -v. + # Break only if it was the GNU/non-GNU ld that we prefer. + case `"$lt_cv_path_LD" -v 2>&1 &5 +printf "%s\n" "$LD" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi +test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 +printf %s "checking if the linker ($LD) is GNU ld... " >&6; } +if test ${lt_cv_prog_gnu_ld+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) # I'd rather use --version here, but apparently some GNU lds only accept -v. +case `$LD -v 2>&1 &5 +printf "%s\n" "$lt_cv_prog_gnu_ld" >&6; } +with_gnu_ld=$lt_cv_prog_gnu_ld @@ -7452,26 +7575,86 @@ esac - - - - -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5 -printf %s "checking for a sed that does not truncate output... " >&6; } -if test ${ac_cv_path_SED+y} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5 +printf %s "checking for BSD- or MS-compatible name lister (nm)... " >&6; } +if test ${lt_cv_path_NM+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ - for ac_i in 1 2 3 4 5 6 7; do - ac_script="$ac_script$as_nl$ac_script" - done - echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed - { ac_script=; unset ac_script;} - if test -z "$SED"; then - ac_path_SED_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +else case e in #( + e) if test -n "$NM"; then + # Let the user override the test. + lt_cv_path_NM=$NM +else + lt_nm_to_check=${ac_tool_prefix}nm + if test -n "$ac_tool_prefix" && test "$build" = "$host"; then + lt_nm_to_check="$lt_nm_to_check nm" + fi + for lt_tmp_nm in $lt_nm_to_check; do + lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR + for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do + IFS=$lt_save_ifs + test -z "$ac_dir" && ac_dir=. + tmp_nm=$ac_dir/$lt_tmp_nm + if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext"; then + # Check to see if the nm accepts a BSD-compat flag. + # Adding the 'sed 1q' prevents false positives on HP-UX, which says: + # nm: unknown option "B" ignored + # Tru64's nm complains that /dev/null is an invalid object file + # MSYS converts /dev/null to NUL, MinGW nm treats NUL as empty + case $build_os in + mingw*) lt_bad_file=conftest.nm/nofile ;; + *) lt_bad_file=/dev/null ;; + esac + case `"$tmp_nm" -B $lt_bad_file 2>&1 | $SED '1q'` in + *$lt_bad_file* | *'Invalid file or object type'*) + lt_cv_path_NM="$tmp_nm -B" + break 2 + ;; + *) + case `"$tmp_nm" -p /dev/null 2>&1 | $SED '1q'` in + */dev/null*) + lt_cv_path_NM="$tmp_nm -p" + break 2 + ;; + *) + lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but + continue # so that we can try to find one that supports BSD flags + ;; + esac + ;; + esac + fi + done + IFS=$lt_save_ifs + done + : ${lt_cv_path_NM=no} +fi ;; +esac +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5 +printf "%s\n" "$lt_cv_path_NM" >&6; } +if test no != "$lt_cv_path_NM"; then + NM=$lt_cv_path_NM +else + # Didn't find any BSD compatible name lister, look for dumpbin. + if test -n "$DUMPBIN"; then : + # Let the user override the test. + else + if test -n "$ac_tool_prefix"; then + for ac_prog in dumpbin "link -dump" + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_DUMPBIN+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) if test -n "$DUMPBIN"; then + ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS @@ -7480,81 +7663,49 @@ do */) ;; *) as_dir=$as_dir/ ;; esac - for ac_prog in sed gsed - do for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_SED="$as_dir$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_SED" || continue -# Check for GNU ac_path_SED and select it if it is found. - # Check for GNU $ac_path_SED -case `"$ac_path_SED" --version 2>&1` in -*GNU*) - ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;; -*) - ac_count=0 - printf %s 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - printf "%s\n" '' >> "conftest.nl" - "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_SED_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_SED="$ac_path_SED" - ac_path_SED_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_SED_found && break 3 - done - done + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done IFS=$as_save_IFS - if test -z "$ac_cv_path_SED"; then - as_fn_error $? "no acceptable sed could be found in \$PATH" "$LINENO" 5 - fi -else - ac_cv_path_SED=$SED -fi +fi ;; +esac +fi +DUMPBIN=$ac_cv_prog_DUMPBIN +if test -n "$DUMPBIN"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5 +printf "%s\n" "$DUMPBIN" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5 -printf "%s\n" "$ac_cv_path_SED" >&6; } - SED="$ac_cv_path_SED" - rm -f conftest.sed - -test -z "$SED" && SED=sed -Xsed="$SED -e 1s/^X//" - - - - - - - - - -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 -printf %s "checking for grep that handles long lines and -e... " >&6; } -if test ${ac_cv_path_GREP+y} + test -n "$DUMPBIN" && break + done +fi +if test -z "$DUMPBIN"; then + ac_ct_DUMPBIN=$DUMPBIN + for ac_prog in dumpbin "link -dump" +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_DUMPBIN+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -z "$GREP"; then - ac_path_GREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +else case e in #( + e) if test -n "$ac_ct_DUMPBIN"; then + ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH do IFS=$as_save_IFS case $as_dir in #((( @@ -7562,214 +7713,264 @@ do */) ;; *) as_dir=$as_dir/ ;; esac - for ac_prog in grep ggrep - do for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_GREP="$as_dir$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_GREP" || continue -# Check for GNU ac_path_GREP and select it if it is found. - # Check for GNU $ac_path_GREP -case `"$ac_path_GREP" --version 2>&1` in -*GNU*) - ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; -*) - ac_count=0 - printf %s 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - printf "%s\n" 'GREP' >> "conftest.nl" - "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_GREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_GREP="$ac_path_GREP" - ac_path_GREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - - $ac_path_GREP_found && break 3 - done - done + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done IFS=$as_save_IFS - if test -z "$ac_cv_path_GREP"; then - as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi + +fi ;; +esac +fi +ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN +if test -n "$ac_ct_DUMPBIN"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5 +printf "%s\n" "$ac_ct_DUMPBIN" >&6; } else - ac_cv_path_GREP=$GREP + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi -fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 -printf "%s\n" "$ac_cv_path_GREP" >&6; } - GREP="$ac_cv_path_GREP" + test -n "$ac_ct_DUMPBIN" && break +done -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 -printf %s "checking for egrep... " >&6; } -if test ${ac_cv_path_EGREP+y} -then : - printf %s "(cached) " >&6 -else $as_nop - if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 - then ac_cv_path_EGREP="$GREP -E" - else - if test -z "$EGREP"; then - ac_path_EGREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - for ac_prog in egrep - do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_EGREP="$as_dir$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_EGREP" || continue -# Check for GNU ac_path_EGREP and select it if it is found. - # Check for GNU $ac_path_EGREP -case `"$ac_path_EGREP" --version 2>&1` in -*GNU*) - ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; -*) - ac_count=0 - printf %s 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - printf "%s\n" 'EGREP' >> "conftest.nl" - "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_EGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_EGREP="$ac_path_EGREP" - ac_path_EGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; + if test "x$ac_ct_DUMPBIN" = x; then + DUMPBIN=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; esac - - $ac_path_EGREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_EGREP"; then - as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + DUMPBIN=$ac_ct_DUMPBIN fi -else - ac_cv_path_EGREP=$EGREP fi - fi + case `$DUMPBIN -symbols -headers /dev/null 2>&1 | $SED '1q'` in + *COFF*) + DUMPBIN="$DUMPBIN -symbols -headers" + ;; + *) + DUMPBIN=: + ;; + esac + fi + + if test : != "$DUMPBIN"; then + NM=$DUMPBIN + fi fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 -printf "%s\n" "$ac_cv_path_EGREP" >&6; } - EGREP="$ac_cv_path_EGREP" +test -z "$NM" && NM=nm -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5 -printf %s "checking for fgrep... " >&6; } -if test ${ac_cv_path_FGREP+y} + + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5 +printf %s "checking the name lister ($NM) interface... " >&6; } +if test ${lt_cv_nm_interface+y} then : printf %s "(cached) " >&6 -else $as_nop - if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1 - then ac_cv_path_FGREP="$GREP -F" - else - if test -z "$FGREP"; then - ac_path_FGREP_found=false - # Loop through the user's path and test for each of PROGNAME-LIST - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - for ac_prog in fgrep - do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_FGREP="$as_dir$ac_prog$ac_exec_ext" - as_fn_executable_p "$ac_path_FGREP" || continue -# Check for GNU ac_path_FGREP and select it if it is found. - # Check for GNU $ac_path_FGREP -case `"$ac_path_FGREP" --version 2>&1` in -*GNU*) - ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;; -*) - ac_count=0 - printf %s 0123456789 >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - printf "%s\n" 'FGREP' >> "conftest.nl" - "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - as_fn_arith $ac_count + 1 && ac_count=$as_val - if test $ac_count -gt ${ac_path_FGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_FGREP="$ac_path_FGREP" - ac_path_FGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +else case e in #( + e) lt_cv_nm_interface="BSD nm" + echo "int some_variable = 0;" > conftest.$ac_ext + (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5) + (eval "$ac_compile" 2>conftest.err) + cat conftest.err >&5 + (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5) + (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) + cat conftest.err >&5 + (eval echo "\"\$as_me:$LINENO: output\"" >&5) + cat conftest.out >&5 + if $GREP 'External.*some_variable' conftest.out > /dev/null; then + lt_cv_nm_interface="MS dumpbin" + fi + rm -f conftest* ;; esac +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5 +printf "%s\n" "$lt_cv_nm_interface" >&6; } - $ac_path_FGREP_found && break 3 - done - done - done -IFS=$as_save_IFS - if test -z "$ac_cv_path_FGREP"; then - as_fn_error $? "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 - fi -else - ac_cv_path_FGREP=$FGREP +# find the maximum length of command line arguments +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5 +printf %s "checking the maximum length of command line arguments... " >&6; } +if test ${lt_cv_sys_max_cmd_len+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) i=0 + teststring=ABCD + + case $build_os in + msdosdjgpp*) + # On DJGPP, this test can blow up pretty badly due to problems in libc + # (any single argument exceeding 2000 bytes causes a buffer overrun + # during glob expansion). Even if it were fixed, the result of this + # check would be larger than it should be. + lt_cv_sys_max_cmd_len=12288; # 12K is about right + ;; + + gnu*) + # Under GNU Hurd, this test is not required because there is + # no limit to the length of command line arguments. + # Libtool will interpret -1 as no limit whatsoever + lt_cv_sys_max_cmd_len=-1; + ;; + + cygwin* | mingw* | cegcc*) + # On Win9x/ME, this test blows up -- it succeeds, but takes + # about 5 minutes as the teststring grows exponentially. + # Worse, since 9x/ME are not pre-emptively multitasking, + # you end up with a "frozen" computer, even though with patience + # the test eventually succeeds (with a max line length of 256k). + # Instead, let's just punt: use the minimum linelength reported by + # all of the supported platforms: 8192 (on NT/2K/XP). + lt_cv_sys_max_cmd_len=8192; + ;; + + mint*) + # On MiNT this can take a long time and run out of memory. + lt_cv_sys_max_cmd_len=8192; + ;; + + amigaos*) + # On AmigaOS with pdksh, this test takes hours, literally. + # So we just punt and use a minimum line length of 8192. + lt_cv_sys_max_cmd_len=8192; + ;; + + bitrig* | darwin* | dragonfly* | freebsd* | midnightbsd* | netbsd* | openbsd*) + # This has been around since 386BSD, at least. Likely further. + if test -x /sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` + elif test -x /usr/sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` + else + lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs + fi + # And add a safety zone + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + ;; + + interix*) + # We know the value 262144 and hardcode it with a safety zone (like BSD) + lt_cv_sys_max_cmd_len=196608 + ;; + + os2*) + # The test takes a long time on OS/2. + lt_cv_sys_max_cmd_len=8192 + ;; + + osf*) + # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure + # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not + # nice to cause kernel panics so lets avoid the loop below. + # First set a reasonable default. + lt_cv_sys_max_cmd_len=16384 + # + if test -x /sbin/sysconfig; then + case `/sbin/sysconfig -q proc exec_disable_arg_limit` in + *1*) lt_cv_sys_max_cmd_len=-1 ;; + esac + fi + ;; + sco3.2v5*) + lt_cv_sys_max_cmd_len=102400 + ;; + sysv5* | sco5v6* | sysv4.2uw2*) + kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` + if test -n "$kargmax"; then + lt_cv_sys_max_cmd_len=`echo $kargmax | $SED 's/.*[ ]//'` + else + lt_cv_sys_max_cmd_len=32768 + fi + ;; + *) + lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` + if test -n "$lt_cv_sys_max_cmd_len" && \ + test undefined != "$lt_cv_sys_max_cmd_len"; then + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + else + # Make teststring a little bigger before we do anything with it. + # a 1K string should be a reasonable start. + for i in 1 2 3 4 5 6 7 8; do + teststring=$teststring$teststring + done + SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} + # If test is not a shell built-in, we'll probably end up computing a + # maximum length that is only half of the actual maximum length, but + # we can't tell. + while { test X`env echo "$teststring$teststring" 2>/dev/null` \ + = "X$teststring$teststring"; } >/dev/null 2>&1 && + test 17 != "$i" # 1/2 MB should be enough + do + i=`expr $i + 1` + teststring=$teststring$teststring + done + # Only check the string length outside the loop. + lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` + teststring= + # Add a significant safety factor because C++ compilers can tack on + # massive amounts of additional arguments before passing them to the + # linker. It appears as though 1/2 is a usable value. + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` + fi + ;; + esac + ;; +esac fi - fi +if test -n "$lt_cv_sys_max_cmd_len"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5 +printf "%s\n" "$lt_cv_sys_max_cmd_len" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none" >&5 +printf "%s\n" "none" >&6; } fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5 -printf "%s\n" "$ac_cv_path_FGREP" >&6; } - FGREP="$ac_cv_path_FGREP" +max_cmd_len=$lt_cv_sys_max_cmd_len -test -z "$GREP" && GREP=grep +: ${CP="cp -f"} +: ${MV="mv -f"} +: ${RM="rm -f"} +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then + lt_unset=unset +else + lt_unset=false +fi +# test EBCDIC or ASCII +case `echo X|tr X '\101'` in + A) # ASCII based system + # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr + lt_SP2NL='tr \040 \012' + lt_NL2SP='tr \015\012 \040\040' + ;; + *) # EBCDIC based system + lt_SP2NL='tr \100 \n' + lt_NL2SP='tr \r\n \100\100' + ;; +esac @@ -7779,111 +7980,115 @@ test -z "$GREP" && GREP=grep -# Check whether --with-gnu-ld was given. -if test ${with_gnu_ld+y} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5 +printf %s "checking how to convert $build file names to $host format... " >&6; } +if test ${lt_cv_to_host_file_cmd+y} then : - withval=$with_gnu_ld; test no = "$withval" || with_gnu_ld=yes -else $as_nop - with_gnu_ld=no + printf %s "(cached) " >&6 +else case e in #( + e) case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 + ;; + esac + ;; + *-*-cygwin* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin + ;; + esac + ;; + * ) # unhandled hosts (and "normal" native builds) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; +esac + ;; +esac fi -ac_prog=ld -if test yes = "$GCC"; then - # Check if gcc -print-prog-name=ld gives a path. - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 -printf %s "checking for ld used by $CC... " >&6; } - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return, which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [\\/]* | ?:[\\/]*) - re_direlt='/[^/][^/]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` - while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do - ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` - done - test -z "$LD" && LD=$ac_prog - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test yes = "$with_gnu_ld"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 -printf %s "checking for GNU ld... " >&6; } -else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 -printf %s "checking for non-GNU ld... " >&6; } -fi -if test ${lt_cv_path_LD+y} +to_host_file_cmd=$lt_cv_to_host_file_cmd +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5 +printf "%s\n" "$lt_cv_to_host_file_cmd" >&6; } + + + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5 +printf %s "checking how to convert $build file names to toolchain format... " >&6; } +if test ${lt_cv_to_tool_file_cmd+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -z "$LD"; then - lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS=$lt_save_ifs - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - lt_cv_path_LD=$ac_dir/$ac_prog - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$lt_cv_path_LD" -v 2>&1 &5 -printf "%s\n" "$LD" >&6; } -else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } -fi -test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5 -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 -printf %s "checking if the linker ($LD) is GNU ld... " >&6; } -if test ${lt_cv_prog_gnu_ld+y} +to_tool_file_cmd=$lt_cv_to_tool_file_cmd +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5 +printf "%s\n" "$lt_cv_to_tool_file_cmd" >&6; } + + + + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5 +printf %s "checking for $LD option to reload object files... " >&6; } +if test ${lt_cv_ld_reload_flag+y} then : printf %s "(cached) " >&6 -else $as_nop - # I'd rather use --version here, but apparently some GNU lds only accept -v. -case `$LD -v 2>&1 &5 -printf "%s\n" "$lt_cv_prog_gnu_ld" >&6; } -with_gnu_ld=$lt_cv_prog_gnu_ld +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5 +printf "%s\n" "$lt_cv_ld_reload_flag" >&6; } +reload_flag=$lt_cv_ld_reload_flag +case $reload_flag in +"" | " "*) ;; +*) reload_flag=" $reload_flag" ;; +esac +reload_cmds='$LD$reload_flag -o $output$reload_objs' +case $host_os in + cygwin* | mingw* | pw32* | cegcc*) + if test yes != "$GCC"; then + reload_cmds=false + fi + ;; + darwin*) + if test yes = "$GCC"; then + reload_cmds='$LTCC $LTCFLAGS -nostdlib $wl-r -o $output$reload_objs' + else + reload_cmds='$LD$reload_flag -o $output$reload_objs' + fi + ;; +esac @@ -7893,83 +8098,17 @@ with_gnu_ld=$lt_cv_prog_gnu_ld -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5 -printf %s "checking for BSD- or MS-compatible name lister (nm)... " >&6; } -if test ${lt_cv_path_NM+y} -then : - printf %s "(cached) " >&6 -else $as_nop - if test -n "$NM"; then - # Let the user override the test. - lt_cv_path_NM=$NM -else - lt_nm_to_check=${ac_tool_prefix}nm - if test -n "$ac_tool_prefix" && test "$build" = "$host"; then - lt_nm_to_check="$lt_nm_to_check nm" - fi - for lt_tmp_nm in $lt_nm_to_check; do - lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR - for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do - IFS=$lt_save_ifs - test -z "$ac_dir" && ac_dir=. - tmp_nm=$ac_dir/$lt_tmp_nm - if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext"; then - # Check to see if the nm accepts a BSD-compat flag. - # Adding the 'sed 1q' prevents false positives on HP-UX, which says: - # nm: unknown option "B" ignored - # Tru64's nm complains that /dev/null is an invalid object file - # MSYS converts /dev/null to NUL, MinGW nm treats NUL as empty - case $build_os in - mingw*) lt_bad_file=conftest.nm/nofile ;; - *) lt_bad_file=/dev/null ;; - esac - case `"$tmp_nm" -B $lt_bad_file 2>&1 | sed '1q'` in - *$lt_bad_file* | *'Invalid file or object type'*) - lt_cv_path_NM="$tmp_nm -B" - break 2 - ;; - *) - case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in - */dev/null*) - lt_cv_path_NM="$tmp_nm -p" - break 2 - ;; - *) - lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but - continue # so that we can try to find one that supports BSD flags - ;; - esac - ;; - esac - fi - done - IFS=$lt_save_ifs - done - : ${lt_cv_path_NM=no} -fi -fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5 -printf "%s\n" "$lt_cv_path_NM" >&6; } -if test no != "$lt_cv_path_NM"; then - NM=$lt_cv_path_NM -else - # Didn't find any BSD compatible name lister, look for dumpbin. - if test -n "$DUMPBIN"; then : - # Let the user override the test. - else - if test -n "$ac_tool_prefix"; then - for ac_prog in dumpbin "link -dump" - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}file", so it can be a program name with args. +set dummy ${ac_tool_prefix}file; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_DUMPBIN+y} +if test ${ac_cv_prog_FILECMD+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$DUMPBIN"; then - ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test. +else case e in #( + e) if test -n "$FILECMD"; then + ac_cv_prog_FILECMD="$FILECMD" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH @@ -7982,7 +8121,7 @@ do esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" + ac_cv_prog_FILECMD="${ac_tool_prefix}file" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi @@ -7990,35 +8129,32 @@ done done IFS=$as_save_IFS +fi ;; +esac fi -fi -DUMPBIN=$ac_cv_prog_DUMPBIN -if test -n "$DUMPBIN"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5 -printf "%s\n" "$DUMPBIN" >&6; } +FILECMD=$ac_cv_prog_FILECMD +if test -n "$FILECMD"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $FILECMD" >&5 +printf "%s\n" "$FILECMD" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi - test -n "$DUMPBIN" && break - done fi -if test -z "$DUMPBIN"; then - ac_ct_DUMPBIN=$DUMPBIN - for ac_prog in dumpbin "link -dump" -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 +if test -z "$ac_cv_prog_FILECMD"; then + ac_ct_FILECMD=$FILECMD + # Extract the first word of "file", so it can be a program name with args. +set dummy file; ac_word=$2 { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_ac_ct_DUMPBIN+y} +if test ${ac_cv_prog_ac_ct_FILECMD+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_DUMPBIN"; then - ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test. +else case e in #( + e) if test -n "$ac_ct_FILECMD"; then + ac_cv_prog_ac_ct_FILECMD="$ac_ct_FILECMD" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH @@ -8031,7 +8167,7 @@ do esac for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" + ac_cv_prog_ac_ct_FILECMD="file" printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 break 2 fi @@ -8039,23 +8175,20 @@ done done IFS=$as_save_IFS +fi ;; +esac fi -fi -ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN -if test -n "$ac_ct_DUMPBIN"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5 -printf "%s\n" "$ac_ct_DUMPBIN" >&6; } +ac_ct_FILECMD=$ac_cv_prog_ac_ct_FILECMD +if test -n "$ac_ct_FILECMD"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_FILECMD" >&5 +printf "%s\n" "$ac_ct_FILECMD" >&6; } else { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } fi - - test -n "$ac_ct_DUMPBIN" && break -done - - if test "x$ac_ct_DUMPBIN" = x; then - DUMPBIN=":" + if test "x$ac_ct_FILECMD" = x; then + FILECMD=":" else case $cross_compiling:$ac_tool_warned in yes:) @@ -8063,467 +8196,136 @@ yes:) printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - DUMPBIN=$ac_ct_DUMPBIN + FILECMD=$ac_ct_FILECMD fi +else + FILECMD="$ac_cv_prog_FILECMD" fi - case `$DUMPBIN -symbols -headers /dev/null 2>&1 | sed '1q'` in - *COFF*) - DUMPBIN="$DUMPBIN -symbols -headers" - ;; - *) - DUMPBIN=: - ;; - esac - fi - - if test : != "$DUMPBIN"; then - NM=$DUMPBIN - fi -fi -test -z "$NM" && NM=nm -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5 -printf %s "checking the name lister ($NM) interface... " >&6; } -if test ${lt_cv_nm_interface+y} +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. +set dummy ${ac_tool_prefix}objdump; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_OBJDUMP+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_nm_interface="BSD nm" - echo "int some_variable = 0;" > conftest.$ac_ext - (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5) - (eval "$ac_compile" 2>conftest.err) - cat conftest.err >&5 - (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5) - (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) - cat conftest.err >&5 - (eval echo "\"\$as_me:$LINENO: output\"" >&5) - cat conftest.out >&5 - if $GREP 'External.*some_variable' conftest.out > /dev/null; then - lt_cv_nm_interface="MS dumpbin" +else case e in #( + e) if test -n "$OBJDUMP"; then + ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 fi - rm -f conftest* +done + done +IFS=$as_save_IFS + +fi ;; +esac +fi +OBJDUMP=$ac_cv_prog_OBJDUMP +if test -n "$OBJDUMP"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 +printf "%s\n" "$OBJDUMP" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5 -printf "%s\n" "$lt_cv_nm_interface" >&6; } -# find the maximum length of command line arguments -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5 -printf %s "checking the maximum length of command line arguments... " >&6; } -if test ${lt_cv_sys_max_cmd_len+y} + +fi +if test -z "$ac_cv_prog_OBJDUMP"; then + ac_ct_OBJDUMP=$OBJDUMP + # Extract the first word of "objdump", so it can be a program name with args. +set dummy objdump; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_OBJDUMP+y} then : printf %s "(cached) " >&6 -else $as_nop - i=0 - teststring=ABCD - - case $build_os in - msdosdjgpp*) - # On DJGPP, this test can blow up pretty badly due to problems in libc - # (any single argument exceeding 2000 bytes causes a buffer overrun - # during glob expansion). Even if it were fixed, the result of this - # check would be larger than it should be. - lt_cv_sys_max_cmd_len=12288; # 12K is about right - ;; - - gnu*) - # Under GNU Hurd, this test is not required because there is - # no limit to the length of command line arguments. - # Libtool will interpret -1 as no limit whatsoever - lt_cv_sys_max_cmd_len=-1; - ;; - - cygwin* | mingw* | cegcc*) - # On Win9x/ME, this test blows up -- it succeeds, but takes - # about 5 minutes as the teststring grows exponentially. - # Worse, since 9x/ME are not pre-emptively multitasking, - # you end up with a "frozen" computer, even though with patience - # the test eventually succeeds (with a max line length of 256k). - # Instead, let's just punt: use the minimum linelength reported by - # all of the supported platforms: 8192 (on NT/2K/XP). - lt_cv_sys_max_cmd_len=8192; - ;; - - mint*) - # On MiNT this can take a long time and run out of memory. - lt_cv_sys_max_cmd_len=8192; - ;; - - amigaos*) - # On AmigaOS with pdksh, this test takes hours, literally. - # So we just punt and use a minimum line length of 8192. - lt_cv_sys_max_cmd_len=8192; - ;; - - bitrig* | darwin* | dragonfly* | freebsd* | netbsd* | openbsd*) - # This has been around since 386BSD, at least. Likely further. - if test -x /sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` - elif test -x /usr/sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` - else - lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs - fi - # And add a safety zone - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - ;; - - interix*) - # We know the value 262144 and hardcode it with a safety zone (like BSD) - lt_cv_sys_max_cmd_len=196608 - ;; - - os2*) - # The test takes a long time on OS/2. - lt_cv_sys_max_cmd_len=8192 - ;; - - osf*) - # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure - # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not - # nice to cause kernel panics so lets avoid the loop below. - # First set a reasonable default. - lt_cv_sys_max_cmd_len=16384 - # - if test -x /sbin/sysconfig; then - case `/sbin/sysconfig -q proc exec_disable_arg_limit` in - *1*) lt_cv_sys_max_cmd_len=-1 ;; - esac - fi - ;; - sco3.2v5*) - lt_cv_sys_max_cmd_len=102400 - ;; - sysv5* | sco5v6* | sysv4.2uw2*) - kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` - if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'` - else - lt_cv_sys_max_cmd_len=32768 - fi - ;; - *) - lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` - if test -n "$lt_cv_sys_max_cmd_len" && \ - test undefined != "$lt_cv_sys_max_cmd_len"; then - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - else - # Make teststring a little bigger before we do anything with it. - # a 1K string should be a reasonable start. - for i in 1 2 3 4 5 6 7 8; do - teststring=$teststring$teststring - done - SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. - while { test X`env echo "$teststring$teststring" 2>/dev/null` \ - = "X$teststring$teststring"; } >/dev/null 2>&1 && - test 17 != "$i" # 1/2 MB should be enough - do - i=`expr $i + 1` - teststring=$teststring$teststring - done - # Only check the string length outside the loop. - lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` - teststring= - # Add a significant safety factor because C++ compilers can tack on - # massive amounts of additional arguments before passing them to the - # linker. It appears as though 1/2 is a usable value. - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` - fi - ;; +else case e in #( + e) if test -n "$ac_ct_OBJDUMP"; then + ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_OBJDUMP="objdump" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi ;; +esac fi - -if test -n "$lt_cv_sys_max_cmd_len"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5 -printf "%s\n" "$lt_cv_sys_max_cmd_len" >&6; } +ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP +if test -n "$ac_ct_OBJDUMP"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 +printf "%s\n" "$ac_ct_OBJDUMP" >&6; } else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: none" >&5 -printf "%s\n" "none" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi -max_cmd_len=$lt_cv_sys_max_cmd_len - - - - - -: ${CP="cp -f"} -: ${MV="mv -f"} -: ${RM="rm -f"} - -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - lt_unset=unset + if test "x$ac_ct_OBJDUMP" = x; then + OBJDUMP="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OBJDUMP=$ac_ct_OBJDUMP + fi else - lt_unset=false + OBJDUMP="$ac_cv_prog_OBJDUMP" fi - - - - -# test EBCDIC or ASCII -case `echo X|tr X '\101'` in - A) # ASCII based system - # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr - lt_SP2NL='tr \040 \012' - lt_NL2SP='tr \015\012 \040\040' - ;; - *) # EBCDIC based system - lt_SP2NL='tr \100 \n' - lt_NL2SP='tr \r\n \100\100' - ;; -esac - - - +test -z "$OBJDUMP" && OBJDUMP=objdump -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5 -printf %s "checking how to convert $build file names to $host format... " >&6; } -if test ${lt_cv_to_host_file_cmd+y} +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5 +printf %s "checking how to recognize dependent libraries... " >&6; } +if test ${lt_cv_deplibs_check_method+y} then : printf %s "(cached) " >&6 -else $as_nop - case $host in - *-*-mingw* ) - case $build in - *-*-mingw* ) # actually msys - lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 - ;; - *-*-cygwin* ) - lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 - ;; - * ) # otherwise, assume *nix - lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 - ;; - esac - ;; - *-*-cygwin* ) - case $build in - *-*-mingw* ) # actually msys - lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin - ;; - *-*-cygwin* ) - lt_cv_to_host_file_cmd=func_convert_file_noop - ;; - * ) # otherwise, assume *nix - lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin - ;; - esac - ;; - * ) # unhandled hosts (and "normal" native builds) - lt_cv_to_host_file_cmd=func_convert_file_noop - ;; -esac - -fi - -to_host_file_cmd=$lt_cv_to_host_file_cmd -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5 -printf "%s\n" "$lt_cv_to_host_file_cmd" >&6; } - - - - - -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5 -printf %s "checking how to convert $build file names to toolchain format... " >&6; } -if test ${lt_cv_to_tool_file_cmd+y} -then : - printf %s "(cached) " >&6 -else $as_nop - #assume ordinary cross tools, or native build. -lt_cv_to_tool_file_cmd=func_convert_file_noop -case $host in - *-*-mingw* ) - case $build in - *-*-mingw* ) # actually msys - lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 - ;; - esac - ;; -esac - -fi - -to_tool_file_cmd=$lt_cv_to_tool_file_cmd -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5 -printf "%s\n" "$lt_cv_to_tool_file_cmd" >&6; } - - - - - -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5 -printf %s "checking for $LD option to reload object files... " >&6; } -if test ${lt_cv_ld_reload_flag+y} -then : - printf %s "(cached) " >&6 -else $as_nop - lt_cv_ld_reload_flag='-r' -fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5 -printf "%s\n" "$lt_cv_ld_reload_flag" >&6; } -reload_flag=$lt_cv_ld_reload_flag -case $reload_flag in -"" | " "*) ;; -*) reload_flag=" $reload_flag" ;; -esac -reload_cmds='$LD$reload_flag -o $output$reload_objs' -case $host_os in - cygwin* | mingw* | pw32* | cegcc*) - if test yes != "$GCC"; then - reload_cmds=false - fi - ;; - darwin*) - if test yes = "$GCC"; then - reload_cmds='$LTCC $LTCFLAGS -nostdlib $wl-r -o $output$reload_objs' - else - reload_cmds='$LD$reload_flag -o $output$reload_objs' - fi - ;; -esac - - - - - - - - - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. -set dummy ${ac_tool_prefix}objdump; ac_word=$2 -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_OBJDUMP+y} -then : - printf %s "(cached) " >&6 -else $as_nop - if test -n "$OBJDUMP"; then - ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" - printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -OBJDUMP=$ac_cv_prog_OBJDUMP -if test -n "$OBJDUMP"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 -printf "%s\n" "$OBJDUMP" >&6; } -else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_OBJDUMP"; then - ac_ct_OBJDUMP=$OBJDUMP - # Extract the first word of "objdump", so it can be a program name with args. -set dummy objdump; ac_word=$2 -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -printf %s "checking for $ac_word... " >&6; } -if test ${ac_cv_prog_ac_ct_OBJDUMP+y} -then : - printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_OBJDUMP"; then - ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - case $as_dir in #((( - '') as_dir=./ ;; - */) ;; - *) as_dir=$as_dir/ ;; - esac - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then - ac_cv_prog_ac_ct_OBJDUMP="objdump" - printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP -if test -n "$ac_ct_OBJDUMP"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 -printf "%s\n" "$ac_ct_OBJDUMP" >&6; } -else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } -fi - - if test "x$ac_ct_OBJDUMP" = x; then - OBJDUMP="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 -printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} -ac_tool_warned=yes ;; -esac - OBJDUMP=$ac_ct_OBJDUMP - fi -else - OBJDUMP="$ac_cv_prog_OBJDUMP" -fi - -test -z "$OBJDUMP" && OBJDUMP=objdump - - - - - - -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5 -printf %s "checking how to recognize dependent libraries... " >&6; } -if test ${lt_cv_deplibs_check_method+y} -then : - printf %s "(cached) " >&6 -else $as_nop - lt_cv_file_magic_cmd='$MAGIC_CMD' +else case e in #( + e) lt_cv_file_magic_cmd='$MAGIC_CMD' lt_cv_file_magic_test_file= lt_cv_deplibs_check_method='unknown' # Need to set the preceding variable on all platforms that support @@ -8548,7 +8350,7 @@ beos*) bsdi[45]*) lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' - lt_cv_file_magic_cmd='/usr/bin/file -L' + lt_cv_file_magic_cmd='$FILECMD -L' lt_cv_file_magic_test_file=/shlib/libc.so ;; @@ -8582,14 +8384,14 @@ darwin* | rhapsody*) lt_cv_deplibs_check_method=pass_all ;; -freebsd* | dragonfly*) +freebsd* | dragonfly* | midnightbsd*) if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then case $host_cpu in i*86 ) # Not sure whether the presence of OpenBSD here was a mistake. # Let's accept both of them until this is cleared up. lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_cmd=$FILECMD lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` ;; esac @@ -8603,7 +8405,7 @@ haiku*) ;; hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_cmd=$FILECMD case $host_cpu in ia64*) lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64' @@ -8650,7 +8452,7 @@ netbsd* | netbsdelf*-gnu) newos6*) lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_cmd=$FILECMD lt_cv_file_magic_test_file=/usr/lib/libnls.so ;; @@ -8716,7 +8518,8 @@ os2*) lt_cv_deplibs_check_method=pass_all ;; esac - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5 printf "%s\n" "$lt_cv_deplibs_check_method" >&6; } @@ -8768,8 +8571,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_DLLTOOL+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$DLLTOOL"; then +else case e in #( + e) if test -n "$DLLTOOL"; then ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -8791,7 +8594,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi DLLTOOL=$ac_cv_prog_DLLTOOL if test -n "$DLLTOOL"; then @@ -8813,8 +8617,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_DLLTOOL+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_DLLTOOL"; then +else case e in #( + e) if test -n "$ac_ct_DLLTOOL"; then ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -8836,7 +8640,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL if test -n "$ac_ct_DLLTOOL"; then @@ -8875,8 +8680,8 @@ printf %s "checking how to associate runtime and link libraries... " >&6; } if test ${lt_cv_sharedlib_from_linklib_cmd+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_sharedlib_from_linklib_cmd='unknown' +else case e in #( + e) lt_cv_sharedlib_from_linklib_cmd='unknown' case $host_os in cygwin* | mingw* | pw32* | cegcc*) @@ -8896,7 +8701,8 @@ cygwin* | mingw* | pw32* | cegcc*) lt_cv_sharedlib_from_linklib_cmd=$ECHO ;; esac - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5 printf "%s\n" "$lt_cv_sharedlib_from_linklib_cmd" >&6; } @@ -8919,8 +8725,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_AR+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$AR"; then +else case e in #( + e) if test -n "$AR"; then ac_cv_prog_AR="$AR" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -8942,7 +8748,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi AR=$ac_cv_prog_AR if test -n "$AR"; then @@ -8968,8 +8775,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_AR+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_AR"; then +else case e in #( + e) if test -n "$ac_ct_AR"; then ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -8991,7 +8798,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_AR=$ac_cv_prog_ac_ct_AR if test -n "$ac_ct_AR"; then @@ -9020,13 +8828,29 @@ esac fi : ${AR=ar} -: ${AR_FLAGS=cr} +# Use ARFLAGS variable as AR's operation code to sync the variable naming with +# Automake. If both AR_FLAGS and ARFLAGS are specified, AR_FLAGS should have +# higher priority because thats what people were doing historically (setting +# ARFLAGS for automake and AR_FLAGS for libtool). FIXME: Make the AR_FLAGS +# variable obsoleted/removed. + +test ${AR_FLAGS+y} || AR_FLAGS=${ARFLAGS-cr} +lt_ar_flags=$AR_FLAGS + + + + + + +# Make AR_FLAGS overridable by 'make ARFLAGS='. Don't try to run-time override +# by AR_FLAGS because that was never working and AR_FLAGS is about to die. + @@ -9037,8 +8861,8 @@ printf %s "checking for archiver @FILE support... " >&6; } if test ${lt_cv_ar_at_file+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_ar_at_file=no +else case e in #( + e) lt_cv_ar_at_file=no cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -9075,7 +8899,8 @@ then : fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5 printf "%s\n" "$lt_cv_ar_at_file" >&6; } @@ -9100,8 +8925,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_STRIP+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$STRIP"; then +else case e in #( + e) if test -n "$STRIP"; then ac_cv_prog_STRIP="$STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -9123,7 +8948,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi STRIP=$ac_cv_prog_STRIP if test -n "$STRIP"; then @@ -9145,8 +8971,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_STRIP+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_STRIP"; then +else case e in #( + e) if test -n "$ac_ct_STRIP"; then ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -9168,7 +8994,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP if test -n "$ac_ct_STRIP"; then @@ -9209,8 +9036,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_RANLIB+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$RANLIB"; then +else case e in #( + e) if test -n "$RANLIB"; then ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -9232,7 +9059,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi RANLIB=$ac_cv_prog_RANLIB if test -n "$RANLIB"; then @@ -9254,8 +9082,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_RANLIB+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_RANLIB"; then +else case e in #( + e) if test -n "$ac_ct_RANLIB"; then ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -9277,7 +9105,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB if test -n "$ac_ct_RANLIB"; then @@ -9388,8 +9217,8 @@ printf %s "checking command to parse $NM output from $compiler object... " >&6; if test ${lt_cv_sys_global_symbol_pipe+y} then : printf %s "(cached) " >&6 -else $as_nop - +else case e in #( + e) # These are sane defaults that work on at least a few old systems. # [They come from Ultrix. What could be older than Ultrix?!! ;)] @@ -9443,7 +9272,7 @@ esac if test "$lt_cv_nm_interface" = "MS dumpbin"; then # Gets list of data symbols to import. - lt_cv_sys_global_symbol_to_import="sed -n -e 's/^I .* \(.*\)$/\1/p'" + lt_cv_sys_global_symbol_to_import="$SED -n -e 's/^I .* \(.*\)$/\1/p'" # Adjust the below global symbol transforms to fixup imported variables. lt_cdecl_hook=" -e 's/^I .* \(.*\)$/extern __declspec(dllimport) char \1;/p'" lt_c_name_hook=" -e 's/^I .* \(.*\)$/ {\"\1\", (void *) 0},/p'" @@ -9461,20 +9290,20 @@ fi # Transform an extracted symbol line into a proper C declaration. # Some systems (esp. on ia64) link data and code symbols differently, # so use this general approach. -lt_cv_sys_global_symbol_to_cdecl="sed -n"\ +lt_cv_sys_global_symbol_to_cdecl="$SED -n"\ $lt_cdecl_hook\ " -e 's/^T .* \(.*\)$/extern int \1();/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/extern char \1;/p'" # Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n"\ +lt_cv_sys_global_symbol_to_c_name_address="$SED -n"\ $lt_c_name_hook\ " -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/ {\"\1\", (void *) \&\1},/p'" # Transform an extracted symbol line into symbol name with lib prefix and # symbol address. -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n"\ +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="$SED -n"\ $lt_c_name_lib_hook\ " -e 's/^: \(.*\) .*$/ {\"\1\", (void *) 0},/p'"\ " -e 's/^$symcode$symcode* .* \(lib.*\)$/ {\"\1\", (void *) \&\1},/p'"\ @@ -9498,7 +9327,7 @@ for ac_symprfx in "" "_"; do if test "$lt_cv_nm_interface" = "MS dumpbin"; then # Fake it for dumpbin and say T for any non-static function, # D for any global variable and I for any imported variable. - # Also find C++ and __fastcall symbols from MSVC++, + # Also find C++ and __fastcall symbols from MSVC++ or ICC, # which start with @ or ?. lt_cv_sys_global_symbol_pipe="$AWK '"\ " {last_section=section; section=\$ 3};"\ @@ -9516,9 +9345,9 @@ for ac_symprfx in "" "_"; do " s[1]~prfx {split(s[1],t,\"@\"); print f,t[1],substr(t[1],length(prfx))}"\ " ' prfx=^$ac_symprfx" else - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" + lt_cv_sys_global_symbol_pipe="$SED -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" fi - lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" + lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | $SED '/ __gnu_lto/d'" # Check to see that the pipe works correctly. pipe_works=no @@ -9641,7 +9470,8 @@ _LT_EOF lt_cv_sys_global_symbol_pipe= fi done - + ;; +esac fi if test -z "$lt_cv_sys_global_symbol_pipe"; then @@ -9705,8 +9535,9 @@ printf %s "checking for sysroot... " >&6; } if test ${with_sysroot+y} then : withval=$with_sysroot; -else $as_nop - with_sysroot=no +else case e in #( + e) with_sysroot=no ;; +esac fi @@ -9718,7 +9549,7 @@ case $with_sysroot in #( fi ;; #( /*) - lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` + lt_sysroot=`echo "$with_sysroot" | $SED -e "$sed_quote_subst"` ;; #( no|'') ;; #( @@ -9741,8 +9572,8 @@ printf %s "checking for a working dd... " >&6; } if test ${ac_cv_path_lt_DD+y} then : printf %s "(cached) " >&6 -else $as_nop - printf 0123456789abcdef0123456789abcdef >conftest.i +else case e in #( + e) printf 0123456789abcdef0123456789abcdef >conftest.i cat conftest.i conftest.i >conftest2.i : ${lt_DD:=$DD} if test -z "$lt_DD"; then @@ -9778,7 +9609,8 @@ else ac_cv_path_lt_DD=$lt_DD fi -rm -f conftest.i conftest2.i conftest.out +rm -f conftest.i conftest2.i conftest.out ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_lt_DD" >&5 printf "%s\n" "$ac_cv_path_lt_DD" >&6; } @@ -9789,8 +9621,8 @@ printf %s "checking how to truncate binary pipes... " >&6; } if test ${lt_cv_truncate_bin+y} then : printf %s "(cached) " >&6 -else $as_nop - printf 0123456789abcdef0123456789abcdef >conftest.i +else case e in #( + e) printf 0123456789abcdef0123456789abcdef >conftest.i cat conftest.i conftest.i >conftest2.i lt_cv_truncate_bin= if "$ac_cv_path_lt_DD" bs=32 count=1 conftest.out 2>/dev/null; then @@ -9798,7 +9630,8 @@ if "$ac_cv_path_lt_DD" bs=32 count=1 conftest.out 2>/dev/null; the && lt_cv_truncate_bin="$ac_cv_path_lt_DD bs=4096 count=1" fi rm -f conftest.i conftest2.i conftest.out -test -z "$lt_cv_truncate_bin" && lt_cv_truncate_bin="$SED -e 4q" +test -z "$lt_cv_truncate_bin" && lt_cv_truncate_bin="$SED -e 4q" ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_truncate_bin" >&5 printf "%s\n" "$lt_cv_truncate_bin" >&6; } @@ -9843,7 +9676,7 @@ ia64-*-hpux*) ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *ELF-32*) HPUX_IA64_MODE=32 ;; @@ -9864,7 +9697,7 @@ ia64-*-hpux*) printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then if test yes = "$lt_cv_prog_gnu_ld"; then - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *32-bit*) LD="${LD-ld} -melf32bsmip" ;; @@ -9876,7 +9709,7 @@ ia64-*-hpux*) ;; esac else - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *32-bit*) LD="${LD-ld} -32" ;; @@ -9902,7 +9735,7 @@ mips64*-*linux*) printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then emul=elf - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *32-bit*) emul="${emul}32" ;; @@ -9910,7 +9743,7 @@ mips64*-*linux*) emul="${emul}64" ;; esac - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *MSB*) emul="${emul}btsmip" ;; @@ -9918,7 +9751,7 @@ mips64*-*linux*) emul="${emul}ltsmip" ;; esac - case `/usr/bin/file conftest.$ac_objext` in + case `$FILECMD conftest.$ac_objext` in *N32*) emul="${emul}n32" ;; @@ -9942,14 +9775,14 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - case `/usr/bin/file conftest.o` in + case `$FILECMD conftest.o` in *32-bit*) case $host in x86_64-*kfreebsd*-gnu) LD="${LD-ld} -m elf_i386_fbsd" ;; x86_64-*linux*) - case `/usr/bin/file conftest.o` in + case `$FILECMD conftest.o` in *x86-64*) LD="${LD-ld} -m elf32_x86_64" ;; @@ -10008,8 +9841,8 @@ printf %s "checking whether the C compiler needs -belf... " >&6; } if test ${lt_cv_cc_needs_belf+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_ext=c +else case e in #( + e) ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' @@ -10029,8 +9862,9 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : lt_cv_cc_needs_belf=yes -else $as_nop - lt_cv_cc_needs_belf=no +else case e in #( + e) lt_cv_cc_needs_belf=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext @@ -10039,7 +9873,8 @@ ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_cc_needs_belf" >&5 printf "%s\n" "$lt_cv_cc_needs_belf" >&6; } @@ -10057,7 +9892,7 @@ printf "%s\n" "$lt_cv_cc_needs_belf" >&6; } ac_status=$? printf "%s\n" "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then - case `/usr/bin/file conftest.o` in + case `$FILECMD conftest.o` in *64-bit*) case $lt_cv_prog_gnu_ld in yes*) @@ -10097,8 +9932,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_MANIFEST_TOOL+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$MANIFEST_TOOL"; then +else case e in #( + e) if test -n "$MANIFEST_TOOL"; then ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10120,7 +9955,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL if test -n "$MANIFEST_TOOL"; then @@ -10142,8 +9978,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_MANIFEST_TOOL+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_MANIFEST_TOOL"; then +else case e in #( + e) if test -n "$ac_ct_MANIFEST_TOOL"; then ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10165,7 +10001,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL if test -n "$ac_ct_MANIFEST_TOOL"; then @@ -10197,15 +10034,16 @@ printf %s "checking if $MANIFEST_TOOL is a manifest tool... " >&6; } if test ${lt_cv_path_mainfest_tool+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_path_mainfest_tool=no +else case e in #( + e) lt_cv_path_mainfest_tool=no echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&5 $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out cat conftest.err >&5 if $GREP 'Manifest Tool' conftest.out > /dev/null; then lt_cv_path_mainfest_tool=yes fi - rm -f conftest* + rm -f conftest* ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5 printf "%s\n" "$lt_cv_path_mainfest_tool" >&6; } @@ -10228,8 +10066,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_DSYMUTIL+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$DSYMUTIL"; then +else case e in #( + e) if test -n "$DSYMUTIL"; then ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10251,7 +10089,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi DSYMUTIL=$ac_cv_prog_DSYMUTIL if test -n "$DSYMUTIL"; then @@ -10273,8 +10112,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_DSYMUTIL+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_DSYMUTIL"; then +else case e in #( + e) if test -n "$ac_ct_DSYMUTIL"; then ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10296,7 +10135,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL if test -n "$ac_ct_DSYMUTIL"; then @@ -10330,8 +10170,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_NMEDIT+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$NMEDIT"; then +else case e in #( + e) if test -n "$NMEDIT"; then ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10353,7 +10193,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi NMEDIT=$ac_cv_prog_NMEDIT if test -n "$NMEDIT"; then @@ -10375,8 +10216,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_NMEDIT+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_NMEDIT"; then +else case e in #( + e) if test -n "$ac_ct_NMEDIT"; then ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10398,7 +10239,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT if test -n "$ac_ct_NMEDIT"; then @@ -10432,8 +10274,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_LIPO+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$LIPO"; then +else case e in #( + e) if test -n "$LIPO"; then ac_cv_prog_LIPO="$LIPO" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10455,7 +10297,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi LIPO=$ac_cv_prog_LIPO if test -n "$LIPO"; then @@ -10477,8 +10320,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_LIPO+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_LIPO"; then +else case e in #( + e) if test -n "$ac_ct_LIPO"; then ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10500,7 +10343,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO if test -n "$ac_ct_LIPO"; then @@ -10534,8 +10378,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_OTOOL+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$OTOOL"; then +else case e in #( + e) if test -n "$OTOOL"; then ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10557,7 +10401,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi OTOOL=$ac_cv_prog_OTOOL if test -n "$OTOOL"; then @@ -10579,8 +10424,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_OTOOL+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_OTOOL"; then +else case e in #( + e) if test -n "$ac_ct_OTOOL"; then ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10602,7 +10447,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL if test -n "$ac_ct_OTOOL"; then @@ -10636,8 +10482,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_OTOOL64+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$OTOOL64"; then +else case e in #( + e) if test -n "$OTOOL64"; then ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10659,7 +10505,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi OTOOL64=$ac_cv_prog_OTOOL64 if test -n "$OTOOL64"; then @@ -10681,8 +10528,8 @@ printf %s "checking for $ac_word... " >&6; } if test ${ac_cv_prog_ac_ct_OTOOL64+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -n "$ac_ct_OTOOL64"; then +else case e in #( + e) if test -n "$ac_ct_OTOOL64"; then ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -10704,7 +10551,8 @@ done done IFS=$as_save_IFS -fi +fi ;; +esac fi ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64 if test -n "$ac_ct_OTOOL64"; then @@ -10761,8 +10609,8 @@ printf %s "checking for -single_module linker flag... " >&6; } if test ${lt_cv_apple_cc_single_mod+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_apple_cc_single_mod=no +else case e in #( + e) lt_cv_apple_cc_single_mod=no if test -z "$LT_MULTI_MODULE"; then # By default we will add the -single_module flag. You can override # by either setting the environment variable LT_MULTI_MODULE @@ -10788,7 +10636,8 @@ else $as_nop fi rm -rf libconftest.dylib* rm -f conftest.* - fi + fi ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5 printf "%s\n" "$lt_cv_apple_cc_single_mod" >&6; } @@ -10798,8 +10647,8 @@ printf %s "checking for -exported_symbols_list linker flag... " >&6; } if test ${lt_cv_ld_exported_symbols_list+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_ld_exported_symbols_list=no +else case e in #( + e) lt_cv_ld_exported_symbols_list=no save_LDFLAGS=$LDFLAGS echo "_main" > conftest.sym LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" @@ -10817,13 +10666,15 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : lt_cv_ld_exported_symbols_list=yes -else $as_nop - lt_cv_ld_exported_symbols_list=no +else case e in #( + e) lt_cv_ld_exported_symbols_list=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LDFLAGS=$save_LDFLAGS - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5 printf "%s\n" "$lt_cv_ld_exported_symbols_list" >&6; } @@ -10833,15 +10684,15 @@ printf %s "checking for -force_load linker flag... " >&6; } if test ${lt_cv_ld_force_load+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_ld_force_load=no +else case e in #( + e) lt_cv_ld_force_load=no cat > conftest.c << _LT_EOF int forced_loaded() { return 2;} _LT_EOF echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5 $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5 - echo "$AR cr libconftest.a conftest.o" >&5 - $AR cr libconftest.a conftest.o 2>&5 + echo "$AR $AR_FLAGS libconftest.a conftest.o" >&5 + $AR $AR_FLAGS libconftest.a conftest.o 2>&5 echo "$RANLIB libconftest.a" >&5 $RANLIB libconftest.a 2>&5 cat > conftest.c << _LT_EOF @@ -10859,7 +10710,8 @@ _LT_EOF fi rm -f conftest.err libconftest.a conftest conftest.c rm -rf conftest.dSYM - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5 printf "%s\n" "$lt_cv_ld_force_load" >&6; } @@ -10868,17 +10720,12 @@ printf "%s\n" "$lt_cv_ld_force_load" >&6; } _lt_dar_allow_undefined='$wl-undefined ${wl}suppress' ;; darwin1.*) _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; - darwin*) # darwin 5.x on - # if running on 10.5 or later, the deployment target defaults - # to the OS version, if on x86, and 10.4, the deployment - # target defaults to 10.4. Don't you love it? - case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in - 10.0,*86*-darwin8*|10.0,*-darwin[912]*) - _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; - 10.[012][,.]*) - _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; - 10.*|11.*) - _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; + darwin*) + case $MACOSX_DEPLOYMENT_TARGET,$host in + 10.[012],*|,*powerpc*-darwin[5-8]*) + _lt_dar_allow_undefined='$wl-flat_namespace $wl-undefined ${wl}suppress' ;; + *) + _lt_dar_allow_undefined='$wl-undefined ${wl}dynamic_lookup' ;; esac ;; esac @@ -10933,6 +10780,35 @@ func_munge_path_list () esac } +ac_header= ac_cache= +for ac_item in $ac_header_c_list +do + if test $ac_cache; then + ac_fn_c_check_header_compile "$LINENO" $ac_header ac_cv_header_$ac_cache "$ac_includes_default" + if eval test \"x\$ac_cv_header_$ac_cache\" = xyes; then + printf "%s\n" "#define $ac_item 1" >> confdefs.h + fi + ac_header= ac_cache= + elif test $ac_header; then + ac_cache=$ac_item + else + ac_header=$ac_item + fi +done + + + + + + + + +if test $ac_cv_header_stdlib_h = yes && test $ac_cv_header_string_h = yes +then : + +printf "%s\n" "#define STDC_HEADERS 1" >>confdefs.h + +fi ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default " if test "x$ac_cv_header_dlfcn_h" = xyes @@ -10957,80 +10833,418 @@ func_stripname_cnf () # Set options +enable_win32_dll=yes - - - enable_dlopen=no - - - - # Check whether --enable-shared was given. -if test ${enable_shared+y} +case $host in +*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*) + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}as", so it can be a program name with args. +set dummy ${ac_tool_prefix}as; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_AS+y} then : - enableval=$enable_shared; p=${PACKAGE-default} - case $enableval in - yes) enable_shared=yes ;; - no) enable_shared=no ;; - *) - enable_shared=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR, - for pkg in $enableval; do - IFS=$lt_save_ifs - if test "X$pkg" = "X$p"; then - enable_shared=yes - fi - done - IFS=$lt_save_ifs - ;; - esac -else $as_nop - enable_shared=yes -fi - - - - - - - - + printf %s "(cached) " >&6 +else case e in #( + e) if test -n "$AS"; then + ac_cv_prog_AS="$AS" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_AS="${ac_tool_prefix}as" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - # Check whether --enable-static was given. -if test ${enable_static+y} -then : - enableval=$enable_static; p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR, - for pkg in $enableval; do - IFS=$lt_save_ifs - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS=$lt_save_ifs - ;; - esac -else $as_nop - enable_static=yes +fi ;; +esac +fi +AS=$ac_cv_prog_AS +if test -n "$AS"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $AS" >&5 +printf "%s\n" "$AS" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi +fi +if test -z "$ac_cv_prog_AS"; then + ac_ct_AS=$AS + # Extract the first word of "as", so it can be a program name with args. +set dummy as; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_AS+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) if test -n "$ac_ct_AS"; then + ac_cv_prog_ac_ct_AS="$ac_ct_AS" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_AS="as" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi ;; +esac +fi +ac_ct_AS=$ac_cv_prog_ac_ct_AS +if test -n "$ac_ct_AS"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AS" >&5 +printf "%s\n" "$ac_ct_AS" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + if test "x$ac_ct_AS" = x; then + AS="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + AS=$ac_ct_AS + fi +else + AS="$ac_cv_prog_AS" +fi + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. +set dummy ${ac_tool_prefix}dlltool; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_DLLTOOL+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) if test -n "$DLLTOOL"; then + ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi ;; +esac +fi +DLLTOOL=$ac_cv_prog_DLLTOOL +if test -n "$DLLTOOL"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 +printf "%s\n" "$DLLTOOL" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi - - -# Check whether --with-pic was given. -if test ${with_pic+y} +fi +if test -z "$ac_cv_prog_DLLTOOL"; then + ac_ct_DLLTOOL=$DLLTOOL + # Extract the first word of "dlltool", so it can be a program name with args. +set dummy dlltool; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_DLLTOOL+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) if test -n "$ac_ct_DLLTOOL"; then + ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_DLLTOOL="dlltool" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi ;; +esac +fi +ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL +if test -n "$ac_ct_DLLTOOL"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 +printf "%s\n" "$ac_ct_DLLTOOL" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_DLLTOOL" = x; then + DLLTOOL="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + DLLTOOL=$ac_ct_DLLTOOL + fi +else + DLLTOOL="$ac_cv_prog_DLLTOOL" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. +set dummy ${ac_tool_prefix}objdump; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_OBJDUMP+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) if test -n "$OBJDUMP"; then + ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi ;; +esac +fi +OBJDUMP=$ac_cv_prog_OBJDUMP +if test -n "$OBJDUMP"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 +printf "%s\n" "$OBJDUMP" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_OBJDUMP"; then + ac_ct_OBJDUMP=$OBJDUMP + # Extract the first word of "objdump", so it can be a program name with args. +set dummy objdump; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_OBJDUMP+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) if test -n "$ac_ct_OBJDUMP"; then + ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_OBJDUMP="objdump" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi ;; +esac +fi +ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP +if test -n "$ac_ct_OBJDUMP"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 +printf "%s\n" "$ac_ct_OBJDUMP" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } +fi + + if test "x$ac_ct_OBJDUMP" = x; then + OBJDUMP="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OBJDUMP=$ac_ct_OBJDUMP + fi +else + OBJDUMP="$ac_cv_prog_OBJDUMP" +fi + + ;; +esac + +test -z "$AS" && AS=as + + + + + +test -z "$DLLTOOL" && DLLTOOL=dlltool + + + + + +test -z "$OBJDUMP" && OBJDUMP=objdump + + + + + + + + enable_dlopen=no + + + + # Check whether --enable-shared was given. +if test ${enable_shared+y} +then : + enableval=$enable_shared; p=${PACKAGE-default} + case $enableval in + yes) enable_shared=yes ;; + no) enable_shared=no ;; + *) + enable_shared=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR, + for pkg in $enableval; do + IFS=$lt_save_ifs + if test "X$pkg" = "X$p"; then + enable_shared=yes + fi + done + IFS=$lt_save_ifs + ;; + esac +else case e in #( + e) enable_shared=yes ;; +esac +fi + + + + + + + + + + # Check whether --enable-static was given. +if test ${enable_static+y} +then : + enableval=$enable_static; p=${PACKAGE-default} + case $enableval in + yes) enable_static=yes ;; + no) enable_static=no ;; + *) + enable_static=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs=$IFS; IFS=$IFS$PATH_SEPARATOR, + for pkg in $enableval; do + IFS=$lt_save_ifs + if test "X$pkg" = "X$p"; then + enable_static=yes + fi + done + IFS=$lt_save_ifs + ;; + esac +else case e in #( + e) enable_static=yes ;; +esac +fi + + + + + + + + + + +# Check whether --with-pic was given. +if test ${with_pic+y} then : withval=$with_pic; lt_p=${PACKAGE-default} case $withval in @@ -11048,8 +11262,9 @@ then : IFS=$lt_save_ifs ;; esac -else $as_nop - pic_mode=default +else case e in #( + e) pic_mode=default ;; +esac fi @@ -11079,8 +11294,9 @@ then : IFS=$lt_save_ifs ;; esac -else $as_nop - enable_fast_install=yes +else case e in #( + e) enable_fast_install=yes ;; +esac fi @@ -11107,15 +11323,17 @@ then : ;; esac lt_cv_with_aix_soname=$with_aix_soname -else $as_nop - if test ${lt_cv_with_aix_soname+y} +else case e in #( + e) if test ${lt_cv_with_aix_soname+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_with_aix_soname=aix +else case e in #( + e) lt_cv_with_aix_soname=aix ;; +esac fi - with_aix_soname=$lt_cv_with_aix_soname + with_aix_soname=$lt_cv_with_aix_soname ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $with_aix_soname" >&5 @@ -11206,8 +11424,8 @@ printf %s "checking for objdir... " >&6; } if test ${lt_cv_objdir+y} then : printf %s "(cached) " >&6 -else $as_nop - rm -f .libs 2>/dev/null +else case e in #( + e) rm -f .libs 2>/dev/null mkdir .libs 2>/dev/null if test -d .libs; then lt_cv_objdir=.libs @@ -11215,7 +11433,8 @@ else # MS-DOS does not allow filenames that begin with a dot. lt_cv_objdir=_libs fi -rmdir .libs 2>/dev/null +rmdir .libs 2>/dev/null ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_objdir" >&5 printf "%s\n" "$lt_cv_objdir" >&6; } @@ -11246,8 +11465,8 @@ esac ofile=libtool can_build_shared=yes -# All known linkers require a '.a' archive for static linking (except MSVC, -# which needs '.lib'). +# All known linkers require a '.a' archive for static linking (except MSVC and +# ICC, which need '.lib'). libext=a with_gnu_ld=$lt_cv_prog_gnu_ld @@ -11276,8 +11495,8 @@ printf %s "checking for ${ac_tool_prefix}file... " >&6; } if test ${lt_cv_path_MAGIC_CMD+y} then : printf %s "(cached) " >&6 -else $as_nop - case $MAGIC_CMD in +else case e in #( + e) case $MAGIC_CMD in [\\/*] | ?:[\\/]*) lt_cv_path_MAGIC_CMD=$MAGIC_CMD # Let the user override the test with a path. ;; @@ -11320,6 +11539,7 @@ _LT_EOF IFS=$lt_save_ifs MAGIC_CMD=$lt_save_MAGIC_CMD ;; +esac ;; esac fi @@ -11343,8 +11563,8 @@ printf %s "checking for file... " >&6; } if test ${lt_cv_path_MAGIC_CMD+y} then : printf %s "(cached) " >&6 -else $as_nop - case $MAGIC_CMD in +else case e in #( + e) case $MAGIC_CMD in [\\/*] | ?:[\\/]*) lt_cv_path_MAGIC_CMD=$MAGIC_CMD # Let the user override the test with a path. ;; @@ -11387,6 +11607,7 @@ _LT_EOF IFS=$lt_save_ifs MAGIC_CMD=$lt_save_MAGIC_CMD ;; +esac ;; esac fi @@ -11486,8 +11707,8 @@ printf %s "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; } if test ${lt_cv_prog_compiler_rtti_exceptions+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_rtti_exceptions=no +else case e in #( + e) lt_cv_prog_compiler_rtti_exceptions=no ac_outfile=conftest.$ac_objext echo "$lt_simple_compile_test_code" > conftest.$ac_ext lt_compiler_flag="-fno-rtti -fno-exceptions" ## exclude from sc_useless_quotes_in_assignment @@ -11515,7 +11736,8 @@ else $as_nop fi fi $RM conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 printf "%s\n" "$lt_cv_prog_compiler_rtti_exceptions" >&6; } @@ -11765,7 +11987,7 @@ lt_prog_compiler_static= lt_prog_compiler_static='-qstaticlink' ;; *) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [1-7].* | *Sun*Fortran*\ 8.[0-3]*) # Sun Fortran 8.3 passes all unrecognized flags to the linker lt_prog_compiler_pic='-KPIC' @@ -11886,8 +12108,9 @@ printf %s "checking for $compiler option to produce PIC... " >&6; } if test ${lt_cv_prog_compiler_pic+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_pic=$lt_prog_compiler_pic +else case e in #( + e) lt_cv_prog_compiler_pic=$lt_prog_compiler_pic ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5 printf "%s\n" "$lt_cv_prog_compiler_pic" >&6; } @@ -11902,8 +12125,8 @@ printf %s "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; if test ${lt_cv_prog_compiler_pic_works+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_pic_works=no +else case e in #( + e) lt_cv_prog_compiler_pic_works=no ac_outfile=conftest.$ac_objext echo "$lt_simple_compile_test_code" > conftest.$ac_ext lt_compiler_flag="$lt_prog_compiler_pic -DPIC" ## exclude from sc_useless_quotes_in_assignment @@ -11931,7 +12154,8 @@ else $as_nop fi fi $RM conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works" >&5 printf "%s\n" "$lt_cv_prog_compiler_pic_works" >&6; } @@ -11967,8 +12191,8 @@ printf %s "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; if test ${lt_cv_prog_compiler_static_works+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_static_works=no +else case e in #( + e) lt_cv_prog_compiler_static_works=no save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS $lt_tmp_static_flag" echo "$lt_simple_link_test_code" > conftest.