PKI/0000755000176000001440000000000013157174760010740 5ustar ripleyusersPKI/inst/0000755000176000001440000000000013021336216011677 5ustar ripleyusersPKI/inst/certs/0000755000176000001440000000000013021336216013017 5ustar ripleyusersPKI/inst/certs/RForge-ca.crt0000644000176000001440000000302213021336216015273 0ustar ripleyusers-----BEGIN CERTIFICATE----- MIIETjCCAzagAwIBAgIJAIkMDa5gx1vQMA0GCSqGSIb3DQEBBQUAMHcxCzAJBgNV BAYTAlVTMQswCQYDVQQIEwJOSjEQMA4GA1UEBxMHTWFkaXNvbjETMBEGA1UEChMK UkZvcmdlLm5ldDETMBEGA1UEAxMKcmZvcmdlLm5ldDEfMB0GCSqGSIb3DQEJARYQ YWRtaW5AcmZvcmdlLm5ldDAeFw0xMjA5MDgxODU1MThaFw0xNjA5MDcxODU1MTha MHcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJOSjEQMA4GA1UEBxMHTWFkaXNvbjET MBEGA1UEChMKUkZvcmdlLm5ldDETMBEGA1UEAxMKcmZvcmdlLm5ldDEfMB0GCSqG SIb3DQEJARYQYWRtaW5AcmZvcmdlLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANk+XmB6PMoYhdh3U9GTjnZ8CAKr8hHwLgkw6GirSZqLvDo5a3rj Zrva5e7UCRr5LljV+oaxzsOcF2SB5PK1Sna2F54LovckEYWwsZlGUHKfniqcNUZw dJ2FKWRS/wi2ZObaXLDYl4rQDfZjIMULDYM0T3wcFOTbAItAXmIDHzgJU3GnMbYQ xJs52kH2/vOEZzSxr+rML+3Ks0Nzwfqf+/MwaI2hxEhturr2Um/36rnj0NAZI0SQ BW7gBKCIvqsAoPnEy82NNMbWgrBkmY6Zp4DVS9S6VHMhIrB+GN8prrAqG6TXvFwE yqSO0whPq29MqDD2p6m9lPvL7u46N5ZBRY8CAwEAAaOB3DCB2TAdBgNVHQ4EFgQU ylxR0M+KKIhTstAlXInQ3RoOS3UwgakGA1UdIwSBoTCBnoAUylxR0M+KKIhTstAl XInQ3RoOS3Whe6R5MHcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJOSjEQMA4GA1UE BxMHTWFkaXNvbjETMBEGA1UEChMKUkZvcmdlLm5ldDETMBEGA1UEAxMKcmZvcmdl Lm5ldDEfMB0GCSqGSIb3DQEJARYQYWRtaW5AcmZvcmdlLm5ldIIJAIkMDa5gx1vQ MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAMw1ZL9Ex1wc+xK5Lzx1 AioyM0JnK4vP9Qlwr6zPDtvn5RU5u9wtrNHx+HhrKviwN0JW2bYRz6/LhTRuIcSk 3B336pCrUZejYlGClpSAj53HpfBSzE7BPvRAHYVt9sLojitS05nAi10VMSZIODud 7sEAjEii+JY4F3Pney5QfSfCD3B960Ba433KRWmICCX3eALf9z8cQNEVg/kLp9zh cxKFUNgfDZRCMkGY1IO3dGe3KVcpA2pZ9UW9QWQ1wMtO94pUMz3g3jirSH/qZd4B kWyVtwRKQO3+6z/XeHpNEO0M7rhJvdh0BIwJ+Dm+c48Uy6gijWF7VtY5JqtVUqsp 5Bs= -----END CERTIFICATE----- PKI/inst/certs/demo.crt0000644000176000001440000001066313021336216014463 0ustar ripleyusersCertificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, ST=NJ, L=Madison, O=RForge.net, CN=rforge.net/emailAddress=admin@rforge.net Validity Not Before: Sep 8 19:16:36 2012 GMT Not After : Sep 8 19:16:36 2013 GMT Subject: C=US, ST=NJ, O=RForge.net, CN=Simon Urbanek/emailAddress=simon.urbanek@r-project.org Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:d4:98:cf:c0:66:1c:15:00:10:16:d5:3b:94:b4: 02:c3:bb:c2:37:1b:97:e8:64:ca:0d:1d:ed:13:27: 76:d3:ba:4a:91:79:9b:db:5c:49:33:ac:e0:74:e2: f2:f4:9b:59:80:3e:e5:a6:a8:dd:18:04:96:cd:7c: 8e:44:39:8a:e6:1a:08:6b:3b:89:2b:24:5f:68:c9: 7e:a4:63:ae:a3:f0:ca:46:e0:93:49:49:74:55:2b: 1d:ca:5a:9f:20:d9:23:08:d1:cc:8c:d6:47:ca:7a: 35:ee:1d:c5:f2:c1:3c:2e:66:9e:7e:c3:03:40:b9: 15:82:e6:16:e4:0c:64:68:06:2b:c8:ed:7a:bc:e9: 78:88:fb:a3:92:e0:1f:4a:8a:07:59:bb:9e:ad:1d: 7d:2d:cd:16:3b:23:5d:01:1b:04:c4:dd:f0:68:00: c2:49:d6:8e:3b:5a:65:07:a8:53:3c:2b:9b:07:17: 2f:08:6e:f1:76:3c:25:13:0d:db:4e:c3:7f:ce:4c: d8:92:98:ef:a6:c5:a3:87:d6:d4:10:7a:07:2a:92: cb:94:9c:e1:cd:df:3a:a1:00:d5:5f:9f:d3:e4:46: 91:e6:08:db:21:03:ce:cc:88:25:08:f5:11:2a:40: e9:4f:c7:11:78:9a:9e:ca:c1:a6:7e:ef:12:f5:2d: f7:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Cert Type: SSL Client, S/MIME, Object Signing X509v3 Subject Key Identifier: 27:47:CC:BA:AA:BB:E9:BA:24:E1:49:22:B7:B9:79:3E:3C:C0:1C:AF X509v3 Authority Key Identifier: keyid:CA:5C:51:D0:CF:8A:28:88:53:B2:D0:25:5C:89:D0:DD:1A:0E:4B:75 Signature Algorithm: sha1WithRSAEncryption 5e:4d:51:4f:f9:db:2c:e8:73:02:7a:ad:c2:13:6c:62:58:19: 5a:6d:82:9f:03:a7:b0:13:0e:47:66:28:00:f2:71:cf:e4:2a: cc:40:d4:ef:aa:da:6f:44:9b:a6:3c:47:f4:b6:2e:bc:03:9a: d1:9d:a6:af:4c:8e:24:9c:14:ed:ac:b6:a6:45:fe:d9:cd:61: 81:91:1f:39:eb:47:34:6f:d5:a4:14:71:e9:5e:8f:01:df:ce: e1:ec:b3:71:8f:bb:79:76:86:69:92:60:96:9b:e6:03:33:70: df:d3:c9:fe:15:9f:c0:60:1c:34:27:38:2c:60:bc:5e:07:2d: f2:97:62:fc:d1:48:86:fc:b0:28:a3:96:59:8a:ab:67:23:52: 5e:1a:64:f5:75:b3:94:24:71:ab:d7:cb:7b:e2:da:36:f9:3c: 3d:97:28:c0:f6:dc:06:79:9a:b7:3e:8c:8e:c8:21:29:a2:fb: 8f:50:e8:b5:c9:0a:66:91:9a:28:1f:99:6f:83:e9:98:7e:18: e8:58:1e:b0:44:08:f3:0a:c3:c5:ad:d0:69:95:5c:1d:bf:e1: f7:41:81:bf:7f:c8:86:50:a7:81:fd:ff:a2:74:91:cf:c8:6c: 67:ca:f9:8b:25:ea:82:50:02:70:e2:6d:39:d3:29:07:1a:e0: 21:2b:42:ae -----BEGIN CERTIFICATE----- MIIDxTCCAq2gAwIBAgIBATANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJVUzEL MAkGA1UECBMCTkoxEDAOBgNVBAcTB01hZGlzb24xEzARBgNVBAoTClJGb3JnZS5u ZXQxEzARBgNVBAMTCnJmb3JnZS5uZXQxHzAdBgkqhkiG9w0BCQEWEGFkbWluQHJm b3JnZS5uZXQwHhcNMTIwOTA4MTkxNjM2WhcNMTMwOTA4MTkxNjM2WjBzMQswCQYD VQQGEwJVUzELMAkGA1UECBMCTkoxEzARBgNVBAoTClJGb3JnZS5uZXQxFjAUBgNV BAMTDVNpbW9uIFVyYmFuZWsxKjAoBgkqhkiG9w0BCQEWG3NpbW9uLnVyYmFuZWtA ci1wcm9qZWN0Lm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANSY z8BmHBUAEBbVO5S0AsO7wjcbl+hkyg0d7RMndtO6SpF5m9tcSTOs4HTi8vSbWYA+ 5aao3RgEls18jkQ5iuYaCGs7iSskX2jJfqRjrqPwykbgk0lJdFUrHcpanyDZIwjR zIzWR8p6Ne4dxfLBPC5mnn7DA0C5FYLmFuQMZGgGK8jterzpeIj7o5LgH0qKB1m7 nq0dfS3NFjsjXQEbBMTd8GgAwknWjjtaZQeoUzwrmwcXLwhu8XY8JRMN207Df85M 2JKY76bFo4fW1BB6ByqSy5Sc4c3fOqEA1V+f0+RGkeYI2yEDzsyIJQj1ESpA6U/H EXiansrBpn7vEvUt9zkCAwEAAaNgMF4wCQYDVR0TBAIwADARBglghkgBhvhCAQEE BAMCBLAwHQYDVR0OBBYEFCdHzLqqu+m6JOFJIre5eT48wByvMB8GA1UdIwQYMBaA FMpcUdDPiiiIU7LQJVyJ0N0aDkt1MA0GCSqGSIb3DQEBBQUAA4IBAQBeTVFP+dss 6HMCeq3CE2xiWBlabYKfA6ewEw5HZigA8nHP5CrMQNTvqtpvRJumPEf0ti68A5rR naavTI4knBTtrLamRf7ZzWGBkR8560c0b9WkFHHpXo8B387h7LNxj7t5doZpkmCW m+YDM3Df08n+FZ/AYBw0JzgsYLxeBy3yl2L80UiG/LAoo5ZZiqtnI1JeGmT1dbOU JHGr18t74to2+Tw9lyjA9twGeZq3PoyOyCEpovuPUOi1yQpmkZooH5lvg+mYfhjo WB6wRAjzCsPFrdBplVwdv+H3QYG/f8iGUKeB/f+idJHPyGxnyvmLJeqCUAJw4m05 0ykHGuAhK0Ku -----END CERTIFICATE----- PKI/configure.ac0000644000176000001440000000460413021336216013214 0ustar ripleyusers# Process this file with autoconf to produce a configure script. AC_INIT([PKI],[0.1],[Simon.Urbanek@r-project.org]) AC_CONFIG_SRCDIR([src/pki.h]) AC_CONFIG_HEADER([src/config.h]) # find R home and set CC/CFLAGS : ${R_HOME=`R RHOME`} if test -z "${R_HOME}"; then echo "could not determine R_HOME" exit 1 fi CC=`${R_HOME}/bin/R CMD config CC`; CXX=`${R_HOME}/bin/R CMD config CXX`; CPPFLAGS="${CPPFLAGS} ${PKG_CPPFLAGS}" CFLAGS=`${R_HOME}/bin/R CMD config CFLAGS` CXXFLAGS=`${R_HOME}/bin/R CMD config CXXFLAGS` LIBS="${LIBS} ${PKG_LIBS}" AC_SUBST(R_HOME) AC_ARG_VAR([OPENSSL_INCLUDES],[optional path to the include directory for OpenSSL headers]) AC_ARG_VAR([PKG_CPPFLAGS],[additional pre-processor flags]) AC_ARG_VAR([PKG_LIBS],[additional linker library flags]) if test "x${OPENSSL_INCLUDES}" != x; then CPPFLAGS="${CPPFLAGS} -I${OPENSSL_INCLUDES}" fi # Checks for programs. AC_PROG_CC AC_CHECK_HEADER([openssl/ssl.h],,[ if test "`uname -s`" = Darwin; then AC_MSG_NOTICE([Missing OpenSSL headers on macOS,]) AC_MSG_NOTICE([attempting to get headers from Apple...]) mkdir tmp cd tmp curl -L https://opensource.apple.com/tarballs/OpenSSL098/OpenSSL098-59.tar.gz | tar fxz - if test -e OpenSSL098-59/src/include/openssl; then mkdir ../src/include mv OpenSSL098-59/src/include/openssl ../src/include else AC_MSG_ERROR([Failed to download OpenSSL sources from Apple. Please install OpenSSL headers before installing PKI.]) fi cd .. rm -rf tmp CPPFLAGS="-Iinclude -Isrc/include ${CPPFLAGS}" AS_UNSET([ac_cv_header_openssl_ssl_h]) AC_CHECK_HEADER([openssl/ssl.h],,[AC_MSG_ERROR([Failed to find usable OpenSSL headers])]) fi ]) # check RSA/crypto AC_CHECK_HEADER([openssl/rsa.h], [AC_SEARCH_LIBS(RSA_generate_key_ex, [crypto ssl openssl],, [AC_MSG_ERROR([Cannot find usable crypto library])])], [AC_MSG_ERROR([Failed to find usable crypto library. Please install openssl-dev or equivalent and/or set PKG_LIBS if not in default location.])] ) # check SSL support AC_CHECK_HEADER([openssl/ssl.h], [AC_SEARCH_LIBS(SSL_CTX_load_verify_locations, [ssl openssl],, [AC_MSG_ERROR([Cannot find usable SSL library])])], [AC_MSG_ERROR([Failed to find usable SSL library. Please install openssl-dev or equivalent and/or set PKG_LIBS if not in default location.])] ) AC_SUBST(LIBS) AC_SUBST(CPPFLAGS) AC_CONFIG_FILES([src/Makevars]) AC_OUTPUT PKI/src/0000755000176000001440000000000013157014224011513 5ustar ripleyusersPKI/src/config.h.in0000644000176000001440000000251313021336216013535 0ustar ripleyusers/* src/config.h.in. Generated from configure.ac by autoheader. */ /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H /* Define to 1 if you have the header file. */ #undef HAVE_STRING_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT /* Define to the full name of this package. */ #undef PACKAGE_NAME /* Define to the full name and version of this package. */ #undef PACKAGE_STRING /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME /* Define to the home page for this package. */ #undef PACKAGE_URL /* Define to the version of this package. */ #undef PACKAGE_VERSION /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS PKI/src/register.c0000644000176000001440000000467213157014371013517 0ustar ripleyusers#include #include #include // for NULL #include /* .Call calls */ extern SEXP decode_ASN1(SEXP sWhat); extern SEXP encode_ASN1(SEXP sWhat); extern SEXP PKI_asBIGNUMint(SEXP sWhat, SEXP sScalar); extern SEXP PKI_load_DER_X509(SEXP what); extern SEXP PKI_verify_cert(SEXP sCA, SEXP sCert); extern SEXP PKI_extract_key(SEXP sKey, SEXP sPriv); extern SEXP PKI_cert_public_key(SEXP sCert); extern SEXP PKI_encrypt(SEXP what, SEXP sKey, SEXP sCipher, SEXP sIV); extern SEXP PKI_decrypt(SEXP what, SEXP sKey, SEXP sCipher, SEXP sIV); extern SEXP PKI_digest(SEXP sWhat, SEXP sMD); extern SEXP PKI_sign_RSA(SEXP what, SEXP sMD, SEXP sKey); extern SEXP PKI_verify_RSA(SEXP what, SEXP sMD, SEXP sKey, SEXP sig); extern SEXP PKI_load_private_RSA(SEXP what, SEXP sPassword); extern SEXP PKI_load_public_RSA(SEXP what); extern SEXP PKI_RSAkeygen(SEXP sBits); extern SEXP PKI_random(SEXP sBytes); extern SEXP PKI_sign(SEXP what, SEXP sKey, SEXP sMD, SEXP sPad); extern SEXP PKI_get_subject(SEXP sCert); extern SEXP PKI_raw2hex(SEXP sRaw, SEXP sSep, SEXP sUpp); static const R_CallMethodDef CallEntries[] = { {"PKI_RSAkeygen", (DL_FUNC) &PKI_RSAkeygen, 1}, {"PKI_asBIGNUMint", (DL_FUNC) &PKI_asBIGNUMint, 2}, {"PKI_cert_public_key", (DL_FUNC) &PKI_cert_public_key, 1}, {"PKI_decrypt", (DL_FUNC) &PKI_decrypt, 4}, {"PKI_digest", (DL_FUNC) &PKI_digest, 2}, {"PKI_encrypt", (DL_FUNC) &PKI_encrypt, 4}, {"PKI_extract_key", (DL_FUNC) &PKI_extract_key, 2}, {"PKI_get_subject", (DL_FUNC) &PKI_get_subject, 1}, {"PKI_load_DER_X509", (DL_FUNC) &PKI_load_DER_X509, 1}, {"PKI_load_private_RSA", (DL_FUNC) &PKI_load_private_RSA, 2}, {"PKI_load_public_RSA", (DL_FUNC) &PKI_load_public_RSA, 1}, {"PKI_random", (DL_FUNC) &PKI_random, 1}, {"PKI_raw2hex", (DL_FUNC) &PKI_raw2hex, 3}, {"PKI_sign_RSA", (DL_FUNC) &PKI_sign_RSA, 3}, {"PKI_verify_RSA", (DL_FUNC) &PKI_verify_RSA, 4}, {"PKI_verify_cert", (DL_FUNC) &PKI_verify_cert, 2}, {"decode_ASN1", (DL_FUNC) &decode_ASN1, 1}, {"encode_ASN1", (DL_FUNC) &encode_ASN1, 1}, {NULL, NULL, 0} }; void R_init_PKI(DllInfo *dll) { R_registerRoutines(dll, NULL, CallEntries, NULL, NULL); R_useDynamicSymbols(dll, FALSE); } PKI/src/asn1.c0000644000176000001440000001601213157014371012524 0ustar ripleyusers#include #include static SEXP decode_ASN1_bytes(unsigned char *d, unsigned int l, unsigned int *ptr) { unsigned int i = 0; int cl = d[i++]; if (i < l) { unsigned int len = d[i++]; if (len > 127) { unsigned int nb = len - 128; if (i + nb > l) Rf_error("truncated ASN.1 object"); if (nb > 4) Rf_error("too large ASN.1 object"); len = 0; while (nb) { len <<= 8; len |= d[i++]; nb--; } } if (i + len > l) Rf_error("truncated ASN.1 object"); /* Rprintf(" %p: type 0x%02x len %d\n", d, cl, len); */ if (cl == 0x30) { /* sequence */ SEXP rl = R_NilValue, tl = R_NilValue, res; unsigned int si = i, n = 0; while (i - si < len) { unsigned int i_off = 0; SEXP v = decode_ASN1_bytes(d + i, si + len - i, &i_off); i += i_off; if (rl == R_NilValue) tl = rl = PROTECT(CONS(v, R_NilValue)); else tl = SETCDR(tl, CONS(v, R_NilValue)); n++; } res = PROTECT(allocVector(VECSXP, n)); if (rl != R_NilValue) { unsigned int j = 0; while (rl != R_NilValue) { SET_VECTOR_ELT(res, j++, CAR(rl)); rl = CDR(rl); } UNPROTECT(1); } UNPROTECT(1); if (ptr) *ptr = i; return res; } else { /* everything else we just return as raw with "type" attribute */ int unused = -1; if (cl == 3) {/* bit string - take out the unused bits number */ unused = d[i++]; len--; } { SEXP res = PROTECT(allocVector(RAWSXP, len)); SEXP clo = PROTECT(ScalarInteger(cl)); memcpy(RAW(res), d + i, len); setAttrib(res, install("type"), clo); if (unused != -1) { SEXP ub = PROTECT(ScalarInteger(unused)); setAttrib(res, install("padded.bits"), ub); UNPROTECT(1); } UNPROTECT(2); if (ptr) *ptr = i + len; return res; } } } Rf_error("truncated ASN.1 object"); /* unreachable */ return R_NilValue; } SEXP decode_ASN1(SEXP sWhat) { if (TYPEOF(sWhat) != RAWSXP) Rf_error("ASN.1 object must be a raw vector"); return decode_ASN1_bytes((unsigned char*) RAW(sWhat), (unsigned int) LENGTH(sWhat), 0); } static unsigned char *encode_ASN1_bytes(unsigned char *d, unsigned int max_len, SEXP sWhat) { unsigned int i = 0; if (max_len < 16) Rf_error("too large object"); if (TYPEOF(sWhat) == RAWSXP) { SEXP ty = getAttrib(sWhat, install("type")); unsigned int len = LENGTH(sWhat); unsigned char unused = 0; int cl; if (ty == R_NilValue) Rf_error("raw object without type - cannot encode"); cl = d[i++] = (unsigned char) asInteger(ty); if (cl == 3) { SEXP ub = getAttrib(sWhat, install("unused.bits")); if (ub != R_NilValue) unused = (unsigned char) asInteger(ub); len++; } if (len < 128) d[i++] = len; else { int nb = 0, l0 = len, nb0; while (l0) { l0 >>= 8; nb++; } d[i++] = nb + 128; nb0 = nb; l0 = len; while (nb) { d[i + --nb] = (unsigned char) l0; l0 >>= 8; } i += nb0; } if (i + len + 2 > max_len) Rf_error("too large object"); if (cl == 3) { d[i++] = unused; len--; } memcpy(d + i, RAW(sWhat), len); return d + i + len; } else if (TYPEOF(sWhat) == VECSXP) { unsigned int i0 = i, len = 0, n = LENGTH(sWhat), j, shift_by; unsigned char *e; d[i++] = 0x30; /* reserve some space for the length - we use at most 32-bits */ i += 5; e = d + i; for (j = 0; j < n; j++) { unsigned char *en = encode_ASN1_bytes(e, max_len - i, VECTOR_ELT(sWhat, j)); i += en - e; e = en; } len = e - (d + i0 + 6); shift_by = 4; if (len < 128) d[i0 + 1] = len; else { unsigned int l0 = len, nb = 0; while (l0) { l0 >>= 8; nb++; } e = d + i0 + 1; *(e++) = nb + 128; l0 = len; while (l0) { e[--nb] = (unsigned char) l0; l0 >>= 8; shift_by--; } } if (shift_by) memmove(d + i0 + 6 - shift_by, d + i0 + 6, len); return d + i0 + 6 - shift_by + len; } else Rf_error("ASN.1 objects to be wrapped must be either lists or raw vectors"); /* unreachable */ return 0; } SEXP encode_ASN1(SEXP sWhat) { unsigned int max_len = 1024*1024; SEXP tmp = PROTECT(allocVector(RAWSXP, max_len)), res; unsigned char *e = encode_ASN1_bytes((unsigned char*) RAW(tmp), LENGTH(tmp), sWhat); res = allocVector(RAWSXP, e - (unsigned char*) RAW(tmp)); memcpy(RAW(res), RAW(tmp), LENGTH(res)); UNPROTECT(1); return res; } static SEXP bigz2bignum(const unsigned int *bz) { SEXP res = allocVector(RAWSXP, 1 + bz[0] * 4); unsigned char *c = (unsigned char *) RAW(res); unsigned int i; *(c++) = 0; /* we may need a leading zero */ /* FIXME: we handle only positive numbers */ for (i = 2; i < bz[0] + 2; i++) { *(c++) = bz[i] >> 24; *(c++) = (bz[i] >> 16) & 255; *(c++) = (bz[i] >> 8) & 255; *(c++) = bz[i] & 255; } c = (unsigned char*) RAW(res); for (i = 0; i < LENGTH(res); i++) if (c[i]) break; if (c[i] > 127) i--; if (i > 0) { memmove(c, c + i, LENGTH(res) - i); SETLENGTH(res, LENGTH(res) - i); } return res; } static SEXP long2bignum(unsigned long v) { unsigned char buf[9], *c = buf + 8; SEXP res; if (v < 128) { SEXP res = allocVector(RAWSXP, 1); RAW(res)[0] = v; return res; } while (v) { *(c--) = (unsigned char) v; v >>= 8; } if (c[1] < 128) c++; /* move back if leading zero is not needed */ res = allocVector(RAWSXP, buf + 9 - c); memcpy(RAW(res), c, LENGTH(res)); return res; } SEXP PKI_asBIGNUMint(SEXP sWhat, SEXP sScalar) { int scalar = asInteger(sScalar) == TRUE; if (inherits(sWhat, "bigz")) { const unsigned int *bz; if (TYPEOF(sWhat) != RAWSXP || LENGTH(sWhat) < 4) Rf_error("invalid bigz format"); bz = (const unsigned int*) RAW(sWhat); if (scalar) { if (bz == 0) Rf_error("attempt to use zero-length vector as scalar"); return bigz2bignum(bz + 1); } else { SEXP res = PROTECT(allocVector(VECSXP, bz[0])); unsigned int i, j = 1; for (i = 0; i < bz[0]; i++) { SET_VECTOR_ELT(res, i, bigz2bignum(bz + j)); j += bz[j] + 1; } UNPROTECT(1); return res; } } if (TYPEOF(sWhat) == REALSXP) { if (scalar) { if (!LENGTH(sWhat)) Rf_error("attempt to use zero-length vector as scalar"); return long2bignum((unsigned long) asReal(sWhat)); } else { unsigned int i, n = LENGTH(sWhat); SEXP res = PROTECT(allocVector(VECSXP, n)); const double *d = REAL(sWhat); for (i = 0; i < n; i++) SET_VECTOR_ELT(res, i, long2bignum((unsigned long) d[i])); UNPROTECT(1); return res; } } if (TYPEOF(sWhat) == INTSXP) { if (scalar) { if (!LENGTH(sWhat)) Rf_error("attempt to use zero-length vector as scalar"); return long2bignum((unsigned long) asInteger(sWhat)); } else { unsigned int i, n = LENGTH(sWhat); SEXP res = PROTECT(allocVector(VECSXP, n)); const int *d = INTEGER(sWhat); for (i = 0; i < n; i++) SET_VECTOR_ELT(res, i, long2bignum((unsigned long) d[i])); UNPROTECT(1); return res; } } Rf_error("unsupported type to convert"); /* unreachable */ return R_NilValue; } PKI/src/pki-x509.c0000644000176000001440000005346013157014371013160 0ustar ripleyusers#include "pki.h" #include #define USE_RINTERNALS 1 #include /* NOTE: we use d2i_RSAPrivateKey but s2i_RSA_PUBKEY (instead of s2i_RSAPublicKey) because that is what OpenSSL uses as well. PUBKEY is on X509 SubjectPublicKeyInfo format while RSAPublicKey is in PKCS#1 format. The difference in PEM files is "PUBLIC KEY" for X509 and "RSA PUBLIC KEY" for the other. Note that OpenSSL on the command line doesn't even support loading PEM with RSA PUBLIC KEY, that's why we don't even offer it as an option. */ /* from init.c */ void PKI_init(); /* OpenSSL 1.1 has changed APIs - adapt accordingly */ #if OPENSSL_VERSION_NUMBER < 0x10100000L #define EVP_PKEY_get_key_type_(X) EVP_PKEY_type((X)->type) #else #define EVP_PKEY_get_key_type_(X) EVP_PKEY_base_id(X) #endif static void PKI_free_X509(SEXP ref) { X509 *x509 = (X509*) R_ExternalPtrAddr(ref); if (x509) X509_free(x509); } static void PKI_free_EVP_PKEY(SEXP ref) { EVP_PKEY *key = (EVP_PKEY*) R_ExternalPtrAddr(ref); if (key) EVP_PKEY_free(key); } SEXP PKI_load_DER_X509(SEXP what) { SEXP res, ia; const unsigned char *ptr; X509 *x509 = 0; if (TYPEOF(what) != RAWSXP) Rf_error("what must be a raw vector containing the DER-encoded certificate"); ptr = (const unsigned char*) RAW(what); PKI_init(); x509 = d2i_X509(&x509, &ptr, LENGTH(what)); if (!x509) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); res = PROTECT(R_MakeExternalPtr(x509, R_NilValue, R_NilValue)); R_RegisterCFinalizerEx(res, PKI_free_X509, TRUE); setAttrib(res, install("class"), mkString("X509cert")); /* we add the content to the cert in case someone tries to serialize it */ ia = install("crt.DER"); setAttrib(res, ia, what); UNPROTECT(1); return res; } /* c_name is solely for error messages */ static X509 *retrieve_cert(SEXP obj, const char *c_name) { X509 *cacrt; if (!inherits(obj, "X509cert")) Rf_error("invalid %scertificate object", c_name); cacrt = (X509*) R_ExternalPtrAddr(obj); if (!cacrt) { /* check if this is NULL because it has been restored from serialization */ SEXP der = getAttrib(obj, install("crt.DER")); if (TYPEOF(der) == RAWSXP) { const unsigned char *ptr = (const unsigned char*) RAW(der); cacrt = d2i_X509(&cacrt, &ptr, LENGTH(der)); if (!cacrt) Rf_warning("Attempt to load NULL %scertificate with invalid crt.DER content", c_name); else { /* there is no SETPTR so have have to use SETCAR */ SETCAR(obj, (SEXP) cacrt); R_RegisterCFinalizerEx(obj, PKI_free_X509, TRUE); } } } if (!cacrt) Rf_error("invalid %scertificate (NULL)", c_name); return cacrt; } SEXP PKI_verify_cert(SEXP sCA, SEXP sCert) { X509 *cert; X509_STORE *store; X509_STORE_CTX *ctx; int rv; PKI_init(); cert = retrieve_cert(sCert, ""); store = X509_STORE_new(); if (TYPEOF(sCA) == VECSXP) { int i; for (i = 0; i < LENGTH(sCA); i++) X509_STORE_add_cert(store, retrieve_cert(VECTOR_ELT(sCA, i),"CA ")); } else X509_STORE_add_cert(store, retrieve_cert(sCA, "CA ")); ctx = X509_STORE_CTX_new(); X509_STORE_CTX_init(ctx, store, cert, NULL); rv = X509_verify_cert(ctx); X509_STORE_CTX_free(ctx); X509_STORE_free(store); return ScalarLogical((rv == 1) ? TRUE : FALSE); } #define PKI_KT_PUBLIC 1 #define PKI_KT_PRIVATE 2 static SEXP wrap_EVP_PKEY(EVP_PKEY *key, int kt) { SEXP res = PROTECT(R_MakeExternalPtr(key, R_NilValue, R_NilValue)); R_RegisterCFinalizerEx(res, PKI_free_EVP_PKEY, TRUE); if (kt == PKI_KT_PRIVATE || kt == PKI_KT_PUBLIC) setAttrib(res, R_ClassSymbol, mkString((kt == PKI_KT_PUBLIC) ? "public.key" : "private.key")); else { SEXP cl = PROTECT(allocVector(STRSXP, 2)); SET_STRING_ELT(cl, 0, mkChar("public.key")); SET_STRING_ELT(cl, 1, mkChar("private.key")); setAttrib(res, R_ClassSymbol, cl); UNPROTECT(1); } /* FIXME: we don't have non-external payload for serialization */ UNPROTECT(1); return res; } SEXP PKI_extract_key(SEXP sKey, SEXP sPriv) { SEXP res; EVP_PKEY *key; RSA *rsa; int get_priv = asInteger(sPriv), len; if (!inherits(sKey, "public.key") && !inherits(sKey, "private.key")) Rf_error("invalid key object"); if (get_priv == NA_INTEGER) get_priv = inherits(sKey, "private.key"); if (get_priv && !inherits(sKey, "private.key")) return R_NilValue; key = (EVP_PKEY*) R_ExternalPtrAddr(sKey); if (!key) Rf_error("NULL key"); PKI_init(); if (EVP_PKEY_get_key_type_(key) != EVP_PKEY_RSA) Rf_error("Sorry only RSA keys are supported at this point"); rsa = EVP_PKEY_get1_RSA(key); if (get_priv) { unsigned char *ptr; len = i2d_RSAPrivateKey(rsa, 0); if (len < 1) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); res = allocVector(RAWSXP, len); ptr = (unsigned char*) RAW(res); len = i2d_RSAPrivateKey(rsa, &ptr); if (len < 1) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); PROTECT(res); setAttrib(res, R_ClassSymbol, mkString("private.key.DER")); UNPROTECT(1); } else { unsigned char *ptr; len = i2d_RSA_PUBKEY(rsa, 0); if (len < 1) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); res = allocVector(RAWSXP, len); ptr = (unsigned char*) RAW(res); len = i2d_RSA_PUBKEY(rsa, &ptr); if (len < 1) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); PROTECT(res); setAttrib(res, R_ClassSymbol, mkString("public.key.DER")); UNPROTECT(1); } return res; } SEXP PKI_cert_public_key(SEXP sCert) { X509 *cert; EVP_PKEY *key; PKI_init(); cert = retrieve_cert(sCert, ""); key = X509_get_pubkey(cert); if (!key) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); return wrap_EVP_PKEY(key, PKI_KT_PUBLIC); } static char buf[8192]; static char cipher_name[32]; static EVP_CIPHER_CTX *get_cipher(SEXP sKey, SEXP sCipher, int enc, int *transient, SEXP sIV) { EVP_CIPHER_CTX *ctx; PKI_init(); if (inherits(sKey, "symmeric.cipher")) { if (transient) transient[0] = 0; return (EVP_CIPHER_CTX*) R_ExternalPtrAddr(sCipher); } if (TYPEOF(sKey) != RAWSXP && (TYPEOF(sKey) != STRSXP || LENGTH(sKey) < 1)) Rf_error("invalid key object"); else { const char *cipher, *c_key, *c_iv = 0; int key_len; const EVP_CIPHER *type; if (TYPEOF(sCipher) != STRSXP || LENGTH(sCipher) != 1) Rf_error("non-RSA key and no cipher is specified"); cipher = CHAR(STRING_ELT(sCipher, 0)); if (strlen(cipher) > sizeof(cipher_name) - 1) Rf_error("invalid cipher name"); { char *c = cipher_name; while (*cipher) { if ((*cipher >= 'a' && *cipher <= 'z') || (*cipher >= '0' && *cipher <= '9')) *(c++) = *cipher; else if (*cipher >= 'A' && *cipher <= 'Z') *(c++) = *cipher + 32; cipher++; } *c = 0; cipher = (const char*) cipher_name; } if (!strcmp(cipher, "aes128") || !strcmp(cipher, "aes128cbc")) type = EVP_aes_128_cbc(); else if (!strcmp(cipher, "aes128ecb")) type = EVP_aes_128_ecb(); else if (!strcmp(cipher, "aes128ofb")) type = EVP_aes_128_ofb(); else if (!strcmp(cipher, "aes256") || !strcmp(cipher, "aes256cbc")) type = EVP_aes_256_cbc(); else if (!strcmp(cipher, "aes256ecb")) type = EVP_aes_256_ecb(); else if (!strcmp(cipher, "aes256ofb")) type = EVP_aes_256_ofb(); else if (!strcmp(cipher, "blowfish") || !strcmp(cipher, "bfcbc")) type = EVP_bf_cbc(); else if (!strcmp(cipher, "bfecb")) type = EVP_bf_ecb(); else if (!strcmp(cipher, "bfofb")) type = EVP_bf_ofb(); else if (!strcmp(cipher, "bfcfb")) type = EVP_bf_cfb(); else Rf_error("unknown cipher `%s'", CHAR(STRING_ELT(sCipher, 0))); if (TYPEOF(sIV) == STRSXP) { if (LENGTH(sIV) != 1) Rf_error("invalid IV - if used must be a string (or raw), but is string vector of length %d", (int) LENGTH(sIV)); c_iv = CHAR(STRING_ELT(sIV, 0)); int req_len = EVP_CIPHER_iv_length(type); int iv_len = strlen(c_iv); if (iv_len < req_len) Rf_error("insufficient IV - must be %d bytes long", req_len); } else if (TYPEOF(sIV) == RAWSXP) { c_iv = (const char *) RAW(sIV); int req_len = EVP_CIPHER_iv_length(type); if (LENGTH(sIV) < req_len) Rf_error("insufficient IV - must be %d bytes long", req_len); } else if (sIV != R_NilValue) Rf_error("invalid IV - must be NULL (no/empty IV), a string or a raw vector of sufficient length for the cipher"); if (TYPEOF(sKey) == STRSXP) { c_key = CHAR(STRING_ELT(sKey, 0)); key_len = strlen(c_key); } else { c_key = (const char*) RAW(sKey); key_len = LENGTH(sKey); } if (key_len < EVP_CIPHER_key_length(type)) Rf_error("key is too short (%d bytes) for the cipher - need %d bytes", key_len, EVP_CIPHER_key_length(type)); ctx = EVP_CIPHER_CTX_new(); if (!ctx) Rf_error("cannot allocate memory for cipher"); if (!EVP_CipherInit(ctx, type, (unsigned char*) c_key, (unsigned char *) c_iv, enc)) { EVP_CIPHER_CTX_free(ctx); Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); } if (transient) transient[0] = 1; return ctx; } } static void PKI_free_cipher(SEXP sCipher) { EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX*) R_ExternalPtrAddr(sCipher); if (ctx) EVP_CIPHER_CTX_free(ctx); } /* FIXME: this is exposed as C symbol but not actually used anywhere ... ?!? */ SEXP PKI_sym_cipher(SEXP sKey, SEXP sCipher, SEXP sEncrypt, SEXP sIV) { SEXP res; int transient_cipher = 0; int do_enc = (asInteger(sEncrypt) != 0) ? 1 : 0; EVP_CIPHER_CTX *ctx = get_cipher(sKey, sCipher, do_enc, &transient_cipher, sIV); if (!transient_cipher) return sCipher; res = PROTECT(R_MakeExternalPtr(ctx, R_NilValue, R_NilValue)); R_RegisterCFinalizerEx(res, PKI_free_cipher, TRUE); setAttrib(res, install("class"), mkString("symmetric.cipher")); UNPROTECT(1); return res; } SEXP PKI_encrypt(SEXP what, SEXP sKey, SEXP sCipher, SEXP sIV) { SEXP res; EVP_PKEY *key; RSA *rsa; int len; if (TYPEOF(what) != RAWSXP) Rf_error("invalid payload to sign - must be a raw vector"); if (!inherits(sKey, "public.key") && !inherits(sKey, "private.key")) { int transient_cipher = 0; EVP_CIPHER_CTX *ctx = get_cipher(sKey, sCipher, 1, &transient_cipher, sIV); int block_len = EVP_CIPHER_CTX_block_size(ctx); int padding = LENGTH(what) % block_len; /* Note: padding is always required, so if the last block is full, there must be an extra block added at the end */ padding = block_len - padding; /* FIXME: ctx will leak on alloc errors for transient ciphers - wrap them first */ res = allocVector(RAWSXP, len = (LENGTH(what) + padding)); if (!EVP_CipherUpdate(ctx, RAW(res), &len, RAW(what), LENGTH(what))) { if (transient_cipher) { EVP_CIPHER_CTX_cleanup(ctx); free(ctx); } Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); } if (len < LENGTH(res)) EVP_CipherFinal(ctx, RAW(res) + len, &len); if (transient_cipher) { EVP_CIPHER_CTX_cleanup(ctx); free(ctx); } return res; } key = (EVP_PKEY*) R_ExternalPtrAddr(sKey); if (!key) Rf_error("NULL key"); if (EVP_PKEY_get_key_type_(key) != EVP_PKEY_RSA) Rf_error("Sorry only RSA keys are supported at this point"); rsa = EVP_PKEY_get1_RSA(key); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); len = RSA_public_encrypt(LENGTH(what), RAW(what), (unsigned char*) buf, rsa, RSA_PKCS1_PADDING); if (len < 0) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); res = allocVector(RAWSXP, len); memcpy(RAW(res), buf, len); return res; } SEXP PKI_decrypt(SEXP what, SEXP sKey, SEXP sCipher, SEXP sIV) { SEXP res; EVP_PKEY *key; RSA *rsa; int len; if (TYPEOF(what) != RAWSXP) Rf_error("invalid payload to sign - must be a raw vector"); PKI_init(); if (!inherits(sKey, "private.key")) { int transient_cipher = 0, fin = 0; EVP_CIPHER_CTX *ctx = get_cipher(sKey, sCipher, 0, &transient_cipher, sIV); /* FIXME: ctx will leak on alloc errors for transient ciphers - wrap them first */ res = allocVector(RAWSXP, len = LENGTH(what)); if (!EVP_CipherUpdate(ctx, RAW(res), &len, RAW(what), LENGTH(what))) { if (transient_cipher) { EVP_CIPHER_CTX_cleanup(ctx); free(ctx); } Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); } if (EVP_CipherFinal(ctx, RAW(res) + len, &fin)) len += fin; if (len < LENGTH(res)) SETLENGTH(res, len); if (transient_cipher) { EVP_CIPHER_CTX_cleanup(ctx); free(ctx); } return res; } key = (EVP_PKEY*) R_ExternalPtrAddr(sKey); if (!key) Rf_error("NULL key"); if (EVP_PKEY_get_key_type_(key) != EVP_PKEY_RSA) Rf_error("Sorry only RSA keys are supported at this point"); rsa = EVP_PKEY_get1_RSA(key); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); len = RSA_private_decrypt(LENGTH(what), RAW(what), (unsigned char*) buf, rsa, RSA_PKCS1_PADDING); if (len < 0) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); res = allocVector(RAWSXP, len); memcpy(RAW(res), buf, len); return res; } #define PKI_SHA1 1 #define PKI_SHA256 2 #define PKI_MD5 3 SEXP PKI_digest(SEXP sWhat, SEXP sMD) { SEXP res; unsigned char hash[32]; /* really, at most 20 bytes are needed */ int len, md = asInteger(sMD); const unsigned char *what; int what_len; PKI_init(); if (TYPEOF(sWhat) == RAWSXP) { what = (const unsigned char*) RAW(sWhat); what_len = LENGTH(sWhat); } else if (TYPEOF(sWhat) == STRSXP) { if (LENGTH(sWhat) < 1) return allocVector(RAWSXP, 0); /* good? */ what = (const unsigned char*) CHAR(STRING_ELT(sWhat, 0)); what_len = strlen((const char*) what); } else Rf_error("what must be a string or a raw vector"); switch (md) { case PKI_SHA1: SHA1(what, what_len, hash); len = SHA_DIGEST_LENGTH; break; case PKI_SHA256: SHA256(what, what_len, hash); len = SHA256_DIGEST_LENGTH; break; case PKI_MD5: MD5(what, what_len, hash); len = MD5_DIGEST_LENGTH; break; default: Rf_error("unsupported hash function"); len = 0; /* dead code but needed to appease compilers */ } res = allocVector(RAWSXP, len); memcpy(RAW(res), hash, len); return res; } SEXP PKI_sign_RSA(SEXP what, SEXP sMD, SEXP sKey) { SEXP res; int md = asInteger(sMD), type; EVP_PKEY *key; RSA *rsa; unsigned int siglen = sizeof(buf); switch (md) { case PKI_MD5: type = NID_md5; break; case PKI_SHA1: type = NID_sha1; break; case PKI_SHA256: type = NID_sha256; break; default: Rf_error("unsupported hash type"); } if (TYPEOF(what) != RAWSXP || (md == PKI_MD5 && LENGTH(what) != MD5_DIGEST_LENGTH) || (md == PKI_SHA1 && LENGTH(what) != SHA_DIGEST_LENGTH) || (md == PKI_SHA256 && LENGTH(what) != SHA256_DIGEST_LENGTH)) Rf_error("invalid hash"); if (!inherits(sKey, "private.key")) Rf_error("key must be RSA private key"); key = (EVP_PKEY*) R_ExternalPtrAddr(sKey); if (!key) Rf_error("NULL key"); PKI_init(); if (EVP_PKEY_get_key_type_(key) != EVP_PKEY_RSA) Rf_error("key must be RSA private key"); rsa = EVP_PKEY_get1_RSA(key); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); if (RSA_sign(type, (const unsigned char*) RAW(what), LENGTH(what), (unsigned char *) buf, &siglen, rsa) != 1) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); res = allocVector(RAWSXP, siglen); memcpy(RAW(res), buf, siglen); return res; } SEXP PKI_verify_RSA(SEXP what, SEXP sMD, SEXP sKey, SEXP sig) { int md = asInteger(sMD), type; EVP_PKEY *key; RSA *rsa; switch (md) { case PKI_MD5: type = NID_md5; break; case PKI_SHA1: type = NID_sha1; break; case PKI_SHA256: type = NID_sha256; break; default: Rf_error("unsupported hash type"); } if (TYPEOF(what) != RAWSXP || (md == PKI_MD5 && LENGTH(what) != MD5_DIGEST_LENGTH) || (md == PKI_SHA1 && LENGTH(what) != SHA_DIGEST_LENGTH) || (md == PKI_SHA256 && LENGTH(what) != SHA256_DIGEST_LENGTH)) Rf_error("invalid hash"); if (!inherits(sKey, "public.key") && !inherits(sKey, "private.key")) Rf_error("key must be RSA public or private key"); key = (EVP_PKEY*) R_ExternalPtrAddr(sKey); if (!key) Rf_error("NULL key"); if (EVP_PKEY_get_key_type_(key) != EVP_PKEY_RSA) Rf_error("key must be RSA public or private key"); rsa = EVP_PKEY_get1_RSA(key); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); return ScalarLogical( /* FIXME: sig is not const in RSA_verify - that is odd so in theory in may modify sig ... */ (RSA_verify(type, (const unsigned char*) RAW(what), LENGTH(what), (unsigned char *) RAW(sig), LENGTH(sig), rsa) == 1) ? TRUE : FALSE); } SEXP PKI_load_private_RSA(SEXP what, SEXP sPassword) { EVP_PKEY *key = 0; BIO *bio_mem; if (TYPEOF(sPassword) != STRSXP || LENGTH(sPassword) != 1) Rf_error("Password must be a string"); PKI_init(); if (TYPEOF(what) == RAWSXP) { /* assuming binary DER format */ RSA *rsa = 0; const unsigned char *ptr; ptr = (const unsigned char *) RAW(what); rsa = d2i_RSAPrivateKey(&rsa, &ptr, LENGTH(what)); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); key = EVP_PKEY_new(); EVP_PKEY_assign_RSA(key, rsa); } else if (TYPEOF(what) == STRSXP && LENGTH(what)) { SEXP b64Key = STRING_ELT(what, 0); bio_mem = BIO_new_mem_buf((void *) CHAR(b64Key), -1); key = PEM_read_bio_PrivateKey(bio_mem, 0, 0, (void*) CHAR(STRING_ELT(sPassword, 0))); BIO_free(bio_mem); if (!key) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); } else Rf_error("Private key must be a character or raw vector"); return wrap_EVP_PKEY(key, PKI_KT_PRIVATE); } SEXP PKI_load_public_RSA(SEXP what) { EVP_PKEY *key; RSA *rsa = 0; const unsigned char *ptr; if (TYPEOF(what) != RAWSXP) Rf_error("key must be a raw vector"); PKI_init(); ptr = (const unsigned char *) RAW(what); rsa = d2i_RSA_PUBKEY(&rsa, &ptr, LENGTH(what)); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); key = EVP_PKEY_new(); EVP_PKEY_assign_RSA(key, rsa); return wrap_EVP_PKEY(key, PKI_KT_PUBLIC); } SEXP PKI_RSAkeygen(SEXP sBits) { EVP_PKEY *key; RSA *rsa; int bits = asInteger(sBits); if (bits < 512) Rf_error("invalid key size"); PKI_init(); #if OPENSSL_VERSION_NUMBER < 0x10100000L rsa = RSA_generate_key(bits, 65537, 0, 0); if (!rsa) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); #else /* How to make simple things really complicated ... */ rsa = RSA_new(); if (!rsa) Rf_error("cannot allocate RSA key: %s", ERR_error_string(ERR_get_error(), NULL)); { BIGNUM *e = BN_new(); if (!e) { RSA_free(rsa); Rf_error("cannot allocate exponent: %s", ERR_error_string(ERR_get_error(), NULL)); } BN_set_word(e, 65537); if (RSA_generate_key_ex(rsa, bits, e, NULL) <= 0) { BN_free(e); RSA_free(rsa); Rf_error("cannot generate key: %s", ERR_error_string(ERR_get_error(), NULL)); } BN_free(e); } #endif key = EVP_PKEY_new(); EVP_PKEY_assign_RSA(key, rsa); return wrap_EVP_PKEY(key, PKI_KT_PRIVATE | PKI_KT_PUBLIC); } SEXP PKI_random(SEXP sBytes) { int len = asInteger(sBytes); SEXP res; if (len < 0) Rf_error("invalid number of bytes requested - must be 0 .. 2^32-1"); res = allocVector(RAWSXP, len); PKI_init(); if (!RAND_bytes((unsigned char*) RAW(res), len)) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); return res; } #if 0 /* FIXME: this requires openssl 1.0 or higher - not acceptable at this point */ #define PKI_MD5 1 #define PKI_SHA1 2 #define PKI_SHA256 3 #define PKI_PKCS1 1 /*#define PKI_ */ SEXP PKI_sign(SEXP what, SEXP sKey, SEXP sMD, SEXP sPad) { SEXP res; EVP_PKEY *key; EVP_PKEY_CTX *ctx; int mdt, padt, r; size_t sl; if (TYPEOF(what) != RAWSXP) Rf_error("invalid payload to sign - must be a raw vector"); if (!inherits(sKey, "private.key")) Rf_error("key must be RSA private key"); PKI_init(); mdt = asInteger(sMD); padt = asInteger(sPad); key = (EVP_PKEY*) R_ExternalPtrAddr(sKey); if (!key) Rf_error("NULL key"); ctx = EVP_PKEY_CTX_new(key); if (!ctx || EVP_PKEY_sign_init(ctx) <= 0) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); switch (padt) { case PKI_PKCS1: default: r = EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING); } if (r <= 0) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); switch (mdt) { case PKI_MD5: r = EVP_PKEY_CTX_set_signature_md(ctx, EVP_md5()); break; case PKI_SHA1: r = EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha1()); break; default: case PKI_SHA256: r = EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()); break; } if (r <= 0) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); sl = sizeof(buf); if (EVP_PKEY_sign(ctx, buf, &sl, (const unsigned char*) RAW(what), LENGTH(what)) <= 0) Rf_error("%s", ERR_error_string(ERR_get_error(), NULL)); res = allocVector(RAWSXP, sl); memcpy(RAW(res), buf, sl); EVP_PKEY_CTX_free(ctx); return res; } #endif /* Return the Subject of an X509 Certificate by wrapping the OpenSSL X509_get_subject_name() function. */ SEXP PKI_get_subject(SEXP sCert) { SEXP res; X509 *cert; BIO *mem = BIO_new(BIO_s_mem()); long len; char *txt = 0; PKI_init(); cert = retrieve_cert(sCert, ""); if (X509_NAME_print_ex(mem, X509_get_subject_name(cert), 0, (XN_FLAG_ONELINE | ASN1_STRFLGS_UTF8_CONVERT) & ~ASN1_STRFLGS_ESC_MSB) < 0) { BIO_free(mem); Rf_error("X509_NAME_print_ex failed with %s", ERR_error_string(ERR_get_error(), NULL)); } len = BIO_get_mem_data(mem, &txt); if (len < 0) { BIO_free(mem); Rf_error("cannot get memory buffer, %s", ERR_error_string(ERR_get_error(), NULL)); } res = PROTECT(allocVector(STRSXP, 1)); SET_STRING_ELT(res, 0, mkCharLenCE(txt, len, CE_UTF8)); UNPROTECT(1); BIO_free(mem); return res; } PKI/src/Makevars.in0000644000176000001440000000005013157014371013612 0ustar ripleyusersPKG_CPPFLAGS=@CPPFLAGS@ PKG_LIBS=@LIBS@ PKI/src/tools.c0000644000176000001440000000270313157014371013024 0ustar ripleyusers#include #include static char stbuf[1024]; static const char hex1[] = "0123456789abcdef"; static const char hex2[] = "0123456789ABCDEF"; SEXP PKI_raw2hex(SEXP sRaw, SEXP sSep, SEXP sUpp) { int upp = asInteger(sUpp) == 1, n, i, sl; const char *sep = 0; char *buf, *bp; unsigned char *data; const char *hex = upp ? hex2 : hex1; SEXP tmp = R_NilValue, res; if (TYPEOF(sRaw) != RAWSXP) Rf_error("input must be a raw vector"); if (TYPEOF(sSep) == STRSXP) { if (LENGTH(sSep) != 1) Rf_error("sep must be a single string"); sep = CHAR(STRING_ELT(sSep, 0)); } else if (sSep != R_NilValue) Rf_error("sep must be a single string"); n = LENGTH(sRaw); data = (unsigned char *) RAW(sRaw); if (!sep) { res = allocVector(STRSXP, n); PROTECT(res); for (i = 0; i < n; i++) { char hv[3]; hv[0] = hex[data[i] >> 4]; hv[1] = hex[data[i] & 15]; hv[2] = 0; SET_STRING_ELT(res, i, mkChar(hv)); } UNPROTECT(1); return res; } sl = strlen(sep); if (n * (2 + sl) + 1 > sizeof(buf)) { tmp = PROTECT(allocVector(RAWSXP, n * (2 + sl) + 2)); buf = (char*) RAW(tmp); } else buf = stbuf; bp = buf; for (i = 0; i < n; i++) { const char *sp = sep; *(buf++) = hex[data[i] >> 4]; *(buf++) = hex[data[i] & 15]; if (i + 1 < n) while (*sp) *(buf++) = *(sp++); } *buf = 0; res = mkString(bp); if (tmp != R_NilValue) UNPROTECT(1); return res; } PKI/src/Makevars.win0000644000176000001440000000030413157014371014003 0ustar