$ac_ext @@ -11989,7 +12213,8 @@ else $as_nop fi $RM -r conftest* LDFLAGS=$save_LDFLAGS - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works" >&5 printf "%s\n" "$lt_cv_prog_compiler_static_works" >&6; } @@ -12011,8 +12236,8 @@ printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; } if test ${lt_cv_prog_compiler_c_o+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_c_o=no +else case e in #( + e) lt_cv_prog_compiler_c_o=no $RM -r conftest 2>/dev/null mkdir conftest cd conftest @@ -12052,7 +12277,8 @@ else $as_nop cd .. $RM -r conftest $RM conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 printf "%s\n" "$lt_cv_prog_compiler_c_o" >&6; } @@ -12067,8 +12293,8 @@ printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; } if test ${lt_cv_prog_compiler_c_o+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_c_o=no +else case e in #( + e) lt_cv_prog_compiler_c_o=no $RM -r conftest 2>/dev/null mkdir conftest cd conftest @@ -12108,7 +12334,8 @@ else $as_nop cd .. $RM -r conftest $RM conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 printf "%s\n" "$lt_cv_prog_compiler_c_o" >&6; } @@ -12188,15 +12415,15 @@ printf %s "checking whether the $compiler linker ($LD) supports shared libraries case $host_os in cygwin* | mingw* | pw32* | cegcc*) - # FIXME: the MSVC++ port hasn't been tested in a loooong time + # FIXME: the MSVC++ and ICC port hasn't been tested in a loooong time # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. + # Microsoft Visual C++ or Intel C++ Compiler. if test yes != "$GCC"; then with_gnu_ld=no fi ;; interix*) - # we just hope/assume this is gcc and not c89 (= MSVC++) + # we just hope/assume this is gcc and not c89 (= MSVC++ or ICC) with_gnu_ld=yes ;; openbsd* | bitrig*) @@ -12251,7 +12478,7 @@ printf %s "checking whether the $compiler linker ($LD) supports shared libraries whole_archive_flag_spec= fi supports_anon_versioning=no - case `$LD -v | $SED -e 's/(^)\+)\s\+//' 2>&1` in + case `$LD -v | $SED -e 's/([^)]\+)\s\+//' 2>&1` in *GNU\ gold*) supports_anon_versioning=yes ;; *\ [01].* | *\ 2.[0-9].* | *\ 2.10.*) ;; # catch versions < 2.11 *\ 2.11.93.0.2\ *) supports_anon_versioning=yes ;; # RH7.3 ... @@ -12363,6 +12590,7 @@ _LT_EOF emximp -o $lib $output_objdir/$libname.def' old_archive_From_new_cmds='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' enable_shared_with_static_runtimes=yes + file_list_spec='@' ;; interix[3-9]*) @@ -12377,7 +12605,7 @@ _LT_EOF # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link # time. Moving up from 0x10000000 also allows more sbrk(2) space. archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds='sed "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + archive_expsym_cmds='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' ;; gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) @@ -12420,7 +12648,7 @@ _LT_EOF compiler_needs_object=yes ;; esac - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C 5.9 whole_archive_flag_spec='$wl--whole-archive`new_convenience=; for conv in $convenience\"\"; do test -z \"$conv\" || new_convenience=\"$new_convenience,$conv\"; done; func_echo_all \"$new_convenience\"` $wl--no-whole-archive' compiler_needs_object=yes @@ -12432,13 +12660,14 @@ _LT_EOF if test yes = "$supports_anon_versioning"; then archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib' fi case $cc_basename in tcc*) + hardcode_libdir_flag_spec='$wl-rpath $wl$libdir' export_dynamic_flag_spec='-rdynamic' ;; xlf* | bgf* | bgxlf* | mpixlf*) @@ -12448,7 +12677,7 @@ _LT_EOF archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' if test yes = "$supports_anon_versioning"; then archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $LD -shared $libobjs $deplibs $linker_flags -soname $soname -version-script $output_objdir/$libname.ver -o $lib' fi @@ -12580,7 +12809,7 @@ _LT_EOF if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then export_symbols_cmds='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols' else - export_symbols_cmds='`func_echo_all $NM | $SED -e '\''s/B\([^B]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && (substr(\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' + export_symbols_cmds='`func_echo_all $NM | $SED -e '\''s/B\([^B]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && (substr(\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' fi aix_use_runtimelinking=no @@ -12705,8 +12934,8 @@ else if test ${lt_cv_aix_libpath_+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -12738,7 +12967,8 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam \ if test -z "$lt_cv_aix_libpath_"; then lt_cv_aix_libpath_=/usr/lib:/lib fi - + ;; +esac fi aix_libpath=$lt_cv_aix_libpath_ @@ -12760,8 +12990,8 @@ else if test ${lt_cv_aix_libpath_+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -12793,7 +13023,8 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam \ if test -z "$lt_cv_aix_libpath_"; then lt_cv_aix_libpath_=/usr/lib:/lib fi - + ;; +esac fi aix_libpath=$lt_cv_aix_libpath_ @@ -12851,12 +13082,12 @@ fi cygwin* | mingw* | pw32* | cegcc*) # When not using gcc, we currently assume that we are using - # Microsoft Visual C++. + # Microsoft Visual C++ or Intel C++ Compiler. # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. case $cc_basename in - cl*) - # Native MSVC + cl* | icl*) + # Native MSVC or ICC hardcode_libdir_flag_spec=' ' allow_undefined_flag=unsupported always_export_symbols=yes @@ -12897,7 +13128,7 @@ fi fi' ;; *) - # Assume MSVC wrapper + # Assume MSVC and ICC wrapper hardcode_libdir_flag_spec=' ' allow_undefined_flag=unsupported # Tell ltmain to make .lib files, not .a files. @@ -12938,8 +13169,8 @@ fi output_verbose_link_cmd=func_echo_all archive_cmds="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dsymutil" module_cmds="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dsymutil" - archive_expsym_cmds="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" - module_expsym_cmds="sed -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" + archive_expsym_cmds="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" + module_expsym_cmds="$SED -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" else ld_shlibs=no @@ -12973,7 +13204,7 @@ fi ;; # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd* | dragonfly*) + freebsd* | dragonfly* | midnightbsd*) archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' hardcode_libdir_flag_spec='-R$libdir' hardcode_direct=yes @@ -13044,8 +13275,8 @@ printf %s "checking if $CC understands -b... " >&6; } if test ${lt_cv_prog_compiler__b+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler__b=no +else case e in #( + e) lt_cv_prog_compiler__b=no save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -b" echo "$lt_simple_link_test_code" > conftest.$ac_ext @@ -13066,7 +13297,8 @@ else $as_nop fi $RM -r conftest* LDFLAGS=$save_LDFLAGS - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5 printf "%s\n" "$lt_cv_prog_compiler__b" >&6; } @@ -13114,8 +13346,8 @@ printf %s "checking whether the $host_os linker accepts -exported_symbol... " >& if test ${lt_cv_irix_exported_symbol+y} then : printf %s "(cached) " >&6 -else $as_nop - save_LDFLAGS=$LDFLAGS +else case e in #( + e) save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS -shared $wl-exported_symbol ${wl}foo $wl-update_registry $wl/dev/null" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -13124,12 +13356,14 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : lt_cv_irix_exported_symbol=yes -else $as_nop - lt_cv_irix_exported_symbol=no +else case e in #( + e) lt_cv_irix_exported_symbol=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext - LDFLAGS=$save_LDFLAGS + LDFLAGS=$save_LDFLAGS ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5 printf "%s\n" "$lt_cv_irix_exported_symbol" >&6; } @@ -13154,6 +13388,7 @@ printf "%s\n" "$lt_cv_irix_exported_symbol" >&6; } # Fabrice Bellard et al's Tiny C Compiler ld_shlibs=yes archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' + hardcode_libdir_flag_spec='$wl-rpath $wl$libdir' ;; esac ;; @@ -13225,6 +13460,7 @@ printf "%s\n" "$lt_cv_irix_exported_symbol" >&6; } emximp -o $lib $output_objdir/$libname.def' old_archive_From_new_cmds='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' enable_shared_with_static_runtimes=yes + file_list_spec='@' ;; osf3*) @@ -13455,8 +13691,8 @@ printf %s "checking whether -lc should be explicitly linked in... " >&6; } if test ${lt_cv_archive_cmds_need_lc+y} then : printf %s "(cached) " >&6 -else $as_nop - $RM conftest* +else case e in #( + e) $RM conftest* echo "$lt_simple_compile_test_code" > conftest.$ac_ext if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 @@ -13492,7 +13728,8 @@ else $as_nop cat conftest.err 1>&5 fi $RM conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5 printf "%s\n" "$lt_cv_archive_cmds_need_lc" >&6; } @@ -13917,7 +14154,7 @@ cygwin* | mingw* | pw32* | cegcc*) case $host_os in cygwin*) # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo $libname | sed -e 's/^lib/cyg/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' + soname_spec='`echo $libname | $SED -e 's/^lib/cyg/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' sys_lib_search_path_spec="$sys_lib_search_path_spec /usr/lib/w32api" ;; @@ -13927,14 +14164,14 @@ cygwin* | mingw* | pw32* | cegcc*) ;; pw32*) # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo $libname | sed -e 's/^lib/pw/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' + library_names_spec='`echo $libname | $SED -e 's/^lib/pw/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' ;; esac dynamic_linker='Win32 ld.exe' ;; - *,cl*) - # Native MSVC + *,cl* | *,icl*) + # Native MSVC or ICC libname_spec='$name' soname_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' library_names_spec='$libname.dll.lib' @@ -13953,7 +14190,7 @@ cygwin* | mingw* | pw32* | cegcc*) done IFS=$lt_save_ifs # Convert to MSYS style. - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` ;; cygwin*) # Convert to unix form, then to dos form, then back to unix form @@ -13990,7 +14227,7 @@ cygwin* | mingw* | pw32* | cegcc*) ;; *) - # Assume MSVC wrapper + # Assume MSVC and ICC wrapper library_names_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext $libname.lib' dynamic_linker='Win32 ld.exe' ;; @@ -14023,7 +14260,7 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd* | dragonfly*) +freebsd* | dragonfly* | midnightbsd*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. if test -x /usr/bin/objformat; then @@ -14219,8 +14456,8 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) if test ${lt_cv_shlibpath_overrides_runpath+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_shlibpath_overrides_runpath=no +else case e in #( + e) lt_cv_shlibpath_overrides_runpath=no save_LDFLAGS=$LDFLAGS save_libdir=$libdir eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \ @@ -14247,7 +14484,8 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LDFLAGS=$save_LDFLAGS libdir=$save_libdir - + ;; +esac fi shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath @@ -14684,16 +14922,22 @@ printf %s "checking for dlopen in -ldl... " >&6; } if test ${ac_cv_lib_dl_dlopen+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_check_lib_save_LIBS=$LIBS +else case e in #( + e) ac_check_lib_save_LIBS=$LIBS LIBS="-ldl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -char dlopen (); + builtin and then its argument prototype would still apply. + The 'extern "C"' is for builds by C++ compilers; + although this is not generally supported in C code supporting it here + has little cost and some practical benefit (sr 110532). */ +#ifdef __cplusplus +extern "C" +#endif +char dlopen (void); int main (void) { @@ -14705,24 +14949,27 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_dl_dlopen=yes -else $as_nop - ac_cv_lib_dl_dlopen=no +else case e in #( + e) ac_cv_lib_dl_dlopen=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS +LIBS=$ac_check_lib_save_LIBS ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 printf "%s\n" "$ac_cv_lib_dl_dlopen" >&6; } if test "x$ac_cv_lib_dl_dlopen" = xyes then : lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl -else $as_nop - +else case e in #( + e) lt_cv_dlopen=dyld lt_cv_dlopen_libs= lt_cv_dlopen_self=yes - + ;; +esac fi ;; @@ -14740,22 +14987,28 @@ fi if test "x$ac_cv_func_shl_load" = xyes then : lt_cv_dlopen=shl_load -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5 printf %s "checking for shl_load in -ldld... " >&6; } if test ${ac_cv_lib_dld_shl_load+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_check_lib_save_LIBS=$LIBS +else case e in #( + e) ac_check_lib_save_LIBS=$LIBS LIBS="-ldld $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -char shl_load (); + builtin and then its argument prototype would still apply. + The 'extern "C"' is for builds by C++ compilers; + although this is not generally supported in C code supporting it here + has little cost and some practical benefit (sr 110532). */ +#ifdef __cplusplus +extern "C" +#endif +char shl_load (void); int main (void) { @@ -14767,39 +15020,47 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_dld_shl_load=yes -else $as_nop - ac_cv_lib_dld_shl_load=no +else case e in #( + e) ac_cv_lib_dld_shl_load=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS +LIBS=$ac_check_lib_save_LIBS ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5 printf "%s\n" "$ac_cv_lib_dld_shl_load" >&6; } if test "x$ac_cv_lib_dld_shl_load" = xyes then : lt_cv_dlopen=shl_load lt_cv_dlopen_libs=-ldld -else $as_nop - ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" +else case e in #( + e) ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" if test "x$ac_cv_func_dlopen" = xyes then : lt_cv_dlopen=dlopen -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 printf %s "checking for dlopen in -ldl... " >&6; } if test ${ac_cv_lib_dl_dlopen+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_check_lib_save_LIBS=$LIBS +else case e in #( + e) ac_check_lib_save_LIBS=$LIBS LIBS="-ldl $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -char dlopen (); + builtin and then its argument prototype would still apply. + The 'extern "C"' is for builds by C++ compilers; + although this is not generally supported in C code supporting it here + has little cost and some practical benefit (sr 110532). */ +#ifdef __cplusplus +extern "C" +#endif +char dlopen (void); int main (void) { @@ -14811,34 +15072,42 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_dl_dlopen=yes -else $as_nop - ac_cv_lib_dl_dlopen=no +else case e in #( + e) ac_cv_lib_dl_dlopen=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS +LIBS=$ac_check_lib_save_LIBS ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 printf "%s\n" "$ac_cv_lib_dl_dlopen" >&6; } if test "x$ac_cv_lib_dl_dlopen" = xyes then : lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-ldl -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5 printf %s "checking for dlopen in -lsvld... " >&6; } if test ${ac_cv_lib_svld_dlopen+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_check_lib_save_LIBS=$LIBS +else case e in #( + e) ac_check_lib_save_LIBS=$LIBS LIBS="-lsvld $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -char dlopen (); + builtin and then its argument prototype would still apply. + The 'extern "C"' is for builds by C++ compilers; + although this is not generally supported in C code supporting it here + has little cost and some practical benefit (sr 110532). */ +#ifdef __cplusplus +extern "C" +#endif +char dlopen (void); int main (void) { @@ -14850,34 +15119,42 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_svld_dlopen=yes -else $as_nop - ac_cv_lib_svld_dlopen=no +else case e in #( + e) ac_cv_lib_svld_dlopen=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS +LIBS=$ac_check_lib_save_LIBS ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5 printf "%s\n" "$ac_cv_lib_svld_dlopen" >&6; } if test "x$ac_cv_lib_svld_dlopen" = xyes then : lt_cv_dlopen=dlopen lt_cv_dlopen_libs=-lsvld -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5 printf %s "checking for dld_link in -ldld... " >&6; } if test ${ac_cv_lib_dld_dld_link+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_check_lib_save_LIBS=$LIBS +else case e in #( + e) ac_check_lib_save_LIBS=$LIBS LIBS="-ldld $LIBS" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -char dld_link (); + builtin and then its argument prototype would still apply. + The 'extern "C"' is for builds by C++ compilers; + although this is not generally supported in C code supporting it here + has little cost and some practical benefit (sr 110532). */ +#ifdef __cplusplus +extern "C" +#endif +char dld_link (void); int main (void) { @@ -14889,12 +15166,14 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_lib_dld_dld_link=yes -else $as_nop - ac_cv_lib_dld_dld_link=no +else case e in #( + e) ac_cv_lib_dld_dld_link=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS +LIBS=$ac_check_lib_save_LIBS ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5 printf "%s\n" "$ac_cv_lib_dld_dld_link" >&6; } @@ -14903,19 +15182,24 @@ then : lt_cv_dlopen=dld_link lt_cv_dlopen_libs=-ldld fi - + ;; +esac fi - + ;; +esac fi - + ;; +esac fi - + ;; +esac fi - + ;; +esac fi ;; @@ -14943,8 +15227,8 @@ printf %s "checking whether a program can dlopen itself... " >&6; } if test ${lt_cv_dlopen_self+y} then : printf %s "(cached) " >&6 -else $as_nop - if test yes = "$cross_compiling"; then : +else case e in #( + e) if test yes = "$cross_compiling"; then : lt_cv_dlopen_self=cross else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 @@ -15038,7 +15322,8 @@ _LT_EOF fi rm -fr conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self" >&5 printf "%s\n" "$lt_cv_dlopen_self" >&6; } @@ -15050,8 +15335,8 @@ printf %s "checking whether a statically linked program can dlopen itself... " > if test ${lt_cv_dlopen_self_static+y} then : printf %s "(cached) " >&6 -else $as_nop - if test yes = "$cross_compiling"; then : +else case e in #( + e) if test yes = "$cross_compiling"; then : lt_cv_dlopen_self_static=cross else lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 @@ -15145,7 +15430,8 @@ _LT_EOF fi rm -fr conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self_static" >&5 printf "%s\n" "$lt_cv_dlopen_self_static" >&6; } @@ -15188,30 +15474,41 @@ striplib= old_striplib= { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5 printf %s "checking whether stripping libraries is possible... " >&6; } -if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then - test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" - test -z "$striplib" && striplib="$STRIP --strip-unneeded" - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -printf "%s\n" "yes" >&6; } +if test -z "$STRIP"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } else -# FIXME - insert some real tests, host_os isn't really good enough - case $host_os in - darwin*) - if test -n "$STRIP"; then + if $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then + old_striplib="$STRIP --strip-debug" + striplib="$STRIP --strip-unneeded" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + else + case $host_os in + darwin*) + # FIXME - insert some real tests, host_os isn't really good enough striplib="$STRIP -x" old_striplib="$STRIP -S" { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 printf "%s\n" "yes" >&6; } - else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 + ;; + freebsd*) + if $STRIP -V 2>&1 | $GREP "elftoolchain" >/dev/null; then + old_striplib="$STRIP --strip-debug" + striplib="$STRIP --strip-unneeded" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } - fi - ;; - *) - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 + fi + ;; + *) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } - ;; - esac + ;; + esac + fi fi @@ -15292,8 +15589,8 @@ if test -z "$CXXCPP"; then if test ${ac_cv_prog_CXXCPP+y} then : printf %s "(cached) " >&6 -else $as_nop - # Double quotes because $CXX needs to be expanded +else case e in #( + e) # Double quotes because $CXX needs to be expanded for CXXCPP in "$CXX -E" cpp /lib/cpp do ac_preproc_ok=false @@ -15311,9 +15608,10 @@ _ACEOF if ac_fn_cxx_try_cpp "$LINENO" then : -else $as_nop - # Broken: fails on valid input. -continue +else case e in #( + e) # Broken: fails on valid input. +continue ;; +esac fi rm -f conftest.err conftest.i conftest.$ac_ext @@ -15327,15 +15625,16 @@ if ac_fn_cxx_try_cpp "$LINENO" then : # Broken: success on invalid input. continue -else $as_nop - # Passes both tests. +else case e in #( + e) # Passes both tests. ac_preproc_ok=: -break +break ;; +esac fi rm -f conftest.err conftest.i conftest.$ac_ext done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +# Because of 'break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok then : @@ -15344,7 +15643,8 @@ fi done ac_cv_prog_CXXCPP=$CXXCPP - + ;; +esac fi CXXCPP=$ac_cv_prog_CXXCPP else @@ -15367,9 +15667,10 @@ _ACEOF if ac_fn_cxx_try_cpp "$LINENO" then : -else $as_nop - # Broken: fails on valid input. -continue +else case e in #( + e) # Broken: fails on valid input. +continue ;; +esac fi rm -f conftest.err conftest.i conftest.$ac_ext @@ -15383,24 +15684,26 @@ if ac_fn_cxx_try_cpp "$LINENO" then : # Broken: success on invalid input. continue -else $as_nop - # Passes both tests. +else case e in #( + e) # Passes both tests. ac_preproc_ok=: -break +break ;; +esac fi rm -f conftest.err conftest.i conftest.$ac_ext done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +# Because of 'break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok then : -else $as_nop - { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} +else case e in #( + e) { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "C++ preprocessor \"$CXXCPP\" fails sanity check -See \`config.log' for more details" "$LINENO" 5; } +See 'config.log' for more details" "$LINENO" 5; } ;; +esac fi ac_ext=c @@ -15537,8 +15840,9 @@ cc_basename=$func_cc_basename_result if test ${with_gnu_ld+y} then : withval=$with_gnu_ld; test no = "$withval" || with_gnu_ld=yes -else $as_nop - with_gnu_ld=no +else case e in #( + e) with_gnu_ld=no ;; +esac fi ac_prog=ld @@ -15583,8 +15887,8 @@ fi if test ${lt_cv_path_LD+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -z "$LD"; then +else case e in #( + e) if test -z "$LD"; then lt_save_ifs=$IFS; IFS=$PATH_SEPARATOR for ac_dir in $PATH; do IFS=$lt_save_ifs @@ -15607,7 +15911,8 @@ else $as_nop IFS=$lt_save_ifs else lt_cv_path_LD=$LD # Let the user override the test with a path. -fi +fi ;; +esac fi LD=$lt_cv_path_LD @@ -15624,8 +15929,8 @@ printf %s "checking if the linker ($LD) is GNU ld... " >&6; } if test ${lt_cv_prog_gnu_ld+y} then : printf %s "(cached) " >&6 -else $as_nop - # I'd rather use --version here, but apparently some GNU lds only accept -v. +else case e in #( + e) # I'd rather use --version here, but apparently some GNU lds only accept -v. case `$LD -v 2>&1 &1 &5 @@ -15832,8 +16138,8 @@ else if test ${lt_cv_aix_libpath__CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -15865,7 +16171,8 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam \ if test -z "$lt_cv_aix_libpath__CXX"; then lt_cv_aix_libpath__CXX=/usr/lib:/lib fi - + ;; +esac fi aix_libpath=$lt_cv_aix_libpath__CXX @@ -15888,8 +16195,8 @@ else if test ${lt_cv_aix_libpath__CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -15921,7 +16228,8 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam \ if test -z "$lt_cv_aix_libpath__CXX"; then lt_cv_aix_libpath__CXX=/usr/lib:/lib fi - + ;; +esac fi aix_libpath=$lt_cv_aix_libpath__CXX @@ -15981,8 +16289,8 @@ fi cygwin* | mingw* | pw32* | cegcc*) case $GXX,$cc_basename in - ,cl* | no,cl*) - # Native MSVC + ,cl* | no,cl* | ,icl* | no,icl*) + # Native MSVC or ICC # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. hardcode_libdir_flag_spec_CXX=' ' @@ -16073,11 +16381,11 @@ fi output_verbose_link_cmd=func_echo_all archive_cmds_CXX="\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dsymutil" module_cmds_CXX="\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dsymutil" - archive_expsym_cmds_CXX="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" - module_expsym_cmds_CXX="sed -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" + archive_expsym_cmds_CXX="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$libobjs \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring $_lt_dar_single_mod$_lt_dar_export_syms$_lt_dsymutil" + module_expsym_cmds_CXX="$SED -e 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC \$allow_undefined_flag -o \$lib -bundle \$libobjs \$deplibs \$compiler_flags$_lt_dar_export_syms$_lt_dsymutil" if test yes != "$lt_cv_apple_cc_single_mod"; then archive_cmds_CXX="\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dsymutil" - archive_expsym_cmds_CXX="sed 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil" + archive_expsym_cmds_CXX="$SED 's|^|_|' < \$export_symbols > \$output_objdir/\$libname-symbols.expsym~\$CC -r -keep_private_externs -nostdlib -o \$lib-master.o \$libobjs~\$CC -dynamiclib \$allow_undefined_flag -o \$lib \$lib-master.o \$deplibs \$compiler_flags -install_name \$rpath/\$soname \$verstring$_lt_dar_export_syms$_lt_dsymutil" fi else @@ -16112,6 +16420,7 @@ fi emximp -o $lib $output_objdir/$libname.def' old_archive_From_new_cmds_CXX='emximp -o $output_objdir/${libname}_dll.a $output_objdir/$libname.def' enable_shared_with_static_runtimes_CXX=yes + file_list_spec_CXX='@' ;; dgux*) @@ -16142,7 +16451,7 @@ fi archive_cmds_need_lc_CXX=no ;; - freebsd* | dragonfly*) + freebsd* | dragonfly* | midnightbsd*) # FreeBSD 3 and later use GNU C++ and GNU ld with standard ELF # conventions ld_shlibs_CXX=yes @@ -16279,7 +16588,7 @@ fi # 256 KiB-aligned image base between 0x50000000 and 0x6FFC0000 at link # time. Moving up from 0x10000000 also allows more sbrk(2) space. archive_cmds_CXX='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' - archive_expsym_cmds_CXX='sed "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' + archive_expsym_cmds_CXX='$SED "s|^|_|" $export_symbols >$output_objdir/$soname.expsym~$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-h,$soname $wl--retain-symbols-file,$output_objdir/$soname.expsym $wl--image-base,`expr ${RANDOM-$$} % 4096 / 2 \* 262144 + 1342177280` -o $lib' ;; irix5* | irix6*) case $cc_basename in @@ -16419,13 +16728,13 @@ fi archive_cmds_CXX='$CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib' if test yes = "$supports_anon_versioning"; then archive_expsym_cmds_CXX='echo "{ global:" > $output_objdir/$libname.ver~ - cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ + cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $output_objdir/$libname.ver~ echo "local: *; };" >> $output_objdir/$libname.ver~ $CC -qmkshrobj $libobjs $deplibs $compiler_flags $wl-soname $wl$soname $wl-version-script $wl$output_objdir/$libname.ver -o $lib' fi ;; *) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C++ 5.9 no_undefined_flag_CXX=' -zdefs' @@ -17082,7 +17391,7 @@ lt_prog_compiler_static_CXX= ;; esac ;; - freebsd* | dragonfly*) + freebsd* | dragonfly* | midnightbsd*) # FreeBSD uses GNU C++ ;; hpux9* | hpux10* | hpux11*) @@ -17165,7 +17474,7 @@ lt_prog_compiler_static_CXX= lt_prog_compiler_static_CXX='-qstaticlink' ;; *) - case `$CC -V 2>&1 | sed 5q` in + case `$CC -V 2>&1 | $SED 5q` in *Sun\ C*) # Sun C++ 5.9 lt_prog_compiler_pic_CXX='-KPIC' @@ -17292,8 +17601,9 @@ printf %s "checking for $compiler option to produce PIC... " >&6; } if test ${lt_cv_prog_compiler_pic_CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_pic_CXX=$lt_prog_compiler_pic_CXX +else case e in #( + e) lt_cv_prog_compiler_pic_CXX=$lt_prog_compiler_pic_CXX ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_CXX" >&5 printf "%s\n" "$lt_cv_prog_compiler_pic_CXX" >&6; } @@ -17308,8 +17618,8 @@ printf %s "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... " > if test ${lt_cv_prog_compiler_pic_works_CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_pic_works_CXX=no +else case e in #( + e) lt_cv_prog_compiler_pic_works_CXX=no ac_outfile=conftest.$ac_objext echo "$lt_simple_compile_test_code" > conftest.$ac_ext lt_compiler_flag="$lt_prog_compiler_pic_CXX -DPIC" ## exclude from sc_useless_quotes_in_assignment @@ -17337,7 +17647,8 @@ else $as_nop fi fi $RM conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works_CXX" >&5 printf "%s\n" "$lt_cv_prog_compiler_pic_works_CXX" >&6; } @@ -17367,8 +17678,8 @@ printf %s "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; if test ${lt_cv_prog_compiler_static_works_CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_static_works_CXX=no +else case e in #( + e) lt_cv_prog_compiler_static_works_CXX=no save_LDFLAGS=$LDFLAGS LDFLAGS="$LDFLAGS $lt_tmp_static_flag" echo "$lt_simple_link_test_code" > conftest.$ac_ext @@ -17389,7 +17700,8 @@ else $as_nop fi $RM -r conftest* LDFLAGS=$save_LDFLAGS - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works_CXX" >&5 printf "%s\n" "$lt_cv_prog_compiler_static_works_CXX" >&6; } @@ -17408,8 +17720,8 @@ printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; } if test ${lt_cv_prog_compiler_c_o_CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_c_o_CXX=no +else case e in #( + e) lt_cv_prog_compiler_c_o_CXX=no $RM -r conftest 2>/dev/null mkdir conftest cd conftest @@ -17449,7 +17761,8 @@ else $as_nop cd .. $RM -r conftest $RM conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5 printf "%s\n" "$lt_cv_prog_compiler_c_o_CXX" >&6; } @@ -17461,8 +17774,8 @@ printf %s "checking if $compiler supports -c -o file.$ac_objext... " >&6; } if test ${lt_cv_prog_compiler_c_o_CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_prog_compiler_c_o_CXX=no +else case e in #( + e) lt_cv_prog_compiler_c_o_CXX=no $RM -r conftest 2>/dev/null mkdir conftest cd conftest @@ -17502,7 +17815,8 @@ else $as_nop cd .. $RM -r conftest $RM conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5 printf "%s\n" "$lt_cv_prog_compiler_c_o_CXX" >&6; } @@ -17552,7 +17866,7 @@ printf %s "checking whether the $compiler linker ($LD) supports shared libraries if $NM -V 2>&1 | $GREP 'GNU' > /dev/null; then export_symbols_cmds_CXX='$NM -Bpg $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W")) && (substr(\$ 3,1,1) != ".")) { if (\$ 2 == "W") { print \$ 3 " weak" } else { print \$ 3 } } }'\'' | sort -u > $export_symbols' else - export_symbols_cmds_CXX='`func_echo_all $NM | $SED -e '\''s/B\([^B]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && (substr(\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' + export_symbols_cmds_CXX='`func_echo_all $NM | $SED -e '\''s/B\([^B]*\)$/P\1/'\''` -PCpgl $libobjs $convenience | awk '\''{ if (((\$ 2 == "T") || (\$ 2 == "D") || (\$ 2 == "B") || (\$ 2 == "L") || (\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) && (substr(\$ 1,1,1) != ".")) { if ((\$ 2 == "W") || (\$ 2 == "V") || (\$ 2 == "Z")) { print \$ 1 " weak" } else { print \$ 1 } } }'\'' | sort -u > $export_symbols' fi ;; pw32*) @@ -17560,7 +17874,7 @@ printf %s "checking whether the $compiler linker ($LD) supports shared libraries ;; cygwin* | mingw* | cegcc*) case $cc_basename in - cl*) + cl* | icl*) exclude_expsyms_CXX='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' ;; *) @@ -17610,8 +17924,8 @@ printf %s "checking whether -lc should be explicitly linked in... " >&6; } if test ${lt_cv_archive_cmds_need_lc_CXX+y} then : printf %s "(cached) " >&6 -else $as_nop - $RM conftest* +else case e in #( + e) $RM conftest* echo "$lt_simple_compile_test_code" > conftest.$ac_ext if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 @@ -17647,7 +17961,8 @@ else $as_nop cat conftest.err 1>&5 fi $RM conftest* - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc_CXX" >&5 printf "%s\n" "$lt_cv_archive_cmds_need_lc_CXX" >&6; } @@ -17911,7 +18226,7 @@ cygwin* | mingw* | pw32* | cegcc*) case $host_os in cygwin*) # Cygwin DLLs use 'cyg' prefix rather than 'lib' - soname_spec='`echo $libname | sed -e 's/^lib/cyg/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' + soname_spec='`echo $libname | $SED -e 's/^lib/cyg/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' ;; mingw* | cegcc*) @@ -17920,14 +18235,14 @@ cygwin* | mingw* | pw32* | cegcc*) ;; pw32*) # pw32 DLLs use 'pw' prefix rather than 'lib' - library_names_spec='`echo $libname | sed -e 's/^lib/pw/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' + library_names_spec='`echo $libname | $SED -e 's/^lib/pw/'``echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' ;; esac dynamic_linker='Win32 ld.exe' ;; - *,cl*) - # Native MSVC + *,cl* | *,icl*) + # Native MSVC or ICC libname_spec='$name' soname_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext' library_names_spec='$libname.dll.lib' @@ -17946,7 +18261,7 @@ cygwin* | mingw* | pw32* | cegcc*) done IFS=$lt_save_ifs # Convert to MSYS style. - sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` ;; cygwin*) # Convert to unix form, then to dos form, then back to unix form @@ -17983,7 +18298,7 @@ cygwin* | mingw* | pw32* | cegcc*) ;; *) - # Assume MSVC wrapper + # Assume MSVC and ICC wrapper library_names_spec='$libname`echo $release | $SED -e 's/[.]/-/g'`$versuffix$shared_ext $libname.lib' dynamic_linker='Win32 ld.exe' ;; @@ -18015,7 +18330,7 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd* | dragonfly*) +freebsd* | dragonfly* | midnightbsd*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. if test -x /usr/bin/objformat; then @@ -18211,8 +18526,8 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) if test ${lt_cv_shlibpath_overrides_runpath+y} then : printf %s "(cached) " >&6 -else $as_nop - lt_cv_shlibpath_overrides_runpath=no +else case e in #( + e) lt_cv_shlibpath_overrides_runpath=no save_LDFLAGS=$LDFLAGS save_libdir=$libdir eval "libdir=/foo; wl=\"$lt_prog_compiler_wl_CXX\"; \ @@ -18239,7 +18554,8 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LDFLAGS=$save_LDFLAGS libdir=$save_libdir - + ;; +esac fi shlibpath_overrides_runpath=$lt_cv_shlibpath_overrides_runpath @@ -18630,13 +18946,14 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu # Only expand once: + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5 printf %s "checking whether byte ordering is bigendian... " >&6; } if test ${ac_cv_c_bigendian+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_c_bigendian=unknown +else case e in #( + e) ac_cv_c_bigendian=unknown # See if we're dealing with a universal compiler. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -18682,8 +18999,8 @@ rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext int main (void) { -#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \ - && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \ +#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \\ + && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \\ && LITTLE_ENDIAN) bogus endian macros #endif @@ -18714,8 +19031,9 @@ _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_cv_c_bigendian=yes -else $as_nop - ac_cv_c_bigendian=no +else case e in #( + e) ac_cv_c_bigendian=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi @@ -18759,8 +19077,9 @@ _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_cv_c_bigendian=yes -else $as_nop - ac_cv_c_bigendian=no +else case e in #( + e) ac_cv_c_bigendian=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext fi @@ -18787,22 +19106,23 @@ unsigned short int ascii_mm[] = int use_ebcdic (int i) { return ebcdic_mm[i] + ebcdic_ii[i]; } - extern int foo; - -int -main (void) -{ -return use_ascii (foo) == use_ebcdic (foo); - ; - return 0; -} + int + main (int argc, char **argv) + { + /* Intimidate the compiler so that it does not + optimize the arrays away. */ + char *p = argv[0]; + ascii_mm[1] = *p++; ebcdic_mm[1] = *p++; + ascii_ii[1] = *p++; ebcdic_ii[1] = *p++; + return use_ascii (argc) == use_ebcdic (*p); + } _ACEOF -if ac_fn_c_try_compile "$LINENO" +if ac_fn_c_try_link "$LINENO" then : - if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then + if grep BIGenDianSyS conftest$ac_exeext >/dev/null; then ac_cv_c_bigendian=yes fi - if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then + if grep LiTTleEnDian conftest$ac_exeext >/dev/null ; then if test "$ac_cv_c_bigendian" = unknown; then ac_cv_c_bigendian=no else @@ -18811,9 +19131,10 @@ then : fi fi fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int @@ -18836,14 +19157,17 @@ _ACEOF if ac_fn_c_try_run "$LINENO" then : ac_cv_c_bigendian=no -else $as_nop - ac_cv_c_bigendian=yes +else case e in #( + e) ac_cv_c_bigendian=yes ;; +esac fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext + conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac fi - fi + fi ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_bigendian" >&5 printf "%s\n" "$ac_cv_c_bigendian" >&6; } @@ -18864,110 +19188,243 @@ printf "%s\n" "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h esac -# Check whether --enable-largefile was given. -if test ${enable_largefile+y} +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}windres", so it can be a program name with args. +set dummy ${ac_tool_prefix}windres; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_RC+y} then : - enableval=$enable_largefile; + printf %s "(cached) " >&6 +else case e in #( + e) if test -n "$RC"; then + ac_cv_prog_RC="$RC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_RC="${ac_tool_prefix}windres" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi ;; +esac +fi +RC=$ac_cv_prog_RC +if test -n "$RC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $RC" >&5 +printf "%s\n" "$RC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi -if test "$enable_largefile" != no; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for special C compiler options needed for large files" >&5 -printf %s "checking for special C compiler options needed for large files... " >&6; } -if test ${ac_cv_sys_largefile_CC+y} +fi +if test -z "$ac_cv_prog_RC"; then + ac_ct_RC=$RC + # Extract the first word of "windres", so it can be a program name with args. +set dummy windres; ac_word=$2 +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +printf %s "checking for $ac_word... " >&6; } +if test ${ac_cv_prog_ac_ct_RC+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_sys_largefile_CC=no - if test "$GCC" != yes; then - ac_save_CC=$CC - while :; do - # IRIX 6.2 and later do not support large files by default, - # so use the C compiler's -n32 option if that helps. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main (void) -{ +else case e in #( + e) if test -n "$ac_ct_RC"; then + ac_cv_prog_ac_ct_RC="$ac_ct_RC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_RC="windres" + printf "%s\n" "$as_me:${as_lineno-$LINENO}: found $as_dir$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - ; - return 0; -} -_ACEOF - if ac_fn_c_try_compile "$LINENO" -then : - break +fi ;; +esac fi -rm -f core conftest.err conftest.$ac_objext conftest.beam - CC="$CC -n32" - if ac_fn_c_try_compile "$LINENO" -then : - ac_cv_sys_largefile_CC=' -n32'; break +ac_ct_RC=$ac_cv_prog_ac_ct_RC +if test -n "$ac_ct_RC"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RC" >&5 +printf "%s\n" "$ac_ct_RC" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } fi -rm -f core conftest.err conftest.$ac_objext conftest.beam - break - done - CC=$ac_save_CC - rm -f conftest.$ac_ext - fi -fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_CC" >&5 -printf "%s\n" "$ac_cv_sys_largefile_CC" >&6; } - if test "$ac_cv_sys_largefile_CC" != no; then - CC=$CC$ac_cv_sys_largefile_CC + + if test "x$ac_ct_RC" = x; then + RC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +printf "%s\n" "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + RC=$ac_ct_RC fi +else + RC="$ac_cv_prog_RC" +fi + + + + +# Source file extension for RC test sources. +ac_ext=rc + +# Object file extension for compiled RC test sources. +objext=o +objext_RC=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code='sample MENU { MENUITEM "&Soup", 100, CHECKED }' + +# Code to be used in simple link tests +lt_simple_link_test_code=$lt_simple_compile_test_code + +# ltmain only uses $CC for tagged configurations so make sure $CC is set. + + + + + + +# If no C compiler was specified, use CC. +LTCC=${LTCC-"$CC"} + +# If no C compiler flags were specified, use CFLAGS. +LTCFLAGS=${LTCFLAGS-"$CFLAGS"} + +# Allow CC to be a program name with arguments. +compiler=$CC + + +# save warnings/boilerplate of simple test code +ac_outfile=conftest.$ac_objext +echo "$lt_simple_compile_test_code" >conftest.$ac_ext +eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_compiler_boilerplate=`cat conftest.err` +$RM conftest* + +ac_outfile=conftest.$ac_objext +echo "$lt_simple_link_test_code" >conftest.$ac_ext +eval "$ac_link" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err +_lt_linker_boilerplate=`cat conftest.err` +$RM -r conftest* + + +# Allow CC to be a program name with arguments. +lt_save_CC=$CC +lt_save_CFLAGS=$CFLAGS +lt_save_GCC=$GCC +GCC= +CC=${RC-"windres"} +CFLAGS= +compiler=$CC +compiler_RC=$CC +func_cc_basename $compiler +cc_basename=$func_cc_basename_result + +lt_cv_prog_compiler_c_o_RC=yes + +if test -n "$compiler"; then + : + + + +fi + +GCC=$lt_save_GCC +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS + - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for _FILE_OFFSET_BITS value needed for large files" >&5 -printf %s "checking for _FILE_OFFSET_BITS value needed for large files... " >&6; } -if test ${ac_cv_sys_file_offset_bits+y} +case $host in + *-*-msys | *-*-cygwin* | *-*-cegcc*) + # These are POSIX-like systems using BSD-like sockets API. + ;; + *) + for ac_header in windows.h +do : + ac_fn_c_check_header_compile "$LINENO" "windows.h" "ac_cv_header_windows_h" "$ac_includes_default" +if test "x$ac_cv_header_windows_h" = xyes then : - printf %s "(cached) " >&6 -else $as_nop - while :; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main (void) -{ + printf "%s\n" "#define HAVE_WINDOWS_H 1" >>confdefs.h + have_windows_h=yes +else case e in #( + e) have_windows_h=no ;; +esac +fi - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO" +done + ;; +esac + +# Check whether --enable-largefile was given. +if test ${enable_largefile+y} then : - ac_cv_sys_file_offset_bits=no; break + enableval=$enable_largefile; fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +if test "$enable_largefile,$enable_year2038" != no,no +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable large file support" >&5 +printf %s "checking for $CC option to enable large file support... " >&6; } +if test ${ac_cv_sys_largefile_opts+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) ac_save_CC="$CC" + ac_opt_found=no + for ac_opt in "none needed" "-D_FILE_OFFSET_BITS=64" "-D_LARGE_FILES=1" "-n32"; do + if test x"$ac_opt" != x"none needed" +then : + CC="$ac_save_CC $ac_opt" +fi + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#define _FILE_OFFSET_BITS 64 #include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, +#ifndef FTYPE +# define FTYPE off_t +#endif + /* Check that FTYPE can represent 2**63 - 1 correctly. + We can't simply define LARGE_FTYPE to be 9223372036854775807, since some C++ compilers masquerading as C compilers incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) +#define LARGE_FTYPE (((FTYPE) 1 << 31 << 31) - 1 + ((FTYPE) 1 << 31 << 31)) + int FTYPE_is_large[(LARGE_FTYPE % 2147483629 == 721 + && LARGE_FTYPE % 2147483647 == 1) ? 1 : -1]; int main (void) @@ -18979,66 +19436,86 @@ main (void) _ACEOF if ac_fn_c_try_compile "$LINENO" then : - ac_cv_sys_file_offset_bits=64; break + if test x"$ac_opt" = x"none needed" +then : + # GNU/Linux s390x and alpha need _FILE_OFFSET_BITS=64 for wide ino_t. + CC="$CC -DFTYPE=ino_t" + if ac_fn_c_try_compile "$LINENO" +then : + +else case e in #( + e) CC="$CC -D_FILE_OFFSET_BITS=64" + if ac_fn_c_try_compile "$LINENO" +then : + ac_opt='-D_FILE_OFFSET_BITS=64' +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam ;; +esac +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam +fi + ac_cv_sys_largefile_opts=$ac_opt + ac_opt_found=yes fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - ac_cv_sys_file_offset_bits=unknown - break -done + test $ac_opt_found = no || break + done + CC="$ac_save_CC" + + test $ac_opt_found = yes || ac_cv_sys_largefile_opts="support not detected" ;; +esac fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_file_offset_bits" >&5 -printf "%s\n" "$ac_cv_sys_file_offset_bits" >&6; } -case $ac_cv_sys_file_offset_bits in #( - no | unknown) ;; - *) -printf "%s\n" "#define _FILE_OFFSET_BITS $ac_cv_sys_file_offset_bits" >>confdefs.h -;; +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_largefile_opts" >&5 +printf "%s\n" "$ac_cv_sys_largefile_opts" >&6; } + +ac_have_largefile=yes +case $ac_cv_sys_largefile_opts in #( + "none needed") : + ;; #( + "supported through gnulib") : + ;; #( + "support not detected") : + ac_have_largefile=no ;; #( + "-D_FILE_OFFSET_BITS=64") : + +printf "%s\n" "#define _FILE_OFFSET_BITS 64" >>confdefs.h + ;; #( + "-D_LARGE_FILES=1") : + +printf "%s\n" "#define _LARGE_FILES 1" >>confdefs.h + ;; #( + "-n32") : + CC="$CC -n32" ;; #( + *) : + as_fn_error $? "internal error: bad value for \$ac_cv_sys_largefile_opts" "$LINENO" 5 ;; esac -rm -rf conftest* - if test $ac_cv_sys_file_offset_bits = unknown; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for _LARGE_FILES value needed for large files" >&5 -printf %s "checking for _LARGE_FILES value needed for large files... " >&6; } -if test ${ac_cv_sys_large_files+y} + +if test "$enable_year2038" != no +then : + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC option for timestamps after 2038" >&5 +printf %s "checking for $CC option for timestamps after 2038... " >&6; } +if test ${ac_cv_sys_year2038_opts+y} then : printf %s "(cached) " >&6 -else $as_nop - while :; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; -int -main (void) -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO" +else case e in #( + e) ac_save_CPPFLAGS="$CPPFLAGS" + ac_opt_found=no + for ac_opt in "none needed" "-D_TIME_BITS=64" "-D__MINGW_USE_VC2005_COMPAT" "-U_USE_32_BIT_TIME_T -D__MINGW_USE_VC2005_COMPAT"; do + if test x"$ac_opt" != x"none needed" then : - ac_cv_sys_large_files=no; break + CPPFLAGS="$ac_save_CPPFLAGS $ac_opt" fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#define _LARGE_FILES 1 -#include - /* Check that off_t can represent 2**63 - 1 correctly. - We can't simply define LARGE_OFF_T to be 9223372036854775807, - since some C++ compilers masquerading as C compilers - incorrectly reject 9223372036854775807. */ -#define LARGE_OFF_T (((off_t) 1 << 31 << 31) - 1 + ((off_t) 1 << 31 << 31)) - int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721 - && LARGE_OFF_T % 2147483647 == 1) - ? 1 : -1]; + + #include + /* Check that time_t can represent 2**32 - 1 correctly. */ + #define LARGE_TIME_T \\ + ((time_t) (((time_t) 1 << 30) - 1 + 3 * ((time_t) 1 << 30))) + int verify_time_t_range[(LARGE_TIME_T / 65537 == 65535 + && LARGE_TIME_T % 65537 == 0) + ? 1 : -1]; + int main (void) { @@ -19049,31 +19526,52 @@ main (void) _ACEOF if ac_fn_c_try_compile "$LINENO" then : - ac_cv_sys_large_files=1; break + ac_cv_sys_year2038_opts="$ac_opt" + ac_opt_found=yes fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - ac_cv_sys_large_files=unknown - break -done + test $ac_opt_found = no || break + done + CPPFLAGS="$ac_save_CPPFLAGS" + test $ac_opt_found = yes || ac_cv_sys_year2038_opts="support not detected" ;; +esac fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_large_files" >&5 -printf "%s\n" "$ac_cv_sys_large_files" >&6; } -case $ac_cv_sys_large_files in #( - no | unknown) ;; - *) -printf "%s\n" "#define _LARGE_FILES $ac_cv_sys_large_files" >>confdefs.h -;; +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sys_year2038_opts" >&5 +printf "%s\n" "$ac_cv_sys_year2038_opts" >&6; } + +ac_have_year2038=yes +case $ac_cv_sys_year2038_opts in #( + "none needed") : + ;; #( + "support not detected") : + ac_have_year2038=no ;; #( + "-D_TIME_BITS=64") : + +printf "%s\n" "#define _TIME_BITS 64" >>confdefs.h + ;; #( + "-D__MINGW_USE_VC2005_COMPAT") : + +printf "%s\n" "#define __MINGW_USE_VC2005_COMPAT 1" >>confdefs.h + ;; #( + "-U_USE_32_BIT_TIME_T"*) : + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} +as_fn_error $? "the 'time_t' type is currently forced to be 32-bit. It +will stop working after mid-January 2038. Remove +_USE_32BIT_TIME_T from the compiler flags. +See 'config.log' for more details" "$LINENO" 5; } ;; #( + *) : + as_fn_error $? "internal error: bad value for \$ac_cv_sys_year2038_opts" "$LINENO" 5 ;; esac -rm -rf conftest* - fi + fi +fi # Crypto backends found_crypto=none found_crypto_str="" -support_clear_memory=no crypto_errors="" @@ -19082,18 +19580,20 @@ crypto_errors="" + # Check whether --with-crypto was given. if test ${with_crypto+y} then : withval=$with_crypto; use_crypto=$withval -else $as_nop - use_crypto=auto - +else case e in #( + e) use_crypto=auto + ;; +esac fi case "${use_crypto}" in - auto|openssl|libgcrypt|mbedtls|wincng) + auto|openssl|libgcrypt|mbedtls|wincng|wolfssl) if test "X$prefix" = "XNONE"; then acl_final_prefix="$ac_default_prefix" @@ -19115,8 +19615,9 @@ case "${use_crypto}" in if test ${with_gnu_ld+y} then : withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes -else $as_nop - with_gnu_ld=no +else case e in #( + e) with_gnu_ld=no ;; +esac fi # Prepare PATH_SEPARATOR. @@ -19151,7 +19652,7 @@ printf %s "checking for ld used by GCC... " >&6; } # Canonicalize the path of ld ac_prog=`echo $ac_prog| sed 's%\\\\%/%g'` while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do - ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"` + ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"` done test -z "$LD" && LD="$ac_prog" ;; @@ -19174,8 +19675,8 @@ fi if test ${acl_cv_path_LD+y} then : printf %s "(cached) " >&6 -else $as_nop - if test -z "$LD"; then +else case e in #( + e) if test -z "$LD"; then IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR-:}" for ac_dir in $PATH; do test -z "$ac_dir" && ac_dir=. @@ -19186,16 +19687,17 @@ else $as_nop # Break only if it was the GNU/non-GNU ld that we prefer. case `"$acl_cv_path_LD" -v 2>&1 < /dev/null` in *GNU* | *'with BFD'*) - test "$with_gnu_ld" != no && break ;; + test "$with_gnu_ld" != no && break ;; *) - test "$with_gnu_ld" != yes && break ;; + test "$with_gnu_ld" != yes && break ;; esac fi done IFS="$ac_save_ifs" else acl_cv_path_LD="$LD" # Let the user override the test with a path. -fi +fi ;; +esac fi LD="$acl_cv_path_LD" @@ -19212,13 +19714,14 @@ printf %s "checking if the linker ($LD) is GNU ld... " >&6; } if test ${acl_cv_prog_gnu_ld+y} then : printf %s "(cached) " >&6 -else $as_nop - # I'd rather use --version here, but apparently some GNU ld's only accept -v. +else case e in #( + e) # I'd rather use --version here, but apparently some GNU ld's only accept -v. case `$LD -v 2>&1 &5 @@ -19234,14 +19737,15 @@ printf %s "checking for shared library run path origin... " >&6; } if test ${acl_cv_rpath+y} then : printf %s "(cached) " >&6 -else $as_nop - +else case e in #( + e) CC="$CC" GCC="$GCC" LDFLAGS="$LDFLAGS" LD="$LD" with_gnu_ld="$with_gnu_ld" \ ${CONFIG_SHELL-/bin/sh} "$ac_aux_dir/config.rpath" "$host" > conftest.sh . ./conftest.sh rm -f ./conftest.sh acl_cv_rpath=done - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $acl_cv_rpath" >&5 printf "%s\n" "$acl_cv_rpath" >&6; } @@ -19258,8 +19762,9 @@ printf "%s\n" "$acl_cv_rpath" >&6; } if test ${enable_rpath+y} then : enableval=$enable_rpath; : -else $as_nop - enable_rpath=yes +else case e in #( + e) enable_rpath=yes ;; +esac fi @@ -19767,8 +20272,8 @@ printf %s "checking for libssl... " >&6; } if test ${ac_cv_libssl+y} then : printf %s "(cached) " >&6 -else $as_nop - +else case e in #( + e) ac_save_LIBS="$LIBS" LIBS="$LIBS $LIBSSL" cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -19785,13 +20290,15 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_libssl=yes -else $as_nop - ac_cv_libssl=no +else case e in #( + e) ac_cv_libssl=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libssl" >&5 printf "%s\n" "$ac_cv_libssl" >&6; } @@ -19819,32 +20326,18 @@ printf "%s\n" "$LIBSSL" >&6; } - LDFLAGS="$libssh2_save_LDFLAGS" - if test "$ac_cv_libssl" = "yes"; then : printf "%s\n" "#define LIBSSH2_OPENSSL 1" >>confdefs.h - LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }libssl libcrypto" - - # Not all OpenSSL have AES-CTR functions. - libssh2_save_LIBS="$LIBS" - LIBS="$LIBS $LIBSSL" - ac_fn_c_check_func "$LINENO" "EVP_aes_128_ctr" "ac_cv_func_EVP_aes_128_ctr" -if test "x$ac_cv_func_EVP_aes_128_ctr" = xyes -then : - printf "%s\n" "#define HAVE_EVP_AES_128_CTR 1" >>confdefs.h - -fi - - LIBS="$libssh2_save_LIBS" - + LIBSSH2_PC_REQUIRES_PRIVATE="$LIBSSH2_PC_REQUIRES_PRIVATE${LIBSSH2_PC_REQUIRES_PRIVATE:+,}libcrypto" found_crypto="openssl" - found_crypto_str="OpenSSL (AES-CTR: ${ac_cv_func_EVP_aes_128_ctr:-N/A})" + found_crypto_str="OpenSSL" else CPPFLAGS="$libssh2_save_CPPFLAGS" + LDFLAGS="$libssh2_save_LDFLAGS" fi @@ -20337,8 +20830,8 @@ printf %s "checking for libgcrypt... " >&6; } if test ${ac_cv_libgcrypt+y} then : printf %s "(cached) " >&6 -else $as_nop - +else case e in #( + e) ac_save_LIBS="$LIBS" LIBS="$LIBS $LIBGCRYPT" cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -20355,13 +20848,15 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_libgcrypt=yes -else $as_nop - ac_cv_libgcrypt=no +else case e in #( + e) ac_cv_libgcrypt=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libgcrypt" >&5 printf "%s\n" "$ac_cv_libgcrypt" >&6; } @@ -20389,17 +20884,17 @@ printf "%s\n" "$LIBGCRYPT" >&6; } - LDFLAGS="$libssh2_save_LDFLAGS" - if test "$ac_cv_libgcrypt" = "yes"; then : printf "%s\n" "#define LIBSSH2_LIBGCRYPT 1" >>confdefs.h + LIBSSH2_PC_REQUIRES_PRIVATE="$LIBSSH2_PC_REQUIRES_PRIVATE${LIBSSH2_PC_REQUIRES_PRIVATE:+,}libgcrypt" found_crypto="libgcrypt" else CPPFLAGS="$libssh2_save_CPPFLAGS" + LDFLAGS="$libssh2_save_LDFLAGS" fi @@ -20892,8 +21387,8 @@ printf %s "checking for libmbedcrypto... " >&6; } if test ${ac_cv_libmbedcrypto+y} then : printf %s "(cached) " >&6 -else $as_nop - +else case e in #( + e) ac_save_LIBS="$LIBS" LIBS="$LIBS $LIBMBEDCRYPTO" cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -20910,13 +21405,15 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_libmbedcrypto=yes -else $as_nop - ac_cv_libmbedcrypto=no +else case e in #( + e) ac_cv_libmbedcrypto=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libmbedcrypto" >&5 printf "%s\n" "$ac_cv_libmbedcrypto" >&6; } @@ -20944,8 +21441,6 @@ printf "%s\n" "$LIBMBEDCRYPTO" >&6; } - LDFLAGS="$libssh2_save_LDFLAGS" - if test "$ac_cv_libmbedcrypto" = "yes"; then : @@ -20953,10 +21448,10 @@ printf "%s\n" "#define LIBSSH2_MBEDTLS 1" >>confdefs.h LIBS="$LIBS -lmbedcrypto" found_crypto="mbedtls" - support_clear_memory=yes else CPPFLAGS="$libssh2_save_CPPFLAGS" + LDFLAGS="$libssh2_save_LDFLAGS" fi @@ -20964,125 +21459,23 @@ printf "%s\n" "#define LIBSSH2_MBEDTLS 1" >>confdefs.h crypto_errors="${crypto_errors}No mbedtls crypto library found! " fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for $CC options needed to detect all undeclared functions" >&5 -printf %s "checking for $CC options needed to detect all undeclared functions... " >&6; } -if test ${ac_cv_c_undeclared_builtin_options+y} -then : - printf %s "(cached) " >&6 -else $as_nop - ac_save_CFLAGS=$CFLAGS - ac_cv_c_undeclared_builtin_options='cannot detect' - for ac_arg in '' -fno-builtin; do - CFLAGS="$ac_save_CFLAGS $ac_arg" - # This test program should *not* compile successfully. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -int -main (void) -{ -(void) strchr; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO" -then : +if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_crypto" = "wincng"; then -else $as_nop - # This test program should compile successfully. - # No library function is consistently available on - # freestanding implementations, so test against a dummy - # declaration. Include always-available headers on the - # off chance that they somehow elicit warnings. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#include -#include -extern void ac_decl (int, char *); + if test "x$have_windows_h" = "xyes"; then + # Look for Windows Cryptography API: Next Generation -int -main (void) -{ -(void) ac_decl (0, (char *) 0); - (void) ac_decl; + LIBS="$LIBS -lcrypt32" - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO" -then : - if test x"$ac_arg" = x -then : - ac_cv_c_undeclared_builtin_options='none needed' -else $as_nop - ac_cv_c_undeclared_builtin_options=$ac_arg -fi - break -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - done - CFLAGS=$ac_save_CFLAGS - -fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_undeclared_builtin_options" >&5 -printf "%s\n" "$ac_cv_c_undeclared_builtin_options" >&6; } - case $ac_cv_c_undeclared_builtin_options in #( - 'cannot detect') : - { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "cannot make $CC report undeclared builtins -See \`config.log' for more details" "$LINENO" 5; } ;; #( - 'none needed') : - ac_c_undeclared_builtin_options='' ;; #( - *) : - ac_c_undeclared_builtin_options=$ac_cv_c_undeclared_builtin_options ;; -esac + # Check necessary for old-MinGW + libssh2_save_CPPFLAGS="$CPPFLAGS" + libssh2_save_LDFLAGS="$LDFLAGS" -if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_crypto" = "wincng"; then - - # Look for Windows Cryptography API: Next Generation - - ac_fn_c_check_header_compile "$LINENO" "ntdef.h" "ac_cv_header_ntdef_h" "#include -" -if test "x$ac_cv_header_ntdef_h" = xyes -then : - printf "%s\n" "#define HAVE_NTDEF_H 1" >>confdefs.h - -fi -ac_fn_c_check_header_compile "$LINENO" "ntstatus.h" "ac_cv_header_ntstatus_h" "#include -" -if test "x$ac_cv_header_ntstatus_h" = xyes -then : - printf "%s\n" "#define HAVE_NTSTATUS_H 1" >>confdefs.h - -fi - - ac_fn_check_decl "$LINENO" "SecureZeroMemory" "ac_cv_have_decl_SecureZeroMemory" "#include -" "$ac_c_undeclared_builtin_options" "CFLAGS" -if test "x$ac_cv_have_decl_SecureZeroMemory" = xyes -then : - ac_have_decl=1 -else $as_nop - ac_have_decl=0 -fi -printf "%s\n" "#define HAVE_DECL_SECUREZEROMEMORY $ac_have_decl" >>confdefs.h - - - - libssh2_save_CPPFLAGS="$CPPFLAGS" - libssh2_save_LDFLAGS="$LDFLAGS" - - if test "${with_libcrypt32_prefix+set}" = set; then - CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_libcrypt32_prefix}/include" - LDFLAGS="$LDFLAGS${LDFLAGS:+ }-L${with_libcrypt32_prefix}/lib" - fi + if test "${with_libbcrypt_prefix+set}" = set; then + CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_libbcrypt_prefix}/include" + LDFLAGS="$LDFLAGS${LDFLAGS:+ }-L${with_libbcrypt_prefix}/lib" + fi @@ -21108,10 +21501,10 @@ printf "%s\n" "#define HAVE_DECL_SECUREZEROMEMORY $ac_have_decl" >>confdefs.h prefix="$acl_save_prefix" -# Check whether --with-libcrypt32-prefix was given. -if test ${with_libcrypt32_prefix+y} +# Check whether --with-libbcrypt-prefix was given. +if test ${with_libbcrypt_prefix+y} then : - withval=$with_libcrypt32_prefix; + withval=$with_libbcrypt_prefix; if test "X$withval" = "Xno"; then use_additional=no else @@ -21136,14 +21529,14 @@ then : fi - LIBCRYPT32= - LTLIBCRYPT32= - INCCRYPT32= - LIBCRYPT32_PREFIX= + LIBBCRYPT= + LTLIBBCRYPT= + INCBCRYPT= + LIBBCRYPT_PREFIX= rpathdirs= ltrpathdirs= names_already_handled= - names_next_round='crypt32 ' + names_next_round='bcrypt ' while test -n "$names_next_round"; do names_this_round="$names_next_round" names_next_round= @@ -21162,9 +21555,9 @@ fi if test -n "$value"; then if test "$value" = yes; then eval value=\"\$LIB$uppername\" - test -z "$value" || LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$value" + test -z "$value" || LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$value" eval value=\"\$LTLIB$uppername\" - test -z "$value" || LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }$value" + test -z "$value" || LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }$value" else : fi @@ -21221,7 +21614,7 @@ fi fi fi if test "X$found_dir" = "X"; then - for x in $LDFLAGS $LTLIBCRYPT32; do + for x in $LDFLAGS $LTLIBBCRYPT; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21280,10 +21673,10 @@ fi done fi if test "X$found_dir" != "X"; then - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }-L$found_dir -l$name" + LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }-L$found_dir -l$name" if test "X$found_so" != "X"; then if test "$enable_rpath" = no || test "X$found_dir" = "X/usr/$acl_libdirstem"; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_so" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_so" else haveit= for x in $ltrpathdirs; do @@ -21296,10 +21689,10 @@ fi ltrpathdirs="$ltrpathdirs $found_dir" fi if test "$acl_hardcode_direct" = yes; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_so" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_so" else if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_so" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_so" haveit= for x in $rpathdirs; do if test "X$x" = "X$found_dir"; then @@ -21312,7 +21705,7 @@ fi fi else haveit= - for x in $LDFLAGS $LIBCRYPT32; do + for x in $LDFLAGS $LIBBCRYPT; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21328,28 +21721,28 @@ fi fi done if test -z "$haveit"; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-L$found_dir" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-L$found_dir" fi if test "$acl_hardcode_minus_L" != no; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_so" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_so" else - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-l$name" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-l$name" fi fi fi fi else if test "X$found_a" != "X"; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$found_a" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_a" else - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-L$found_dir -l$name" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-L$found_dir -l$name" fi fi additional_includedir= case "$found_dir" in */$acl_libdirstem | */$acl_libdirstem/) basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'` - LIBCRYPT32_PREFIX="$basedir" + LIBBCRYPT_PREFIX="$basedir" additional_includedir="$basedir/include" ;; esac @@ -21364,7 +21757,7 @@ fi fi fi if test -z "$haveit"; then - for x in $CPPFLAGS $INCCRYPT32; do + for x in $CPPFLAGS $INCBCRYPT; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21381,7 +21774,7 @@ fi done if test -z "$haveit"; then if test -d "$additional_includedir"; then - INCCRYPT32="${INCCRYPT32}${INCCRYPT32:+ }-I$additional_includedir" + INCBCRYPT="${INCBCRYPT}${INCBCRYPT:+ }-I$additional_includedir" fi fi fi @@ -21409,7 +21802,7 @@ fi fi if test -z "$haveit"; then haveit= - for x in $LDFLAGS $LIBCRYPT32; do + for x in $LDFLAGS $LIBBCRYPT; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21426,11 +21819,11 @@ fi done if test -z "$haveit"; then if test -d "$additional_libdir"; then - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-L$additional_libdir" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-L$additional_libdir" fi fi haveit= - for x in $LDFLAGS $LTLIBCRYPT32; do + for x in $LDFLAGS $LTLIBBCRYPT; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21447,7 +21840,7 @@ fi done if test -z "$haveit"; then if test -d "$additional_libdir"; then - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }-L$additional_libdir" + LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }-L$additional_libdir" fi fi fi @@ -21485,15 +21878,15 @@ fi names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` ;; *) - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$dep" - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }$dep" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$dep" + LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }$dep" ;; esac done fi else - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }-l$name" - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }-l$name" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-l$name" + LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }-l$name" fi fi fi @@ -21509,27 +21902,27 @@ fi libdir="$alldirs" eval flag=\"$acl_hardcode_libdir_flag_spec\" libdir="$acl_save_libdir" - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$flag" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$flag" else for found_dir in $rpathdirs; do acl_save_libdir="$libdir" libdir="$found_dir" eval flag=\"$acl_hardcode_libdir_flag_spec\" libdir="$acl_save_libdir" - LIBCRYPT32="${LIBCRYPT32}${LIBCRYPT32:+ }$flag" + LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$flag" done fi fi if test "X$ltrpathdirs" != "X"; then for found_dir in $ltrpathdirs; do - LTLIBCRYPT32="${LTLIBCRYPT32}${LTLIBCRYPT32:+ }-R$found_dir" + LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }-R$found_dir" done fi ac_save_CPPFLAGS="$CPPFLAGS" - for element in $INCCRYPT32; do + for element in $INCBCRYPT; do haveit= for x in $CPPFLAGS; do @@ -21552,20 +21945,20 @@ fi done - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libcrypt32" >&5 -printf %s "checking for libcrypt32... " >&6; } -if test ${ac_cv_libcrypt32+y} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libbcrypt" >&5 +printf %s "checking for libbcrypt... " >&6; } +if test ${ac_cv_libbcrypt+y} then : printf %s "(cached) " >&6 -else $as_nop - +else case e in #( + e) ac_save_LIBS="$LIBS" - LIBS="$LIBS $LIBCRYPT32" + LIBS="$LIBS $LIBBCRYPT" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - #include - #include + #include + #include int main (void) @@ -21577,32 +21970,34 @@ main (void) _ACEOF if ac_fn_c_try_link "$LINENO" then : - ac_cv_libcrypt32=yes -else $as_nop - ac_cv_libcrypt32=no + ac_cv_libbcrypt=yes +else case e in #( + e) ac_cv_libbcrypt=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" - + ;; +esac fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libcrypt32" >&5 -printf "%s\n" "$ac_cv_libcrypt32" >&6; } - if test "$ac_cv_libcrypt32" = yes; then - HAVE_LIBCRYPT32=yes +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libbcrypt" >&5 +printf "%s\n" "$ac_cv_libbcrypt" >&6; } + if test "$ac_cv_libbcrypt" = yes; then + HAVE_LIBBCRYPT=yes -printf "%s\n" "#define HAVE_LIBCRYPT32 1" >>confdefs.h +printf "%s\n" "#define HAVE_LIBBCRYPT 1" >>confdefs.h - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libcrypt32" >&5 -printf %s "checking how to link with libcrypt32... " >&6; } - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBCRYPT32" >&5 -printf "%s\n" "$LIBCRYPT32" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libbcrypt" >&5 +printf %s "checking how to link with libbcrypt... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBBCRYPT" >&5 +printf "%s\n" "$LIBBCRYPT" >&6; } else - HAVE_LIBCRYPT32=no + HAVE_LIBBCRYPT=no CPPFLAGS="$ac_save_CPPFLAGS" - LIBCRYPT32= - LTLIBCRYPT32= - LIBCRYPT32_PREFIX= + LIBBCRYPT= + LTLIBBCRYPT= + LIBBCRYPT_PREFIX= fi @@ -21612,21 +22007,35 @@ printf "%s\n" "$LIBCRYPT32" >&6; } - LDFLAGS="$libssh2_save_LDFLAGS" + if test "$ac_cv_libbcrypt" = "yes"; then : + + +printf "%s\n" "#define LIBSSH2_WINCNG 1" >>confdefs.h - if test "$ac_cv_libcrypt32" = "yes"; then : + found_crypto="wincng" + found_crypto_str="Windows Cryptography API: Next Generation" else CPPFLAGS="$libssh2_save_CPPFLAGS" + LDFLAGS="$libssh2_save_LDFLAGS" + fi + fi + test "$found_crypto" = "none" && + crypto_errors="${crypto_errors}No wincng crypto library found! +" +fi + +if test "$use_crypto" = "auto" && test "$found_crypto" = "none" || test "$use_crypto" = "wolfssl"; then + libssh2_save_CPPFLAGS="$CPPFLAGS" libssh2_save_LDFLAGS="$LDFLAGS" - if test "${with_libbcrypt_prefix+set}" = set; then - CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_libbcrypt_prefix}/include" - LDFLAGS="$LDFLAGS${LDFLAGS:+ }-L${with_libbcrypt_prefix}/lib" + if test "${with_libwolfssl_prefix+set}" = set; then + CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-I${with_libwolfssl_prefix}/include" + LDFLAGS="$LDFLAGS${LDFLAGS:+ }-L${with_libwolfssl_prefix}/lib" fi @@ -21653,10 +22062,10 @@ printf "%s\n" "$LIBCRYPT32" >&6; } prefix="$acl_save_prefix" -# Check whether --with-libbcrypt-prefix was given. -if test ${with_libbcrypt_prefix+y} +# Check whether --with-libwolfssl-prefix was given. +if test ${with_libwolfssl_prefix+y} then : - withval=$with_libbcrypt_prefix; + withval=$with_libwolfssl_prefix; if test "X$withval" = "Xno"; then use_additional=no else @@ -21681,14 +22090,14 @@ then : fi - LIBBCRYPT= - LTLIBBCRYPT= - INCBCRYPT= - LIBBCRYPT_PREFIX= + LIBWOLFSSL= + LTLIBWOLFSSL= + INCWOLFSSL= + LIBWOLFSSL_PREFIX= rpathdirs= ltrpathdirs= names_already_handled= - names_next_round='bcrypt ' + names_next_round='wolfssl ' while test -n "$names_next_round"; do names_this_round="$names_next_round" names_next_round= @@ -21707,9 +22116,9 @@ fi if test -n "$value"; then if test "$value" = yes; then eval value=\"\$LIB$uppername\" - test -z "$value" || LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$value" + test -z "$value" || LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$value" eval value=\"\$LTLIB$uppername\" - test -z "$value" || LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }$value" + test -z "$value" || LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }$value" else : fi @@ -21766,7 +22175,7 @@ fi fi fi if test "X$found_dir" = "X"; then - for x in $LDFLAGS $LTLIBBCRYPT; do + for x in $LDFLAGS $LTLIBWOLFSSL; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21825,10 +22234,10 @@ fi done fi if test "X$found_dir" != "X"; then - LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }-L$found_dir -l$name" + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }-L$found_dir -l$name" if test "X$found_so" != "X"; then if test "$enable_rpath" = no || test "X$found_dir" = "X/usr/$acl_libdirstem"; then - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_so" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_so" else haveit= for x in $ltrpathdirs; do @@ -21841,10 +22250,10 @@ fi ltrpathdirs="$ltrpathdirs $found_dir" fi if test "$acl_hardcode_direct" = yes; then - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_so" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_so" else if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_so" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_so" haveit= for x in $rpathdirs; do if test "X$x" = "X$found_dir"; then @@ -21857,7 +22266,7 @@ fi fi else haveit= - for x in $LDFLAGS $LIBBCRYPT; do + for x in $LDFLAGS $LIBWOLFSSL; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21873,28 +22282,28 @@ fi fi done if test -z "$haveit"; then - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-L$found_dir" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-L$found_dir" fi if test "$acl_hardcode_minus_L" != no; then - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_so" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_so" else - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-l$name" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-l$name" fi fi fi fi else if test "X$found_a" != "X"; then - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$found_a" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$found_a" else - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-L$found_dir -l$name" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-L$found_dir -l$name" fi fi additional_includedir= case "$found_dir" in */$acl_libdirstem | */$acl_libdirstem/) basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'` - LIBBCRYPT_PREFIX="$basedir" + LIBWOLFSSL_PREFIX="$basedir" additional_includedir="$basedir/include" ;; esac @@ -21909,7 +22318,7 @@ fi fi fi if test -z "$haveit"; then - for x in $CPPFLAGS $INCBCRYPT; do + for x in $CPPFLAGS $INCWOLFSSL; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21926,7 +22335,7 @@ fi done if test -z "$haveit"; then if test -d "$additional_includedir"; then - INCBCRYPT="${INCBCRYPT}${INCBCRYPT:+ }-I$additional_includedir" + INCWOLFSSL="${INCWOLFSSL}${INCWOLFSSL:+ }-I$additional_includedir" fi fi fi @@ -21954,7 +22363,7 @@ fi fi if test -z "$haveit"; then haveit= - for x in $LDFLAGS $LIBBCRYPT; do + for x in $LDFLAGS $LIBWOLFSSL; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21971,11 +22380,11 @@ fi done if test -z "$haveit"; then if test -d "$additional_libdir"; then - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-L$additional_libdir" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-L$additional_libdir" fi fi haveit= - for x in $LDFLAGS $LTLIBBCRYPT; do + for x in $LDFLAGS $LTLIBWOLFSSL; do acl_save_prefix="$prefix" prefix="$acl_final_prefix" @@ -21992,7 +22401,7 @@ fi done if test -z "$haveit"; then if test -d "$additional_libdir"; then - LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }-L$additional_libdir" + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }-L$additional_libdir" fi fi fi @@ -22030,15 +22439,15 @@ fi names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` ;; *) - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$dep" - LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }$dep" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$dep" + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }$dep" ;; esac done fi else - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }-l$name" - LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }-l$name" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }-l$name" + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }-l$name" fi fi fi @@ -22054,27 +22463,27 @@ fi libdir="$alldirs" eval flag=\"$acl_hardcode_libdir_flag_spec\" libdir="$acl_save_libdir" - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$flag" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$flag" else for found_dir in $rpathdirs; do acl_save_libdir="$libdir" libdir="$found_dir" eval flag=\"$acl_hardcode_libdir_flag_spec\" libdir="$acl_save_libdir" - LIBBCRYPT="${LIBBCRYPT}${LIBBCRYPT:+ }$flag" + LIBWOLFSSL="${LIBWOLFSSL}${LIBWOLFSSL:+ }$flag" done fi fi if test "X$ltrpathdirs" != "X"; then for found_dir in $ltrpathdirs; do - LTLIBBCRYPT="${LTLIBBCRYPT}${LTLIBBCRYPT:+ }-R$found_dir" + LTLIBWOLFSSL="${LTLIBWOLFSSL}${LTLIBWOLFSSL:+ }-R$found_dir" done fi ac_save_CPPFLAGS="$CPPFLAGS" - for element in $INCBCRYPT; do + for element in $INCWOLFSSL; do haveit= for x in $CPPFLAGS; do @@ -22097,21 +22506,18 @@ fi done - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libbcrypt" >&5 -printf %s "checking for libbcrypt... " >&6; } -if test ${ac_cv_libbcrypt+y} + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libwolfssl" >&5 +printf %s "checking for libwolfssl... " >&6; } +if test ${ac_cv_libwolfssl+y} then : printf %s "(cached) " >&6 -else $as_nop - +else case e in #( + e) ac_save_LIBS="$LIBS" - LIBS="$LIBS $LIBBCRYPT" + LIBS="$LIBS $LIBWOLFSSL" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - - #include - #include - +#include int main (void) { @@ -22122,32 +22528,34 @@ main (void) _ACEOF if ac_fn_c_try_link "$LINENO" then : - ac_cv_libbcrypt=yes -else $as_nop - ac_cv_libbcrypt=no + ac_cv_libwolfssl=yes +else case e in #( + e) ac_cv_libwolfssl=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext LIBS="$ac_save_LIBS" - + ;; +esac fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libbcrypt" >&5 -printf "%s\n" "$ac_cv_libbcrypt" >&6; } - if test "$ac_cv_libbcrypt" = yes; then - HAVE_LIBBCRYPT=yes +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libwolfssl" >&5 +printf "%s\n" "$ac_cv_libwolfssl" >&6; } + if test "$ac_cv_libwolfssl" = yes; then + HAVE_LIBWOLFSSL=yes -printf "%s\n" "#define HAVE_LIBBCRYPT 1" >>confdefs.h +printf "%s\n" "#define HAVE_LIBWOLFSSL 1" >>confdefs.h - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libbcrypt" >&5 -printf %s "checking how to link with libbcrypt... " >&6; } - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBBCRYPT" >&5 -printf "%s\n" "$LIBBCRYPT" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libwolfssl" >&5 +printf %s "checking how to link with libwolfssl... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBWOLFSSL" >&5 +printf "%s\n" "$LIBWOLFSSL" >&6; } else - HAVE_LIBBCRYPT=no + HAVE_LIBWOLFSSL=no CPPFLAGS="$ac_save_CPPFLAGS" - LIBBCRYPT= - LTLIBBCRYPT= - LIBBCRYPT_PREFIX= + LIBWOLFSSL= + LTLIBWOLFSSL= + LIBWOLFSSL_PREFIX= fi @@ -22157,81 +22565,60 @@ printf "%s\n" "$LIBBCRYPT" >&6; } - LDFLAGS="$libssh2_save_LDFLAGS" - - if test "$ac_cv_libbcrypt" = "yes"; then : + if test "$ac_cv_libwolfssl" = "yes"; then : -printf "%s\n" "#define LIBSSH2_WINCNG 1" >>confdefs.h +printf "%s\n" "#define LIBSSH2_WOLFSSL 1" >>confdefs.h - found_crypto="wincng" - found_crypto_str="Windows Cryptography API: Next Generation" - support_clear_memory="$ac_cv_have_decl_SecureZeroMemory" + LIBSSH2_PC_REQUIRES_PRIVATE="$LIBSSH2_PC_REQUIRES_PRIVATE${LIBSSH2_PC_REQUIRES_PRIVATE:+,}wolfssl" + found_crypto="wolfssl" else CPPFLAGS="$libssh2_save_CPPFLAGS" + LDFLAGS="$libssh2_save_LDFLAGS" fi test "$found_crypto" = "none" && - crypto_errors="${crypto_errors}No wincng crypto library found! + crypto_errors="${crypto_errors}No wolfssl crypto library found! " fi ;; yes|"") - crypto_errors="No crypto backend specified!" + crypto_errors="No crypto backend specified." ;; *) - crypto_errors="Unknown crypto backend '${use_crypto}' specified!" + crypto_errors="Unknown crypto backend '${use_crypto}' specified." ;; esac if test "$found_crypto" = "none"; then crypto_errors="${crypto_errors} -Specify --with-crypto=\$backend and/or the neccessary library search prefix. +Specify --with-crypto=\$backend and/or the necessary library search prefix. -Known crypto backends: auto, openssl, libgcrypt, mbedtls, wincng" +Known crypto backends: auto, openssl, libgcrypt, mbedtls, wincng, wolfssl" { printf "%s\n" "$as_me:${as_lineno-$LINENO}: ERROR: ${crypto_errors}" >&5 printf "%s\n" "$as_me: ERROR: ${crypto_errors}" >&6;} else test "$found_crypto_str" = "" && found_crypto_str="$found_crypto" fi - if test "$found_crypto" = "openssl"; then - OPENSSL_TRUE= - OPENSSL_FALSE='#' -else - OPENSSL_TRUE='#' - OPENSSL_FALSE= +# ECDSA support with WinCNG +# Check whether --enable-ecdsa-wincng was given. +if test ${enable_ecdsa_wincng+y} +then : + enableval=$enable_ecdsa_wincng; wincng_ecdsa=$enableval fi - if test "$found_crypto" = "libgcrypt"; then - LIBGCRYPT_TRUE= - LIBGCRYPT_FALSE='#' -else - LIBGCRYPT_TRUE='#' - LIBGCRYPT_FALSE= -fi +if test "$wincng_ecdsa" = yes; then - if test "$found_crypto" = "mbedtls"; then - MBEDTLS_TRUE= - MBEDTLS_FALSE='#' -else - MBEDTLS_TRUE='#' - MBEDTLS_FALSE= -fi +printf "%s\n" "#define LIBSSH2_ECDSA_WINCNG 1" >>confdefs.h - if test "$found_crypto" = "wincng"; then - WINCNG_TRUE= - WINCNG_FALSE='#' else - WINCNG_TRUE='#' - WINCNG_FALSE= + wincng_ecdsa=no fi - - # libz @@ -22239,8 +22626,9 @@ fi if test ${with_libz+y} then : withval=$with_libz; use_libz=$withval -else $as_nop - use_libz=auto +else case e in #( + e) use_libz=auto ;; +esac fi @@ -22659,480 +23047,2617 @@ fi LIBZ="${LIBZ}${LIBZ:+ }-l$name" LTLIBZ="${LTLIBZ}${LTLIBZ:+ }-l$name" fi - fi + fi + fi + done + done + if test "X$rpathdirs" != "X"; then + if test -n "$acl_hardcode_libdir_separator"; then + alldirs= + for found_dir in $rpathdirs; do + alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$found_dir" + done + acl_save_libdir="$libdir" + libdir="$alldirs" + eval flag=\"$acl_hardcode_libdir_flag_spec\" + libdir="$acl_save_libdir" + LIBZ="${LIBZ}${LIBZ:+ }$flag" + else + for found_dir in $rpathdirs; do + acl_save_libdir="$libdir" + libdir="$found_dir" + eval flag=\"$acl_hardcode_libdir_flag_spec\" + libdir="$acl_save_libdir" + LIBZ="${LIBZ}${LIBZ:+ }$flag" + done + fi + fi + if test "X$ltrpathdirs" != "X"; then + for found_dir in $ltrpathdirs; do + LTLIBZ="${LTLIBZ}${LTLIBZ:+ }-R$found_dir" + done + fi + + + ac_save_CPPFLAGS="$CPPFLAGS" + + for element in $INCZ; do + haveit= + for x in $CPPFLAGS; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + if test "X$x" = "X$element"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element" + fi + done + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libz" >&5 +printf %s "checking for libz... " >&6; } +if test ${ac_cv_libz+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) + ac_save_LIBS="$LIBS" + LIBS="$LIBS $LIBZ" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main (void) +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO" +then : + ac_cv_libz=yes +else case e in #( + e) ac_cv_libz=no ;; +esac +fi +rm -f core conftest.err conftest.$ac_objext conftest.beam \ + conftest$ac_exeext conftest.$ac_ext + LIBS="$ac_save_LIBS" + ;; +esac +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libz" >&5 +printf "%s\n" "$ac_cv_libz" >&6; } + if test "$ac_cv_libz" = yes; then + HAVE_LIBZ=yes + +printf "%s\n" "#define HAVE_LIBZ 1" >>confdefs.h + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libz" >&5 +printf %s "checking how to link with libz... " >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBZ" >&5 +printf "%s\n" "$LIBZ" >&6; } + else + HAVE_LIBZ=no + CPPFLAGS="$ac_save_CPPFLAGS" + LIBZ= + LTLIBZ= + LIBZ_PREFIX= + fi + + + + + + + + if test "$ac_cv_libz" != yes; then + if test "$use_libz" = auto; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Cannot find libz, disabling compression" >&5 +printf "%s\n" "$as_me: Cannot find libz, disabling compression" >&6;} + found_libz="disabled; no libz found" + else + libz_errors="No libz found. +Try --with-libz-prefix=PATH if you know that you have it." + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: ERROR: $libz_errors" >&5 +printf "%s\n" "$as_me: ERROR: $libz_errors" >&6;} + fi + else + +printf "%s\n" "#define LIBSSH2_HAVE_ZLIB 1" >>confdefs.h + + LIBSSH2_PC_REQUIRES_PRIVATE="$LIBSSH2_PC_REQUIRES_PRIVATE${LIBSSH2_PC_REQUIRES_PRIVATE:+,}zlib" + found_libz="yes" + fi +fi + + + +# +# Optional Settings +# +# Check whether --enable-clear-memory was given. +if test ${enable_clear_memory+y} +then : + enableval=$enable_clear_memory; CLEAR_MEMORY=$enableval +fi + +if test "$CLEAR_MEMORY" = "no"; then + +printf "%s\n" "#define LIBSSH2_NO_CLEAR_MEMORY 1" >>confdefs.h + + enable_clear_memory=no +else + enable_clear_memory=yes +fi + +LIBSSH2_CFLAG_EXTRAS="" + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable compiler warnings as errors" >&5 +printf %s "checking whether to enable compiler warnings as errors... " >&6; } + OPT_COMPILER_WERROR="default" + # Check whether --enable-werror was given. +if test ${enable_werror+y} +then : + enableval=$enable_werror; OPT_COMPILER_WERROR=$enableval +fi + + case "$OPT_COMPILER_WERROR" in + no) + want_werror="no" + ;; + default) + want_werror="no" + ;; + *) + want_werror="yes" + ;; + esac + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $want_werror" >&5 +printf "%s\n" "$want_werror" >&6; } + + if test X"$want_werror" = Xyes; then + LIBSSH2_CFLAG_EXTRAS="$LIBSSH2_CFLAG_EXTRAS -Werror" + fi + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable pedantic and debug compiler options" >&5 +printf %s "checking whether to enable pedantic and debug compiler options... " >&6; } +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 +printf %s "checking how to run the C preprocessor... " >&6; } +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then + if test ${ac_cv_prog_CPP+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) # Double quotes because $CC needs to be expanded + for CPP in "$CC -E" "$CC -E -traditional-cpp" cpp /lib/cpp + do + ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + +else case e in #( + e) # Broken: fails on valid input. +continue ;; +esac +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + # Broken: success on invalid input. +continue +else case e in #( + e) # Passes both tests. +ac_preproc_ok=: +break ;; +esac +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of 'break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok +then : + break +fi + + done + ac_cv_prog_CPP=$CPP + ;; +esac +fi + CPP=$ac_cv_prog_CPP +else + ac_cv_prog_CPP=$CPP +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 +printf "%s\n" "$CPP" >&6; } +ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + +else case e in #( + e) # Broken: fails on valid input. +continue ;; +esac +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + # Broken: success on invalid input. +continue +else case e in #( + e) # Passes both tests. +ac_preproc_ok=: +break ;; +esac +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of 'break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok +then : + +else case e in #( + e) { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} +as_fn_error $? "C preprocessor \"$CPP\" fails sanity check +See 'config.log' for more details" "$LINENO" 5; } ;; +esac +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for egrep -e" >&5 +printf %s "checking for egrep -e... " >&6; } +if test ${ac_cv_path_EGREP_TRADITIONAL+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) if test -z "$EGREP_TRADITIONAL"; then + ac_path_EGREP_TRADITIONAL_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in grep ggrep + do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP_TRADITIONAL="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_EGREP_TRADITIONAL" || continue +# Check for GNU ac_path_EGREP_TRADITIONAL and select it if it is found. + # Check for GNU $ac_path_EGREP_TRADITIONAL +case `"$ac_path_EGREP_TRADITIONAL" --version 2>&1` in #( +*GNU*) + ac_cv_path_EGREP_TRADITIONAL="$ac_path_EGREP_TRADITIONAL" ac_path_EGREP_TRADITIONAL_found=:;; +#( +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" 'EGREP_TRADITIONAL' >> "conftest.nl" + "$ac_path_EGREP_TRADITIONAL" -E 'EGR(EP|AC)_TRADITIONAL$' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_EGREP_TRADITIONAL_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_EGREP_TRADITIONAL="$ac_path_EGREP_TRADITIONAL" + ac_path_EGREP_TRADITIONAL_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_EGREP_TRADITIONAL_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_EGREP_TRADITIONAL"; then + : + fi +else + ac_cv_path_EGREP_TRADITIONAL=$EGREP_TRADITIONAL +fi + + if test "$ac_cv_path_EGREP_TRADITIONAL" +then : + ac_cv_path_EGREP_TRADITIONAL="$ac_cv_path_EGREP_TRADITIONAL -E" +else case e in #( + e) if test -z "$EGREP_TRADITIONAL"; then + ac_path_EGREP_TRADITIONAL_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + case $as_dir in #((( + '') as_dir=./ ;; + */) ;; + *) as_dir=$as_dir/ ;; + esac + for ac_prog in egrep + do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP_TRADITIONAL="$as_dir$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_EGREP_TRADITIONAL" || continue +# Check for GNU ac_path_EGREP_TRADITIONAL and select it if it is found. + # Check for GNU $ac_path_EGREP_TRADITIONAL +case `"$ac_path_EGREP_TRADITIONAL" --version 2>&1` in #( +*GNU*) + ac_cv_path_EGREP_TRADITIONAL="$ac_path_EGREP_TRADITIONAL" ac_path_EGREP_TRADITIONAL_found=:;; +#( +*) + ac_count=0 + printf %s 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + printf "%s\n" 'EGREP_TRADITIONAL' >> "conftest.nl" + "$ac_path_EGREP_TRADITIONAL" 'EGR(EP|AC)_TRADITIONAL$' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_EGREP_TRADITIONAL_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_EGREP_TRADITIONAL="$ac_path_EGREP_TRADITIONAL" + ac_path_EGREP_TRADITIONAL_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + + $ac_path_EGREP_TRADITIONAL_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_EGREP_TRADITIONAL"; then + as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_EGREP_TRADITIONAL=$EGREP_TRADITIONAL +fi + ;; +esac +fi ;; +esac +fi +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP_TRADITIONAL" >&5 +printf "%s\n" "$ac_cv_path_EGREP_TRADITIONAL" >&6; } + EGREP_TRADITIONAL=$ac_cv_path_EGREP_TRADITIONAL + + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if cpp -P is needed" >&5 +printf %s "checking if cpp -P is needed... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include +TEST EINVAL TEST + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP_TRADITIONAL "TEST.*TEST" >/dev/null 2>&1 +then : + cpp=no +else case e in #( + e) cpp=yes ;; +esac +fi +rm -rf conftest* + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $cpp" >&5 +printf "%s\n" "$cpp" >&6; } + + if test "x$cpp" = "xyes"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if cpp -P works" >&5 +printf %s "checking if cpp -P works... " >&6; } + OLDCPPFLAGS=$CPPFLAGS + CPPFLAGS="$CPPFLAGS -P" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include +TEST EINVAL TEST + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP_TRADITIONAL "TEST.*TEST" >/dev/null 2>&1 +then : + cpp_p=yes +else case e in #( + e) cpp_p=no ;; +esac +fi +rm -rf conftest* + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $cpp_p" >&5 +printf "%s\n" "$cpp_p" >&6; } + + if test "x$cpp_p" = "xno"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: failed to figure out cpp -P alternative" >&5 +printf "%s\n" "$as_me: WARNING: failed to figure out cpp -P alternative" >&2;} + # without -P + CPPPFLAG="" + else + # with -P + CPPPFLAG="-P" + fi + CPPFLAGS=$OLDCPPFLAGS + else + # without -P + CPPPFLAG="" + fi + + +squeeze() { + _sqz_result="" + eval _sqz_input=\$$1 + for _sqz_token in $_sqz_input; do + if test -z "$_sqz_result"; then + _sqz_result="$_sqz_token" + else + _sqz_result="$_sqz_result $_sqz_token" + fi + done + eval $1=\$_sqz_result + return 0 +} + +# Check whether --enable-debug was given. +if test ${enable_debug+y} +then : + enableval=$enable_debug; case "$enable_debug" in + no) + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + CPPFLAGS="$CPPFLAGS -DNDEBUG" + ;; + *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + enable_debug=yes + CPPFLAGS="$CPPFLAGS -DLIBSSH2DEBUG" + CFLAGS="$CFLAGS -g" + + + if test "z$CLANG" = "z"; then + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler is clang" >&5 +printf %s "checking if compiler is clang... " >&6; } + + OLDCPPFLAGS=$CPPFLAGS + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" + if test -z "$SED"; then + as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 + fi + if test -z "$GREP"; then + as_fn_error $? "GREP not set. Cannot continue without GREP being set." "$LINENO" 5 + fi + + tmp_exp="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +#ifdef __clang__ +CURL_DEF_TOKEN __clang__ +#endif + + +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + + tmp_exp=`eval "$ac_cpp conftest.$ac_ext" 2>/dev/null | \ + "$GREP" CURL_DEF_TOKEN 2>/dev/null | \ + "$SED" 's/.*CURL_DEF_TOKEN[ ][ ]*//' 2>/dev/null | \ + "$SED" 's/["][ ]*["]//g' 2>/dev/null` + if test -z "$tmp_exp" || test "$tmp_exp" = "__clang__"; then + tmp_exp="" + fi + +fi +rm -f conftest.err conftest.i conftest.$ac_ext + if test -z "$tmp_exp"; then + curl_cv_have_def___clang__=no + + else + curl_cv_have_def___clang__=yes + curl_cv_def___clang__=$tmp_exp + + fi + CPPFLAGS=$OLDCPPFLAGS + + if test "$curl_cv_have_def___clang__" = "yes"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking if compiler is xlclang" >&5 +printf %s "checking if compiler is xlclang... " >&6; } + + OLDCPPFLAGS=$CPPFLAGS + # CPPPFLAG comes from CURL_CPP_P + CPPFLAGS="$CPPFLAGS $CPPPFLAG" + if test -z "$SED"; then + as_fn_error $? "SED not set. Cannot continue without SED being set." "$LINENO" 5 + fi + if test -z "$GREP"; then + as_fn_error $? "GREP not set. Cannot continue without GREP being set." "$LINENO" 5 + fi + + tmp_exp="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +#ifdef __ibmxl__ +CURL_DEF_TOKEN __ibmxl__ +#endif + + +_ACEOF +if ac_fn_c_try_cpp "$LINENO" +then : + + tmp_exp=`eval "$ac_cpp conftest.$ac_ext" 2>/dev/null | \ + "$GREP" CURL_DEF_TOKEN 2>/dev/null | \ + "$SED" 's/.*CURL_DEF_TOKEN[ ][ ]*//' 2>/dev/null | \ + "$SED" 's/["][ ]*["]//g' 2>/dev/null` + if test -z "$tmp_exp" || test "$tmp_exp" = "__ibmxl__"; then + tmp_exp="" + fi + +fi +rm -f conftest.err conftest.i conftest.$ac_ext + if test -z "$tmp_exp"; then + curl_cv_have_def___ibmxl__=no + + else + curl_cv_have_def___ibmxl__=yes + curl_cv_def___ibmxl__=$tmp_exp + + fi + CPPFLAGS=$OLDCPPFLAGS + + if test "$curl_cv_have_def___ibmxl__" = "yes" ; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + compiler_id="XLCLANG" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + compiler_id="CLANG" + fi + flags_dbg_yes="-g" + flags_opt_all="-O -O0 -O1 -O2 -Os -O3 -O4" + flags_opt_yes="-O2" + flags_opt_off="-O0" + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + if test "z$compiler_id" = "zCLANG"; then + CLANG="yes" + else + CLANG="no" + fi + fi + if test "z$ICC" = "z"; then + + ICC="no" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for icc in use" >&5 +printf %s "checking for icc in use... " >&6; } + if test "$GCC" = "yes"; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +__INTEL_COMPILER +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP_TRADITIONAL "^__INTEL_COMPILER" >/dev/null 2>&1 +then : + ICC="no" +else case e in #( + e) ICC="yes" + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } + + ;; +esac +fi +rm -rf conftest* + + fi + if test "$ICC" = "no"; then + # this is not ICC + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +printf "%s\n" "no" >&6; } + fi + + fi + + if test "$CLANG" = "yes"; then + + # indentation to match curl's m4/curl-compilers.m4 + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking compiler version" >&5 +printf %s "checking compiler version... " >&6; } + fullclangver=`$CC -v 2>&1 | grep version` + if echo $fullclangver | grep 'Apple' >/dev/null; then + appleclang=1 + else + appleclang=0 + fi + clangver=`echo $fullclangver | grep "based on LLVM " | "$SED" 's/.*(based on LLVM \([0-9]*\.[0-9]*\).*)/\1/'` + if test -z "$clangver"; then + clangver=`echo $fullclangver | "$SED" 's/.*version \([0-9]*\.[0-9]*\).*/\1/'` + oldapple=0 + else + oldapple=1 + fi + clangvhi=`echo $clangver | cut -d . -f1` + clangvlo=`echo $clangver | cut -d . -f2` + compiler_num=`(expr $clangvhi "*" 100 + $clangvlo) 2>/dev/null` + if test "$appleclang" = '1' && test "$oldapple" = '0'; then + if test "$compiler_num" -ge '1300'; then compiler_num='1200' + elif test "$compiler_num" -ge '1205'; then compiler_num='1101' + elif test "$compiler_num" -ge '1204'; then compiler_num='1000' + elif test "$compiler_num" -ge '1107'; then compiler_num='900' + elif test "$compiler_num" -ge '1103'; then compiler_num='800' + elif test "$compiler_num" -ge '1003'; then compiler_num='700' + elif test "$compiler_num" -ge '1001'; then compiler_num='600' + elif test "$compiler_num" -ge '904'; then compiler_num='500' + elif test "$compiler_num" -ge '902'; then compiler_num='400' + elif test "$compiler_num" -ge '803'; then compiler_num='309' + elif test "$compiler_num" -ge '703'; then compiler_num='308' + else compiler_num='307' + fi + fi + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: clang '$compiler_num' (raw: '$fullclangver' / '$clangver')" >&5 +printf "%s\n" "clang '$compiler_num' (raw: '$fullclangver' / '$clangver')" >&6; } + + tmp_CFLAGS="-pedantic" + if test "$want_werror" = "yes"; then + LIBSSH2_CFLAG_EXTRAS="$LIBSSH2_CFLAG_EXTRAS -pedantic-errors" + fi + + ac_var_added_warnings="" + for warning in all extra; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in pointer-arith write-strings; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in shadow; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in inline nested-externs; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in missing-declarations; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in missing-prototypes; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + tmp_CFLAGS="$tmp_CFLAGS -Wno-long-long" + + ac_var_added_warnings="" + for warning in float-equal; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in sign-compare; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + tmp_CFLAGS="$tmp_CFLAGS -Wno-multichar" + + ac_var_added_warnings="" + for warning in undef; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + tmp_CFLAGS="$tmp_CFLAGS -Wno-format-nonliteral" + + ac_var_added_warnings="" + for warning in endif-labels strict-prototypes; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in declaration-after-statement; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in cast-align; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + tmp_CFLAGS="$tmp_CFLAGS -Wno-system-headers" + + ac_var_added_warnings="" + for warning in shorten-64-to-32; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + # + if test "$compiler_num" -ge "101"; then + + ac_var_added_warnings="" + for warning in unused; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "207"; then + + ac_var_added_warnings="" + for warning in address; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in attributes; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in bad-function-cast; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in div-by-zero format-security; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in empty-body; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in missing-field-initializers; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in missing-noreturn; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in old-style-definition; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in redundant-decls; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [switch-enum]) # Not used because this basically disallows default case + + ac_var_added_warnings="" + for warning in type-limits; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + if test "x$have_windows_h" != "xyes"; then + + ac_var_added_warnings="" + for warning in unused-macros; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + # Seen to clash with libtool-generated stub code + fi + + ac_var_added_warnings="" + for warning in unreachable-code unused-parameter; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "208"; then + + ac_var_added_warnings="" + for warning in ignored-qualifiers; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in vla; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "209"; then + + ac_var_added_warnings="" + for warning in sign-conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + tmp_CFLAGS="$tmp_CFLAGS -Wno-error=sign-conversion" # FIXME + + ac_var_added_warnings="" + for warning in shift-sign-overflow; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [padded]) # Not used because we cannot change public structs + fi + # + if test "$compiler_num" -ge "300"; then + + ac_var_added_warnings="" + for warning in language-extension-token; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + tmp_CFLAGS="$tmp_CFLAGS -Wformat=2" + fi + # + if test "$compiler_num" -ge "302"; then + + ac_var_added_warnings="" + for warning in enum-conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in sometimes-uninitialized; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + case $host_os in + cygwin* | mingw*) + ;; + *) + + ac_var_added_warnings="" + for warning in missing-variable-declarations; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + ;; + esac + fi + # + if test "$compiler_num" -ge "304"; then + + ac_var_added_warnings="" + for warning in header-guard; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in unused-const-variable; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "305"; then + + ac_var_added_warnings="" + for warning in pragmas; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in unreachable-code-break; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "306"; then + + ac_var_added_warnings="" + for warning in double-promotion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "309"; then + + ac_var_added_warnings="" + for warning in comma; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + # avoid the varargs warning, fixed in 4.0 + # https://bugs.llvm.org/show_bug.cgi?id=29140 + if test "$compiler_num" -lt "400"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-varargs" + fi + fi + if test "$compiler_num" -ge "700"; then + + ac_var_added_warnings="" + for warning in assign-enum; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in extra-semi-stmt; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + if test "$compiler_num" -ge "1000"; then + tmp_CFLAGS="$tmp_CFLAGS -Wimplicit-fallthrough" # we have silencing markup for clang 10.0 and above only + fi + + CFLAGS="$CFLAGS $tmp_CFLAGS" + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Added this set of compiler options: $tmp_CFLAGS" >&5 +printf "%s\n" "$as_me: Added this set of compiler options: $tmp_CFLAGS" >&6;} + + elif test "$GCC" = "yes"; then + + # indentation to match curl's m4/curl-compilers.m4 + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking compiler version" >&5 +printf %s "checking compiler version... " >&6; } + # strip '-suffix' parts, e.g. Ubuntu Windows cross-gcc returns '10-win32' + gccver=`$CC -dumpversion | sed -E 's/-.