ripleyusersifeq ($(WIN),64) PKG_LIBS = -Lwin64 -lssl -lcrypto -lws2_32 -lgdi32 -lcrypt32 PKG_CPPFLAGS = -Iwin64 else PKG_LIBS = -Lwin32 -lssl -lcrypto -lws2_32 -lgdi32 -lcrypt32 PKG_CPPFLAGS = -Iwin32 endif PKI/src/init.c0000644000176000001440000000031213157014371012621 0ustar ripleyusers#include "pki.h" static int ssl_needs_init = 1; void PKI_init() { if (ssl_needs_init) { SSL_library_init(); SSL_load_error_strings(); OpenSSL_add_all_algorithms(); ssl_needs_init = 0; } } PKI/src/pki.h0000644000176000001440000000146413157014371012457 0ustar ripleyusers#if __APPLE__ #include /* Apple has deprecated OpenSSL so it is all warnings - we just get rid of those */ #ifdef DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER #undef DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER #define DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER #endif #endif #include #include #include #include #include #include #include #include #if __APPLE__ #if defined MAC_OS_X_VERSION_10_7 && MAC_OS_X_VERSION_MIN_REQUIRED >= 1070 /* use accelerated crypto on OS X instead of OpenSSL crypto */ #include #undef SHA1 #define SHA1 CC_SHA1 #undef SHA256 #define SHA256 CC_SHA256 #undef MD5 #define MD5 CC_MD5 #endif #endif PKI/NAMESPACE0000644000176000001440000000120113157014362012140 0ustar ripleyusersuseDynLib(PKI, PKI_load_DER_X509, PKI_verify_cert, PKI_cert_public_key, PKI_encrypt, PKI_decrypt, PKI_load_private_RSA, PKI_load_public_RSA, PKI_RSAkeygen, PKI_sign_RSA, PKI_verify_RSA, PKI_digest, PKI_extract_key, PKI_raw2hex, encode_ASN1, decode_ASN1, PKI_asBIGNUMint, PKI_get_subject, PKI_random) export(PKI.load.cert, PKI.verifyCA, PKI.verify, PKI.sign, PKI.pubkey, PKI.encrypt, PKI.decrypt, PKI.genRSAkey, PKI.digest, PKI.save.key, PKI.load.key, raw2hex, ASN1.encode, ASN1.decode, ASN1.item, ASN1.type, as.BIGNUMint, PKI.mkRSApubkey, PKI.load.OpenSSH.pubkey, PKI.sign.tar, PKI.verify.tar, PKI.get.subject, PKI.random) import(base64enc) PKI/NEWS0000644000176000001440000000502513021336216011423 0ustar ripleyusersNEWS for PKI package 0.1-5 (under development) o use configure/autoconf o macOS: fetch OpenSSL headers from Apple if not available in the SDK 0.1-4 o add support for explicit setting of initialization vectors (iv) in PKI.encrypt() and PKI.decrypt() for ciphers that support it. (see #16) o add PKI.random() for generating cryptographically strong random bytes which can be used for keys, IVs, seeds etc. o adapt to API changes in OpenSSL 1.1 (see also PR#18) 0.1-3 2015-07-28 o fixed crash when loading private keys introduced by PR#1 in (unreleased) 0.1-2 and bring back the ability to directly read "DER"-encoded private RSA keys. o fix detection of PKCS#8 encrypted private keys in PEM format 0.1-2 (not released) o add "DER" format option to PKI.load.cert() o allow key in PKI.verify to be a certificate (which will be passed to PKI.pubkey() internally) o add experimental signing/verification of tar files using PKI.sign.tar() and PKI.verify.tar() o add support for symmetric ciphers like AES in PKI.encrypt()/PKI.decrypt() o add support for retrieving the subject of a certificate via PKI.get.subject() [PR#2, thanks to Matt Jones] o add support for PKCS#8 private key format (RFC 5208) and sign/verify/digest using SHA256. [PR#1, thanks to Siddhartha Bagaria] o bugfix: key length was incorrectly checked when using symmetric ciphers so too short keys were accepted. o bugfix: if the last block was filled during encryption, the necessary additional padding block was not generated. (#8) o bugfix: some functions did not call PKI initialization. One manifestation was that error messages were cryptic until any X.509 function was called. (#9) 0.1-1 2013-02-19 o added PKI.load.key() and PKI.save.key() functions to load/save keys from/to PEM and DER formats IMPORTANT API NOTE: PKI.load.key() replaces the (unexported) function PKI.load.privkey() in the previous PKI version. o added support for OpenSSH public key format (as used in .ssh/authorized_keys files) as well as pure PKCS#1 and SSH2 PEMs o make PEM parsing more robust to support headers o added ASN.1 tools to parse and synthesize ASN.1 formatted objects - mostly for use in key format conversions o added as.BIGNUMint() for ASN.1 BIGNUM integer format conversion o added PKI.mkRSApubkey() to create RSA public keys from modulus and exponent alone o added raw2hex() function to convert raw hashes into string format 0.1-0 2012-11-05 o first public release PKI/R/0000755000176000001440000000000013021336216011123 5ustar ripleyusersPKI/R/digest.R0000644000176000001440000000031613021336216012525 0ustar ripleyusersPKI.digest <- function(what, hash=c("SHA1", "SHA256", "MD5")) { hash <- pmatch(hash, c("SHA1", "SHA256", "MD5"))[1] if (is.na(hash)) stop("invalid hash specification") .Call(PKI_digest, what, hash) } PKI/R/rsa.R0000644000176000001440000001700013021336216012031 0ustar ripleyusers## Notes on key formats: ## ## PKCS#1: (BEGIN RSA PUBLIC KEY) - RFC 3447 ## public key : ASN.1 SEQ(modulus (n) INT, publicExponent (e) INT) ## private key: ver, n, e, d, p, q, d mod (p-1), d mod (q-1), (inv q) mod p [,other primes] ## ## PKCS#8: (BEGIN PUBLIC KEY) - RFC 5208 ## ## X.509 SubjectPublicKeyInfo (BEGIN PUBLIC KEY) - RFC 1422 ## SEQ(AlgorithmIdentifier:SEQ(OID, param[NULL]), BIT-STR(key - as defined in PKCS#1)) ## ## SSH2: (BEGIN SSH2 PUBLIC KEY) - RFC 4716 ## int32 n, char[n] type "ssh-rsa", int32 n, byte[n] exponent, int32 n, byte[n] modulus (all big-endian) ## OpenSSH uses same format but on one line with 'ssh-rsa ' prefix ## pkcs-1 1 OID: iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 ## (pkcs-1 1) = rsaEncryption (RFC 3447) --- for use in SubjectPublicKeyInfo oid.pkcs.1.rsaEncryption <- as.raw(c(0x2a,0x86,0x48,0x86,0xf7,0x0d,1,1,1)) PKI.load.key <- function(what, format=c("PEM", "DER"), private, file, password="") { if (!missing(file) && !missing(what)) stop("what and file are mutually exclusive") format <- match.arg(format) if (missing(private)) private <- NA either <- (length(private) > 0) && isTRUE(all(is.na(private))) private <- isTRUE(private) bin <- isTRUE(format == "DER") if (!missing(file)) { what <- con <- file(file, if (bin) "rb" else "r") on.exit(close(con)) } if (inherits(what, "connection")) what <- if (bin) readBin(what, raw(), 65536L) else readLines(what) if (is.character(what)) { ## remove any lines containing : or ending in \ which are headers rm.ln <- which(grepl(":", what, fixed=TRUE) | grepl("\\\\$", what)) if (length(rm.ln)) what <- what[-rm.ln] if (either || private) { ## Check if this is a private key. i <- grep("-BEGIN (RSA |ENCRYPTED )?PRIVATE KEY-", what) j <- grep("-END (RSA |ENCRYPTED )?PRIVATE KEY-", what) if (length(i) >= 1L && length(j) >= 1L && i[1] < j[1]) { ## PEM_read_bio_PrivateKey method takes the base64 encoding with the header. what <- paste(what[i:j], collapse='\n') private <- TRUE } else { if (private) stop("cannot find RSA private key in PEM format") } } if (!private) { i <- grep("-BEGIN PUBLIC KEY-", what, fixed=TRUE) j <- grep("-END PUBLIC KEY-", what, fixed=TRUE) if (length(i) >= 1L && length(j) >= 1L && i[1] < j[1]) what <- base64enc::base64decode(what[(i + 1L):(j - 1L)]) else { ## also support PKCS#1 format i <- grep("-BEGIN RSA PUBLIC KEY-", what, fixed=TRUE) j <- grep("-END RSA PUBLIC KEY-", what, fixed=TRUE) if (length(i) >= 1L && length(j) >= 1L && i[1] < j[1]) { what <- base64enc::base64decode(what[(i + 1L):(j - 1L)]) # wrap the PKCS#1 in X.509 SubjectPublicKeyInfo what <- ASN1.encode(list(list(ASN1.item(oid.pkcs.1.rsaEncryption, 6L), ASN1.item(raw(0), 5L)), ASN1.item(what, 3L))) } else { ## also support SSH2 format i <- grep("-- BEGIN SSH2 PUBLIC KEY --", what, fixed=TRUE) j <- grep("-- END SSH2 PUBLIC KEY --", what, fixed=TRUE) if (length(i) >= 1L && length(j) >= 1L && i[1] < j[1]) return(PKI.decode.SSH2(base64enc::base64decode(what[(i + 1L):(j - 1L)]), "key", FALSE)) else { if (either) stop("cannot find either public or private RSA key in PEM format") else stop("cannot find public RSA key in PEM format") } } } } } if (private) .Call(PKI_load_private_RSA, what, password) else .Call(PKI_load_public_RSA, what) } PKI.save.key <- function(key, format=c("PEM", "DER"), private=NA, target) { der <- .Call(PKI_extract_key, key, private) format <- match.arg(format) if (isTRUE(format == "PEM")) { guard <- if (inherits(der, "public.key.DER")) c("-----BEGIN PUBLIC KEY-----","-----END PUBLIC KEY-----") else c("-----BEGIN RSA PRIVATE KEY-----", "-----END RSA PRIVATE KEY-----") pem <- c(guard[1], base64enc::base64encode(der, 64), guard[2]) if (!missing(target)) { if (is.character(target)) { target <- file(target, "w") on.exit(close(target)) } if (inherits(target, "connection")) writeLines(pem, target) } return (pem) } if (!missing(target)) { if (is.character(target)) { target <- file(target, "wb") on.exit(close(target)) } if (inherits(target, "connection")) writeBin(der, target) } return (der) } PKI.genRSAkey <- function(bits=2048L) .Call(PKI_RSAkeygen, bits) PKI.sign <- function(what, key, hash=c("SHA1", "SHA256", "MD5"), digest) { if (!missing(digest) && !missing(what)) stop("what and digest are mutually exclusive") if (missing(digest)) digest <- PKI.digest(what, hash) hash <- pmatch(hash, c("SHA1", "SHA256", "MD5"))[1] if (is.na(hash)) stop("invalid hash specification") .Call(PKI_sign_RSA, digest, hash, key) } PKI.verify <- function(what, signature, key, hash=c("SHA1", "SHA256", "MD5"), digest) { if (inherits(key, "X509cert")) key <- PKI.pubkey(key) if (!missing(digest) && !missing(what)) stop("what and digest are mutually exclusive") if (missing(digest)) digest <- PKI.digest(what, hash) hash <- pmatch(hash, c("SHA1", "SHA256", "MD5"))[1] if (is.na(hash)) stop("invalid hash specification") .Call(PKI_verify_RSA, digest, hash, key, signature) } PKI.mkRSApubkey <- function(modulus, exponent=65537L, format = c("DER", "PEM", "key")) { format <- match.arg(format) if (inherits(modulus, "bigz") || !is.raw(modulus)) modulus <- as.BIGNUMint(modulus) if (inherits(exponent, "bigz") || !is.raw(exponent)) exponent <- as.BIGNUMint(exponent) der <- ASN1.encode(list(list(ASN1.item(oid.pkcs.1.rsaEncryption, 6L), ASN1.item(raw(0), 5L)), ASN1.item(ASN1.encode(list(ASN1.item(modulus, 2L), ASN1.item(exponent, 2L))), 3L))) if (format == "DER") return(der) if (format == "PEM") return(c("-----BEGIN PUBLIC KEY-----", base64enc::base64encode(der, 64), "-----END PUBLIC KEY-----")) .Call(PKI_load_public_RSA, der) } ## not exported - decode raw vector containg ssh-rsa key PKI.decode.SSH2 <- function(what, format, silent=TRUE) { c <- rawConnection(what, "rb") l <- readBin(c, 1L, endian="big") s <- rawToChar(readBin(c, raw(), l)) if (!isTRUE(s == "ssh-rsa")) { if (isTRUE(silent)) return(NULL) stop("unsupported SSH2 public key - expected ssh-rsa, found ", s) } l <- readBin(c, 1L, endian="big") exp <- readBin(c, raw(), l) l <- readBin(c, 1L, endian="big") mod <- readBin(c, raw(), l) close(c) PKI.mkRSApubkey(mod, exp, format=format) } PKI.load.OpenSSH.pubkey <- function(what, first=TRUE, format = c("DER", "PEM", "key")) { format <- match.arg(format) if (inherits(what, "connection")) what <- readLines(what) what <- what[grep("^ssh-rsa ", what)] if (length(what)) { if (isTRUE(first) && length(what) > 1L) what <- what[1L] keys <- lapply(strsplit(what, " "), function(ln) PKI.decode.SSH2(base64enc::base64decode(ln[2]), format)) if (isTRUE(first)) keys[[1]] else keys } else list() } PKI/R/asn1.R0000644000176000001440000000052013021336216012105 0ustar ripleyusersASN1.decode <- function(what) .Call(decode_ASN1, what) ASN1.encode <- function(what) .Call(encode_ASN1, what) ASN1.item <- function(what, type) { what <- as.raw(what) attr(what, "type") <- type what } ASN1.type <- function(what) attr(what, "type") as.BIGNUMint <- function(what, scalar=TRUE) .Call(PKI_asBIGNUMint, what, scalar) PKI/R/tools.R0000644000176000001440000000023713021336216012410 0ustar ripleyusersraw2hex <- function(what, sep, upper=FALSE) .Call(PKI_raw2hex, what, if (missing(sep)) NULL else sep, upper) PKI.random <- function(n) .Call(PKI_random, n) PKI/R/signR.R0000644000176000001440000001207313021336216012333 0ustar ripleyusers# tar one regular file from raw payload tar1 <- function(name, what, mode=0x180) { size <- length(what) header <- raw(512L) fn <- charToRaw(name) header[seq_along(fn)] <- fn header[101:107] <- charToRaw(sprintf("%07o", mode)) header[137:147] <- charToRaw(sprintf("%011o", as.integer(Sys.time()))) header[157L] <- charToRaw("0") # regular file header[125:135] <- charToRaw(sprintf("%011o", as.integer(size))) header[149:156] <- charToRaw(" ") checksum <- sum(as.integer(header))%%2^24 header[149:154] <- charToRaw(sprintf("%06o", as.integer(checksum))) header[155L] <- as.raw(0L) bsize <- ceiling(size / 512L) * 512L padding <- raw(bsize - size) c(header, what, padding) } chunk <- 4194304L ## 4Mb .. as good as any value ... PKI.sign.tar <- function(tarfile, key, certificate, output=tarfile) { io <- file file <- file(tarfile, "rb") on.exit(if (!is.null(file)) close(file)) magic <- readBin(file, raw(), n = 3) if (all(magic[1:2] == c(31, 139)) || all(magic[1:2] == c(31, 157))) io <- gzfile else if (rawToChar(magic[1:3]) == "BZh") io <- bzfile else if (rawToChar(magic[1:5]) == "\xfd7zXZ") io <- xzfile close(file) file <- NULL file <- io(tarfile, "rb") payload <- raw(0) while (length(r <- readBin(file, raw(), chunk))) payload <- c(payload, r) close(file) # FIXME: if we want the .signature to be visible, we need to strip padding to inject new file ! file <- NULL sign <- PKI.sign(payload, key, "SHA1") ## SEQ(BIT STREAM sig, subjectPubKeyInfo[if not cert], cert[optional, if present]) a <- if (missing(certificate)) ASN1.encode(list(ASN1.item(sign, 3L), ASN1.decode(PKI.save.key(key, "DER", FALSE)))) else ASN1.encode(list(ASN1.item(sign, 3L), ASN1.item(raw(0), 0L), ASN1.decode(attr(certificate, "crt.DER")))) payload <- c(payload, tar1(".signature", a), as.raw(rep(0L, 1024L))) if (inherits(output, "connection")) { writeBin(payload, output) return(invisible(output)) } if (is.raw(output)) return(payload) file <- io(as.character(output), "wb") writeBin(payload, file) close(file) file <- NULL invisible(output) } PKI.verify.tar <- function(tarfile, key, silent = FALSE, enforce.cert = FALSE) { if (is.raw(tarfile)) payload <- tarfile else { io <- file file <- file(tarfile, "rb") on.exit(if (!is.null(file)) close(file)) magic <- readBin(file, raw(), n = 3) if (all(magic[1:2] == c(31, 139)) || all(magic[1:2] == c(31, 157))) io <- gzfile else if (rawToChar(magic[1:3]) == "BZh") io <- bzfile else if (rawToChar(magic[1:5]) == "\xfd7zXZ") io <- xzfile close(file) file <- NULL file <- io(tarfile, "rb") payload <- raw(0) while (length(r <- readBin(file, raw(), chunk))) payload <- c(payload, r) if (length(payload) < 1024L) stop("invalid tar format") close(file) file <- NULL } fn <- c(charToRaw(".signature"), raw(1)) i <- length(payload) - 511L n <- length(fn) - 1L while (i > 0L) { if (identical(payload[seq.int(i, i + n)], fn)) break i <- i - 512L } if (i < 1L) { if (!silent) warning("no signature found") return(FALSE) } asn <- try(ASN1.decode(payload[seq.int(i + 512L, length(payload))]), silent=TRUE) if (!is.list(asn) || length(asn) < 2L || ASN1.type(asn[[1]]) != 3L) { if (!silent) warning("bad signature format") return(FALSE) } sig.key <- NULL sig.cert <- NULL if (is.list(asn[[2]]) && length(asn[[2]]) == 2L) { ## no certificate, jsut a key der <- ASN1.encode(asn[[2]]) ## encode back to DER sig.key <- try(PKI.load.key(der, "DER", FALSE), silent=TRUE) if (!inherits(sig.key, "public.key")) sig.key <- NULL } else if (length(asn) > 2L && identical(ASN1.type(asn[[3]]), 3L)) { ## certificate sig.cert <- try(PKI.load.cert(asn[[3]], "DER"), silent=TRUE) if (!inherits(sig.cert, "X509cert")) sig.cert <- NULL else sig.key <- PKI.pubkey(sig.cert) } if (missing(key)) { if (is.null(sig.key)) { if (!silent) warning("no key supplied and no valid key or certificate in the signature") return(FALSE) } else key <- sig.key } if (!identical(enforce.cert, FALSE) && is.null(sig.cert)) { if (!silent) warning("certificate required but no certificate found") return(FALSE) } res <- PKI.verify(payload[seq.int(1L, i - 1L)], asn[[1]], key) if (enforce.cert) { if (inherits(enforce.cert, "X509cert")) { key1 <- PKI.save.key(PKI.pubkey(enforce.cert), "DER", FALSE) key2 <- PKI.save.key(key, "DER", FALSE) if (!identical(key1, key2)) { if (!silent) warning("signed by a different certificate") return (FALSE) } } if (!isTRUE(res)) FALSE else sig.cert } else res } PKI/R/crypt.R0000644000176000001440000000031713021336216012410 0ustar ripleyusersPKI.encrypt <- function(what, key, cipher = NULL, iv = NULL) .Call(PKI_encrypt, what, key, cipher, iv) PKI.decrypt <- function(what, key, cipher = NULL, iv = NULL) .Call(PKI_decrypt, what, key, cipher, iv) PKI/R/x509.R0000644000176000001440000000216013021336216011752 0ustar ripleyusersPKI.load.cert <- function(what, format = c("PEM", "DER"), file) { format <- match.arg(format) if (!missing(file) && !missing(what)) stop("what and file are mutually exclusive") binary <- isTRUE(format == "DER") if (!missing(file)) { what <- con <- file(file, if (binary) "rb" else "r") on.exit(close(con)) } if (inherits(what, "connection")) what <- if (binary) readBin(what, raw(), chunk) else readLines(what) if (is.character(what)) { if (binary) stop("DER format selected but input is text") i <- grep("-BEGIN CERTIFICATE-", what, fixed=TRUE) j <- grep("-END CERTIFICATE-", what, fixed=TRUE) if (length(i) >= 1L && length(j) >= 1L && i[1] < j[1]) what <- base64enc::base64decode(what[(i + 1L):(j - 1L)]) else stop("invalid PEM format") } .Call(PKI_load_DER_X509, what) } PKI.verifyCA <- function(certificate, ca) .Call(PKI_verify_cert, ca, certificate) PKI.pubkey <- function(certificate) .Call(PKI_cert_public_key, certificate) PKI.get.subject <- function(certificate) .Call(PKI_get_subject, certificate) PKI/MD50000644000176000001440000000316513157174760011255 0ustar ripleyusers33b161d335577867c1f2d44c67983acc *DESCRIPTION a4b346ec6e50330e73bda3a31662085c *LICENSE 748a5d7286506392c3bf85849684a67d *NAMESPACE 38f340ea155be4a33dd6d9e2b37a4b2f *NEWS 218b75ce9b65515f04a6d8719d1b8f2b *R/asn1.R a291e19951c99df7b2576753215d6aee *R/crypt.R 069f949d073013b70c6b480a05bd8cd5 *R/digest.R b27de1c71e49a6b73c94a657c3cf206d *R/rsa.R 72dc3476824bc7ee02be15609495c81b *R/signR.R 307948c9368d96cd16be15ec7ae37f01 *R/tools.R 198341bc088bf8edba5d66b498e52a62 *R/x509.R dbd3e7bf71c146dbb0d02269f299e69e *configure 97fd2f784017e5556bc27f4d6474dd86 *configure.ac a0d9bc9f205fc694b10f962a55384a55 *configure.win 1d72c8874de6b2a53f53e4b6916549dd *inst/certs/RForge-ca.crt a405701f7a6b2e958f5d3947dbe02f79 *inst/certs/demo.crt f0cd0d0038a86b27e787d8d34c0ffd7a *man/ASN1.Rd 436fc5111af4beb58c0614dfbd03eb89 *man/BIGNUMint.Rd 383f8fed8d8bbcc84c06d2bfaf90c860 *man/PKI.crypt.Rd 40b718a0ebfb85061734f2a9bd979d8c *man/PKI.digest.Rd a58d719c5a7a96e756ab13031baa883c *man/PKI.random.Rd 1fb482aca66e82f8e114844fc02e5bd8 *man/PKI.sign.Rd 7653544b61c4e714b3dde2b07f195c67 *man/PKI.sign.tar.Rd 71fbfd74e9a138e69e973d098bc7258b *man/RSA.Rd cffd4226fcb5e4d9857529b8ca8970a8 *man/X509.Rd 16ac0bff82bbf64f9f645f1fb38748cc *man/raw2hex.Rd c733862ac29e8bbd01a49b5ac7d4a780 *src/Makevars.in 31e24ed30aca5770049f49f2826f40ef *src/Makevars.win 932703b95d58b51c6071f4751322b826 *src/asn1.c bb179c477eed3a0b7215c25eb2b6c428 *src/config.h.in f986a70575a603c35a5380f4b6bc9a62 *src/init.c bcec0bef10c99f61e11029c87fb762e6 *src/pki-x509.c ffa20cbbc6168e286bd1f5f76a25e7ea *src/pki.h 2caab0c4ad91f0a16e717f3a7d38415e *src/register.c 660d044dbb4caa6969a1d590ce31631f *src/tools.c PKI/DESCRIPTION0000644000176000001440000000122013157174760012441 0ustar ripleyusersPackage: PKI Version: 0.1-5.1 Title: Public Key Infrastucture for R Based on the X.509 Standard Author: Simon Urbanek Maintainer: Simon Urbanek Depends: R (>= 2.9.0), base64enc Enhances: gmp Description: PKI functions such as verifying certificates, RSA encription and signing which can be used to build PKI infrastructure and perform cryptographic tasks. License: GPL-2 | GPL-3 | file LICENSE URL: http://www.rforge.net/PKI SystemRequirements: OpenSSL library and headers NeedsCompilation: yes Packaged: 2017-09-15 18:16:25 UTC; ripley Repository: CRAN Date/Publication: 2017-09-16 10:16:16 UTC PKI/configure0000755000176000001440000041512013157014371012641 0ustar ripleyusers#! /bin/sh # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.69 for PKI 0.1. # # Report bugs to . # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # Use a proper internal environment variable to ensure we don't fall # into an infinite loop, continuously re-executing ourselves. if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then _as_can_reexec=no; export _as_can_reexec; # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 as_fn_exit 255 fi # We don't want this to propagate to other subprocesses. { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST else case \`(set -o) 2>/dev/null\` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi " as_required="as_fn_return () { (exit \$1); } as_fn_success () { as_fn_return 0; } as_fn_failure () { as_fn_return 1; } as_fn_ret_success () { return 0; } as_fn_ret_failure () { return 1; } exitcode=0 as_fn_success || { exitcode=1; echo as_fn_success failed.; } as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : else exitcode=1; echo positional parameters were not saved. fi test x\$exitcode = x0 || exit 1 test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 test \$(( 1 + 1 )) = 2 || exit 1" if (eval "$as_required") 2>/dev/null; then : as_have_required=yes else as_have_required=no fi if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR as_found=false for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. as_found=: case $as_dir in #( /*) for as_base in sh bash ksh sh5; do # Try only shells that exist, to save several forks. as_shell=$as_dir/$as_base if { test -f "$as_shell" || test -f "$as_shell.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : CONFIG_SHELL=$as_shell as_have_required=yes if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : break 2 fi fi done;; esac as_found=false done $as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : CONFIG_SHELL=$SHELL as_have_required=yes fi; } IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : export CONFIG_SHELL # We cannot yet assume a decent shell, so we have to provide a # neutralization value for shells without unset; and this also # works around shells that cannot unset nonexistent variables. # Preserve -v and -x to the replacement shell. BASH_ENV=/dev/null ENV=/dev/null (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV case $- in # (((( *v*x* | *x*v* ) as_opts=-vx ;; *v* ) as_opts=-v ;; *x* ) as_opts=-x ;; * ) as_opts= ;; esac exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} # Admittedly, this is quite paranoid, since all the known shells bail # out after a failed `exec'. $as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 exit 255 fi if test x$as_have_required = xno; then : $as_echo "$0: This script requires a shell more modern than all" $as_echo "$0: the shells that I found on your system." if test x${ZSH_VERSION+set} = xset ; then $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" $as_echo "$0: be upgraded to zsh 4.3.4 or later." else $as_echo "$0: Please tell bug-autoconf@gnu.org and $0: Simon.Urbanek@r-project.org about your system, $0: including any error possibly output before this $0: message. Then install a modern shell, or manually run $0: the script under such a shell if you do have one." fi exit 1 fi fi fi SHELL=${CONFIG_SHELL-/bin/sh} export SHELL # Unset more variables known to interfere with behavior of common tools. CLICOLOR_FORCE= GREP_OPTIONS= unset CLICOLOR_FORCE GREP_OPTIONS ## --------------------- ## ## M4sh Shell Functions. ## ## --------------------- ## # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits as_lineno_1=$LINENO as_lineno_1a=$LINENO as_lineno_2=$LINENO as_lineno_2a=$LINENO eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) sed -n ' p /[$]LINENO/= ' <$as_myself | sed ' s/[$]LINENO.*/&-/ t lineno b :lineno N :loop s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ t loop s/-\n.*// ' >$as_me.lineno && chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } # If we had to re-execute with $CONFIG_SHELL, we're ensured to have # already done that, so ensure we don't try to do so again and fall # in an infinite loop. This has already happened in practice. _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). . "./$as_me.lineno" # Exit status is that of the last command. exit } ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" test -n "$DJDIR" || exec 7<&0 &1 # Name of the host. # hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, # so uname gets run too. ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` # # Initializations. # ac_default_prefix=/usr/local ac_clean_files= ac_config_libobj_dir=. LIBOBJS= cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= # Identity of this package. PACKAGE_NAME='PKI' PACKAGE_TARNAME='pki' PACKAGE_VERSION='0.1' PACKAGE_STRING='PKI 0.1' PACKAGE_BUGREPORT='Simon.Urbanek@r-project.org' PACKAGE_URL='' ac_unique_file="src/pki.h" # Factoring default headers for most tests. ac_includes_default="\ #include #ifdef HAVE_SYS_TYPES_H # include #endif #ifdef HAVE_SYS_STAT_H # include #endif #ifdef STDC_HEADERS # include # include #else # ifdef HAVE_STDLIB_H # include # endif #endif #ifdef HAVE_STRING_H # if !defined STDC_HEADERS && defined HAVE_MEMORY_H # include # endif # include #endif #ifdef HAVE_STRINGS_H # include #endif #ifdef HAVE_INTTYPES_H # include #endif #ifdef HAVE_STDINT_H # include #endif #ifdef HAVE_UNISTD_H # include #endif" ac_subst_vars='LTLIBOBJS LIBOBJS EGREP GREP CPP OBJEXT EXEEXT ac_ct_CC CPPFLAGS LDFLAGS CFLAGS CC PKG_LIBS PKG_CPPFLAGS OPENSSL_INCLUDES R_HOME target_alias host_alias build_alias LIBS ECHO_T ECHO_N ECHO_C DEFS mandir localedir libdir psdir pdfdir dvidir htmldir infodir docdir oldincludedir includedir localstatedir sharedstatedir sysconfdir datadir datarootdir libexecdir sbindir bindir program_transform_name prefix exec_prefix PACKAGE_URL PACKAGE_BUGREPORT PACKAGE_STRING PACKAGE_VERSION PACKAGE_TARNAME PACKAGE_NAME PATH_SEPARATOR SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking ' ac_precious_vars='build_alias host_alias target_alias OPENSSL_INCLUDES PKG_CPPFLAGS PKG_LIBS CC CFLAGS LDFLAGS LIBS CPPFLAGS CPP' # Initialize some variables set by options. ac_init_help= ac_init_version=false ac_unrecognized_opts= ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null exec_prefix=NONE no_create= no_recursion= prefix=NONE program_prefix=NONE program_suffix=NONE program_transform_name=s,x,x, silent= site= srcdir= verbose= x_includes=NONE x_libraries=NONE # Installation directory options. # These are left unexpanded so users can "make install exec_prefix=/foo" # and all the variables that are supposed to be based on exec_prefix # by default will actually change. # Use braces instead of parens because sh, perl, etc. also accept them. # (The list follows the same order as the GNU Coding Standards.) bindir='${exec_prefix}/bin' sbindir='${exec_prefix}/sbin' libexecdir='${exec_prefix}/libexec' datarootdir='${prefix}/share' datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' infodir='${datarootdir}/info' htmldir='${docdir}' dvidir='${docdir}' pdfdir='${docdir}' psdir='${docdir}' libdir='${exec_prefix}/lib' localedir='${datarootdir}/locale' mandir='${datarootdir}/man' ac_prev= ac_dashdash= for ac_option do # If the previous option needs an argument, assign it. if test -n "$ac_prev"; then eval $ac_prev=\$ac_option ac_prev= continue fi case $ac_option in *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; *=) ac_optarg= ;; *) ac_optarg=yes ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. case $ac_dashdash$ac_option in --) ac_dashdash=yes ;; -bindir | --bindir | --bindi | --bind | --bin | --bi) ac_prev=bindir ;; -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) bindir=$ac_optarg ;; -build | --build | --buil | --bui | --bu) ac_prev=build_alias ;; -build=* | --build=* | --buil=* | --bui=* | --bu=*) build_alias=$ac_optarg ;; -cache-file | --cache-file | --cache-fil | --cache-fi \ | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) ac_prev=cache_file ;; -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) cache_file=$ac_optarg ;; --config-cache | -C) cache_file=config.cache ;; -datadir | --datadir | --datadi | --datad) ac_prev=datadir ;; -datadir=* | --datadir=* | --datadi=* | --datad=*) datadir=$ac_optarg ;; -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ | --dataroo | --dataro | --datar) ac_prev=datarootdir ;; -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) datarootdir=$ac_optarg ;; -disable-* | --disable-*) ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) docdir=$ac_optarg ;; -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) ac_prev=dvidir ;; -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) dvidir=$ac_optarg ;; -enable-* | --enable-*) ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid feature name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "enable_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ | --exec | --exe | --ex) ac_prev=exec_prefix ;; -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ | --exec=* | --exe=* | --ex=*) exec_prefix=$ac_optarg ;; -gas | --gas | --ga | --g) # Obsolete; use --with-gas. with_gas=yes ;; -help | --help | --hel | --he | -h) ac_init_help=long ;; -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) ac_init_help=recursive ;; -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) ac_init_help=short ;; -host | --host | --hos | --ho) ac_prev=host_alias ;; -host=* | --host=* | --hos=* | --ho=*) host_alias=$ac_optarg ;; -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) ac_prev=htmldir ;; -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ | --ht=*) htmldir=$ac_optarg ;; -includedir | --includedir | --includedi | --included | --include \ | --includ | --inclu | --incl | --inc) ac_prev=includedir ;; -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ | --includ=* | --inclu=* | --incl=* | --inc=*) includedir=$ac_optarg ;; -infodir | --infodir | --infodi | --infod | --info | --inf) ac_prev=infodir ;; -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) infodir=$ac_optarg ;; -libdir | --libdir | --libdi | --libd) ac_prev=libdir ;; -libdir=* | --libdir=* | --libdi=* | --libd=*) libdir=$ac_optarg ;; -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ | --libexe | --libex | --libe) ac_prev=libexecdir ;; -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ | --libexe=* | --libex=* | --libe=*) libexecdir=$ac_optarg ;; -localedir | --localedir | --localedi | --localed | --locale) ac_prev=localedir ;; -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) localedir=$ac_optarg ;; -localstatedir | --localstatedir | --localstatedi | --localstated \ | --localstate | --localstat | --localsta | --localst | --locals) ac_prev=localstatedir ;; -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) localstatedir=$ac_optarg ;; -mandir | --mandir | --mandi | --mand | --man | --ma | --m) ac_prev=mandir ;; -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) mandir=$ac_optarg ;; -nfp | --nfp | --nf) # Obsolete; use --without-fp. with_fp=no ;; -no-create | --no-create | --no-creat | --no-crea | --no-cre \ | --no-cr | --no-c | -n) no_create=yes ;; -no-recursion | --no-recursion | --no-recursio | --no-recursi \ | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) no_recursion=yes ;; -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ | --oldin | --oldi | --old | --ol | --o) ac_prev=oldincludedir ;; -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) oldincludedir=$ac_optarg ;; -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) ac_prev=prefix ;; -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) prefix=$ac_optarg ;; -program-prefix | --program-prefix | --program-prefi | --program-pref \ | --program-pre | --program-pr | --program-p) ac_prev=program_prefix ;; -program-prefix=* | --program-prefix=* | --program-prefi=* \ | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) program_prefix=$ac_optarg ;; -program-suffix | --program-suffix | --program-suffi | --program-suff \ | --program-suf | --program-su | --program-s) ac_prev=program_suffix ;; -program-suffix=* | --program-suffix=* | --program-suffi=* \ | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) program_suffix=$ac_optarg ;; -program-transform-name | --program-transform-name \ | --program-transform-nam | --program-transform-na \ | --program-transform-n | --program-transform- \ | --program-transform | --program-transfor \ | --program-transfo | --program-transf \ | --program-trans | --program-tran \ | --progr-tra | --program-tr | --program-t) ac_prev=program_transform_name ;; -program-transform-name=* | --program-transform-name=* \ | --program-transform-nam=* | --program-transform-na=* \ | --program-transform-n=* | --program-transform-=* \ | --program-transform=* | --program-transfor=* \ | --program-transfo=* | --program-transf=* \ | --program-trans=* | --program-tran=* \ | --progr-tra=* | --program-tr=* | --program-t=*) program_transform_name=$ac_optarg ;; -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) ac_prev=pdfdir ;; -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) pdfdir=$ac_optarg ;; -psdir | --psdir | --psdi | --psd | --ps) ac_prev=psdir ;; -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) psdir=$ac_optarg ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | --sbi=* | --sb=*) sbindir=$ac_optarg ;; -sharedstatedir | --sharedstatedir | --sharedstatedi \ | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ | --sharedst | --shareds | --shared | --share | --shar \ | --sha | --sh) ac_prev=sharedstatedir ;; -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ | --sha=* | --sh=*) sharedstatedir=$ac_optarg ;; -site | --site | --sit) ac_prev=site ;; -site=* | --site=* | --sit=*) site=$ac_optarg ;; -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) ac_prev=srcdir ;; -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) srcdir=$ac_optarg ;; -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ | --syscon | --sysco | --sysc | --sys | --sy) ac_prev=sysconfdir ;; -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) sysconfdir=$ac_optarg ;; -target | --target | --targe | --targ | --tar | --ta | --t) ac_prev=target_alias ;; -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) target_alias=$ac_optarg ;; -v | -verbose | --verbose | --verbos | --verbo | --verb) verbose=yes ;; -version | --version | --versio | --versi | --vers | -V) ac_init_version=: ;; -with-* | --with-*) ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && as_fn_error $? "invalid package name: $ac_useropt" ac_useropt_orig=$ac_useropt ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` case $ac_user_opts in *" "with_$ac_useropt" "*) ;; *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" ac_unrecognized_sep=', ';; esac eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. with_x=yes ;; -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ | --x-incl | --x-inc | --x-in | --x-i) ac_prev=x_includes ;; -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) x_includes=$ac_optarg ;; -x-libraries | --x-libraries | --x-librarie | --x-librari \ | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) ac_prev=x_libraries ;; -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; -*) as_fn_error $? "unrecognized option: \`$ac_option' Try \`$0 --help' for more information" ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. case $ac_envvar in #( '' | [0-9]* | *[!_$as_cr_alnum]* ) as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; esac done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` as_fn_error $? "missing argument to $ac_option" fi if test -n "$ac_unrecognized_opts"; then case $enable_option_checking in no) ;; fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; esac fi # Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir do eval ac_val=\$$ac_var # Remove trailing slashes. case $ac_val in */ ) ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` eval $ac_var=\$ac_val;; esac # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' # used to hold the argument of --host etc. # FIXME: To remove some day. build=$build_alias host=$host_alias target=$target_alias # FIXME: To remove some day. if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi fi ac_tool_prefix= test -n "$host_alias" && ac_tool_prefix=$host_alias- test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. ac_confdir=`$as_dirname -- "$as_myself" || $as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_myself" : 'X\(//\)[^/]' \| \ X"$as_myself" : 'X\(//\)$' \| \ X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` srcdir=$ac_confdir if test ! -r "$srcdir/$ac_unique_file"; then srcdir=.. fi else ac_srcdir_defaulted=no fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then srcdir=. fi # Remove unnecessary trailing slashes from srcdir. # Double slashes in file names in object file debugging info # mess up M-x gdb in Emacs. case $srcdir in */) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; esac for ac_var in $ac_precious_vars; do eval ac_env_${ac_var}_set=\${${ac_var}+set} eval ac_env_${ac_var}_value=\$${ac_var} eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} eval ac_cv_env_${ac_var}_value=\$${ac_var} done # # Report the --help message. # if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF \`configure' configures PKI 0.1 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... To assign environment variables (e.g., CC, CFLAGS...), specify them as VAR=VALUE. See below for descriptions of some of the useful variables. Defaults for the options are specified in brackets. Configuration: -h, --help display this help and exit --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit -q, --quiet, --silent do not print \`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files --srcdir=DIR find the sources in DIR [configure dir or \`..'] Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify an installation prefix other than \`$ac_default_prefix' using \`--prefix', for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --libexecdir=DIR program executables [EPREFIX/libexec] --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] --datadir=DIR read-only architecture-independent data [DATAROOTDIR] --infodir=DIR info documentation [DATAROOTDIR/info] --localedir=DIR locale-dependent data [DATAROOTDIR/locale] --mandir=DIR man documentation [DATAROOTDIR/man] --docdir=DIR documentation root [DATAROOTDIR/doc/pki] --htmldir=DIR html documentation [DOCDIR] --dvidir=DIR dvi documentation [DOCDIR] --pdfdir=DIR pdf documentation [DOCDIR] --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in short | recursive ) echo "Configuration of PKI 0.1:";; esac cat <<\_ACEOF Some influential environment variables: OPENSSL_INCLUDES optional path to the include directory for OpenSSL headers PKG_CPPFLAGS additional pre-processor flags PKG_LIBS additional linker library flags CC C compiler command CFLAGS C compiler flags LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. Report bugs to . _ACEOF ac_status=$? fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue test -d "$ac_dir" || { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix cd "$ac_dir" || { ac_status=$?; continue; } # Check for guested configure. if test -f "$ac_srcdir/configure.gnu"; then echo && $SHELL "$ac_srcdir/configure.gnu" --help=recursive elif test -f "$ac_srcdir/configure"; then echo && $SHELL "$ac_srcdir/configure" --help=recursive else $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF PKI configure 0.1 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi ## ------------------------ ## ## Autoconf initialization. ## ## ------------------------ ## # ac_fn_c_try_compile LINENO # -------------------------- # Try to compile conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest.$ac_objext; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_compile # ac_fn_c_try_cpp LINENO # ---------------------- # Try to preprocess conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_cpp () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_cpp conftest.$ac_ext" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } > conftest.i && { test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || test ! -s conftest.err }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_cpp # ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists, giving a warning if it cannot be compiled using # the include files in INCLUDES and setting the cache variable VAR # accordingly. ac_fn_c_check_header_mongrel () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if eval \${$3+:} false; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } else # Is the header compilable? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 $as_echo_n "checking $2 usability... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_header_compiler=yes else ac_header_compiler=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 $as_echo "$ac_header_compiler" >&6; } # Is the header present? { $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 $as_echo_n "checking $2 presence... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include <$2> _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : ac_header_preproc=yes else ac_header_preproc=no fi rm -f conftest.err conftest.i conftest.$ac_ext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 $as_echo "$ac_header_preproc" >&6; } # So? What about this header? case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( yes:no: ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 $as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ;; no:yes:* ) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 $as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 $as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 $as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 $as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 $as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} ( $as_echo "## ------------------------------------------ ## ## Report this to Simon.Urbanek@r-project.org ## ## ------------------------------------------ ##" ) | sed "s/^/$as_me: WARNING: /" >&2 ;; esac { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else eval "$3=\$ac_header_compiler" fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } fi eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_mongrel # ac_fn_c_try_run LINENO # ---------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. Assumes # that executables *can* be run. ac_fn_c_try_run () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then : ac_retval=0 else $as_echo "$as_me: program exited with status $ac_status" >&5 $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=$ac_status fi rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_run # ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES # ------------------------------------------------------- # Tests whether HEADER exists and can be compiled using the include files in # INCLUDES, setting the cache variable VAR accordingly. ac_fn_c_check_header_compile () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 $as_echo_n "checking for $2... " >&6; } if eval \${$3+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ $4 #include <$2> _ACEOF if ac_fn_c_try_compile "$LINENO"; then : eval "$3=yes" else eval "$3=no" fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno } # ac_fn_c_check_header_compile # ac_fn_c_try_link LINENO # ----------------------- # Try to link conftest.$ac_ext, and return whether this succeeded. ac_fn_c_try_link () { as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack rm -f conftest.$ac_objext conftest$ac_exeext if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>conftest.err ac_status=$? if test -s conftest.err; then grep -v '^ *+' conftest.err >conftest.er1 cat conftest.er1 >&5 mv -f conftest.er1 conftest.err fi $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } && { test -z "$ac_c_werror_flag" || test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || test -x conftest$ac_exeext }; then : ac_retval=0 else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would # interfere with the next link command; also delete a directory that is # left behind by Apple's compiler. We do this before executing the actions. rm -rf conftest.dSYM conftest_ipa8_conftest.oo eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno as_fn_set_status $ac_retval } # ac_fn_c_try_link cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by PKI $as_me 0.1, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ _ACEOF exec 5>>config.log { cat <<_ASUNAME ## --------- ## ## Platform. ## ## --------- ## hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` uname -m = `(uname -m) 2>/dev/null || echo unknown` uname -r = `(uname -r) 2>/dev/null || echo unknown` uname -s = `(uname -s) 2>/dev/null || echo unknown` uname -v = `(uname -v) 2>/dev/null || echo unknown` /usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` /bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` /bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` /usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` /usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` /usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` /bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` /usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` /bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` _ASUNAME as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. $as_echo "PATH: $as_dir" done IFS=$as_save_IFS } >&5 cat >&5 <<_ACEOF ## ----------- ## ## Core tests. ## ## ----------- ## _ACEOF # Keep a trace of the command line. # Strip out --no-create and --no-recursion so they do not pile up. # Strip out --silent because we don't want to record it for future runs. # Also quote any args containing shell meta-characters. # Make two passes to allow for proper duplicate-argument suppression. ac_configure_args= ac_configure_args0= ac_configure_args1= ac_must_keep_next=false for ac_pass in 1 2 do for ac_arg do case $ac_arg in -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil) continue ;; *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; esac case $ac_pass in 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; 2) as_fn_append ac_configure_args1 " '$ac_arg'" if test $ac_must_keep_next = true; then ac_must_keep_next=false # Got value, back to normal. else case $ac_arg in *=* | --config-cache | -C | -disable-* | --disable-* \ | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ | -with-* | --with-* | -without-* | --without-* | --x) case "$ac_configure_args0 " in "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; esac ;; -* ) ac_must_keep_next=true ;; esac fi as_fn_append ac_configure_args " '$ac_arg'" ;; esac done done { ac_configure_args0=; unset ac_configure_args0;} { ac_configure_args1=; unset ac_configure_args1;} # When interrupted or exit'd, cleanup temporary files, and complete # config.log. We remove comments because anyway the quotes in there # would cause problems or look ugly. # WARNING: Use '\'' to represent an apostrophe within the trap. # WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. trap 'exit_status=$? # Save into config.log some information that might help in debugging. { echo $as_echo "## ---------------- ## ## Cache variables. ## ## ---------------- ##" echo # The following way of writing the cache mishandles newlines in values, ( for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( *${as_nl}ac_space=\ *) sed -n \ "s/'\''/'\''\\\\'\'''\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" ;; #( *) sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) echo $as_echo "## ----------------- ## ## Output variables. ## ## ----------------- ##" echo for ac_var in $ac_subst_vars do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo if test -n "$ac_subst_files"; then $as_echo "## ------------------- ## ## File substitutions. ## ## ------------------- ##" echo for ac_var in $ac_subst_files do eval ac_val=\$$ac_var case $ac_val in *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; esac $as_echo "$ac_var='\''$ac_val'\''" done | sort echo fi if test -s confdefs.h; then $as_echo "## ----------- ## ## confdefs.h. ## ## ----------- ##" echo cat confdefs.h echo fi test "$ac_signal" != 0 && $as_echo "$as_me: caught signal $ac_signal" $as_echo "$as_me: exit $exit_status" } >&5 rm -f core *.core core.conftest.* && rm -f -r conftest* confdefs* conf$$* $ac_clean_files && exit $exit_status ' 0 for ac_signal in 1 2 13 15; do trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal done ac_signal=0 # confdefs.h avoids OS command line length limits that DEFS can exceed. rm -f -r conftest* confdefs.h $as_echo "/* confdefs.h */" > confdefs.h # Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF #define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_VERSION "$PACKAGE_VERSION" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_STRING "$PACKAGE_STRING" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" _ACEOF cat >>confdefs.h <<_ACEOF #define PACKAGE_URL "$PACKAGE_URL" _ACEOF # Let the site file select an alternate cache file if it wants to. # Prefer an explicitly selected file to automatically selected ones. ac_site_file1=NONE ac_site_file2=NONE if test -n "$CONFIG_SITE"; then # We do not want a PATH search for config.site. case $CONFIG_SITE in #(( -*) ac_site_file1=./$CONFIG_SITE;; */*) ac_site_file1=$CONFIG_SITE;; *) ac_site_file1=./$CONFIG_SITE;; esac elif test "x$prefix" != xNONE; then ac_site_file1=$prefix/share/config.site ac_site_file2=$prefix/etc/config.site else ac_site_file1=$ac_default_prefix/share/config.site ac_site_file2=$ac_default_prefix/etc/config.site fi for ac_site_file in "$ac_site_file1" "$ac_site_file2" do test "x$ac_site_file" = xNONE && continue if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 $as_echo "$as_me: loading site script $ac_site_file" >&6;} sed 's/^/| /' "$ac_site_file" >&5 . "$ac_site_file" \ || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file See \`config.log' for more details" "$LINENO" 5; } fi done if test -r "$cache_file"; then # Some versions of bash will fail to source /dev/null (special files # actually), so we avoid doing that. DJGPP emulates it as a regular file. if test /dev/null != "$cache_file" && test -f "$cache_file"; then { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 $as_echo "$as_me: loading cache $cache_file" >&6;} case $cache_file in [\\/]* | ?:[\\/]* ) . "$cache_file";; *) . "./$cache_file";; esac fi else { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 $as_echo "$as_me: creating cache $cache_file" >&6;} >$cache_file fi # Check that the precious variables saved in the cache have kept the same # value. ac_cache_corrupted=false for ac_var in $ac_precious_vars; do eval ac_old_set=\$ac_cv_env_${ac_var}_set eval ac_new_set=\$ac_env_${ac_var}_set eval ac_old_val=\$ac_cv_env_${ac_var}_value eval ac_new_val=\$ac_env_${ac_var}_value case $ac_old_set,$ac_new_set in set,) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} ac_cache_corrupted=: ;; ,set) { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 $as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} ac_cache_corrupted=: ;; ,);; *) if test "x$ac_old_val" != "x$ac_new_val"; then # differences in whitespace do not lead to failure. ac_old_val_w=`echo x $ac_old_val` ac_new_val_w=`echo x $ac_new_val` if test "$ac_old_val_w" != "$ac_new_val_w"; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 $as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} ac_cache_corrupted=: else { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 $as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} eval $ac_var=\$ac_old_val fi { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 $as_echo "$as_me: former value: \`$ac_old_val'" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 $as_echo "$as_me: current value: \`$ac_new_val'" >&2;} fi;; esac # Pass precious variables to config.status. if test "$ac_new_set" = set; then case $ac_new_val in *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; *) ac_arg=$ac_var=$ac_new_val ;; esac case " $ac_configure_args " in *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. *) as_fn_append ac_configure_args " '$ac_arg'" ;; esac fi done if $ac_cache_corrupted; then { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 $as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 fi ## -------------------- ## ## Main body of script. ## ## -------------------- ## ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_config_headers="$ac_config_headers src/config.h" # find R home and set CC/CFLAGS : ${R_HOME=`R RHOME`} if test -z "${R_HOME}"; then echo "could not determine R_HOME" exit 1 fi CC=`${R_HOME}/bin/R CMD config CC`; CXX=`${R_HOME}/bin/R CMD config CXX`; CPPFLAGS="${CPPFLAGS} ${PKG_CPPFLAGS}" CFLAGS=`${R_HOME}/bin/R CMD config CFLAGS` CXXFLAGS=`${R_HOME}/bin/R CMD config CXXFLAGS` LIBS="${LIBS} ${PKG_LIBS}" if test "x${OPENSSL_INCLUDES}" != x; then CPPFLAGS="${CPPFLAGS} -I${OPENSSL_INCLUDES}" fi # Checks for programs. ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$ac_cv_prog_CC"; then ac_ct_CC=$CC # Extract the first word of "gcc", so it can be a program name with args. set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi else CC="$ac_cv_prog_CC" fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi fi if test -z "$CC"; then # Extract the first word of "cc", so it can be a program name with args. set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue fi ac_cv_prog_CC="cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS if test $ac_prog_rejected = yes; then # We found a bogon in the path, so make sure we never use it. set dummy $ac_cv_prog_CC shift if test $# != 0; then # We chose a different compiler from the bogus one. # However, it has the same basename, so the bogon will be chosen # first if we set CC to just the basename; use the full file name. shift ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" fi fi fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi fi if test -z "$CC"; then if test -n "$ac_tool_prefix"; then for ac_prog in cl.exe do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then ac_cv_prog_CC="$CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi CC=$ac_cv_prog_CC if test -n "$CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 $as_echo "$CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$CC" && break done fi if test -z "$CC"; then ac_ct_CC=$CC for ac_prog in cl.exe do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } if ${ac_cv_prog_ac_ct_CC+:} false; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done done IFS=$as_save_IFS fi fi ac_ct_CC=$ac_cv_prog_ac_ct_CC if test -n "$ac_ct_CC"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 $as_echo "$ac_ct_CC" >&6; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } fi test -n "$ac_ct_CC" && break done if test "x$ac_ct_CC" = x; then CC="" else case $cross_compiling:$ac_tool_warned in yes:) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CC=$ac_ct_CC fi fi fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH See \`config.log' for more details" "$LINENO" 5; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 for ac_option in --version -v -V -qversion; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? if test -s conftest.err; then sed '10a\ ... rest of stderr output deleted ... 10q' conftest.err >conftest.er1 cat conftest.er1 >&5 fi rm -f conftest.er1 conftest.err $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } done cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" # Try to create an executable without -o first, disregard a.out. # It will help us diagnose broken compilers, and finding out an intuition # of exeext. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 $as_echo_n "checking whether the C compiler works... " >&6; } ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` # The possible output files: ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" ac_rmfiles= for ac_file in $ac_files do case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; * ) ac_rmfiles="$ac_rmfiles $ac_file";; esac done rm -f $ac_rmfiles if { { ac_try="$ac_link_default" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link_default") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. # So ignore a value of `no', otherwise this would lead to `EXEEXT = no' # in a Makefile. We should not override ac_cv_exeext if it was cached, # so that the user can short-circuit this test for compilers unknown to # Autoconf. for ac_file in $ac_files '' do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; [ab].out ) # We found the default executable, but exeext='' is most # certainly right. break;; *.* ) if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; then :; else ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` fi # We set ac_cv_exeext here because the later test for it is not # safe: cross compilers may not add the suffix if given an `-o' # argument, so we may need to know it at that point already. # Even if this section looks crufty: it has the advantage of # actually working. break;; * ) break;; esac done test "$ac_cv_exeext" = no && ac_cv_exeext= else ac_file='' fi if test -z "$ac_file"; then : { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables See \`config.log' for more details" "$LINENO" 5; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 $as_echo_n "checking for C compiler default output file name... " >&6; } { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 $as_echo "$ac_file" >&6; } ac_exeext=$ac_cv_exeext rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 $as_echo_n "checking for suffix of executables... " >&6; } if { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : # If both `conftest.exe' and `conftest' are `present' (well, observable) # catch `conftest.exe'. For instance with Cygwin, `ls conftest' will # work properly (i.e., refer to `conftest.exe'), while it won't with # `rm'. for ac_file in conftest.exe conftest conftest.*; do test -f "$ac_file" || continue case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` break;; * ) break;; esac done else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest conftest$ac_cv_exeext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 $as_echo "$ac_cv_exeext" >&6; } rm -f conftest.