+$//'` + gccvhi=`echo $gccver | cut -d . -f1` + if echo $gccver | grep -F "." >/dev/null; then + gccvlo=`echo $gccver | cut -d . -f2` + else + gccvlo="0" + fi + compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null` + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: gcc '$compiler_num' (raw: '$gccver')" >&5 +printf "%s\n" "gcc '$compiler_num' (raw: '$gccver')" >&6; } + + if test "$ICC" = "yes"; then + + + tmp_CFLAGS="-wd279,269,981,1418,1419" + + if test "$compiler_num" -gt "600"; then + tmp_CFLAGS="-Wall $tmp_CFLAGS" + fi + else tmp_CFLAGS="-pedantic" + if test "$want_werror" = "yes"; then + LIBSSH2_CFLAG_EXTRAS="$LIBSSH2_CFLAG_EXTRAS -pedantic-errors" + fi + + ac_var_added_warnings="" + for warning in all; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + tmp_CFLAGS="$tmp_CFLAGS -W" + + ac_var_added_warnings="" + for warning in pointer-arith write-strings; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + # + if test "$compiler_num" -ge "207"; then + + ac_var_added_warnings="" + for warning in inline nested-externs; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in missing-declarations; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in missing-prototypes; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "295"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-long-long" + + ac_var_added_warnings="" + for warning in bad-function-cast; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "296"; then + + ac_var_added_warnings="" + for warning in float-equal; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + tmp_CFLAGS="$tmp_CFLAGS -Wno-multichar" + + ac_var_added_warnings="" + for warning in sign-compare; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in undef; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "297"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-format-nonliteral" + fi + # + if test "$compiler_num" -ge "300"; then + tmp_CFLAGS="$tmp_CFLAGS -Wno-system-headers" + + ac_var_added_warnings="" + for warning in unused shadow; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "303"; then + + ac_var_added_warnings="" + for warning in endif-labels strict-prototypes; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "304"; then + + ac_var_added_warnings="" + for warning in declaration-after-statement; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in old-style-definition; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "400"; then + tmp_CFLAGS="$tmp_CFLAGS -Wstrict-aliasing=3" + fi + # + if test "$compiler_num" -ge "401"; then + + ac_var_added_warnings="" + for warning in attributes; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" fi done done - if test "X$rpathdirs" != "X"; then - if test -n "$acl_hardcode_libdir_separator"; then - alldirs= - for found_dir in $rpathdirs; do - alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$found_dir" - done - acl_save_libdir="$libdir" - libdir="$alldirs" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBZ="${LIBZ}${LIBZ:+ }$flag" - else - for found_dir in $rpathdirs; do - acl_save_libdir="$libdir" - libdir="$found_dir" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBZ="${LIBZ}${LIBZ:+ }$flag" - done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" fi - fi - if test "X$ltrpathdirs" != "X"; then - for found_dir in $ltrpathdirs; do - LTLIBZ="${LTLIBZ}${LTLIBZ:+ }-R$found_dir" + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in div-by-zero format-security; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi done - fi + done + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - ac_save_CPPFLAGS="$CPPFLAGS" - for element in $INCZ; do - haveit= - for x in $CPPFLAGS; do + ac_var_added_warnings="" + for warning in missing-field-initializers; do - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done - if test "X$x" = "X$element"; then - haveit=yes - break + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in missing-noreturn; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" fi done - if test -z "$haveit"; then - CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element" + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" fi done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for libz" >&5 -printf %s "checking for libz... " >&6; } -if test ${ac_cv_libz+y} -then : - printf %s "(cached) " >&6 -else $as_nop + ac_var_added_warnings="" + for warning in unreachable-code unused-parameter; do - ac_save_LIBS="$LIBS" - LIBS="$LIBS $LIBZ" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main (void) -{ + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO" -then : - ac_cv_libz=yes -else $as_nop - ac_cv_libz=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$ac_save_LIBS" + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS -fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libz" >&5 -printf "%s\n" "$ac_cv_libz" >&6; } - if test "$ac_cv_libz" = yes; then - HAVE_LIBZ=yes + # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [padded]) # Not used because we cannot change public structs -printf "%s\n" "#define HAVE_LIBZ 1" >>confdefs.h + ac_var_added_warnings="" + for warning in pragmas; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to link with libz" >&5 -printf %s "checking how to link with libz... " >&6; } - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $LIBZ" >&5 -printf "%s\n" "$LIBZ" >&6; } - else - HAVE_LIBZ=no - CPPFLAGS="$ac_save_CPPFLAGS" - LIBZ= - LTLIBZ= - LIBZ_PREFIX= - fi + ac_var_added_warnings="" + for warning in redundant-decls; do + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + # CURL_ADD_COMPILER_WARNINGS([tmp_CFLAGS], [switch-enum]) # Not used because this basically disallows default case + ac_var_added_warnings="" + for warning in unused-macros; do + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done - if test "$ac_cv_libz" != yes; then - if test "$use_libz" = auto; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Cannot find libz, disabling compression" >&5 -printf "%s\n" "$as_me: Cannot find libz, disabling compression" >&6;} - found_libz="disabled; no libz found" - else - libz_errors="No libz found! -Try --with-libz-prefix=PATH if you know that you have it." - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: ERROR: $libz_errors" >&5 -printf "%s\n" "$as_me: ERROR: $libz_errors" >&6;} + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" fi - else + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS -printf "%s\n" "#define LIBSSH2_HAVE_ZLIB 1" >>confdefs.h + fi + # + if test "$compiler_num" -ge "402"; then - LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }zlib" - found_libz="yes" - fi -fi + ac_var_added_warnings="" + for warning in cast-align; do + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS -# -# Optional Settings -# -# Check whether --enable-crypt-none was given. -if test ${enable_crypt_none+y} -then : - enableval=$enable_crypt_none; -printf "%s\n" "#define LIBSSH2_CRYPT_NONE 1" >>confdefs.h + fi + # + if test "$compiler_num" -ge "403"; then -fi + ac_var_added_warnings="" + for warning in address; do + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done -# Check whether --enable-mac-none was given. -if test ${enable_mac_none+y} -then : - enableval=$enable_mac_none; -printf "%s\n" "#define LIBSSH2_MAC_NONE 1" >>confdefs.h + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS -fi + ac_var_added_warnings="" + for warning in type-limits old-style-declaration; do -# Check whether --enable-gex-new was given. -if test ${enable_gex_new+y} -then : - enableval=$enable_gex_new; GEX_NEW=$enableval -fi + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS -if test "$GEX_NEW" != "no"; then -printf "%s\n" "#define LIBSSH2_DH_GEX_NEW 1" >>confdefs.h + ac_var_added_warnings="" + for warning in missing-parameter-type empty-body; do -fi + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done -# Check whether --enable-clear-memory was given. -if test ${enable_clear_memory+y} -then : - enableval=$enable_clear_memory; CLEAR_MEMORY=$enableval -fi + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS -if test "$CLEAR_MEMORY" != "no"; then - if test "$support_clear_memory" = "yes"; then -printf "%s\n" "#define LIBSSH2_CLEAR_MEMORY 1" >>confdefs.h + ac_var_added_warnings="" + for warning in clobbered ignored-qualifiers; do - enable_clear_memory=yes - else - if test "$CLEAR_MEMORY" = "yes"; then - as_fn_error $? "secure clearing/zeroing of memory is not supported by the selected crypto backend" "$LINENO" 5 - else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: secure clearing/zeroing of memory is not supported by the selected crypto backend" >&5 -printf "%s\n" "$as_me: WARNING: secure clearing/zeroing of memory is not supported by the selected crypto backend" >&2;} + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" fi - enable_clear_memory=unsupported - fi -else - if test "$support_clear_memory" = "yes"; then - enable_clear_memory=no - else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: secure clearing/zeroing of memory is not supported by the selected crypto backend" >&5 -printf "%s\n" "$as_me: WARNING: secure clearing/zeroing of memory is not supported by the selected crypto backend" >&2;} - enable_clear_memory=unsupported - fi -fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable pedantic and debug compiler options" >&5 -printf %s "checking whether to enable pedantic and debug compiler options... " >&6; } -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 -printf %s "checking how to run the C preprocessor... " >&6; } -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then - if test ${ac_cv_prog_CPP+y} -then : - printf %s "(cached) " >&6 -else $as_nop - # Double quotes because $CC needs to be expanded - for CPP in "$CC -E" "$CC -E -traditional-cpp" cpp /lib/cpp - do - ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO" -then : -else $as_nop - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext + ac_var_added_warnings="" + for warning in conversion trampolines; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in sign-conversion; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + tmp_CFLAGS="$tmp_CFLAGS -Wno-error=sign-conversion" # FIXME + + ac_var_added_warnings="" + for warning in vla; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO" -then : - # Broken: success on invalid input. -continue -else $as_nop - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext + tmp_CFLAGS="$tmp_CFLAGS -ftree-vrp" + fi + # + if test "$compiler_num" -ge "405"; then + case $host_os in + mingw*) + tmp_CFLAGS="$tmp_CFLAGS -Wno-pedantic-ms-format" + ;; + esac + fi + # + if test "$compiler_num" -ge "406"; then -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok -then : - break -fi + ac_var_added_warnings="" + for warning in double-promotion; do + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi done - ac_cv_prog_CPP=$CPP - -fi - CPP=$ac_cv_prog_CPP -else - ac_cv_prog_CPP=$CPP -fi -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 -printf "%s\n" "$CPP" >&6; } -ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - Syntax error -_ACEOF -if ac_fn_c_try_cpp "$LINENO" -then : + done -else $as_nop - # Broken: fails on valid input. -continue -fi -rm -f conftest.err conftest.i conftest.$ac_ext + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if ac_fn_c_try_cpp "$LINENO" -then : - # Broken: success on invalid input. -continue -else $as_nop - # Passes both tests. -ac_preproc_ok=: -break -fi -rm -f conftest.err conftest.i conftest.$ac_ext + fi + # + if test "$compiler_num" -ge "408"; then + tmp_CFLAGS="$tmp_CFLAGS -Wformat=2" + fi + # + if test "$compiler_num" -ge "500"; then + tmp_CFLAGS="$tmp_CFLAGS -Warray-bounds=2" + fi + # + if test "$compiler_num" -ge "600"; then -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.i conftest.err conftest.$ac_ext -if $ac_preproc_ok -then : + ac_var_added_warnings="" + for warning in shift-negative-value; do -else $as_nop - { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error $? "C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details" "$LINENO" 5; } -fi + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + tmp_CFLAGS="$tmp_CFLAGS -Wshift-overflow=2" -# Check whether --enable-debug was given. -if test ${enable_debug+y} -then : - enableval=$enable_debug; case "$enable_debug" in - no) - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } - CPPFLAGS="$CPPFLAGS -DNDEBUG" - ;; - *) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -printf "%s\n" "yes" >&6; } - enable_debug=yes - CPPFLAGS="$CPPFLAGS -DLIBSSH2DEBUG" - CFLAGS="$CFLAGS -g" + ac_var_added_warnings="" + for warning in null-dereference; do + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done - if test "z$ICC" = "z"; then + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - ICC="no" - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for icc in use" >&5 -printf %s "checking for icc in use... " >&6; } - if test "$GCC" = "yes"; then - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -__INTEL_COMPILER -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "^__INTEL_COMPILER" >/dev/null 2>&1 -then : - ICC="no" -else $as_nop - ICC="yes" - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -printf "%s\n" "yes" >&6; } + tmp_CFLAGS="$tmp_CFLAGS -fdelete-null-pointer-checks" + ac_var_added_warnings="" + for warning in duplicated-cond; do -fi -rm -rf conftest* + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" fi - if test "$ICC" = "no"; then - # this is not ICC - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 -printf "%s\n" "no" >&6; } + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + + ac_var_added_warnings="" + for warning in unused-const-variable; do + + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS + + fi + # + if test "$compiler_num" -ge "700"; then + + ac_var_added_warnings="" + for warning in duplicated-branches; do + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - if test "$GCC" = "yes"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking gcc version" >&5 -printf %s "checking gcc version... " >&6; } - gccver=`$CC -dumpversion` - num1=`echo $gccver | cut -d . -f1` - num2=`echo $gccver | cut -d . -f2` - gccnum=`(expr $num1 "*" 100 + $num2) 2>/dev/null` - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $gccver" >&5 -printf "%s\n" "$gccver" >&6; } + ac_var_added_warnings="" + for warning in restrict; do - if test "$ICC" = "yes"; then + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - WARN="-wd279,269,981,1418,1419" - if test "$gccnum" -gt "600"; then - WARN="-Wall $WARN" - fi - else WARN="-W -Wall -Wwrite-strings -pedantic -Wpointer-arith -Wnested-externs -Winline -Wmissing-prototypes" + ac_var_added_warnings="" + for warning in alloc-zero; do + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done - if test "$gccnum" -ge "207"; then - WARN="$WARN -Wmissing-declarations" - fi + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - if test "$gccnum" -gt "295"; then - WARN="$WARN -Wundef -Wno-long-long -Wsign-compare" - fi + tmp_CFLAGS="$tmp_CFLAGS -Wformat-overflow=2" + tmp_CFLAGS="$tmp_CFLAGS -Wformat-truncation=2" + tmp_CFLAGS="$tmp_CFLAGS -Wimplicit-fallthrough" + fi + # + if test "$compiler_num" -ge "1000"; then - if test "$gccnum" -ge "296"; then - WARN="$WARN -Wfloat-equal" - fi + ac_var_added_warnings="" + for warning in arith-conversion; do - if test "$gccnum" -gt "296"; then - WARN="$WARN -Wno-format-nonliteral" - fi + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - if test "$gccnum" -ge "303"; then - WARN="$WARN -Wendif-labels -Wstrict-prototypes" - fi - if test "$gccnum" -ge "304"; then - # try these on gcc 3.4 - WARN="$WARN -Wdeclaration-after-statement" - fi + ac_var_added_warnings="" + for warning in enum-conversion; do - for flag in $CPPFLAGS; do - case "$flag" in - -I*) - add=`echo $flag | sed 's/^-I/-isystem /g'` - WARN="$WARN $add" - ;; - esac - done + ac_var_match_word="no" + for word1 in $CFLAGS; do + for word2 in -Wno-$warning -W$warning; do + if test "$word1" = "$word2"; then + ac_var_match_word="yes" + fi + done + done - fi - CFLAGS="$CFLAGS $WARN" + if test "$ac_var_match_word" = "no"; then + ac_var_added_warnings="$ac_var_added_warnings -W$warning" + fi + done + tmp_CFLAGS="$tmp_CFLAGS $ac_var_added_warnings" + squeeze tmp_CFLAGS - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Added this set of compiler options: $WARN" >&5 -printf "%s\n" "$as_me: Added this set of compiler options: $WARN" >&6;} + fi - else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Added no extra compiler options" >&5 -printf "%s\n" "$as_me: Added no extra compiler options" >&6;} + for flag in $CPPFLAGS; do + case "$flag" in + -I*) + add=`echo $flag | sed 's/^-I/-isystem /g'` + tmp_CFLAGS="$tmp_CFLAGS $add" + ;; + esac + done fi - NEWFLAGS="" - for flag in $CFLAGS; do - case "$flag" in - -O*) - ;; - *) - NEWFLAGS="$NEWFLAGS $flag" - ;; - esac - done - CFLAGS=$NEWFLAGS + CFLAGS="$CFLAGS $tmp_CFLAGS" + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Added this set of compiler options: $tmp_CFLAGS" >&5 +printf "%s\n" "$as_me: Added this set of compiler options: $tmp_CFLAGS" >&6;} + + else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: Added no extra compiler options" >&5 +printf "%s\n" "$as_me: Added no extra compiler options" >&6;} + + fi + NEWFLAGS="" + for flag in $CFLAGS; do + case "$flag" in + -O*) + ;; + *) + NEWFLAGS="$NEWFLAGS $flag" + ;; + esac + done + CFLAGS=$NEWFLAGS ;; esac -else $as_nop - enable_debug=no +else case e in #( + e) enable_debug=no { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } - + ;; +esac fi + + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable hidden symbols in the library" >&5 printf %s "checking whether to enable hidden symbols in the library... " >&6; } # Check whether --enable-hidden-symbols was given. @@ -23174,10 +25699,64 @@ printf "%s\n" "no" >&6; } fi ;; esac -else $as_nop - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } + ;; +esac +fi + + +# Check whether --enable-deprecated was given. +if test ${enable_deprecated+y} +then : + enableval=$enable_deprecated; case "$enableval" in + *) + with_deprecated="no" + CPPFLAGS="$CPPFLAGS -DLIBSSH2_NO_DEPRECATED" + ;; + esac +else case e in #( + e) with_deprecated="yes" ;; +esac +fi + +# Run Docker tests? +# Check whether --enable-docker-tests was given. +if test ${enable_docker_tests+y} +then : + enableval=$enable_docker_tests; run_docker_tests=no +else case e in #( + e) run_docker_tests=yes ;; +esac +fi + + if test "x$run_docker_tests" != "xno"; then + RUN_DOCKER_TESTS_TRUE= + RUN_DOCKER_TESTS_FALSE='#' +else + RUN_DOCKER_TESTS_TRUE='#' + RUN_DOCKER_TESTS_FALSE= +fi + + +# Run sshd tests? +# Check whether --enable-sshd-tests was given. +if test ${enable_sshd_tests+y} +then : + enableval=$enable_sshd_tests; run_sshd_tests=no +else case e in #( + e) run_sshd_tests=yes ;; +esac +fi + + if test "x$run_sshd_tests" != "xno"; then + RUN_SSHD_TESTS_TRUE= + RUN_SSHD_TESTS_FALSE='#' +else + RUN_SSHD_TESTS_TRUE='#' + RUN_SSHD_TESTS_FALSE= fi @@ -23195,8 +25774,9 @@ then : build_examples='yes' ;; esac -else $as_nop - build_examples='yes' +else case e in #( + e) build_examples='yes' ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $build_examples" >&5 @@ -23216,8 +25796,9 @@ fi if test ${enable_ossfuzzers+y} then : enableval=$enable_ossfuzzers; have_ossfuzzers=yes -else $as_nop - have_ossfuzzers=no +else case e in #( + e) have_ossfuzzers=no ;; +esac fi if test "x$have_ossfuzzers" = "xyes"; then @@ -23251,7 +25832,6 @@ fi # Checks for header files. -# AC_HEADER_STDC ac_fn_c_check_header_compile "$LINENO" "errno.h" "ac_cv_header_errno_h" "$ac_includes_default" if test "x$ac_cv_header_errno_h" = xyes then : @@ -23269,12 +25849,6 @@ if test "x$ac_cv_header_stdio_h" = xyes then : printf "%s\n" "#define HAVE_STDIO_H 1" >>confdefs.h -fi -ac_fn_c_check_header_compile "$LINENO" "stdlib.h" "ac_cv_header_stdlib_h" "$ac_includes_default" -if test "x$ac_cv_header_stdlib_h" = xyes -then : - printf "%s\n" "#define HAVE_STDLIB_H 1" >>confdefs.h - fi ac_fn_c_check_header_compile "$LINENO" "unistd.h" "ac_cv_header_unistd_h" "$ac_includes_default" if test "x$ac_cv_header_unistd_h" = xyes @@ -23327,53 +25901,13 @@ then : fi - for ac_header in sys/un.h -do : - ac_fn_c_check_header_compile "$LINENO" "sys/un.h" "ac_cv_header_sys_un_h" "$ac_includes_default" +ac_fn_c_check_header_compile "$LINENO" "sys/un.h" "ac_cv_header_sys_un_h" "$ac_includes_default" if test "x$ac_cv_header_sys_un_h" = xyes then : printf "%s\n" "#define HAVE_SYS_UN_H 1" >>confdefs.h - have_sys_un_h=yes -else $as_nop - have_sys_un_h=no -fi - -done - if test "x$have_sys_un_h" = xyes; then - HAVE_SYS_UN_H_TRUE= - HAVE_SYS_UN_H_FALSE='#' -else - HAVE_SYS_UN_H_TRUE='#' - HAVE_SYS_UN_H_FALSE= -fi - - -case $host in - *-*-cygwin* | *-*-cegcc*) - # These are POSIX-like systems using BSD-like sockets API. - ;; - *) - ac_fn_c_check_header_compile "$LINENO" "windows.h" "ac_cv_header_windows_h" "$ac_includes_default" -if test "x$ac_cv_header_windows_h" = xyes -then : - printf "%s\n" "#define HAVE_WINDOWS_H 1" >>confdefs.h - -fi -ac_fn_c_check_header_compile "$LINENO" "winsock2.h" "ac_cv_header_winsock2_h" "$ac_includes_default" -if test "x$ac_cv_header_winsock2_h" = xyes -then : - printf "%s\n" "#define HAVE_WINSOCK2_H 1" >>confdefs.h - -fi -ac_fn_c_check_header_compile "$LINENO" "ws2tcpip.h" "ac_cv_header_ws2tcpip_h" "$ac_includes_default" -if test "x$ac_cv_header_ws2tcpip_h" = xyes -then : - printf "%s\n" "#define HAVE_WS2TCPIP_H 1" >>confdefs.h fi - ;; -esac case $host in *darwin*|*interix*) @@ -23408,6 +25942,18 @@ if test "x$ac_cv_func_strtoll" = xyes then : printf "%s\n" "#define HAVE_STRTOLL 1" >>confdefs.h +fi +ac_fn_c_check_func "$LINENO" "explicit_bzero" "ac_cv_func_explicit_bzero" +if test "x$ac_cv_func_explicit_bzero" = xyes +then : + printf "%s\n" "#define HAVE_EXPLICIT_BZERO 1" >>confdefs.h + +fi +ac_fn_c_check_func "$LINENO" "explicit_memset" "ac_cv_func_explicit_memset" +if test "x$ac_cv_func_explicit_memset" = xyes +then : + printf "%s\n" "#define HAVE_EXPLICIT_MEMSET 1" >>confdefs.h + fi ac_fn_c_check_func "$LINENO" "memset_s" "ac_cv_func_memset_s" if test "x$ac_cv_func_memset_s" = xyes @@ -23415,6 +25961,12 @@ then : printf "%s\n" "#define HAVE_MEMSET_S 1" >>confdefs.h fi +ac_fn_c_check_func "$LINENO" "snprintf" "ac_cv_func_snprintf" +if test "x$ac_cv_func_snprintf" = xyes +then : + printf "%s\n" "#define HAVE_SNPRINTF 1" >>confdefs.h + +fi if test "$ac_cv_func_select" != "yes"; then @@ -23423,7 +25975,7 @@ printf %s "checking for select in ws2_32... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#ifdef HAVE_WINSOCK2_H +#ifdef HAVE_WINDOWS_H #ifndef WIN32_LEAN_AND_MEAN #define WIN32_LEAN_AND_MEAN #endif @@ -23450,11 +26002,12 @@ printf "%s\n" "yes" >&6; } printf "%s\n" "#define HAVE_SELECT 1" >>confdefs.h -else $as_nop - +else case e in #( + e) { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no" >&5 printf "%s\n" "no" >&6; } - + ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext @@ -23464,10 +26017,11 @@ ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" if test "x$ac_cv_type_size_t" = xyes then : -else $as_nop - +else case e in #( + e) printf "%s\n" "#define size_t unsigned int" >>confdefs.h - + ;; +esac fi # The Ultrix 4.2 mips builtin alloca declared by alloca.h only works @@ -23477,8 +26031,8 @@ printf %s "checking for working alloca.h... " >&6; } if test ${ac_cv_working_alloca_h+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int @@ -23493,11 +26047,13 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_working_alloca_h=yes -else $as_nop - ac_cv_working_alloca_h=no +else case e in #( + e) ac_cv_working_alloca_h=no ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ - conftest$ac_exeext conftest.$ac_ext + conftest$ac_exeext conftest.$ac_ext ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_working_alloca_h" >&5 printf "%s\n" "$ac_cv_working_alloca_h" >&6; } @@ -23512,10 +26068,10 @@ printf %s "checking for alloca... " >&6; } if test ${ac_cv_func_alloca_works+y} then : printf %s "(cached) " >&6 -else $as_nop - if test $ac_cv_working_alloca_h = yes; then - ac_cv_func_alloca_works=yes -else +else case e in #( + e) ac_cv_func_alloca_works=$ac_cv_working_alloca_h +if test "$ac_cv_func_alloca_works" != yes +then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include @@ -23546,15 +26102,14 @@ _ACEOF if ac_fn_c_try_link "$LINENO" then : ac_cv_func_alloca_works=yes -else $as_nop - ac_cv_func_alloca_works=no fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext +fi ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_alloca_works" >&5 printf "%s\n" "$ac_cv_func_alloca_works" >&6; } -fi if test $ac_cv_func_alloca_works = yes; then @@ -23576,12 +26131,12 @@ printf %s "checking stack direction for C alloca... " >&6; } if test ${ac_cv_c_stack_direction+y} then : printf %s "(cached) " >&6 -else $as_nop - if test "$cross_compiling" = yes +else case e in #( + e) if test "$cross_compiling" = yes then : ac_cv_c_stack_direction=0 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $ac_includes_default int @@ -23604,13 +26159,16 @@ _ACEOF if ac_fn_c_try_run "$LINENO" then : ac_cv_c_stack_direction=1 -else $as_nop - ac_cv_c_stack_direction=-1 +else case e in #( + e) ac_cv_c_stack_direction=-1 ;; +esac fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext + conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac fi - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_stack_direction" >&5 printf "%s\n" "$ac_cv_c_stack_direction" >&6; } @@ -23626,8 +26184,8 @@ printf %s "checking for an ANSI C-conforming const... " >&6; } if test ${ac_cv_c_const+y} then : printf %s "(cached) " >&6 -else $as_nop - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -23691,10 +26249,12 @@ _ACEOF if ac_fn_c_try_compile "$LINENO" then : ac_cv_c_const=yes -else $as_nop - ac_cv_c_const=no +else case e in #( + e) ac_cv_c_const=no ;; +esac fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5 printf "%s\n" "$ac_cv_c_const" >&6; } @@ -23709,8 +26269,8 @@ printf %s "checking for inline... " >&6; } if test ${ac_cv_c_inline+y} then : printf %s "(cached) " >&6 -else $as_nop - ac_cv_c_inline=no +else case e in #( + e) ac_cv_c_inline=no for ac_kw in inline __inline__ __inline; do cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -23728,7 +26288,8 @@ fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext test "$ac_cv_c_inline" != no && break done - + ;; +esac fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_inline" >&5 printf "%s\n" "$ac_cv_c_inline" >&6; } @@ -23796,8 +26357,8 @@ nonblock="O_NONBLOCK" printf "%s\n" "#define HAVE_O_NONBLOCK 1" >>confdefs.h -else $as_nop - +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -23826,52 +26387,8 @@ nonblock="FIONBIO" printf "%s\n" "#define HAVE_FIONBIO 1" >>confdefs.h -else $as_nop - - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* headers for ioctlsocket test (Windows) */ -#undef inline -#ifdef HAVE_WINDOWS_H -#ifndef WIN32_LEAN_AND_MEAN -#define WIN32_LEAN_AND_MEAN -#endif -#include -#ifdef HAVE_WINSOCK2_H -#include -#else -#ifdef HAVE_WINSOCK_H -#include -#endif -#endif -#endif - -int -main (void) -{ - -/* ioctlsocket source code */ - SOCKET sd; - unsigned long flags = 0; - sd = socket(0, 0, 0); - ioctlsocket(sd, FIONBIO, &flags); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO" -then : - -nonblock="ioctlsocket" - -printf "%s\n" "#define HAVE_IOCTLSOCKET 1" >>confdefs.h - - -else $as_nop - +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -23899,8 +26416,8 @@ nonblock="IoctlSocket" printf "%s\n" "#define HAVE_IOCTLSOCKET_CASE 1" >>confdefs.h -else $as_nop - +else case e in #( + e) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -23928,30 +26445,27 @@ nonblock="SO_NONBLOCK" printf "%s\n" "#define HAVE_SO_NONBLOCK 1" >>confdefs.h -else $as_nop - +else case e in #( + e) nonblock="nada" - -printf "%s\n" "#define HAVE_DISABLED_NONBLOCKING 1" >>confdefs.h - - + ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - + ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam \ conftest$ac_exeext conftest.$ac_ext - -fi -rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - - + ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext - + ;; +esac fi rm -f core conftest.err conftest.$ac_objext conftest.beam conftest.$ac_ext { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $nonblock" >&5 @@ -23978,37 +26492,55 @@ printf "%s\n" "$as_me: ERROR: ${crypto_errors}" >&6;} fi if test $missing_required_deps = 1; then - as_fn_error $? "Required dependencies are missing!" "$LINENO" 5 + as_fn_error $? "Required dependencies are missing." "$LINENO" 5 +fi + + if test "x$have_windows_h" = "xyes" && test "x${enable_shared}" = "xyes" && test -n "${RC}"; then + HAVE_WINDRES_TRUE= + HAVE_WINDRES_FALSE='#' +else + HAVE_WINDRES_TRUE='#' + HAVE_WINDRES_FALSE= +fi + + + if test "x$enable_static" != "xno"; then + HAVE_LIB_STATIC_TRUE= + HAVE_LIB_STATIC_FALSE='#' +else + HAVE_LIB_STATIC_TRUE='#' + HAVE_LIB_STATIC_FALSE= fi + # Configure parameters - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether to enable compiler warnings as errors" >&5 -printf %s "checking whether to enable compiler warnings as errors... " >&6; } - OPT_COMPILER_WERROR="default" - # Check whether --enable-werror was given. -if test ${enable_werror+y} -then : - enableval=$enable_werror; OPT_COMPILER_WERROR=$enableval +# Append crypto lib +if test "$found_crypto" = "openssl"; then + LIBS="${LIBS} ${LTLIBSSL}" +elif test "$found_crypto" = "wolfssl"; then + LIBS="${LIBS} ${LTLIBWOLFSSL}" +elif test "$found_crypto" = "libgcrypt"; then + LIBS="${LIBS} ${LTLIBGCRYPT}" +elif test "$found_crypto" = "wincng"; then + LIBS="${LIBS} ${LTLIBBCRYPT}" +elif test "$found_crypto" = "mbedtls"; then + LIBS="${LIBS} ${LTLIBMBEDCRYPTO}" fi - case "$OPT_COMPILER_WERROR" in - no) - want_werror="no" - ;; - default) - want_werror="no" - ;; - *) - want_werror="yes" - ;; - esac - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $want_werror" >&5 -printf "%s\n" "$want_werror" >&6; } +LIBS="${LIBS} ${LTLIBZ}" + +LIBSSH2_PC_LIBS_PRIVATE=$LIBS + + +if test "x$enable_shared" = "xyes"; then + LIBSSH2_PC_REQUIRES= + LIBSSH2_PC_LIBS= +else + LIBSSH2_PC_REQUIRES=$LIBSSH2_PC_REQUIRES_PRIVATE + LIBSSH2_PC_LIBS=$LIBSSH2_PC_LIBS_PRIVATE +fi - if test X"$want_werror" = Xyes; then - CFLAGS="$CFLAGS -Werror" - fi ac_config_files="$ac_config_files Makefile src/Makefile tests/Makefile tests/ossfuzz/Makefile example/Makefile docs/Makefile libssh2.pc" @@ -24023,8 +26555,8 @@ cat >confcache <<\_ACEOF # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # -# `ac_cv_env_foo' variables (set or unset) will be overridden when -# loading this file, other *unset* `ac_cv_foo' will be assigned the +# 'ac_cv_env_foo' variables (set or unset) will be overridden when +# loading this file, other *unset* 'ac_cv_foo' will be assigned the # following values. _ACEOF @@ -24054,14 +26586,14 @@ printf "%s\n" "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) - # `set' does not quote correctly, so add quotes: double-quote + # 'set' does not quote correctly, so add quotes: double-quote # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; #( *) - # `set' quotes correctly as required by POSIX, so do not add quotes. + # 'set' quotes correctly as required by POSIX, so do not add quotes. sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | @@ -24163,20 +26695,18 @@ if test -z "${SSHD_TRUE}" && test -z "${SSHD_FALSE}"; then Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${OPENSSL_TRUE}" && test -z "${OPENSSL_FALSE}"; then - as_fn_error $? "conditional \"OPENSSL\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${LIBGCRYPT_TRUE}" && test -z "${LIBGCRYPT_FALSE}"; then - as_fn_error $? "conditional \"LIBGCRYPT\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 +# Check whether --enable-year2038 was given. +if test ${enable_year2038+y} +then : + enableval=$enable_year2038; fi -if test -z "${MBEDTLS_TRUE}" && test -z "${MBEDTLS_FALSE}"; then - as_fn_error $? "conditional \"MBEDTLS\" was never defined. + +if test -z "${RUN_DOCKER_TESTS_TRUE}" && test -z "${RUN_DOCKER_TESTS_FALSE}"; then + as_fn_error $? "conditional \"RUN_DOCKER_TESTS\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${WINCNG_TRUE}" && test -z "${WINCNG_FALSE}"; then - as_fn_error $? "conditional \"WINCNG\" was never defined. +if test -z "${RUN_SSHD_TESTS_TRUE}" && test -z "${RUN_SSHD_TESTS_FALSE}"; then + as_fn_error $? "conditional \"RUN_SSHD_TESTS\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_EXAMPLES_TRUE}" && test -z "${BUILD_EXAMPLES_FALSE}"; then @@ -24195,8 +26725,12 @@ if test -z "${USE_OSSFUZZ_STATIC_TRUE}" && test -z "${USE_OSSFUZZ_STATIC_FALSE}" as_fn_error $? "conditional \"USE_OSSFUZZ_STATIC\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${HAVE_SYS_UN_H_TRUE}" && test -z "${HAVE_SYS_UN_H_FALSE}"; then - as_fn_error $? "conditional \"HAVE_SYS_UN_H\" was never defined. +if test -z "${HAVE_WINDRES_TRUE}" && test -z "${HAVE_WINDRES_FALSE}"; then + as_fn_error $? "conditional \"HAVE_WINDRES\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HAVE_LIB_STATIC_TRUE}" && test -z "${HAVE_LIB_STATIC_FALSE}"; then + as_fn_error $? "conditional \"HAVE_LIB_STATIC\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi @@ -24228,7 +26762,6 @@ cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -as_nop=: if test ${ZSH_VERSION+y} && (emulate sh) >/dev/null 2>&1 then : emulate sh @@ -24237,12 +26770,13 @@ then : # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST -else $as_nop - case `(set -o) 2>/dev/null` in #( +else case e in #( + e) case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; +esac ;; esac fi @@ -24314,7 +26848,7 @@ IFS=$as_save_IFS ;; esac -# We did not find ourselves, most probably we were run as `sh COMMAND' +# We did not find ourselves, most probably we were run as 'sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 @@ -24343,7 +26877,6 @@ as_fn_error () } # as_fn_error - # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. @@ -24383,11 +26916,12 @@ then : { eval $1+=\$2 }' -else $as_nop - as_fn_append () +else case e in #( + e) as_fn_append () { eval $1=\$$1\$2 - } + } ;; +esac fi # as_fn_append # as_fn_arith ARG... @@ -24401,11 +26935,12 @@ then : { as_val=$(( $* )) }' -else $as_nop - as_fn_arith () +else case e in #( + e) as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` - } + } ;; +esac fi # as_fn_arith @@ -24488,9 +27023,9 @@ if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. + # 1) On MSYS, both 'ln -s file dir' and 'ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; 'ln -s' creates a wrapper executable. + # In both cases, we have to default to 'cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then @@ -24571,10 +27106,12 @@ as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" +as_sed_cpp="y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g" +as_tr_cpp="eval sed '$as_sed_cpp'" # deprecated # Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" +as_sed_sh="y%*+%pp%;s%[^_$as_cr_alnum]%_%g" +as_tr_sh="eval sed '$as_sed_sh'" # deprecated exec 6>&1 @@ -24590,7 +27127,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # values after options handling. ac_log=" This file was extended by libssh2 $as_me -, which was -generated by GNU Autoconf 2.71. Invocation command line was +generated by GNU Autoconf 2.72. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -24622,7 +27159,7 @@ _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ -\`$as_me' instantiates files and other configuration actions +'$as_me' instantiates files and other configuration actions from templates according to the current configuration. Unless the files and actions are specified as TAGs, all are instantiated by default. @@ -24649,7 +27186,7 @@ $config_headers Configuration commands: $config_commands -Report bugs to ." +Report bugs to ." _ACEOF ac_cs_config=`printf "%s\n" "$ac_configure_args" | sed "$ac_safe_unquote"` @@ -24658,10 +27195,10 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ libssh2 config.status - -configured by $0, generated by GNU Autoconf 2.71, +configured by $0, generated by GNU Autoconf 2.72, with options \\"\$ac_cs_config\\" -Copyright (C) 2021 Free Software Foundation, Inc. +Copyright (C) 2023 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -24723,8 +27260,8 @@ do ac_need_defaults=false;; --he | --h) # Conflict between --help and --header - as_fn_error $? "ambiguous option: \`$1' -Try \`$0 --help' for more information.";; + as_fn_error $? "ambiguous option: '$1' +Try '$0 --help' for more information.";; --help | --hel | -h ) printf "%s\n" "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ @@ -24732,8 +27269,8 @@ Try \`$0 --help' for more information.";; ac_cs_silent=: ;; # This is an error. - -*) as_fn_error $? "unrecognized option: \`$1' -Try \`$0 --help' for more information." ;; + -*) as_fn_error $? "unrecognized option: '$1' +Try '$0 --help' for more information." ;; *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; @@ -24786,11 +27323,11 @@ AMDEP_TRUE="$AMDEP_TRUE" MAKE="${MAKE-make}" sed_quote_subst='$sed_quote_subst' double_quote_subst='$double_quote_subst' delay_variable_subst='$delay_variable_subst' +macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' +macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' AS='`$ECHO "$AS" | $SED "$delay_single_quote_subst"`' DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`' OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`' -macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' -macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`' enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`' pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`' @@ -24823,12 +27360,14 @@ lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_q lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`' reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`' reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`' +FILECMD='`$ECHO "$FILECMD" | $SED "$delay_single_quote_subst"`' deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`' file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`' file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`' want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`' sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`' AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`' +lt_ar_flags='`$ECHO "$lt_ar_flags" | $SED "$delay_single_quote_subst"`' AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`' archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`' STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`' @@ -24929,53 +27468,101 @@ predeps='`$ECHO "$predeps" | $SED "$delay_single_quote_subst"`' postdeps='`$ECHO "$postdeps" | $SED "$delay_single_quote_subst"`' compiler_lib_search_path='`$ECHO "$compiler_lib_search_path" | $SED "$delay_single_quote_subst"`' LD_CXX='`$ECHO "$LD_CXX" | $SED "$delay_single_quote_subst"`' +LD_RC='`$ECHO "$LD_RC" | $SED "$delay_single_quote_subst"`' reload_flag_CXX='`$ECHO "$reload_flag_CXX" | $SED "$delay_single_quote_subst"`' +reload_flag_RC='`$ECHO "$reload_flag_RC" | $SED "$delay_single_quote_subst"`' reload_cmds_CXX='`$ECHO "$reload_cmds_CXX" | $SED "$delay_single_quote_subst"`' +reload_cmds_RC='`$ECHO "$reload_cmds_RC" | $SED "$delay_single_quote_subst"`' old_archive_cmds_CXX='`$ECHO "$old_archive_cmds_CXX" | $SED "$delay_single_quote_subst"`' +old_archive_cmds_RC='`$ECHO "$old_archive_cmds_RC" | $SED "$delay_single_quote_subst"`' compiler_CXX='`$ECHO "$compiler_CXX" | $SED "$delay_single_quote_subst"`' +compiler_RC='`$ECHO "$compiler_RC" | $SED "$delay_single_quote_subst"`' GCC_CXX='`$ECHO "$GCC_CXX" | $SED "$delay_single_quote_subst"`' +GCC_RC='`$ECHO "$GCC_RC" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_no_builtin_flag_CXX='`$ECHO "$lt_prog_compiler_no_builtin_flag_CXX" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_no_builtin_flag_RC='`$ECHO "$lt_prog_compiler_no_builtin_flag_RC" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_pic_CXX='`$ECHO "$lt_prog_compiler_pic_CXX" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_pic_RC='`$ECHO "$lt_prog_compiler_pic_RC" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_wl_CXX='`$ECHO "$lt_prog_compiler_wl_CXX" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_wl_RC='`$ECHO "$lt_prog_compiler_wl_RC" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_static_CXX='`$ECHO "$lt_prog_compiler_static_CXX" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_static_RC='`$ECHO "$lt_prog_compiler_static_RC" | $SED "$delay_single_quote_subst"`' lt_cv_prog_compiler_c_o_CXX='`$ECHO "$lt_cv_prog_compiler_c_o_CXX" | $SED "$delay_single_quote_subst"`' +lt_cv_prog_compiler_c_o_RC='`$ECHO "$lt_cv_prog_compiler_c_o_RC" | $SED "$delay_single_quote_subst"`' archive_cmds_need_lc_CXX='`$ECHO "$archive_cmds_need_lc_CXX" | $SED "$delay_single_quote_subst"`' +archive_cmds_need_lc_RC='`$ECHO "$archive_cmds_need_lc_RC" | $SED "$delay_single_quote_subst"`' enable_shared_with_static_runtimes_CXX='`$ECHO "$enable_shared_with_static_runtimes_CXX" | $SED "$delay_single_quote_subst"`' +enable_shared_with_static_runtimes_RC='`$ECHO "$enable_shared_with_static_runtimes_RC" | $SED "$delay_single_quote_subst"`' export_dynamic_flag_spec_CXX='`$ECHO "$export_dynamic_flag_spec_CXX" | $SED "$delay_single_quote_subst"`' +export_dynamic_flag_spec_RC='`$ECHO "$export_dynamic_flag_spec_RC" | $SED "$delay_single_quote_subst"`' whole_archive_flag_spec_CXX='`$ECHO "$whole_archive_flag_spec_CXX" | $SED "$delay_single_quote_subst"`' +whole_archive_flag_spec_RC='`$ECHO "$whole_archive_flag_spec_RC" | $SED "$delay_single_quote_subst"`' compiler_needs_object_CXX='`$ECHO "$compiler_needs_object_CXX" | $SED "$delay_single_quote_subst"`' +compiler_needs_object_RC='`$ECHO "$compiler_needs_object_RC" | $SED "$delay_single_quote_subst"`' old_archive_from_new_cmds_CXX='`$ECHO "$old_archive_from_new_cmds_CXX" | $SED "$delay_single_quote_subst"`' +old_archive_from_new_cmds_RC='`$ECHO "$old_archive_from_new_cmds_RC" | $SED "$delay_single_quote_subst"`' old_archive_from_expsyms_cmds_CXX='`$ECHO "$old_archive_from_expsyms_cmds_CXX" | $SED "$delay_single_quote_subst"`' +old_archive_from_expsyms_cmds_RC='`$ECHO "$old_archive_from_expsyms_cmds_RC" | $SED "$delay_single_quote_subst"`' archive_cmds_CXX='`$ECHO "$archive_cmds_CXX" | $SED "$delay_single_quote_subst"`' +archive_cmds_RC='`$ECHO "$archive_cmds_RC" | $SED "$delay_single_quote_subst"`' archive_expsym_cmds_CXX='`$ECHO "$archive_expsym_cmds_CXX" | $SED "$delay_single_quote_subst"`' +archive_expsym_cmds_RC='`$ECHO "$archive_expsym_cmds_RC" | $SED "$delay_single_quote_subst"`' module_cmds_CXX='`$ECHO "$module_cmds_CXX" | $SED "$delay_single_quote_subst"`' +module_cmds_RC='`$ECHO "$module_cmds_RC" | $SED "$delay_single_quote_subst"`' module_expsym_cmds_CXX='`$ECHO "$module_expsym_cmds_CXX" | $SED "$delay_single_quote_subst"`' +module_expsym_cmds_RC='`$ECHO "$module_expsym_cmds_RC" | $SED "$delay_single_quote_subst"`' with_gnu_ld_CXX='`$ECHO "$with_gnu_ld_CXX" | $SED "$delay_single_quote_subst"`' +with_gnu_ld_RC='`$ECHO "$with_gnu_ld_RC" | $SED "$delay_single_quote_subst"`' allow_undefined_flag_CXX='`$ECHO "$allow_undefined_flag_CXX" | $SED "$delay_single_quote_subst"`' +allow_undefined_flag_RC='`$ECHO "$allow_undefined_flag_RC" | $SED "$delay_single_quote_subst"`' no_undefined_flag_CXX='`$ECHO "$no_undefined_flag_CXX" | $SED "$delay_single_quote_subst"`' +no_undefined_flag_RC='`$ECHO "$no_undefined_flag_RC" | $SED "$delay_single_quote_subst"`' hardcode_libdir_flag_spec_CXX='`$ECHO "$hardcode_libdir_flag_spec_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_flag_spec_RC='`$ECHO "$hardcode_libdir_flag_spec_RC" | $SED "$delay_single_quote_subst"`' hardcode_libdir_separator_CXX='`$ECHO "$hardcode_libdir_separator_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_libdir_separator_RC='`$ECHO "$hardcode_libdir_separator_RC" | $SED "$delay_single_quote_subst"`' hardcode_direct_CXX='`$ECHO "$hardcode_direct_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_direct_RC='`$ECHO "$hardcode_direct_RC" | $SED "$delay_single_quote_subst"`' hardcode_direct_absolute_CXX='`$ECHO "$hardcode_direct_absolute_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_direct_absolute_RC='`$ECHO "$hardcode_direct_absolute_RC" | $SED "$delay_single_quote_subst"`' hardcode_minus_L_CXX='`$ECHO "$hardcode_minus_L_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_minus_L_RC='`$ECHO "$hardcode_minus_L_RC" | $SED "$delay_single_quote_subst"`' hardcode_shlibpath_var_CXX='`$ECHO "$hardcode_shlibpath_var_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_shlibpath_var_RC='`$ECHO "$hardcode_shlibpath_var_RC" | $SED "$delay_single_quote_subst"`' hardcode_automatic_CXX='`$ECHO "$hardcode_automatic_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_automatic_RC='`$ECHO "$hardcode_automatic_RC" | $SED "$delay_single_quote_subst"`' inherit_rpath_CXX='`$ECHO "$inherit_rpath_CXX" | $SED "$delay_single_quote_subst"`' +inherit_rpath_RC='`$ECHO "$inherit_rpath_RC" | $SED "$delay_single_quote_subst"`' link_all_deplibs_CXX='`$ECHO "$link_all_deplibs_CXX" | $SED "$delay_single_quote_subst"`' +link_all_deplibs_RC='`$ECHO "$link_all_deplibs_RC" | $SED "$delay_single_quote_subst"`' always_export_symbols_CXX='`$ECHO "$always_export_symbols_CXX" | $SED "$delay_single_quote_subst"`' +always_export_symbols_RC='`$ECHO "$always_export_symbols_RC" | $SED "$delay_single_quote_subst"`' export_symbols_cmds_CXX='`$ECHO "$export_symbols_cmds_CXX" | $SED "$delay_single_quote_subst"`' +export_symbols_cmds_RC='`$ECHO "$export_symbols_cmds_RC" | $SED "$delay_single_quote_subst"`' exclude_expsyms_CXX='`$ECHO "$exclude_expsyms_CXX" | $SED "$delay_single_quote_subst"`' +exclude_expsyms_RC='`$ECHO "$exclude_expsyms_RC" | $SED "$delay_single_quote_subst"`' include_expsyms_CXX='`$ECHO "$include_expsyms_CXX" | $SED "$delay_single_quote_subst"`' +include_expsyms_RC='`$ECHO "$include_expsyms_RC" | $SED "$delay_single_quote_subst"`' prelink_cmds_CXX='`$ECHO "$prelink_cmds_CXX" | $SED "$delay_single_quote_subst"`' +prelink_cmds_RC='`$ECHO "$prelink_cmds_RC" | $SED "$delay_single_quote_subst"`' postlink_cmds_CXX='`$ECHO "$postlink_cmds_CXX" | $SED "$delay_single_quote_subst"`' +postlink_cmds_RC='`$ECHO "$postlink_cmds_RC" | $SED "$delay_single_quote_subst"`' file_list_spec_CXX='`$ECHO "$file_list_spec_CXX" | $SED "$delay_single_quote_subst"`' +file_list_spec_RC='`$ECHO "$file_list_spec_RC" | $SED "$delay_single_quote_subst"`' hardcode_action_CXX='`$ECHO "$hardcode_action_CXX" | $SED "$delay_single_quote_subst"`' +hardcode_action_RC='`$ECHO "$hardcode_action_RC" | $SED "$delay_single_quote_subst"`' compiler_lib_search_dirs_CXX='`$ECHO "$compiler_lib_search_dirs_CXX" | $SED "$delay_single_quote_subst"`' +compiler_lib_search_dirs_RC='`$ECHO "$compiler_lib_search_dirs_RC" | $SED "$delay_single_quote_subst"`' predep_objects_CXX='`$ECHO "$predep_objects_CXX" | $SED "$delay_single_quote_subst"`' +predep_objects_RC='`$ECHO "$predep_objects_RC" | $SED "$delay_single_quote_subst"`' postdep_objects_CXX='`$ECHO "$postdep_objects_CXX" | $SED "$delay_single_quote_subst"`' +postdep_objects_RC='`$ECHO "$postdep_objects_RC" | $SED "$delay_single_quote_subst"`' predeps_CXX='`$ECHO "$predeps_CXX" | $SED "$delay_single_quote_subst"`' +predeps_RC='`$ECHO "$predeps_RC" | $SED "$delay_single_quote_subst"`' postdeps_CXX='`$ECHO "$postdeps_CXX" | $SED "$delay_single_quote_subst"`' +postdeps_RC='`$ECHO "$postdeps_RC" | $SED "$delay_single_quote_subst"`' compiler_lib_search_path_CXX='`$ECHO "$compiler_lib_search_path_CXX" | $SED "$delay_single_quote_subst"`' +compiler_lib_search_path_RC='`$ECHO "$compiler_lib_search_path_RC" | $SED "$delay_single_quote_subst"`' LTCC='$LTCC' LTCFLAGS='$LTCFLAGS' @@ -25006,13 +27593,13 @@ LN_S \ lt_SP2NL \ lt_NL2SP \ reload_flag \ +FILECMD \ deplibs_check_method \ file_magic_cmd \ file_magic_glob \ want_nocaseglob \ sharedlib_from_linklib_cmd \ AR \ -AR_FLAGS \ archiver_list_spec \ STRIP \ RANLIB \ @@ -25066,30 +27653,55 @@ predeps \ postdeps \ compiler_lib_search_path \ LD_CXX \ +LD_RC \ reload_flag_CXX \ +reload_flag_RC \ compiler_CXX \ +compiler_RC \ lt_prog_compiler_no_builtin_flag_CXX \ +lt_prog_compiler_no_builtin_flag_RC \ lt_prog_compiler_pic_CXX \ +lt_prog_compiler_pic_RC \ lt_prog_compiler_wl_CXX \ +lt_prog_compiler_wl_RC \ lt_prog_compiler_static_CXX \ +lt_prog_compiler_static_RC \ lt_cv_prog_compiler_c_o_CXX \ +lt_cv_prog_compiler_c_o_RC \ export_dynamic_flag_spec_CXX \ +export_dynamic_flag_spec_RC \ whole_archive_flag_spec_CXX \ +whole_archive_flag_spec_RC \ compiler_needs_object_CXX \ +compiler_needs_object_RC \ with_gnu_ld_CXX \ +with_gnu_ld_RC \ allow_undefined_flag_CXX \ +allow_undefined_flag_RC \ no_undefined_flag_CXX \ +no_undefined_flag_RC \ hardcode_libdir_flag_spec_CXX \ +hardcode_libdir_flag_spec_RC \ hardcode_libdir_separator_CXX \ +hardcode_libdir_separator_RC \ exclude_expsyms_CXX \ +exclude_expsyms_RC \ include_expsyms_CXX \ +include_expsyms_RC \ file_list_spec_CXX \ +file_list_spec_RC \ compiler_lib_search_dirs_CXX \ +compiler_lib_search_dirs_RC \ predep_objects_CXX \ +predep_objects_RC \ postdep_objects_CXX \ +postdep_objects_RC \ predeps_CXX \ +predeps_RC \ postdeps_CXX \ -compiler_lib_search_path_CXX; do +postdeps_RC \ +compiler_lib_search_path_CXX \ +compiler_lib_search_path_RC; do case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in *[\\\\\\\`\\"\\\$]*) eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED \\"\\\$sed_quote_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes @@ -25122,16 +27734,27 @@ sys_lib_search_path_spec \ configure_time_dlsearch_path \ configure_time_lt_sys_library_path \ reload_cmds_CXX \ +reload_cmds_RC \ old_archive_cmds_CXX \ +old_archive_cmds_RC \ old_archive_from_new_cmds_CXX \ +old_archive_from_new_cmds_RC \ old_archive_from_expsyms_cmds_CXX \ +old_archive_from_expsyms_cmds_RC \ archive_cmds_CXX \ +archive_cmds_RC \ archive_expsym_cmds_CXX \ +archive_expsym_cmds_RC \ module_cmds_CXX \ +module_cmds_RC \ module_expsym_cmds_CXX \ +module_expsym_cmds_RC \ export_symbols_cmds_CXX \ +export_symbols_cmds_RC \ prelink_cmds_CXX \ -postlink_cmds_CXX; do +prelink_cmds_RC \ +postlink_cmds_CXX \ +postlink_cmds_RC; do case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in *[\\\\\\\`\\"\\\$]*) eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" ## exclude from sc_prohibit_nested_quotes @@ -25161,6 +27784,8 @@ fi + + _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 @@ -25180,7 +27805,7 @@ do "docs/Makefile") CONFIG_FILES="$CONFIG_FILES docs/Makefile" ;; "libssh2.pc") CONFIG_FILES="$CONFIG_FILES libssh2.pc" ;; - *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; + *) as_fn_error $? "invalid argument: '$ac_config_target'" "$LINENO" 5;; esac done @@ -25200,7 +27825,7 @@ fi # creating and moving files from /tmp can sometimes cause problems. # Hook for its removal unless debugging. # Note that there is a small window in which the directory will not be cleaned: -# after its creation but before its name has been assigned to `$tmp'. +# after its creation but before its name has been assigned to '$tmp'. $debug || { tmp= ac_tmp= @@ -25224,7 +27849,7 @@ ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. -# This happens for instance with `./config.status config.h'. +# This happens for instance with './config.status config.h'. if test -n "$CONFIG_FILES"; then @@ -25382,13 +28007,13 @@ fi # test -n "$CONFIG_FILES" # Set up the scripts for CONFIG_HEADERS section. # No need to generate them if there are no CONFIG_HEADERS. -# This happens for instance with `./config.status Makefile'. +# This happens for instance with './config.status Makefile'. if test -n "$CONFIG_HEADERS"; then cat >"$ac_tmp/defines.awk" <<\_ACAWK || BEGIN { _ACEOF -# Transform confdefs.h into an awk script `defines.awk', embedded as +# Transform confdefs.h into an awk script 'defines.awk', embedded as # here-document in config.status, that substitutes the proper values into # config.h.in to produce config.h. @@ -25498,7 +28123,7 @@ do esac case $ac_mode$ac_tag in :[FHL]*:*);; - :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; + :L* | :C*:*) as_fn_error $? "invalid tag '$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac @@ -25520,19 +28145,19 @@ do -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, - # because $ac_f cannot contain `:'. + # because $ac_f cannot contain ':'. test -f "$ac_f" || case $ac_f in [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || - as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; + as_fn_error 1 "cannot find input file: '$ac_f'" "$LINENO" 5;; esac case $ac_f in *\'*) ac_f=`printf "%s\n" "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" done - # Let's still pretend it is `configure' which instantiates (i.e., don't + # Let's still pretend it is 'configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ configure_input='Generated from '` @@ -25665,7 +28290,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 esac _ACEOF -# Neutralize VPATH when `$srcdir' = `.'. +# Neutralize VPATH when '$srcdir' = '.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 @@ -25696,9 +28321,9 @@ test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ "$ac_tmp/out"`; test -z "$ac_out"; } && - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable 'datarootdir' which seems to be undefined. Please make sure it is defined" >&5 -printf "%s\n" "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +printf "%s\n" "$as_me: WARNING: $ac_file contains a reference to the variable 'datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$ac_tmp/stdin" @@ -25853,15 +28478,15 @@ printf "%s\n" X/"$am_mf" | (exit $ac_status); } || am_rc=$? done if test $am_rc -ne 0; then - { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -printf "%s\n" "$as_me: error: in \`$ac_pwd':" >&2;} + { { printf "%s\n" "$as_me:${as_lineno-$LINENO}: error: in '$ac_pwd':" >&5 +printf "%s\n" "$as_me: error: in '$ac_pwd':" >&2;} as_fn_error $? "Something went wrong bootstrapping makefile fragments for automatic dependency tracking. If GNU make was not used, consider re-running the configure script with MAKE=\"gmake\" (or whatever is necessary). You can also try re-running configure with the '--disable-dependency-tracking' option to at least be able to build the package (albeit without support for automatic dependency tracking). -See \`config.log' for more details" "$LINENO" 5; } +See 'config.log' for more details" "$LINENO" 5; } fi { am_dirpart=; unset am_dirpart;} { am_filepart=; unset am_filepart;} @@ -25914,13 +28539,17 @@ See \`config.log' for more details" "$LINENO" 5; } # The names of the tagged configurations supported by this script. -available_tags='CXX ' +available_tags='CXX RC ' # Configured defaults for sys_lib_dlsearch_path munging. : \${LT_SYS_LIBRARY_PATH="$configure_time_lt_sys_library_path"} # ### BEGIN LIBTOOL CONFIG +# Which release of libtool.m4 was used? +macro_version=$macro_version +macro_revision=$macro_revision + # Assembler program. AS=$lt_AS @@ -25930,10 +28559,6 @@ DLLTOOL=$lt_DLLTOOL # Object dumper program. OBJDUMP=$lt_OBJDUMP -# Which release of libtool.m4 was used? -macro_version=$macro_version -macro_revision=$macro_revision - # Whether or not to build shared libraries. build_libtool_libs=$enable_shared @@ -26013,6 +28638,9 @@ to_host_file_cmd=$lt_cv_to_host_file_cmd # convert \$build files to toolchain format. to_tool_file_cmd=$lt_cv_to_tool_file_cmd +# A file(cmd) program that detects file types. +FILECMD=$lt_FILECMD + # Method to check whether dependent libraries are shared objects. deplibs_check_method=$lt_deplibs_check_method @@ -26031,8 +28659,11 @@ sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd # The archiver. AR=$lt_AR +# Flags to create an archive (by configure). +lt_ar_flags=$lt_ar_flags + # Flags to create an archive. -AR_FLAGS=$lt_AR_FLAGS +AR_FLAGS=\${ARFLAGS-"\$lt_ar_flags"} # How to feed a file listing to the archiver. archiver_list_spec=$lt_archiver_list_spec @@ -26422,7 +29053,7 @@ ltmain=$ac_aux_dir/ltmain.sh # if finds mixed CR/LF and LF-only lines. Since sed operates in # text mode, it properly converts lines to CR/LF. This bash problem # is reportedly fixed, but why not run on old versions too? - sed '$q' "$ltmain" >> "$cfgfile" \ + $SED '$q' "$ltmain" >> "$cfgfile" \ || (rm -f "$cfgfile"; exit 1) mv -f "$cfgfile" "$ofile" || @@ -26582,6 +29213,159 @@ compiler_lib_search_path=$lt_compiler_lib_search_path_CXX # ### END LIBTOOL TAG CONFIG: CXX _LT_EOF + + cat <<_LT_EOF >> "$ofile" + +# ### BEGIN LIBTOOL TAG CONFIG: RC + +# The linker used to build libraries. +LD=$lt_LD_RC + +# How to create reloadable object files. +reload_flag=$lt_reload_flag_RC +reload_cmds=$lt_reload_cmds_RC + +# Commands used to build an old-style archive. +old_archive_cmds=$lt_old_archive_cmds_RC + +# A language specific compiler. +CC=$lt_compiler_RC + +# Is the compiler the GNU compiler? +with_gcc=$GCC_RC + +# Compiler flag to turn off builtin functions. +no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_RC + +# Additional compiler flags for building library objects. +pic_flag=$lt_lt_prog_compiler_pic_RC + +# How to pass a linker flag through the compiler. +wl=$lt_lt_prog_compiler_wl_RC + +# Compiler flag to prevent dynamic linking. +link_static_flag=$lt_lt_prog_compiler_static_RC + +# Does compiler simultaneously support -c and -o options? +compiler_c_o=$lt_lt_cv_prog_compiler_c_o_RC + +# Whether or not to add -lc for building shared libraries. +build_libtool_need_lc=$archive_cmds_need_lc_RC + +# Whether or not to disallow shared libs when runtime libs are static. +allow_libtool_libs_with_static_runtimes=$enable_shared_with_static_runtimes_RC + +# Compiler flag to allow reflexive dlopens. +export_dynamic_flag_spec=$lt_export_dynamic_flag_spec_RC + +# Compiler flag to generate shared objects directly from archives. +whole_archive_flag_spec=$lt_whole_archive_flag_spec_RC + +# Whether the compiler copes with passing no objects directly. +compiler_needs_object=$lt_compiler_needs_object_RC + +# Create an old-style archive from a shared archive. +old_archive_from_new_cmds=$lt_old_archive_from_new_cmds_RC + +# Create a temporary old-style archive to link instead of a shared archive. +old_archive_from_expsyms_cmds=$lt_old_archive_from_expsyms_cmds_RC + +# Commands used to build a shared archive. +archive_cmds=$lt_archive_cmds_RC +archive_expsym_cmds=$lt_archive_expsym_cmds_RC + +# Commands used to build a loadable module if different from building +# a shared archive. +module_cmds=$lt_module_cmds_RC +module_expsym_cmds=$lt_module_expsym_cmds_RC + +# Whether we are building with GNU ld or not. +with_gnu_ld=$lt_with_gnu_ld_RC + +# Flag that allows shared libraries with undefined symbols to be built. +allow_undefined_flag=$lt_allow_undefined_flag_RC + +# Flag that enforces no undefined symbols. +no_undefined_flag=$lt_no_undefined_flag_RC + +# Flag to hardcode \$libdir into a binary during linking. +# This must work even if \$libdir does not exist +hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_RC + +# Whether we need a single "-rpath" flag with a separated argument. +hardcode_libdir_separator=$lt_hardcode_libdir_separator_RC + +# Set to "yes" if using DIR/libNAME\$shared_ext during linking hardcodes +# DIR into the resulting binary. +hardcode_direct=$hardcode_direct_RC + +# Set to "yes" if using DIR/libNAME\$shared_ext during linking hardcodes +# DIR into the resulting binary and the resulting library dependency is +# "absolute",i.e impossible to change by setting \$shlibpath_var if the +# library is relocated. +hardcode_direct_absolute=$hardcode_direct_absolute_RC + +# Set to "yes" if using the -LDIR flag during linking hardcodes DIR +# into the resulting binary. +hardcode_minus_L=$hardcode_minus_L_RC + +# Set to "yes" if using SHLIBPATH_VAR=DIR during linking hardcodes DIR +# into the resulting binary. +hardcode_shlibpath_var=$hardcode_shlibpath_var_RC + +# Set to "yes" if building a shared library automatically hardcodes DIR +# into the library and all subsequent libraries and executables linked +# against it. +hardcode_automatic=$hardcode_automatic_RC + +# Set to yes if linker adds runtime paths of dependent libraries +# to runtime path list. +inherit_rpath=$inherit_rpath_RC + +# Whether libtool must link a program against all its dependency libraries. +link_all_deplibs=$link_all_deplibs_RC + +# Set to "yes" if exported symbols are required. +always_export_symbols=$always_export_symbols_RC + +# The commands to list exported symbols. +export_symbols_cmds=$lt_export_symbols_cmds_RC + +# Symbols that should not be listed in the preloaded symbols. +exclude_expsyms=$lt_exclude_expsyms_RC + +# Symbols that must always be exported. +include_expsyms=$lt_include_expsyms_RC + +# Commands necessary for linking programs (against libraries) with templates. +prelink_cmds=$lt_prelink_cmds_RC + +# Commands necessary for finishing linking programs. +postlink_cmds=$lt_postlink_cmds_RC + +# Specify filename containing input files. +file_list_spec=$lt_file_list_spec_RC + +# How to hardcode a shared library path into an executable. +hardcode_action=$hardcode_action_RC + +# The directories searched by this compiler when creating a shared library. +compiler_lib_search_dirs=$lt_compiler_lib_search_dirs_RC + +# Dependencies to place before and after the objects being linked to +# create a shared library. +predep_objects=$lt_predep_objects_RC +postdep_objects=$lt_postdep_objects_RC +predeps=$lt_predeps_RC +postdeps=$lt_postdeps_RC + +# The library search path used internally by the compiler when linking +# a shared library. +compiler_lib_search_path=$lt_compiler_lib_search_path_RC + +# ### END LIBTOOL TAG CONFIG: RC +_LT_EOF + ;; esac @@ -26624,32 +29408,40 @@ fi { printf "%s\n" "$as_me:${as_lineno-$LINENO}: summary of build options: - version: ${LIBSSH2VER} + version: ${LIBSSH2_VERSION} Host type: ${host} Install prefix: ${prefix} Compiler: ${CC} Compiler flags: ${CFLAGS} Library types: Shared=${enable_shared}, Static=${enable_static} Crypto library: ${found_crypto_str} + WinCNG ECDSA: $wincng_ecdsa + zlib compression: ${found_libz} Clear memory: $enable_clear_memory + Deprecated APIs: $with_deprecated Debug build: $enable_debug Build examples: $build_examples + Run Docker tests: $run_docker_tests + Run sshd tests: $run_sshd_tests Path to sshd: $ac_cv_path_SSHD (only for self-tests) - zlib compression: ${found_libz} " >&5 printf "%s\n" "$as_me: summary of build options: - version: ${LIBSSH2VER} + version: ${LIBSSH2_VERSION} Host type: ${host} Install prefix: ${prefix} Compiler: ${CC} Compiler flags: ${CFLAGS} Library types: Shared=${enable_shared}, Static=${enable_static} Crypto library: ${found_crypto_str} + WinCNG ECDSA: $wincng_ecdsa + zlib compression: ${found_libz} Clear memory: $enable_clear_memory + Deprecated APIs: $with_deprecated Debug build: $enable_debug Build examples: $build_examples + Run Docker tests: $run_docker_tests + Run sshd tests: $run_sshd_tests Path to sshd: $ac_cv_path_SSHD (only for self-tests) - zlib compression: ${found_libz} " >&6;} diff --git a/configure.ac b/configure.ac index c4fc3e4..21ae441 100644 --- a/configure.ac +++ b/configure.ac @@ -1,8 +1,14 @@ -# AC_PREREQ(2.57) -AC_INIT(libssh2, [-], libssh2-devel@cool.haxx.se) +# Copyright (C) The libssh2 project and its contributors. +# +# SPDX-License-Identifier: BSD-3-Clause +# + +# AC_PREREQ(2.59) +AC_INIT([libssh2],[-],[libssh2-devel@lists.haxx.se]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([src]) AC_CONFIG_HEADERS([src/libssh2_config.h]) +AC_REQUIRE_AUX_FILE([tap-driver.sh]) AM_MAINTAINER_MODE m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) @@ -16,16 +22,12 @@ if test "x$SED" = "xsed-was-not-found-by-configure"; then fi dnl figure out the libssh2 version -LIBSSH2VER=`$SED -ne 's/^#define LIBSSH2_VERSION *"\(.*\)"/\1/p' ${srcdir}/include/libssh2.h` +LIBSSH2_VERSION=`$SED -ne 's/^#define LIBSSH2_VERSION *"\(.*\)"/\1/p' ${srcdir}/include/libssh2.h` AM_INIT_AUTOMAKE AC_MSG_CHECKING([libssh2 version]) -AC_MSG_RESULT($LIBSSH2VER) - -AC_SUBST(LIBSSH2VER) +AC_MSG_RESULT($LIBSSH2_VERSION) -AB_VERSION=$LIBSSH2VER - -AB_INIT +AC_SUBST(LIBSSH2_VERSION) # Check for the OS. # Daniel's note: this should not be necessary and we need to work to @@ -33,11 +35,9 @@ AB_INIT AC_CANONICAL_HOST case "$host" in *-mingw*) - CFLAGS="$CFLAGS -DLIBSSH2_WIN32" LIBS="$LIBS -lws2_32" ;; *darwin*) - CFLAGS="$CFLAGS -DLIBSSH2_DARWIN" ;; *hpux*) ;; @@ -48,12 +48,6 @@ case "$host" in ;; esac -AC_CHECK_TYPE(long long, - [AC_DEFINE(HAVE_LONGLONG, 1, - [Define to 1 if the compiler supports the 'long long' data type.])] - longlong="yes" -) - dnl Our configure and build reentrant settings CURL_CONFIGURE_REENTRANT @@ -74,10 +68,27 @@ AC_PATH_PROGS(SSHD, [sshd], [], [$PATH$PATH_SEPARATOR/usr/libexec$PATH_SEPARATOR]dnl [/usr/sbin$PATH_SEPARATOR/usr/etc$PATH_SEPARATOR/etc]) AM_CONDITIONAL(SSHD, test -n "$SSHD") +m4_ifdef([LT_INIT], +[dnl +LT_INIT([win32-dll]) +],[dnl AC_LIBTOOL_WIN32_DLL AC_PROG_LIBTOOL +]) AC_C_BIGENDIAN +LT_LANG([Windows Resource]) + +dnl check for windows.h +case $host in + *-*-msys | *-*-cygwin* | *-*-cegcc*) + # These are POSIX-like systems using BSD-like sockets API. + ;; + *) + AC_CHECK_HEADERS([windows.h], [have_windows_h=yes], [have_windows_h=no]) + ;; +esac + dnl check for how to do large files AC_SYS_LARGEFILE @@ -85,16 +96,16 @@ AC_SYS_LARGEFILE found_crypto=none found_crypto_str="" -support_clear_memory=no crypto_errors="" m4_set_add([crypto_backends], [openssl]) m4_set_add([crypto_backends], [libgcrypt]) m4_set_add([crypto_backends], [mbedtls]) m4_set_add([crypto_backends], [wincng]) +m4_set_add([crypto_backends], [wolfssl]) AC_ARG_WITH([crypto], - AC_HELP_STRING([--with-crypto=auto|]m4_set_contents([crypto_backends], [|]), + AS_HELP_STRING([--with-crypto=auto|]m4_set_contents([crypto_backends], [|]), [Select crypto backend (default: auto)]), use_crypto=$withval, use_crypto=auto @@ -105,16 +116,16 @@ case "${use_crypto}" in m4_set_map([crypto_backends], [LIBSSH2_CHECK_CRYPTO]) ;; yes|"") - crypto_errors="No crypto backend specified!" + crypto_errors="No crypto backend specified." ;; *) - crypto_errors="Unknown crypto backend '${use_crypto}' specified!" + crypto_errors="Unknown crypto backend '${use_crypto}' specified." ;; esac if test "$found_crypto" = "none"; then crypto_errors="${crypto_errors} -Specify --with-crypto=\$backend and/or the neccessary library search prefix. +Specify --with-crypto=\$backend and/or the necessary library search prefix. Known crypto backends: auto, m4_set_contents([crypto_backends], [, ])" AS_MESSAGE([ERROR: ${crypto_errors}]) @@ -122,14 +133,21 @@ else test "$found_crypto_str" = "" && found_crypto_str="$found_crypto" fi -m4_set_foreach([crypto_backends], [backend], - [AM_CONDITIONAL(m4_toupper(backend), test "$found_crypto" = "backend")] -) +# ECDSA support with WinCNG +AC_ARG_ENABLE(ecdsa-wincng, + AS_HELP_STRING([--enable-ecdsa-wincng], + WinCNG ECDSA support (requires Windows 10 or later)), + [wincng_ecdsa=$enableval]) +if test "$wincng_ecdsa" = yes; then + AC_DEFINE(LIBSSH2_ECDSA_WINCNG, 1, [Enable WinCNG ECDSA support]) +else + wincng_ecdsa=no +fi # libz AC_ARG_WITH([libz], - AC_HELP_STRING([--with-libz],[Use libz for compression]), + AS_HELP_STRING([--with-libz],[Use libz for compression]), use_libz=$withval, use_libz=auto) @@ -143,68 +161,43 @@ if test "$use_libz" != no; then AC_MSG_NOTICE([Cannot find libz, disabling compression]) found_libz="disabled; no libz found" else - libz_errors="No libz found! + libz_errors="No libz found. Try --with-libz-prefix=PATH if you know that you have it." AS_MESSAGE([ERROR: $libz_errors]) fi else AC_DEFINE(LIBSSH2_HAVE_ZLIB, 1, [Compile in zlib support]) - LIBSREQUIRED="$LIBSREQUIRED${LIBSREQUIRED:+ }zlib" + LIBSSH2_PC_REQUIRES_PRIVATE="$LIBSSH2_PC_REQUIRES_PRIVATE${LIBSSH2_PC_REQUIRES_PRIVATE:+,}zlib" found_libz="yes" fi fi -AC_SUBST(LIBSREQUIRED) +AC_SUBST(LIBSSH2_PC_REQUIRES_PRIVATE) # # Optional Settings # -AC_ARG_ENABLE(crypt-none, - AC_HELP_STRING([--enable-crypt-none],[Permit "none" cipher -- NOT RECOMMENDED]), - [AC_DEFINE(LIBSSH2_CRYPT_NONE, 1, [Enable "none" cipher -- NOT RECOMMENDED])]) - -AC_ARG_ENABLE(mac-none, - AC_HELP_STRING([--enable-mac-none],[Permit "none" MAC -- NOT RECOMMENDED]), - [AC_DEFINE(LIBSSH2_MAC_NONE, 1, [Enable "none" MAC -- NOT RECOMMENDED])]) - -AC_ARG_ENABLE(gex-new, - AC_HELP_STRING([--disable-gex-new],[Disable "new" diffie-hellman-group-exchange-sha1 method]), - [GEX_NEW=$enableval]) -if test "$GEX_NEW" != "no"; then - AC_DEFINE(LIBSSH2_DH_GEX_NEW, 1, [Enable newer diffie-hellman-group-exchange-sha1 syntax]) -fi - AC_ARG_ENABLE(clear-memory, - AC_HELP_STRING([--disable-clear-memory],[Disable clearing of memory before being freed]), + AS_HELP_STRING([--disable-clear-memory],[Disable clearing of memory before being freed]), [CLEAR_MEMORY=$enableval]) -if test "$CLEAR_MEMORY" != "no"; then - if test "$support_clear_memory" = "yes"; then - AC_DEFINE(LIBSSH2_CLEAR_MEMORY, 1, [Enable clearing of memory before being freed]) - enable_clear_memory=yes - else - if test "$CLEAR_MEMORY" = "yes"; then - AC_MSG_ERROR([secure clearing/zeroing of memory is not supported by the selected crypto backend]) - else - AC_MSG_WARN([secure clearing/zeroing of memory is not supported by the selected crypto backend]) - fi - enable_clear_memory=unsupported - fi +if test "$CLEAR_MEMORY" = "no"; then + AC_DEFINE(LIBSSH2_NO_CLEAR_MEMORY, 1, [Disable clearing of memory before being freed]) + enable_clear_memory=no else - if test "$support_clear_memory" = "yes"; then - enable_clear_memory=no - else - AC_MSG_WARN([secure clearing/zeroing of memory is not supported by the selected crypto backend]) - enable_clear_memory=unsupported - fi + enable_clear_memory=yes fi +LIBSSH2_CFLAG_EXTRAS="" + +LIBSSH2_CHECK_OPTION_WERROR + dnl ************************************************************ dnl option to switch on compiler debug options dnl AC_MSG_CHECKING([whether to enable pedantic and debug compiler options]) AC_ARG_ENABLE(debug, -AC_HELP_STRING([--enable-debug],[Enable pedantic and debug options]) -AC_HELP_STRING([--disable-debug],[Disable debug options]), +AS_HELP_STRING([--enable-debug],[Enable pedantic and debug options]) +AS_HELP_STRING([--disable-debug],[Disable debug options]), [ case "$enable_debug" in no) AC_MSG_RESULT(no) @@ -225,6 +218,8 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]), AC_MSG_RESULT(no) ) +AC_SUBST(LIBSSH2_CFLAG_EXTRAS) + dnl ************************************************************ dnl Enable hiding of internal symbols in library to reduce its size and dnl speed dynamic linking of applications. This currently is only supported @@ -232,8 +227,8 @@ dnl on gcc >= 4.0 and SunPro C. dnl AC_MSG_CHECKING([whether to enable hidden symbols in the library]) AC_ARG_ENABLE(hidden-symbols, -AC_HELP_STRING([--enable-hidden-symbols],[Hide internal symbols in library]) -AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibility in library]), +AS_HELP_STRING([--enable-hidden-symbols],[Hide internal symbols in library]) +AS_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibility in library (default)]), [ case "$enableval" in no) AC_MSG_RESULT(no) @@ -264,11 +259,36 @@ AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibi AC_MSG_RESULT(no) ) +dnl Build without deprecated APIs? +AC_ARG_ENABLE([deprecated], + [AS_HELP_STRING([--disable-deprecated], [Build without deprecated APIs @<:@default=no@:>@])], + [case "$enableval" in + *) + with_deprecated="no" + CPPFLAGS="$CPPFLAGS -DLIBSSH2_NO_DEPRECATED" + ;; + esac], + [with_deprecated="yes"]) + +# Run Docker tests? +AC_ARG_ENABLE([docker-tests], + [AS_HELP_STRING([--disable-docker-tests], + [Do not run tests requiring Docker])], + [run_docker_tests=no], [run_docker_tests=yes]) +AM_CONDITIONAL([RUN_DOCKER_TESTS], [test "x$run_docker_tests" != "xno"]) + +# Run sshd tests? +AC_ARG_ENABLE([sshd-tests], + [AS_HELP_STRING([--disable-sshd-tests], + [Do not run tests requiring sshd])], + [run_sshd_tests=no], [run_sshd_tests=yes]) +AM_CONDITIONAL([RUN_SSHD_TESTS], [test "x$run_sshd_tests" != "xno"]) + # Build example applications? AC_MSG_CHECKING([whether to build example applications]) AC_ARG_ENABLE([examples-build], -AC_HELP_STRING([--enable-examples-build], [Build example applications (this is the default)]) -AC_HELP_STRING([--disable-examples-build], [Do not build example applications]), +AS_HELP_STRING([--enable-examples-build], [Build example applications (this is the default)]) +AS_HELP_STRING([--disable-examples-build], [Do not build example applications]), [case "$enableval" in no | false) build_examples='no' @@ -296,21 +316,10 @@ AM_CONDITIONAL([USE_OSSFUZZ_STATIC], [test -f "$LIB_FUZZING_ENGINE"]) # Checks for header files. -# AC_HEADER_STDC -AC_CHECK_HEADERS([errno.h fcntl.h stdio.h stdlib.h unistd.h sys/uio.h]) +AC_CHECK_HEADERS([errno.h fcntl.h stdio.h unistd.h sys/uio.h]) AC_CHECK_HEADERS([sys/select.h sys/socket.h sys/ioctl.h sys/time.h]) AC_CHECK_HEADERS([arpa/inet.h netinet/in.h]) -AC_CHECK_HEADERS([sys/un.h], [have_sys_un_h=yes], [have_sys_un_h=no]) -AM_CONDITIONAL([HAVE_SYS_UN_H], test "x$have_sys_un_h" = xyes) - -case $host in - *-*-cygwin* | *-*-cegcc*) - # These are POSIX-like systems using BSD-like sockets API. - ;; - *) - AC_CHECK_HEADERS([windows.h winsock2.h ws2tcpip.h]) - ;; -esac +AC_CHECK_HEADERS([sys/un.h]) case $host in *darwin*|*interix*) @@ -318,7 +327,7 @@ case $host in dnl Interix: "does provide poll(), but the implementing developer must dnl have been in a bad mood, because poll() only works on the /proc dnl filesystem here" - dnl Mac OS X's poll has funny behaviors, like: + dnl macOS poll() has funny behaviors, like: dnl not being able to do poll on no fildescriptors (10.3?) dnl not being able to poll on some files (like anything in /dev) dnl not having reliable timeout support @@ -330,21 +339,21 @@ case $host in ;; esac -AC_CHECK_FUNCS(gettimeofday select strtoll memset_s) +AC_CHECK_FUNCS(gettimeofday select strtoll explicit_bzero explicit_memset memset_s snprintf) dnl Check for select() into ws2_32 for Msys/Mingw if test "$ac_cv_func_select" != "yes"; then AC_MSG_CHECKING([for select in ws2_32]) - AC_TRY_LINK([ -#ifdef HAVE_WINSOCK2_H + AC_LINK_IFELSE([AC_LANG_PROGRAM([[ +#ifdef HAVE_WINDOWS_H #ifndef WIN32_LEAN_AND_MEAN #define WIN32_LEAN_AND_MEAN #endif #include #endif - ],[ + ]], [[ select(0,(fd_set *)NULL,(fd_set *)NULL,(fd_set *)NULL,(struct timeval *)NULL); - ],[ + ]])],[ AC_MSG_RESULT([yes]) HAVE_SELECT="1" AC_DEFINE_UNQUOTED(HAVE_SELECT, 1, @@ -375,11 +384,44 @@ if test "$found_crypto" = "none"; then fi if test $missing_required_deps = 1; then - AC_MSG_ERROR([Required dependencies are missing!]) + AC_MSG_ERROR([Required dependencies are missing.]) fi +AM_CONDITIONAL([HAVE_WINDRES], + [test "x$have_windows_h" = "xyes" && test "x${enable_shared}" = "xyes" && test -n "${RC}"]) + +AM_CONDITIONAL([HAVE_LIB_STATIC], [test "x$enable_static" != "xno"]) + # Configure parameters -LIBSSH2_CHECK_OPTION_WERROR + +# Append crypto lib +if test "$found_crypto" = "openssl"; then + LIBS="${LIBS} ${LTLIBSSL}" +elif test "$found_crypto" = "wolfssl"; then + LIBS="${LIBS} ${LTLIBWOLFSSL}" +elif test "$found_crypto" = "libgcrypt"; then + LIBS="${LIBS} ${LTLIBGCRYPT}" +elif test "$found_crypto" = "wincng"; then + LIBS="${LIBS} ${LTLIBBCRYPT}" +elif test "$found_crypto" = "mbedtls"; then + LIBS="${LIBS} ${LTLIBMBEDCRYPTO}" +fi + +LIBS="${LIBS} ${LTLIBZ}" + +LIBSSH2_PC_LIBS_PRIVATE=$LIBS +AC_SUBST(LIBSSH2_PC_LIBS_PRIVATE) + +dnl merge the pkg-config private fields into public ones when static-only +if test "x$enable_shared" = "xyes"; then + LIBSSH2_PC_REQUIRES= + LIBSSH2_PC_LIBS= +else + LIBSSH2_PC_REQUIRES=$LIBSSH2_PC_REQUIRES_PRIVATE + LIBSSH2_PC_LIBS=$LIBSSH2_PC_LIBS_PRIVATE +fi +AC_SUBST(LIBSSH2_PC_REQUIRES) +AC_SUBST(LIBSSH2_PC_LIBS) AC_CONFIG_FILES([Makefile src/Makefile @@ -392,16 +434,20 @@ AC_OUTPUT AC_MSG_NOTICE([summary of build options: - version: ${LIBSSH2VER} + version: ${LIBSSH2_VERSION} Host type: ${host} Install prefix: ${prefix} Compiler: ${CC} Compiler flags: ${CFLAGS} Library types: Shared=${enable_shared}, Static=${enable_static} Crypto library: ${found_crypto_str} + WinCNG ECDSA: $wincng_ecdsa + zlib compression: ${found_libz} Clear memory: $enable_clear_memory + Deprecated APIs: $with_deprecated Debug build: $enable_debug Build examples: $build_examples + Run Docker tests: $run_docker_tests + Run sshd tests: $run_sshd_tests Path to sshd: $ac_cv_path_SSHD (only for self-tests) - zlib compression: ${found_libz} ]) diff --git a/depcomp b/depcomp index 6b39162..715e343 100644 --- a/depcomp +++ b/depcomp @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1999-2020 Free Software Foundation, Inc. +# Copyright (C) 1999-2021 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/docs/AUTHORS b/docs/AUTHORS index 5c7445b..e94299f 100644 --- a/docs/AUTHORS +++ b/docs/AUTHORS @@ -1,5 +1,5 @@ libssh2 is the result of many friendly people. This list is an attempt to - mention all contributors. If we've missed anyone, tell us! + mention all contributors. If we have missed anyone, tell us! This list of names is a-z sorted. @@ -71,6 +71,7 @@ Steven Van Ingelgem TJ Saunders Tommy Lindgren Tor Arntsen +Viktor Szakats Vincent Jaulin Vincent Torri Vlad Grachov diff --git a/docs/BINDINGS b/docs/BINDINGS deleted file mode 100644 index 471f9be..0000000 --- a/docs/BINDINGS +++ /dev/null @@ -1,29 +0,0 @@ - -Creative people have written bindings or interfaces for various environments -and programming languages. Using one of these bindings allows you to take -advantage of libssh2 directly from within your favourite language. - -The bindings listed below are not part of the libssh2 distribution archives, -but must be downloaded and installed separately. - -Cocoa/Objective-C - https://github.com/karelia/libssh2_sftp-Cocoa-wrapper - -Haskell - FFI bindings - https://hackage.haskell.org/package/libssh2 - -Perl - Net::SSH2 - https://metacpan.org/pod/Net::SSH2 - -PHP - ssh2 - https://pecl.php.net/package/ssh2 - -Python - pylibssh2 - https://pypi.python.org/pypi/pylibssh2 - -Python-ctypes - - PySsh2 - https://github.com/gellule/PySsh2 - -Ruby - libssh2-ruby - https://github.com/mitchellh/libssh2-ruby diff --git a/docs/BINDINGS.md b/docs/BINDINGS.md new file mode 100644 index 0000000..63ad1b0 --- /dev/null +++ b/docs/BINDINGS.md @@ -0,0 +1,25 @@ +libssh2 bindings +================ + +Creative people have written bindings or interfaces for various environments +and programming languages. Using one of these bindings allows you to take +advantage of libssh2 directly from within your favourite language. + +The bindings listed below are not part of the libssh2 distribution archives, +but must be downloaded and installed separately. + + + +[Cocoa/Objective-C](https://github.com/karelia/libssh2_sftp-Cocoa-wrapper) + +[Haskell FFI bindings](https://hackage.haskell.org/package/libssh2) + +[Perl Net::SSH2](https://metacpan.org/pod/Net::SSH2) + +[PHP ssh2](https://pecl.php.net/package/ssh2) + +[Python pylibssh2](https://pypi.python.org/pypi/pylibssh2) + +[Python-ctypes PySsh2](https://github.com/gellule/PySsh2) + +[Ruby libssh2-ruby](https://github.com/mitchellh/libssh2-ruby) diff --git a/docs/CMakeLists.txt b/docs/CMakeLists.txt index 6abf0e4..a3af046 100644 --- a/docs/CMakeLists.txt +++ b/docs/CMakeLists.txt @@ -1,4 +1,5 @@ -# Copyright (c) 2014 Alexander Lamaison +# Copyright (C) Alexander Lamaison +# Copyright (C) Viktor Szakats # # Redistribution and use in source and binary forms, # with or without modification, are permitted provided @@ -32,179 +33,12 @@ # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE # USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY # OF SUCH DAMAGE. +# +# SPDX-License-Identifier: BSD-3-Clause -set(MAN_PAGES - libssh2_agent_connect.3 - libssh2_agent_disconnect.3 - libssh2_agent_free.3 - libssh2_agent_get_identity.3 - libssh2_agent_get_identity_path.3 - libssh2_agent_init.3 - libssh2_agent_list_identities.3 - libssh2_agent_set_identity_path.3 - libssh2_agent_userauth.3 - libssh2_banner_set.3 - libssh2_base64_decode.3 - libssh2_channel_close.3 - libssh2_channel_direct_tcpip.3 - libssh2_channel_direct_tcpip_ex.3 - libssh2_channel_eof.3 - libssh2_channel_exec.3 - libssh2_channel_flush.3 - libssh2_channel_flush_ex.3 - libssh2_channel_flush_stderr.3 - libssh2_channel_forward_accept.3 - libssh2_channel_forward_cancel.3 - libssh2_channel_forward_listen.3 - libssh2_channel_forward_listen_ex.3 - libssh2_channel_free.3 - libssh2_channel_get_exit_signal.3 - libssh2_channel_get_exit_status.3 - libssh2_channel_handle_extended_data.3 - libssh2_channel_handle_extended_data2.3 - libssh2_channel_ignore_extended_data.3 - libssh2_channel_open_ex.3 - libssh2_channel_open_session.3 - libssh2_channel_process_startup.3 - libssh2_channel_read.3 - libssh2_channel_read_ex.3 - libssh2_channel_read_stderr.3 - libssh2_channel_receive_window_adjust.3 - libssh2_channel_receive_window_adjust2.3 - libssh2_channel_request_pty.3 - libssh2_channel_request_pty_ex.3 - libssh2_channel_request_pty_size.3 - libssh2_channel_request_pty_size_ex.3 - libssh2_channel_send_eof.3 - libssh2_channel_set_blocking.3 - libssh2_channel_setenv.3 - libssh2_channel_setenv_ex.3 - libssh2_channel_shell.3 - libssh2_channel_subsystem.3 - libssh2_channel_wait_closed.3 - libssh2_channel_wait_eof.3 - libssh2_channel_window_read.3 - libssh2_channel_window_read_ex.3 - libssh2_channel_window_write.3 - libssh2_channel_window_write_ex.3 - libssh2_channel_write.3 - libssh2_channel_write_ex.3 - libssh2_channel_write_stderr.3 - libssh2_channel_x11_req.3 - libssh2_channel_x11_req_ex.3 - libssh2_exit.3 - libssh2_free.3 - libssh2_hostkey_hash.3 - libssh2_init.3 - libssh2_keepalive_config.3 - libssh2_keepalive_send.3 - libssh2_knownhost_add.3 - libssh2_knownhost_addc.3 - libssh2_knownhost_check.3 - libssh2_knownhost_checkp.3 - libssh2_knownhost_del.3 - libssh2_knownhost_free.3 - libssh2_knownhost_get.3 - libssh2_knownhost_init.3 - libssh2_knownhost_readfile.3 - libssh2_knownhost_readline.3 - libssh2_knownhost_writefile.3 - libssh2_knownhost_writeline.3 - libssh2_poll.3 - libssh2_poll_channel_read.3 - libssh2_publickey_add.3 - libssh2_publickey_add_ex.3 - libssh2_publickey_init.3 - libssh2_publickey_list_fetch.3 - libssh2_publickey_list_free.3 - libssh2_publickey_remove.3 - libssh2_publickey_remove_ex.3 - libssh2_publickey_shutdown.3 - libssh2_scp_recv.3 - libssh2_scp_recv2.3 - libssh2_scp_send.3 - libssh2_scp_send64.3 - libssh2_scp_send_ex.3 - libssh2_session_abstract.3 - libssh2_session_banner_get.3 - libssh2_session_banner_set.3 - libssh2_session_block_directions.3 - libssh2_session_callback_set.3 - libssh2_session_disconnect.3 - libssh2_session_disconnect_ex.3 - libssh2_session_flag.3 - libssh2_session_free.3 - libssh2_session_get_blocking.3 - libssh2_session_get_timeout.3 - libssh2_session_handshake.3 - libssh2_session_hostkey.3 - libssh2_session_init.3 - libssh2_session_init_ex.3 - libssh2_session_last_errno.3 - libssh2_session_last_error.3 - libssh2_session_set_last_error.3 - libssh2_session_method_pref.3 - libssh2_session_methods.3 - libssh2_session_set_blocking.3 - libssh2_session_set_timeout.3 - libssh2_session_startup.3 - libssh2_session_supported_algs.3 - libssh2_sftp_close.3 - libssh2_sftp_close_handle.3 - libssh2_sftp_closedir.3 - libssh2_sftp_fsetstat.3 - libssh2_sftp_fstat.3 - libssh2_sftp_fstat_ex.3 - libssh2_sftp_fstatvfs.3 - libssh2_sftp_fsync.3 - libssh2_sftp_get_channel.3 - libssh2_sftp_init.3 - libssh2_sftp_last_error.3 - libssh2_sftp_lstat.3 - libssh2_sftp_mkdir.3 - libssh2_sftp_mkdir_ex.3 - libssh2_sftp_open.3 - libssh2_sftp_open_ex.3 - libssh2_sftp_opendir.3 - libssh2_sftp_read.3 - libssh2_sftp_readdir.3 - libssh2_sftp_readdir_ex.3 - libssh2_sftp_readlink.3 - libssh2_sftp_realpath.3 - libssh2_sftp_rename.3 - libssh2_sftp_rename_ex.3 - libssh2_sftp_rewind.3 - libssh2_sftp_rmdir.3 - libssh2_sftp_rmdir_ex.3 - libssh2_sftp_seek.3 - libssh2_sftp_seek64.3 - libssh2_sftp_setstat.3 - libssh2_sftp_shutdown.3 - libssh2_sftp_stat.3 - libssh2_sftp_stat_ex.3 - libssh2_sftp_statvfs.3 - libssh2_sftp_symlink.3 - libssh2_sftp_symlink_ex.3 - libssh2_sftp_tell.3 - libssh2_sftp_tell64.3 - libssh2_sftp_unlink.3 - libssh2_sftp_unlink_ex.3 - libssh2_sftp_write.3 - libssh2_trace.3 - libssh2_trace_sethandler.3 - libssh2_userauth_authenticated.3 - libssh2_userauth_hostbased_fromfile.3 - libssh2_userauth_hostbased_fromfile_ex.3 - libssh2_userauth_keyboard_interactive.3 - libssh2_userauth_keyboard_interactive_ex.3 - libssh2_userauth_list.3 - libssh2_userauth_password.3 - libssh2_userauth_password_ex.3 - libssh2_userauth_publickey.3 - libssh2_userauth_publickey_fromfile.3 - libssh2_userauth_publickey_fromfile_ex.3 - libssh2_userauth_publickey_frommemory.3 - libssh2_version.3) +transform_makefile_inc("Makefile.am" "${CMAKE_CURRENT_BINARY_DIR}/Makefile.am.cmake") +# Get 'dist_man_MANS' variable +include("${CMAKE_CURRENT_BINARY_DIR}/Makefile.am.cmake") include(GNUInstallDirs) -install(FILES ${MAN_PAGES} DESTINATION ${CMAKE_INSTALL_MANDIR}/man3) +install(FILES ${dist_man_MANS} DESTINATION "${CMAKE_INSTALL_MANDIR}/man3") diff --git a/docs/HACKING b/docs/HACKING deleted file mode 100644 index 5da8e66..0000000 --- a/docs/HACKING +++ /dev/null @@ -1,13 +0,0 @@ - -libssh2 source code style guide: - - - 4 level indent - - spaces-only (no tabs) - - open braces on the if/for line: - - if (banana) { - go_nuts(); - } - - - keep source lines shorter than 80 columns - - See libssh2-style.el for how to achieve this within Emacs diff --git a/docs/HACKING-CRYPTO b/docs/HACKING-CRYPTO index ca94772..1ef6c44 100644 --- a/docs/HACKING-CRYPTO +++ b/docs/HACKING-CRYPTO @@ -31,19 +31,18 @@ LIBSSH2_LIB_HAVE_LINKFLAGS from LIBSSH2_CRYPTO_CHECK, which automatically creates and handles a --with-$newname-prefix option and sets an LTLIBNEWNAME variable on success. -0.3) Create Makefile.newname.inc in the top-level directory +0.3) Add new header to src/Makefile.inc -This must set CRYPTO_CSOURCES, CRYPTO_HHEADERS and CRYPTO_LTLIBS. -Set CRYPTO_CSOURCES and CRYPTO_HHEADERS to the new backend source files -and set CRYPTO_LTLIBS to the required library linking parameters, e.g. -$(LTLIBNEWNAME) as generated by by LIBSSH2_LIB_HAVE_LINKFLAGS. +0.4) Include new source in src/crypto.c -0.4) Add a new block in src/Makefile.am +0.5) Add a new block in configure.ac -if NEWNAME -include ../Makefile.newname.inc -endif +``` +elif test "$found_crypto" = "newname"; then + LIBS="${LIBS} ${LTLIBNEWNAME}" +``` +0.6) Add CMake detection logic to CMakeLists.txt 1) Crypto library initialization/termination. @@ -53,6 +52,10 @@ Initializes the crypto library. May be an empty macro if not needed. void libssh2_crypto_exit(void); Terminates the crypto library use. May be an empty macro if not needed. +1.1) Crypto runtime detection + +The libssh2_crypto_engine_t enum must include the new engine, and +libssh2_crypto_engine() must return it when it is built in. 2) HMAC @@ -60,27 +63,23 @@ libssh2_hmac_ctx Type of an HMAC computation context. Generally a struct. Used for all hash algorithms. -void libssh2_hmac_ctx_init(libssh2_hmac_ctx ctx); +int _libssh2_hmac_ctx_init(libssh2_hmac_ctx *ctx); Initializes the HMAC computation context ctx. Called before setting-up the hash algorithm. -Note: if the ctx parameter is modified by the underlying code, -this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_hmac_update(libssh2_hmac_ctx ctx, - const unsigned char *data, - int datalen); +int _libssh2_hmac_update(libssh2_hmac_ctx *ctx, + const void *data, int datalen); Continue computation of an HMAC on datalen bytes at data using context ctx. -Note: if the ctx parameter is modified by the underlying code, -this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_hmac_final(libssh2_hmac_ctx ctx, - unsigned char output[]); +int _libssh2_hmac_final(libssh2_hmac_ctx *ctx, + void output[]); Get the computed HMAC from context ctx into the output buffer. The minimum data buffer size depends on the HMAC hash algorithm. -Note: if the ctx parameter is modified by the underlying code, -this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_hmac_cleanup(libssh2_hmac_ctx *ctx); +void _libssh2_hmac_cleanup(libssh2_hmac_ctx *ctx); Releases the HMAC computation context at ctx. @@ -99,26 +98,29 @@ int libssh2_sha1_init(libssh2_sha1_ctx *x); Initializes the SHA-1 computation context at x. Returns 1 for success and 0 for failure -void libssh2_sha1_update(libssh2_sha1_ctx ctx, - const unsigned char *data, - size_t len); +int libssh2_sha1_update(libssh2_sha1_ctx ctx, + const unsigned char *data, + size_t len); Continue computation of SHA-1 on len bytes at data using context ctx. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_sha1_final(libssh2_sha1_ctx ctx, - unsigned char output[SHA_DIGEST_LEN]); +int libssh2_sha1_final(libssh2_sha1_ctx ctx, + unsigned char output[SHA_DIGEST_LEN]); Get the computed SHA-1 signature from context ctx and store it into the output buffer. Release the context. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_hmac_sha1_init(libssh2_hmac_ctx *ctx, - const void *key, - int keylen); +int libssh2_hmac_sha1_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); Setup the HMAC computation context ctx for an HMAC-SHA-1 computation using the keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). +Returns 1 for success and 0 for failure. 3.2) SHA-256 Must always be implemented. @@ -133,22 +135,24 @@ int libssh2_sha256_init(libssh2_sha256_ctx *x); Initializes the SHA-256 computation context at x. Returns 1 for success and 0 for failure -void libssh2_sha256_update(libssh2_sha256_ctx ctx, - const unsigned char *data, - size_t len); +int libssh2_sha256_update(libssh2_sha256_ctx ctx, + const unsigned char *data, + size_t len); Continue computation of SHA-256 on len bytes at data using context ctx. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_sha256_final(libssh2_sha256_ctx ctx, - unsigned char output[SHA256_DIGEST_LENGTH]); +int libssh2_sha256_final(libssh2_sha256_ctx ctx, + unsigned char output[SHA256_DIGEST_LENGTH]); Gets the computed SHA-256 signature from context ctx into the output buffer. Release the context. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. int libssh2_sha256(const unsigned char *message, - unsigned long len, + size_t len, unsigned char output[SHA256_DIGEST_LENGTH]); Computes the SHA-256 signature over the given message of length len and store the result into the output buffer. @@ -159,11 +163,12 @@ LIBSSH2_HMAC_SHA256 #define as 1 if the crypto library supports HMAC-SHA-256, else 0. If defined as 0, the rest of this section can be omitted. -void libssh2_hmac_sha256_init(libssh2_hmac_ctx *ctx, - const void *key, - int keylen); +int libssh2_hmac_sha256_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); Setup the HMAC computation context ctx for an HMAC-256 computation using the keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). +Returns 1 for success and 0 for failure. 3.3) SHA-384 Mandatory if ECDSA is implemented. Can be omitted otherwise. @@ -178,22 +183,24 @@ int libssh2_sha384_init(libssh2_sha384_ctx *x); Initializes the SHA-384 computation context at x. Returns 1 for success and 0 for failure -void libssh2_sha384_update(libssh2_sha384_ctx ctx, - const unsigned char *data, - size_t len); +int libssh2_sha384_update(libssh2_sha384_ctx ctx, + const unsigned char *data, + size_t len); Continue computation of SHA-384 on len bytes at data using context ctx. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_sha384_final(libssh2_sha384_ctx ctx, - unsigned char output[SHA384_DIGEST_LENGTH]); +int libssh2_sha384_final(libssh2_sha384_ctx ctx, + unsigned char output[SHA384_DIGEST_LENGTH]); Gets the computed SHA-384 signature from context ctx into the output buffer. Release the context. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. int libssh2_sha384(const unsigned char *message, - unsigned long len, + size_t len, unsigned char output[SHA384_DIGEST_LENGTH]); Computes the SHA-384 signature over the given message of length len and store the result into the output buffer. @@ -212,22 +219,24 @@ int libssh2_sha512_init(libssh2_sha512_ctx *x); Initializes the SHA-512 computation context at x. Returns 1 for success and 0 for failure -void libssh2_sha512_update(libssh2_sha512_ctx ctx, - const unsigned char *data, - size_t len); +int libssh2_sha512_update(libssh2_sha512_ctx ctx, + const unsigned char *data, + size_t len); Continue computation of SHA-512 on len bytes at data using context ctx. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_sha512_final(libssh2_sha512_ctx ctx, - unsigned char output[SHA512_DIGEST_LENGTH]); +int libssh2_sha512_final(libssh2_sha512_ctx ctx, + unsigned char output[SHA512_DIGEST_LENGTH]); Gets the computed SHA-512 signature from context ctx into the output buffer. Release the context. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. int libssh2_sha512(const unsigned char *message, - unsigned long len, + size_t len, unsigned char output[SHA512_DIGEST_LENGTH]); Computes the SHA-512 signature over the given message of length len and store the result into the output buffer. @@ -238,11 +247,12 @@ LIBSSH2_HMAC_SHA512 #define as 1 if the crypto library supports HMAC-SHA-512, else 0. If defined as 0, the rest of this section can be omitted. -void libssh2_hmac_sha512_init(libssh2_hmac_ctx *ctx, - const void *key, - int keylen); +int libssh2_hmac_sha512_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); Setup the HMAC computation context ctx for an HMAC-512 computation using the keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). +Returns 1 for success and 0 for failure. 3.5) MD5 LIBSSH2_MD5 @@ -259,35 +269,38 @@ int libssh2_md5_init(libssh2_md5_ctx *x); Initializes the MD5 computation context at x. Returns 1 for success and 0 for failure -void libssh2_md5_update(libssh2_md5_ctx ctx, - const unsigned char *data, - size_t len); +int libssh2_md5_update(libssh2_md5_ctx ctx, + const unsigned char *data, + size_t len); Continues computation of MD5 on len bytes at data using context ctx. Returns 1 for success and 0 for failure. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_md5_final(libssh2_md5_ctx ctx, - unsigned char output[MD5_DIGEST_LENGTH]); +int libssh2_md5_final(libssh2_md5_ctx ctx, + unsigned char output[MD5_DIGEST_LENGTH]); Gets the computed MD5 signature from context ctx into the output buffer. Release the context. Note: if the ctx parameter is modified by the underlying code, this procedure must be implemented as a macro to map ctx --> &ctx. +Must return 1 for success and 0 for failure. -void libssh2_hmac_md5_init(libssh2_hmac_ctx *ctx, - const void *key, - int keylen); +int libssh2_hmac_md5_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); Setup the HMAC computation context ctx for an HMAC-MD5 computation using the keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). +Returns 1 for success and 0 for failure. 3.6) RIPEMD-160 LIBSSH2_HMAC_RIPEMD #define as 1 if the crypto library supports HMAC-RIPEMD-160, else 0. If defined as 0, the rest of this section can be omitted. -void libssh2_hmac_ripemd160_init(libssh2_hmac_ctx *ctx, - const void *key, - int keylen); +int libssh2_hmac_ripemd160_init(libssh2_hmac_ctx *ctx, + const void *key, + int keylen); Setup the HMAC computation context ctx for an HMAC-RIPEMD-160 computation using the keylen-byte key. Is invoked just after libssh2_hmac_ctx_init(). Returns 1 for success and 0 for failure. @@ -317,7 +330,8 @@ int _libssh2_cipher_crypt(_libssh2_cipher_ctx *ctx, _libssh2_cipher_type(algo), int encrypt, unsigned char *block, - size_t blocksize); + size_t blocksize, + int firstlast); Encrypt or decrypt in-place data at (block, blocksize) using the given context and/or algorithm. Return 0 if OK, else -1. @@ -388,7 +402,7 @@ _libssh2_cipher_cast5 CAST5-CBC algorithm identifier initializer. #define with constant value of type _libssh2_cipher_type(). -4.5) Tripple DES in CBC block mode. +4.5) Triple DES in CBC block mode. LIBSSH2_3DES #define as 1 if the crypto library supports TripleDES in CBC mode, else 0. If defined as 0, the rest of this section can be omitted. @@ -400,6 +414,21 @@ TripleDES-CBC algorithm identifier initializer. 5) Diffie-Hellman support. +LIBSSH2_DH_GEX_MINGROUP +The minimum Diffie-Hellman group length in bits supported by the backend. +Usually defined as 2048. + +LIBSSH2_DH_GEX_OPTGROUP +The preferred Diffie-Hellman group length in bits. Usually defined as 4096. + +LIBSSH2_DH_GEX_MAXGROUP +The maximum Diffie-Hellman group length in bits supported by the backend. +Usually defined as 8192. + +LIBSSH2_DH_MAX_MODULUS_BITS +The maximum Diffie-Hellman modulus bit count accepted from the server. This +value must be supported by the backend. Usually 16384. + 5.1) Diffie-Hellman context. _libssh2_dh_ctx Type of a Diffie-Hellman computation context. @@ -595,7 +624,7 @@ This procedure is already prototyped in crypto.h. int _libssh2_rsa_new_private_frommemory(libssh2_rsa_ctx **rsa, LIBSSH2_SESSION *session, const char *data, - size_t data_len, + size_t data_len, unsigned const char *passphrase); Gets an RSA private key from data into a new RSA context. Must call _libssh2_init_if_needed(). @@ -604,8 +633,8 @@ This procedure is already prototyped in crypto.h. int _libssh2_rsa_sha1_verify(libssh2_rsa_ctx *rsa, const unsigned char *sig, - unsigned long sig_len, - const unsigned char *m, unsigned long m_len); + size_t sig_len, + const unsigned char *m, size_t m_len); Verify (sig, sig_len) signature of (m, m_len) using an SHA-1 hash and the RSA context. Return 0 if OK, else -1. @@ -637,6 +666,53 @@ Note: this procedure is not used if macro _libssh2_rsa_sha1_signv() is defined. void _libssh2_rsa_free(libssh2_rsa_ctx *rsactx); Releases the RSA computation context at rsactx. +LIBSSH2_RSA_SHA2 +#define as 1 if the crypto library supports RSA SHA2 256/512, else 0. +If defined as 0, the rest of this section can be omitted. + +int _libssh2_rsa_sha2_sign(LIBSSH2_SESSION * session, + libssh2_rsa_ctx * rsactx, + const unsigned char *hash, + size_t hash_len, + unsigned char **signature, + size_t *signature_len); +RSA signs the (hash, hashlen) SHA-2 hash bytes based on hash length and stores +the allocated signature at (signature, signature_len). +Signature buffer must be allocated from the given session. +Returns 0 if OK, else -1. +This procedure is already prototyped in crypto.h. +Note: this procedure is not used if both macros _libssh2_rsa_sha2_256_signv() +and _libssh2_rsa_sha2_512_signv are defined. + +int _libssh2_rsa_sha2_256_signv(LIBSSH2_SESSION *session, + unsigned char **sig, size_t *siglen, + int count, const struct iovec vector[], + libssh2_rsa_ctx *ctx); +RSA signs the SHA-256 hash computed over the count data chunks in vector. +Signature is stored at (sig, siglen). +Signature buffer must be allocated from the given session. +Returns 0 if OK, else -1. +Note: this procedure is optional: if provided, it MUST be defined as a macro. + +int _libssh2_rsa_sha2_512_signv(LIBSSH2_SESSION *session, + unsigned char **sig, size_t *siglen, + int count, const struct iovec vector[], + libssh2_rsa_ctx *ctx); +RSA signs the SHA-512 hash computed over the count data chunks in vector. +Signature is stored at (sig, siglen). +Signature buffer must be allocated from the given session. +Returns 0 if OK, else -1. +Note: this procedure is optional: if provided, it MUST be defined as a macro. + +int _libssh2_rsa_sha2_verify(libssh2_rsa_ctx * rsa, + size_t hash_len, + const unsigned char *sig, + size_t sig_len, + const unsigned char *m, size_t m_len); +Verify (sig, sig_len) signature of (m, m_len) using an SHA-2 hash based on +hash length and the RSA context. +Return 0 if OK, else -1. +This procedure is already prototyped in crypto.h. 7.2) DSA LIBSSH2_DSA @@ -687,7 +763,7 @@ This procedure is already prototyped in crypto.h. int _libssh2_dsa_sha1_verify(libssh2_dsa_ctx *dsactx, const unsigned char *sig, - const unsigned char *m, unsigned long m_len); + const unsigned char *m, size_t m_len); Verify (sig, siglen) signature of (m, m_len) using an SHA-1 hash and the DSA context. Returns 0 if OK, else -1. @@ -695,7 +771,7 @@ This procedure is already prototyped in crypto.h. int _libssh2_dsa_sha1_sign(libssh2_dsa_ctx *dsactx, const unsigned char *hash, - unsigned long hash_len, unsigned char *sig); + size_t hash_len, unsigned char *sig); DSA signs the (hash, hash_len) data using SHA-1 and store the signature at sig. Returns 0 if OK, else -1. This procedure is already prototyped in crypto.h. @@ -844,7 +920,7 @@ This procedure is already prototyped in crypto.h. int _libssh2_ed25519_new_public(libssh2_ed25519_ctx **ed_ctx, LIBSSH2_SESSION *session, const unsigned char *raw_pub_key, - const uint8_t key_len); + const size_t key_len); Stores at ed_ctx a new ED25519 key context for raw public key (raw_pub_key, key_len). Return 0 if OK, else -1. @@ -897,6 +973,17 @@ In example, this is needed to preset unused structure slacks on platforms requiring it. If this is not needed, it should be defined as an empty macro. -int _libssh2_random(unsigned char *buf, int len); +int _libssh2_random(unsigned char *buf, size_t len); Store len random bytes at buf. Returns 0 if OK, else -1. + +const char * _libssh2_supported_key_sign_algorithms(LIBSSH2_SESSION *session, + unsigned char *key_method, + size_t key_method_len); + +This function is for implementing key hash upgrading as defined in RFC 8332. + +Based on the incoming key_method value, this function will return a +list of supported algorithms that can upgrade the original key method algorithm +as a comma separated list, if there is no upgrade option this function should +return NULL. diff --git a/docs/HACKING.md b/docs/HACKING.md new file mode 100644 index 0000000..11ddbd3 --- /dev/null +++ b/docs/HACKING.md @@ -0,0 +1,14 @@ +# libssh2 source code style guide + +- 4 level indent +- spaces-only (no tabs) +- open braces on the if/for line: + + ``` + if (banana) { + go_nuts(); + } + ``` + +- keep source lines shorter than 80 columns +- See `libssh2-style.el` for how to achieve this within Emacs diff --git a/docs/INSTALL_AUTOTOOLS b/docs/INSTALL_AUTOTOOLS index a75b518..46584d7 100644 --- a/docs/INSTALL_AUTOTOOLS +++ b/docs/INSTALL_AUTOTOOLS @@ -7,12 +7,13 @@ Software Foundation, Inc. This file is free documentation; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. +SPDX-License-Identifier: FSFULLR + When Building directly from Master ================================== If you want to build directly from the git repository, you must first -generate the configure script and Makefile using autotools. There is -a convenience script that calls all tools in the correct order. Make +generate the configure script and Makefile using autotools. Make sure that autoconf, automake and libtool are installed on your system, then execute: @@ -38,7 +39,7 @@ file `config.log' containing compiler output (useful mainly for debugging `configure'). It can also use an optional file (typically called `config.cache' -and enabled with `--cache-file=config.cache' or simply `-C') that saves +and enabled with `--cache-file=config.cache' or shortly `-C') that saves the results of its tests to speed up reconfiguring. (Caching is disabled by default to prevent problems with accidental use of stale cache files.) @@ -47,7 +48,7 @@ cache files.) to figure out how `configure' could check whether to do them, and mail diffs or instructions to the address given in the `README' so they can be considered for the next release. If you are using the cache, and at -some point `config.cache' contains results you don't want to keep, you +some point `config.cache' contains results you do not want to keep, you may remove or edit it. The file `configure.ac' (or `configure.in') is used to create @@ -58,7 +59,7 @@ a newer version of `autoconf'. The simplest way to compile this package is: 1. `cd' to the directory containing the package's source code and type - `./configure' to configure the package for your system. If you're + `./configure' to configure the package for your system. If you are using `csh' on an old version of System V, you might need to type `sh ./configure' instead to prevent `csh' from trying to execute `configure' itself. @@ -149,7 +150,7 @@ is something like `gnu-as' or `x' (for the X Window System). The package recognizes. For packages that use the X Window System, `configure' can usually -find the X include and library files automatically, but if it doesn't, +find the X include and library files automatically, but if it does not, you can use the `configure' options `--x-includes=DIR' and `--x-libraries=DIR' to specify their locations. @@ -171,7 +172,7 @@ where SYSTEM can have one of these forms: OS KERNEL-OS See the file `config.sub' for the possible values of each field. If -`config.sub' isn't included in this package, then this package doesn't +`config.sub' is not included in this package, then this package does not need to know the machine type. If you are _building_ compiler tools for cross-compiling, you should @@ -255,77 +256,37 @@ More configure options Some ./configure options deserve additional comments: - * --enable-crypt-none - - The SSH2 Transport allows for unencrypted data - transmission using the "none" cipher. Because this is - such a huge security hole, it is typically disabled on - SSH2 implementations and is disabled in libssh2 by - default as well. - - Enabling this option will allow for "none" as a - negotiable method, however it still requires that the - method be advertized by the remote end and that no - more-preferable methods are available. - - * --enable-mac-none - - The SSH2 Transport also allows implementations to - forego a message authentication code. While this is - less of a security risk than using a "none" cipher, it - is still not recommended as disabling MAC hashes - removes a layer of security. - - Enabling this option will allow for "none" as a - negotiable method, however it still requires that the - method be advertized by the remote end and that no - more-preferable methods are available. - - * --disable-gex-new - - The diffie-hellman-group-exchange-sha1 (dh-gex) key - exchange method originally defined an exchange - negotiation using packet type 30 to request a - generation pair based on a single target value. Later - refinement of dh-gex provided for range and target - values. By default libssh2 will use the newer range - method. - - If you experience trouble connecting to an old SSH - server using dh-gex, try this option to fallback on - the older more reliable method. - * --with-libgcrypt * --without-libgcrypt * --with-libgcrypt-prefix=DIR - libssh2 can use the Libgcrypt library - (https://www.gnupg.org/) for cryptographic operations. + libssh2 can use the Libgcrypt library + (https://www.gnupg.org/) for cryptographic operations. One of the cryptographic libraries is required. - Configure will attempt to locate Libgcrypt - automatically. + Configure will attempt to locate Libgcrypt + automatically. - If your installation of Libgcrypt is in another - location, specify it using --with-libgcrypt-prefix. + If your installation of Libgcrypt is in another + location, specify it using --with-libgcrypt-prefix. * --with-openssl * --without-openssl * --with-libssl-prefix=[DIR] - libssh2 can use the OpenSSL library - (https://www.openssl.org) for cryptographic operations. + libssh2 can use the OpenSSL library + (https://www.openssl-library.org/) for cryptographic operations. One of the cryptographic libraries is required. - Configure will attempt to locate OpenSSL in the - default location. + Configure will attempt to locate OpenSSL in the + default location. - If your installation of OpenSSL is in another - location, specify it using --with-libssl-prefix. + If your installation of OpenSSL is in another + location, specify it using --with-libssl-prefix. * --with-mbedtls * --without-mbedtls - * --with-libmbedtls-prefix=[DIR] + * --with-libmbedcrypto-prefix=[DIR] libssh2 can use the mbedTLS library (https://tls.mbed.org) for cryptographic operations. @@ -335,21 +296,21 @@ Some ./configure options deserve additional comments: default location. If your installation of mbedTLS is in another - location, specify it using --with-libmbedtls-prefix. + location, specify it using --with-libmbedcrypto-prefix. * --with-libz * --without-libz * --with-libz-prefix=[DIR] - If present, libssh2 will attempt to use the zlib - (http://www.zlib.org) for payload compression, however - zlib is not required. + If present, libssh2 will attempt to use the zlib + (https://zlib.net/) for payload compression, however + zlib is not required. - If your installation of Libz is in another location, - specify it using --with-libz-prefix. + If your installation of Libz is in another location, + specify it using --with-libz-prefix. * --enable-debug - Will make the build use more pedantic and strict compiler - options as well as enable the libssh2_trace() function (for - showing debug traces). + Will make the build use more pedantic and strict compiler + options as well as enable the libssh2_trace() function (for + showing debug traces). diff --git a/docs/INSTALL_CMAKE.md b/docs/INSTALL_CMAKE.md index c136fdc..5b494db 100644 --- a/docs/INSTALL_CMAKE.md +++ b/docs/INSTALL_CMAKE.md @@ -6,10 +6,11 @@ Web site source code: https://github.com/libssh2/www Installation instructions are in docs/INSTALL ======= -To build libssh2 you will need CMake v2.8 or later [1] and one of the +To build libssh2 you will need CMake v3.7 or later [1] and one of the following cryptography libraries: * OpenSSL +* wolfSSL * Libgcrypt * WinCNG * mbedTLS @@ -21,8 +22,14 @@ If you are happy with the default options, make a new build directory, change to it, configure the build environment and build the project: ``` - mkdir bin - cd bin + cmake -B bld + cmake --build bld +``` + +Use this with CMake 3.12.x or older: +``` + mkdir bld + cd bld cmake .. cmake --build . ``` @@ -35,8 +42,8 @@ cryptography library available. The library binary will be put in Customising the build --------------------- -Of course, you might want to customise the build options. You can -pass the options to CMake on the command line: +You might want to customise the build options. You can pass the options +to CMake on the command line: cmake -D