$ac_ext EXEEXT=$ac_cv_exeext ac_exeext=$EXEEXT cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include int main () { FILE *f = fopen ("conftest.out", "w"); return ferror (f) || fclose (f) != 0; ; return 0; } _ACEOF ac_clean_files="$ac_clean_files conftest.out" # Check that the compiler produces executables we can run. If not, either # the compiler is broken, or we cross compile. { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 $as_echo_n "checking whether we are cross compiling... " >&6; } if test "$cross_compiling" != yes; then { { ac_try="$ac_link" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_link") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; } if { ac_try='./conftest$ac_cv_exeext' { { case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_try") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; }; then cross_compiling=no else if test "$cross_compiling" = maybe; then cross_compiling=yes else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run C compiled programs. If you meant to cross compile, use \`--host'. See \`config.log' for more details" "$LINENO" 5; } fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 $as_echo "$cross_compiling" >&6; } rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 $as_echo_n "checking for suffix of object files... " >&6; } if ${ac_cv_objext+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF rm -f conftest.o conftest.obj if { { ac_try="$ac_compile" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" $as_echo "$ac_try_echo"; } >&5 (eval "$ac_compile") 2>&5 ac_status=$? $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 test $ac_status = 0; }; then : for ac_file in conftest.o conftest.obj conftest.*; do test -f "$ac_file" || continue; case $ac_file in *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` break;; esac done else $as_echo "$as_me: failed program was:" >&5 sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile See \`config.log' for more details" "$LINENO" 5; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 $as_echo "$ac_cv_objext" >&6; } OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } if ${ac_cv_c_compiler_gnu+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { #ifndef __GNUC__ choke me #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_compiler_gnu=yes else ac_compiler_gnu=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_c_compiler_gnu=$ac_compiler_gnu fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 $as_echo "$ac_cv_c_compiler_gnu" >&6; } if test $ac_compiler_gnu = yes; then GCC=yes else GCC= fi ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } if ${ac_cv_prog_cc_g+:} false; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag ac_c_werror_flag=yes ac_cv_prog_cc_g=no CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes else CFLAGS="" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : else ac_c_werror_flag=$ac_save_c_werror_flag CFLAGS="-g" cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_g=yes fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_c_werror_flag=$ac_save_c_werror_flag fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 $as_echo "$ac_cv_prog_cc_g" >&6; } if test "$ac_test_CFLAGS" = set; then CFLAGS=$ac_save_CFLAGS elif test $ac_cv_prog_cc_g = yes; then if test "$GCC" = yes; then CFLAGS="-g -O2" else CFLAGS="-g" fi else if test "$GCC" = yes; then CFLAGS="-O2" else CFLAGS= fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } if ${ac_cv_prog_cc_c89+:} false; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no ac_save_CC=$CC cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); static char *e (p, i) char **p; int i; { return p[i]; } static char *f (char * (*g) (char **, int), char **p, ...) { char *s; va_list v; va_start (v,p); s = g (p, va_arg (v,int)); va_end (v); return s; } /* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has function prototypes and stuff, but not '\xHH' hex character constants. These don't provoke an error unfortunately, instead are silently treated as 'x'. The following induces an error, until -std is added to get proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an array size at least. It's necessary to write '\x00'==0 to get something that's true only with -std. */ int osf4_cc_array ['\x00' == 0 ? 1 : -1]; /* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters inside strings and character constants. */ #define FOO(x) 'x' int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; int test (int i, double x); struct s1 {int (*f) (int a);}; struct s2 {int (*f) (double a);}; int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); int argc; char **argv; int main () { return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; ; return 0; } _ACEOF for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" do CC="$ac_save_CC $ac_arg" if ac_fn_c_try_compile "$LINENO"; then : ac_cv_prog_cc_c89=$ac_arg fi rm -f core conftest.err conftest.$ac_objext test "x$ac_cv_prog_cc_c89" != "xno" && break done rm -f conftest.$ac_ext CC=$ac_save_CC fi # AC_CACHE_VAL case "x$ac_cv_prog_cc_c89" in x) { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 $as_echo "none needed" >&6; } ;; xno) { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 $as_echo "unsupported" >&6; } ;; *) CC="$CC $ac_cv_prog_cc_c89" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 $as_echo "$ac_cv_prog_cc_c89" >&6; } ;; esac if test "x$ac_cv_prog_cc_c89" != xno; then : fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 $as_echo_n "checking how to run the C preprocessor... " >&6; } # On Suns, sometimes $CPP names a directory. if test -n "$CPP" && test -d "$CPP"; then CPP= fi if test -z "$CPP"; then if ${ac_cv_prog_CPP+:} false; then : $as_echo_n "(cached) " >&6 else # Double quotes because CPP needs to be expanded for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" do ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : break fi done ac_cv_prog_CPP=$CPP fi CPP=$ac_cv_prog_CPP else ac_cv_prog_CPP=$CPP fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 $as_echo "$CPP" >&6; } ac_preproc_ok=false for ac_c_preproc_warn_flag in '' yes do # Use a header file that comes with gcc, so configuring glibc # with a fresh cross-compiler works. # Prefer to if __STDC__ is defined, since # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include #else # include #endif Syntax error _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : else # Broken: fails on valid input. continue fi rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if ac_fn_c_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else # Passes both tests. ac_preproc_ok=: break fi rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. rm -f conftest.i conftest.err conftest.$ac_ext if $ac_preproc_ok; then : else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "C preprocessor \"$CPP\" fails sanity check See \`config.log' for more details" "$LINENO" 5; } fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu { $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 $as_echo_n "checking for grep that handles long lines and -e... " >&6; } if ${ac_cv_path_GREP+:} false; then : $as_echo_n "(cached) " >&6 else if test -z "$GREP"; then ac_path_GREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in *GNU*) ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'GREP' >> "conftest.nl" "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_GREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_GREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_GREP"; then as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_GREP=$GREP fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 $as_echo "$ac_cv_path_GREP" >&6; } GREP="$ac_cv_path_GREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 $as_echo_n "checking for egrep... " >&6; } if ${ac_cv_path_EGREP+:} false; then : $as_echo_n "(cached) " >&6 else if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 then ac_cv_path_EGREP="$GREP -E" else if test -z "$EGREP"; then ac_path_EGREP_found=false # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in *GNU*) ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; *) ac_count=0 $as_echo_n 0123456789 >"conftest.in" while : do cat "conftest.in" "conftest.in" >"conftest.tmp" mv "conftest.tmp" "conftest.in" cp "conftest.in" "conftest.nl" $as_echo 'EGREP' >> "conftest.nl" "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break as_fn_arith $ac_count + 1 && ac_count=$as_val if test $ac_count -gt ${ac_path_EGREP_max-0}; then # Best one so far, save it but keep looking for a better one ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_max=$ac_count fi # 10*(2^10) chars as input seems more than enough test $ac_count -gt 10 && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac $ac_path_EGREP_found && break 3 done done done IFS=$as_save_IFS if test -z "$ac_cv_path_EGREP"; then as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 fi else ac_cv_path_EGREP=$EGREP fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 $as_echo "$ac_cv_path_EGREP" >&6; } EGREP="$ac_cv_path_EGREP" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 $as_echo_n "checking for ANSI C header files... " >&6; } if ${ac_cv_header_stdc+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #include #include int main () { ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : ac_cv_header_stdc=yes else ac_cv_header_stdc=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext if test $ac_cv_header_stdc = yes; then # SunOS 4.x string.h does not declare mem*, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "memchr" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "free" >/dev/null 2>&1; then : else ac_cv_header_stdc=no fi rm -f conftest* fi if test $ac_cv_header_stdc = yes; then # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. if test "$cross_compiling" = yes; then : : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include #include #if ((' ' & 0x0FF) == 0x020) # define ISLOWER(c) ('a' <= (c) && (c) <= 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) \ (('a' <= (c) && (c) <= 'i') \ || ('j' <= (c) && (c) <= 'r') \ || ('s' <= (c) && (c) <= 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) int main () { int i; for (i = 0; i < 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) return 2; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : else ac_cv_header_stdc=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi fi fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 $as_echo "$ac_cv_header_stdc" >&6; } if test $ac_cv_header_stdc = yes; then $as_echo "#define STDC_HEADERS 1" >>confdefs.h fi # On IRIX 5.3, sys/types and inttypes.h are conflicting. for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ inttypes.h stdint.h unistd.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default " if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done ac_fn_c_check_header_mongrel "$LINENO" "openssl/ssl.h" "ac_cv_header_openssl_ssl_h" "$ac_includes_default" if test "x$ac_cv_header_openssl_ssl_h" = xyes; then : else if test "`uname -s`" = Darwin; then { $as_echo "$as_me:${as_lineno-$LINENO}: Missing OpenSSL headers on macOS," >&5 $as_echo "$as_me: Missing OpenSSL headers on macOS," >&6;} { $as_echo "$as_me:${as_lineno-$LINENO}: attempting to get headers from Apple..." >&5 $as_echo "$as_me: attempting to get headers from Apple..." >&6;} mkdir tmp cd tmp curl -L https://opensource.apple.com/tarballs/OpenSSL098/OpenSSL098-59.tar.gz | tar fxz - if test -e OpenSSL098-59/src/include/openssl; then mkdir ../src/include mv OpenSSL098-59/src/include/openssl ../src/include else as_fn_error $? "Failed to download OpenSSL sources from Apple. Please install OpenSSL headers before installing PKI." "$LINENO" 5 fi cd .. rm -rf tmp CPPFLAGS="-Iinclude -Isrc/include ${CPPFLAGS}" { ac_cv_header_openssl_ssl_h=; unset ac_cv_header_openssl_ssl_h;} ac_fn_c_check_header_mongrel "$LINENO" "openssl/ssl.h" "ac_cv_header_openssl_ssl_h" "$ac_includes_default" if test "x$ac_cv_header_openssl_ssl_h" = xyes; then : else as_fn_error $? "Failed to find usable OpenSSL headers" "$LINENO" 5 fi fi fi # check RSA/crypto ac_fn_c_check_header_mongrel "$LINENO" "openssl/rsa.h" "ac_cv_header_openssl_rsa_h" "$ac_includes_default" if test "x$ac_cv_header_openssl_rsa_h" = xyes; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing RSA_generate_key_ex" >&5 $as_echo_n "checking for library containing RSA_generate_key_ex... " >&6; } if ${ac_cv_search_RSA_generate_key_ex+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char RSA_generate_key_ex (); int main () { return RSA_generate_key_ex (); ; return 0; } _ACEOF for ac_lib in '' crypto ssl openssl; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_RSA_generate_key_ex=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_RSA_generate_key_ex+:} false; then : break fi done if ${ac_cv_search_RSA_generate_key_ex+:} false; then : else ac_cv_search_RSA_generate_key_ex=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_RSA_generate_key_ex" >&5 $as_echo "$ac_cv_search_RSA_generate_key_ex" >&6; } ac_res=$ac_cv_search_RSA_generate_key_ex if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" else as_fn_error $? "Cannot find usable crypto library" "$LINENO" 5 fi else as_fn_error $? "Failed to find usable crypto library. Please install openssl-dev or equivalent and/or set PKG_LIBS if not in default location." "$LINENO" 5 fi # check SSL support ac_fn_c_check_header_mongrel "$LINENO" "openssl/ssl.h" "ac_cv_header_openssl_ssl_h" "$ac_includes_default" if test "x$ac_cv_header_openssl_ssl_h" = xyes; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing SSL_CTX_load_verify_locations" >&5 $as_echo_n "checking for library containing SSL_CTX_load_verify_locations... " >&6; } if ${ac_cv_search_SSL_CTX_load_verify_locations+:} false; then : $as_echo_n "(cached) " >&6 else ac_func_search_save_LIBS=$LIBS cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC builtin and then its argument prototype would still apply. */ #ifdef __cplusplus extern "C" #endif char SSL_CTX_load_verify_locations (); int main () { return SSL_CTX_load_verify_locations (); ; return 0; } _ACEOF for ac_lib in '' ssl openssl; do if test -z "$ac_lib"; then ac_res="none required" else ac_res=-l$ac_lib LIBS="-l$ac_lib $ac_func_search_save_LIBS" fi if ac_fn_c_try_link "$LINENO"; then : ac_cv_search_SSL_CTX_load_verify_locations=$ac_res fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext if ${ac_cv_search_SSL_CTX_load_verify_locations+:} false; then : break fi done if ${ac_cv_search_SSL_CTX_load_verify_locations+:} false; then : else ac_cv_search_SSL_CTX_load_verify_locations=no fi rm conftest.$ac_ext LIBS=$ac_func_search_save_LIBS fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_SSL_CTX_load_verify_locations" >&5 $as_echo "$ac_cv_search_SSL_CTX_load_verify_locations" >&6; } ac_res=$ac_cv_search_SSL_CTX_load_verify_locations if test "$ac_res" != no; then : test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" else as_fn_error $? "Cannot find usable SSL library" "$LINENO" 5 fi else as_fn_error $? "Failed to find usable SSL library. Please install openssl-dev or equivalent and/or set PKG_LIBS if not in default location." "$LINENO" 5 fi ac_config_files="$ac_config_files src/Makevars" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure # tests run on this system so they can be shared between configure # scripts and configure runs, see configure's option --config-cache. # It is not useful on other systems. If it contains results you don't # want to keep, you may remove or edit it. # # config.status only pays attention to the cache file if you give it # the --recheck option to rerun configure. # # `ac_cv_env_foo' variables (set or unset) will be overridden when # loading this file, other *unset* `ac_cv_foo' will be assigned the # following values. _ACEOF # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 $as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) # `set' does not quote correctly, so add quotes: double-quote # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" ;; #( *) # `set' quotes correctly as required by POSIX, so do not add quotes. sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" ;; esac | sort ) | sed ' /^ac_cv_env_/b end t clear :clear s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ t end s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then if test "x$cache_file" != "x/dev/null"; then { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} if test ! -f "$cache_file" || test -h "$cache_file"; then cat confcache >"$cache_file" else case $cache_file in #( */* | ?:*) mv -f confcache "$cache_file"$$ && mv -f "$cache_file"$$ "$cache_file" ;; #( *) mv -f confcache "$cache_file" ;; esac fi fi else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache test "x$prefix" = xNONE && prefix=$ac_default_prefix # Let make expand exec_prefix. test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' ac_i=`$as_echo "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs : "${CONFIG_STATUS=./config.status}" ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 $as_echo "$as_me: creating $CONFIG_STATUS" >&6;} as_write_fail=0 cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. # Compiler output produced by configure, useful for debugging # configure, is in config.log if it exists. debug=false ac_cs_recheck=false ac_cs_silent=false SHELL=\${CONFIG_SHELL-$SHELL} export SHELL _ASEOF cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 ## -------------------- ## ## M4sh Initialization. ## ## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in #( *posix*) : set -o posix ;; #( *) : ;; esac fi as_nl=' ' export as_nl # Printing a long string crashes Solaris 7 /usr/bin/printf. as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo # Prefer a ksh shell builtin over an external printf program on Solaris, # but without wasting forks for bash or zsh. if test -z "$BASH_VERSION$ZSH_VERSION" \ && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='print -r --' as_echo_n='print -rn --' elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then as_echo='printf %s\n' as_echo_n='printf %s' else if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' as_echo_n='/usr/ucb/echo -n' else as_echo_body='eval expr "X$1" : "X\\(.*\\)"' as_echo_n_body='eval arg=$1; case $arg in #( *"$as_nl"*) expr "X$arg" : "X\\(.*\\)$as_nl"; arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; esac; expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" ' export as_echo_n_body as_echo_n='sh -c $as_echo_n_body as_echo' fi export as_echo_body as_echo='sh -c $as_echo_body as_echo' fi # The user is always right. if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi # IFS # We need space, tab and new line, in precisely that order. Quoting is # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break done IFS=$as_save_IFS ;; esac # We did not find ourselves, most probably we were run as `sh COMMAND' # in which case we are not to be found in the path. if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 exit 1 fi # Unset variables that we do not need and which cause bugs (e.g. in # pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" # suppresses any "Segmentation fault" message there. '((' could # trigger a bug in pdksh 5.2.14. for as_var in BASH_ENV ENV MAIL MAILPATH do eval test x\${$as_var+set} = xset \ && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. LC_ALL=C export LC_ALL LANGUAGE=C export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # as_fn_error STATUS ERROR [LINENO LOG_FD] # ---------------------------------------- # Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are # provided, also output the error to LOG_FD, referencing LINENO. Then exit the # script with STATUS, using 1 if that was 0. as_fn_error () { as_status=$1; test $as_status -eq 0 && as_status=1 if test "$4"; then as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi $as_echo "$as_me: error: $2" >&2 as_fn_exit $as_status } # as_fn_error # as_fn_set_status STATUS # ----------------------- # Set $? to STATUS, without forking. as_fn_set_status () { return $1 } # as_fn_set_status # as_fn_exit STATUS # ----------------- # Exit the shell with STATUS, even in a "trap 0" or "set -e" context. as_fn_exit () { set +e as_fn_set_status $1 exit $1 } # as_fn_exit # as_fn_unset VAR # --------------- # Portably unset VAR. as_fn_unset () { { eval $1=; unset $1;} } as_unset=as_fn_unset # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take # advantage of any shell optimizations that allow amortized linear growth over # repeated appends, instead of the typical quadratic growth present in naive # implementations. if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : eval 'as_fn_append () { eval $1+=\$2 }' else as_fn_append () { eval $1=\$$1\$2 } fi # as_fn_append # as_fn_arith ARG... # ------------------ # Perform arithmetic evaluation on the ARGs, and store the result in the # global $as_val. Take advantage of shells that can avoid forks. The arguments # must be portable across $(()) and expr. if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : eval 'as_fn_arith () { as_val=$(( $* )) }' else as_fn_arith () { as_val=`expr "$@" || test $? -eq 1` } fi # as_fn_arith if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr else as_expr=false fi if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then as_basename=basename else as_basename=false fi if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then as_dirname=dirname else as_dirname=false fi as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || $as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q } /^X\/\(\/\/\)$/{ s//\1/ q } /^X\/\(\/\).*/{ s//\1/ q } s/.*/./; q'` # Avoid depending upon Character Ranges. as_cr_letters='abcdefghijklmnopqrstuvwxyz' as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' as_cr_Letters=$as_cr_letters$as_cr_LETTERS as_cr_digits='0123456789' as_cr_alnum=$as_cr_Letters$as_cr_digits ECHO_C= ECHO_N= ECHO_T= case `echo -n x` in #((((( -n*) case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. xy) ECHO_C='\c';; *) echo `echo ksh88 bug on AIX 6.1` > /dev/null ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir mkdir conf$$.dir 2>/dev/null fi if (echo >conf$$.file) 2>/dev/null; then if ln -s conf$$.file conf$$ 2>/dev/null; then as_ln_s='ln -s' # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else as_ln_s='cp -pR' fi else as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null # as_fn_mkdir_p # ------------- # Create "$as_dir" as a directory, including parents if necessary. as_fn_mkdir_p () { case $as_dir in #( -*) as_dir=./$as_dir;; esac test -d "$as_dir" || eval $as_mkdir_p || { as_dirs= while :; do case $as_dir in #( *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( *) as_qdir=$as_dir;; esac as_dirs="'$as_qdir' $as_dirs" as_dir=`$as_dirname -- "$as_dir" || $as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$as_dir" : 'X\(//\)[^/]' \| \ X"$as_dir" : 'X\(//\)$' \| \ X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$as_dir" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` test -d "$as_dir" && break done test -z "$as_dirs" || eval "mkdir $as_dirs" } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" } # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi # as_fn_executable_p FILE # ----------------------- # Test if FILE is an executable regular file. as_fn_executable_p () { test -f "$1" && test -x "$1" } # as_fn_executable_p as_test_x='test -x' as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" # Sed expression to map a string onto a valid variable name. as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" exec 6>&1 ## ----------------------------------- ## ## Main body of $CONFIG_STATUS script. ## ## ----------------------------------- ## _ASEOF test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" This file was extended by PKI $as_me 0.1, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS CONFIG_LINKS = $CONFIG_LINKS CONFIG_COMMANDS = $CONFIG_COMMANDS $ $0 $@ on `(hostname || uname -n) 2>/dev/null | sed 1q` " _ACEOF case $ac_config_files in *" "*) set x $ac_config_files; shift; ac_config_files=$*;; esac case $ac_config_headers in *" "*) set x $ac_config_headers; shift; ac_config_headers=$*;; esac cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" config_headers="$ac_config_headers" _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ \`$as_me' instantiates files and other configuration actions from templates according to the current configuration. Unless the files and actions are specified as TAGs, all are instantiated by default. Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit --config print configuration, then exit -q, --quiet, --silent do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions --file=FILE[:TEMPLATE] instantiate the configuration file FILE --header=FILE[:TEMPLATE] instantiate the configuration header FILE Configuration files: $config_files Configuration headers: $config_headers Report bugs to ." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ PKI config.status 0.1 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." ac_pwd='$ac_pwd' srcdir='$srcdir' test -n "\$AWK" || AWK=awk _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do case $1 in --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; --*=) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg= ac_shift=: ;; *) ac_option=$1 ac_optarg=$2 ac_shift=shift ;; esac case $ac_option in # Handling of the options. -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) $as_echo "$ac_cs_version"; exit ;; --config | --confi | --conf | --con | --co | --c ) $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; '') as_fn_error $? "missing file argument" ;; esac as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift case $ac_optarg in *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; esac as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; --he | --h) # Conflict between --help and --header as_fn_error $? "ambiguous option: \`$1' Try \`$0 --help' for more information.";; --help | --hel | -h ) $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. -*) as_fn_error $? "unrecognized option: \`$1' Try \`$0 --help' for more information." ;; *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac shift done ac_configure_extra_args= if $ac_cs_silent; then exec 6>/dev/null ac_configure_extra_args="$ac_configure_extra_args --silent" fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' export CONFIG_SHELL exec "\$@" fi _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX $as_echo "$ac_log" } >&5 _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets do case $ac_config_target in "src/config.h") CONFIG_HEADERS="$CONFIG_HEADERS src/config.h" ;; "src/Makevars") CONFIG_FILES="$CONFIG_FILES src/Makevars" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac done # If the user did not use the arguments to specify the items to instantiate, # then the envvar interface is used. Set only those that are not. # We use the long form for the default assignment because of an extremely # bizarre bug on SunOS 4.1.3. if $ac_need_defaults; then test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers fi # Have a temporary directory for convenience. Make it in the build tree # simply because there is no reason against having it here, and in addition, # creating and moving files from /tmp can sometimes cause problems. # Hook for its removal unless debugging. # Note that there is a small window in which the directory will not be cleaned: # after its creation but before its name has been assigned to `$tmp'. $debug || { tmp= ac_tmp= trap 'exit_status=$? : "${ac_tmp:=$tmp}" { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. # This happens for instance with `./config.status config.h'. if test -n "$CONFIG_FILES"; then ac_cr=`echo X | tr X '\015'` # On cygwin, bash can eat \r inside `` if the user requested igncr. # But we know of no other shell where ac_cr would be empty at this # point, so we can use a bashism as a fallback. if test "x$ac_cr" = x; then eval ac_cr=\$\'\\r\' fi ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then ac_cs_awk_cr='\\r' else ac_cs_awk_cr=$ac_cr fi echo 'BEGIN {' >"$ac_tmp/subs1.awk" && _ACEOF { echo "cat >conf$$subs.awk <<_ACEOF" && echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && echo "_ACEOF" } >conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do . ./conf$$subs.sh || as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h s/^/S["/; s/!.*/"]=/ p g s/^[^!]*!// :repl t repl s/'"$ac_delim"'$// t delim :nl h s/\(.\{148\}\)..*/\1/ t more1 s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ p n b repl :more1 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t nl :delim h s/\(.\{148\}\)..*/\1/ t more2 s/["\\]/\\&/g; s/^/"/; s/$/"/ p b :more2 s/["\\]/\\&/g; s/^/"/; s/$/"\\/ p g s/.\{148\}// t delim ' >$CONFIG_STATUS || ac_write_fail=1 rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" } { line = $ 0 nfields = split(line, field, "@") substed = 0 len = length(field[1]) for (i = 2; i < nfields; i++) { key = field[i] keylen = length(key) if (S_is_set[key]) { value = S[key] line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) len += length(value) + length(field[++i]) substed = 1 } else len += 1 + keylen } print line } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF # VPATH may cause trouble with some makes, so we remove sole $(srcdir), # ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and # trailing colons and then remove the whole line if VPATH becomes empty # (actually we leave an empty line to preserve line numbers). if test "x$srcdir" = x.; then ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ h s/// s/^/:/ s/[ ]*$/:/ s/:\$(srcdir):/:/g s/:\${srcdir}:/:/g s/:@srcdir@:/:/g s/^:*// s/:*$// x s/\(=[ ]*\).*/\1/ G s/\n// s/^[^=]*=[ ]*$// }' fi cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 fi # test -n "$CONFIG_FILES" # Set up the scripts for CONFIG_HEADERS section. # No need to generate them if there are no CONFIG_HEADERS. # This happens for instance with `./config.status Makefile'. if test -n "$CONFIG_HEADERS"; then cat >"$ac_tmp/defines.awk" <<\_ACAWK || BEGIN { _ACEOF # Transform confdefs.h into an awk script `defines.awk', embedded as # here-document in config.status, that substitutes the proper values into # config.h.in to produce config.h. # Create a delimiter string that does not exist in confdefs.h, to ease # handling of long lines. ac_delim='%!_!# ' for ac_last_try in false false :; do ac_tt=`sed -n "/$ac_delim/p" confdefs.h` if test -z "$ac_tt"; then break elif $ac_last_try; then as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done # For the awk script, D is an array of macro values keyed by name, # likewise P contains macro parameters if any. Preserve backslash # newline sequences. ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* sed -n ' s/.\{148\}/&'"$ac_delim"'/g t rset :rset s/^[ ]*#[ ]*define[ ][ ]*/ / t def d :def s/\\$// t bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3"/p s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p d :bsnl s/["\\]/\\&/g s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ D["\1"]=" \3\\\\\\n"\\/p t cont s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p t cont d :cont n s/.\{148\}/&'"$ac_delim"'/g t clear :clear s/\\$// t bsnlc s/["\\]/\\&/g; s/^/"/; s/$/"/p d :bsnlc s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p b cont ' >$CONFIG_STATUS || ac_write_fail=1 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 for (key in D) D_is_set[key] = 1 FS = "" } /^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { line = \$ 0 split(line, arg, " ") if (arg[1] == "#") { defundef = arg[2] mac1 = arg[3] } else { defundef = substr(arg[1], 2) mac1 = arg[2] } split(mac1, mac2, "(") #) macro = mac2[1] prefix = substr(line, 1, index(line, defundef) - 1) if (D_is_set[macro]) { # Preserve the white space surrounding the "#". print prefix "define", macro P[macro] D[macro] next } else { # Replace #undef with comments. This is necessary, for example, # in the case of _POSIX_SOURCE, which is predefined and required # on some systems where configure will not decide to define it. if (defundef == "undef") { print "/*", prefix defundef, macro, "*/" next } } } { print } _ACAWK _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 fi # test -n "$CONFIG_HEADERS" eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS " shift for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac ac_save_IFS=$IFS IFS=: set x $ac_tag IFS=$ac_save_IFS shift ac_file=$1 shift case $ac_mode in :L) ac_source=$1;; :[FH]) ac_file_inputs= for ac_f do case $ac_f in -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. test -f "$ac_f" || case $ac_f in [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ configure_input='Generated from '` $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 $as_echo "$as_me: creating $ac_file" >&6;} fi # Neutralize special characters interpreted by sed in replacement strings. case $configure_input in #( *\&* | *\|* | *\\* ) ac_sed_conf_input=`$as_echo "$configure_input" | sed 's/[\\\\&|]/\\\\&/g'`;; #( *) ac_sed_conf_input=$configure_input;; esac case $ac_tag in *:-:* | *:-) cat >"$ac_tmp/stdin" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac ac_dir=`$as_dirname -- "$ac_file" || $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || $as_echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q } /^X\(\/\/\)[^/].*/{ s//\1/ q } /^X\(\/\/\)$/{ s//\1/ q } /^X\(\/\).*/{ s//\1/ q } s/.*/./; q'` as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; esac ;; esac ac_abs_top_builddir=$ac_pwd ac_abs_builddir=$ac_pwd$ac_dir_suffix # for backward compatibility: ac_top_builddir=$ac_top_build_prefix case $srcdir in .) # We are building in place. ac_srcdir=. ac_top_srcdir=$ac_top_builddir_sub ac_abs_top_srcdir=$ac_pwd ;; [\\/]* | ?:[\\/]* ) # Absolute name. ac_srcdir=$srcdir$ac_dir_suffix; ac_top_srcdir=$srcdir ac_abs_top_srcdir=$srcdir ;; *) # Relative name. ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix ac_top_srcdir=$ac_top_build_prefix$srcdir ac_abs_top_srcdir=$ac_pwd/$srcdir ;; esac ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix case $ac_mode in :F) # # CONFIG_FILE # _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= ac_sed_dataroot=' /datarootdir/ { p q } /@datadir@/p /@docdir@/p /@infodir@/p /@localedir@/p /@mandir@/p' case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 $as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when `$srcdir' = `.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_sed_extra="$ac_vpsub $extrasub _ACEOF cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t s&@builddir@&$ac_builddir&;t t s&@abs_builddir@&$ac_abs_builddir&;t t s&@abs_top_builddir@&$ac_abs_top_builddir&;t t $ac_datarootdir_hack " eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ "$ac_tmp/out"`; test -z "$ac_out"; } && { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&5 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} rm -f "$ac_tmp/stdin" case $ac_file in -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; esac \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; :H) # # CONFIG_HEADER # if test x"$ac_file" != x-; then { $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" } >"$ac_tmp/config.h" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 $as_echo "$as_me: $ac_file is unchanged" >&6;} else rm -f "$ac_file" mv "$ac_tmp/config.h" "$ac_file" \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else $as_echo "/* $configure_input */" \ && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ || as_fn_error $? "could not create -" "$LINENO" 5 fi ;; esac done # for ac_tag as_fn_exit 0 _ACEOF ac_clean_files=$ac_clean_files_save test $ac_write_fail = 0 || as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. # Unfortunately, on DOS this fails, as config.log is still kept open # by configure, so config.status won't be able to write to it; its # output is simply discarded. So we exec the FD to /dev/null, # effectively closing config.log, so it can be properly (re)opened and # appended to by config.status. When coming back to configure, we # need to make the FD available again. if test "$no_create" != yes; then ac_cs_success=: ac_config_status_args= test "$silent" = yes && ac_config_status_args="$ac_config_status_args --quiet" exec 5>/dev/null $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. $ac_cs_success || as_fn_exit 1 fi if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} fi PKI/man/0000755000176000001440000000000013021336216011475 5ustar ripleyusersPKI/man/PKI.random.Rd0000644000176000001440000000135213021336216013667 0ustar ripleyusers\name{PKI.random} \alias{PKI.random} \title{ Generate cryptographically strong pseudo-random bytes. } \description{ \code{PKI.random} generates \code{n} cryptographically strong pseudo-random bytes. } \usage{ PKI.random(n) } \arguments{ \item{n}{non-negative integer, number of bytes to generate} } \details{ \code{PKI.random} is the preferred way to generate cryptographically strong random content that can be used as keys, seeds etc. Not to be confused with random number generators in R, it is entirely separate for cryptographics purposes. } \value{ Raw vector of \code{n} cryptographically strong pseudo-random bytes. } %\references{ %} \author{ Simon Urbanek } %\note{ %} \examples{ PKI.random(10) } \keyword{manip} PKI/man/PKI.sign.tar.Rd0000644000176000001440000000604613021336216014141 0ustar ripleyusers\name{PKI.sign.tar} \alias{PKI.sign.tar} \alias{PKI.verify.tar} \title{ Functions for signing and verification of tar files } \description{ \code{PKI.sign.tar} appends a signature to a tar file \code{PKI.verify.tar} verifies the signature in a tar file } \usage{ PKI.sign.tar(tarfile, key, certificate, output = tarfile) PKI.verify.tar(tarfile, key, silent = FALSE, enforce.cert = FALSE) } \arguments{ \item{tarfile}{string, file name of the file to sign} \item{key}{\code{PKI.sign.tar}: private key to use for signing; \code{PKI.verify.tar}: optional, public key to use for verification} \item{certificate}{optional, certificate to embed in the signature with the public key matching \code{key}. If not present the signature will only contain the public key.} \item{output}{file name, connection or raw vector determining how to store the signed tar file} \item{silent}{if \code{TRUE} then no warning are generatod, otherwise a warning is issues for failed verification describing the reason for failure} \item{enforce.cert}{if \code{TRUE} then a certificate is required in the signature. It can be also set to a valid certificate in which case the public key of the certificate in the signature must also match the public key in the supplied certificate.} } \details{ \code{PKI.tar.sign} adds extra entry \code{.signature} with the signature based on the contents of the \code{tarfile}. Note that any existing signatures are retained. \code{key} is a mandatory private key used to sign the content. \code{certificate} is optional but if present, it will be embedded in the signature. The \code{tarfile} can be in compressed form (gzip, bzip2 or xz) in which case it is decompressed internally before the signature is applied. If \code{output} is a file name then the same compression is applied to the output, otherwise the output is uncompressed. \code{PKI.verify.tar} retrieves the last \code{.signature} entry from the tar file (if \code{tarfile} is a file name then the same compression auto-detection is applied as above) and verifies the signature against either the supplied (public) \code{key} or against the key or certificate stored in the signature. The result is \code{TRUE} or \code{FALSE} except when \code{enforce.cert} is set. In that case the result is the certificate contained in the signature if the validation succeeded (and thus it can be further verified against a chain of trust), otherwise \code{FALSE}. } %\value{ %} %\references{ %} \author{ Simon Urbanek } \note{ The signature format is ASN.1 DER encoded as follows: \code{SEQ(signature BITSTRING, subjectPublicKeyInfo, Certificate[opt])} The \code{subjectPublicKeyInfo} can be \code{NULL} in which case the certificate must be present (in X.509 DER format). The signature is appended as tar entry named \code{.signature}. However, terminating blocks are not removed from the file, so the signature is placed after the EOF blocks and thus doesn't affect extraction. } %\seealso{ %} %\examples{ %} \keyword{manip} PKI/man/RSA.Rd0000644000176000001440000001077513021336216012423 0ustar ripleyusers\name{RSA} \alias{RSA} \alias{PKI.genRSAkey} \alias{PKI.load.key} \alias{PKI.save.key} \alias{PKI.mkRSApubkey} \alias{PKI.load.OpenSSH.pubkey} \title{ PKI functions handling RSA keys } \description{ \code{PKI.load.key} loads an RSA key in PKCS#1/8 PEM or DER format. \code{PKI.save.key} creates a PEM or DER representation of a RSA key. \code{PKI.genRSAkey} generates RSA public/private key pair. \code{PKI.mkRSApubkey} creates a RSA public key with the supplied modulus and exponent. \code{PKI.load.OpenSSH.pubkey} loads public key in OpenSSH format (as used in \code{.ssh/authorized_keys} file) } \usage{ PKI.load.key(what, format = c("PEM", "DER"), private, file, password="") PKI.save.key(key, format = c("PEM", "DER"), private, target) PKI.genRSAkey(bits = 2048L) PKI.mkRSApubkey(modulus, exponent=65537L, format = c("DER", "PEM", "key")) PKI.load.OpenSSH.pubkey(what, first=TRUE, format = c("DER", "PEM", "key")) } \arguments{ \item{what}{string, raw vector or connection to load the key from} \item{key}{RSA key object} \item{format}{format - PEM is ASCII (essentially base64-encoded DER with header/footer), DER is binary and key means an acutal key object} \item{private}{logical, whether to use the private key (\code{TRUE}), public key (\code{FALSE}) or whichever is available (\code{NA} or missing).} \item{file}{filename to load the key from - \code{what} and \code{file} are mutually exclusive} \item{password}{string, used only if \code{what} is an encrypted private key as the password to decrypt the key} \item{target}{optional connection or a file name to store the result in. If missing, the result is just returned form the function as either a character vector (PEM) or a raw vector (DER).} \item{bits}{size of the generated key in bits. Must be \code{2 ^ n} with integer \code{n > 8}.} \item{modulus}{modulus either as a raw vector (see \code{\link{as.BIGNUMint}}) or \code{bigz} object (from \code{gmp} package) or an integer.} \item{exponent}{exponent either as a raw vector (see \code{\link{as.BIGNUMint}}) or \code{bigz} object (from \code{gmp} package) or an integer.} \item{first}{logical, if \code{TRUE} only the first key will be used, otherwise the result is a list of keys.} } %\details{ %} \value{ \code{PKI.load.key}: private or public key object \code{PKI.save.key}: raw vector (DER format) or character vector (PEM format). \code{PKI.genRSAkey}: private + public key object \code{PKI.mkRSApubkey}, \code{PKI.load.OpenSSH.pubkey}: raw vector (DER format) or character vector (PEM format) or a \code{"public.key"} object. } %\references{ %} \author{ Simon Urbanek } \note{ The output format for private keys in PEM is PKCS#1, but for public keys it is X.509 SubjectPublicKeyInfo (certificate public key). This is consistent with OpenSSL RSA command line tool which uses the same convention. \code{PKI.load.key} can auto-detect the contained format based on the header if `PEM` format is used. In that case it supports PKCS#1 (naked RSA key), PKCS#8 (wrapped key with identifier - for public keys X.509 SubjectPublicKeyInfo) and encrypted private key in PKCS#8 (password must be passed to decrypt). `DER` format provides no way to define the type so `private` cannot be `NA` and only the default format (PKCS#1 for private keys and X.509 SubjectPublicKeyInfo for public keys) is supported. The OpenSSH format is one line beginning with \code{"ssh-rsa "}. SSH2 PEM public keys (rfc4716) are supported in \code{PKI.load.key} and the binary payload is the same as the OpenSSH, only with different wrapping. } \seealso{\code{\link{PKI.encrypt}}, \code{\link{PKI.decrypt}}, \code{\link{PKI.pubkey}}} \examples{ # generate 2048-bit RSA key key <- PKI.genRSAkey(bits = 2048L) # extract private and public parts as PEM priv.pem <- PKI.save.key(key) pub.pem <- PKI.save.key(key, private=FALSE) # load back the public key separately pub.k <- PKI.load.key(pub.pem) # encrypt with the public key x <- PKI.encrypt(charToRaw("Hello, world!"), pub.k) # decrypt with private key rawToChar(PKI.decrypt(x, key)) # compute SHA1 hash (fingerprint) of the public key PKI.digest(PKI.save.key(key, "DER", private=FALSE)) # convert OpenSSH public key to PEM format PKI.load.OpenSSH.pubkey("ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAuvOXqfZ3pJeWeqyQOIXZwmgM1RBqPUmVx3XgntpA+YtOZjKfuoJSpg3LhBuI/wXx8L2QZXNFibvX4qX2qoYsbHvkz2uonA3F7HRhCR/BJURR5nT135znVqALZo328v86HDsVWYR2/JzY1X8GI2R2iKUMGXF0hVuRphdwLB735CU= foo@mycomputer", format="PEM") } \keyword{manip} PKI/man/raw2hex.Rd0000644000176000001440000000234413021336216013347 0ustar ripleyusers\name{raw2hex} \alias{raw2hex} \title{ Convert raw vector to string hex representation } \description{ \code{raw2hex} convers a raw vector into hexadecimal representation } \usage{ raw2hex(what, sep, upper = FALSE) } \arguments{ \item{what}{raw vector} \item{sep}{optional separator string} \item{upper}{logical, if \code{TRUE} then upper case letters are used, otherwise any letters will be lower case.} } \details{ If \code{sep} is omitted or \code{NULL} then the resulting character vector will have as many elements as the raw vector. Otherwise the elements are concatenated using the specified separator into one character string. This is much more efficient than using \code{paste(raw2hex(x), collapse=sep)}, but has the same effect. } \value{ Character vector with the hexadecimal representation of the raw vector. } %\references{ %} \author{ Simon Urbanek } %\note{ %} \examples{ raw2hex(PKI.digest(raw(), "SHA1"), "") raw2hex(PKI.digest(raw(), "MD5"), ":") ## this is jsut a performance comparison and a test that ## raw2hex can handle long strings x <- as.raw(runif(1e5) * 255.9) system.time(h1 <- raw2hex(x, " ")) system.time(h2 <- paste(raw2hex(x), collapse=" ")) stopifnot(identical(h1, h2)) } \keyword{manip} PKI/man/PKI.sign.Rd0000644000176000001440000000345313021336216013353 0ustar ripleyusers\name{PKI.sign} \alias{PKI.sign} \alias{PKI.verify} \title{ PKI: sign content or verify a signature } \description{ \code{PKI.sign} signs content using RSA with the specified hash function \code{PKI.verify} verifies a signature of RSA-signed content } \usage{ PKI.sign(what, key, hash = c("SHA1", "SHA256", "MD5"), digest) PKI.verify(what, signature, key, hash = c("SHA1", "SHA256", "MD5"), digest) } %- maybe also 'usage' for other objects documented here. \arguments{ \item{what}{raw vector: content to sign} \item{key}{RSA private key to use for signing; RSA public key or certificate to use for verification.} \item{hash}{hash function to use. "MD5" should not be used unless absolutely needed for compatibility as it is less secure.} \item{digest}{raw vector: it is possible to supply the digest of the content directly instead of specifying \code{what}.} \item{signature}{raw vector: signature} } \details{ Objects are signed by computing a hash function digest (typically using \code{SHA1} hash function) and then signing the digest with a RSA key. Verification is done by computing the digest and then comparing the signature to the digest. Private key is needed for signing whereas public key is needed for verification. Both functions call \code{\link{PKI.digest}} on \code{what} if \code{digest} is not specified. } \value{ \code{PKI.sign} signature (raw vector) \code{PKI.verify} logical: \code{TRUE} if the digest and signature match, \code{FALSE} otherwise } %\references{ %} \author{ Simon Urbanek } %\note{ %} \seealso{ \code{\link{PKI.pubkey}}, \code{\link{PKI.genRSAkey}}, \code{\link{PKI.digest}} } \examples{ key <- PKI.genRSAkey(2048) x <- charToRaw("My message to sign") sig <- PKI.sign(x, key) stopifnot(PKI.verify(x, sig, key)) } \keyword{manip} PKI/man/PKI.digest.Rd0000644000176000001440000000123413021336216013665 0ustar ripleyusers\name{PKI.digest} \alias{PKI.digest} \title{ Compute digest sum based on SHA1, SHA256 or MD5 hash functions } \description{ \code{PKI.digest} computes digsest sum based on the hash function specified } \usage{ PKI.digest(what, hash = c("SHA1", "SHA256", "MD5")) } \arguments{ \item{what}{raw vector of bytes to digest} \item{hash}{type of the hash function. Note that "MD5" should \emph{not} be used for cryptographic purposes as it is not secure} } %\details{ %} \value{ Raw vector containg the hash } %\references{ %} \author{ Simon Urbanek } %\note{ %} \seealso{ \code{\link{PKI.sign}} } \examples{ PKI.digest(as.raw(1:10)) } \keyword{manip} PKI/man/PKI.crypt.Rd0000644000176000001440000000451213021336216013551 0ustar ripleyusers\name{PKI.crypt} \alias{PKI.crypt} \alias{PKI.encrypt} \alias{PKI.decrypt} \title{ PKI encryption/decryption functions } \description{ \code{PKI.encrypt} encrypts a raw vector \code{PKI.decrypt} decrypts a raw vector } \usage{ PKI.encrypt(what, key, cipher = NULL, iv = NULL) PKI.decrypt(what, key, cipher = NULL, iv = NULL) } \arguments{ \item{what}{raw vector to encrypt/decrypt. It must not exceed the key size minus padding} \item{key}{key to use for encryption/decryption} \item{cipher}{cipher to use for encryption/decryption} \item{iv}{initialization vector for ciphers that use it (e.g., CBC). \code{NULL} corresponds to all-zeroes IV, otherwise must be either a string or a raw vector with sufficiently many bytes to match the IV length for the cipher.} } %\details{ %} \value{ Raw vector (encrypted/decrypted) } %\references{ %} \author{ Simon Urbanek } \note{ The cipher is optional for key objects that already contain the cipher information such as RSA keys (in fact it is ignored in that case). Supported symmetric ciphers are AES-128, AES-256 and BF (blowfish). Each cipher can be used in CBC (default), ECB or OFB modes which are specified as suffix, so \code{"aes256ofb"} would specify AES-256 in OFB mode. Case and non-alphanumeric characters are ignored, so the same could be specified as \code{"AES-256-OFB"}. PKCS padding is used to fill up to the block size. Analogously, PKCS padding is expected when decoding. Note that the payload for RSA encryption should be very small since it must fit into the key size including padding. For example, 1024-bit key can only encrypt 87 bytes, while 2048-bit key can encrypt 215 bytes. Therefore a typical use is to use RSA to transfer a symmeric key to the peer and subsequently use symmetric ciphers like AES for encryption of larger amounts of data. } \seealso{ \code{\link{PKI.genRSAkey}}, \code{\link{PKI.pubkey}} } \examples{ key <- PKI.genRSAkey(2048) x <- charToRaw("Hello, world!") e <- PKI.encrypt(x, key) y <- PKI.decrypt(e, key) stopifnot(identical(x, y)) print(rawToChar(y)) ## AES symmetric - use SHA256 to support arbitrarily long key strings key <- PKI.digest(charToRaw("hello"), "SHA256") ae <- PKI.encrypt(x, key, "aes256") ae ad <- PKI.decrypt(ae, key, "aes256") stopifnot(identical(x, ad)) } \keyword{manip} PKI/man/X509.Rd0000644000176000001440000000360313021336216012433 0ustar ripleyusers\name{X509} \alias{X509} \alias{PKI.load.cert} \alias{PKI.verifyCA} \alias{PKI.pubkey} \alias{PKI.get.subject} \title{ Public Key Instraftructure (X509) functions } \description{ \code{PKI.load.cert} creates a certificate obejct from a string, connection or file. \code{PKI.verifyCA} verifies a certificate against a given chain of trust. \code{PKI.pubkey} extracts public key from a certificate. \code{PKI.get.subject} extracts the subject name from the certificate. } \usage{ PKI.load.cert(what, format = c("PEM", "DER"), file) PKI.verifyCA(certificate, ca) PKI.pubkey(certificate) PKI.get.subject(certificate) } \arguments{ \item{what}{string, raw vector or connection to load the certificate from} \item{format}{format used to encode the certificate} \item{file}{filename to load the certificate from - \code{what} and \code{file} are mutually exclusive} \item{certificate}{a certificate object (as returned by \code{PKI.load.cert})} \item{ca}{a certificate object of the Certificate Authority (CA) or a list of such objects if multiple CAs are involved} } %\details{ %} \value{ \code{PKI.load.code}: a certificate object \code{PKI.verifyCA}: \code{TRUE} is the certificate can be trusted, \code{FALSE} otherwise \code{PKI.pubkey}: public key object \code{PKI.get.subject}: string containing the subject information in one-line RFC2253 format but in UTF8 encoding instead of MBS escapes. NOTE: this is experimantal, we may choose to parse the contents and return it in native R form as a named vector instead. } %\references{ %} \author{ Simon Urbanek } %\note{ %} %\seealso{ %} \examples{ ca <- PKI.load.cert(file=system.file("certs", "RForge-ca.crt", package="PKI")) my.cert <- PKI.load.cert(readLines(system.file("certs", "demo.crt", package="PKI"))) PKI.verifyCA(my.cert, ca) PKI.pubkey(my.cert) PKI.get.subject(my.cert) } \keyword{manip} PKI/man/ASN1.Rd0000644000176000001440000000530613021336216012472 0ustar ripleyusers\name{ASN1} \alias{ASN1} \alias{ASN1.decode} \alias{ASN1.encode} \alias{ASN1.item} \alias{ASN1.type} \title{ Functions for handling ASN.1 format (typically DER) } \description{ \code{ASN1.decode} decodes \code{ASN.1} binary format into raw format chunks tagged with class types. \code{ASN1.encode} converts structured objects into \code{ASN.1} binary format. \code{ASN1.item} creates an item - basic object in structures that can be encoded using \code{ASN1.encode}. \code{ASN1.type} extracts the class type from an \code{ASN.1} item } \usage{ ASN1.decode(what) ASN1.encode(what) ASN1.item(what, type) ASN1.type(what) } \arguments{ \item{what}{object to decode/encode/query} \item{type}{class type of the item (integer value)} } \details{ This is a suite of low-level tools to deal with ASN.1 (Abstract Syntax Notation One) binary formats DER, BER and CER. The tools were written specifically to handle the various DER-encoded key structures so it provides only a subset of the ASN.1 specification. They are used internally by the \code{PKI} poackage. \code{ASN1.decode} decodes the binary representation (as raw vector) into individual items. Sequences are convered into lists, all other objects are retained in their binary form and tagged with the integer class type - which can be obtained using \code{ASN1.type} function. \code{ASN1.encode} expects item (or a list of items) either created using \code{ASN1.decode} or \code{ASN1.item} and converts them into \code{DER} binary format. The result of \code{ASN1.encode(ASN1.decode(x))} will be \code{x} if \code{x} was in \code{DER} format. } \value{ \code{ASN1.decode} returns either one item or a list. \code{ASN1.encode} returns a raw vector in DER format. \code{ASN1.type} returns an integer class type \code{ASN1.item} returns an ASN.1 item object } %\references{ %} \author{ Simon Urbanek } \note{ \code{ASN1.encode} uses a fixed buffer for encoding which currently limits the total size of the resulting structure to 1MB. Only definite length forms are supported. The validity of individual items is not checked. } %\seealso{ %} \examples{ # generate a small key key <- PKI.genRSAkey(bits = 512L) # extract private and public parts in DER format prv <- PKI.save.key(key, format="DER") pub <- PKI.save.key(key, private=FALSE, format="DER") # parse the public key x <- ASN1.decode(pub) x # the second element is the actual key # as a bit string that's itself in DER # two integers - modulus and exponent # Note that this is in fact the pure PKCS#1 key format ASN1.decode(x[[2]]) # encoding it back should yield the same representation since it is DER stopifnot(identical(ASN1.encode(x), as.raw(pub))) } \keyword{manip} PKI/man/BIGNUMint.Rd0000644000176000001440000000242613021336216013464 0ustar ripleyusers\name{BIGNUMint} \alias{BIGNUMint} \alias{as.BIGNUMint} \title{ Functions for BIGNUM representation of arbitrarily precise integers } \description{ \code{as.BIGNUMint} encodes integer in BIGNUM format as raw vector as used by ASN.1 format. } \usage{ as.BIGNUMint(what, scalar = TRUE) } \arguments{ \item{what}{representation of an integer or a vector thereof. Currently supported formats include \code{"bigz"} objects from the \code{"gmp"} package, integers and reals. } \item{scalar}{if \code{TRUE} then the input is expected to be scalar and only the first element will be used (zero-length vectors raise an error). Otherwise the result will be a list of all converted elements. } } \details{ The BIGNUM representation as used in ASN.1 is a big-endian encoding of variable length stored in a raw vector. Negative numbers are stored in two-complement's encoding, but are currently unsupported by \code{as.BIGNUMint}. } \value{ Raw vector in BIGNUM integer representation. } %\references{ %} \author{ Simon Urbanek } \note{ Unless the input is of class \code{"bigz"} then 32-bit platforms only support integers up to 32-bit, 64-bit platforms up to 53-bit (when real vectors are used). } %\seealso{ %} \examples{ as.BIGNUMint(65537) } \keyword{manip} PKI/configure.win0000644000176000001440000000273213021336216013426 0ustar ripleyusers#!/bin/sh echo " checking openssl headers and libraries" allok=yes if [ -e "${LOCAL_SOFT}/include/openssl/ssl.h" ]; then echo " --- Using local version of openssl found in LOCAL_SOFT: ${LOCAL_SOFT}" echo " --- Proceed at your own risk, if in doubt unset LOCAL_SOFT to use our binary." exit 0 fi if [ ! -e src/win32/libssl.a ]; then if [ ! -e src/openssl-current-win.tar.gz ]; then echo " cannot find current openssl files" echo " attempting to download them" echo 'download.file("http://www.rforge.net/PKI/files/openssl-current-win.tar.gz","src/openssl-current-win.tar.gz",mode="wb",quiet=TRUE)'|${R_HOME}/bin/R --vanilla --slave fi if [ ! -e src/openssl-current-win.tar.gz ]; then allok=no else echo " unpacking current openssl" tar fxz src/openssl-current-win.tar.gz -C src if [ ! -e src/win32/libssl.a ]; then allok=no fi fi fi if [ ! -e src/win32/libssl.a ]; then allok=no fi if [ ${allok} != yes ]; then echo "" echo " *** ERROR: unable to find openssl files" echo "" echo " They must be either in src/win32 or in a tar-ball" echo " src/openssl-current-win.tar.gz" echo "" echo " You can get the latest binary tar ball from" echo " http://www.rforge.net/PKI/files/" echo "" echo " Alternatively you can set LOCAL_SOFT environment variable" echo " to point to the prefix (like /usr/local) containing openssl binaries." echo "" exit 1 fi echo " seems ok, ready to go" exit 0 PKI/LICENSE0000644000176000001440000004072313021336216011735 0ustar ripleyusers [Summary: GPL-2 with OpenSSL linking exception] PKI Copyright (C) 2011-2015 Simon Urbanek This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. In addition, as a special exception, the copyright holders give permission to link the code of portions of this program with the OpenSSL project's "OpenSSL" library (or with modified versions of it that use the same license as the "OpenSSL" library - see http://www.openssl.org/), and distribute linked combinations including the two. You must obey the GNU General Public License in all respects for all of the code used other than OpenSSL. If you modify file(s) with this exception, you may extend this exception to your version of the file(s), but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version. If you delete this exception statement from all source files in the program, then also delete it here. Full text of GPL-2 follows: GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS